mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

b=136948 Give better feedback when no valid certs for S/Mime are available 

r=javi sr=mscott
This commit is contained in:
kaie%netscape.com 2002-05-16 03:51:37 +00:00
Родитель d0aece1f9b
Коммит 4876fecd7c
4 изменённых файлов: 128 добавлений и 85 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

48
mailnews/extensions/smime/resources/content/am-smime.js
Просмотреть файл

@ -29,6 +29,8 @@ var gSignCertName = null;
var gSignMessages = null;
var gEncryptAlways = null;
var gNeverEncrypt = null;
var gBundle = null;
var gBrandBundle;
function onInit()
{
@ -40,6 +42,8 @@ function onInit()
gSignMessages = document.getElementById("identity.sign_mail");
gEncryptAlways = document.getElementById("encrypt_mail_always");
gNeverEncrypt = document.getElementById("encrypt_mail_never");
gBundle = document.getElementById("bundle_smime");
gBrandBundle = document.getElementById("bundle_brand");
gEncryptionCertName.value = gIdentity.getUnicharAttribute("encryption_cert_name");
@ -126,10 +130,13 @@ function smimeSelectCert(smime_cert)
var canceled = new Object;
var x509cert = 0;
var certUsage;
var selectEncryptionCert;
if (smime_cert == "identity.encryption_cert_name") {
selectEncryptionCert = true;
certUsage = 5;
} else if (smime_cert == "identity.signing_cert_name") {
selectEncryptionCert = false;
certUsage = 4;
}
@ -139,18 +146,41 @@ function smimeSelectCert(smime_cert)
certUsage, // this is from enum SECCertUsage
false, false, canceled);
} catch(e) {
// XXX display error message in the future
canceled.value = false;
x509cert = null;
}
if (!canceled.value && x509cert) {
certInfo.setAttribute("disabled", "false");
certInfo.value = x509cert.nickname;
if (!canceled.value) {
if (!x509cert) {
var errorString;
if (selectEncryptionCert) {
errorString = "NoEncryptionCert";
}
else {
errorString = "NoSigningCert";
}
var ifps = Components.interfaces.nsIPromptService;
var promptService = Components.classes["@mozilla.org/embedcomp/prompt-service;1"].getService();
if (promptService) {
promptService = promptService.QueryInterface(ifps);
}
if (promptService) {
promptService.alert(
window,
gBrandBundle.getString("brandShortName"),
gBundle.getString(errorString));
}
}
else {
certInfo.removeAttribute("disabled");
certInfo.value = x509cert.nickname;
if (smime_cert == "identity.encryption_cert_name") {
gEncryptAlways.removeAttribute("disabled");
gNeverEncrypt.removeAttribute("disabled");
} else {
gSignMessages.removeAttribute("disabled");
if (selectEncryptionCert) {
gEncryptAlways.removeAttribute("disabled");
gNeverEncrypt.removeAttribute("disabled");
} else {
gSignMessages.removeAttribute("disabled");
}
}
}
}

1
mailnews/extensions/smime/resources/content/am-smime.xul
Просмотреть файл

@ -33,6 +33,7 @@ Contributors:
orient="vertical">
<stringbundle id="bundle_smime" src="chrome://messenger/locale/am-smime.properties"/>
<stringbundle id="bundle_brand" src="chrome://global/locale/brand.properties"/>
<script type="application/x-javascript" src="chrome://messenger/content/AccountManager.js"/>
<script type="application/x-javascript" src="chrome://messenger/content/am-smime.js"/>

3
mailnews/extensions/smime/resources/locale/en-US/am-smime.properties
Просмотреть файл

@ -9,3 +9,6 @@ ErrorCanNotSign=Unable to sign message. Please check that the certificates speci
## Strings used for in the prefs.
prefPanel-smime=Security
NoSigningCert=Certificate Manager can't locate a valid certificate that can be used to digitally sign your messages.
NoEncryptionCert=Certificate Manager can't locate a valid certificate that other people can use to send you encrypted email messages.

161
security/manager/ssl/src/nsCertPicker.cpp
Просмотреть файл

@ -44,6 +44,10 @@
#include "nsNSSCertificate.h"
#include "nsINSSDialogs.h"
#include "nsReadableUtils.h"
#include "nsNSSCleaner.h"
NSSCleanupAutoPtrClass(CERTCertNicknames, CERT_FreeNicknames)
NSSCleanupAutoPtrClass(CERTCertList, CERT_DestroyCertList)
#include "cert.h"
@ -76,8 +80,7 @@ NS_IMETHODIMP nsCertPicker::PickByUsage(nsIInterfaceRequestor *ctx,
PRUnichar **certNicknameList = nsnull;
PRUnichar **certDetailsList = nsnull;
CERTCertListNode* node = nsnull;
CERTCertificate* cert = nsnull;
nsresult rv;
nsresult rv = NS_OK;
{
// Iterate over all certs. This assures that user is logged in to all hardware tokens.
@ -96,68 +99,74 @@ NS_IMETHODIMP nsCertPicker::PickByUsage(nsIInterfaceRequestor *ctx,
!allowDuplicateNicknames,
!allowInvalid,
ctx);
CERTCertListCleaner clc(certList);
if (!certList) {
return NS_ERROR_NOT_AVAILABLE;
}
rv = NS_OK;
CERTCertNicknames *nicknames =
CERT_NicknameStringsFromCertList(certList,
NICKNAME_EXPIRED_STRING,
NICKNAME_NOT_YET_VALID_STRING);
CERTCertNicknamesCleaner cnc(nicknames);
if (!nicknames) {
rv = NS_ERROR_NOT_AVAILABLE;
return NS_ERROR_NOT_AVAILABLE;
}
else {
certNicknameList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
certDetailsList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
PRInt32 CertsToUse;
certNicknameList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
certDetailsList = (PRUnichar **)nsMemory::Alloc(sizeof(PRUnichar *) * nicknames->numnicknames);
for (CertsToUse = 0, node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node, certList) && CertsToUse < nicknames->numnicknames;
node = CERT_LIST_NEXT(node)
)
{
nsNSSCertificate *tempCert = new nsNSSCertificate(node->cert);
if (!certNicknameList || !certDetailsList) {
nsMemory::Free(certNicknameList);
nsMemory::Free(certDetailsList);
return NS_ERROR_OUT_OF_MEMORY;
}
if (tempCert) {
PRInt32 CertsToUse;
// XXX we really should be using an nsCOMPtr instead of manually add-refing,
// but nsNSSCertificate does not have a default constructor.
for (CertsToUse = 0, node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node, certList) && CertsToUse < nicknames->numnicknames;
node = CERT_LIST_NEXT(node)
)
{
nsNSSCertificate *tempCert = new nsNSSCertificate(node->cert);
NS_ADDREF(tempCert);
if (tempCert) {
nsAutoString i_nickname(NS_ConvertUTF8toUCS2(nicknames->nicknames[CertsToUse]));
nsAutoString nickWithSerial;
nsAutoString details;
if (!selectionFound) {
if (i_nickname == nsDependentString(selectedNickname)) {
selectedIndex = CertsToUse;
selectionFound = PR_TRUE;
}
// XXX we really should be using an nsCOMPtr instead of manually add-refing,
// but nsNSSCertificate does not have a default constructor.
NS_ADDREF(tempCert);
nsAutoString i_nickname(NS_ConvertUTF8toUCS2(nicknames->nicknames[CertsToUse]));
nsAutoString nickWithSerial;
nsAutoString details;
if (!selectionFound) {
if (i_nickname == nsDependentString(selectedNickname)) {
selectedIndex = CertsToUse;
selectionFound = PR_TRUE;
}
if (NS_SUCCEEDED(tempCert->FormatUIStrings(i_nickname, nickWithSerial, details))) {
certNicknameList[CertsToUse] = ToNewUnicode(nickWithSerial);
certDetailsList[CertsToUse] = ToNewUnicode(details);
}
else {
certNicknameList[CertsToUse] = nsnull;
certDetailsList[CertsToUse] = nsnull;
}
NS_RELEASE(tempCert);
++CertsToUse;
}
if (NS_SUCCEEDED(tempCert->FormatUIStrings(i_nickname, nickWithSerial, details))) {
certNicknameList[CertsToUse] = ToNewUnicode(nickWithSerial);
certDetailsList[CertsToUse] = ToNewUnicode(details);
}
else {
certNicknameList[CertsToUse] = nsnull;
certDetailsList[CertsToUse] = nsnull;
}
NS_RELEASE(tempCert);
++CertsToUse;
}
PRInt32 i = 0;
}
if (CertsToUse) {
nsICertPickDialogs *dialogs = nsnull;
rv = getNSSDialogs((void**)&dialogs, NS_GET_IID(nsICertPickDialogs));
@ -167,47 +176,47 @@ NS_IMETHODIMP nsCertPicker::PickByUsage(nsIInterfaceRequestor *ctx,
(const PRUnichar**)certNicknameList, (const PRUnichar**)certDetailsList,
CertsToUse, &selectedIndex, canceled);
for (i = 0; i < CertsToUse; ++i) {
nsMemory::Free(certNicknameList[i]);
nsMemory::Free(certDetailsList[i]);
}
nsMemory::Free(certNicknameList);
nsMemory::Free(certDetailsList);
NS_RELEASE(dialogs);
}
}
if (NS_SUCCEEDED(rv) && !*canceled) {
for (i = 0, node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node, certList);
++i, node = CERT_LIST_NEXT(node)) {
PRInt32 i;
for (i = 0; i < CertsToUse; ++i) {
nsMemory::Free(certNicknameList[i]);
nsMemory::Free(certDetailsList[i]);
}
nsMemory::Free(certNicknameList);
nsMemory::Free(certDetailsList);
if (!CertsToUse) {
return NS_ERROR_NOT_AVAILABLE;
}
if (i == selectedIndex) {
nsNSSCertificate *cert = new nsNSSCertificate(node->cert);
if (!cert) {
rv = NS_ERROR_OUT_OF_MEMORY;
break;
}
if (NS_SUCCEEDED(rv) && !*canceled) {
for (i = 0, node = CERT_LIST_HEAD(certList);
!CERT_LIST_END(node, certList);
++i, node = CERT_LIST_NEXT(node)) {
nsIX509Cert *x509 = 0;
nsresult rv = cert->QueryInterface(NS_GET_IID(nsIX509Cert), (void**)&x509);
if (NS_FAILED(rv)) {
break;
}
NS_ADDREF(x509);
*_retval = x509;
NS_RELEASE(cert);
if (i == selectedIndex) {
nsNSSCertificate *cert = new nsNSSCertificate(node->cert);
if (!cert) {
rv = NS_ERROR_OUT_OF_MEMORY;
break;
}
nsIX509Cert *x509 = 0;
nsresult rv = cert->QueryInterface(NS_GET_IID(nsIX509Cert), (void**)&x509);
if (NS_FAILED(rv)) {
break;
}
NS_ADDREF(x509);
*_retval = x509;
NS_RELEASE(cert);
break;
}
}
CERT_FreeNicknames(nicknames);
}
if (certList) {
CERT_DestroyCertList(certList);
}
return rv;
}