Mercurial > trustbridge
changeset 457:c17c1da7108d
merged.
author | Raimund Renkert <rrenkert@intevation.de> |
---|---|
date | Wed, 23 Apr 2014 14:00:38 +0200 |
parents | 37a97621b466 (current diff) efd1bd85112f (diff) |
children | 6fac87cadbd8 |
files | |
diffstat | 9 files changed, 145 insertions(+), 37 deletions(-) [+] |
line wrap: on
line diff
--- a/ui/CMakeLists.txt Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/CMakeLists.txt Wed Apr 23 14:00:38 2014 +0200 @@ -20,6 +20,7 @@ set(DOWNLOADER_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/downloader.cpp ${CMAKE_CURRENT_SOURCE_DIR}/sslconnection.cpp + ${CMAKE_CURRENT_SOURCE_DIR}/sslhelp.cpp ) set(TRUSTBRIDGE_SOURCES @@ -43,6 +44,7 @@ ${CMAKE_CURRENT_SOURCE_DIR}/createinstallerdialog.cpp ${CMAKE_CURRENT_SOURCE_DIR}/createcertlistdialog.cpp ${CMAKE_CURRENT_SOURCE_DIR}/aboutdialog.cpp + ${CMAKE_CURRENT_SOURCE_DIR}/sslhelp.cpp ${CERTIFICATELIST_SOURCES} )
--- a/ui/administratorwindow.cpp Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/administratorwindow.cpp Wed Apr 23 14:00:38 2014 +0200 @@ -33,7 +33,7 @@ setWindowTitle(tr("TrustBridge Administration")); QString path = QStandardPaths::locate( QStandardPaths::DataLocation, QString("certlist_last.txt")); - certList.readList(path.toLocal8Bit()); + mCertList.readList(path.toLocal8Bit()); createActions(); createMenuBar(); createContent(); @@ -143,8 +143,8 @@ QString certFile = QFileDialog::getOpenFileName( this, tr("Select certificate list file"), path, "*.txt"); qDebug() << "selected: " + certFile; - certList.readList(certFile.toLocal8Bit().constData()); - if (!certList.isValid()) { + mCertList.readList(certFile.toLocal8Bit().constData()); + if (!mCertList.isValid()) { qDebug() << "Not a valid list."; } else { @@ -181,7 +181,7 @@ } void AdministratorWindow::loadCertificateTable() { - foreach(const Certificate &cert, certList.getCertificates()) { + foreach(const Certificate &cert, mCertList.getCertificates()) { certificateModel->addCertificate(cert, true); } certificateView->resizeColumnsToContents();
--- a/ui/administratorwindow.h Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/administratorwindow.h Wed Apr 23 14:00:38 2014 +0200 @@ -32,6 +32,16 @@ public: AdministratorWindow(); + /** @brief obtain a const reference to the certificate List + * @returns the current certificatelist + */ + const CertificateList& certList() const {return mCertList;} + + /** @brief get the settings for this application + * @returns a reference the applications settings object + */ + QSettings* settings() {return &mSettings;} + private slots: void createInstaller(); void showAbout(); @@ -48,12 +58,12 @@ void loadCertificateTable(); void addToCertificateTable(const QList<Certificate> &certs); - QSettings settings; + QSettings mSettings; QMenuBar *menuBar; QTableView *certificateView; - CertificateList certList; + CertificateList mCertList; CertificateTabelModel *certificateModel; QPushButton *saveButton; QPushButton *loadButton;
--- a/ui/createcertlistdialog.cpp Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/createcertlistdialog.cpp Wed Apr 23 14:00:38 2014 +0200 @@ -6,7 +6,11 @@ * See LICENSE.txt for details. */ #include "createcertlistdialog.h" +#include "sslhelp.h" +#include "administratorwindow.h" + #include <QDebug> +#include <QMessageBox> #include <QDir> #include <QPushButton> #include <QGroupBox> @@ -16,12 +20,17 @@ #include <QFileDialog> #include <QStandardPaths> -CreateCertListDialog::CreateCertListDialog(QMainWindow *parent) : - QDialog(parent) +#include <polarssl/pk.h> + +CreateCertListDialog::CreateCertListDialog(AdministratorWindow *parent) : + QDialog(parent), + mAdminWindow(parent), + mPk(NULL) { setWindowTitle(tr("Save certificate list")); setupGUI(); resize(500, 200); + mCertFile->setText(mAdminWindow->settings()->value("LastCert", QString()).toString()); } void CreateCertListDialog::setupGUI() @@ -70,10 +79,8 @@ QString footerText = tr("In addition, each certificate list will be saved " "automatically in the archive directory:\n"); - // TODO print out the path, not the displayName. footerText.append(QStandardPaths::writableLocation( QStandardPaths::DataLocation)); - //footerText.append(QStandardPaths::displayName(QStandardPaths::DataLocation)); QLabel *footer = new QLabel(footerText); centerLayout->addLayout(labelLayout); @@ -105,11 +112,35 @@ return; } +void CreateCertListDialog::showErrorMessage(const QString &msg) +{ + QMessageBox::warning(this, tr("Error!"), msg); +} + void CreateCertListDialog::openCertificateSelect() { QString certFile = QFileDialog::getOpenFileName( - this, tr("Select certificate"), QDir::homePath(), "*.pem *.der *.crt"); + this, tr("Select certificate"), mCertFile->text().isEmpty() ? + QDir::homePath() : mCertFile->text(), "*.pem"); mCertFile->setText(certFile); + + mAdminWindow->settings()->setValue("LastCert", certFile); + + if (mPk != NULL) { + pk_free(mPk); + delete mPk; + mPk = NULL; + } + + mPk = new pk_context; + pk_init(mPk); + int ret = pk_parse_keyfile(mPk, mCertFile->text().toLocal8Bit().constData(), ""); + + if (ret != 0) { + showErrorMessage(tr("Failed to load certificate: %1") + .arg(getPolarSSLErrorMsg(ret))); + return; + } } void CreateCertListDialog::openSaveLocation() @@ -121,6 +152,9 @@ void CreateCertListDialog::createList() { + //entropy_context mEntropy; + //ctr_drbg_context mCtr_drbg; + qDebug() << "and now create the certificate list using:"; qDebug() << "certificate: " << mCertFile->text(); qDebug() << "target" << mSaveFile->text();
--- a/ui/createcertlistdialog.h Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/createcertlistdialog.h Wed Apr 23 14:00:38 2014 +0200 @@ -11,12 +11,15 @@ #include <QDialog> #include <QMainWindow> #include <QLineEdit> + +#include <polarssl/pk.h> /** * @file createinstallerdialog.h * @brief The dialog to show settings and create an installer. */ class QListWidget; +class AdministratorWindow; class CreateCertListDialog : public QDialog { @@ -25,18 +28,35 @@ /** @brief Create a dialog showing settings for the create certificate list * process * */ - CreateCertListDialog(QMainWindow *parent); + CreateCertListDialog(AdministratorWindow *parent); private: void setupGUI(); QLineEdit *mCertFile; QLineEdit *mSaveFile; + AdministratorWindow *mAdminWindow; + + pk_context *mPk; private slots: + /** @brief Open the certificate selection dialog and parse the certificate + * + * If the certificate can be parsed mPk is replaced by the new key + * otherwise an error message is shown to the user. + */ void openCertificateSelect(); void openSaveLocation(); + /** @brief create a valid certificate list file + * + * The contents of the certificate list is the certificatelist + * of the adminWindow. It is signed with the currently + * loaded certificate in mPk. On errors the user is + * informed with showErrorMessage */ void createList(); + + /** @brief show an error message with QMessageBox */ + void showErrorMessage(const QString&msg); }; #endif // CREATECERTLISTDIALOG_H
--- a/ui/l10n/administrator_de_DE.ts Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/l10n/administrator_de_DE.ts Wed Apr 23 14:00:38 2014 +0200 @@ -176,8 +176,8 @@ <context> <name>CreateCertListDialog</name> <message> - <location filename="../createcertlistdialog.cpp" line="22"/> - <location filename="../createcertlistdialog.cpp" line="39"/> + <location filename="../createcertlistdialog.cpp" line="30"/> + <location filename="../createcertlistdialog.cpp" line="48"/> <source>Save certificate list</source> <translation>Zertifikatsliste speichern</translation> </message> @@ -195,33 +195,43 @@ <translation type="obsolete">Liste signieren</translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="41"/> + <location filename="../createcertlistdialog.cpp" line="50"/> <source>Save all managed root certificates in a new, signed certificate list.</source> <translation type="unfinished"></translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="71"/> + <location filename="../createcertlistdialog.cpp" line="80"/> <source>In addition, each certificate list will be saved automatically in the archive directory: </source> <translation type="unfinished"></translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="83"/> + <location filename="../createcertlistdialog.cpp" line="90"/> <source>Save list</source> <translation type="unfinished">Liste speichern</translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="85"/> + <location filename="../createcertlistdialog.cpp" line="92"/> <source>Cancel</source> <translation>Abbrechen</translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="111"/> + <location filename="../createcertlistdialog.cpp" line="117"/> + <source>Error!</source> + <translation type="unfinished"></translation> + </message> + <message> + <location filename="../createcertlistdialog.cpp" line="123"/> <source>Select certificate</source> <translation type="unfinished">Zertifikat auswählen</translation> </message> <message> - <location filename="../createcertlistdialog.cpp" line="118"/> + <location filename="../createcertlistdialog.cpp" line="140"/> + <source>Failed to load certificate: %1</source> + <translation type="unfinished"></translation> + </message> + <message> + <location filename="../createcertlistdialog.cpp" line="149"/> <source>Select target location</source> <translation type="unfinished"></translation> </message>
--- a/ui/sslconnection.cpp Wed Apr 23 14:00:10 2014 +0200 +++ b/ui/sslconnection.cpp Wed Apr 23 14:00:38 2014 +0200 @@ -8,6 +8,7 @@ /* TODO: Wrap ssl_session in a class for reuse. * see programs/ssl/ssl_client2.c for example of session reuse */ #include "sslconnection.h" +#include "sslhelp.h" #include <QFile> #include <QUuid> @@ -24,14 +25,6 @@ } #endif -QString getErrorMsg(int ret) -{ - char errbuf[255]; - polarssl_strerror(ret, errbuf, 255); - errbuf[254] = '\0'; /* Just to be sure */ - return QString::fromLatin1(errbuf); -} - SSLConnection::SSLConnection(const QString& url, const QByteArray& certificate): mUrl(url), @@ -57,7 +50,7 @@ if (ret == 0) { mInitialized = true; } else { - qDebug() << "Initialization error: " + getErrorMsg(ret); + qDebug() << "Initialization error: " + getPolarSSLErrorMsg(ret); } } @@ -152,7 +145,7 @@ mUrl.port(443)); if (ret != 0) { - qDebug() << "Connect failed: " << getErrorMsg(ret); + qDebug() << "Connect failed: " << getPolarSSLErrorMsg(ret); mErrorState = NoConnection; return ret; } @@ -163,7 +156,7 @@ while ((ret = ssl_handshake(&mSSL)) != 0) { if (ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE) { - qDebug() << "SSL Handshake failed: " << getErrorMsg(ret); + qDebug() << "SSL Handshake failed: " << getPolarSSLErrorMsg(ret); mErrorState = SSLHandshakeFailed; return ret; } @@ -171,7 +164,7 @@ ret = ssl_get_session(&mSSL, &mSavedSession); if (ret != 0) { - qDebug() << "SSL get session failed: " << getErrorMsg(ret); + qDebug() << "SSL get session failed: " << getPolarSSLErrorMsg(ret); mErrorState = NoConnection; return ret; @@ -257,7 +250,7 @@ if (mNeedsReset) { ret = reset(); if (ret != 0) { - qDebug() << "Reset failed: " << getErrorMsg(ret); + qDebug() << "Reset failed: " << getPolarSSLErrorMsg(ret); return ret; } } @@ -301,7 +294,7 @@ if (ret != 0) { qDebug() << "SSL Connection reset failed: " - << getErrorMsg(ret); + << getPolarSSLErrorMsg(ret); return ret; } @@ -312,7 +305,7 @@ if (ret != 0) { mErrorState = NoConnection; - qDebug() << "Connection failed." << getErrorMsg(ret); + qDebug() << "Connection failed." << getPolarSSLErrorMsg(ret); return ret; } @@ -320,7 +313,7 @@ if (ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE) { qDebug() << "SSL Handshake failed: " - << getErrorMsg(ret); + << getPolarSSLErrorMsg(ret); mErrorState = SSLHandshakeFailed; return ret; } @@ -356,7 +349,7 @@ tries++; } if (ret <= 0) { - qDebug() << "Read failed: " << getErrorMsg(ret); + qDebug() << "Read failed: " << getPolarSSLErrorMsg(ret); return QByteArray(); } if (len < (len - (unsigned int) ret)) {
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ui/sslhelp.cpp Wed Apr 23 14:00:38 2014 +0200 @@ -0,0 +1,16 @@ +/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik + * Software engineering by Intevation GmbH + * + * This file is Free Software under the GNU GPL (v>=2) + * and comes with ABSOLUTELY NO WARRANTY! + * See LICENSE.txt for details. + */ +#include "sslhelp.h" + +QString getPolarSSLErrorMsg(int ret) +{ + char errbuf[1020]; + polarssl_strerror(ret, errbuf, 1020); + errbuf[1020] = '\0'; /* Just to be sure */ + return QString::fromLatin1(errbuf); +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ui/sslhelp.h Wed Apr 23 14:00:38 2014 +0200 @@ -0,0 +1,23 @@ +/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik + * Software engineering by Intevation GmbH + * + * This file is Free Software under the GNU GPL (v>=2) + * and comes with ABSOLUTELY NO WARRANTY! + * See LICENSE.txt for details. + */ + + +/** + * @file sslhelp.h + * @brief Helper functions to combine Qt with Polarssl + */ +#include <polarssl/error.h> + +#include <QString> + +/** @brief get a human readable error message for a polarssl return code + * + * @param [in] ret A polarssl error code + * @returns A QString representation of that error + */ +QString getPolarSSLErrorMsg(int ret);