Windows XP doesn't contain a valid CA for our cloud certificate

This is the authentication check and cloud server availability check which are different from the one git does. The mechanism for overriding things is different from there, but this should work just as well. We intercept the SslErrors signal and if we get the known good hash for our certificate, we simply call it good. Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2025-02-19 22:16:15 +00:00 · 2015-09-23 09:55:11 -07:00 · 2015-09-23 09:55:11 -07:00 · 48e47c9048
commit 48e47c9048
parent 03b2674a13
3 changed files with 56 additions and 10 deletions
--- a/qt-ui/subsurfacewebservices.cpp
+++ b/qt-ui/subsurfacewebservices.cpp
@ -1069,8 +1069,22 @@ void CloudStorageAuthenticate::uploadError(QNetworkReply::NetworkError error)

 void CloudStorageAuthenticate::sslErrors(QList<QSslError> errorList)
 {
-	qDebug() << "Received error response trying to set up https connection with cloud storage backend:";
-	Q_FOREACH (QSslError err, errorList) {
-		qDebug() << err.errorString();
+	if (verbose) {
+		qDebug() << "Received error response trying to set up https connection with cloud storage backend:";
+		Q_FOREACH (QSslError err, errorList) {
+			qDebug() << err.errorString();
+		}
+	}
+	QSslConfiguration conf = reply->sslConfiguration();
+	QSslCertificate cert = conf.peerCertificate();
+	QByteArray hexDigest = cert.digest().toHex();
+	if (reply->url().toString().contains(prefs.cloud_base_url) &&
+	    hexDigest == "13ff44c62996cfa5cd69d6810675490e") {
+		if (verbose)
+			qDebug() << "Overriding SSL check as I recognize the certificate digest" << hexDigest;
+		reply->ignoreSslErrors();
+	} else {
+		if (verbose)
+			qDebug() << "got invalid SSL certificate with hex digest" << hexDigest;
 	}
 }