settings: add security settings
Refs #71934
Change-Id: Ic2e20124d2a1447810b785a01c5245fc5e0fe34b
diff --git a/CMakeLists.txt b/CMakeLists.txt
index dbdaf85..3954b76 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -184,6 +184,8 @@
src/accountvideotab.cpp
src/accountadvancedtab.h
src/accountadvancedtab.cpp
+ src/accountsecuritytab.h
+ src/accountsecuritytab.cpp
src/models/activeitemproxymodel.h
src/models/activeitemproxymodel.cpp
src/defines.h
diff --git a/src/accountsecuritytab.cpp b/src/accountsecuritytab.cpp
new file mode 100644
index 0000000..7cd7d0e
--- /dev/null
+++ b/src/accountsecuritytab.cpp
@@ -0,0 +1,599 @@
+ /*
+ * Copyright (C) 2015 Savoir-Faire Linux Inc.
+ * Author: Stepan Salenikovich <stepan.salenikovich@savoirfairelinux.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Additional permission under GNU GPL version 3 section 7:
+ *
+ * If you modify this program, or any covered work, by linking or
+ * combining it with the OpenSSL project's OpenSSL library (or a
+ * modified version of that library), containing parts covered by the
+ * terms of the OpenSSL or SSLeay licenses, Savoir-Faire Linux Inc.
+ * grants you additional permission to convey the resulting work.
+ * Corresponding Source for a non-source form of such a combination
+ * shall include the source code for the parts of OpenSSL used as well
+ * as that of the covered work.
+ */
+
+#include "accountsecuritytab.h"
+
+#include <gtk/gtk.h>
+#include <account.h>
+#include "models/activeitemproxymodel.h"
+#include "models/gtkqsortfiltertreemodel.h"
+#include "models/gtkqtreemodel.h"
+#include "utils/models.h"
+#include <certificate.h>
+#include <ciphermodel.h>
+#include <QtCore/QItemSelectionModel>
+
+struct _AccountSecurityTab
+{
+ GtkBox parent;
+};
+
+struct _AccountSecurityTabClass
+{
+ GtkBoxClass parent_class;
+};
+
+typedef struct _AccountSecurityTabPrivate AccountSecurityTabPrivate;
+
+struct _AccountSecurityTabPrivate
+{
+ Account *account;
+ GtkWidget *checkbutton_use_srtp;
+ GtkWidget *box_key_exchange;
+ GtkWidget *combobox_key_exchange;
+ GtkWidget *checkbutton_srtp_fallback;
+ GtkWidget *checkbutton_use_tls;
+ GtkWidget *grid_tls_settings_0;
+ GtkWidget *filechooserbutton_ca_list;
+ /* TODO: add when implemented
+ GtkWidget *button_view_ca;
+ GtkWidget *button_view_certificate;
+ */
+ GtkWidget *filechooserbutton_certificate;
+ GtkWidget *filechooserbutton_private_key;
+ GtkWidget *entry_password;
+ GtkWidget *grid_tls_settings_1;
+ GtkWidget *combobox_tls_protocol_method;
+ GtkWidget *entry_tls_server_name;
+ GtkWidget *adjustment_tls_timeout;
+ GtkWidget *buttonbox_cipher_list;
+ GtkWidget *radiobutton_use_default_ciphers;
+ GtkWidget *radiobutton_custom_ciphers;
+ GtkWidget *revealer_cipher_list;
+ GtkWidget *treeview_cipher_list;
+ GtkWidget *checkbutton_verify_certs_server;
+ GtkWidget *checkbutton_verify_certs_client;
+ GtkWidget *checkbutton_require_incoming_tls_certs;
+
+ QMetaObject::Connection account_updated;
+ QMetaObject::Connection key_exchange_selection;
+ QMetaObject::Connection tls_method_selection;
+
+ ActiveItemProxyModel *qmodel_key_exchange;
+};
+
+G_DEFINE_TYPE_WITH_PRIVATE(AccountSecurityTab, account_security_tab, GTK_TYPE_BOX);
+
+#define ACCOUNT_SECURITY_TAB_GET_PRIVATE(obj) \
+ (G_TYPE_INSTANCE_GET_PRIVATE ((obj), ACCOUNT_SECURITY_TAB_TYPE, \
+ AccountSecurityTabPrivate))
+
+static void
+account_security_tab_dispose(GObject *object)
+{
+ AccountSecurityTab *view = ACCOUNT_SECURITY_TAB(object);
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(view);
+
+ QObject::disconnect(priv->account_updated);
+ QObject::disconnect(priv->key_exchange_selection);
+ QObject::disconnect(priv->tls_method_selection);
+
+ G_OBJECT_CLASS(account_security_tab_parent_class)->dispose(object);
+}
+
+static void
+account_security_tab_finalize(GObject *object)
+{
+ AccountSecurityTab *view = ACCOUNT_SECURITY_TAB(object);
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(view);
+
+ delete priv->qmodel_key_exchange;
+
+ G_OBJECT_CLASS(account_security_tab_parent_class)->finalize(object);
+}
+
+static void
+account_security_tab_init(AccountSecurityTab *view)
+{
+ gtk_widget_init_template(GTK_WIDGET(view));
+}
+
+static void
+account_security_tab_class_init(AccountSecurityTabClass *klass)
+{
+ G_OBJECT_CLASS(klass)->dispose = account_security_tab_dispose;
+ G_OBJECT_CLASS(klass)->finalize = account_security_tab_finalize;
+
+ gtk_widget_class_set_template_from_resource(GTK_WIDGET_CLASS (klass),
+ "/cx/ring/RingGnome/accountsecuritytab.ui");
+
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_use_srtp);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, box_key_exchange);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, combobox_key_exchange);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_srtp_fallback);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_use_tls);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, grid_tls_settings_0);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, filechooserbutton_ca_list);
+ /* TODO: add when implemented
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, button_view_ca);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, button_view_certificate);
+ */
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, filechooserbutton_certificate);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, filechooserbutton_private_key);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, entry_password);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, grid_tls_settings_1);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, combobox_tls_protocol_method);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, entry_tls_server_name);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, adjustment_tls_timeout);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, buttonbox_cipher_list);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, radiobutton_use_default_ciphers);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, radiobutton_custom_ciphers);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, revealer_cipher_list);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, treeview_cipher_list);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_verify_certs_server);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_verify_certs_client);
+ gtk_widget_class_bind_template_child_private(GTK_WIDGET_CLASS (klass), AccountSecurityTab, checkbutton_require_incoming_tls_certs);
+}
+
+static void
+use_srtp_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean use_srtp = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setSrtpEnabled(use_srtp);
+ priv->account->keyExchangeModel()->enableSRTP(use_srtp);
+
+ /* the other options are not relevant if SRTP is not active */
+ gtk_widget_set_sensitive(priv->box_key_exchange, priv->account->isSrtpEnabled());
+ gtk_widget_set_sensitive(priv->checkbutton_srtp_fallback, priv->account->isSrtpEnabled());
+}
+
+static void
+use_rtp_fallback_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean use_rtp_fallback = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setSrtpRtpFallback(use_rtp_fallback);
+}
+
+static void
+use_tls_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean use_tls = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setTlsEnabled(use_tls);
+
+ /* disable the other tls options if no tls */
+ gtk_widget_set_sensitive(priv->grid_tls_settings_0, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->grid_tls_settings_1, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->buttonbox_cipher_list, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->treeview_cipher_list, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->checkbutton_verify_certs_server, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->checkbutton_verify_certs_client, priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->checkbutton_require_incoming_tls_certs, priv->account->isTlsEnabled());
+}
+
+static void
+tls_server_name_changed(GtkEntry *entry, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ priv->account->setTlsServerName(gtk_entry_get_text(entry));
+}
+
+static void
+tls_timeout_changed(GtkAdjustment *adjustment, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ int timeout = (int)gtk_adjustment_get_value(GTK_ADJUSTMENT(adjustment));
+ priv->account->setTlsNegotiationTimeoutSec(timeout);
+}
+
+static void
+use_default_ciphers_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean use_default_ciphers = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->cipherModel()->setUseDefault(use_default_ciphers);
+
+ /* hide the cipher list if we're using the default ones */
+ gtk_revealer_set_reveal_child(GTK_REVEALER(priv->revealer_cipher_list), !use_default_ciphers);
+}
+
+static void
+cipher_enable_toggled(GtkCellRendererToggle *renderer, gchar *path, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ /* we want to set it to the opposite of the current value */
+ gboolean toggle = !gtk_cell_renderer_toggle_get_active(renderer);
+
+ /* get iter which was clicked */
+ GtkTreePath *tree_path = gtk_tree_path_new_from_string(path);
+ GtkTreeModel *model = gtk_tree_view_get_model(GTK_TREE_VIEW(priv->treeview_cipher_list));
+ GtkTreeIter iter;
+ gtk_tree_model_get_iter(model, &iter, tree_path);
+
+ /* get qmodelindex from iter and set the model data */
+ QModelIndex idx = gtk_q_tree_model_get_source_idx(GTK_Q_TREE_MODEL(model), &iter);
+ if (idx.isValid())
+ priv->account->cipherModel()->setData(idx, toggle ? Qt::Checked : Qt::Unchecked, Qt::CheckStateRole);
+}
+
+static void
+render_check_state(G_GNUC_UNUSED GtkCellLayout *cell_layout,
+ GtkCellRenderer *cell,
+ GtkTreeModel *model,
+ GtkTreeIter *iter,
+ G_GNUC_UNUSED gpointer data)
+{
+ QModelIndex idx;
+ if (GTK_IS_Q_TREE_MODEL(model))
+ idx = gtk_q_tree_model_get_source_idx(GTK_Q_TREE_MODEL(model), iter);
+ else if (GTK_IS_Q_SORT_FILTER_TREE_MODEL(model))
+ idx = gtk_q_sort_filter_tree_model_get_source_idx(GTK_Q_SORT_FILTER_TREE_MODEL(model), iter);
+
+ gboolean checked = FALSE;
+
+ if (idx.isValid()) {
+ checked = idx.data(Qt::CheckStateRole).value<int>() == Qt::Checked ? TRUE : FALSE;
+ }
+
+ g_object_set(G_OBJECT(cell), "active", checked, NULL);
+}
+
+static void
+verify_certs_server_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean verify_certs = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setTlsVerifyServer(verify_certs);
+}
+
+static void
+verify_certs_client_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean verify_certs = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setTlsVerifyClient(verify_certs);
+}
+
+static void
+require_incoming_certs_toggled(GtkToggleButton *toggle_button, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean require = gtk_toggle_button_get_active(toggle_button);
+
+ priv->account->setTlsRequireClientCertificate(require);
+}
+
+static void
+ca_cert_file_set(GtkFileChooser *file_chooser, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gchar *filename = gtk_file_chooser_get_filename(file_chooser);
+ priv->account->setTlsCaListCertificate(filename);
+ g_free(filename);
+}
+
+static void
+user_cert_file_set(GtkFileChooser *file_chooser, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gchar *filename = gtk_file_chooser_get_filename(file_chooser);
+ priv->account->setTlsCertificate(filename);
+ g_free(filename);
+}
+
+static void
+private_key_file_set(GtkFileChooser *file_chooser, AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gchar *filename = gtk_file_chooser_get_filename(file_chooser);
+ priv->account->setTlsPrivateKeyCertificate(filename);
+ g_free(filename);
+}
+
+static void
+build_tab_view(AccountSecurityTab *self)
+{
+ g_return_if_fail(IS_ACCOUNT_SECURITY_TAB(self));
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(self);
+
+ gboolean not_ring = priv->account->protocol() != Account::Protocol::RING;
+
+ /* SRTP */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_use_srtp),
+ priv->account->isSrtpEnabled());
+ /* disable options if SRTP is off or if its a RING account */
+ gtk_widget_set_sensitive(priv->checkbutton_use_srtp, not_ring);
+ gtk_widget_set_sensitive(priv->box_key_exchange,
+ priv->account->isSrtpEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->checkbutton_srtp_fallback,
+ priv->account->isSrtpEnabled() && not_ring);
+ g_signal_connect(priv->checkbutton_use_srtp, "toggled", G_CALLBACK(use_srtp_toggled), self);
+
+ /* encryption key exchange type */
+ priv->key_exchange_selection = gtk_combo_box_set_qmodel(
+ GTK_COMBO_BOX(priv->combobox_key_exchange),
+ (QAbstractItemModel *)priv->account->keyExchangeModel(),
+ priv->account->keyExchangeModel()->selectionModel());
+
+ /* SRTP fallback */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_srtp_fallback),
+ priv->account->isSrtpRtpFallback());
+ g_signal_connect(priv->checkbutton_srtp_fallback, "toggled", G_CALLBACK(use_rtp_fallback_toggled), self);
+
+ /* use TLS */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_use_tls),
+ priv->account->isTlsEnabled());
+
+ /* disable certain options if TLS is off, or if its a RING account*/
+ gtk_widget_set_sensitive(priv->checkbutton_use_tls, not_ring);
+ gtk_widget_set_sensitive(priv->grid_tls_settings_0,
+ priv->account->isTlsEnabled());
+ gtk_widget_set_sensitive(priv->grid_tls_settings_1,
+ priv->account->isTlsEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->buttonbox_cipher_list,
+ priv->account->isTlsEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->treeview_cipher_list,
+ priv->account->isTlsEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->checkbutton_verify_certs_server,
+ priv->account->isTlsEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->checkbutton_verify_certs_client,
+ priv->account->isTlsEnabled() && not_ring);
+ gtk_widget_set_sensitive(priv->checkbutton_require_incoming_tls_certs,
+ priv->account->isTlsEnabled() && not_ring);
+ g_signal_connect(priv->checkbutton_use_tls, "toggled", G_CALLBACK(use_tls_toggled), self);
+
+ /* CA certificate */
+ Certificate *ca_cert = priv->account->tlsCaListCertificate();
+ if (ca_cert) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_ca_list),
+ ca_cert->path().toDisplayString().toUtf8().constData());
+ }
+ g_signal_connect(priv->filechooserbutton_ca_list, "file-set", G_CALLBACK(ca_cert_file_set), self);
+
+ /* user certificate */
+ Certificate *user_cert = priv->account->tlsCertificate();
+ if (user_cert) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_certificate),
+ user_cert->path().toDisplayString().toUtf8().constData());
+ }
+ g_signal_connect(priv->filechooserbutton_ca_list, "file-set", G_CALLBACK(user_cert_file_set), self);
+
+ /* private key */
+ Certificate *private_key = priv->account->tlsPrivateKeyCertificate();
+ if (private_key) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_private_key),
+ private_key->path().toDisplayString().toUtf8().constData());
+ }
+ g_signal_connect(priv->filechooserbutton_ca_list, "file-set", G_CALLBACK(private_key_file_set), self);
+
+ /* password */
+ if (private_key && private_key->requirePrivateKeyPassword()) {
+ gtk_entry_set_text(GTK_ENTRY(priv->entry_password),
+ priv->account->tlsPassword().toUtf8().constData());
+ gtk_widget_set_sensitive(priv->entry_password, TRUE);
+ } else {
+ /* private key not chosen, or password not required, so disactivate the entry */
+ gtk_widget_set_sensitive(priv->entry_password, FALSE);
+ }
+
+ /* TLS protocol method */
+ priv->tls_method_selection = gtk_combo_box_set_qmodel(GTK_COMBO_BOX(priv->combobox_tls_protocol_method),
+ (QAbstractItemModel *)priv->account->tlsMethodModel(),
+ priv->account->tlsMethodModel()->selectionModel());
+
+ /* outgoing TLS server */
+ gtk_entry_set_text(GTK_ENTRY(priv->entry_tls_server_name),
+ priv->account->tlsServerName().toUtf8().constData());
+ g_signal_connect(priv->entry_tls_server_name, "changed", G_CALLBACK(tls_server_name_changed), self);
+
+
+ /* TLS nego timeout */
+ gtk_adjustment_set_value(GTK_ADJUSTMENT(priv->adjustment_tls_timeout),
+ priv->account->tlsNegotiationTimeoutSec());
+ g_signal_connect(priv->adjustment_tls_timeout, "value-changed", G_CALLBACK(tls_timeout_changed), self);
+
+ /* cipher default or custom */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->radiobutton_use_default_ciphers),
+ priv->account->cipherModel()->useDefault());
+ /* hide the cipher list if we're using the default ones */
+ gtk_revealer_set_reveal_child(GTK_REVEALER(priv->revealer_cipher_list),
+ !priv->account->cipherModel()->useDefault());
+ g_signal_connect(priv->radiobutton_use_default_ciphers,
+ "toggled", G_CALLBACK(use_default_ciphers_toggled), self);
+
+ /* cipher list */
+ GtkQTreeModel *cipher_model = gtk_q_tree_model_new(
+ (QAbstractItemModel *)priv->account->cipherModel(),
+ 2,
+ Qt::CheckStateRole, G_TYPE_BOOLEAN,
+ Qt::DisplayRole, G_TYPE_STRING);
+ gtk_tree_view_set_model(GTK_TREE_VIEW(priv->treeview_cipher_list),
+ GTK_TREE_MODEL(cipher_model));
+ gtk_tree_view_set_headers_visible(GTK_TREE_VIEW(priv->treeview_cipher_list),
+ FALSE);
+
+ GtkCellRenderer *renderer = gtk_cell_renderer_toggle_new();
+ GtkTreeViewColumn *column = gtk_tree_view_column_new_with_attributes(
+ "Enabled", renderer, NULL);
+ gtk_tree_view_append_column(GTK_TREE_VIEW(priv->treeview_cipher_list), column);
+
+ /* we have to use a custom data function here because Qt::Checked and Qt::Unchecked
+ * are not the same as true/false as there is an intermediate state */
+ gtk_tree_view_column_set_cell_data_func(column,
+ renderer,
+ (GtkTreeCellDataFunc)render_check_state,
+ NULL, NULL);
+
+ g_signal_connect(renderer, "toggled", G_CALLBACK(cipher_enable_toggled), self);
+
+ renderer = gtk_cell_renderer_text_new();
+ column = gtk_tree_view_column_new_with_attributes("Cipher", renderer, "text", 1, NULL);
+ gtk_tree_view_append_column(GTK_TREE_VIEW(priv->treeview_cipher_list), column);
+
+ /* server certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_verify_certs_server),
+ priv->account->isTlsVerifyServer());
+ g_signal_connect(priv->checkbutton_require_incoming_tls_certs,
+ "toggled", G_CALLBACK(verify_certs_server_toggled), self);
+
+ /* client certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_verify_certs_client),
+ priv->account->isTlsVerifyClient());
+ g_signal_connect(priv->checkbutton_verify_certs_client,
+ "toggled", G_CALLBACK(verify_certs_client_toggled), self);
+
+ /* incoming certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_require_incoming_tls_certs),
+ priv->account->isTlsRequireClientCertificate());
+ g_signal_connect(priv->checkbutton_require_incoming_tls_certs,
+ "toggled", G_CALLBACK(require_incoming_certs_toggled), self);
+
+ /* update account UI if model is updated */
+ priv->account_updated = QObject::connect(
+ priv->account,
+ &Account::changed,
+ [=] () {
+ /* SRTP */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_use_srtp),
+ priv->account->isSrtpEnabled());
+
+ /* SRTP fallback */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_srtp_fallback),
+ priv->account->isSrtpRtpFallback());
+ /* use TLS */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_use_tls),
+ priv->account->isTlsEnabled());
+
+ /* CA certificate */
+ Certificate *ca_cert = priv->account->tlsCaListCertificate();
+ if (ca_cert) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_ca_list),
+ ca_cert->path().toDisplayString().toUtf8().constData());
+ }
+
+ /* user certificate */
+ Certificate *user_cert = priv->account->tlsCertificate();
+ if (user_cert) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_certificate),
+ user_cert->path().toDisplayString().toUtf8().constData());
+ }
+
+ /* private key */
+ Certificate *private_key = priv->account->tlsPrivateKeyCertificate();
+ if (private_key) {
+ gtk_file_chooser_set_filename(GTK_FILE_CHOOSER(priv->filechooserbutton_private_key),
+ private_key->path().toDisplayString().toUtf8().constData());
+ }
+
+ /* password */
+ if (private_key && private_key->requirePrivateKeyPassword()) {
+ gtk_entry_set_text(GTK_ENTRY(priv->entry_password),
+ priv->account->tlsPassword().toUtf8().constData());
+ gtk_widget_set_sensitive(priv->entry_password, TRUE);
+ } else {
+ /* private key not chosen, or password not required, so disactivate the entry */
+ gtk_widget_set_sensitive(priv->entry_password, FALSE);
+ }
+
+ /* outgoing TLS server */
+ gtk_entry_set_text(GTK_ENTRY(priv->entry_tls_server_name),
+ priv->account->tlsServerName().toUtf8().constData());
+
+ /* TLS nego timeout */
+ gtk_adjustment_set_value(GTK_ADJUSTMENT(priv->adjustment_tls_timeout),
+ priv->account->tlsNegotiationTimeoutSec());
+
+ /* cipher default or custom */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->radiobutton_use_default_ciphers),
+ priv->account->cipherModel()->useDefault());
+
+ /* server certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_verify_certs_server),
+ priv->account->isTlsVerifyServer());
+
+ /* client certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_verify_certs_client),
+ priv->account->isTlsVerifyClient());
+
+ /* incoming certs */
+ gtk_toggle_button_set_active(GTK_TOGGLE_BUTTON(priv->checkbutton_require_incoming_tls_certs),
+ priv->account->isTlsRequireClientCertificate());
+ }
+ );
+}
+
+GtkWidget *
+account_security_tab_new(Account *account)
+{
+ g_return_val_if_fail(account != NULL, NULL);
+
+ gpointer view = g_object_new(ACCOUNT_SECURITY_TAB_TYPE, NULL);
+
+ AccountSecurityTabPrivate *priv = ACCOUNT_SECURITY_TAB_GET_PRIVATE(view);
+ priv->account = account;
+
+ build_tab_view(ACCOUNT_SECURITY_TAB(view));
+
+ return (GtkWidget *)view;
+}
diff --git a/src/accountsecuritytab.h b/src/accountsecuritytab.h
new file mode 100644
index 0000000..604fac0
--- /dev/null
+++ b/src/accountsecuritytab.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2015 Savoir-Faire Linux Inc.
+ * Author: Stepan Salenikovich <stepan.salenikovich@savoirfairelinux.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Additional permission under GNU GPL version 3 section 7:
+ *
+ * If you modify this program, or any covered work, by linking or
+ * combining it with the OpenSSL project's OpenSSL library (or a
+ * modified version of that library), containing parts covered by the
+ * terms of the OpenSSL or SSLeay licenses, Savoir-Faire Linux Inc.
+ * grants you additional permission to convey the resulting work.
+ * Corresponding Source for a non-source form of such a combination
+ * shall include the source code for the parts of OpenSSL used as well
+ * as that of the covered work.
+ */
+
+#ifndef _ACCOUNTSECURITYTAB_H
+#define _ACCOUNTSECURITYTAB_H
+
+#include <gtk/gtk.h>
+
+class Account;
+
+G_BEGIN_DECLS
+
+#define ACCOUNT_SECURITY_TAB_TYPE (account_security_tab_get_type ())
+#define ACCOUNT_SECURITY_TAB(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), ACCOUNT_SECURITY_TAB_TYPE, AccountSecurityTab))
+#define ACCOUNT_SECURITY_TAB_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST((klass), ACCOUNT_SECURITY_TAB_TYPE, AccountSecurityTabClass))
+#define IS_ACCOUNT_SECURITY_TAB(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), ACCOUNT_SECURITY_TAB_TYPE))
+#define IS_ACCOUNT_SECURITY_TAB_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), ACCOUNT_SECURITY_TAB_TYPE))
+
+typedef struct _AccountSecurityTab AccountSecurityTab;
+typedef struct _AccountSecurityTabClass AccountSecurityTabClass;
+
+GType account_security_tab_get_type (void) G_GNUC_CONST;
+GtkWidget *account_security_tab_new (Account *account);
+
+G_END_DECLS
+
+#endif /* _ACCOUNTSECURITYTAB_H */
\ No newline at end of file
diff --git a/src/accountview.cpp b/src/accountview.cpp
index 0406e57..007d3c5 100644
--- a/src/accountview.cpp
+++ b/src/accountview.cpp
@@ -42,6 +42,7 @@
#include "accountaudiotab.h"
#include "accountvideotab.h"
#include "accountadvancedtab.h"
+#include "accountsecuritytab.h"
#include "dialogs.h"
#include <glib/gprintf.h>
#include "utils/models.h"
@@ -159,6 +160,10 @@
gtk_notebook_append_page(GTK_NOTEBOOK(priv->current_account_notebook),
advanced_tab,
gtk_label_new("Advanced"));
+ GtkWidget *security_tab = account_security_tab_new(account);
+ gtk_notebook_append_page(GTK_NOTEBOOK(priv->current_account_notebook),
+ security_tab,
+ gtk_label_new("Security"));
/* set the tab displayed to the same as the prev account selected */
gtk_notebook_set_current_page(GTK_NOTEBOOK(priv->current_account_notebook), priv->current_page);
diff --git a/src/utils/models.cpp b/src/utils/models.cpp
index 313f6d6..59da48e 100644
--- a/src/utils/models.cpp
+++ b/src/utils/models.cpp
@@ -34,6 +34,7 @@
#include "../models/gtkqtreemodel.h"
#include "../models/gtkqsortfiltertreemodel.h"
#include <QtCore/QModelIndex>
+#include <QtCore/QItemSelectionModel>
QModelIndex
get_index_from_selection(GtkTreeSelection *selection)
@@ -48,4 +49,153 @@
return gtk_q_sort_filter_tree_model_get_source_idx(GTK_Q_SORT_FILTER_TREE_MODEL(model), &iter);
}
return QModelIndex();
+}
+
+QModelIndex
+gtk_combo_box_get_index(GtkComboBox *box)
+{
+ GtkTreeIter filter_iter;
+ GtkTreeIter child_iter;
+ GtkTreeModel *filter_model = gtk_combo_box_get_model(box);
+ GtkTreeModel *model = filter_model;
+
+ GtkTreeIter *iter = NULL;
+
+ if (GTK_IS_TREE_MODEL_FILTER(filter_model))
+ model = gtk_tree_model_filter_get_model(GTK_TREE_MODEL_FILTER(filter_model));
+
+ if (gtk_combo_box_get_active_iter(box, &filter_iter)) {
+ if (GTK_IS_TREE_MODEL_FILTER(filter_model)) {
+ gtk_tree_model_filter_convert_iter_to_child_iter(
+ GTK_TREE_MODEL_FILTER(filter_model),
+ &child_iter,
+ &filter_iter);
+ iter = &child_iter;
+ } else {
+ iter = &filter_iter;
+ }
+
+ if (GTK_IS_Q_TREE_MODEL(model))
+ return gtk_q_tree_model_get_source_idx(GTK_Q_TREE_MODEL(model), iter);
+ else if (GTK_IS_Q_SORT_FILTER_TREE_MODEL(model))
+ return gtk_q_sort_filter_tree_model_get_source_idx(GTK_Q_SORT_FILTER_TREE_MODEL(model), iter);
+ }
+ return QModelIndex();
+}
+
+static void
+update_selection(GtkComboBox *box, QItemSelectionModel *selection_model)
+{
+ QModelIndex idx = gtk_combo_box_get_index(box);
+ if (idx.isValid()) {
+ selection_model->setCurrentIndex(idx, QItemSelectionModel::ClearAndSelect);
+ }
+}
+
+static gboolean
+filter_disabled_items(GtkTreeModel *model, GtkTreeIter *iter, G_GNUC_UNUSED gpointer data)
+{
+ QModelIndex idx;
+ if (GTK_IS_Q_TREE_MODEL(model))
+ idx = gtk_q_tree_model_get_source_idx(GTK_Q_TREE_MODEL(model), iter);
+ else if (GTK_IS_Q_SORT_FILTER_TREE_MODEL(model))
+ idx = gtk_q_sort_filter_tree_model_get_source_idx(GTK_Q_SORT_FILTER_TREE_MODEL(model), iter);
+
+ if (idx.isValid()) {
+ return idx.flags() & Qt::ItemIsEnabled ? TRUE : FALSE;
+ }
+ return FALSE;
+}
+
+void
+gtk_combo_box_set_active_index(GtkComboBox *box, const QModelIndex& idx)
+{
+ if (idx.isValid()) {
+ GtkTreeIter new_iter;
+ GtkTreeModel *filter_model = gtk_combo_box_get_model(box);
+ g_return_if_fail(filter_model);
+ GtkTreeModel *model = filter_model;
+
+ if (GTK_IS_TREE_MODEL_FILTER(filter_model))
+ model = gtk_tree_model_filter_get_model(GTK_TREE_MODEL_FILTER(filter_model));
+
+ gboolean valid;
+ if (GTK_IS_Q_TREE_MODEL(model)) {
+ valid = gtk_q_tree_model_source_index_to_iter(
+ GTK_Q_TREE_MODEL(model), idx, &new_iter);
+ } else if (GTK_IS_Q_SORT_FILTER_TREE_MODEL(model)) {
+ valid = gtk_q_sort_filter_tree_model_source_index_to_iter(
+ GTK_Q_SORT_FILTER_TREE_MODEL(model), idx, &new_iter);
+ }
+
+ if (valid) {
+ if (GTK_IS_TREE_MODEL_FILTER(filter_model)) {
+ GtkTreeIter filter_iter;
+ if (gtk_tree_model_filter_convert_child_iter_to_iter(
+ GTK_TREE_MODEL_FILTER(filter_model),
+ &filter_iter,
+ &new_iter)
+ ) {
+ gtk_combo_box_set_active_iter(box, &filter_iter);
+ } else {
+ g_warning("failed to convert iter from source model to filter model iter");
+ }
+ } else {
+ gtk_combo_box_set_active_iter(box, &new_iter);
+ }
+ } else {
+ g_warning("Given QModelIndex doesn't exist in GtkTreeModel");
+ }
+ }
+}
+
+QMetaObject::Connection
+gtk_combo_box_set_qmodel(GtkComboBox *box, QAbstractItemModel *qmodel, QItemSelectionModel *selection_model)
+{
+ QMetaObject::Connection connection;
+ GtkTreeModel *model;
+
+ /* check if its a QAbstractItemModel or a QSortFilterProxyModel */
+ QSortFilterProxyModel *proxy_qmodel = qobject_cast<QSortFilterProxyModel*>(qmodel);
+ if (proxy_qmodel) {
+ model = (GtkTreeModel *)gtk_q_sort_filter_tree_model_new(
+ proxy_qmodel,
+ 1,
+ Qt::DisplayRole, G_TYPE_STRING);
+ } else {
+ model = (GtkTreeModel *)gtk_q_tree_model_new(
+ qmodel,
+ 1,
+ Qt::DisplayRole, G_TYPE_STRING);
+ }
+
+ /* use a filter model to remove disabled items */
+ GtkTreeModel *filter_model = gtk_tree_model_filter_new(model, NULL);
+ gtk_tree_model_filter_set_visible_func(GTK_TREE_MODEL_FILTER(filter_model),
+ (GtkTreeModelFilterVisibleFunc)filter_disabled_items,
+ NULL, NULL);
+
+ gtk_combo_box_set_model(box, GTK_TREE_MODEL(filter_model));
+ GtkCellRenderer *renderer = gtk_cell_renderer_text_new();
+ gtk_cell_layout_pack_start(GTK_CELL_LAYOUT(box), renderer, FALSE);
+ gtk_cell_layout_set_attributes(GTK_CELL_LAYOUT(box), renderer,
+ "text", 0, NULL);
+
+ /* connect signals to and from the selection model */
+ connection = QObject::connect(
+ selection_model,
+ &QItemSelectionModel::currentChanged,
+ [=](const QModelIndex & current, G_GNUC_UNUSED const QModelIndex & previous) {
+ gtk_combo_box_set_active_index(box, current);
+ }
+ );
+ g_signal_connect(box,
+ "changed",
+ G_CALLBACK(update_selection),
+ selection_model);
+
+ /* sync the initial selection */
+ gtk_combo_box_set_active_index(box, selection_model->currentIndex());
+
+ return connection;
}
\ No newline at end of file
diff --git a/src/utils/models.h b/src/utils/models.h
index e227f8f..1eeeefb 100644
--- a/src/utils/models.h
+++ b/src/utils/models.h
@@ -32,10 +32,22 @@
#define _MODELS_H
#include <gtk/gtk.h>
+#include <QtCore/QMetaObject>
class QModelIndex;
+class QAbstractItemModel;
+class QItemSelectionModel;
QModelIndex
get_index_from_selection(GtkTreeSelection *selection);
+QModelIndex
+gtk_combo_box_get_index(GtkComboBox *box);
+
+void
+gtk_combo_box_set_active_index(GtkComboBox *box, const QModelIndex& idx);
+
+QMetaObject::Connection
+gtk_combo_box_set_qmodel(GtkComboBox *box, QAbstractItemModel *qmodel, QItemSelectionModel *selection_model);
+
#endif /* _MODELS_H */
\ No newline at end of file
diff --git a/ui/accountsecuritytab.ui b/ui/accountsecuritytab.ui
new file mode 100644
index 0000000..0beead6
--- /dev/null
+++ b/ui/accountsecuritytab.ui
@@ -0,0 +1,507 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<interface>
+ <requires lib="gtk+" version="3.10"/>
+ <object class="GtkAdjustment" id="adjustment_tls_timeout">
+ <property name="lower">0</property>
+ <property name="upper">65535</property>
+ <property name="step_increment">1</property>
+ <property name="page_increment">10</property>
+ </object>
+ <template class="AccountSecurityTab" parent="GtkBox">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="orientation">vertical</property>
+ <child>
+ <object class="GtkBox" id="vbox_main">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="border_width">10</property>
+ <property name="orientation">vertical</property>
+ <property name="spacing">10</property>
+ <child>
+ <object class="GtkFrame" id="frame_srtp">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label_xalign">0</property>
+ <property name="shadow_type">none</property>
+ <child>
+ <object class="GtkBox" id="box_srtp">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="margin_left">10</property>
+ <property name="margin_top">10</property>
+ <property name="orientation">vertical</property>
+ <property name="spacing">10</property>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_use_srtp">
+ <property name="label" translatable="yes">Encrypt media streams (SRTP)</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkBox" id="box_key_exchange">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="spacing">10</property>
+ <child>
+ <object class="GtkLabel" id="label_key_exchange">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes">Key exchange protocol</property>
+ </object>
+ </child>
+ <child>
+ <object class="GtkComboBox" id="combobox_key_exchange">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">start</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </object>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_srtp_fallback">
+ <property name="label" translatable="yes">Fallback on RTP on encryption failure</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ </packing>
+ </child>
+ </object>
+ </child>
+ <child type="label">
+ <object class="GtkLabel" id="label_srtp">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes"><b>Media Stream Encryption</b></property>
+ <property name="use_markup">True</property>
+ </object>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkFrame" id="frame_tls_settings">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label_xalign">0</property>
+ <property name="shadow_type">none</property>
+ <child>
+ <object class="GtkBox" id="box_tls_settings">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="margin_left">10</property>
+ <property name="margin_top">10</property>
+ <property name="orientation">vertical</property>
+ <property name="spacing">10</property>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_use_tls">
+ <property name="label" translatable="yes">Encrypt negotiation (TLS)</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="yalign">0.47999998927116394</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkGrid" id="grid_tls_settings_0">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="row_spacing">10</property>
+ <property name="column_spacing">10</property>
+ <child>
+ <object class="GtkLabel" id="label_tls_ca_certificate">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">CA certificate</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkFileChooserButton" id="filechooserbutton_ca_list">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="create_folders">False</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">0</property>
+ </packing>
+ </child>
+ <!-- TODO: add when implemented <child>
+ <object class="GtkButton" id="button_view_ca">
+ <property name="label" translatable="yes">View</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">True</property>
+ <property name="halign">start</property>
+ <property name="always_show_image">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">2</property>
+ <property name="top_attach">0</property>
+ </packing>
+ </child>-->
+ <child>
+ <object class="GtkLabel" id="label_tls_user_certificate">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">User certificate</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkFileChooserButton" id="filechooserbutton_certificate">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="create_folders">False</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <!-- TODO: add when implemented <child>
+ <object class="GtkButton" id="button_view_certificate">
+ <property name="label" translatable="yes">View</property>
+ <property name="visible">False</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">True</property>
+ <property name="halign">start</property>
+ <property name="always_show_image">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">2</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>-->
+ <child>
+ <object class="GtkLabel" id="label_tls_private_key">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">Private key</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">2</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkFileChooserButton" id="filechooserbutton_private_key">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="create_folders">False</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">2</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel" id="label_private_key_password">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">Private key password</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">3</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="entry_password">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="visibility">False</property>
+ <property name="primary_icon_stock">gtk-dialog-authentication</property>
+ <property name="input_purpose">password</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">3</property>
+ </packing>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ <child>
+ <placeholder/>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkGrid" id="grid_tls_settings_1">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="row_spacing">10</property>
+ <property name="column_spacing">10</property>
+ <child>
+ <object class="GtkLabel" id="label_tls_protocol">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">TLS protocol method</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkComboBox" id="combobox_tls_protocol_method">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">start</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel" id="label_tls_server_name">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">Outgoing TLS server name</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkEntry" id="entry_tls_server_name">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">1</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel" id="label_tls_timeout">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="halign">end</property>
+ <property name="label" translatable="yes">Negotiation timeout (seconds)</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+ <property name="top_attach">2</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkSpinButton" id="spinbutton_tls_timeout">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="halign">start</property>
+ <property name="adjustment">adjustment_tls_timeout</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+ <property name="top_attach">2</property>
+ </packing>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">2</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkButtonBox" id="buttonbox_cipher_list">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="spacing">10</property>
+ <property name="layout_style">start</property>
+ <child>
+ <object class="GtkRadioButton" id="radiobutton_use_default_ciphers">
+ <property name="label" translatable="yes">Use default ciphers</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="active">True</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkRadioButton" id="radiobutton_custom_ciphers">
+ <property name="label" translatable="yes">Use custom cipher list</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="active">True</property>
+ <property name="draw_indicator">True</property>
+ <property name="group">radiobutton_use_default_ciphers</property>
+ </object>
+ <packing>
+ <property name="expand">True</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
+ </packing>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">3</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkRevealer" id="revealer_cipher_list">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="reveal_child">False</property>
+ <property name="transition_type">slide-down</property>
+ <property name="transition_duration">250</property>
+ <child>
+ <object class="GtkScrolledWindow" id="scrolledwindow_cipher_list">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="shadow_type">in</property>
+ <property name="halign">start</property>
+ <property name="min-content-height">200</property>
+ <property name="min-content-width">500</property>
+ <child>
+ <object class="GtkTreeView" id="treeview_cipher_list">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <child internal-child="selection">
+ <object class="GtkTreeSelection" id="treeview-selection1"/>
+ </child>
+ </object>
+ </child>
+ </object>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">4</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_verify_certs_server">
+ <property name="label" translatable="yes">Verify incoming certificates (server side)</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">5</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_verify_certs_client">
+ <property name="label" translatable="yes">Verify answer certificates (client side)</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">6</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkCheckButton" id="checkbutton_require_incoming_tls_certs">
+ <property name="label" translatable="yes">Require a certificate for incoming TLS connections</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">False</property>
+ <property name="xalign">0</property>
+ <property name="draw_indicator">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">7</property>
+ </packing>
+ </child>
+ </object>
+ </child>
+ <child type="label">
+ <object class="GtkLabel" id="label_tls_settings">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="label" translatable="yes"><b>Negotiation Encryption</b></property>
+ <property name="use_markup">True</property>
+ </object>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">1</property>
+ </packing>
+ </child>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">0</property>
+ </packing>
+ </child>
+ </template>
+</interface>
diff --git a/ui/ui.gresource.xml b/ui/ui.gresource.xml
index 80140ee..21c8c07 100644
--- a/ui/ui.gresource.xml
+++ b/ui/ui.gresource.xml
@@ -12,5 +12,6 @@
<file preprocess="xml-stripblanks">mediasettingsview.ui</file>
<file preprocess="xml-stripblanks">accountadvancedtab.ui</file>
<file preprocess="xml-stripblanks">generalsettingsview.ui</file>
+ <file preprocess="xml-stripblanks">accountsecuritytab.ui</file>
</gresource>
</gresources>
\ No newline at end of file