Boring certificate check dialogs still there with aqbanking4
Rainer Dorsch
rdorsch at web.de
Thu Dec 31 12:30:50 EST 2009
Micha,
you posted a "Fix for boring certificate check dialogs (module
import.aqbanking)"
http://www.mail-archive.com/gnucash-devel%40gnucash.org/msg22523.html and
commented on https://bugzilla.gnome.org/show_bug.cgi?id=559670 . I did a
checkout of the latest 2.2 branch and applied two patches for aqbanking4 (the
first is yours)
svn co http://svn.gnucash.org/repo/gnucash/branches/2.2/ gnucash-2.2-branch
svn merge -c r18037 http://svn.gnucash.org/repo/gnucash/trunk
(see https://bugzilla.gnome.org/show_bug.cgi?id=559670 )
svn merge -c r18167 http://svn.gnucash.org/repo/gnucash/trunk
(see https://bugzilla.gnome.org/show_bug.cgi?id=582048 )
but no luck. I verified the gnucash really finds aqbanking4 during
configuration phase:
rd at blackbox:~/SW.nobackup/gnucash-2.2-branch$ grep aqbanking config.log
configure:28916: checking for aqbanking >= 3.0.0 gwenhywfar
configure:28927:
result: -I/opt/aqbanking-4.2.1/include -I/opt/gwenhywfar-3.11.2/include/gwenhywfar3
configure:28933:
result: -L/opt/aqbanking-4.2.1/lib -L/opt/gwenhywfar-3.11.2/lib -laqbanking -lgwenhywfar
| #define QT3_WIZARD_PACKAGE "aqbanking"
| #define QT3_WIZARD_PACKAGE "aqbanking"
config.status:987: creating src/import-export/aqbanking/Makefile
config.status:987: creating src/import-export/aqbanking/schemas/Makefile
Optional components....: ofx aqbanking
AQBANKING_CFLAGS='-I/opt/aqbanking-4.2.1/include -I/opt/gwenhywfar-3.11.2/include/gwenhywfar3'
AQBANKING_DIR='aqbanking'
AQBANKING_LIBS='-L/opt/aqbanking-4.2.1/lib -L/opt/gwenhywfar-3.11.2/lib -laqbanking -lgwenhywfar '
#define QT3_WIZARD_PACKAGE "aqbanking"
For reference this is the diff to gnucash 2.2 trunk:
rd at blackbox:~/SW.nobackup/gnucash-2.2-branch$ svn diff
Eigenschaftsänderungen: .
___________________________________________________________________
Hinzugefügt: svn:mergeinfo
Zusammengeführt /gnucash/trunk:r18037,18167
Index: src/import-export/aqbanking/gnc-ab-transfer.c
===================================================================
--- src/import-export/aqbanking/gnc-ab-transfer.c (Revision 18540)
+++ src/import-export/aqbanking/gnc-ab-transfer.c (Arbeitskopie)
@@ -236,6 +236,13 @@
/* Create a context to store possible results */
context = AB_ImExporterContext_new();
+ gui = gnc_GWEN_Gui_get(parent);
+ if (!gui) {
+ g_warning("gnc_ab_maketrans: Couldn't initialize Gwenhywfar
GUI");
+ aborted = TRUE;
+ goto repeat;
+ }
+
/* Finally, execute the job */
AB_Banking_ExecuteJobs(api, job_list, context, 0);
Index: src/import-export/aqbanking/gnc-ab-utils.c
===================================================================
--- src/import-export/aqbanking/gnc-ab-utils.c (Revision 18540)
+++ src/import-export/aqbanking/gnc-ab-utils.c (Arbeitskopie)
@@ -804,3 +804,24 @@
return gnc_gen_trans_list_run(ieci->generic_importer);
}
+
+GWEN_DB_NODE *
+gnc_ab_get_permanent_certs(void)
+{
+ int rv;
+ GWEN_DB_NODE *perm_certs = NULL;
+ AB_BANKING *banking = gnc_AB_BANKING_new();
+
+ g_return_val_if_fail(banking, NULL);
+#ifdef AQBANKING_VERSION_4_PLUS
+ rv = AB_Banking_LoadSharedConfig(banking, "certs", &perm_certs, 0);
+#else
+ /* FIXME: Add code for older AqBanking versions */
+ /* See QBankmanager 0.9.50 in src/kbanking/libs/kbanking.cpp lines 323ff
+ for a proper example of how to do this */
+ rv = 0;
+#endif
+ gnc_AB_BANKING_fini(banking);
+ g_return_val_if_fail(rv >= 0, NULL);
+ return perm_certs;
+}
Index: src/import-export/aqbanking/gnc-gwen-gui.c
===================================================================
--- src/import-export/aqbanking/gnc-gwen-gui.c (Revision 18540)
+++ src/import-export/aqbanking/gnc-gwen-gui.c (Arbeitskopie)
@@ -184,6 +184,7 @@
/* Certificates handling */
GHashTable *accepted_certs;
+ GWEN_DB_NODE *permanently_accepted_certs;
GWEN_GUI_CHECKCERT_FN builtin_checkcert;
/* Dialogs */
@@ -285,6 +286,8 @@
g_hash_table_destroy(gui->passwords);
if (gui->showbox_hash)
g_hash_table_destroy(gui->showbox_hash);
+ if (gui->permanently_accepted_certs)
+ GWEN_DB_Group_free(gui->permanently_accepted_certs);
if (gui->accepted_certs)
g_hash_table_destroy(gui->accepted_certs);
gtk_widget_destroy(gui->dialog);
@@ -371,6 +374,7 @@
gui->close_button = glade_xml_get_widget(xml, "close_button");
gui->close_checkbutton = glade_xml_get_widget(xml, "close_checkbutton");
gui->accepted_certs = NULL;
+ gui->permanently_accepted_certs = NULL;
gui->showbox_hash = NULL;
gui->showbox_id = 1;
@@ -448,6 +452,8 @@
if (!gui->accepted_certs)
gui->accepted_certs = g_hash_table_new_full(
g_str_hash, g_str_equal, (GDestroyNotify) g_free, NULL);
+ if (!gui->permanently_accepted_certs)
+ gui->permanently_accepted_certs = gnc_ab_get_permanent_certs();
LEAVE(" ");
}
@@ -1251,7 +1257,8 @@
const gchar *hash, *status;
struct md5_ctx md5_context;
gchar cert_hash[16];
- gint retval;
+ gchar *cert_hash_hex;
+ gint retval, i;
g_return_val_if_fail(gui && gui->accepted_certs, -1);
@@ -1266,8 +1273,26 @@
md5_process_bytes(status, strlen(status), &md5_context);
md5_finish_ctx(&md5_context, cert_hash);
+ /* Did we get the permanently accepted certs from AqBanking? */
+ if (gui->permanently_accepted_certs) {
+ /* Generate a hex string of the cert_hash for usage by AqBanking cert
store */
+ cert_hash_hex = g_new0(gchar, 33);
+ for (i = 0; i < 16; i++)
+ g_snprintf(cert_hash_hex+2*i, 3, "%02X", (unsigned
char)cert_hash[i]);
+
+ retval=GWEN_DB_GetIntValue(gui->permanently_accepted_certs,
cert_hash_hex, 0, -1);
+ g_free(cert_hash_hex);
+ if (retval == 0) {
+ /* Certificate is marked as accepted in AqBanking's cert store */
+ LEAVE("Certificate accepted by AqBanking's permanent cert
store");
+ return 0;
+ }
+ } else {
+ g_warning("Can't check permanently accepted certs from invalid
AqBanking cert store.");
+ }
+
if (g_hash_table_lookup(gui->accepted_certs, cert_hash)) {
- /* Certificate has been accepted before */
+ /* Certificate has been accepted by Gnucash before */
LEAVE("Automatically accepting certificate");
return 0;
}
Index: src/import-export/aqbanking/gnc-ab-utils.h
===================================================================
--- src/import-export/aqbanking/gnc-ab-utils.h (Revision 18540)
+++ src/import-export/aqbanking/gnc-ab-utils.h (Arbeitskopie)
@@ -225,6 +225,14 @@
*/
gboolean gnc_ab_ieci_run_matcher(GncABImExContextImport *ieci);
+
+/**
+ * get the GWEN_DB_NODE from AqBanking configuration files
+ *
+ * @return a GWEN_DB containing all permanently accepted SSL certificates
(hashed).
+ */
+GWEN_DB_NODE *gnc_ab_get_permanent_certs(void);
+
G_END_DECLS
/** @} */
rd at blackbox:~/SW.nobackup/gnucash-2.2-branch$
Do you have an idea why I still get several times the annoying certificate
confirmation for each transaction?
Thanks,
Rainer
--
Rainer Dorsch
Lärchenstr. 6
D-72135 Dettenhausen
07157-734133
email: rdorsch at web.de
jabber: rdorsch at jabber.org
GPG Fingerprint: 5966 C54C 2B3C 42CC 1F4F 8F59 E3A8 C538 7519 141E
Full GPG key: http://pgp.mit.edu/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.gnucash.org/pipermail/gnucash-devel/attachments/20091231/8908cd50/attachment.bin>
More information about the gnucash-devel
mailing list