diff --git a/src/common/connection.py b/src/common/connection.py
index cc95480a22c897a45fb3b9f8b7a3c776af53f392..be74de6f64c3aa4e7f2f8fc128cfd1015289ac7d 100644
--- a/src/common/connection.py
+++ b/src/common/connection.py
@@ -1281,7 +1281,7 @@ class Connection(CommonConnection, ConnectionHandlers):
# Check sha1 fingerprint
if con.Connection.ssl_fingerprint_sha1 != saved_fingerprint:
gajim.nec.push_incoming_event(FingerprintErrorEvent(None,
- conn=self,
+ conn=self, certificate=con.Connection.ssl_certificate,
new_fingerprint=con.Connection.ssl_fingerprint_sha1))
return True
else:
diff --git a/src/common/xmpp/tls_nb.py b/src/common/xmpp/tls_nb.py
index b0df948d6ab1699b7c21e696fcda6a2059ee4ca3..7a9c80f9884daa2dbc9eaaed128f0d671b0f4116 100644
--- a/src/common/xmpp/tls_nb.py
+++ b/src/common/xmpp/tls_nb.py
@@ -449,6 +449,7 @@ class NonBlockingTLS(PlugIn):
# Exceptions can't propagate up through this callback, so print them here.
try:
self._owner.ssl_fingerprint_sha1 = cert.digest('sha1')
+ self._owner.ssl_certificate = cert
if errnum == 0:
return True
self._owner.ssl_errnum = errnum
diff --git a/src/dialogs.py b/src/dialogs.py
index 786ff809e7e52674ebbafb7eec344710e6759798..982c55c1790134e8e3beca67a6bebff0e39ed2ee 100644
--- a/src/dialogs.py
+++ b/src/dialogs.py
@@ -5606,3 +5606,51 @@ class VoIPCallReceivedDialog(object):
session.reject_content(content)
dialog.destroy()
+
+class CertificatDialog(InformationDialog):
+ def __init__(self, parent, account, cert):
+ issuer = cert.get_issuer()
+ subject = cert.get_subject()
+ InformationDialog.__init__(self,
+ _('Certificate for account %s') % account, _('''<b>Issued to:</b>
+Common Name (CN): %(scn)s
+Organization (O): %(sorg)s
+Organizationl Unit (OU): %(sou)s
+Serial Number: %(sn)s
+
+<b>Issued by:</b>
+Common Name (CN): %(icn)s
+Organization (O): %(iorg)s
+Organizationl Unit (OU): %(iou)s
+
+<b>Validity:</b>
+Issued on: %(io)s
+Expires on: %(eo)s
+
+<b>Fingerprint</b>
+SHA1 Fingerprint: %(sha1)s''') % {
+ 'scn': subject.commonName, 'sorg': subject.organizationName,
+ 'sou': subject.organizationalUnitName,
+ 'sn': cert.get_serial_number(), 'icn': issuer.commonName,
+ 'iorg': issuer.organizationName,
+ 'iou': issuer.organizationalUnitName,
+ 'io': cert.get_notBefore(), 'eo': cert.get_notAfter(),
+ 'sha1': cert.digest('sha1')})
+ self.set_transient_for(parent)
+
+
+class CheckFingerprintDialog(YesNoDialog):
+ def __init__(self, pritext='', sectext='', checktext='',
+ on_response_yes=None, on_response_no=None, account=None, certificate=None):
+ self.account = account
+ self.cert = certificate
+ YesNoDialog.__init__(self, pritext, sectext, checktext, on_response_yes,
+ on_response_no)
+ b = gtk.Button('View cert...')
+ b.connect('clicked', self.on_cert_clicked)
+ b.show_all()
+ area = self.get_action_area()
+ area.pack_start(b)
+
+ def on_cert_clicked(self, button):
+ d = CertificatDialog(self, self.account, self.cert)
\ No newline at end of file
diff --git a/src/gui_interface.py b/src/gui_interface.py
index 678f9c0e40578fbbe517434a52241e0f1eee29f3..a5c1a5366d4da457fba24662b8c52592a3b168a7 100644
--- a/src/gui_interface.py
+++ b/src/gui_interface.py
@@ -1250,8 +1250,9 @@ class Interface:
self.instances[account]['online_dialog']['fingerprint_error'].\
destroy()
self.instances[account]['online_dialog']['fingerprint_error'] = \
- dialogs.YesNoDialog(pritext, sectext, on_response_yes=on_yes,
- on_response_no=on_no)
+ dialogs.CheckFingerprintDialog(pritext, sectext, on_response_yes=on_yes,
+ on_response_no=on_no, account=obj.conn.name,
+ certificate=obj.certificate)
def handle_event_plain_connection(self, obj):
# ('PLAIN_CONNECTION', account, (connection))