1*b1cdbd2cSJim Jagielski /**************************************************************
2*b1cdbd2cSJim Jagielski *
3*b1cdbd2cSJim Jagielski * Licensed to the Apache Software Foundation (ASF) under one
4*b1cdbd2cSJim Jagielski * or more contributor license agreements. See the NOTICE file
5*b1cdbd2cSJim Jagielski * distributed with this work for additional information
6*b1cdbd2cSJim Jagielski * regarding copyright ownership. The ASF licenses this file
7*b1cdbd2cSJim Jagielski * to you under the Apache License, Version 2.0 (the
8*b1cdbd2cSJim Jagielski * "License"); you may not use this file except in compliance
9*b1cdbd2cSJim Jagielski * with the License. You may obtain a copy of the License at
10*b1cdbd2cSJim Jagielski *
11*b1cdbd2cSJim Jagielski * http://www.apache.org/licenses/LICENSE-2.0
12*b1cdbd2cSJim Jagielski *
13*b1cdbd2cSJim Jagielski * Unless required by applicable law or agreed to in writing,
14*b1cdbd2cSJim Jagielski * software distributed under the License is distributed on an
15*b1cdbd2cSJim Jagielski * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16*b1cdbd2cSJim Jagielski * KIND, either express or implied. See the License for the
17*b1cdbd2cSJim Jagielski * specific language governing permissions and limitations
18*b1cdbd2cSJim Jagielski * under the License.
19*b1cdbd2cSJim Jagielski *
20*b1cdbd2cSJim Jagielski *************************************************************/
21*b1cdbd2cSJim Jagielski
22*b1cdbd2cSJim Jagielski
23*b1cdbd2cSJim Jagielski
24*b1cdbd2cSJim Jagielski
25*b1cdbd2cSJim Jagielski #include "com/sun/star/security/CertificateValidity.hpp"
26*b1cdbd2cSJim Jagielski #include "com/sun/star/security/XCertificateExtension.hpp"
27*b1cdbd2cSJim Jagielski #include "com/sun/star/security/XSanExtension.hpp"
28*b1cdbd2cSJim Jagielski #include <com/sun/star/security/ExtAltNameType.hpp>
29*b1cdbd2cSJim Jagielski #include "com/sun/star/task/XInteractionAbort.hpp"
30*b1cdbd2cSJim Jagielski #include "com/sun/star/task/XInteractionApprove.hpp"
31*b1cdbd2cSJim Jagielski #include "com/sun/star/task/XInteractionRequest.hpp"
32*b1cdbd2cSJim Jagielski #include "com/sun/star/ucb/CertificateValidationRequest.hpp"
33*b1cdbd2cSJim Jagielski #include <com/sun/star/uno/Reference.hxx>
34*b1cdbd2cSJim Jagielski
35*b1cdbd2cSJim Jagielski #include <com/sun/star/uno/Sequence.hxx>
36*b1cdbd2cSJim Jagielski #include "vos/mutex.hxx"
37*b1cdbd2cSJim Jagielski #include "tools/datetime.hxx"
38*b1cdbd2cSJim Jagielski #include "svl/zforlist.hxx"
39*b1cdbd2cSJim Jagielski #include "vcl/svapp.hxx"
40*b1cdbd2cSJim Jagielski
41*b1cdbd2cSJim Jagielski #include "ids.hrc"
42*b1cdbd2cSJim Jagielski #include "getcontinuations.hxx"
43*b1cdbd2cSJim Jagielski #include "sslwarndlg.hxx"
44*b1cdbd2cSJim Jagielski #include "unknownauthdlg.hxx"
45*b1cdbd2cSJim Jagielski
46*b1cdbd2cSJim Jagielski #include "iahndl.hxx"
47*b1cdbd2cSJim Jagielski
48*b1cdbd2cSJim Jagielski #define DESCRIPTION_1 1
49*b1cdbd2cSJim Jagielski #define DESCRIPTION_2 2
50*b1cdbd2cSJim Jagielski #define TITLE 3
51*b1cdbd2cSJim Jagielski
52*b1cdbd2cSJim Jagielski #define OID_SUBJECT_ALTERNATIVE_NAME "2.5.29.17"
53*b1cdbd2cSJim Jagielski
54*b1cdbd2cSJim Jagielski
55*b1cdbd2cSJim Jagielski using namespace com::sun::star;
56*b1cdbd2cSJim Jagielski
57*b1cdbd2cSJim Jagielski namespace {
58*b1cdbd2cSJim Jagielski
59*b1cdbd2cSJim Jagielski String
getContentPart(const String & _rRawString)60*b1cdbd2cSJim Jagielski getContentPart( const String& _rRawString )
61*b1cdbd2cSJim Jagielski {
62*b1cdbd2cSJim Jagielski // search over some parts to find a string
63*b1cdbd2cSJim Jagielski //static char* aIDs[] = { "CN", "OU", "O", "E", NULL };
64*b1cdbd2cSJim Jagielski static char const * aIDs[] = { "CN=", "OU=", "O=", "E=", NULL };// By CP
65*b1cdbd2cSJim Jagielski String sPart;
66*b1cdbd2cSJim Jagielski int i = 0;
67*b1cdbd2cSJim Jagielski while ( aIDs[i] )
68*b1cdbd2cSJim Jagielski {
69*b1cdbd2cSJim Jagielski String sPartId = String::CreateFromAscii( aIDs[i++] );
70*b1cdbd2cSJim Jagielski xub_StrLen nContStart = _rRawString.Search( sPartId );
71*b1cdbd2cSJim Jagielski if ( nContStart != STRING_NOTFOUND )
72*b1cdbd2cSJim Jagielski {
73*b1cdbd2cSJim Jagielski nContStart = nContStart + sPartId.Len();
74*b1cdbd2cSJim Jagielski xub_StrLen nContEnd
75*b1cdbd2cSJim Jagielski = _rRawString.Search( sal_Unicode( ',' ), nContStart );
76*b1cdbd2cSJim Jagielski sPart = String( _rRawString, nContStart, nContEnd - nContStart );
77*b1cdbd2cSJim Jagielski break;
78*b1cdbd2cSJim Jagielski }
79*b1cdbd2cSJim Jagielski }
80*b1cdbd2cSJim Jagielski return sPart;
81*b1cdbd2cSJim Jagielski }
82*b1cdbd2cSJim Jagielski
83*b1cdbd2cSJim Jagielski bool
isDomainMatch(rtl::OUString hostName,uno::Sequence<::rtl::OUString> certHostNames)84*b1cdbd2cSJim Jagielski isDomainMatch(
85*b1cdbd2cSJim Jagielski rtl::OUString hostName, uno::Sequence< ::rtl::OUString > certHostNames)
86*b1cdbd2cSJim Jagielski {
87*b1cdbd2cSJim Jagielski for ( int i = 0; i < certHostNames.getLength(); i++){
88*b1cdbd2cSJim Jagielski ::rtl::OUString element = certHostNames[i];
89*b1cdbd2cSJim Jagielski
90*b1cdbd2cSJim Jagielski if (element.getLength() == 0)
91*b1cdbd2cSJim Jagielski continue;
92*b1cdbd2cSJim Jagielski
93*b1cdbd2cSJim Jagielski if (hostName.equalsIgnoreAsciiCase( element ))
94*b1cdbd2cSJim Jagielski return true;
95*b1cdbd2cSJim Jagielski
96*b1cdbd2cSJim Jagielski if ( 0 == element.indexOf( rtl::OUString::createFromAscii( "*" ) ) &&
97*b1cdbd2cSJim Jagielski hostName.getLength() >= element.getLength() )
98*b1cdbd2cSJim Jagielski {
99*b1cdbd2cSJim Jagielski rtl::OUString cmpStr = element.copy( 1 );
100*b1cdbd2cSJim Jagielski if ( hostName.matchIgnoreAsciiCase(
101*b1cdbd2cSJim Jagielski cmpStr, hostName.getLength() - cmpStr.getLength()) )
102*b1cdbd2cSJim Jagielski return true;
103*b1cdbd2cSJim Jagielski }
104*b1cdbd2cSJim Jagielski }
105*b1cdbd2cSJim Jagielski
106*b1cdbd2cSJim Jagielski return false;
107*b1cdbd2cSJim Jagielski }
108*b1cdbd2cSJim Jagielski
109*b1cdbd2cSJim Jagielski rtl::OUString
getLocalizedDatTimeStr(uno::Reference<lang::XMultiServiceFactory> const & xServiceFactory,util::DateTime const & rDateTime)110*b1cdbd2cSJim Jagielski getLocalizedDatTimeStr(
111*b1cdbd2cSJim Jagielski uno::Reference< lang::XMultiServiceFactory > const & xServiceFactory,
112*b1cdbd2cSJim Jagielski util::DateTime const & rDateTime )
113*b1cdbd2cSJim Jagielski {
114*b1cdbd2cSJim Jagielski rtl::OUString aDateTimeStr;
115*b1cdbd2cSJim Jagielski Date aDate;
116*b1cdbd2cSJim Jagielski Time aTime;
117*b1cdbd2cSJim Jagielski
118*b1cdbd2cSJim Jagielski aDate = Date( rDateTime.Day, rDateTime.Month, rDateTime.Year );
119*b1cdbd2cSJim Jagielski aTime = Time( rDateTime.Hours, rDateTime.Minutes, rDateTime.Seconds );
120*b1cdbd2cSJim Jagielski
121*b1cdbd2cSJim Jagielski LanguageType eUILang = Application::GetSettings().GetUILanguage();
122*b1cdbd2cSJim Jagielski SvNumberFormatter *pNumberFormatter
123*b1cdbd2cSJim Jagielski = new SvNumberFormatter( xServiceFactory, eUILang );
124*b1cdbd2cSJim Jagielski String aTmpStr;
125*b1cdbd2cSJim Jagielski Color* pColor = NULL;
126*b1cdbd2cSJim Jagielski Date* pNullDate = pNumberFormatter->GetNullDate();
127*b1cdbd2cSJim Jagielski sal_uInt32 nFormat
128*b1cdbd2cSJim Jagielski = pNumberFormatter->GetStandardFormat( NUMBERFORMAT_DATE, eUILang );
129*b1cdbd2cSJim Jagielski
130*b1cdbd2cSJim Jagielski pNumberFormatter->GetOutputString(
131*b1cdbd2cSJim Jagielski aDate - *pNullDate, nFormat, aTmpStr, &pColor );
132*b1cdbd2cSJim Jagielski aDateTimeStr = aTmpStr + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(" "));
133*b1cdbd2cSJim Jagielski
134*b1cdbd2cSJim Jagielski nFormat = pNumberFormatter->GetStandardFormat( NUMBERFORMAT_TIME, eUILang );
135*b1cdbd2cSJim Jagielski pNumberFormatter->GetOutputString(
136*b1cdbd2cSJim Jagielski aTime.GetTimeInDays(), nFormat, aTmpStr, &pColor );
137*b1cdbd2cSJim Jagielski aDateTimeStr += aTmpStr;
138*b1cdbd2cSJim Jagielski
139*b1cdbd2cSJim Jagielski return aDateTimeStr;
140*b1cdbd2cSJim Jagielski }
141*b1cdbd2cSJim Jagielski
142*b1cdbd2cSJim Jagielski sal_Bool
executeUnknownAuthDialog(Window * pParent,uno::Reference<lang::XMultiServiceFactory> const & xServiceFactory,const uno::Reference<security::XCertificate> & rXCert)143*b1cdbd2cSJim Jagielski executeUnknownAuthDialog(
144*b1cdbd2cSJim Jagielski Window * pParent,
145*b1cdbd2cSJim Jagielski uno::Reference< lang::XMultiServiceFactory > const & xServiceFactory,
146*b1cdbd2cSJim Jagielski const uno::Reference< security::XCertificate >& rXCert)
147*b1cdbd2cSJim Jagielski SAL_THROW((uno::RuntimeException))
148*b1cdbd2cSJim Jagielski {
149*b1cdbd2cSJim Jagielski try
150*b1cdbd2cSJim Jagielski {
151*b1cdbd2cSJim Jagielski vos::OGuard aGuard(Application::GetSolarMutex());
152*b1cdbd2cSJim Jagielski
153*b1cdbd2cSJim Jagielski std::auto_ptr< ResMgr > xManager(
154*b1cdbd2cSJim Jagielski ResMgr::CreateResMgr(CREATEVERSIONRESMGR_NAME(uui)));
155*b1cdbd2cSJim Jagielski std::auto_ptr< UnknownAuthDialog > xDialog(
156*b1cdbd2cSJim Jagielski new UnknownAuthDialog( pParent,
157*b1cdbd2cSJim Jagielski rXCert,
158*b1cdbd2cSJim Jagielski xServiceFactory,
159*b1cdbd2cSJim Jagielski xManager.get()));
160*b1cdbd2cSJim Jagielski
161*b1cdbd2cSJim Jagielski // Get correct ressource string
162*b1cdbd2cSJim Jagielski rtl::OUString aMessage;
163*b1cdbd2cSJim Jagielski
164*b1cdbd2cSJim Jagielski std::vector< rtl::OUString > aArguments;
165*b1cdbd2cSJim Jagielski aArguments.push_back( getContentPart( rXCert->getSubjectName()) );
166*b1cdbd2cSJim Jagielski
167*b1cdbd2cSJim Jagielski if (xManager.get())
168*b1cdbd2cSJim Jagielski {
169*b1cdbd2cSJim Jagielski ResId aResId(RID_UUI_ERRHDL, *xManager.get());
170*b1cdbd2cSJim Jagielski if (ErrorResource(aResId).getString(
171*b1cdbd2cSJim Jagielski ERRCODE_UUI_UNKNOWNAUTH_UNTRUSTED, &aMessage))
172*b1cdbd2cSJim Jagielski {
173*b1cdbd2cSJim Jagielski aMessage = UUIInteractionHelper::replaceMessageWithArguments(
174*b1cdbd2cSJim Jagielski aMessage, aArguments );
175*b1cdbd2cSJim Jagielski xDialog->setDescriptionText( aMessage );
176*b1cdbd2cSJim Jagielski }
177*b1cdbd2cSJim Jagielski }
178*b1cdbd2cSJim Jagielski
179*b1cdbd2cSJim Jagielski return static_cast<sal_Bool> (xDialog->Execute());
180*b1cdbd2cSJim Jagielski }
181*b1cdbd2cSJim Jagielski catch (std::bad_alloc const &)
182*b1cdbd2cSJim Jagielski {
183*b1cdbd2cSJim Jagielski throw uno::RuntimeException(
184*b1cdbd2cSJim Jagielski rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("out of memory")),
185*b1cdbd2cSJim Jagielski uno::Reference< uno::XInterface >());
186*b1cdbd2cSJim Jagielski }
187*b1cdbd2cSJim Jagielski }
188*b1cdbd2cSJim Jagielski
189*b1cdbd2cSJim Jagielski sal_Bool
executeSSLWarnDialog(Window * pParent,uno::Reference<lang::XMultiServiceFactory> const & xServiceFactory,const uno::Reference<security::XCertificate> & rXCert,sal_Int32 const & failure,const rtl::OUString & hostName)190*b1cdbd2cSJim Jagielski executeSSLWarnDialog(
191*b1cdbd2cSJim Jagielski Window * pParent,
192*b1cdbd2cSJim Jagielski uno::Reference< lang::XMultiServiceFactory > const & xServiceFactory,
193*b1cdbd2cSJim Jagielski const uno::Reference< security::XCertificate >& rXCert,
194*b1cdbd2cSJim Jagielski sal_Int32 const & failure,
195*b1cdbd2cSJim Jagielski const rtl::OUString & hostName )
196*b1cdbd2cSJim Jagielski SAL_THROW((uno::RuntimeException))
197*b1cdbd2cSJim Jagielski {
198*b1cdbd2cSJim Jagielski try
199*b1cdbd2cSJim Jagielski {
200*b1cdbd2cSJim Jagielski vos::OGuard aGuard(Application::GetSolarMutex());
201*b1cdbd2cSJim Jagielski
202*b1cdbd2cSJim Jagielski std::auto_ptr< ResMgr > xManager(
203*b1cdbd2cSJim Jagielski ResMgr::CreateResMgr(CREATEVERSIONRESMGR_NAME(uui)));
204*b1cdbd2cSJim Jagielski std::auto_ptr< SSLWarnDialog > xDialog(
205*b1cdbd2cSJim Jagielski new SSLWarnDialog( pParent,
206*b1cdbd2cSJim Jagielski rXCert,
207*b1cdbd2cSJim Jagielski xServiceFactory,
208*b1cdbd2cSJim Jagielski xManager.get()));
209*b1cdbd2cSJim Jagielski
210*b1cdbd2cSJim Jagielski // Get correct ressource string
211*b1cdbd2cSJim Jagielski rtl::OUString aMessage_1;
212*b1cdbd2cSJim Jagielski std::vector< rtl::OUString > aArguments_1;
213*b1cdbd2cSJim Jagielski
214*b1cdbd2cSJim Jagielski switch( failure )
215*b1cdbd2cSJim Jagielski {
216*b1cdbd2cSJim Jagielski case SSLWARN_TYPE_DOMAINMISMATCH:
217*b1cdbd2cSJim Jagielski aArguments_1.push_back( hostName );
218*b1cdbd2cSJim Jagielski aArguments_1.push_back(
219*b1cdbd2cSJim Jagielski getContentPart( rXCert->getSubjectName()) );
220*b1cdbd2cSJim Jagielski aArguments_1.push_back( hostName );
221*b1cdbd2cSJim Jagielski break;
222*b1cdbd2cSJim Jagielski case SSLWARN_TYPE_EXPIRED:
223*b1cdbd2cSJim Jagielski aArguments_1.push_back(
224*b1cdbd2cSJim Jagielski getContentPart( rXCert->getSubjectName()) );
225*b1cdbd2cSJim Jagielski aArguments_1.push_back(
226*b1cdbd2cSJim Jagielski getLocalizedDatTimeStr( xServiceFactory,
227*b1cdbd2cSJim Jagielski rXCert->getNotValidAfter() ) );
228*b1cdbd2cSJim Jagielski aArguments_1.push_back(
229*b1cdbd2cSJim Jagielski getLocalizedDatTimeStr( xServiceFactory,
230*b1cdbd2cSJim Jagielski rXCert->getNotValidAfter() ) );
231*b1cdbd2cSJim Jagielski break;
232*b1cdbd2cSJim Jagielski case SSLWARN_TYPE_INVALID:
233*b1cdbd2cSJim Jagielski break;
234*b1cdbd2cSJim Jagielski }
235*b1cdbd2cSJim Jagielski
236*b1cdbd2cSJim Jagielski if (xManager.get())
237*b1cdbd2cSJim Jagielski {
238*b1cdbd2cSJim Jagielski ResId aResId(RID_UUI_ERRHDL, *xManager.get());
239*b1cdbd2cSJim Jagielski if (ErrorResource(aResId).getString(
240*b1cdbd2cSJim Jagielski ERRCODE_AREA_UUI_UNKNOWNAUTH + failure + DESCRIPTION_1,
241*b1cdbd2cSJim Jagielski &aMessage_1))
242*b1cdbd2cSJim Jagielski {
243*b1cdbd2cSJim Jagielski aMessage_1 = UUIInteractionHelper::replaceMessageWithArguments(
244*b1cdbd2cSJim Jagielski aMessage_1, aArguments_1 );
245*b1cdbd2cSJim Jagielski xDialog->setDescription1Text( aMessage_1 );
246*b1cdbd2cSJim Jagielski }
247*b1cdbd2cSJim Jagielski
248*b1cdbd2cSJim Jagielski rtl::OUString aTitle;
249*b1cdbd2cSJim Jagielski ErrorResource(aResId).getString(
250*b1cdbd2cSJim Jagielski ERRCODE_AREA_UUI_UNKNOWNAUTH + failure + TITLE, &aTitle);
251*b1cdbd2cSJim Jagielski xDialog->SetText( aTitle );
252*b1cdbd2cSJim Jagielski }
253*b1cdbd2cSJim Jagielski
254*b1cdbd2cSJim Jagielski return static_cast<sal_Bool> (xDialog->Execute());
255*b1cdbd2cSJim Jagielski }
256*b1cdbd2cSJim Jagielski catch (std::bad_alloc const &)
257*b1cdbd2cSJim Jagielski {
258*b1cdbd2cSJim Jagielski throw uno::RuntimeException(
259*b1cdbd2cSJim Jagielski rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("out of memory")),
260*b1cdbd2cSJim Jagielski uno::Reference< uno::XInterface >());
261*b1cdbd2cSJim Jagielski }
262*b1cdbd2cSJim Jagielski }
263*b1cdbd2cSJim Jagielski
264*b1cdbd2cSJim Jagielski void
handleCertificateValidationRequest_(Window * pParent,uno::Reference<lang::XMultiServiceFactory> const & xServiceFactory,ucb::CertificateValidationRequest const & rRequest,uno::Sequence<uno::Reference<task::XInteractionContinuation>> const & rContinuations)265*b1cdbd2cSJim Jagielski handleCertificateValidationRequest_(
266*b1cdbd2cSJim Jagielski Window * pParent,
267*b1cdbd2cSJim Jagielski uno::Reference< lang::XMultiServiceFactory > const & xServiceFactory,
268*b1cdbd2cSJim Jagielski ucb::CertificateValidationRequest const & rRequest,
269*b1cdbd2cSJim Jagielski uno::Sequence< uno::Reference< task::XInteractionContinuation > > const &
270*b1cdbd2cSJim Jagielski rContinuations)
271*b1cdbd2cSJim Jagielski SAL_THROW((uno::RuntimeException))
272*b1cdbd2cSJim Jagielski {
273*b1cdbd2cSJim Jagielski uno::Reference< task::XInteractionApprove > xApprove;
274*b1cdbd2cSJim Jagielski uno::Reference< task::XInteractionAbort > xAbort;
275*b1cdbd2cSJim Jagielski getContinuations(rContinuations, &xApprove, &xAbort);
276*b1cdbd2cSJim Jagielski
277*b1cdbd2cSJim Jagielski sal_Int32 failures = rRequest.CertificateValidity;
278*b1cdbd2cSJim Jagielski sal_Bool trustCert = sal_True;
279*b1cdbd2cSJim Jagielski
280*b1cdbd2cSJim Jagielski if ( ((failures & security::CertificateValidity::UNTRUSTED)
281*b1cdbd2cSJim Jagielski == security::CertificateValidity::UNTRUSTED ) ||
282*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::ISSUER_UNTRUSTED)
283*b1cdbd2cSJim Jagielski == security::CertificateValidity::ISSUER_UNTRUSTED) ||
284*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::ROOT_UNTRUSTED)
285*b1cdbd2cSJim Jagielski == security::CertificateValidity::ROOT_UNTRUSTED) )
286*b1cdbd2cSJim Jagielski {
287*b1cdbd2cSJim Jagielski trustCert = executeUnknownAuthDialog( pParent,
288*b1cdbd2cSJim Jagielski xServiceFactory,
289*b1cdbd2cSJim Jagielski rRequest.Certificate );
290*b1cdbd2cSJim Jagielski }
291*b1cdbd2cSJim Jagielski
292*b1cdbd2cSJim Jagielski uno::Sequence< uno::Reference< security::XCertificateExtension > > extensions = rRequest.Certificate->getExtensions();
293*b1cdbd2cSJim Jagielski uno::Sequence< security::CertAltNameEntry > altNames;
294*b1cdbd2cSJim Jagielski for (sal_Int32 i = 0 ; i < extensions.getLength(); i++){
295*b1cdbd2cSJim Jagielski uno::Reference< security::XCertificateExtension >element = extensions[i];
296*b1cdbd2cSJim Jagielski
297*b1cdbd2cSJim Jagielski rtl::OString aId ( (const sal_Char *)element->getExtensionId().getArray(), element->getExtensionId().getLength());
298*b1cdbd2cSJim Jagielski if (aId.equals(OID_SUBJECT_ALTERNATIVE_NAME))
299*b1cdbd2cSJim Jagielski {
300*b1cdbd2cSJim Jagielski uno::Reference< security::XSanExtension > sanExtension ( element, uno::UNO_QUERY );
301*b1cdbd2cSJim Jagielski altNames = sanExtension->getAlternativeNames();
302*b1cdbd2cSJim Jagielski break;
303*b1cdbd2cSJim Jagielski }
304*b1cdbd2cSJim Jagielski }
305*b1cdbd2cSJim Jagielski
306*b1cdbd2cSJim Jagielski ::rtl::OUString certHostName = getContentPart( rRequest.Certificate->getSubjectName() );
307*b1cdbd2cSJim Jagielski uno::Sequence< ::rtl::OUString > certHostNames(altNames.getLength() + 1);
308*b1cdbd2cSJim Jagielski
309*b1cdbd2cSJim Jagielski certHostNames[0] = certHostName;
310*b1cdbd2cSJim Jagielski
311*b1cdbd2cSJim Jagielski for(int n = 0; n < altNames.getLength(); ++n)
312*b1cdbd2cSJim Jagielski {
313*b1cdbd2cSJim Jagielski if (altNames[n].Type == security::ExtAltNameType_DNS_NAME){
314*b1cdbd2cSJim Jagielski altNames[n].Value >>= certHostNames[n+1];
315*b1cdbd2cSJim Jagielski }
316*b1cdbd2cSJim Jagielski }
317*b1cdbd2cSJim Jagielski
318*b1cdbd2cSJim Jagielski if ( (!isDomainMatch(
319*b1cdbd2cSJim Jagielski rRequest.HostName,
320*b1cdbd2cSJim Jagielski certHostNames )) &&
321*b1cdbd2cSJim Jagielski trustCert )
322*b1cdbd2cSJim Jagielski {
323*b1cdbd2cSJim Jagielski trustCert = executeSSLWarnDialog( pParent,
324*b1cdbd2cSJim Jagielski xServiceFactory,
325*b1cdbd2cSJim Jagielski rRequest.Certificate,
326*b1cdbd2cSJim Jagielski SSLWARN_TYPE_DOMAINMISMATCH,
327*b1cdbd2cSJim Jagielski rRequest.HostName );
328*b1cdbd2cSJim Jagielski }
329*b1cdbd2cSJim Jagielski else
330*b1cdbd2cSJim Jagielski if ( (((failures & security::CertificateValidity::TIME_INVALID)
331*b1cdbd2cSJim Jagielski == security::CertificateValidity::TIME_INVALID) ||
332*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::NOT_TIME_NESTED)
333*b1cdbd2cSJim Jagielski == security::CertificateValidity::NOT_TIME_NESTED)) &&
334*b1cdbd2cSJim Jagielski trustCert )
335*b1cdbd2cSJim Jagielski {
336*b1cdbd2cSJim Jagielski trustCert = executeSSLWarnDialog( pParent,
337*b1cdbd2cSJim Jagielski xServiceFactory,
338*b1cdbd2cSJim Jagielski rRequest.Certificate,
339*b1cdbd2cSJim Jagielski SSLWARN_TYPE_EXPIRED,
340*b1cdbd2cSJim Jagielski rRequest.HostName );
341*b1cdbd2cSJim Jagielski }
342*b1cdbd2cSJim Jagielski else
343*b1cdbd2cSJim Jagielski if ( (((failures & security::CertificateValidity::REVOKED)
344*b1cdbd2cSJim Jagielski == security::CertificateValidity::REVOKED) ||
345*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::SIGNATURE_INVALID)
346*b1cdbd2cSJim Jagielski == security::CertificateValidity::SIGNATURE_INVALID) ||
347*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::EXTENSION_INVALID)
348*b1cdbd2cSJim Jagielski == security::CertificateValidity::EXTENSION_INVALID) ||
349*b1cdbd2cSJim Jagielski ((failures & security::CertificateValidity::INVALID)
350*b1cdbd2cSJim Jagielski == security::CertificateValidity::INVALID)) &&
351*b1cdbd2cSJim Jagielski trustCert )
352*b1cdbd2cSJim Jagielski {
353*b1cdbd2cSJim Jagielski trustCert = executeSSLWarnDialog( pParent,
354*b1cdbd2cSJim Jagielski xServiceFactory,
355*b1cdbd2cSJim Jagielski rRequest.Certificate,
356*b1cdbd2cSJim Jagielski SSLWARN_TYPE_INVALID,
357*b1cdbd2cSJim Jagielski rRequest.HostName );
358*b1cdbd2cSJim Jagielski }
359*b1cdbd2cSJim Jagielski
360*b1cdbd2cSJim Jagielski if ( trustCert )
361*b1cdbd2cSJim Jagielski {
362*b1cdbd2cSJim Jagielski if (xApprove.is())
363*b1cdbd2cSJim Jagielski xApprove->select();
364*b1cdbd2cSJim Jagielski }
365*b1cdbd2cSJim Jagielski else
366*b1cdbd2cSJim Jagielski {
367*b1cdbd2cSJim Jagielski if (xAbort.is())
368*b1cdbd2cSJim Jagielski xAbort->select();
369*b1cdbd2cSJim Jagielski }
370*b1cdbd2cSJim Jagielski }
371*b1cdbd2cSJim Jagielski
372*b1cdbd2cSJim Jagielski } // namespace
373*b1cdbd2cSJim Jagielski
374*b1cdbd2cSJim Jagielski bool
handleCertificateValidationRequest(uno::Reference<task::XInteractionRequest> const & rRequest)375*b1cdbd2cSJim Jagielski UUIInteractionHelper::handleCertificateValidationRequest(
376*b1cdbd2cSJim Jagielski uno::Reference< task::XInteractionRequest > const & rRequest)
377*b1cdbd2cSJim Jagielski SAL_THROW((uno::RuntimeException))
378*b1cdbd2cSJim Jagielski {
379*b1cdbd2cSJim Jagielski uno::Any aAnyRequest(rRequest->getRequest());
380*b1cdbd2cSJim Jagielski
381*b1cdbd2cSJim Jagielski ucb::CertificateValidationRequest aCertificateValidationRequest;
382*b1cdbd2cSJim Jagielski if (aAnyRequest >>= aCertificateValidationRequest)
383*b1cdbd2cSJim Jagielski {
384*b1cdbd2cSJim Jagielski handleCertificateValidationRequest_(getParentProperty(),
385*b1cdbd2cSJim Jagielski m_xServiceFactory,
386*b1cdbd2cSJim Jagielski aCertificateValidationRequest,
387*b1cdbd2cSJim Jagielski rRequest->getContinuations());
388*b1cdbd2cSJim Jagielski return true;
389*b1cdbd2cSJim Jagielski }
390*b1cdbd2cSJim Jagielski
391*b1cdbd2cSJim Jagielski return false;
392*b1cdbd2cSJim Jagielski }
393*b1cdbd2cSJim Jagielski
394