Warn on importing complete certificate chains (part of #1488).
authorCarl Hetherington <cth@carlh.net>
Fri, 15 Mar 2019 12:48:15 +0000 (12:48 +0000)
committerCarl Hetherington <cth@carlh.net>
Fri, 15 Mar 2019 12:48:15 +0000 (12:48 +0000)
src/lib/config.h
src/wx/config_dialog.cc

index 3518dc6..7f8dd0c 100644 (file)
@@ -370,6 +370,7 @@ public:
                NAG_BAD_SIGNER_CHAIN,
                /* Not really a nag but it's the same idea */
                NAG_INITIAL_SETUP,
+               NAG_IMPORT_DECRYPTION_CHAIN,
                NAG_COUNT
        };
 
index 13a4056..a32b5d9 100644 (file)
@@ -841,6 +841,16 @@ KeysPage::export_decryption_chain_and_key ()
 void
 KeysPage::import_decryption_chain_and_key ()
 {
+       if (NagDialog::maybe_nag (
+                   _panel,
+                   Config::NAG_IMPORT_DECRYPTION_CHAIN,
+                   /* XXX: this needs to be marked translatable */
+                   wxT("If you continue with this operation you will no longer be able to use any DKDMs that you have created with the current certificates and key.  Also, any KDMs that have been sent to you for those certificates will become useless.  Proceed with caution!"),
+                   true
+                   )) {
+               return;
+       }
+
        wxFileDialog* d = new wxFileDialog (
                _panel, _("Select File To Import"), wxEmptyString, wxEmptyString, wxT ("DOM files (*.dom)|*.dom")
                );