From da367dd752b6c92a3d0dbc558c80ebc71ef7b1fe Mon Sep 17 00:00:00 2001 From: BrianBlade Date: Sun, 19 Apr 2015 18:08:13 +0200 Subject: Add option to remove manually approved certificates - "Remove certificates" option brings up a dialog that allows to delete certificates from MemorizingTrustManager's keystore - Reconnect active accounts when certificate-settings are changed - new preference category "Certificate options" --- .../siacs/conversations/ui/SettingsActivity.java | 91 ++++++++++++++++++++++ src/main/res/values-de/strings.xml | 11 +++ src/main/res/values/strings.xml | 11 +++ src/main/res/xml/preferences.xml | 16 ++-- 4 files changed, 124 insertions(+), 5 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java index f91bc953..eb5d9b2e 100644 --- a/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/SettingsActivity.java @@ -1,20 +1,29 @@ package eu.siacs.conversations.ui; +import java.security.KeyStoreException; import java.util.ArrayList; import java.util.Arrays; +import java.util.Collections; import java.util.Locale; +import de.duenndns.ssl.MemorizingTrustManager; + +import eu.siacs.conversations.R; import eu.siacs.conversations.entities.Account; import eu.siacs.conversations.xmpp.XmppConnection; +import android.app.AlertDialog; import android.app.Fragment; import android.app.FragmentManager; +import android.content.DialogInterface; import android.content.SharedPreferences; import android.content.SharedPreferences.OnSharedPreferenceChangeListener; import android.os.Build; import android.os.Bundle; import android.preference.ListPreference; +import android.preference.Preference; import android.preference.PreferenceManager; +import android.widget.Toast; public class SettingsActivity extends XmppActivity implements OnSharedPreferenceChangeListener { @@ -49,6 +58,68 @@ public class SettingsActivity extends XmppActivity implements resources.setEntryValues(entries.toArray(new CharSequence[entries.size()])); } } + + final Preference removeCertsPreference = mSettingsFragment.findPreference("remove_trusted_certificates"); + removeCertsPreference.setOnPreferenceClickListener(new Preference.OnPreferenceClickListener() { + @Override + public boolean onPreferenceClick(Preference preference) { + final MemorizingTrustManager mtm = xmppConnectionService.getMemorizingTrustManager(); + final ArrayList aliases = Collections.list(mtm.getCertificates()); + if (aliases.size() == 0) { + displayToast(getString(R.string.toast_no_trusted_certs)); + return true; + } + final ArrayList selectedItems = new ArrayList(); + final AlertDialog.Builder dialogBuilder = new AlertDialog.Builder(SettingsActivity.this); + dialogBuilder.setTitle(getResources().getString(R.string.dialog_manage_certs_title)); + dialogBuilder.setMultiChoiceItems(aliases.toArray(new CharSequence[aliases.size()]), null, + new DialogInterface.OnMultiChoiceClickListener() { + @Override + public void onClick(DialogInterface dialog, int indexSelected, + boolean isChecked) { + if (isChecked) { + selectedItems.add(indexSelected); + } else if (selectedItems.contains(indexSelected)) { + selectedItems.remove(Integer.valueOf(indexSelected)); + } + if (selectedItems.size() > 0) + ((AlertDialog) dialog).getButton(DialogInterface.BUTTON_POSITIVE).setEnabled(true); + else { + ((AlertDialog) dialog).getButton(DialogInterface.BUTTON_POSITIVE).setEnabled(false); + } + } + }); + + dialogBuilder.setPositiveButton( + getResources().getString(R.string.dialog_manage_certs_positivebutton), new DialogInterface.OnClickListener() { + @Override + public void onClick(DialogInterface dialog, int which) { + int count = selectedItems.size(); + if (count > 0) { + for (int i = 0; i < count; i++) { + try { + Integer item = Integer.valueOf(selectedItems.get(i).toString()); + String alias = aliases.get(item); + mtm.deleteCertificate(alias); + } catch (KeyStoreException e) { + e.printStackTrace(); + displayToast("Error: " + e.getLocalizedMessage()); + } + } + if (xmppConnectionServiceBound) { + reconnectAccounts(); + } + displayToast(getResources().getQuantityString(R.plurals.toast_delete_certificates, count, count)); + } + } + }); + dialogBuilder.setNegativeButton(getResources().getString(R.string.dialog_manage_certs_negativebutton), null); + AlertDialog removeCertsDialog = dialogBuilder.create(); + removeCertsDialog.show(); + removeCertsDialog.getButton(AlertDialog.BUTTON_POSITIVE).setEnabled(false); + return true; + } + }); } @Override @@ -89,6 +160,26 @@ public class SettingsActivity extends XmppActivity implements } } else if (name.equals("dont_trust_system_cas")) { xmppConnectionService.updateMemorizingTrustmanager(); + reconnectAccounts(); + } + + } + + private void displayToast(final String msg) { + runOnUiThread(new Runnable() { + @Override + public void run() { + Toast.makeText(SettingsActivity.this, msg, Toast.LENGTH_LONG).show(); + } + }); + } + + private void reconnectAccounts() { + for (Account account : xmppConnectionService.getAccounts()) { + if (!account.isOptionSet(Account.OPTION_DISABLED)) { + xmppConnectionService.reconnectAccountInBackground(account); + } } } + } diff --git a/src/main/res/values-de/strings.xml b/src/main/res/values-de/strings.xml index addc55de..d5f550a3 100644 --- a/src/main/res/values-de/strings.xml +++ b/src/main/res/values-de/strings.xml @@ -429,8 +429,19 @@ Standort empfangen Unterhaltung beendet Konferenz verlassen + Zertifikats-Optionen Misstraue Zertifizierungsstellen Alle Zertifikate müssen manuell bestätigt werden + Zertifikate löschen + Als vertrauenswürdig bestätigte Zertifikate löschen + Keine manuell bestätigten Zertifikate + Zertifikate löschen + Auswahl löschen + Abbrechen + + %d Zertifikat gelöscht + %d Zertifikate gelöscht + %d Kontakt ausgewählt %d Kontakte ausgewählt diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml index 4a36163c..cc7727d2 100644 --- a/src/main/res/values/strings.xml +++ b/src/main/res/values/strings.xml @@ -457,8 +457,19 @@ Received location Conversation closed Left conference + Certificate options Don’t trust system CAs All certificates must be manually approved + Remove certificates + Delete manually approved certificates + No manually approved certificates + Remove certificates + Delete selection + Cancel + + %d certificate deleted + %d certificates deleted + Select %d contact Select %d contacts diff --git a/src/main/res/xml/preferences.xml b/src/main/res/xml/preferences.xml index 9cf0100f..417e60a4 100644 --- a/src/main/res/xml/preferences.xml +++ b/src/main/res/xml/preferences.xml @@ -142,6 +142,17 @@ android:title="@string/pref_display_enter_key" android:summary="@string/pref_display_enter_key_summary" /> + + + + - -- cgit v1.2.3