mirror of
https://github.com/subsurface/subsurface.git
synced 2024-12-11 03:21:29 +00:00
Windows XP doesn't contain a valid CA for our cloud certificate
This is the authentication check and cloud server availability check which are different from the one git does. The mechanism for overriding things is different from there, but this should work just as well. We intercept the SslErrors signal and if we get the known good hash for our certificate, we simply call it good. Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
This commit is contained in:
parent
03b2674a13
commit
48e47c9048
3 changed files with 56 additions and 10 deletions
|
@ -28,9 +28,10 @@ bool CheckCloudConnection::checkServer()
|
||||||
request.setRawHeader("User-Agent", getUserAgent().toUtf8());
|
request.setRawHeader("User-Agent", getUserAgent().toUtf8());
|
||||||
request.setUrl(QString(prefs.cloud_base_url) + TEAPOT);
|
request.setUrl(QString(prefs.cloud_base_url) + TEAPOT);
|
||||||
QNetworkAccessManager *mgr = new QNetworkAccessManager();
|
QNetworkAccessManager *mgr = new QNetworkAccessManager();
|
||||||
QNetworkReply *reply = mgr->get(request);
|
reply = mgr->get(request);
|
||||||
connect(&timer, SIGNAL(timeout()), &loop, SLOT(quit()));
|
connect(&timer, SIGNAL(timeout()), &loop, SLOT(quit()));
|
||||||
connect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
|
connect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
|
||||||
|
connect(reply, SIGNAL(sslErrors(QList<QSslError>)), this, SLOT(sslErrors(QList<QSslError>)));
|
||||||
timer.start(2000); // wait two seconds
|
timer.start(2000); // wait two seconds
|
||||||
loop.exec();
|
loop.exec();
|
||||||
if (timer.isActive()) {
|
if (timer.isActive()) {
|
||||||
|
@ -44,14 +45,15 @@ bool CheckCloudConnection::checkServer()
|
||||||
qWarning() << "Cloud storage: successfully checked connection to cloud server";
|
qWarning() << "Cloud storage: successfully checked connection to cloud server";
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
// qDebug() << "did not get expected response - server unreachable" <<
|
|
||||||
// reply->error() << reply->errorString() <<
|
|
||||||
// reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt() <<
|
|
||||||
// reply->readAll();
|
|
||||||
} else {
|
} else {
|
||||||
disconnect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
|
disconnect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
|
||||||
reply->abort();
|
reply->abort();
|
||||||
}
|
}
|
||||||
|
if (verbose)
|
||||||
|
qDebug() << "connection test to cloud server failed" <<
|
||||||
|
reply->error() << reply->errorString() <<
|
||||||
|
reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt() <<
|
||||||
|
reply->readAll();
|
||||||
reply->deleteLater();
|
reply->deleteLater();
|
||||||
mgr->deleteLater();
|
mgr->deleteLater();
|
||||||
if (verbose)
|
if (verbose)
|
||||||
|
@ -59,10 +61,33 @@ bool CheckCloudConnection::checkServer()
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void CheckCloudConnection::sslErrors(QList<QSslError> errorList)
|
||||||
|
{
|
||||||
|
if (verbose) {
|
||||||
|
qDebug() << "Received error response trying to set up https connection with cloud storage backend:";
|
||||||
|
Q_FOREACH (QSslError err, errorList) {
|
||||||
|
qDebug() << err.errorString();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
QSslConfiguration conf = reply->sslConfiguration();
|
||||||
|
QSslCertificate cert = conf.peerCertificate();
|
||||||
|
QByteArray hexDigest = cert.digest().toHex();
|
||||||
|
if (reply->url().toString().contains(prefs.cloud_base_url) &&
|
||||||
|
hexDigest == "13ff44c62996cfa5cd69d6810675490e") {
|
||||||
|
if (verbose)
|
||||||
|
qDebug() << "Overriding SSL check as I recognize the certificate digest" << hexDigest;
|
||||||
|
reply->ignoreSslErrors();
|
||||||
|
} else {
|
||||||
|
if (verbose)
|
||||||
|
qDebug() << "got invalid SSL certificate with hex digest" << hexDigest;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// helper to be used from C code
|
// helper to be used from C code
|
||||||
extern "C" bool canReachCloudServer()
|
extern "C" bool canReachCloudServer()
|
||||||
{
|
{
|
||||||
if (verbose)
|
if (verbose)
|
||||||
qWarning() << "Cloud storage: checking connection to cloud server";
|
qWarning() << "Cloud storage: checking connection to cloud server";
|
||||||
return CheckCloudConnection::checkServer();
|
CheckCloudConnection *checker = new CheckCloudConnection;
|
||||||
|
return checker->checkServer();
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,8 @@
|
||||||
#define CHECKCLOUDCONNECTION_H
|
#define CHECKCLOUDCONNECTION_H
|
||||||
|
|
||||||
#include <QObject>
|
#include <QObject>
|
||||||
|
#include <QNetworkReply>
|
||||||
|
#include <QSsl>
|
||||||
|
|
||||||
#include "checkcloudconnection.h"
|
#include "checkcloudconnection.h"
|
||||||
|
|
||||||
|
@ -9,7 +11,12 @@ class CheckCloudConnection : public QObject {
|
||||||
Q_OBJECT
|
Q_OBJECT
|
||||||
public:
|
public:
|
||||||
CheckCloudConnection(QObject *parent = 0);
|
CheckCloudConnection(QObject *parent = 0);
|
||||||
static bool checkServer();
|
bool checkServer();
|
||||||
|
private:
|
||||||
|
QNetworkReply *reply;
|
||||||
|
private
|
||||||
|
slots:
|
||||||
|
void sslErrors(QList<QSslError> errorList);
|
||||||
};
|
};
|
||||||
|
|
||||||
#endif // CHECKCLOUDCONNECTION_H
|
#endif // CHECKCLOUDCONNECTION_H
|
||||||
|
|
|
@ -1069,8 +1069,22 @@ void CloudStorageAuthenticate::uploadError(QNetworkReply::NetworkError error)
|
||||||
|
|
||||||
void CloudStorageAuthenticate::sslErrors(QList<QSslError> errorList)
|
void CloudStorageAuthenticate::sslErrors(QList<QSslError> errorList)
|
||||||
{
|
{
|
||||||
qDebug() << "Received error response trying to set up https connection with cloud storage backend:";
|
if (verbose) {
|
||||||
Q_FOREACH (QSslError err, errorList) {
|
qDebug() << "Received error response trying to set up https connection with cloud storage backend:";
|
||||||
qDebug() << err.errorString();
|
Q_FOREACH (QSslError err, errorList) {
|
||||||
|
qDebug() << err.errorString();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
QSslConfiguration conf = reply->sslConfiguration();
|
||||||
|
QSslCertificate cert = conf.peerCertificate();
|
||||||
|
QByteArray hexDigest = cert.digest().toHex();
|
||||||
|
if (reply->url().toString().contains(prefs.cloud_base_url) &&
|
||||||
|
hexDigest == "13ff44c62996cfa5cd69d6810675490e") {
|
||||||
|
if (verbose)
|
||||||
|
qDebug() << "Overriding SSL check as I recognize the certificate digest" << hexDigest;
|
||||||
|
reply->ignoreSslErrors();
|
||||||
|
} else {
|
||||||
|
if (verbose)
|
||||||
|
qDebug() << "got invalid SSL certificate with hex digest" << hexDigest;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue