From a85e488ed323ba35b9d12c5cc344bf06337a9a00 Mon Sep 17 00:00:00 2001
From: kali <kali@leap.se>
Date: Sat, 20 Oct 2012 07:13:22 +0900
Subject: add bypass for already trusted fingerprints

---
 src/leap/gui/firstrunwizard.py | 29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)

(limited to 'src/leap/gui')

diff --git a/src/leap/gui/firstrunwizard.py b/src/leap/gui/firstrunwizard.py
index 68cd4253..287332cd 100755
--- a/src/leap/gui/firstrunwizard.py
+++ b/src/leap/gui/firstrunwizard.py
@@ -47,6 +47,7 @@ class FirstRunWizard(QtGui.QWizard):
             self, parent=None, providers=None,
             success_cb=None, is_provider_setup=False,
             is_previously_registered=False,
+            trusted_certs=None,
             netchecker=basechecks.LeapNetworkChecker,
             providercertchecker=eipchecks.ProviderCertChecker,
             eipconfigchecker=eipchecks.EIPConfigChecker):
@@ -69,6 +70,10 @@ class FirstRunWizard(QtGui.QWizard):
         # if True, jumps to LogIn page.
         self.is_previously_registered = is_previously_registered
 
+        # a dict with trusted fingerprints
+        # in the form {'nospacesfingerprint': ['host1', 'host2']}
+        self.trusted_certs = trusted_certs
+
         # Checkers
         self.netchecker = netchecker
         self.providercertchecker = providercertchecker
@@ -415,10 +420,17 @@ class SelectProviderPage(QtGui.QWizardPage):
                 self.set_validation_status(exc.usermessage)
                 fingerprint = certs.get_cert_fingerprint(
                     domain=domain, sep=" ")
-                self.add_cert_info(fingerprint)
-                self.did_cert_check = True
-                self.completeChanged.emit()
-                return False
+
+                # it's ok if we've trusted this fgprt before
+                trustedcrts = self.wizard().trusted_certs
+                if trustedcrts and fingerprint.replace(' ', '') in trustedcrts:
+                    pass
+                else:
+                    # let your user face panick :P
+                    self.add_cert_info(fingerprint)
+                    self.did_cert_check = True
+                    self.completeChanged.emit()
+                    return False
 
         except baseexceptions.LeapException as exc:
             self.set_validation_status(exc.usermessage)
@@ -1044,6 +1056,13 @@ if __name__ == '__main__':
     logger.setLevel(logging.DEBUG)
 
     app = QtGui.QApplication(sys.argv)
-    wizard = FirstRunWizard()  # providers=('springbok',))
+
+    trusted_certs = {
+        "3DF83F316BFA0186"
+        "0A11A5C9C7FC24B9"
+        "18C62B941192CC1A"
+        "49AE62218B2A4B7C": ['springbok']}
+
+    wizard = FirstRunWizard(trusted_certs=trusted_certs)
     wizard.show()
     sys.exit(app.exec_())
-- 
cgit v1.2.3