mirror of
https://github.com/saitohirga/WSJT-X.git
synced 2024-11-21 11:31:51 -05:00
Fix handling of SSL/TLS exceptions allowing errors to be ignored for a session
Not persistent but I'm not sure they need to be as sites we access should have valid certificates and chains of trust. This should allow users with baulked SSL installations or incomplete CA stores to proceed with network accesses at their discretion. git-svn-id: svn+ssh://svn.code.sf.net/p/wsjt/wsjt/branches/wsjtx@7378 ab8295b8-cf94-4d9e-aec4-7959e3be5d79
This commit is contained in:
parent
dc6c7f959b
commit
9af1379576
@ -29,7 +29,7 @@ void MessageBox::about_Qt_message (QWidget * parent)
|
||||
|
||||
namespace
|
||||
{
|
||||
QMessageBox::StandardButton show_it (QWidget *parent, MessageBox::Icon icon
|
||||
QMessageBox::StandardButton show_it (QWidget * parent, MessageBox::Icon icon
|
||||
, QString const& text
|
||||
, QString const& informative
|
||||
, QString const& detail
|
||||
|
@ -19,7 +19,7 @@ class NetworkAccessManager
|
||||
: public QNetworkAccessManager
|
||||
{
|
||||
public:
|
||||
NetworkAccessManager (QWidget * parent = nullptr)
|
||||
NetworkAccessManager (QWidget * parent)
|
||||
: QNetworkAccessManager (parent)
|
||||
{
|
||||
// handle SSL errors that have not been cached as allowed
|
||||
@ -27,21 +27,34 @@ public:
|
||||
// exception cache
|
||||
connect (this, &QNetworkAccessManager::sslErrors, [this, &parent] (QNetworkReply * reply, QList<QSslError> const& errors) {
|
||||
QString message;
|
||||
QList<QSslError> new_errors;
|
||||
for (auto const& error: errors)
|
||||
{
|
||||
message += '\n' + reply->request ().url ().toDisplayString () + ": "
|
||||
+ error.errorString ();
|
||||
if (!allowed_ssl_errors_.contains (error))
|
||||
{
|
||||
new_errors << error;
|
||||
message += '\n' + reply->request ().url ().toDisplayString () + ": "
|
||||
+ error.errorString ();
|
||||
}
|
||||
}
|
||||
QString certs;
|
||||
for (auto const& cert : reply->sslConfiguration ().peerCertificateChain ())
|
||||
if (new_errors.size ())
|
||||
{
|
||||
certs += cert.toText () + '\n';
|
||||
QString certs;
|
||||
for (auto const& cert : reply->sslConfiguration ().peerCertificateChain ())
|
||||
{
|
||||
certs += cert.toText () + '\n';
|
||||
}
|
||||
if (MessageBox::Ignore == MessageBox::query_message (parent, tr ("Network SSL Errors"), message, certs, MessageBox::Abort | MessageBox::Ignore))
|
||||
{
|
||||
// accumulate new SSL error exceptions that have been allowed
|
||||
allowed_ssl_errors_.append (new_errors);
|
||||
reply->ignoreSslErrors (allowed_ssl_errors_);
|
||||
}
|
||||
}
|
||||
if (MessageBox::Ignore == MessageBox::query_message (parent, tr ("Network SSL Errors"), message, certs, MessageBox::Abort | MessageBox::Ignore))
|
||||
else
|
||||
{
|
||||
// accumulate SSL error exceptions that have been allowed
|
||||
allowed_ssl_errors_.append (errors);
|
||||
reply->ignoreSslErrors (errors);
|
||||
// no new exceptions so silently ignore the ones already allowed
|
||||
reply->ignoreSslErrors (allowed_ssl_errors_);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user