From 0475d29f84ef13861fdc5ee2e747c00644c002fc Mon Sep 17 00:00:00 2001
From: Michael Gratton <mike@vee.net>
Date: Fri, 25 Sep 2020 08:27:36 +1000
Subject: [PATCH 021/124] Application.CertificateManager: Warn when GCR not
 able to access stores

At least let people know somehow their GCR setup is lacking.
---
 .../application-certificate-manager.vala           | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/client/application/application-certificate-manager.vala b/src/client/application/application-certificate-manager.vala
index d9e40fcd..3add2206 100644
--- a/src/client/application/application-certificate-manager.vala
+++ b/src/client/application/application-certificate-manager.vala
@@ -68,7 +68,13 @@ public class Application.CertificateManager : GLib.Object {
                 !Geary.String.is_empty(Gcr.pkcs11_get_trust_store_uri()) &&
                 Gcr.pkcs11_get_trust_lookup_uris().length > 0
             );
-            debug("GCR slot URIs found: %s", has_uris.to_string());
+            if (has_uris) {
+                debug("GCR slot URIs found: %s", has_uris.to_string());
+            } else {
+                warning(
+                    "No GCR slot URIs found, GCR certificate pinning unavailable"
+                );
+            }
         }
 
         bool has_rw_store = false;
@@ -77,6 +83,12 @@ public class Application.CertificateManager : GLib.Object {
             if (store != null) {
                 has_rw_store = !store.has_flags(CKF_WRITE_PROTECTED);
                 debug("GCR store is R/W: %s", has_rw_store.to_string());
+            } else {
+                warning("No GCR store found, GCR certificate pinning unavailable");
+            }
+
+            if (!has_rw_store) {
+                warning("GCR store is not RW, GCR certificate pinning unavailable");
             }
         }
 
-- 
2.29.2