From 4aed2c8219774f5d797760606b8489a92ddc5163 Mon Sep 17 00:00:00 2001 From: toma Date: Wed, 25 Nov 2009 17:56:58 +0000 Subject: Copy the KDE 3.5 branch to branches/trinity for new KDE 3.5 features. BUG:215923 git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebase@1054174 283d02a7-25f6-0310-bc7c-ecb5cbfe19da --- kcontrol/crypto/Makefile.am | 19 + kcontrol/crypto/README | 2 + kcontrol/crypto/certexport.cpp | 148 +++ kcontrol/crypto/certexport.h | 55 + kcontrol/crypto/certgen.ui | 513 ++++++++ kcontrol/crypto/configure.in.in | 1 + kcontrol/crypto/crypto.cpp | 2458 ++++++++++++++++++++++++++++++++++++++ kcontrol/crypto/crypto.desktop | 229 ++++ kcontrol/crypto/crypto.h | 362 ++++++ kcontrol/crypto/kdatetimedlg.cpp | 118 ++ kcontrol/crypto/kdatetimedlg.h | 60 + 11 files changed, 3965 insertions(+) create mode 100644 kcontrol/crypto/Makefile.am create mode 100644 kcontrol/crypto/README create mode 100644 kcontrol/crypto/certexport.cpp create mode 100644 kcontrol/crypto/certexport.h create mode 100644 kcontrol/crypto/certgen.ui create mode 100644 kcontrol/crypto/configure.in.in create mode 100644 kcontrol/crypto/crypto.cpp create mode 100644 kcontrol/crypto/crypto.desktop create mode 100644 kcontrol/crypto/crypto.h create mode 100644 kcontrol/crypto/kdatetimedlg.cpp create mode 100644 kcontrol/crypto/kdatetimedlg.h (limited to 'kcontrol/crypto') diff --git a/kcontrol/crypto/Makefile.am b/kcontrol/crypto/Makefile.am new file mode 100644 index 000000000..73a79653d --- /dev/null +++ b/kcontrol/crypto/Makefile.am @@ -0,0 +1,19 @@ +AM_CPPFLAGS = $(all_includes) $(SSL_INCLUDES) +kde_module_LTLIBRARIES = kcm_crypto.la + +kcm_crypto_la_SOURCES = crypto.cpp certexport.cpp kdatetimedlg.cpp + +AM_CXXFLAGS = $(CXXFLAGS) -DLIBDIR=$(libdir) + +kcm_crypto_la_LDFLAGS = $(KDE_RPATH) $(all_libraries) $(SSL_LDFLAGS) -module -avoid-version -no-undefined +kcm_crypto_la_LIBADD = -lkdeui $(LIB_KIO) $(LIBSSL) + +METASOURCES = AUTO + +noinst_HEADERS = crypto.h certexport.h kdatetimedlg.h + +messages: rc.cpp + : > rc.cpp + $(XGETTEXT) $(kcm_crypto_la_SOURCES) *.h -o $(podir)/kcmcrypto.pot + +xdg_apps_DATA = crypto.desktop diff --git a/kcontrol/crypto/README b/kcontrol/crypto/README new file mode 100644 index 000000000..f86d974f1 --- /dev/null +++ b/kcontrol/crypto/README @@ -0,0 +1,2 @@ +This needs to be updated to use libkssl instead of OpenSSL directly. + diff --git a/kcontrol/crypto/certexport.cpp b/kcontrol/crypto/certexport.cpp new file mode 100644 index 000000000..7c31bb84b --- /dev/null +++ b/kcontrol/crypto/certexport.cpp @@ -0,0 +1,148 @@ +/** + * certexport.cpp + * + * Copyright (c) 2001 George Staikos + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "certexport.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +KCertExport::KCertExport(QWidget *parent, const char *name) + : KDialog(parent, name, true) { +QGridLayout *grid = new QGridLayout(this, 9, 6, marginHint(), spacingHint()); + + setCaption(i18n("X509 Certificate Export")); + + QVButtonGroup *bg = new QVButtonGroup(i18n("Format"), this); + _pem = new QRadioButton(i18n("&PEM"), bg); + _netscape = new QRadioButton(i18n("&Netscape"), bg); + _der = new QRadioButton(i18n("&DER/ASN1"), bg); + _text = new QRadioButton(i18n("&Text"), bg); + grid->addMultiCellWidget(bg, 0, 4, 0, 3); + _pem->setChecked(true); + + grid->addMultiCellWidget(new QLabel(i18n("Filename:"), this), 5, 5, 0, 3); + + _filename = new KLineEdit(this); + grid->addMultiCellWidget(_filename, 6, 6, 0, 4); + connect(_filename, SIGNAL(textChanged(const QString &)), this, SLOT(slotTextChanged(const QString &))); + connect(_filename, SIGNAL(returnPressed()), this, SLOT(slotExport())); + + _choose = new QPushButton("...", this); + grid->addWidget(_choose, 6, 5); + connect(_choose, SIGNAL(clicked()), this, SLOT(slotChoose())); + + _export = new QPushButton(i18n("&Export"), this); + grid->addWidget(_export, 8, 4); + connect(_export, SIGNAL(clicked()), this, SLOT(slotExport())); + _export->setEnabled(false); + + _cancel = new QPushButton(i18n("&Cancel"), this); + grid->addWidget(_cancel, 8, 5); + connect(_cancel, SIGNAL(clicked()), this, SLOT(reject())); +} + + +KCertExport::~KCertExport() { + +} + + +void KCertExport::setCertificate(KSSLCertificate *c) { + _c = c; +} + + +void KCertExport::slotExport() { +QByteArray cert; +QString certt; + + if (_filename->text().isEmpty()) return; + + if (!_c) { + KMessageBox::sorry(this, i18n("Internal error. Please report to kfm-devel@kde.org."), i18n("SSL")); + return; + } + + if (_der->isChecked()) { + cert = _c->toDer(); + } else if (_pem->isChecked()) { + cert = _c->toPem(); + } else if (_text->isChecked()) { + certt = _c->toText(); + } else { // netscape + cert = _c->toNetscape(); + } + + if ((!_text->isChecked() && cert.size() <= 0) && certt.isEmpty()) { + KMessageBox::error(this, i18n("Error converting the certificate into the requested format."), i18n("SSL")); + reject(); + return; + } + + QFile outFile(_filename->text()); + + if (!outFile.open(IO_WriteOnly)) { + KMessageBox::error(this, i18n("Error opening file for output."), i18n("SSL")); + reject(); + return; + } + + if (_text->isChecked()) + outFile.writeBlock(certt.local8Bit(), certt.length()); + else outFile.writeBlock(cert); + + outFile.close(); + +accept(); +} + + +void KCertExport::slotChoose() { + //QString newFile = KFileDialog::getSaveFileName("::x509save", i18n("*.pem|Privacy Enhanced Mail Format\n*.der|DER/ASN1 Format")); + QString newFile = KFileDialog::getSaveFileName(QString::null, "application/x-x509-ca-cert"); + + // Dunno about this one yet + // \n*.ncert|Netscape certificate files"); + + if (!newFile.isEmpty()) _filename->setText(newFile); +} + + +void KCertExport::slotTextChanged(const QString& x) { + _export->setEnabled(!x.isEmpty()); +} + + +#include "certexport.moc" + diff --git a/kcontrol/crypto/certexport.h b/kcontrol/crypto/certexport.h new file mode 100644 index 000000000..983cf0804 --- /dev/null +++ b/kcontrol/crypto/certexport.h @@ -0,0 +1,55 @@ +/** + * certexport.h + * + * Copyright (c) 2001 George Staikos + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +#ifndef _CERTEXPORT_H +#define _CERTEXPORT_H + +#include + +class KLineEdit; +class QRadioButton; +class QPushButton; +class KSSLCertificate; + + +class KCertExport : public KDialog +{ + Q_OBJECT +public: + KCertExport(QWidget *parent = 0L, const char *name = 0L); + virtual ~KCertExport(); + + void setCertificate(KSSLCertificate *c); + +protected slots: + void slotExport(); + void slotChoose(); + void slotTextChanged(const QString &); + +private: + QPushButton *_export, *_cancel, *_choose; + QRadioButton *_pem, *_netscape, *_der, *_text; + KLineEdit *_filename; + + KSSLCertificate *_c; + +}; + +#endif diff --git a/kcontrol/crypto/certgen.ui b/kcontrol/crypto/certgen.ui new file mode 100644 index 000000000..19ee05535 --- /dev/null +++ b/kcontrol/crypto/certgen.ui @@ -0,0 +1,513 @@ + +D_GenCert + + + D_GenCert + + + + 0 + 0 + 539 + 367 + + + + Certificate Creation Wizard + + + + TextLabel2 + + + + 10 + 40 + 70 + 21 + + + + NoFrame + + + Plain + + + Passphrase: + + + + + TextLabel3 + + + + 10 + 100 + 90 + 21 + + + + Country code: + + + + + TextLabel4 + + + + 10 + 130 + 150 + 21 + + + + State or province (in full): + + + + + T_CertType + + + + 10 + 10 + 100 + 21 + + + + Certificate type: + + + + + TextLabel2_2 + + + + 10 + 70 + 120 + 21 + + + + Passphrase (verify): + + + + + TextLabel5 + + + + 10 + 160 + 30 + 21 + + + + City: + + + + + TextLabel6 + + + + 10 + 190 + 141 + 21 + + + + Organization name: + + + + + TextLabel7 + + + + 10 + 220 + 150 + 21 + + + + Organizational unit/group: + + + + + TextLabel8 + + + + 10 + 250 + 170 + 21 + + + + Full hostname of the server: + + + + + L_CertType + + + + 180 + 10 + 130 + 21 + + + + + + LineEdit3 + + + + 180 + 100 + 41 + 22 + + + + 2 + + + + + TextLabel9 + + + + 10 + 280 + 111 + 21 + + + + Email address: + + + + + LineEdit4_2_2_2 + + + + 180 + 220 + 121 + 22 + + + + 200 + + + + + LineEdit4_2_2_2_2 + + + + 180 + 250 + 121 + 22 + + + + 200 + + + + + LineEdit4_2_2_2_3 + + + + 180 + 280 + 121 + 22 + + + + 200 + + + + + E_Passphrase + + + + 180 + 40 + 130 + 22 + + + + 500 + + + Password + + + + + E_Passphrase_2 + + + + 180 + 70 + 131 + 22 + + + + 500 + + + Password + + + + + TextLabel10 + + + + 10 + 310 + 121 + 21 + + + + Days valid: + + + + + SpinBox1 + + + + 180 + 310 + 81 + 21 + + + + 365 + + + 1 + + + 365 + + + + + TextLabel11 + + + + 320 + 40 + 60 + 21 + + + + Digest: + + + + + CheckBox1 + + + + 320 + 10 + 80 + 21 + + + + Self sign + + + true + + + + + TextLabel12 + + + + 320 + 70 + 50 + 21 + + + + Alias: + + + + + LineEdit19 + + + + 380 + 70 + 131 + 22 + + + + + + LineEdit4_2_2 + + + + 180 + 190 + 121 + 22 + + + + 200 + + + + + LineEdit4_2 + + + + 180 + 160 + 121 + 22 + + + + 200 + + + + + ComboBox2 + + + + 380 + 40 + 130 + 21 + + + + + + CheckBox2 + + + + 320 + 100 + 161 + 21 + + + + Use DSA instead of RSA + + + + + TextLabel13 + + + + 320 + 130 + 71 + 21 + + + + Bit strength: + + + + + ComboBox5 + + + + 400 + 130 + 111 + 21 + + + + + + LineEdit4 + + + + 180 + 130 + 121 + 22 + + + + 200 + + + + + kdialog.h + + + + diff --git a/kcontrol/crypto/configure.in.in b/kcontrol/crypto/configure.in.in new file mode 100644 index 000000000..680e26e0a --- /dev/null +++ b/kcontrol/crypto/configure.in.in @@ -0,0 +1 @@ +KDE_CHECK_SSL diff --git a/kcontrol/crypto/crypto.cpp b/kcontrol/crypto/crypto.cpp new file mode 100644 index 000000000..f5c4b0099 --- /dev/null +++ b/kcontrol/crypto/crypto.cpp @@ -0,0 +1,2458 @@ +/** + * crypto.cpp + * + * Copyright (c) 2000-2005 George Staikos + * 2000 Carsten Pfeiffer + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +// +// Attention. The suck factor on this code is increasing. It's a bit of a +// hack. It might be time to rewrite it soon. +// + +#include +#include + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#ifdef HAVE_SSL +#define crypt _openssl_crypt +#include +#include +#include +#include +#include +#include +#include +#include +#undef crypt +#endif + +#include +#include + +#include "crypto.h" +#include "certexport.h" +#include "kdatetimedlg.h" + +using namespace KNetwork; + +typedef KGenericFactory KryptoFactory; +K_EXPORT_COMPONENT_FACTORY( kcm_crypto, KryptoFactory("kcmcrypto") ) + +CipherItem::CipherItem( QListView *view, const QString& cipher, int bits, + int maxBits, KCryptoConfig *module ) + : QCheckListItem( view, QString::null, CheckBox ) +{ + m_cipher = cipher; + m_bits = bits; + m_module = module; + + QString tmp( i18n("%1 (%2 of %3 bits)") ); + setText( 0, tmp.arg( cipher ).arg( bits ).arg( maxBits )); +} + +void CipherItem::stateChange( bool ) +{ + m_module->configChanged(); +} + +QString CipherItem::configName() const +{ + QString cipherName("cipher_%1"); + return cipherName.arg( m_cipher ); +} + + + +OtherCertItem::OtherCertItem( QListView *view, const QString& sub, const QString& md5, bool perm, int policy, QDateTime exp, KCryptoConfig *module ) + : QListViewItem( view, QString::null ), _sub(sub), _md5(md5), _exp(exp), _perm(perm), _policy(policy) + +{ + m_module = module; +KSSLX509Map cert(sub); + setText(0, cert.getValue("O")); + setText(1, cert.getValue("CN").replace("\n", ", ")); + + if (_exp.date().year() > 3000 || _exp.date().year() < 1900) + _exp.setDate(QDate(3000,1,1)); +} + +void OtherCertItem::stateChange( bool ) +{ + m_module->configChanged(); +} + +QString OtherCertItem::configName() const +{ + return _sub; +} + + +YourCertItem::YourCertItem( QListView *view, QString pkcs, QString pass, QString name, KCryptoConfig *module ) + : QListViewItem( view, QString::null ) + +{ + m_module = module; +KSSLX509Map cert(name); + QString tmp = cert.getValue("CN").replace("\n", ", "); + setText(0, tmp); + setText(1, cert.getValue("Email")); + _pkcs = pkcs; + _name = name; + _pass = pass; +} + +void YourCertItem::stateChange( bool ) +{ + m_module->configChanged(); +} + +QString YourCertItem::configName() const +{ + return _name; +} + + + +CAItem::CAItem( QListView *view, QString name, QString cert, bool site, bool email, bool code, KCryptoConfig *module ) + : QListViewItem( view, QString::null ) + +{ + m_module = module; +KSSLX509Map mcert(name); +QString tmp; + setText(0, mcert.getValue("O")); + tmp = mcert.getValue("OU"); + tmp.replace("\n", ", "); + setText(1, tmp); + tmp = mcert.getValue("CN"); + tmp.replace("\n", ", "); + setText(2, tmp); + _name = name; + _cert = cert; + _site = site; + _email = email; + _code = code; + isNew = false; + modified = false; +} + +void CAItem::stateChange( bool ) +{ + m_module->configChanged(); +} + +QString CAItem::configName() const +{ + return _name; +} + + + + +////////////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////////////// + + + + +KCryptoConfig::KCryptoConfig(QWidget *parent, const char *name, const QStringList &) + : KCModule(KryptoFactory::instance(), parent, name) +{ +QGridLayout *grid; +QBoxLayout *top = new QVBoxLayout(this); +QString whatstr; + + setQuickHelp( i18n("

Crypto

This module allows you to configure SSL for" + " use with most KDE applications, as well as manage your personal" + " certificates and the known certificate authorities.")); + + ___lehack = false; + otherCertDelList.setAutoDelete(true); + yourCertDelList.setAutoDelete(true); + authDelList.setAutoDelete(true); + caDelList.setAutoDelete(true); + + _signers = new KSSLSigners; + + KAboutData *about = + new KAboutData(I18N_NOOP("kcmcrypto"), I18N_NOOP("KDE Crypto Control Module"), + 0, 0, KAboutData::License_GPL, + I18N_NOOP("(c) 2000 - 2001 George Staikos")); + about->addAuthor("George Staikos", 0, "staikos@kde.org"); + about->addAuthor("Carsten Pfeiffer", 0, "pfeiffer@kde.org"); + setAboutData( about ); + + /////////////////////////////////////////////////////////////////////////// + // Create the GUI here - there are currently a total of 6 tabs. + // The first is SSL and cipher related + // The second is OpenSSL settings + // The third is user's SSL certificate related + // The fourth is certificate authentication related + // The fifth is other SSL certificate related + // The sixth is CA related + // The seventh is misc. settings related (unimplemented) + // The eighth is peer [email] certificate related (unimplemented) + /////////////////////////////////////////////////////////////////////////// + + tabs = new QTabWidget(this); + top->addWidget(tabs); + + /////////////////////////////////////////////////////////////////////////// + // FIRST TAB + /////////////////////////////////////////////////////////////////////////// + tabSSL = new QFrame(this); + grid = new QGridLayout(tabSSL, 7, 2, KDialog::marginHint(), + KDialog::spacingHint() ); + mUseTLS = new QCheckBox(i18n("Enable &TLS support if supported by the server"), tabSSL); + connect(mUseTLS, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mUseTLS, 0, 0); + whatstr = i18n("TLS is the newest revision of the SSL protocol." + " It integrates better with other protocols and has" + " replaced SSL in protocols such as POP3 and SMTP."); + QWhatsThis::add(mUseTLS, whatstr); + + mUseSSLv2 = new QCheckBox(i18n("Enable SSLv&2"), tabSSL); + connect(mUseSSLv2, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mUseSSLv2, 1, 0); + whatstr = i18n("SSL v2 is the second revision of the SSL protocol." + " It is most common to enable v2 and v3."); + QWhatsThis::add(mUseSSLv2, whatstr); + + mUseSSLv3 = new QCheckBox(i18n("Enable SSLv&3"), tabSSL); + connect(mUseSSLv3, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mUseSSLv3, 1, 1); + whatstr = i18n("SSL v3 is the third revision of the SSL protocol." + " It is most common to enable v2 and v3."); + QWhatsThis::add(mUseSSLv3, whatstr); + +#ifdef HAVE_SSL + SSLv2Box = new QListView(tabSSL, "v2ciphers"); + (void) SSLv2Box->addColumn(i18n("SSLv2 Ciphers to Use")); + whatstr = i18n("Select the ciphers you wish to enable when using the" + " SSL v2 protocol. The actual protocol used will be" + " negotiated with the server at connection time."); + QWhatsThis::add(SSLv2Box, whatstr); + SSLv2Box->setSelectionMode(QListView::NoSelection); + + grid->addWidget( SSLv2Box, 2, 0 ); + connect( mUseSSLv2, SIGNAL( toggled( bool ) ), + SSLv2Box, SLOT( setEnabled( bool ))); +#else + QLabel *nossllabel = new QLabel(i18n("SSL ciphers cannot be configured" + " because this module was not linked" + " with OpenSSL."), tabSSL); + grid->addMultiCellWidget(nossllabel, 2, 2, 0, 1); + grid->addRowSpacing( 3, 100 ); // give minimum height to look better +#endif + + // no need to parse kdeglobals. + config = new KConfig("cryptodefaults", false, false); + policies = new KSimpleConfig("ksslpolicies", false); + pcerts = new KSimpleConfig("ksslcertificates", false); + authcfg = new KSimpleConfig("ksslauthmap", false); + +#ifdef HAVE_SSL + SSLv3Box = new QListView(tabSSL, "v3ciphers"); + (void) SSLv3Box->addColumn(i18n("SSLv3 Ciphers to Use")); + whatstr = i18n("Select the ciphers you wish to enable when using the" + " SSL v3 protocol. The actual protocol used will be" + " negotiated with the server at connection time."); + QWhatsThis::add(SSLv3Box, whatstr); + SSLv3Box->setSelectionMode(QListView::NoSelection); + grid->addWidget(SSLv3Box, 2, 1); + connect( mUseSSLv3, SIGNAL( toggled( bool ) ), + SSLv3Box, SLOT( setEnabled( bool ))); + + loadCiphers(); + + // + // CipherWizards + // + QHGroupBox *cwbg = new QHGroupBox(i18n("Cipher Wizard"), tabSSL); + QComboBox *cwcb = new QComboBox(cwbg); + grid->addMultiCellWidget(cwbg, 3, 3, 0, 1); + QString whatStr = i18n("Use these preconfigurations to more easily configure the SSL encryption settings. You can choose among the following modes:
    "); + + cwcb->insertItem(QString::null); + cwcb->insertItem(i18n("Most Compatible")); + whatStr += i18n("
  • Most Compatible: Select the settings found to be most compatible.
    • "); + cwcb->insertItem(i18n("US Ciphers Only")); + whatStr += i18n("
  • US Ciphers Only: Select only the US strong (>= 128 bit) encryption ciphers.
    • "); + cwcb->insertItem(i18n("Export Ciphers Only")); + whatStr += i18n("
  • Export Ciphers Only: Select only the weak ciphers (<= 56 bit).
    • "); + cwcb->insertItem(i18n("Enable All")); + whatStr += i18n("
  • Enable All: Select all SSL ciphers and methods.
"); + + QWhatsThis::add(cwcb, whatStr); + + connect(cwcb, SIGNAL(activated(int)), SLOT(slotSelectCipher(int))); + + + + +#endif + + mWarnOnEnter = new QCheckBox(i18n("Warn on &entering SSL mode"), tabSSL); + connect(mWarnOnEnter, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mWarnOnEnter, 5, 0); + whatstr = i18n("If selected, you will be notified when entering an SSL" + " enabled site"); + QWhatsThis::add(mWarnOnEnter, whatstr); + + mWarnOnLeave = new QCheckBox(i18n("Warn on &leaving SSL mode"), tabSSL); + connect(mWarnOnLeave, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mWarnOnLeave, 5, 1); + whatstr = i18n("If selected, you will be notified when leaving an SSL" + " based site."); + QWhatsThis::add(mWarnOnLeave, whatstr); + + mWarnOnUnencrypted = new QCheckBox(i18n("Warn on sending &unencrypted data"), tabSSL); + connect(mWarnOnUnencrypted, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mWarnOnUnencrypted, 6, 0); + whatstr = i18n("If selected, you will be notified before sending" + " unencrypted data via a web browser."); + QWhatsThis::add(mWarnOnUnencrypted, whatstr); + +#if 0 // NOT IMPLEMENTED IN KDE 3.0 + mWarnOnMixed = new QCheckBox(i18n("Warn on &mixed SSL/non-SSL pages"), tabSSL); + connect(mWarnOnMixed, SIGNAL(clicked()), SLOT(configChanged())); + grid->addWidget(mWarnOnMixed, 6, 1); + whatstr = i18n("If selected, you will be notified if you view a page" + " that has both encrypted and non-encrypted parts."); + QWhatsThis::add(mWarnOnMixed, whatstr); +#endif + + /////////////////////////////////////////////////////////////////////////// + // SECOND TAB + /////////////////////////////////////////////////////////////////////////// + +#ifdef HAVE_SSL + tabOSSL = new QFrame(this); + QBoxLayout *vbox = new QVBoxLayout(tabOSSL, KDialog::marginHint(), KDialog::spacingHint()); + + oInfo = new QVGroupBox(i18n("Path to OpenSSL Shared Libraries"), tabOSSL); + vbox->addWidget(oInfo); + oPath = new KURLRequester(oInfo); + oPath->setMode(KFile::Directory); + oTest = new QPushButton(i18n("&Test"), oInfo); + connect(oTest, SIGNAL(clicked()), SLOT(slotTestOSSL())); + + connect(oPath, SIGNAL(textChanged(const QString&)), SLOT(configChanged())); + + // + // Settings for the EGD + // + QFrame *eFrame = new QFrame(tabOSSL); + QVBoxLayout *egrid = new QVBoxLayout(eFrame); + mUseEGD = new QCheckBox(i18n("Use EGD"), eFrame); + connect(mUseEGD, SIGNAL(clicked()), SLOT(slotUseEGD())); + mUseEFile = new QCheckBox(i18n("Use entropy file"), eFrame); + connect(mUseEFile, SIGNAL(clicked()), SLOT(slotUseEFile())); + vbox->addWidget(eFrame); + egrid->addWidget(mUseEGD); + egrid->addWidget(mUseEFile); + QFrame *egdframe = new QFrame(tabOSSL); + QGridLayout *grid2 = new QGridLayout(egdframe, 2, 2, KDialog::marginHint(), + KDialog::spacingHint()); + mEGDLabel = new QLabel(i18n("Path to EGD:"), egdframe); + grid2->addWidget(mEGDLabel, 0, 0); + mEGDPath = new KURLRequester(egdframe); + grid2->addWidget(mEGDPath, 0, 1); + connect(mEGDPath, SIGNAL(textChanged(const QString&)), SLOT(configChanged())); + vbox->addWidget(egdframe); + whatstr = i18n("If selected, OpenSSL will be asked to use the entropy gathering" + " daemon (EGD) for initializing the pseudo-random number generator."); + QWhatsThis::add(mUseEGD, whatstr); + whatstr = i18n("If selected, OpenSSL will be asked to use the given file" + " as entropy for initializing the pseudo-random number generator."); + QWhatsThis::add(mUseEFile, whatstr); + whatstr = i18n("Enter the path to the socket created by the entropy gathering" + " daemon (or the entropy file) here."); + QWhatsThis::add(mEGDPath, whatstr); + whatstr = i18n("Click here to browse for the EGD socket file."); + QWhatsThis::add(mEGDPath, whatstr); + + vbox->addStretch(); +#endif + + + + /////////////////////////////////////////////////////////////////////////// + // THIRD TAB + /////////////////////////////////////////////////////////////////////////// + tabYourSSLCert = new QFrame(this); + +#ifdef HAVE_SSL + grid = new QGridLayout(tabYourSSLCert, 16, 6, KDialog::marginHint(), KDialog::spacingHint() ); + + yourSSLBox = new QListView(tabYourSSLCert); + yourSSLBox->setAllColumnsShowFocus(true); + whatstr = i18n("This list box shows which certificates of yours KDE" + " knows about. You can easily manage them from here."); + QWhatsThis::add(yourSSLBox, whatstr); + grid->addMultiCellWidget(yourSSLBox, 0, 5, 0, 4); + yourSSLBox->addColumn(i18n("Common Name")); + yourSSLBox->addColumn(i18n("Email Address")); + connect(yourSSLBox, SIGNAL(selectionChanged()), SLOT(slotYourCertSelect())); + + yourSSLImport = new QPushButton(i18n("I&mport..."), tabYourSSLCert); + connect(yourSSLImport, SIGNAL(clicked()), SLOT(slotYourImport())); + grid->addWidget(yourSSLImport, 0, 5); + + yourSSLExport = new QPushButton(i18n("&Export..."), tabYourSSLCert); + yourSSLExport->setEnabled(false); + connect(yourSSLExport, SIGNAL(clicked()), SLOT(slotYourExport())); + grid->addWidget(yourSSLExport, 1, 5); + + yourSSLRemove = new QPushButton(i18n("Remo&ve"), tabYourSSLCert); + yourSSLRemove->setEnabled(false); + connect(yourSSLRemove, SIGNAL(clicked()), SLOT(slotYourRemove())); + grid->addWidget(yourSSLRemove, 2, 5); + + yourSSLUnlock = new QPushButton(i18n("&Unlock"), tabYourSSLCert); + yourSSLUnlock->setEnabled(false); + connect(yourSSLUnlock, SIGNAL(clicked()), SLOT(slotYourUnlock())); + grid->addWidget(yourSSLUnlock, 3, 5); + + yourSSLVerify = new QPushButton(i18n("Verif&y"), tabYourSSLCert); + yourSSLVerify->setEnabled(false); + connect(yourSSLVerify, SIGNAL(clicked()), SLOT(slotYourVerify())); + grid->addWidget(yourSSLVerify, 4, 5); + + yourSSLPass = new QPushButton(i18n("Chan&ge Password..."), tabYourSSLCert); + yourSSLPass->setEnabled(false); + connect(yourSSLPass, SIGNAL(clicked()), SLOT(slotYourPass())); + grid->addWidget(yourSSLPass, 5, 5); + + grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabYourSSLCert), 6, 6, 0, 5); + ySubject = KSSLInfoDlg::certInfoWidget(tabYourSSLCert, QString(QString::null)); + yIssuer = KSSLInfoDlg::certInfoWidget(tabYourSSLCert, QString(QString::null)); + grid->addMultiCellWidget(ySubject, 7, 11, 0, 2); + grid->addMultiCellWidget(yIssuer, 7, 11, 3, 5); + whatstr = i18n("This is the information known about the owner of the certificate."); + QWhatsThis::add(ySubject, whatstr); + whatstr = i18n("This is the information known about the issuer of the certificate."); + QWhatsThis::add(yIssuer, whatstr); + + grid->addWidget(new QLabel(i18n("Valid from:"), tabYourSSLCert), 12, 0); + grid->addWidget(new QLabel(i18n("Valid until:"), tabYourSSLCert), 13, 0); + yValidFrom = new QLabel(tabYourSSLCert); + grid->addWidget(yValidFrom, 12, 1); + yValidUntil = new QLabel(tabYourSSLCert); + grid->addWidget(yValidUntil, 13, 1); + whatstr = i18n("The certificate is valid starting at this date."); + QWhatsThis::add(yValidFrom, whatstr); + whatstr = i18n("The certificate is valid until this date."); + QWhatsThis::add(yValidUntil, whatstr); + grid->addWidget(new QLabel(i18n("MD5 digest:"), tabYourSSLCert), 14, 0); + yHash = new QLabel(tabYourSSLCert); + grid->addWidget(yHash, 14, 1); + whatstr = i18n("A hash of the certificate used to identify it quickly."); + QWhatsThis::add(yHash, whatstr); + +#if 0 + QHButtonGroup *ocbg = new QHButtonGroup(i18n("On SSL Connection..."), tabYourSSLCert); + yourSSLUseDefault = new QRadioButton(i18n("&Use default certificate"), ocbg); + yourSSLList = new QRadioButton(i18n("&List upon connection"), ocbg); + yourSSLDont = new QRadioButton(i18n("&Do not use certificates"), ocbg); + grid->addMultiCellWidget(ocbg, 14, 14, 0, 5); +#endif +#else + nossllabel = new QLabel(i18n("SSL certificates cannot be managed" + " because this module was not linked" + " with OpenSSL."), tabYourSSLCert); + grid->addMultiCellWidget(nossllabel, 3, 3, 0, 5); +#endif + + + /////////////////////////////////////////////////////////////////////////// + // FOURTH TAB + /////////////////////////////////////////////////////////////////////////// + tabAuth = new QFrame(this); + +#ifdef HAVE_SSL + grid = new QGridLayout(tabAuth, 20, 6, KDialog::marginHint(), KDialog::spacingHint()); + + grid->addMultiCellWidget(new QLabel(i18n("Default Authentication Certificate"), tabAuth), 0, 0, 0, 2); + defCertBG = new QVButtonGroup(i18n("Default Action"), tabAuth); + defSend = new QRadioButton(i18n("&Send"), defCertBG); + defPrompt = new QRadioButton(i18n("&Prompt"), defCertBG); + defDont = new QRadioButton(i18n("Do ¬ send"), defCertBG); + grid->addMultiCellWidget(defCertBG, 1, 3, 0, 2); + grid->addMultiCellWidget(new QLabel(i18n("Default certificate:"), tabAuth), 1, 1, 3, 5); + defCertBox = new KComboBox(false, tabAuth); + grid->addMultiCellWidget(defCertBox, 2, 2, 3, 5); + + grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabAuth), 4, 4, 0, 5); + + + grid->addMultiCellWidget(new QLabel(i18n("Host authentication:"), tabAuth), 5, 5, 0, 1); + hostAuthList = new QListView(tabAuth); + hostAuthList->setAllColumnsShowFocus(true); + grid->addMultiCellWidget(hostAuthList, 6, 13, 0, 5); + hostAuthList->addColumn(i18n("Host")); + hostAuthList->addColumn(i18n("Certificate")); + hostAuthList->addColumn(i18n("Policy")); + + grid->addWidget(new QLabel(i18n("Host:"), tabAuth), 14, 0); + grid->addWidget(new QLabel(i18n("Certificate:"), tabAuth), 15, 0); + + authHost = new QLineEdit(tabAuth); + grid->addMultiCellWidget(authHost, 14, 14, 1, 4); + hostCertBox = new KComboBox(false, tabAuth); + grid->addMultiCellWidget(hostCertBox, 15, 15, 1, 4); + + hostCertBG = new QHButtonGroup(i18n("Action"), tabAuth); + hostSend = new QRadioButton(i18n("Send"), hostCertBG); + hostPrompt = new QRadioButton(i18n("Prompt"), hostCertBG); + hostDont = new QRadioButton(i18n("Do not send"), hostCertBG); + grid->addMultiCellWidget(hostCertBG, 16, 16, 0, 5); + + authAdd = new QPushButton(i18n("Ne&w"), tabAuth); + authRemove = new QPushButton(i18n("Remo&ve"), tabAuth); + grid->addWidget(authAdd, 17, 4); + grid->addWidget(authRemove, 17, 5); + + authHost->setEnabled(false); + hostCertBox->setEnabled(false); + hostCertBG->setEnabled(false); + authRemove->setEnabled(false); + + connect(defCertBox, SIGNAL(activated(int)), this, SLOT(configChanged())); + connect(defCertBG, SIGNAL(clicked(int)), this, SLOT(configChanged())); + connect(hostAuthList, SIGNAL(selectionChanged()), this, SLOT(slotAuthItemChanged())); + connect(authAdd, SIGNAL(clicked()), this, SLOT(slotNewHostAuth())); + connect(authRemove, SIGNAL(clicked()), this, SLOT(slotRemoveHostAuth())); + connect(authHost, SIGNAL(textChanged(const QString &)), this, SLOT(slotAuthText(const QString &))); + connect(hostCertBG, SIGNAL(clicked(int)), this, SLOT(slotAuthButtons())); + connect(hostCertBox, SIGNAL(activated(int)), this, SLOT(slotAuthCombo())); + +#else + nossllabel = new QLabel(i18n("SSL certificates cannot be managed" + " because this module was not linked" + " with OpenSSL."), tabAuth); + grid->addMultiCellWidget(nossllabel, 3, 3, 0, 5); +#endif + + + + /////////////////////////////////////////////////////////////////////////// + // FIFTH TAB + /////////////////////////////////////////////////////////////////////////// + tabOtherSSLCert = new QFrame(this); + +#ifdef HAVE_SSL + oGrid = grid = new QGridLayout(tabOtherSSLCert, 21, 6, KDialog::marginHint(), KDialog::spacingHint()); + + otherSSLBox = new QListView(tabOtherSSLCert); + otherSSLBox->setAllColumnsShowFocus(true); + connect(otherSSLBox, SIGNAL(selectionChanged()), SLOT(slotOtherCertSelect())); + whatstr = i18n("This list box shows which site and person certificates KDE" + " knows about. You can easily manage them from here."); + QWhatsThis::add(otherSSLBox, whatstr); + otherSSLBox->addColumn(i18n("Organization")); + otherSSLBox->addColumn(i18n("Common Name")); + grid->addMultiCellWidget(otherSSLBox, 0, 7, 0, 4); + + otherSSLExport = new QPushButton(i18n("&Export..."), tabOtherSSLCert); + connect(otherSSLExport, SIGNAL(clicked()), SLOT(slotExportCert())); + grid->addWidget(otherSSLExport, 0, 5); + whatstr = i18n("This button allows you to export the selected certificate" + " to a file of various formats."); + QWhatsThis::add(otherSSLExport, whatstr); + + otherSSLRemove = new QPushButton(i18n("&Remove"), tabOtherSSLCert); + connect(otherSSLRemove, SIGNAL(clicked()), SLOT(slotRemoveCert())); + grid->addWidget(otherSSLRemove, 1, 5); + whatstr = i18n("This button removes the selected certificate" + " from the certificate cache."); + QWhatsThis::add(otherSSLRemove, whatstr); + + otherSSLVerify = new QPushButton(i18n("&Verify"), tabOtherSSLCert); + connect(otherSSLVerify, SIGNAL(clicked()), SLOT(slotVerifyCert())); + grid->addWidget(otherSSLVerify, 2, 5); + whatstr = i18n("This button tests the selected certificate" + " for validity."); + QWhatsThis::add(otherSSLVerify, whatstr); + + otherSSLExport->setEnabled(false); + otherSSLVerify->setEnabled(false); + otherSSLRemove->setEnabled(false); + + grid->addMultiCellWidget(new KSeparator(KSeparator::HLine, tabOtherSSLCert), 8, 8, 0, 5); + oSubject = KSSLInfoDlg::certInfoWidget(tabOtherSSLCert, QString(QString::null)); + oIssuer = KSSLInfoDlg::certInfoWidget(tabOtherSSLCert, QString(QString::null)); + grid->addMultiCellWidget(oSubject, 9, 13, 0, 2); + grid->addMultiCellWidget(oIssuer, 9, 13, 3, 5); + whatstr = i18n("This is the information known about the owner of the certificate."); + QWhatsThis::add(oSubject, whatstr); + whatstr = i18n("This is the information known about the issuer of the certificate."); + QWhatsThis::add(oIssuer, whatstr); + + fromLabel = new QLabel(i18n("Valid from:"), tabOtherSSLCert); + untilLabel = new QLabel(i18n("Valid until:"), tabOtherSSLCert); + grid->addWidget(fromLabel, 14, 0); + grid->addWidget(untilLabel, 15, 0); + fromLabel->setEnabled(false); + untilLabel->setEnabled(false); + validFrom = new QLabel(tabOtherSSLCert); + grid->addWidget(validFrom, 14, 1); + validUntil = new QLabel(tabOtherSSLCert); + grid->addWidget(validUntil, 15, 1); + whatstr = i18n("The certificate is valid starting at this date."); + QWhatsThis::add(validFrom, whatstr); + whatstr = i18n("The certificate is valid until this date."); + QWhatsThis::add(validUntil, whatstr); + + cacheGroup = new QVButtonGroup(i18n("Cache"), tabOtherSSLCert); + cachePerm = new QRadioButton(i18n("Permanentl&y"), cacheGroup); + cacheUntil = new QRadioButton(i18n("&Until"), cacheGroup); + untilDate = new KURLLabel(QString::null, QString::null, cacheGroup); + cacheGroup->setEnabled(false); + grid->addMultiCellWidget(cacheGroup, 16, 19, 0, 2); + + cachePerm->setEnabled(false); + cacheUntil->setEnabled(false); + untilDate->setEnabled(false); + connect(cachePerm, SIGNAL(clicked()), SLOT(slotPermanent())); + connect(cacheUntil, SIGNAL(clicked()), SLOT(slotUntil())); + connect(untilDate, SIGNAL(leftClickedURL()), SLOT(slotDatePick())); + whatstr = i18n("Select here to make the cache entry permanent."); + QWhatsThis::add(cachePerm, whatstr); + whatstr = i18n("Select here to make the cache entry temporary."); + QWhatsThis::add(cacheUntil, whatstr); + whatstr = i18n("The date and time until the certificate cache entry should expire."); + QWhatsThis::add(untilDate, whatstr); + + policyGroup = new QVButtonGroup(i18n("Policy"), tabOtherSSLCert); + policyAccept = new QRadioButton(i18n("Accep&t"), policyGroup); + policyReject = new QRadioButton(i18n("Re&ject"), policyGroup); + policyPrompt = new QRadioButton(i18n("&Prompt"), policyGroup); + policyGroup->setEnabled(false); + grid->addMultiCellWidget(policyGroup, 16, 19, 3, 5); + connect(policyGroup, SIGNAL(clicked(int)), SLOT(slotPolicyChanged(int))); + whatstr = i18n("Select this to always accept this certificate."); + QWhatsThis::add(policyAccept, whatstr); + whatstr = i18n("Select this to always reject this certificate."); + QWhatsThis::add(policyReject, whatstr); + whatstr = i18n("Select this if you wish to be prompted for action when receiving this certificate."); + QWhatsThis::add(policyPrompt, whatstr); + grid->addWidget(new QLabel(i18n("MD5 digest:"), tabOtherSSLCert), 20, 0); + pHash = new QLabel(tabOtherSSLCert); + grid->addWidget(pHash, 20, 1); + whatstr = i18n("A hash of the certificate used to identify it quickly."); + QWhatsThis::add(pHash, whatstr); + +#else + nossllabel = new QLabel(i18n("SSL certificates cannot be managed" + " because this module was not linked" + " with OpenSSL."), tabOtherSSLCert); + grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1); +#endif + + + /////////////////////////////////////////////////////////////////////////// + // SIXTH TAB + /////////////////////////////////////////////////////////////////////////// + tabSSLCA = new QFrame(this); + +#ifdef HAVE_SSL + grid = new QGridLayout(tabSSLCA, 11, 8, KDialog::marginHint(), KDialog::spacingHint()); + + caList = new QListView(tabSSLCA); + caList->setAllColumnsShowFocus(true); + whatstr = i18n("This list box shows which certificate authorities KDE" + " knows about. You can easily manage them from here."); + QWhatsThis::add(caList, whatstr); + grid->addMultiCellWidget(caList, 0, 3, 0, 6); + caList->addColumn(i18n("Organization")); + caList->addColumn(i18n("Organizational Unit")); + caList->addColumn(i18n("Common Name")); + connect(caList, SIGNAL(selectionChanged()), SLOT(slotCAItemChanged())); + + caSSLImport = new QPushButton(i18n("I&mport..."), tabSSLCA); + connect(caSSLImport, SIGNAL(clicked()), SLOT(slotCAImport())); + grid->addWidget(caSSLImport, 0, 7); + + caSSLRemove = new QPushButton(i18n("&Remove"), tabSSLCA); + connect(caSSLRemove, SIGNAL(clicked()), SLOT(slotCARemove())); + grid->addWidget(caSSLRemove, 1, 7); + caSSLRemove->setEnabled(false); + + caSSLRestore = new QPushButton(i18n("Res&tore"), tabSSLCA); + connect(caSSLRestore, SIGNAL(clicked()), SLOT(slotCARestore())); + grid->addWidget(caSSLRestore, 2, 7); + + caSubject = KSSLInfoDlg::certInfoWidget(tabSSLCA, QString(QString::null)); + caIssuer = KSSLInfoDlg::certInfoWidget(tabSSLCA, QString(QString::null)); + grid->addMultiCellWidget(caSubject, 4, 6, 0, 3); + grid->addMultiCellWidget(caIssuer, 4, 6, 4, 7); + + // Accept for Web Site Signing, Email Signing, Code Signing + caSite = new QCheckBox(i18n("Accept for site signing"), tabSSLCA); + caEmail = new QCheckBox(i18n("Accept for email signing"), tabSSLCA); + caCode = new QCheckBox(i18n("Accept for code signing"), tabSSLCA); + grid->addMultiCellWidget(caSite, 7, 7, 0, 3); + connect(caSite, SIGNAL(clicked()), SLOT(slotCAChecked())); + grid->addMultiCellWidget(caEmail, 8, 8, 0, 3); + connect(caEmail, SIGNAL(clicked()), SLOT(slotCAChecked())); + grid->addMultiCellWidget(caCode, 9, 9, 0, 3); + connect(caCode, SIGNAL(clicked()), SLOT(slotCAChecked())); + caSite->setEnabled(false); + caEmail->setEnabled(false); + caCode->setEnabled(false); + grid->addWidget(new QLabel(i18n("MD5 digest:"), tabSSLCA), 10, 0); + cHash = new QLabel(tabSSLCA); + grid->addWidget(cHash, 10, 1); + whatstr = i18n("A hash of the certificate used to identify it quickly."); + QWhatsThis::add(cHash, whatstr); + +#else + nossllabel = new QLabel(i18n("SSL certificates cannot be managed" + " because this module was not linked" + " with OpenSSL."), tabSSLCA); + grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1); +#endif + + +#if 0 + /////////////////////////////////////////////////////////////////////////// + // SEVENTH TAB + /////////////////////////////////////////////////////////////////////////// + tabSSLCOpts = new QFrame(this); + +#ifdef HAVE_SSL + grid = new QGridLayout(tabSSLCOpts, 9, 4, KDialog::marginHint(), KDialog::spacingHint()); + mWarnSelfSigned = new QCheckBox(i18n("Warn on &self-signed certificates or unknown CA's"), tabSSLCOpts); + connect(mWarnSelfSigned, SIGNAL(clicked()), SLOT(configChanged())); + mWarnExpired = new QCheckBox(i18n("Warn on &expired certificates"), tabSSLCOpts); + connect(mWarnExpired, SIGNAL(clicked()), SLOT(configChanged())); + mWarnRevoked = new QCheckBox(i18n("Warn on re&voked certificates"), tabSSLCOpts); + connect(mWarnRevoked, SIGNAL(clicked()), SLOT(configChanged())); + grid->addMultiCellWidget(mWarnSelfSigned, 0, 0, 0, 3); + grid->addMultiCellWidget(mWarnExpired, 1, 1, 0, 3); + grid->addMultiCellWidget(mWarnRevoked, 2, 2, 0, 3); + + macCert = new QLineEdit(tabSSLCOpts); + grid->addMultiCellWidget(macCert, 4, 4, 0, 2); + + macBox = new QListBox(tabSSLCOpts); + whatstr = i18n("This list box shows which sites you have decided to accept" + " a certificate from even though the certificate might fail" + " the validation procedure."); + QWhatsThis::add(macBox, whatstr); + caSSLBox->setSelectionMode(QListBox::Single); + caSSLBox->setColumnMode(QListBox::FixedNumber); + grid->addMultiCellWidget(macBox, 5, 8, 0, 2); + + macAdd = new QPushButton(i18n("&Add"), tabSSLCOpts); + //connect(macAdd, SIGNAL(), SLOT()); + grid->addWidget(macAdd, 4, 3); + + macRemove = new QPushButton(i18n("&Remove"), tabSSLCOpts); + //connect(macRemove, SIGNAL(), SLOT()); + grid->addWidget(macRemove, 5, 3); + + macClear = new KPushButton(KGuiItem::clear(), tabSSLCOpts); + //connect(macAdd, SIGNAL(), SLOT()); + grid->addWidget(macClear, 6, 3); + +#else + nossllabel = new QLabel(i18n("These options are not configurable" + " because this module was not linked" + " with OpenSSL."), tabSSLCOpts); + grid->addMultiCellWidget(nossllabel, 1, 1, 0, 1); +#endif +#endif + + /////////////////////////////////////////////////////////////////////////// + // Add the tabs and startup + /////////////////////////////////////////////////////////////////////////// + tabs->addTab(tabSSL, i18n("SSL")); +#ifdef HAVE_SSL + tabs->addTab(tabOSSL, i18n("OpenSSL")); +#endif + tabs->addTab(tabYourSSLCert, i18n("Your Certificates")); + tabs->addTab(tabAuth, i18n("Authentication")); + tabs->addTab(tabOtherSSLCert, i18n("Peer SSL Certificates")); + tabs->addTab(tabSSLCA, i18n("SSL Signers")); + +#if 0 + tabs->addTab(tabSSLCOpts, i18n("Validation Options")); +#endif + + tabs->resize(tabs->sizeHint()); + load(); +} + +KCryptoConfig::~KCryptoConfig() +{ + delete config; + delete policies; + delete pcerts; + delete authcfg; + delete _signers; +} + +void KCryptoConfig::configChanged() +{ + emit changed(true); +} + +void KCryptoConfig::load() +{ + load( false ); +} + +void KCryptoConfig::load( bool useDefaults ) +{ + config->setReadDefaults( useDefaults ); +#ifdef HAVE_SSL + otherCertDelList.clear(); + yourCertDelList.clear(); + authDelList.clear(); + caDelList.clear(); + config->setGroup("TLS"); + mUseTLS->setChecked(config->readBoolEntry("Enabled", true)); + + config->setGroup("SSLv2"); + mUseSSLv2->setChecked(config->readBoolEntry("Enabled", true)); + + config->setGroup("SSLv3"); + mUseSSLv3->setChecked(config->readBoolEntry("Enabled", true)); + + config->setGroup("Warnings"); + mWarnOnEnter->setChecked(config->readBoolEntry("OnEnter", false)); + mWarnOnLeave->setChecked(config->readBoolEntry("OnLeave", true)); + mWarnOnUnencrypted->setChecked(config->readBoolEntry("OnUnencrypted", true)); + +#if 0 // NOT IMPLEMENTED IN KDE 2.0 + mWarnOnMixed->setChecked(config->readBoolEntry("OnMixed", true)); + + config->setGroup("Validation"); + mWarnSelfSigned->setChecked(config->readBoolEntry("WarnSelfSigned", true)); + mWarnExpired->setChecked(config->readBoolEntry("WarnExpired", true)); + mWarnRevoked->setChecked(config->readBoolEntry("WarnRevoked", true)); +#endif + + config->setGroup("EGD"); + slotUseEGD(); // set the defaults + if (config->readBoolEntry("UseEGD", false)) { + mUseEGD->setChecked(true); + slotUseEGD(); + } else if (config->readBoolEntry("UseEFile", false)) { + mUseEFile->setChecked(true); + slotUseEFile(); + } + mEGDPath->setURL(config->readPathEntry("EGDPath")); + + +#ifdef HAVE_SSL + config->setGroup("OpenSSL"); + oPath->setURL(config->readPathEntry("Path")); +#endif + + config->setGroup("SSLv2"); + CipherItem *item = static_cast(SSLv2Box->firstChild()); + while ( item ) { + item->setOn(config->readBoolEntry(item->configName(), + item->bits() >= 56)); + item = static_cast(item->nextSibling()); + } + + config->setGroup("SSLv3"); + item = static_cast(SSLv3Box->firstChild()); + while ( item ) { + item->setOn(config->readBoolEntry(item->configName(), + item->bits() >= 56)); + item = static_cast(item->nextSibling()); + } + + SSLv2Box->setEnabled( mUseSSLv2->isChecked() ); + SSLv3Box->setEnabled( mUseSSLv3->isChecked() ); + + QStringList groups = policies->groupList(); + + otherSSLBox->clear(); + for (QStringList::Iterator i = groups.begin(); i != groups.end(); ++i) { + if ((*i).isEmpty() || *i == "" || *i == "General") continue; + policies->setGroup(*i); + KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit()); + if (cert) { + new OtherCertItem(otherSSLBox, cert->getSubject(), *i, + policies->readBoolEntry("Permanent", true), + policies->readNumEntry("Policy", 3), + policies->readDateTimeEntry("Expires"), this ); + delete cert; + } + } + + groups = pcerts->groupList(); + + yourSSLBox->clear(); + for (QStringList::Iterator i = groups.begin(); i != groups.end(); ++i) { + if ((*i).isEmpty() || *i == "") continue; + pcerts->setGroup(*i); + YourCertItem *j = new YourCertItem(yourSSLBox, + pcerts->readEntry("PKCS12Base64"), + pcerts->readEntry("Password"), + *i, this ); + j->setPassCache(QString::null); + } + + setAuthCertLists(); + + config->setGroup("Auth"); + QString whichAuth = config->readEntry("AuthMethod", "none"); + if (whichAuth == "send") + defCertBG->setButton(defCertBG->id(defSend)); + else if (whichAuth == "prompt") + defCertBG->setButton(defCertBG->id(defPrompt)); + else + defCertBG->setButton(defCertBG->id(defDont)); + + QString whichCert = config->readEntry("DefaultCert"); + defCertBox->setCurrentItem(0); + for (int i = 0; i < defCertBox->count(); i++) { + if (defCertBox->text(i) == whichCert) { + defCertBox->setCurrentItem(i); + break; + } + } + hostAuthList->clear(); + groups = authcfg->groupList(); + for (QStringList::Iterator i = groups.begin(); + i != groups.end(); + ++i) { + if ((*i).isEmpty() || *i == "") continue; + authcfg->setGroup(*i); + KSSLCertificateHome::KSSLAuthAction aa = KSSLCertificateHome::AuthDont; + if (authcfg->readBoolEntry("send", false) == true) + aa = KSSLCertificateHome::AuthSend; + else if (authcfg->readBoolEntry("prompt", false) == true) + aa = KSSLCertificateHome::AuthPrompt; + HostAuthItem *j = new HostAuthItem(hostAuthList, + KResolver::domainToAscii(*i), + authcfg->readEntry("certificate"), + this ); + j->setAction(aa); + j->setOriginalName(*i); + } + + groups = _signers->list(); + KConfig sigcfg("ksslcalist", true, false); + caList->clear(); + for (QStringList::Iterator i = groups.begin(); + i != groups.end(); + ++i) { + if ((*i).isEmpty() || *i == "") continue; + if (!sigcfg.hasGroup(*i)) continue; + sigcfg.setGroup(*i); + if (!sigcfg.hasKey("x509")) continue; + new CAItem(caList, + (*i), + sigcfg.readEntry("x509"), + sigcfg.readBoolEntry("site", false), + sigcfg.readBoolEntry("email", false), + sigcfg.readBoolEntry("code", false), + this ); + } + + slotCAItemChanged(); + slotOtherCertSelect(); + slotYourCertSelect(); +#endif + + emit changed( useDefaults ); +} + +void KCryptoConfig::save() +{ +#ifdef HAVE_SSL + if (!mUseSSLv2->isChecked() && + !mUseSSLv3->isChecked()) + KMessageBox::information(this, i18n("If you do not select at least one" + " SSL algorithm, either SSL will not" + " work or the application may be" + " forced to choose a suitable default."), + i18n("SSL")); + + config->setGroup("TLS"); + config->writeEntry("Enabled", mUseTLS->isChecked()); + + config->setGroup("SSLv2"); + config->writeEntry("Enabled", mUseSSLv2->isChecked()); + + config->setGroup("SSLv3"); + config->writeEntry("Enabled", mUseSSLv3->isChecked()); + + config->setGroup("Warnings"); + config->writeEntry("OnEnter", mWarnOnEnter->isChecked()); + config->writeEntry("OnLeave", mWarnOnLeave->isChecked()); + config->writeEntry("OnUnencrypted", mWarnOnUnencrypted->isChecked()); + + config->setGroup("EGD"); + config->writeEntry("UseEGD", mUseEGD->isChecked()); + config->writeEntry("UseEFile", mUseEFile->isChecked()); + config->writePathEntry("EGDPath", mEGDPath->url()); + +#if 0 // NOT IMPLEMENTED IN KDE 2.0 + config->writeEntry("OnMixed", mWarnOnMixed->isChecked()); + + config->setGroup("Validation"); + config->writeEntry("WarnSelfSigned", mWarnSelfSigned->isChecked()); + config->writeEntry("WarnExpired", mWarnExpired->isChecked()); + config->writeEntry("WarnRevoked", mWarnRevoked->isChecked()); +#endif + +#ifdef HAVE_SSL + config->setGroup("OpenSSL"); + config->writePathEntry("Path", oPath->url()); +#endif + + int ciphercount = 0; + config->setGroup("SSLv2"); + CipherItem *item = static_cast(SSLv2Box->firstChild()); + while ( item ) { + if (item->isOn()) { + config->writeEntry(item->configName(), true); + ciphercount++; + } else config->writeEntry(item->configName(), false); + + item = static_cast(item->nextSibling()); + } + + if (mUseSSLv2->isChecked() && ciphercount == 0) + KMessageBox::information(this, i18n("If you do not select at least one" + " cipher, SSLv2 will not work."), + i18n("SSLv2 Ciphers")); + + ciphercount = 0; + config->setGroup("SSLv3"); + item = static_cast(SSLv3Box->firstChild()); + while ( item ) { + if (item->isOn()) { + config->writeEntry(item->configName(), true); + ciphercount++; + } else config->writeEntry(item->configName(), false); + + item = static_cast(item->nextSibling()); + } + + KSSLCertificateCache _cc; + + if (mUseSSLv3->isChecked() && ciphercount == 0) + KMessageBox::information(this, i18n("If you do not select at least one" + " cipher, SSLv3 will not work."), + i18n("SSLv3 Ciphers")); + // SSL Policies code + for (OtherCertItem *x = otherCertDelList.first(); x != 0; x = otherCertDelList.next()) { + KSSLX509Map cert(x->configName()); + QString thisCN = cert.getValue("CN"); + _cc.removeByCN(thisCN); + otherCertDelList.remove(x); + } + // Go through the non-deleted ones and save them + for (OtherCertItem *x = + static_cast(otherSSLBox->firstChild()); + x; + x = static_cast(x->nextSibling())) { + KSSLX509Map cert(x->configName()); + QString thisCN = cert.getValue("CN"); + QDateTime expires = x->getExpires(); + _cc.modifyByCN(thisCN, (KSSLCertificateCache::KSSLCertificatePolicy)x->getPolicy(), x->isPermanent(), expires); + } + + // SSL Personal certificates code + for (YourCertItem *x = yourCertDelList.first(); x != 0; x = yourCertDelList.next()) { + pcerts->deleteGroup(x->configName()); + yourCertDelList.remove(x); + } + // Go through the non-deleted ones and save them + for (YourCertItem *x = + static_cast(yourSSLBox->firstChild()); + x; + x = static_cast(x->nextSibling())) { + pcerts->setGroup(x->configName()); + pcerts->writeEntry("PKCS12Base64", x->getPKCS()); + pcerts->writeEntry("Password", x->getPass()); + } + + bool doGen = false; + + // CA certificates code + for (CAItem *x = caDelList.first(); x != 0; x = caDelList.next()) { + _signers->remove(x->configName()); + caDelList.remove(x); + doGen = true; + } + + // Go through the non-deleted ones and save them + for (CAItem *x = static_cast(caList->firstChild()); x; + x = static_cast(x->nextSibling())) { + if (!x->modified && !x->isNew) continue; + if (x->isNew) { + x->isNew = false; + _signers->addCA(x->getCert(), + x->getSite(), + x->getEmail(), + x->getCode()); + } else { + _signers->setUse(x->configName(), + x->getSite(), + x->getEmail(), + x->getCode()); + } + x->modified = false; + doGen = true; + } + + if (doGen) genCAList(); + + + config->setGroup("Auth"); + QString whichAuth = config->readEntry("AuthMethod", "none"); + if (defCertBG->selected() == defSend) + config->writeEntry("AuthMethod", "send"); + else if (defCertBG->selected() == defPrompt) + config->writeEntry("AuthMethod", "prompt"); + else + config->writeEntry("AuthMethod", "none"); + + if (defCertBox->currentItem() == 0) + config->writeEntry("DefaultCert", QString::null); + else config->writeEntry("DefaultCert", defCertBox->currentText()); + + for (HostAuthItem *x = authDelList.first(); x != 0; x = authDelList.next()) { + authcfg->deleteGroup(x->configName()); + authDelList.remove(x); + } + + for (HostAuthItem *x = + static_cast(hostAuthList->firstChild()); + x; + x = static_cast(x->nextSibling())) { + if (!x->originalName().isNull()) + authcfg->deleteGroup(x->originalName()); + } + + for (HostAuthItem *x = + static_cast(hostAuthList->firstChild()); + x; + x = static_cast(x->nextSibling())) { + authcfg->setGroup(KResolver::domainToAscii(x->configName())); + authcfg->writeEntry("certificate", x->getCertName()); + authcfg->writeEntry("prompt", (x->getAction() == KSSLCertificateHome::AuthPrompt)); + authcfg->writeEntry("send", (x->getAction() == KSSLCertificateHome::AuthSend)); + } + +#endif + + config->sync(); + policies->sync(); + pcerts->sync(); + authcfg->sync(); + + // insure proper permissions -- contains sensitive data + QString cfgName(KGlobal::dirs()->findResource("config", "cryptodefaults")); + if (!cfgName.isEmpty()) + ::chmod(QFile::encodeName(cfgName), 0600); + + emit changed(false); +} + +void KCryptoConfig::defaults() +{ + load( true ); +} + +void KCryptoConfig::genCAList() { + _signers->regenerate(); + +} + +void KCryptoConfig::slotSelectCipher(int id) { + switch(id) { + case 1: + cwCompatible(); + break; + case 2: + cwUS(); + break; + case 3: + cwExp(); + break; + case 4: + cwAll(); + } +} + +void KCryptoConfig::cwCompatible() { + #ifdef HAVE_SSL + CipherItem *item; + for ( item = static_cast(SSLv2Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() >= 56 && item->bits() <= 128 ); + } + + for ( item = static_cast(SSLv3Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() >= 56 && item->bits() <= 128 ); + } + + mUseTLS->setChecked(true); + mUseSSLv2->setChecked(true); + mUseSSLv3->setChecked(true); + configChanged(); + #endif +} + + +void KCryptoConfig::cwUS() { + #ifdef HAVE_SSL + CipherItem *item; + for ( item = static_cast(SSLv2Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() >= 128 ); + } + + for ( item = static_cast(SSLv3Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() >= 128 ); + } + + configChanged(); + #endif +} + + +void KCryptoConfig::cwExp() { + #ifdef HAVE_SSL + CipherItem *item; + for ( item = static_cast(SSLv2Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() <= 56 && item->bits() > 0); + } + + for ( item = static_cast(SSLv3Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( item->bits() <= 56 && item->bits() > 0); + } + + configChanged(); + #endif +} + + +void KCryptoConfig::cwAll() { + #ifdef HAVE_SSL + CipherItem *item; + for ( item = static_cast(SSLv2Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( true ); + } + + for ( item = static_cast(SSLv3Box->firstChild()); item; + item = static_cast(item->nextSibling()) ) { + item->setOn( true ); + } + + mUseTLS->setChecked(true); + mUseSSLv2->setChecked(true); + mUseSSLv3->setChecked(true); + configChanged(); + #endif +} + + + +void KCryptoConfig::slotExportCert() { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); + if (x) { + policies->setGroup(x->getMD5()); + KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit()); + if (cert) { + KCertExport kce; + kce.setCertificate(cert); + kce.exec(); + delete cert; + } else KMessageBox::sorry(this, i18n("Could not open the certificate."), + i18n("SSL")); + } +} + + + +void KCryptoConfig::slotRemoveCert() { +QListViewItem *act = otherSSLBox->selectedItem(); +OtherCertItem *x = static_cast(act); + if (x) { + QListViewItem *next = act->itemBelow(); + if (!next) next = act->itemAbove(); + otherSSLBox->takeItem(x); + otherCertDelList.append(x); + configChanged(); + if (next) otherSSLBox->setSelected(next, true); + } +} + + + +void KCryptoConfig::slotVerifyCert() { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); + if (!x) return; + + policies->setGroup(x->getMD5()); + KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit()); + + if (!cert) { + KMessageBox::error(this, i18n("Error obtaining the certificate."), i18n("SSL")); + return; + } + + cert->chain().setCertChain(policies->readListEntry("Chain")); + + KSSLCertificate::KSSLValidation v = cert->revalidate(KSSLCertificate::SSLServer); + + /* + * Don't enable this until we keep this info in the cache + if (v != KSSLCerticiate::Ok) + v = cert->revalidate(KSSLCertificate::SMIMESign); + if (v != KSSLCerticiate::Ok) + v = cert->revalidate(KSSLCertificate::SMIMEEncrypt); + */ + + if (v == KSSLCertificate::Ok) { + KMessageBox::information(this, i18n("This certificate passed the verification tests successfully."), i18n("SSL")); + } else { + KMessageBox::detailedError(this, i18n("This certificate has failed the tests and should be considered invalid."), KSSLCertificate::verifyText(v), i18n("SSL")); + } + + delete cert; +} + + + +void KCryptoConfig::slotUntil() { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); + + cachePerm->setChecked(false); + untilDate->setEnabled(true); + + if (!x) return; + x->setPermanent(false); + + configChanged(); +} + + + +void KCryptoConfig::slotPermanent() { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); + + cacheUntil->setChecked(false); + untilDate->setEnabled(false); + + if (!x) return; + x->setPermanent(true); + + configChanged(); +} + + + +void KCryptoConfig::slotPolicyChanged(int id) { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); +if (!x) return; + + if (id == policyGroup->id(policyAccept)) { + x->setPolicy(KSSLCertificateCache::Accept); + } else if (id == policyGroup->id(policyReject)) { + x->setPolicy(KSSLCertificateCache::Reject); + } else if (id == policyGroup->id(policyPrompt)) { + x->setPolicy(KSSLCertificateCache::Prompt); + } + + configChanged(); +} + + + +void KCryptoConfig::slotDatePick() { +KDateTimeDlg kdtd; +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); + + if (!x || !untilDate->isEnabled()) return; + +QDateTime qdt = x->getExpires(); + + kdtd.setDateTime(qdt); + int rc = kdtd.exec(); + if (rc == KDialog::Accepted) { + x->setExpires(kdtd.getDateTime()); + untilDate->setText(KGlobal::locale()->formatDateTime(x->getExpires())); + configChanged(); + } +} + + + +void KCryptoConfig::slotOtherCertSelect() { +OtherCertItem *x = static_cast(otherSSLBox->selectedItem()); +QString iss = QString::null; + if (x) { + otherSSLExport->setEnabled(true); + otherSSLVerify->setEnabled(true); + otherSSLRemove->setEnabled(true); + + fromLabel->setEnabled(true); + untilLabel->setEnabled(true); + policyGroup->setEnabled(true); + cacheGroup->setEnabled(true); + cachePerm->setEnabled(true); + cacheUntil->setEnabled(true); + policies->setGroup(x->getMD5()); + + KSSLCertificate *cert = KSSLCertificate::fromString(policies->readEntry("Certificate", QString::null).local8Bit()); + + if (cert) { + QPalette cspl; + iss = cert->getIssuer(); + cspl = validFrom->palette(); + if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + validFrom->setPalette(cspl); + + cspl = validUntil->palette(); + if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + validUntil->setPalette(cspl); + + validFrom->setText(cert->getNotBefore()); + validUntil->setText(cert->getNotAfter()); + untilDate->setText(x ? KGlobal::locale()->formatDateTime(x->getExpires()) + : KGlobal::locale()->formatDateTime(QDateTime::currentDateTime(Qt::UTC))); + untilDate->setEnabled(x && !x->isPermanent()); + pHash->setText(cert->getMD5DigestText()); + delete cert; + } else { + validFrom->setText(QString::null); + validUntil->setText(QString::null); + pHash->clear(); + } + + switch(x->getPolicy()) { + case KSSLCertificateCache::Accept: + policyGroup->setButton(policyGroup->id(policyAccept)); + break; + case KSSLCertificateCache::Reject: + policyGroup->setButton(policyGroup->id(policyReject)); + break; + case KSSLCertificateCache::Prompt: + policyGroup->setButton(policyGroup->id(policyPrompt)); + break; + } + + cachePerm->setChecked(x->isPermanent()); + cacheUntil->setChecked(!x->isPermanent()); + + } else { + otherSSLExport->setEnabled(false); + otherSSLVerify->setEnabled(false); + otherSSLRemove->setEnabled(false); + fromLabel->setEnabled(false); + untilLabel->setEnabled(false); + policyGroup->setEnabled(false); + cacheGroup->setEnabled(false); + cachePerm->setChecked(false); + cacheUntil->setChecked(false); + policyAccept->setChecked(false); + policyReject->setChecked(false); + policyPrompt->setChecked(false); + cachePerm->setEnabled(false); + cacheUntil->setEnabled(false); + validFrom->setText(QString::null); + validUntil->setText(QString::null); + untilDate->setText(QString::null); + untilDate->setEnabled(false); + pHash->clear(); + } + + + oSubject->setValues(x ? x->getSub() : QString(QString::null)); + oIssuer->setValues(iss); + +} + + +void KCryptoConfig::slotYourImport() { + + QString certFile = KFileDialog::getOpenFileName(QString::null, "application/x-pkcs12"); + if (certFile.isEmpty()) + return; + +#ifdef HAVE_SSL +KSSLPKCS12 *cert = NULL; +QCString pass; + +TryImportPassAgain: + int rc = KPasswordDialog::getPassword(pass, i18n("Certificate password")); + if (rc != KPasswordDialog::Accepted) return; + + cert = KSSLPKCS12::loadCertFile(certFile, QString(pass)); + + if (!cert) { + rc = KMessageBox::warningYesNo(this, i18n("The certificate file could not be loaded. Try a different password?"), i18n("SSL"),i18n("Try"),i18n("Do Not Try")); + if (rc == KMessageBox::Yes) goto TryImportPassAgain; + return; + } + + // At this point, we know that we can read the certificate in. + // The procedure will be to convert it to Base64 in it's raw form + // and add it to the ListView - eventually going into the SimpleConfig. + + // FIXME: prompt if the user wants the password stored along with the + // certificate + + QString name = cert->getCertificate()->getSubject(); + for (YourCertItem *i = + static_cast(yourSSLBox->firstChild()); + i; + i = static_cast(i->nextSibling())) { + if (i->configName() == name) { + rc = KMessageBox::warningContinueCancel(this, i18n("A certificate with that name already exists. Are you sure that you wish to replace it?"), i18n("SSL"), i18n("Replace")); + if (rc == KMessageBox::Cancel) { + delete cert; + return; + } + yourSSLBox->takeItem(i); + yourCertDelList.append(i); + } + } + + new YourCertItem(yourSSLBox, + cert->toString(), + QString::null, // the password - don't store it yet! + name, + this ); + + setAuthCertLists(); + configChanged(); + delete cert; +#endif + + offerImportToKMail( certFile ); +} + + +void KCryptoConfig::slotYourExport() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); + if (!x) return; + + KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass()); + if (!pkcs) + pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache()); + if (!pkcs) { + QString pprompt = i18n("Enter the certificate password:"); + QCString oldpass; + do { + int i = KPasswordDialog::getPassword(oldpass, pprompt); + if (i != KPasswordDialog::Accepted) return; + pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass); + pprompt = i18n("Decoding failed. Please try again:"); + } while (!pkcs); + x->setPassCache(oldpass); + slotYourUnlock(); + } + + // For now, we will only export to PKCS#12 + QString certFile = KFileDialog::getSaveFileName(QString::null, + "application/x-pkcs12"); + if (certFile.isEmpty()) + return; + + if (!pkcs->toFile(certFile)) + KMessageBox::sorry(this, i18n("Export failed."), i18n("SSL")); +} + + +void KCryptoConfig::slotYourVerify() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); +QString iss; + if (!x) return; + + KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass()); + if (!pkcs) + pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache()); + if (!pkcs) { + QString pprompt = i18n("Enter the certificate password:"); + QCString oldpass; + do { + int i = KPasswordDialog::getPassword(oldpass, pprompt); + if (i != KPasswordDialog::Accepted) return; + pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass); + pprompt = i18n("Decoding failed. Please try again:"); + } while (!pkcs); + x->setPassCache(oldpass); + slotYourUnlock(); + } + + KSSLCertificate::KSSLValidation v = pkcs->revalidate(KSSLCertificate::SSLClient); + if (v != KSSLCertificate::Ok) + v = pkcs->revalidate(KSSLCertificate::SMIMEEncrypt); + if (v != KSSLCertificate::Ok) + v = pkcs->revalidate(KSSLCertificate::SMIMESign); + + if (v == KSSLCertificate::Ok) { + KMessageBox::information(this, i18n("This certificate passed the verification tests successfully."), i18n("SSL")); + } else { + KMessageBox::detailedError(this, i18n("This certificate has failed the tests and should be considered invalid."), KSSLCertificate::verifyText(v), i18n("SSL")); + } + + delete pkcs; +} + + +void KCryptoConfig::slotYourRemove() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); + if (x) { + yourSSLBox->takeItem(x); + yourCertDelList.append(x); + setAuthCertLists(); + configChanged(); + } +} + + +void KCryptoConfig::slotYourUnlock() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); +QString iss; + if (!x || !yourSSLUnlock->isEnabled()) return; + + KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass()); + if (!pkcs) + pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache()); + if (!pkcs) { + QString pprompt = i18n("Enter the certificate password:"); + QCString oldpass; + do { + int i = KPasswordDialog::getPassword(oldpass, pprompt); + if (i != KPasswordDialog::Accepted) return; + pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass); + pprompt = i18n("Decoding failed. Please try again:"); + } while (!pkcs); + x->setPassCache(oldpass); + } + + // update the info + iss = pkcs->getCertificate()->getIssuer(); + ySubject->setValues(x ? x->getName() : QString(QString::null)); + yIssuer->setValues(iss); + QPalette cspl; + KSSLCertificate *cert = pkcs->getCertificate(); + cspl = yValidFrom->palette(); + if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + yValidFrom->setPalette(cspl); + + cspl = yValidUntil->palette(); + if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + yValidUntil->setPalette(cspl); + + yValidFrom->setText(cert->getNotBefore()); + yValidUntil->setText(cert->getNotAfter()); + yHash->setText(cert->getMD5DigestText()); + yourSSLUnlock->setEnabled(false); + delete pkcs; +} + + +void KCryptoConfig::slotYourCertSelect() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); +QString iss; + + yourSSLExport->setEnabled(x != NULL); + yourSSLPass->setEnabled(x != NULL); + yourSSLUnlock->setEnabled(false); + yourSSLVerify->setEnabled(x != NULL); + yourSSLRemove->setEnabled(x != NULL); + + if (x) { + KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass()); + if (pkcs) { + QPalette cspl; + KSSLCertificate *cert = pkcs->getCertificate(); + iss = cert->getIssuer(); + cspl = yValidFrom->palette(); + if (QDateTime::currentDateTime(Qt::UTC) < cert->getQDTNotBefore()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + yValidFrom->setPalette(cspl); + + cspl = yValidUntil->palette(); + if (QDateTime::currentDateTime(Qt::UTC) > cert->getQDTNotAfter()) { + cspl.setColor(QColorGroup::Foreground, QColor(196,33,21)); + } else { + cspl.setColor(QColorGroup::Foreground, QColor(42,153,59)); + } + yValidUntil->setPalette(cspl); + + yValidFrom->setText(cert->getNotBefore()); + yValidUntil->setText(cert->getNotAfter()); + yHash->setText(cert->getMD5DigestText()); + delete pkcs; + } else { + yourSSLUnlock->setEnabled(x != NULL); + yHash->clear(); + } + } else { + yHash->clear(); + } + + ySubject->setValues(x ? x->getName() : QString(QString::null)); + yIssuer->setValues(iss); +} + + +void KCryptoConfig::slotYourPass() { +YourCertItem *x = static_cast(yourSSLBox->selectedItem()); +QCString oldpass = ""; + if (!x) return; + + KSSLPKCS12 *pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPass()); + if (!pkcs) + pkcs = KSSLPKCS12::fromString(x->getPKCS(), x->getPassCache()); + if (!pkcs) { + QString pprompt = i18n("Enter the OLD password for the certificate:"); + do { + int i = KPasswordDialog::getPassword(oldpass, pprompt); + if (i != KPasswordDialog::Accepted) break; + pkcs = KSSLPKCS12::fromString(x->getPKCS(), oldpass); + pprompt = i18n("Decoding failed. Please try again:"); + } while (!pkcs); + } + + if (pkcs) { + x->setPassCache(oldpass); + slotYourUnlock(); + KPasswordDialog *kpd = new KPasswordDialog(KPasswordDialog::NewPassword, false, 0, this); + kpd->setPrompt(i18n("Enter the new certificate password")); + kpd->setAllowEmptyPasswords(true); + + int i = kpd->exec(); + if (i == KPasswordDialog::Accepted) { + QCString pass = kpd->password(); + pkcs->changePassword(QString(oldpass), QString(pass)); + x->setPKCS(pkcs->toString()); + x->setPassCache(pass); + configChanged(); + } + delete kpd; + delete pkcs; + } +} + + +void KCryptoConfig::slotCAImport() { + QString certFile = KFileDialog::getOpenFileName(QString::null, "application/x-x509-ca-cert"); + + if (certFile.isEmpty()) + return; + +#ifdef HAVE_SSL +#define sk_free KOSSL::self()->sk_free +#define sk_num KOSSL::self()->sk_num +#define sk_value KOSSL::self()->sk_value + + // First try to load using the OpenSSL method + X509_STORE *certStore = KOSSL::self()->X509_STORE_new(); + X509_LOOKUP *certLookup = KOSSL::self()->X509_STORE_add_lookup(certStore, KOSSL::self()->X509_LOOKUP_file()); + + if (certLookup && + KOSSL::self()->X509_LOOKUP_load_file(certLookup, + certFile.local8Bit(), + X509_FILETYPE_PEM)) { + for (int i = 0; i < sk_X509_OBJECT_num(certStore->objs); i++) { + X509_OBJECT* x5o = sk_X509_OBJECT_value(certStore->objs, i); + if (!x5o) continue; + + if (x5o->type != X509_LU_X509) continue; + + X509 *x5 = x5o->data.x509; + if (!x5) continue; + + // Easier to use in this form + KSSLCertificate *x = KSSLCertificate::fromX509(x5); + + // Only import CA's + if (!x || !x->x509V3Extensions().certTypeCA()) { + if (x) { + QString emsg = x->getSubject() + ":\n" + + i18n("This is not a signer certificate."); + KMessageBox::error(this, + emsg, + i18n("SSL")); + delete x; + } + continue; + } + + QString name = x->getSubject(); + + // search for dups + for (CAItem *m = static_cast(caList->firstChild()); + m; + m = static_cast(m->nextSibling())) { + if (m->configName() == name) { + KSSLCertificate *y = KSSLCertificate::fromString(m->getCert().local8Bit()); + if (!y) continue; + if (*x == *y) { + QString emsg = name + ":\n" + + i18n("You already have this signer certificate installed."); + KMessageBox::error(this, + emsg, + i18n("SSL")); + delete x; + delete y; + x = NULL; + break; + } + delete y; + } + } + + if (!x) continue; + + // Ok, add it to the list + (new CAItem(caList, + name, + x->toString(), + true, true, true, this) + )->isNew = true; + delete x; + } + + // Can the PEM code be wiped out now? + } else { // try to load it manually as a single X.509 DER encoded + // ASSUMPTION: we only read one certificate in this code + QFile qf(certFile); + QString name; + QString certtext; + KSSLCertificate *x; + qf.open(IO_ReadOnly); + qf.readLine(certtext, qf.size()); + + if (certStore) { KOSSL::self()->X509_STORE_free(certStore); + certStore = NULL; } + + if (certtext.contains("-----BEGIN CERTIFICATE-----")) { + qf.reset(); + certtext = QString::null; + while (!qf.atEnd()) { + QString xx; + qf.readLine(xx, qf.size()); + certtext += xx; + } + certtext = certtext.replace("-----BEGIN CERTIFICATE-----", QString::null); + certtext = certtext.replace("-----END CERTIFICATE-----", QString::null); + certtext = certtext.stripWhiteSpace(); + certtext = certtext.replace("\n", QString::null); + } else { + // Must [could?] be DER + qf.close(); + qf.open(IO_ReadOnly); + char *cr; + cr = new char[qf.size()+1]; + qf.readBlock(cr, qf.size()); + QByteArray qba; + qba.duplicate(cr, qf.size()); + certtext = KCodecs::base64Encode(qba); + delete [] cr; + } + + qf.close(); + + x = KSSLCertificate::fromString(certtext.latin1()); + + if (!x) { + KMessageBox::sorry(this, + i18n("The certificate file could not be loaded."), + i18n("SSL")); + return; + } + + if (!x->x509V3Extensions().certTypeCA()) { + KMessageBox::sorry(this, + i18n("This is not a signer certificate."), + i18n("SSL")); + return; + } + + name = x->getSubject(); + + for (CAItem *i = static_cast(caList->firstChild()); + i; + i = static_cast(i->nextSibling())) { + if (i->configName() == name) { + KSSLCertificate *y = KSSLCertificate::fromString(i->getCert().local8Bit()); + if (!y) continue; + if (*x == *y) { + KMessageBox::error(this, + i18n("You already have this signer certificate installed."), + i18n("SSL")); + delete x; + delete y; + return; + } + delete y; + } + } + + (new CAItem(caList, name, x->toString(), true, true, true, this))->isNew = true; + + delete x; + } + + + if (certStore) KOSSL::self()->X509_STORE_free(certStore); + + configChanged(); +#undef sk_free +#undef sk_num +#undef sk_value +#endif + + offerImportToKMail( certFile ); +} + +void KCryptoConfig::offerImportToKMail( const QString& certFile ) +{ + if ( KMessageBox::questionYesNo( this, i18n( "Do you want to make this certificate available to KMail as well?" ), QString::null, i18n("Make Available"), i18n("Do Not Make Available") ) == KMessageBox::Yes ) { + KProcess proc; + proc << "kleopatra"; + proc << "--import-certificate"; + proc << certFile; + if ( !proc.start( KProcess::DontCare ) ) + KMessageBox::error( this, i18n( "Could not execute Kleopatra. You might have to install or update the kdepim package." ) ); + } +} + + +void KCryptoConfig::slotCARemove() { +CAItem *x = static_cast(caList->selectedItem()); + if (x) { + caList->takeItem(x); + caDelList.append(x); + configChanged(); + slotCAItemChanged(); + } +} + + +void KCryptoConfig::slotCARestore() { + + int rc = KMessageBox::warningContinueCancel(this, i18n("This will revert your certificate signers database to the KDE default.\nThis operation cannot be undone.\nAre you sure you wish to continue?"), i18n("SSL"),i18n("Revert")); + if (rc == KMessageBox::Cancel) { + return; + } + +// For now, we just rm the existing file and rebuild + + QString path = KGlobal::dirs()->saveLocation("config"); + + path += "/ksslcalist"; + + QFile::remove(path); + + // Remove all our old work and rebuild the GUI/List + caDelList.clear(); + caList->clear(); + + + QStringList groups = _signers->list(); + KConfig sigcfg("ksslcalist", true, false); + + for (QStringList::Iterator i = groups.begin(); + i != groups.end(); + ++i) { + if ((*i).isEmpty() || *i == "") continue; + if (!sigcfg.hasGroup(*i)) continue; + sigcfg.setGroup(*i); + if (!sigcfg.hasKey("x509")) continue; + new CAItem(caList, + (*i), + sigcfg.readEntry("x509", QString::null), + sigcfg.readBoolEntry("site", false), + sigcfg.readBoolEntry("email", false), + sigcfg.readBoolEntry("code", false), + this ); + } + + genCAList(); + slotCAItemChanged(); +} + + +void KCryptoConfig::slotCAItemChanged() { +CAItem *x = static_cast(caList->selectedItem()); + if (x) { + caSSLRemove->setEnabled(true); + caSubject->setValues(x ? x->getName() : QString(QString::null)); + KSSLCertificate *cert = KSSLCertificate::fromString(x->getCert().local8Bit()); + if (!cert) { + caIssuer->setValues(QString(QString::null)); + caSite->setEnabled(false); + caEmail->setEnabled(false); + caCode->setEnabled(false); + caSite->setChecked(false); + caEmail->setChecked(false); + caCode->setChecked(false); + cHash->clear(); + } else { + caSite->setEnabled(cert->x509V3Extensions().certTypeSSLCA()); + caEmail->setEnabled(cert->x509V3Extensions().certTypeEmailCA()); + caCode->setEnabled(cert->x509V3Extensions().certTypeCodeCA()); + caSite->setChecked(x->getSite()); + caEmail->setChecked(x->getEmail()); + caCode->setChecked(x->getCode()); + caIssuer->setValues(cert->getIssuer()); + cHash->setText(cert->getMD5DigestText()); + delete cert; + } + } else { + caSSLRemove->setEnabled(false); + caSite->setEnabled(false); + caEmail->setEnabled(false); + caCode->setEnabled(false); + caSubject->setValues(QString(QString::null)); + caIssuer->setValues(QString(QString::null)); + cHash->clear(); + } +} + + +void KCryptoConfig::slotCAChecked() { +CAItem *x = static_cast(caList->selectedItem()); + if (x) { + x->setSite(caSite->isChecked()); + x->setEmail(caEmail->isChecked()); + x->setCode(caCode->isChecked()); + x->modified = true; + configChanged(); + } +} + + + +void KCryptoConfig::slotNewHostAuth() { + HostAuthItem *j = new HostAuthItem(hostAuthList, + QString::null, + QString::null, + this ); + j->setAction(KSSLCertificateHome::AuthSend); + hostAuthList->setSelected(j, true); + authHost->setEnabled(true); + hostCertBox->setEnabled(true); + hostCertBG->setEnabled(true); + authRemove->setEnabled(true); + + hostCertBG->setButton(0); + + authHost->setFocus(); +} + + + +void KCryptoConfig::slotRemoveHostAuth() { +QListViewItem *act = hostAuthList->selectedItem(); +HostAuthItem *x = static_cast(act); + + if (x) { + QListViewItem *next = act->itemBelow(); + if (!next) next = act->itemAbove(); + hostAuthList->takeItem(x); + authDelList.append(x); + configChanged(); + if (next) hostAuthList->setSelected(next, true); + } +} + + +void KCryptoConfig::slotAuthItemChanged() { +HostAuthItem *x = static_cast(hostAuthList->selectedItem()); + +if (x) { + // Make sure the fields are enabled + authHost->setEnabled(true); + hostCertBox->setEnabled(true); + hostCertBG->setEnabled(true); + authRemove->setEnabled(true); + + // Populate the fields + switch(x->getAction()) { + case KSSLCertificateHome::AuthSend: + hostCertBG->setButton(hostCertBG->id(hostSend)); + break; + case KSSLCertificateHome::AuthPrompt: + hostCertBG->setButton(hostCertBG->id(hostPrompt)); + break; + case KSSLCertificateHome::AuthDont: + hostCertBG->setButton(hostCertBG->id(hostDont)); + break; + default: + hostSend->setChecked(false); + hostPrompt->setChecked(false); + hostDont->setChecked(false); + break; + } + + ___lehack = true; + authHost->setText(x->configName()); + ___lehack = false; + hostCertBox->setCurrentItem(0); + + QString theCert = x->getCertName(); + for (int i = 0; i < hostCertBox->count(); i++) { + if (hostCertBox->text(i) == theCert) { + hostCertBox->setCurrentItem(i); + break; + } + } +} else { + authHost->clear(); + authHost->setEnabled(false); + hostCertBox->setEnabled(false); + hostCertBG->setEnabled(false); + authRemove->setEnabled(false); +} +} + + +void KCryptoConfig::slotAuthText(const QString &t) { +if (___lehack) return; +HostAuthItem *x = static_cast(hostAuthList->selectedItem()); + +if (x) { + x->setHost(t); +configChanged(); +} +} + + + +void KCryptoConfig::slotAuthButtons() { +HostAuthItem *x = static_cast(hostAuthList->selectedItem()); + +if (x) { + KSSLCertificateHome::KSSLAuthAction aa = KSSLCertificateHome::AuthDont; + int sel = hostCertBG->id(hostCertBG->selected()); + + if (sel == hostCertBG->id(hostSend)) + aa = KSSLCertificateHome::AuthSend; + else if (sel == hostCertBG->id(hostPrompt)) + aa = KSSLCertificateHome::AuthPrompt; + else + aa = KSSLCertificateHome::AuthDont; + + x->setAction(aa); +configChanged(); +} +} + + +void KCryptoConfig::slotAuthCombo() { +HostAuthItem *x = static_cast(hostAuthList->selectedItem()); + + if (x) { + if (hostCertBox->currentItem() == 0) + x->setCertName(QString::null); + else x->setCertName(hostCertBox->currentText()); + configChanged(); + } +} + + +void KCryptoConfig::slotTestOSSL() { +KOSSL::self()->destroy(); + +if (!KOSSL::self()->hasLibSSL()) { + KMessageBox::detailedSorry(this, + i18n("Failed to load OpenSSL."), + i18n("libssl was not found or successfully loaded."), + i18n("OpenSSL")); + return; +} + +if (!KOSSL::self()->hasLibCrypto()) { + KMessageBox::detailedSorry(this, + i18n("Failed to load OpenSSL."), + i18n("libcrypto was not found or successfully loaded."), + i18n("OpenSSL")); + return; +} + + KMessageBox::information(this, i18n("OpenSSL was successfully loaded."), i18n("OpenSSL")); +} + + +void KCryptoConfig::slotUseEGD() { + if (mUseEGD->isChecked()) { + mUseEFile->setChecked(false); + } + mEGDLabel->setText(i18n("Path to EGD:")); + mEGDPath->setEnabled(mUseEGD->isChecked()); + mEGDLabel->setEnabled(mUseEGD->isChecked()); + configChanged(); +} + + +void KCryptoConfig::slotUseEFile() { + if (mUseEFile->isChecked()) { + mUseEGD->setChecked(false); + } + mEGDLabel->setText(i18n("Path to entropy file:")); + mEGDPath->setEnabled(mUseEFile->isChecked()); + mEGDLabel->setEnabled(mUseEFile->isChecked()); + configChanged(); +} + + +// Lets make this a separate module. it's a whole lot of work and can really be +// encompassed in a separate module quite nicely. +void KCryptoConfig::slotGeneratePersonal() { +#if 0 + QStringList qslCertTypes; + + qslCertTypes << i18n("Personal SSL") + << i18n("Server SSL") + << i18n("S/MIME") + << i18n("PGP") + << i18n("GPG") + << i18n("SSL Personal Request") + << i18n("SSL Server Request") + << i18n("Netscape SSL") + << i18n("Server certificate authority", "Server CA") + << i18n("Personal certificate authority", "Personal CA") + << i18n("Secure MIME certificate authority", "S/MIME CA"); +#endif + +} + + +#ifdef HAVE_SSL +// This gets all the available ciphers from OpenSSL +bool KCryptoConfig::loadCiphers() { +unsigned int i; +SSL_CTX *ctx; +SSL *ssl; +SSL_METHOD *meth; + + SSLv2Box->clear(); + SSLv3Box->clear(); + + meth = SSLv2_client_method(); + SSLeay_add_ssl_algorithms(); + ctx = SSL_CTX_new(meth); + if (ctx == NULL) return false; + + ssl = SSL_new(ctx); + if (!ssl) return false; + + CipherItem *item; + for (i=0; ; i++) { + int j, k; + SSL_CIPHER *sc; + sc = (meth->get_cipher)(i); + if (!sc) + break; + // Leak of sc*? + QString scn(sc->name); + if (scn.contains("ADH-") || scn.contains("NULL-") || scn.contains("DES-CBC3-SHA") || scn.contains("FZA-")) { + continue; + } + k = SSL_CIPHER_get_bits(sc, &j); + + item = new CipherItem( SSLv2Box, sc->name, k, j, this ); + } + + if (ctx) SSL_CTX_free(ctx); + if (ssl) SSL_free(ssl); + + // We repeat for SSLv3 + meth = SSLv3_client_method(); + SSLeay_add_ssl_algorithms(); + ctx = SSL_CTX_new(meth); + if (ctx == NULL) return false; + + ssl = SSL_new(ctx); + if (!ssl) return false; + + for (i=0; ; i++) { + int j, k; + SSL_CIPHER *sc; + sc = (meth->get_cipher)(i); + if (!sc) + break; + // Leak of sc*? + QString scn(sc->name); + if (scn.contains("ADH-") || scn.contains("NULL-") || scn.contains("DES-CBC3-SHA") || scn.contains("FZA-")) { + continue; + } + k = SSL_CIPHER_get_bits(sc, &j); + + item = new CipherItem( SSLv3Box, sc->name, k, j, this ); + } + + if (ctx) SSL_CTX_free(ctx); + if (ssl) SSL_free(ssl); + +return true; +} +#endif + + +void KCryptoConfig::setAuthCertLists() { +QString oldDef, oldHost; +bool noneDef, noneHost; + +// get the old setting + oldDef = defCertBox->currentText(); + oldHost = hostCertBox->currentText(); + noneDef = (0 == defCertBox->currentItem()); + noneHost = (0 == hostCertBox->currentItem()); + +// repopulate + defCertBox->clear(); + hostCertBox->clear(); + QStringList defCertStrList; // = KSSLCertificateHome::getCertificateList(); + defCertStrList.append(i18n("None")); + for (YourCertItem *x = static_cast(yourSSLBox->firstChild()); + x; + x = static_cast(x->nextSibling())) { + defCertStrList.append(x->configName()); + } + defCertBox->insertStringList(defCertStrList); + hostCertBox->insertStringList(defCertStrList); + +// try to restore it + + defCertBox->setCurrentItem(0); + if (!noneDef) { + for (int i = 0; i < defCertBox->count(); i++) { + if (defCertBox->text(i) == oldDef) { + defCertBox->setCurrentItem(i); + break; + } + } + } + + if (!noneDef && defCertBox->currentItem() == 0) configChanged(); + + hostCertBox->setCurrentItem(0); + if (!noneHost) { + for (int i = 0; i < hostCertBox->count(); i++) { + if (hostCertBox->text(i) == oldHost) { + hostCertBox->setCurrentItem(i); + break; + } + } + } + + if (!noneHost && hostCertBox->currentItem() == 0) configChanged(); + + // Update the host entries too + for (HostAuthItem *x = + static_cast(hostAuthList->firstChild()); + x; + x = static_cast(x->nextSibling())) { + QString newValue = QString::null; + for (int i = 1; i < hostCertBox->count(); i++) { + if (hostCertBox->text(i) == x->getCertName()) { + newValue = x->getCertName(); + break; + } + } + if (newValue != x->getCertName()) configChanged(); + x->setCertName(newValue); + } + + +} + +#include "crypto.moc" diff --git a/kcontrol/crypto/crypto.desktop b/kcontrol/crypto/crypto.desktop new file mode 100644 index 000000000..127f1adab --- /dev/null +++ b/kcontrol/crypto/crypto.desktop @@ -0,0 +1,229 @@ +[Desktop Entry] +Icon=encrypted +Type=Application +Exec=kcmshell crypto +DocPath=kcontrol/crypto/index.html + +X-KDE-Library=crypto +X-KDE-ParentApp=kcontrol + +Name=Crypto +Name[af]=Kripto +Name[ar]=التشفير +Name[az]=Şifrləmə +Name[be]=Крыптаграфія +Name[bg]=Шифроване +Name[bn]=ক্রিপ্টো +Name[br]=Krypto +Name[cs]=Kryptografie +Name[csb]=Kriptografijô +Name[da]=Krypto +Name[de]=Verschlüsselung +Name[el]=Κρυπτογραφία +Name[eo]=Ĉifrado +Name[es]=Criptografía +Name[et]=Krüpto +Name[fa]=رمز +Name[fi]=Salaus +Name[fo]=Brongling +Name[fr]=Cryptographie +Name[fy]=kryptografie +Name[ga]=Criptiú +Name[gl]=Cifrado +Name[he]=הצפנה +Name[hi]=क्रिप्टो +Name[hr]=Šifriranje +Name[hu]=Titkosítás +Name[id]=Kripto +Name[is]=Dulritun +Name[it]=Crittografia +Name[ja]=暗号 +Name[ka]=კრიპტოგრაფია +Name[kk]=Криптография +Name[lo]=ການເຂົ້າລະຫັດ +Name[lt]=Šifravimas +Name[lv]=Kripto +Name[mk]=Криптографија +Name[mn]=Түлхүүрлэлт +Name[mt]=Kriptografija +Name[nb]=Kryptering +Name[nds]=Verslöteln +Name[ne]=क्रिप्टो +Name[nl]=Cryptografie +Name[nn]=Krypto +Name[nso]=Tshiro +Name[pl]=Kryptografia +Name[pt]=Cifra +Name[pt_BR]=Criptografia +Name[ro]=Criptografie +Name[ru]=Криптография +Name[se]=Kryptografija +Name[sk]=Šifrovanie +Name[sl]=Kripto +Name[sr]=Криптографија +Name[sr@Latn]=Kriptografija +Name[sv]=Krypto +Name[ta]=சங்கேத +Name[te]=క్రిప్టో +Name[tg]=Рамзӣ +Name[th]=การเข้ารหัส +Name[tr]=Şifreleme +Name[tt]=Serläw +Name[uk]=Криптографія +Name[uz]=Kripto +Name[uz@cyrillic]=Крипто +Name[vi]=Mật mã +Name[wa]=Criptografeye +Name[xh]=Imfihlo +Name[zh_CN]=加密 +Name[zh_TW]=加密 +Comment=Configure SSL, manage certificates, and other cryptography settings +Comment[af]=Konfigureer Ssl, bestuur sertifikate, en ander kriptografie instellings +Comment[ar]=قم بتهيئة SSL و ادارة الشهادات اضافة الى اعدادات الضبط الأخرى +Comment[az]=SSL,vəsiqə,vəsiqə qurğuları,digər şifrləmə qurğuları +Comment[be]=Настаўленне SSL, кіраванне сертыфікатамі і іншыя настаўленні крыптаграфіі +Comment[bg]=Настройване и управление на удостоверения за шифроване +Comment[bn]=এস-এস-এল কনফিগার করুন, সার্টিফিকেট ম্যানেজ করুন এবং ক্রিপ্টোগ্রাফী সংক্রান্ত অন্যান্য মানসমূহ বেছে নিন +Comment[bs]=Podešavanje SSL, upravljanje certifikatima i ostalim kriptografskim postavkama +Comment[ca]=Aquí podeu configurar SSL, gestionar certificats, i altres valors de la criptografia +Comment[cs]=Nastavení SSL, správa certifikátů a ostatní kryptografická nastavení +Comment[csb]=Kònfigùracëjô SSL, sprôwianié certifikatama, jinszé kriptograficzné ùstôwë +Comment[cy]=Ffurfweddu SSL, rheoli tystysgrifau a gosodiadau cryptograffeg eraill +Comment[da]=Indstil SSL, håndtér certifikater og andre kryptografiske indstillinger +Comment[de]=SSL einrichten, Zertifikate verwalten und andere Einstellungen zur Verschlüsselung von Daten vornehmen +Comment[el]=Ρύθμιση SSL, διαχείριση πιστοποιητικών, και άλλες ρυθμίσεις κρυπτογραφίας +Comment[eo]=Agordo de SSL, administrado de atestiloj ktp. +Comment[es]=Configura SSL, administra los certificados y otras preferencias de criptografía. +Comment[et]=SSL seadistamine, sertifikaatide haldamine jms. +Comment[eu]=SSL konfiguratu, ziurtagiriak eta kriptografiaren beste ezarpen bazuk kudeatu +Comment[fa]=پیکربندی SSL، گواهی‌نامه‌های مدیر و دیگر تنظیمات رمزنگاری +Comment[fi]=SSL-, sertifikaatti- ja muut salausasetukset +Comment[fr]=Configuration de SSL, de la cryptographie et gestion des certificats +Comment[fy]=Hjir kinne jo SSL, sertifikatenbehear en oare kryptografyske ynstellings wizigje +Comment[ga]=Cumraigh SSL, bainistigh teastais, agus socruithe cripteagrafaíochta eile +Comment[gl]=Configurar SSL, xestionar certificados, e outras configuracións de cifrado +Comment[he]=שינוי ההגדרות של SSL, ניהול תעודות, והגדרות הצפנה אחרות +Comment[hi]=कॉन्फ़िगर एसएसएल, प्रमाणपत्र प्रबंधन, तथा अन्य क्रिप्टोग्राफी विन्यास करे +Comment[hr]=Konfiguriranje SSL-a, upravljanje potvrdama i ostalim postavkama šifriranja +Comment[hu]=Az SSL beállítása, a tanúsítványok kezelése és más titkosítási beállítások +Comment[id]=Konfigurasi SSL, manaje sertifikat, dan seting kriptografi lainnya +Comment[is]=Stilla SSL, vinna með skilríki og aðrar stillingar dulritunar +Comment[it]=Configura SSL, gestisce certificati e altre impostazioni crittografiche +Comment[ja]=SSL の設定、証明書の管理、その他の暗号作成形式の設定 +Comment[ka]= SSL კონფიგურაცია, სერთიფიკატის მენეჯმენტი და სხვა კრიპტოგრაფიული ელემენტების კონფიგურაცია +Comment[kk]=SSL-ді баптау, сертификаттарды және басқа шифрлау параметрлерді басқару +Comment[km]=កំណត់​រចនាសម្ព័ន្ធ SSL, គ្រប់គ្រង​វិញ្ញាបនបត្រ និង​ការ​កំណត់​រហស្សលិខសាស្ត្រ +Comment[lo]=ປັບແຕ່ງ SSL, ຈັດການໃບຮັບຮອງແລະຕັ້ງການເຂົ້າລະຫັດອື່ນໆ +Comment[lt]=Derina SSL, tvarko sertifikatus ir kitus šifravimo parametrus +Comment[lv]=Konfigurēt SSL, pārvaldīt sertifikātus un citus kriptogrāfijas parametrus +Comment[mk]=Конфигурација на SSL, менаџмент на сертификати\nи други криптографски поставувања +Comment[mn]=SSL, Үнэмлэх зохицуулах, ба бусад нууцлалт тохируулах +Comment[ms]=Konfigur SSL, urus sijil, dan seting kriptografi lain +Comment[mt]=Ikkonfigura l-SSL, immaniġġja ċertifikati, u konfigurazzjoni oħra tal-kriptografija +Comment[nb]=Innstilling av SSL, behandling av sertifikater og andre krypteringsinnstillinger +Comment[nds]=SSL instellen, Zertifikaten plegen, un annere Verslöteln-Instellen +Comment[ne]=SSL कन्फिगर गर्नुहोस्, प्रमाणपत्रहरू र अन्य गुप्तलेखन सेटिङ प्रबन्ध गर्नुहोस् +Comment[nl]=Hier kunt u SSL, certificatenbeheer en andere cryptografische instellingen wijzigen +Comment[nn]=Oppsett av SSL, sertifikat og andre krypteringsinnstillingar +Comment[nso]=Beakanya SSL, laola dikgonthisiso, le dipeakanyo tsedingwe tsa tshiro +Comment[oc]=Configura SSL, gestiona certificats, e autres valors de criptografia +Comment[pa]=SSL ਸੰਰਚਨਾ,ਸਰਟੀਫਕੇਟ ਅਤੇ ਕਰੋਫਟੋਗਰਾਫੀ ਸੈਟਿੰਗ +Comment[pl]=Konfiguracja SSL, zarządzanie certyfikatami, inne ustawienia kryptograficzne +Comment[pt]=Configurar o SSL, gerir certificados e outras configurações de cifra +Comment[pt_BR]=Configura SSL, gerencia certificados e outras configurações de criptografia +Comment[ro]=Configurează SSL, administrează certificate și alte setări criptografice +Comment[ru]=Настройка SSL, управление сертификатами и другими параметрами шифрования +Comment[rw]=Kuboneza SSL, kuyobora impamyabushobozi , n'andi magenamiterere y'umukonobanga. +Comment[se]=Heivet SSL:a, fuolat duođaštusaid, ja eará kryptografiija heivehusaid +Comment[sk]=Konfigurácia SSL, správa certifikátov a iné kryptografické nastavenia +Comment[sl]=Nastavite SSL, urejajte certifikate in ostale nastavitve šifriranja +Comment[sr]=Подесите SSL, управљајте сертификатима и другим крииптографским поставкама +Comment[sr@Latn]=Podesite SSL, upravljajte sertifikatima i drugim kriiptografskim postavkama +Comment[sv]=Anpassa SSL, hantera certifikat, samt andra kryptografiska inställningar +Comment[ta]=SSLஐ அமை , சான்றிதழ்களை கையாளு, மற்றும் ரகசிய அமைப்புகளை வடிவமை +Comment[tg]= Мудирияти эътиборномаҳо, ва соири танзими SSL, танзимоти рамзнагузорӣ +Comment[th]=ปรับแต่ง SSL, จัดการใบรับรอง และตั้งการการเข้ารหัสอื่น ๆ +Comment[tr]=SSL,sertifika,sertifika ayarları,diğer şifreleme ayarları +Comment[tt]=SSL, tanıqlıqlar, şulay uq başqa serläw çaraların caylaw üzäge bu +Comment[uk]=Налаштування SSL, керування сертифікатами та іншими параметрами криптографії +Comment[uz]=SSL'ni moslash, sertifikatlarni boshqarish va boshqa kriptografiya moslamalari +Comment[uz@cyrillic]=SSL'ни мослаш, сертификатларни бошқариш ва бошқа криптография мосламалари +Comment[ven]=Khonifiga SSL, i laula sethifikheithi, na dzine mbekanyo dza khiraiputogirafi +Comment[vi]=Cấu hình SSL, quản lí giấy chứng nhận và các thiết lập về mật mã khác +Comment[wa]=Apontiaedje SSL, manaedje les acertinaedjes et ls ôtès tchuzes di criptografeye +Comment[xh]=Qwalasela i SSL, yenza iziqinisekiso, kunye nezinye izicwangciso zokufihlakeleyo +Comment[zh_CN]=配置 SSL,管理证书和其它加密设置 +Comment[zh_TW]=設定 SSL、管理憑證和其它的加密設定 +Comment[zu]=Hlanganisela i-SSL, phatha izitifiketi, kanye nezinye izilungiselelo zokuqaqa umbhalo ongaqondakali + +Keywords=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security +Keywords[ar]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,تشفير,التشفير,شهادات,الشهادات,الشفرات,آمن,الأمن +Keywords[az]=Şifr,şifrləmə,kriptoqrafiya,SSL,https,vəsiqə,TLS,təhlüükəsizlik,e'tibarlı +Keywords[be]=Крыптаграфія,шыфраванне,бяспека,бяспечны,Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security +Keywords[bg]=шифър, шифроване, удостоверения, удостоверение, сигурност, сертификат, сертификати, шифри, ключове, Crypto, Krypto, Cryptography, encryption, SSL, https, certificates, ciphers, TLS, secure, security +Keywords[ca]=Cripto,Kripto,Criptografia,xifrat,SSL,https,certificats,xifres,TLS,segur,seguretat +Keywords[cs]=Kryptografie,Šifrování,SSL,https,Certifikáty,Kódy,Krypto,TLS,bezpečnost +Keywords[csb]=Krypto,Kriptografijô,szifrowanié,SSL,https,cerifikatë,szifrë,TLS,bezpieczno,bezpiek +Keywords[cy]=Crypto,Krypto,Cryptograffaeth,amgryptio,SSL,https,tystysgrifau,seifferau,TLS,diogel,diogelwch +Keywords[da]=Crypto,Krypto,Kryptografi,kryptering,SSL,https,certifikater,chifre,TLS,sikker,sikkerhed +Keywords[de]=Chiffrierung,Crypto,Krypto,Kryptographie,Verschlüsselung,SSL,https,Zertifikate,TLS,Sicherheit +Keywords[el]=Κρυπτογραφία,Krypto,Κρυπτογράφηση,κρυπτογράφηση,SSL,https,πιστοποιητικά,ciphers,TLS,ασφαλές,ασφάλεια +Keywords[eo]=ĉifrado,SSL,HTTPS,atestoj,ĉifroj,TLS,sekureco +Keywords[es]=Criptografía,cifra,SSL,https,certificados,cifrados,TLS,seguro,seguridad +Keywords[et]=Crypto,krüpto,krüptograafia,krüptimine,SSL,https,sertifikaadid,šifrid,TLS,turvaline,turvalisus +Keywords[eu]=Crypto,Krypto,Kriptografia,enkriptazioa,SSL,https,ziurtagiriak,zifratuak,TLS,segurua,segurtasuna +Keywords[fa]=Crypto، Krypto، رمزنگاری، رمزبندی،SSL، https،گواهی‌نامه‌ها، رمزها، TLS،امن، امنیت +Keywords[fi]=Salaus,Krypto,SSL,https,sertifikaatit,salaukset,TLS,turvallinen,turvallisuus +Keywords[fr]=cryptographie,cryptage,encryptage,chiffrage,SSL,https,certificats,codes,TLS,sécurisé,sécurité +Keywords[fy]=crypto,krypto,kryptografie,fersifering,ssl,https,sertifikaten,siferje,tls,befeiliging,feilig,kodearring,kodearre,fersifering +Keywords[ga]=Krypto,rúnscríobh,criptiú,incriptiúchán,SSL,https,teastais,sifir,TLS,daingean,slándáil +Keywords[gl]=Criptografia,krypto,cripto,cifrado,SSL,https,certificados,ciphers,TLS,seguro,seguridade +Keywords[he]=מאובטח,אבטחה,TLS,תעודות,צפנים,https,SSL,הצפנה,Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security +Keywords[hi]=क्रिप्टो,क्रिप्टोग्राफी,एनक्रिप्शन,एसएसएल,एचटीटीपीएस,प्रमाणपत्र,साइफर्स,टीएलएस,सुरक्षित,सुरक्षा +Keywords[hr]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Šifriranje,šifriranje,šifre,šifra,potvrde,sigurnost,osigurano +Keywords[hu]=Crypto,Krypto,kriptográfia,titkosítás,SSL,https,tanúsítványok,kódolás,TLS,biztonságos,biztonság +Keywords[id]=Kripto,Kriptografi,enkripsi,SSL,https,sertifikat,ciphers,TLS,secure,security +Keywords[is]=Dulritun,Dulmál,Krypto,SSL,https,skilríki,brenglun,TLS,öryggi,öruggt +Keywords[it]=crittografia,cifratura,SSL,https,certificati,cifrari,TLS,sicuro,sicurezza +Keywords[ja]=暗号化,Krypto,暗号作成形式,暗号化,SSL,http,証明書,暗号,TLS,セキュア,セキュリティ +Keywords[km]=Crypto,Krypto,រហស្សលិខសាស្ត្រ,ការ​បម្លែង​ជា​កូដ,SSL,https,វិញ្ញាបនបត្រ,សរសេរ​សម្ងាត់,TLS,សុវត្ថិភាព +Keywords[lt]=Crypto,Krypto,Cryptography,kriptografija,encryption,šifravimas,SSL,https,certificates,sertifikatai,ciphers,šifrai,TLS,secure,saugus,security,saugumas,apsauga +Keywords[lv]=Kripto,Kriptogrāfija,kodēšana,SSL,https,sertifkāti,kiperi,TLS,droši,drošība +Keywords[mk]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Крипто,Криптографија,енкрипција,сертификати,шифри,сигурно,сигурност +Keywords[mn]=Шифрлэх,Crypto,Krypto,Түлхүүрлэлт,Нууцлалт,SSL,https,Үнэмлэх,TLS,Хамгаалалт +Keywords[mt]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,kriptografija +Keywords[nb]=Krypto,Kryptering,SSL,https,sertifikater,TTL,sikkerhet,sikker +Keywords[nds]=Crypto,Krypto,Kryptografie,verslöteln,SSL,https,Zertifikaten,ciphers,TLS,seker,Sekerheit +Keywords[ne]=क्रिप्टो, क्राइप्टो, गुप्तलेखन, समक्रमण, SSL, https, प्रमाणपत्र, गुप्त, TLS, सुरक्षण, सुरक्षा +Keywords[nl]=crypto,krypto,cryptografie,encryptie,ssl,https,certificaten,ciphers,tls,beveiliging,veilig,codering,gecodeerd,versleuteling +Keywords[nn]=Crypto,Krypto,kryptering,SSL,https,sertifikat,TLS,sikker,tryggleik +Keywords[nso]=Tshiro,Krypto,Tshiro,sesiro,SSL,https,dikgonthisiso,ciphers,TSL, sireletsa,tshireletso +Keywords[pa]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security, ਸੁਰੱਖਿਆ, ਇਕਰਿਪਸ਼ਨ +Keywords[pl]=Krypto,Kryptografia,szyfrowanie,SSL,https,certyfikaty,szyfry,TLS,bezpieczny,bezpieczeństwo +Keywords[pt]=Cifra,Criptografia,cifra,SSL,https,certificados,cifras,TLS,seguro,segurança,encriptação +Keywords[pt_BR]=Cripto,Krypto,Criptografia,criptografia,SSL,https,certificados,cifras, TLS,seguro,segurança +Keywords[ro]=crypto,criptografie,criptare,SSL,https,certificate,cifrare,TLS,sigur,securitate +Keywords[ru]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,сертификат,сертификаты,шифрование,подпись +Keywords[rw]=Crypto,Krypto,Umukonobanga,isobeka,SSL,https,impamyabushobozi,imibarebanga,TLS,byizewe,umutekano +Keywords[se]=Krypto,krypteren,SSL,https,duođaštusat,cipherat,sihkkarvuohtta,TLS +Keywords[sk]=Crypto,Krypto,Kryptografia,kryptovanie,SSL,https,certifikáty,šifra,TLS,zabezpečenie,bezpečnosť +Keywords[sl]=Kripto,Kriptografija,šifriranje,SSL,https,certifikati,šifrirni algoritmi,TLS,varnost,varno +Keywords[sr]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Крипто,Криптографија,енкрипција,сертификати,шифре,безбедност +Keywords[sr@Latn]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,Kripto,Kriptografija,enkripcija,sertifikati,šifre,bezbednost +Keywords[sv]=Crypto,Krypto,Kryptografi,kryptering,SSL,https,certifikat,krypton,TLS,säkra,säkerhet +Keywords[ta]=ரகசிய,ரகசிய,ரகசியமான,சங்கேதம்,SSL,https,சான்றிதழ்கள்,ciphers,TLS,பாதுகாப்பான,பாதுகாப்பு +Keywords[tg]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,рамз,рамзгузорӣ,амният +Keywords[th]=เข้ารหัส,Krypto,Cryptography,การเข้ารหัส,SSL,https,ใบรับรอง,ciphers,TLS,ปลอดภัย,ความปลอดภัย +Keywords[tr]=Şifre,şifreleme,şifrebilim,SSL,https,sertifika,TLS,güvenlik,güvenli +Keywords[uk]=криптографія,криптографія,Cryptography,шифрування,SSL,https,TLS,сертифікати,шифри,Crypto,Krypto,безпека,безпечність +Keywords[uz]=SSL,https,TLS,Kripto,Kriptografiya,kodlash,sertifikatlar,shifr,xavfsiz,xavfsizlik +Keywords[uz@cyrillic]=SSL,https,TLS,Крипто,Криптография,кодлаш,сертификатлар,шифр,хавфсиз,хавфсизлик +Keywords[ven]=Crypto,Krypto,Cryptography,encryption,SSL,https,sethifikheithi,ciphers,TLS,tsireledza,vhutsireledzi +Keywords[vi]=Mật mã,Mã khoá,Mật mã học,mã hóa,SSL,https,giấy chứng nhận,phá mã,TLS,bảo mật,sự bảo mật +Keywords[wa]=Crypto,Krypto,criptografeye,SSL,https,certificates,acertinaedjes,ciphers,TLS,secure,security,såve,såvrité +Keywords[xh]=Imfihlo,Imfihlo,Okufihlakeleyo,ufihlo,SSL,https,iziqinisekiso,imibhalo efihlakeleyo,TLS,khusela,ukhuseleko +Keywords[zh_CN]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,加密,加密学,证书,密码,安全 +Keywords[zh_TW]=Crypto,Krypto,Cryptography,encryption,SSL,https,certificates,ciphers,TLS,secure,security,加密,加密學,証書,密碼,安全 +Keywords[zu]=Crypto,Krypto,Ukuqaqa umbhalo ongaqondakali,SSL,https, izitifiketi,imibhalo yekhodi,TLS,vikela,ukuvikela + +Categories=Qt;KDE;X-KDE-settings-security; diff --git a/kcontrol/crypto/crypto.h b/kcontrol/crypto/crypto.h new file mode 100644 index 000000000..4d335570a --- /dev/null +++ b/kcontrol/crypto/crypto.h @@ -0,0 +1,362 @@ +/** + * crypto.h + * + * Copyright (c) 2000-2001 George Staikos + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +#ifndef _CRYPTO_H +#define _CRYPTO_H + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +class QGridLayout; +class QVButtonGroup; + +class KComboBox; +class KCryptoConfig; +class KPushButton; +class KSSLCertBox; +class KSSLSigners; +class KURLLabel; +class KURLRequester; + +class CipherItem : public QCheckListItem +{ +public: + CipherItem( QListView *view, const QString& cipher, int bits, int maxBits, + KCryptoConfig *module ); + ~CipherItem() {} + + void setCipher( const QString& cipher ) { m_cipher = cipher; } + const QString& cipher() const { return m_cipher; } + void setBits( int bits ) { m_bits = bits; } + int bits() const { return m_bits; } + + QString configName() const; + +protected: + virtual void stateChange( bool ); + +private: + int m_bits; + QString m_cipher; + KCryptoConfig *m_module; // just to call configChanged() +}; + + + +class OtherCertItem : public QListViewItem +{ +public: + OtherCertItem(QListView *view, const QString& sub, const QString& md5, bool perm, int policy, QDateTime exp, KCryptoConfig *module ); + ~OtherCertItem() {} + + QString configName() const; + const QString& getSub() { return _sub; } + int getPolicy() { return _policy; } + const QString& getMD5() { return _md5; } + bool isPermanent() { return _perm; } + QDateTime getExpires() { return _exp; } + void setPolicy(int x) { _policy = x; } + void setPermanent(bool x) { _perm = x; } + void setExpires(QDateTime x) { _exp = x; } + +protected: + virtual void stateChange( bool ); + +private: + QString _sub, _md5; + KCryptoConfig *m_module; // just to call configChanged() + QDateTime _exp; + bool _perm; + int _policy; +}; + + + + +class YourCertItem : public QListViewItem +{ +public: + YourCertItem(QListView *view, QString pkcs, QString pass, QString name, KCryptoConfig *module ); + ~YourCertItem() {} + + QString configName() const; + QString& getPKCS() { return _pkcs; } + void setPKCS(QString pkcs) { _pkcs = pkcs; } + QString& getPass() { return _pass; } + void setPass(QString pass) { _pass = pass; } + QString& getName() { return _name; } + void setName(QString name) { _name = name; } + QString& getPassCache() { return _cpass; } + void setPassCache(QString pass) { _cpass = pass; } + +protected: + virtual void stateChange( bool ); + +private: + QString _pkcs; + QString _pass; + QString _cpass; + QString _name; + KCryptoConfig *m_module; // just to call configChanged() +}; + + + + +class CAItem : public QListViewItem +{ +public: + CAItem(QListView *view, QString name, QString cert, bool site, bool email, bool code, KCryptoConfig *module ); + ~CAItem() {} + + QString configName() const; + QString& getName() { return _name; } + void setName(QString name) { _name = name; } + + inline QString getCert() const { return _cert; } + inline bool getSite() const { return _site; } + inline bool getEmail() const { return _email; } + inline bool getCode() const { return _code; } + inline void setSite(bool x) { _site = x; } + inline void setEmail(bool x) { _email = x; } + inline void setCode(bool x) { _code = x; } + + bool isNew, modified; + +protected: + virtual void stateChange( bool ); + +private: + QString _name; + QString _cert; + bool _site, _email, _code; + KCryptoConfig *m_module; // just to call configChanged() +}; + + + + + +class HostAuthItem : public QListViewItem +{ +public: + HostAuthItem(QListView *view, QString host, QString name, KCryptoConfig *module ) : QListViewItem(view, QString::null ) { + _name = name; _host = host; + m_module = module; + setText(0, _host); + setText(1, _name); + _oname = QString::null; + } + ~HostAuthItem() {} + + void setAction(KSSLCertificateHome::KSSLAuthAction aa) { + _aa = aa; + switch (aa) { + case KSSLCertificateHome::AuthSend: + setText(2, i18n("Send")); + break; + case KSSLCertificateHome::AuthDont: + setText(2, i18n("Don't Send")); + break; + case KSSLCertificateHome::AuthPrompt: + setText(2, i18n("Prompt")); + break; + default: + break; + } + } + KSSLCertificateHome::KSSLAuthAction getAction() const { return _aa; } + QString configName() const { return _host; } + QString getCertName() const { return _name; } + void setCertName(QString name) { _name = name; setText(1, name); } + void setHost(QString name) { _host = name; setText(0, name); } + void setOriginalName(QString oname) { _oname = oname; } + QString originalName() const { return _oname; } + +protected: + +private: + QString _host; + QString _name, _oname; + KSSLCertificateHome::KSSLAuthAction _aa; + KCryptoConfig *m_module; // just to call configChanged() +}; + + + + + +class KCryptoConfig : public KCModule +{ + Q_OBJECT +public: + KCryptoConfig(QWidget *parent = 0L, const char *name = 0L, const QStringList &list = QStringList()); + virtual ~KCryptoConfig(); + + void load(); + void load( bool useDefaults ); + void save(); + void defaults(); + +#ifdef HAVE_SSL + bool loadCiphers(); +#endif + +public slots: + void configChanged(); + + void slotGeneratePersonal(); + void slotUseEGD(); + void slotUseEFile(); + void slotSelectCipher(int id); + + void slotTestOSSL(); + + void slotExportCert(); + void slotRemoveCert(); + void slotVerifyCert(); + void slotOtherCertSelect(); + void slotPolicyChanged(int id); + void slotPermanent(); + void slotUntil(); + void slotDatePick(); + + void slotYourImport(); + void slotYourExport(); + void slotYourVerify(); + void slotYourRemove(); + void slotYourUnlock(); + void slotYourPass(); + void slotYourCertSelect(); + + void slotNewHostAuth(); + void slotRemoveHostAuth(); + void slotAuthItemChanged(); + void slotAuthText(const QString &t); + void slotAuthButtons(); + void slotAuthCombo(); + + void slotCAImport(); + void slotCARemove(); + void slotCARestore(); + void slotCAItemChanged(); + void slotCAChecked(); + +protected: + void cwCompatible(); + void cwUS(); + void cwExp(); + void cwAll(); + +private: + + void offerImportToKMail( const QString& certFile ); + void setAuthCertLists(); + void genCAList(); + + QTabWidget *tabs; + QWidget *tabSSL, *tabOSSL; + + QWidget *tabYourSSLCert, *tabOtherSSLCert, *tabSSLCA, *tabSSLCOpts, *tabAuth; + + QListView *SSLv2Box, *SSLv3Box; + QCheckBox *mUseTLS, *mUseSSLv2, *mUseSSLv3; + QCheckBox *mWarnOnEnter, *mWarnOnLeave; + + /* EGD stuff */ + QLabel *mEGDLabel; + KURLRequester *mEGDPath; + QCheckBox *mUseEGD; + QCheckBox *mUseEFile; + + /* CipherWizards */ + QPushButton *mCWall, *mCWus, *mCWexp, *mCWcompatible; + + QCheckBox *mWarnOnUnencrypted, *mWarnOnMixed; + QListView *yourSSLBox, *otherSSLBox, *caList; + QCheckBox *mWarnSelfSigned, *mWarnExpired, *mWarnRevoked; + QPushButton *macAdd, *macRemove; + KPushButton *macClear; + QListBox *macBox; + QPushButton *otherSSLExport, *otherSSLView, *otherSSLRemove, *otherSSLVerify; + QPushButton *yourSSLImport, *yourSSLPass, *yourSSLRemove, *yourSSLExport, + *yourSSLUnlock, *yourSSLVerify; + QRadioButton *yourSSLUseDefault, *yourSSLList, *yourSSLDont; + QLineEdit *macCert; + KSSLCertBox *oSubject, *oIssuer; + KSSLCertBox *ySubject, *yIssuer; + QGridLayout *oGrid; + + QVButtonGroup *policyGroup; + QVButtonGroup *cacheGroup; + QRadioButton *policyAccept, *policyReject, *policyPrompt; + QRadioButton *cacheUntil, *cachePerm; + QLabel *fromLabel, *untilLabel; + QLabel *validFrom, *validUntil; + QLabel *yValidFrom, *yValidUntil; + KURLLabel *untilDate; + + QVGroupBox *oInfo; + KURLRequester *oPath; + QPushButton *oTest; + QPtrList otherCertDelList; + QPtrList yourCertDelList; + QPtrList caDelList; + + /* Personal Cert Policies tab */ + KComboBox *defCertBox; + KComboBox *hostCertBox; + QVButtonGroup *defCertBG; + QHButtonGroup *hostCertBG; + QRadioButton *defSend, *defPrompt, *defDont; + QRadioButton *hostSend, *hostPrompt, *hostDont; + QListView *hostAuthList; + QPushButton *authAdd, *authRemove; + QLineEdit *authHost; + QPtrList authDelList; + QLabel *yHash, *pHash; + + /* CA stuff */ + KSSLCertBox *caSubject, *caIssuer; + QPushButton *caSSLImport, *caSSLRemove, *caSSLRestore; + QCheckBox *caSite, *caEmail, *caCode; + KSSLSigners *_signers; + QLabel *cHash; + + KConfig *config; + KSimpleConfig *policies, *pcerts, *authcfg; + KConfig *cacfg; + + bool ___lehack; // to hack around a lineedit problem +}; + +#endif diff --git a/kcontrol/crypto/kdatetimedlg.cpp b/kcontrol/crypto/kdatetimedlg.cpp new file mode 100644 index 000000000..26001afdd --- /dev/null +++ b/kcontrol/crypto/kdatetimedlg.cpp @@ -0,0 +1,118 @@ +/** + * kdatetimedlg.cpp + * + * Copyright (c) 2001 George Staikos + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "kdatetimedlg.h" +#include +#include +#include +#include +#include +#include +#include +#include + +KDateTimeDlg::KDateTimeDlg(QWidget *parent, const char *name) + : KDialog(parent, name, true) { +QGridLayout *grid = new QGridLayout(this, 9, 6, marginHint(), spacingHint()); + + setCaption(i18n("Date & Time Selector")); + + _date = new KDatePicker(this); + grid->addMultiCellWidget(_date, 0, 5, 0, 5); + + grid->addWidget(new QLabel(i18n("Hour:"), this), 7, 0); + _hours = new KIntNumInput(this); + _hours->setRange(0, 23, 1, false); + grid->addWidget(_hours, 7, 1); + + grid->addWidget(new QLabel(i18n("Minute:"), this), 7, 2); + _mins = new KIntNumInput(this); + _mins->setRange(0, 59, 1, false); + grid->addWidget(_mins, 7, 3); + + grid->addWidget(new QLabel(i18n("Second:"), this), 7, 4); + _secs = new KIntNumInput(this); + _secs->setRange(0, 59, 1, false); + grid->addWidget(_secs, 7, 5); + + _ok = new KPushButton(KStdGuiItem::ok(), this); + grid->addWidget(_ok, 8, 4); + connect(_ok, SIGNAL(clicked()), SLOT(accept())); + + _cancel = new KPushButton(KStdGuiItem::cancel(), this); + grid->addWidget(_cancel, 8, 5); + connect(_cancel, SIGNAL(clicked()), SLOT(reject())); + +} + + +KDateTimeDlg::~KDateTimeDlg() { + +} + + +QDate KDateTimeDlg::getDate() { + return _date->date(); +} + + +QTime KDateTimeDlg::getTime() { +QTime rc(_hours->value(), _mins->value(), _secs->value()); +return rc; +} + + +QDateTime KDateTimeDlg::getDateTime() { +QDateTime qdt; +QTime qtime(_hours->value(), _mins->value(), _secs->value()); + + qdt.setDate(_date->date()); + qdt.setTime(qtime); + +return qdt; +} + + +void KDateTimeDlg::setDate(const QDate& qdate) { + _date->setDate(qdate); +} + + +void KDateTimeDlg::setTime(const QTime& qtime) { + _hours->setValue(qtime.hour()); + _mins->setValue(qtime.minute()); + _secs->setValue(qtime.second()); +} + + +void KDateTimeDlg::setDateTime(const QDateTime& qdatetime) { + _date->setDate(qdatetime.date()); + _hours->setValue(qdatetime.time().hour()); + _mins->setValue(qdatetime.time().minute()); + _secs->setValue(qdatetime.time().second()); +} + + +#include "kdatetimedlg.moc" + diff --git a/kcontrol/crypto/kdatetimedlg.h b/kcontrol/crypto/kdatetimedlg.h new file mode 100644 index 000000000..3f25cad2b --- /dev/null +++ b/kcontrol/crypto/kdatetimedlg.h @@ -0,0 +1,60 @@ +/** + * kdatetimedlg.h + * + * Copyright (c) 2001 George Staikos + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published + * by the Free Software Foundation; either version 2.1 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +#ifndef _KDATETIMEDLG_H +#define _KDATETIMEDLG_H + +#include + +class KDatePicker; +class KIntNumInput; +class KPushButton; +class QDate; +class QTime; +class QDateTime; + +class KDateTimeDlgPrivate; + +class KDateTimeDlg : public KDialog +{ + Q_OBJECT +public: + KDateTimeDlg(QWidget *parent = 0L, const char *name = 0L); + virtual ~KDateTimeDlg(); + + virtual QTime getTime(); + virtual QDate getDate(); + virtual QDateTime getDateTime(); + + virtual void setDate(const QDate& qdate); + virtual void setTime(const QTime& qtime); + virtual void setDateTime(const QDateTime& qdatetime); + +protected slots: + +private: + KPushButton *_ok, *_cancel; + KDatePicker *_date; + KIntNumInput *_hours, *_mins, *_secs; + + KDateTimeDlgPrivate *d; +}; + +#endif -- cgit v1.2.1