[Gajim-devel] Re : PKCS12 with password

2011-07-25 Thread Saleem Edah-Tally 
- Message d'origine 

De : Yann Leboulanger 
À : nmset 
Cc : Gajim Devel 
Envoyé le : Lun 25 juillet 2011, 15h 17min 57s
Objet : Re: [Gajim-devel] PKCS12 with password

>Connection object should try to open the 
>certificat, if that fails, asks a password, before trying to connect. 


One suggestion :

In the UI where the user declares what p12 to use for his account, there could 
be a checkbox with which the user says if the p12 file is encrypted or not.

This way, the code in tls_nb.py does not have to be exception dependent but 
rather based on user declaration.

If the user has declared an encrypted p12 file, a dialog asks for the password 
and load_pkcs is called with two arguments (the file, the password), else, with 
one single argument. as it is now.
___
Gajim-devel mailing list
Gajim-devel@gajim.org
http://lists.gajim.org/cgi-bin/listinfo/gajim-devel

Re: [Gajim-devel] Re : PKCS12 with password

2011-07-25 Thread Yann Leboulanger 

the only thing I see is that:

Unable to load client pkcs12 certificate from file 
/home/user/xmpp_lab_set_pwd.p12: ([('PKCS12 routines', 'PKCS12_parse', 
'mac verify failure')],) ... Is it a valid PKCS12 cert?


which isn't very explicit why it fails to open the cert. We don't know 
if it's because it's encrypted.


could you try that in a python console:
>>> import OpenSSL.crypto
>>> OpenSSL.crypto.load_pkcs12(open('FULL_PATH_TO_YOUR_CERT').read())

what does that print?

The only other solution I see is: try to open cert, if that fails for 
any reason, ask for a passphrase. That's not very nice, but why not ...

___
Gajim-devel mailing list
Gajim-devel@gajim.org
http://lists.gajim.org/cgi-bin/listinfo/gajim-devel

[Gajim-devel] Re : PKCS12 with password

2011-07-25 Thread Saleem Edah-Tally 
Here's the CLI output running gajim in non-verbose, with a PKCS12 password 
protected container :

*

16:01:50 (W) gajim.c.x.tls_nb Unable to load client pkcs12 certificate from 
file 
/home/user/xmpp_lab_set_pwd.p12: ([('PKCS12 routines', 'PKCS12_parse', 'mac 
verify failure')],) ... Is it a valid PKCS12 cert?
16:01:50 (E) gajim.c.x.tls_nb Error while TLS handshake: 
Traceback (most recent call last):
  File "/usr/share/gajim/src/common/xmpp/tls_nb.py", line 422, in 
_startSSL_pyOpenSSL
tcpsock._sslObj.do_handshake()
SysCallError: (-1, 'Unexpected EOF')
*


Attached is a verbose log also.

More precision : I am using jabberd2 2.2.14 configured to accept only encrypted 
connections.

Thank you for considering.





- Message d'origine 
De : Yann Leboulanger 
À : nmset 
Cc : Gajim Devel 
Envoyé le : Lun 25 juillet 2011, 15h 17min 57s
Objet : Re: [Gajim-devel] PKCS12 with password16:06:36 (I) gajim.gajim Encodings: d:utf-8, 
fs:UTF-8, p:UTF-8
16:06:36 (D) gajim.gtkgui_helpers I/O Error 
writing settings to '/home/user/.kde/share/services/xmpp.protocol'
Traceback (most recent call last):
  File "/usr/share/gajim/src/gtkgui_helpers.py", line 722, in 
set_gajim_as_xmpp_handler
f = open(path_to_kde_file, 'a')
IOError: [Errno 2] Aucun fichier ou dossier de ce type: 
'/home/user/.kde/share/services/xmpp.protocol'
16:06:36 (D) gajim.c.resolver Import of 
libasyncns-python failed, getaddrinfo will block
Traceback (most recent call last):
  File "/usr/share/gajim/src/common/resolver.py", line 44, in 
import libasyncns
  File "/usr/share/gajim/src/common/demandimport.py", line 85, in _demandimport
return _origimport(name, globals, locals, fromlist)
ImportError: No module named libasyncns
16:06:38 (D) gajim.plugin_system Attributes 
processing started
16:06:38 (D) gajim.plugin_system WhiteboardPlugin 
: 
16:06:38 (D) gajim.plugin_system is subclass of 
GajimPlugin
16:06:38 (D) gajim.plugin_system plugin : 
16:06:38 (D) gajim.plugin_system whiteboard_widget 
: 
16:06:38 (D) gajim.plugin_system Attributes 
processing started
16:06:38 (D) gajim.plugin_system 
AcronymsExpanderPlugin : 
16:06:38 (D) gajim.plugin_system is subclass of 
GajimPlugin
16:06:38 (D) gajim.plugin_system acronyms_expander 
: 
16:06:38 (D) gajim.plugin_system Attributes 
processing started
16:06:38 (D) gajim.plugin_system 
LengthNotifierPlugin : 
16:06:38 (D) gajim.plugin_system is subclass of 
GajimPlugin
16:06:38 (D) gajim.plugin_system length_notifier : 

16:06:38 (D) gajim.plugin_system Attributes 
processing started
16:06:38 (D) gajim.plugin_system FtpManager : 

16:06:38 (D) gajim.plugin_system is subclass of 
GajimPlugin
16:06:38 (D) gajim.plugin_system ftp_manager : 

16:06:38 (D) gajim.plugin_system Attributes 
processing started
16:06:38 (D) gajim.plugin_system 
BannerTweaksPlugin : 
16:06:38 (D) gajim.plugin_system is subclass of 
GajimPlugin
16:06:38 (D) gajim.plugin_system plugin : 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.__init__() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.load_config() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.load_config() 
16:06:38 (D) gajim.plugin_system 
WhiteboardPlugin.init() 
16:06:38 (D) gajim.plugin_system 
WhiteboardPlugin.init() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.__init__() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.__init__() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.load_config() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.load_config() 
16:06:38 (D) gajim.plugin_system 
AcronymsExpanderPlugin.init() 
16:06:38 (D) gajim.plugin_system 
AcronymsExpanderPlugin.init() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.__init__() 
16:06:38 (D) gajim.plugin_system 
GajimPlugin.__init__() 
16:06:38 (D) gajim.plug