start import certificate dialog

src/Makefile.am

@@ -17,7 +17,8 @@ ylib_DATA = \
   lib/registration/storage.rb \
   lib/registration/registration.rb \
   lib/registration/helpers.rb \
-  lib/registration/connect_helpers.rb
+  lib/registration/connect_helpers.rb \
+  lib/registration/ui/import_certificate_dialog.rb
 
 ylibyastdir = @ylibdir@/yast
 ylibyast_DATA = \

src/lib/registration/connect_helpers.rb

@@ -89,18 +89,17 @@ def self.catch_registration_errors(&block)
         false
       rescue OpenSSL::SSL::SSLError => e
         log.error "OpenSSL error: #{e}"
-        details = ssl_error_details
-        cert = Storage::SSLErrors.instance.ssl_failed_cert
 
         if Yast::Mode.autoinst
           # in AutoYast mode just report an error
           Yast::Report.Error(
-            error_with_details(_("OpenSSL connection error."), details)
+            error_with_details(_("OpenSSL connection error."), ssl_error_details)
           )
         else
           # in normal operation ask the user to import the certificate
           # and retry after successful import
-          retry if Helpers.import_ssl_certificate(details, cert)
+          cert = Storage::SSLErrors.instance.ssl_failed_cert
+          retry if import_ssl_certificate(cert)
         end
 
         false
@@ -145,6 +144,20 @@ def self.ssl_error_details()
 
       details.join("\n")
     end
+
+    def self.import_ssl_certificate(cert)
+      # TODO use ui/import_certificate
+
+      if ret == :import
+        # TODO use Popup.Feedback
+        result = ::SUSE::Connect::SSLCertificate.import(cert)
+        log.info "Certificate import result: #{result}"
+        return true
+      end
+
+      false
+    end
+
   end
 
 end

src/lib/registration/helpers.rb

@@ -122,18 +122,6 @@ def self.base_version(version)
       version.sub(/-.*\z/, "")
     end
 
-    def self.import_ssl_certificate(details, cert)
-      # TODO better dialog with more details
-      if Yast::Popup.YesNo(details + "\n" +
-            "Import Certificate #{::SUSE::Connect::SSLCertificate.sha1_fingerprint(cert)}?")
-        status = ::SUSE::Connect::SSLCertificate.import(cert)
-        log.info "Import details: #{status}"
-        return true
-      end
-
-      false
-    end
-
     private
 
     # get registration URL in installation mode

src/lib/registration/ui/import_certificate_dialog.rb

@@ -0,0 +1,125 @@
+
+module Registration
+  module UI
+
+    class ImportCertificateDialog
+      include Yast::Logger
+      include Yast::I18n
+      include Yast::UIShortcuts
+
+      Yast.import "UI"
+      Yast.import "SignatureCheckDialogs"
+
+      def self.run(cert)
+        dialog = ImportCertificateDialog.new
+        dialog.run(cert)
+      end
+
+      def initialize()
+        textdomain "registration"
+      end
+
+      def run(cert)
+
+        # popup message - label, part 1, %1 stands for repository name, %2 for its URL
+        dialog_text = Builtins.sformat(
+          _(
+            "The following GnuPG key has been found in repository\n" +
+              "%1\n" +
+              "(%2):"
+          ),
+          Ops.get_locale(repo, "name", _("Unknown")),
+          Ops.get_locale(repo, "url", _("Unknown"))
+        )
+
+        # popup message - label, part 2
+        dialog_text2 = _(
+          "You can choose to import it into your keyring of trusted\n" +
+            "public keys, meaning that you trust the owner of the key.\n" +
+            "You should be sure that you can trust the owner and that\n" +
+            "the key really belongs to that owner before importing it."
+        )
+
+        if Time.now > cert.not_after
+          dialog_text2 << "\n\n" << _("WARNING: The key has expired!")
+        end
+
+
+        UI.OpenDialog(Opt(:decorated), import_dialog_content(cert))
+
+        begin
+          UI.SetFocus(:cancel)
+          return UI.UserInput == :import
+        ensure
+          UI.CloseDialog
+        end
+      end
+
+      private
+
+      def certificate_description(cert)
+
+      end
+
+      def import_dialog_content(cert)
+        displayinfo = UI.GetDisplayInfo
+        # hide additional help text in narrow terminals
+        hide_help = displayinfo["TextMode"] && displayinfo["Width"] < 105
+
+        HBox(
+          # left-side help
+          hide_help ?
+            Empty() :
+            HWeight(3, VBox(RichText(warning_text))),
+          HSpacing(1.5),
+          # dialog
+          HWeight(
+            5,
+            VBox(
+              HBox(
+                VCenter(Yast::SignatureCheckDialogs.MessageIcon("question")),
+                # popup heading
+                VCenter(Heading(_("Import Untrusted SSL Certificate"))),
+                HStretch()
+              ),
+              # dialog message
+              MarginBox(
+                0.4,
+                0.4,
+                VBox(
+                  Left(Label(dialog_text)),
+                  certificate_description(cert),
+                  Left(Label(dialog_text2))
+                )
+              ),
+              # dialog buttons
+              ButtonBox(
+                # push button
+                PushButton(Id(:import), Opt(:key_F10, :okButton), _("&Import")),
+                PushButton(
+                  Id(:cancel),
+                  Opt(:key_F9, :cancelButton),
+                  Label.CancelButton
+                )
+              )
+            )
+          )
+        )
+      end
+
+      def self.warning_text
+        # additional Richtext (HTML) warning text (kind of help), 1/2
+        _(
+          "<p>The owner of the key may distribute updates,\n" +
+            "packages, and package repositories that your system will trust and offer\n" +
+            "for installation and update without any further warning. In this way,\n" +
+            "importing the key into your keyring of trusted keys allows the key owner\n" +
+            "to have a certain amount of control over the software on your system.</p>"
+        )
+      end
+
+
+    end
+  end
+end
+