Removed the obsolete 'user_verified' field from TrustAnchor.

Added a UUID value to IdCard for internal debugging.
Various other minor updates.

diff --git a/src/moonshot-id.vala b/src/moonshot-id.vala
index 77d146a..3a0f960 100644 (file)
--- a/src/moonshot-id.vala
+++ b/src/moonshot-id.vala
@@ -43,6 +43,7 @@ public class TrustAnchor : Object
     private static const string CERT_FOOTER = "-----END CERTIFICATE-----";
 
     public enum TrustAnchorType {
+        EMPTY,
         CA_CERT,
         SERVER_CERT
     }
@@ -52,18 +53,16 @@ public class TrustAnchor : Object
     private string _subject_alt = "";
     private string _server_cert = "";
     private string _datetime_added = "";
-    public bool user_verified = false;
 
     private static string fixup (string s) {
         return (s == null ? "" : s.strip());
     }
 
-    public TrustAnchor(string ca_cert, string server_cert, string subject, string subject_alt, bool user_verified) {
+    public TrustAnchor(string ca_cert, string server_cert, string subject, string subject_alt) {
         _ca_cert = fixup(ca_cert);
         _server_cert = fixup(server_cert);
         _subject = fixup(subject);
         _subject_alt = fixup(subject_alt);
-        this.user_verified = user_verified;
 
         // If we're reading from store, this will be overridden (see set_datetime_added)
         _datetime_added = "";
@@ -105,11 +104,12 @@ public class TrustAnchor : Object
     }
 
     public bool is_empty() {
-        return ca_cert == "" && subject == "" && subject_alt == "" && server_cert == "";
+        return ca_cert == "" && server_cert == "";
     }
 
     public TrustAnchorType get_anchor_type() {
-        return server_cert == "" ? TrustAnchorType.CA_CERT : TrustAnchorType.SERVER_CERT;
+        return (server_cert != "" ? TrustAnchorType.SERVER_CERT 
+                : (ca_cert != "" ? TrustAnchorType.CA_CERT : TrustAnchorType.EMPTY));
     }
 
     internal void set_datetime_added(string datetime) {
@@ -124,6 +124,8 @@ public class TrustAnchor : Object
 
     internal void update_server_fingerprint(string fingerprint) {
         this._server_cert = fingerprint;
+        string ta_datetime_added = TrustAnchor.format_datetime_now();
+        this.set_datetime_added(ta_datetime_added);
     }
 
     public int Compare(TrustAnchor other)
@@ -145,7 +147,7 @@ public class TrustAnchor : Object
             return 1;
         }
 
-        // Do not compare the user_verified and datetime_added fields; they are not essential.
+        // Do not compare the datetime_added fields; it's not essential.
 
         return 0;
     }
@@ -336,6 +338,18 @@ public class IdCard : Object
 
     public bool store_password { get; set; default = false; }
 
+    // uuid is currently used only for debugging. Must be unique, even between cards with same nai and display name.
+    public string uuid {
+        public get {return _uuid;}
+    }
+    private string _uuid = generate_uuid();
+
+    internal static string generate_uuid() {
+        uint32 rand1 = Random.next_int();
+        uint32 rand2 = Random.next_int();
+        return "%08X.%08X::%s".printf(rand1, rand2, TrustAnchor.format_datetime_now());
+    }
+
     public bool is_no_identity() 
     {
         return (display_name == NO_IDENTITY);

diff --git a/src/moonshot-identities-manager.vala b/src/moonshot-identities-manager.vala
index 43c549d..2ff9086 100644 (file)
--- a/src/moonshot-identities-manager.vala
+++ b/src/moonshot-identities-manager.vala
@@ -157,9 +157,8 @@ public class IdentityManagerModel : Object {
             remove_card_internal(id_card);
 
             if (new_card.trust_anchor.Compare(id_card.trust_anchor) == 0) {
-                logger.trace("Old and new cards have same trust anchor. Re-using the datetime_added and user_verified fields from the old card.");
+                logger.trace("Old and new cards have same trust anchor. Re-using the datetime_added field from the old card.");
                 new_card.trust_anchor.set_datetime_added(id_card.trust_anchor.datetime_added);
-                new_card.trust_anchor.user_verified = id_card.trust_anchor.user_verified;
             }
         }
 

diff --git a/src/moonshot-identity-dialog.vala b/src/moonshot-identity-dialog.vala
index 0c467a3..2213f9b 100644 (file)
--- a/src/moonshot-identity-dialog.vala
+++ b/src/moonshot-identity-dialog.vala
@@ -236,10 +236,10 @@ class IdentityDialog : Dialog
 
         if (id.trust_anchor.get_anchor_type() == TrustAnchor.TrustAnchorType.SERVER_CERT) {
             Widget fingerprint = make_ta_fingerprint_widget(id.trust_anchor.server_cert);
-            ta_table.attach(fingerprint, 0, 1, row, row + 2, fill_and_expand, fill_and_expand, 5, 5);
+            // ta_table.attach(fingerprint, 0, 1, row, row + 2, fill_and_expand, fill_and_expand, 5, 5);
 
             // To make the fingerprint box wider, try:
-            // ta_table.attach(fingerprint, 0, 2, row, row + 2, fill_and_expand, fill_and_expand, 20, 5);
+            ta_table.attach(fingerprint, 0, 2, row, row + 2, fill_and_expand, fill_and_expand, 20, 5);
 
         }
         else {

diff --git a/src/moonshot-keyring-store.vala b/src/moonshot-keyring-store.vala
index fca2371..779c369 100644 (file)
--- a/src/moonshot-keyring-store.vala
+++ b/src/moonshot-keyring-store.vala
@@ -111,7 +111,6 @@ public class KeyringStore : Object, IIdentityCardStore {
             string server_cert = "";
             string subject = "";
             string subject_alt = "";
-            bool   user_verified = false;
             string ta_datetime_added = "";
             for (i = 0; i < entry.attributes.len; i++) {
                 var attribute = ((GnomeKeyring.Attribute *) entry.attributes.data)[i];
@@ -142,14 +141,12 @@ public class KeyringStore : Object, IIdentityCardStore {
                     subject_alt = value;
                 } else if (attribute.name == "StorePassword") {
                     store_password = value;
-                } else if (attribute.name == "TA_User_Verified") {
-                    user_verified = (value == "true");
                 } else if (attribute.name == "TA_DateTime_Added") {
                     ta_datetime_added = value;
                 }
             }
 
-            var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt, user_verified);
+            var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt);
             if (ta_datetime_added != "") {
                 ta.set_datetime_added(ta_datetime_added);
             }
@@ -179,6 +176,7 @@ public class KeyringStore : Object, IIdentityCardStore {
                 id_card.password = entry.secret;
             else
                 id_card.password = null;
+
             id_card_list.add(id_card);
         }
     }
@@ -212,7 +210,6 @@ public class KeyringStore : Object, IIdentityCardStore {
             attributes.append_string("Server-Cert", id_card.trust_anchor.server_cert);
             attributes.append_string("Subject", id_card.trust_anchor.subject);
             attributes.append_string("Subject-Alt", id_card.trust_anchor.subject_alt);
-            attributes.append_string("TA_User_Verified", id_card.trust_anchor.user_verified ? "true" : "false");
             attributes.append_string("TA_DateTime_Added", id_card.trust_anchor.datetime_added);
             attributes.append_string("StorePassword", id_card.store_password ? "yes" : "no");
 

diff --git a/src/moonshot-local-flat-file-store.vala b/src/moonshot-local-flat-file-store.vala
index d1d7127..82ab177 100644 (file)
--- a/src/moonshot-local-flat-file-store.vala
+++ b/src/moonshot-local-flat-file-store.vala
@@ -121,8 +121,7 @@ public class LocalFlatFileStore : Object, IIdentityCardStore {
                 string server_cert = key_file.get_string(identity, "ServerCert");
                 string subject = key_file.get_string(identity, "Subject");
                 string subject_alt = key_file.get_string(identity, "SubjectAlt");
-                bool  user_verified = get_bool_setting(identity, "TA_User_Verified", false, key_file);
-                var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt, user_verified);
+                var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt);
                 string ta_datetime_added = get_string_setting(identity, "TA_DateTime_Added", "", key_file);
                 if (ta_datetime_added != "") {
                     ta.set_datetime_added(ta_datetime_added);
@@ -194,7 +193,6 @@ public class LocalFlatFileStore : Object, IIdentityCardStore {
             if (id_card.trust_anchor.datetime_added != "") {
                 key_file.set_string(id_card.display_name, "TA_DateTime_Added", id_card.trust_anchor.datetime_added);
             }
-            key_file.set_boolean(id_card.display_name, "TA_User_Verified", id_card.trust_anchor.user_verified);
             logger.trace(@"store_id_cards: Stored '$(id_card.display_name)'");
         }
 

diff --git a/src/moonshot-provisioning-common.vala b/src/moonshot-provisioning-common.vala
index 29160dd..2311cab 100644 (file)
--- a/src/moonshot-provisioning-common.vala
+++ b/src/moonshot-provisioning-common.vala
@@ -153,8 +153,7 @@ namespace WebProvisioning
                     var ta = new TrustAnchor(ta_ca_cert,
                                              ta_server_cert,
                                              ta_subject,
-                                             ta_subject_alt,
-                                             false);
+                                             ta_subject_alt);
                     // Set the datetime_added in moonshot-server.vala, since it doesn't get sent via IPC
                     card.set_trust_anchor_from_store(ta);
                 }

diff --git a/src/moonshot-server-linux.vala b/src/moonshot-server-linux.vala
index 5312b41..4aecef2 100644 (file)
--- a/src/moonshot-server-linux.vala
+++ b/src/moonshot-server-linux.vala
@@ -199,7 +199,7 @@ public class MoonshotServer : Object {
             idcard.store_password = true;
         idcard.issuer = realm;
         idcard.update_services(services);
-        var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt, false);
+        var ta = new TrustAnchor(ca_cert, server_cert, subject, subject_alt);
 
         if (!ta.is_empty()) {
             // We have to set the datetime_added here, because it isn't delivered via IPC.

diff --git a/src/moonshot-trust-anchor-dialog.vala b/src/moonshot-trust-anchor-dialog.vala
index 6fcc540..7c1ea3e 100644 (file)
--- a/src/moonshot-trust-anchor-dialog.vala
+++ b/src/moonshot-trust-anchor-dialog.vala
@@ -74,8 +74,8 @@ public class TrustAnchorConfirmationRequest : GLib.Object {
             return false;
         }
         
-        if (card.trust_anchor.get_anchor_type() != TrustAnchor.TrustAnchorType.SERVER_CERT) {
-            logger.warn(@"execute: Trust anchor type for NAI $nai is not SERVER_CERT; returning true.");
+        if (!(card.trust_anchor.is_empty() || card.trust_anchor.get_anchor_type() == TrustAnchor.TrustAnchorType.SERVER_CERT)) {
+            logger.warn(@"execute: Trust anchor type for NAI $nai is not empty or SERVER_CERT; returning true.");
             return_confirmation(true);
             return false;
         }
@@ -92,6 +92,8 @@ public class TrustAnchorConfirmationRequest : GLib.Object {
         bool is_confirmed = (response == ResponseType.OK);
 
         if (is_confirmed) {
+            logger.trace(@"execute: Fingerprint confirmed; updating stored value.");
+
             card.trust_anchor.update_server_fingerprint(ca_hash);
             parent_app.model.update_card(card);
         }