From bc775969e2db31b892526b65a5037470a86b3882 Mon Sep 17 00:00:00 2001 From: kali Date: Fri, 19 Oct 2012 06:12:14 +0900 Subject: logic for cert validation widgets in wizard --- src/leap/baseapp/eip.py | 6 +- src/leap/eip/checks.py | 9 +-- src/leap/gui/firstrunwizard.py | 177 +++++++++++++++++++++++++++++++++++++---- 3 files changed, 168 insertions(+), 24 deletions(-) diff --git a/src/leap/baseapp/eip.py b/src/leap/baseapp/eip.py index 93dce3ac..ca2e03c3 100644 --- a/src/leap/baseapp/eip.py +++ b/src/leap/baseapp/eip.py @@ -137,14 +137,14 @@ class EIPConductorAppMixin(object): # is not ready yet. return - if self.conductor.with_errors: + #if self.conductor.with_errors: #XXX how to wait on pkexec??? #something better that this workaround, plz!! #I removed the pkexec pass authentication at all. #time.sleep(5) #logger.debug('timeout') - logger.error('errors. disconnect') - self.start_or_stopVPN() # is stop + #logger.error('errors. disconnect') + #self.start_or_stopVPN() # is stop state = self.conductor.poll_connection_state() if not state: diff --git a/src/leap/eip/checks.py b/src/leap/eip/checks.py index c704aef3..560f7f53 100644 --- a/src/leap/eip/checks.py +++ b/src/leap/eip/checks.py @@ -142,9 +142,6 @@ class ProviderCertChecker(object): logger.debug('True') return True - def get_certificate_fingerprint(self, domain): - pass - def check_new_cert_needed(self, skip_download=False, verify=True): logger.debug('is new cert needed?') if not self.is_cert_valid(do_raise=False): @@ -347,7 +344,8 @@ class EIPConfigChecker(object): return True def fetch_definition(self, skip_download=False, - config=None, uri=None): + config=None, uri=None, + domain=None): """ fetches a definition file from server """ @@ -364,7 +362,8 @@ class EIPConfigChecker(object): if config is None: config = self.defaultprovider.config if uri is None: - domain = config.get('provider', None) + if not domain: + domain = config.get('provider', None) uri = self._get_provider_definition_uri(domain=domain) # FIXME! Pass ca path verify!!! diff --git a/src/leap/gui/firstrunwizard.py b/src/leap/gui/firstrunwizard.py index 53e551ac..f3356b70 100755 --- a/src/leap/gui/firstrunwizard.py +++ b/src/leap/gui/firstrunwizard.py @@ -72,6 +72,8 @@ class FirstRunWizard(QtGui.QWizard): self.providercertchecker = providercertchecker self.eipconfigchecker = eipconfigchecker + self.providerconfig = None + # FIXME add param for previously_registered # should start at login page. @@ -123,6 +125,9 @@ class FirstRunWizard(QtGui.QWizard): """ return self.pages_dict.keys().index(page_name) + def set_providerconfig(self, providerconfig): + self.providerconfig = providerconfig + def setWindowFlags(self, flags): logger.debug('setting window flags') QtGui.QWizard.setWindowFlags(self, flags) @@ -140,7 +145,7 @@ class FirstRunWizard(QtGui.QWizard): gather the info, update settings and call the success callback. """ - provider = self.get_provider() + provider = self.field('provider_domain') username = self.field('userName') #password = self.field('userPassword') remember_pass = self.field('rememberPassword') @@ -208,16 +213,22 @@ class IntroPage(QtGui.QWizardPage): "in with an already existing username?
") label.setWordWrap(True) + radiobuttonGroup = QtGui.QGroupBox() + self.sign_up = QtGui.QRadioButton( "Sign up for a new account.") self.sign_up.setChecked(True) self.log_in = QtGui.QRadioButton( "Log In with my credentials.") + radiobLayout = QtGui.QVBoxLayout() + radiobLayout.addWidget(self.sign_up) + radiobLayout.addWidget(self.log_in) + radiobuttonGroup.setLayout(radiobLayout) + layout = QtGui.QVBoxLayout() layout.addWidget(label) - layout.addWidget(self.sign_up) - layout.addWidget(self.log_in) + layout.addWidget(radiobuttonGroup) self.setLayout(layout) self.registerField('is_signup', self.sign_up) @@ -251,6 +262,8 @@ class SelectProviderPage(QtGui.QWizardPage): QtGui.QWizard.LogoPixmap, QtGui.QPixmap(APP_LOGO)) + self.did_cert_check = False + providerNameLabel = QtGui.QLabel("h&ttps://") # note that we expect the bare domain name # we will add the scheme later @@ -281,28 +294,66 @@ class SelectProviderPage(QtGui.QWizardPage): validationMsg.setStyleSheet(ErrorLabelStyleSheet) self.validationMsg = validationMsg - # XXX cert info + # cert info + + # this is used in the callback + # for the checkbox changes. + # tricky, since the first time came + # from the exception message. + # should get string from exception too! + self.bad_cert_status = "Server certificate could not be verified." + self.certInfo = QtGui.QLabel("") self.certInfo.setWordWrap(True) self.certWarning = QtGui.QLabel("") self.trustProviderCertCheckBox = QtGui.QCheckBox( "&Trust this provider certificate.") + self.trustProviderCertCheckBox.stateChanged.connect( + self.onTrustCheckChanged) + layout = QtGui.QGridLayout() layout.addWidget(validationMsg, 0, 2) layout.addWidget(providerNameLabel, 1, 1) layout.addWidget(providerNameEdit, 1, 2) # XXX get a groupbox or something.... - layout.addWidget(self.certInfo, 4, 1, 4, 2) - layout.addWidget(self.certWarning, 6, 1, 6, 2) - layout.addWidget( - self.trustProviderCertCheckBox, - 8, 1, 8, 2) - self.trustProviderCertCheckBox.hide() - + certinfoGroup = QtGui.QGroupBox("Certificate validation") + certinfoLayout = QtGui.QVBoxLayout() + certinfoLayout.addWidget(self.certInfo) + certinfoLayout.addWidget(self.certWarning) + certinfoLayout.addWidget(self.trustProviderCertCheckBox) + certinfoGroup.setLayout(certinfoLayout) + + layout.addWidget(certinfoGroup, 4, 1, 4, 2) + self.certinfoGroup = certinfoGroup + self.certinfoGroup.hide() + + #layout.addWidget(self.certInfo, 4, 1, 4, 2) + #layout.addWidget(self.certWarning, 6, 1, 6, 2) + #layout.addWidget( + #self.trustProviderCertCheckBox, + #8, 1, 8, 2) + + #self.trustProviderCertCheckBox.hide() self.setLayout(layout) + def is_insecure_cert_trusted(self): + return self.trustProviderCertCheckBox.isChecked() + + def onTrustCheckChanged(self, state): + checked = False + if state == 2: + checked = True + + if checked: + self.reset_validation_status() + else: + self.set_validation_status(self.bad_cert_status) + + # trigger signal to redraw next button + self.completeChanged.emit() + def reset_validation_status(self): """ empty the validation msg @@ -314,23 +365,34 @@ class SelectProviderPage(QtGui.QWizardPage): def add_cert_info(self, certinfo): self.certWarning.setText( - "Do you want to trust this provider certificate?") + "Do you want to trust this provider certificate?") self.certInfo.setText( - 'Certificate sha1: %s
' % certinfo) - self.trustProviderCertCheckBox.show() + 'Sha1 fingerprint: %s
' % certinfo) + #self.trustProviderCertCheckBox.show() + self.certinfoGroup.show() # XXX when checkbox is marked, remove # the red warning. # XXX also, disable the next button! + # pagewizard methods + + def isComplete(self): + if not self.did_cert_check: + return True + if self.is_insecure_cert_trusted(): + return True + return False + def initializePage(self): self.certWarning.setText('') self.certInfo.setText('') - self.trustProviderCertCheckBox.hide() + #self.trustProviderCertCheckBox.hide() def validatePage(self): wizard = self.wizard() netchecker = wizard.netchecker() providercertchecker = wizard.providercertchecker() + eipconfigchecker = wizard.eipconfigchecker() domain = self.providerNameEdit.text() @@ -357,6 +419,8 @@ class SelectProviderPage(QtGui.QWizardPage): fingerprint = certs.get_https_cert_fingerprint( domain) self.add_cert_info(fingerprint) + self.did_cert_check = True + self.completeChanged.emit() return False except baseexceptions.LeapException as exc: @@ -364,7 +428,9 @@ class SelectProviderPage(QtGui.QWizardPage): return False # try download provider info... - # TODO ... + eipconfigchecker.fetch_definition(domain=domain) + wizard.set_providerconfig( + eipconfigchecker.defaultprovider.config) # all ok, go on... return True @@ -387,6 +453,43 @@ class ProviderInfoPage(QtGui.QWizardPage): QtGui.QWizard.LogoPixmap, QtGui.QPixmap(APP_LOGO)) + displayName = QtGui.QLabel("") + description = QtGui.QLabel("") + enrollment_policy = QtGui.QLabel("") + # stylesheet... + self.displayName = displayName + self.description = description + self.enrollment_policy = enrollment_policy + + layout = QtGui.QGridLayout() + layout.addWidget(displayName, 0, 1) + layout.addWidget(description, 1, 1) + layout.addWidget(enrollment_policy, 2, 1) + + self.setLayout(layout) + + def initializePage(self): + # XXX get multilingual objects + # directly from the config object + + lang = "en" + pconfig = self.wizard().providerconfig + + dn = pconfig.get('display_name') + display_name = dn[lang] if dn else '' + self.displayName.setText( + "%s" % display_name) + + desc = pconfig.get('description') + description_text = desc[lang] if desc else '' + self.description.setText( + "%s" % description_text) + + enroll = pconfig.get('enrollment_policy') + if enroll: + self.enrollment_policy.setText( + 'enrollment policy: %s' % enroll) + def nextId(self): wizard = self.wizard() if not wizard: @@ -405,6 +508,48 @@ class ProviderSetupPage(QtGui.QWizardPage): QtGui.QWizard.LogoPixmap, QtGui.QPixmap(APP_LOGO)) + self.status = QtGui.QLabel("") + self.progress = QtGui.QProgressBar() + self.progress.setMaximum(100) + self.progress.hide() + + layout = QtGui.QGridLayout() + layout.addWidget(self.status, 0, 1) + layout.addWidget(self.progress, 5, 1) + + self.setLayout(layout) + + def set_status(self, status): + self.status.setText(status) + + def initializePage(self): + self.set_status('') + self.progress.setValue(0) + self.progress.hide() + + def validatePage(self): + import time + self.progress.show() + + self.set_status('fetching cert...') + self.progress.setValue(20) + time.sleep(2) + + self.set_status('fetching cert another time...') + self.progress.setValue(40) + time.sleep(2) + + self.set_status('validating cert') + self.progress.setValue(60) + time.sleep(2) + + self.set_status('validating CA cert...') + self.progress.setValue(80) + time.sleep(2) + + self.progress.setValue(100) + return True + def nextId(self): wizard = self.wizard() if not wizard: -- cgit v1.2.3