diff --git a/src/core/ksslcertificatemanager.cpp b/src/core/ksslcertificatemanager.cpp index ffabc9b0..510952e7 100644 --- a/src/core/ksslcertificatemanager.cpp +++ b/src/core/ksslcertificatemanager.cpp @@ -1,541 +1,541 @@ /* This file is part of the KDE project * * Copyright (C) 2007, 2008, 2010 Andreas Hartmetz * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Library General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library General Public License for more details. * * You should have received a copy of the GNU Library General Public License * along with this library; see the file COPYING.LIB. If not, write to * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, * Boston, MA 02110-1301, USA. */ #include "ksslcertificatemanager.h" #include "ksslcertificatemanager_p.h" #include "ksslerror_p.h" #include "ktcpsocket.h" #include "ksslerroruidata_p.h" #include #include #include #include #include #include #include #include #include #include "kssld_interface.h" /* Config file format: [] = #for example #mail.kdab.net = ExpireUTC 2008-08-20T18:22:14, SelfSigned, Expired #very.old.com = ExpireUTC 2008-08-20T18:22:14, TooWeakEncryption <- not actually planned to implement #clueless.admin.com = ExpireUTC 2008-08-20T18:22:14, HostNameMismatch # #Wildcard syntax #* = ExpireUTC 2008-08-20T18:22:14, SelfSigned #*.kdab.net = ExpireUTC 2008-08-20T18:22:14, SelfSigned #mail.kdab.net = ExpireUTC 2008-08-20T18:22:14, All <- not implemented #* = ExpireUTC 9999-12-31T23:59:59, Reject #we know that something is wrong with that certificate CertificatePEM = #host entries are all lowercase, thus no clashes */ // TODO GUI for managing exception rules -class KSslCertificateRulePrivate -{ -public: - QSslCertificate certificate; - QString hostName; - bool isRejected; - QDateTime expiryDateTime; - QList ignoredErrors; -}; - KSslCertificateRule::KSslCertificateRule(const QSslCertificate &cert, const QString &hostName) : d(new KSslCertificateRulePrivate()) { d->certificate = cert; d->hostName = hostName; d->isRejected = false; } KSslCertificateRule::KSslCertificateRule(const KSslCertificateRule &other) : d(new KSslCertificateRulePrivate()) { *d = *other.d; } KSslCertificateRule::~KSslCertificateRule() { delete d; } KSslCertificateRule &KSslCertificateRule::operator=(const KSslCertificateRule &other) { *d = *other.d; return *this; } QSslCertificate KSslCertificateRule::certificate() const { return d->certificate; } QString KSslCertificateRule::hostName() const { return d->hostName; } void KSslCertificateRule::setExpiryDateTime(const QDateTime &dateTime) { d->expiryDateTime = dateTime; } QDateTime KSslCertificateRule::expiryDateTime() const { return d->expiryDateTime; } void KSslCertificateRule::setRejected(bool rejected) { d->isRejected = rejected; } bool KSslCertificateRule::isRejected() const { return d->isRejected; } bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const { return d->ignoredErrors.contains(KSslErrorPrivate::errorFromKSslError(error)); } bool KSslCertificateRule::isErrorIgnored(QSslError::SslError error) const { // ### temporary porting scafolding, remove the KSslError conversion roundtrip once kssld is ported // until then we need to do this here to avoid comparing QSslErrors that haven't been reduced to the // lower KSslError level of detail with the values stored as KSslError //return d->ignoredErrors.contains(error); return d->ignoredErrors.contains(KSslErrorPrivate::errorFromKSslError(KSslErrorPrivate::errorFromQSslError(error))); } void KSslCertificateRule::setIgnoredErrors(const QList &errors) { d->ignoredErrors.clear(); //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. for (KSslError::Error e : errors) { QSslError::SslError error = KSslErrorPrivate::errorFromKSslError(e); if (!isErrorIgnored(error)) { d->ignoredErrors.append(error); } } } void KSslCertificateRule::setIgnoredErrors(const QList &errors) { QList el; el.reserve(errors.size()); for (const KSslError &e : errors) { el.append(e.error()); } setIgnoredErrors(el); } void KSslCertificateRule::setIgnoredErrors(const QList &errors) { d->ignoredErrors.clear(); for (const QSslError &error : errors) { if (!isErrorIgnored(error.error())) { d->ignoredErrors.append(error.error()); } } } +void KSslCertificateRule::setIgnoredErrors(const QList &errors) +{ + d->ignoredErrors.clear(); + for (QSslError::SslError error : errors) { + if (!isErrorIgnored(error)) { + d->ignoredErrors.append(error); + } + } +} + QList KSslCertificateRule::ignoredErrors() const { // TODO KF6: return d->ignoredErrors // return d->ignoredErrors; QList errors; errors.reserve(d->ignoredErrors.size()); std::transform(d->ignoredErrors.cbegin(), d->ignoredErrors.cend(), std::back_inserter(errors), KSslErrorPrivate::errorFromQSslError); return errors; } QList KSslCertificateRule::filterErrors(const QList &errors) const { QList ret; for (KSslError::Error error : errors) { if (!isErrorIgnored(error)) { ret.append(error); } } return ret; } QList KSslCertificateRule::filterErrors(const QList &errors) const { QList ret; for (const KSslError &error : errors) { if (!isErrorIgnored(error.error())) { ret.append(error); } } return ret; } QList KSslCertificateRule::filterErrors(const QList &errors) const { QList ret; for (const QSslError &error : errors) { if (!isErrorIgnored(error.error())) { ret.append(error); } } return ret; } //////////////////////////////////////////////////////////////////// static QList deduplicate(const QList &certs) { QSet digests; QList ret; for (const QSslCertificate &cert : certs) { QByteArray digest = cert.digest(); if (!digests.contains(digest)) { digests.insert(digest); ret.append(cert); } } return ret; } KSslCertificateManagerPrivate::KSslCertificateManagerPrivate() : config(QStringLiteral("ksslcertificatemanager"), KConfig::SimpleConfig), iface(new org::kde::KSSLDInterface(QStringLiteral("org.kde.kssld5"), QStringLiteral("/modules/kssld"), QDBusConnection::sessionBus())), isCertListLoaded(false), userCertDir(QStandardPaths::writableLocation(QStandardPaths::GenericDataLocation) + QStringLiteral("/kssl/userCaCertificates/")) { } KSslCertificateManagerPrivate::~KSslCertificateManagerPrivate() { delete iface; iface = nullptr; } void KSslCertificateManagerPrivate::loadDefaultCaCertificates() { defaultCaCertificates.clear(); QList certs = deduplicate(QSslConfiguration::systemCaCertificates()); KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); KConfigGroup group = config.group("Blacklist of CA Certificates"); certs.append(QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), QSsl::Pem, QRegExp::Wildcard)); for (const QSslCertificate &cert : qAsConst(certs)) { const QByteArray digest = cert.digest().toHex(); if (!group.hasKey(digest.constData())) { defaultCaCertificates += cert; } } isCertListLoaded = true; } bool KSslCertificateManagerPrivate::addCertificate(const KSslCaCertificate &in) { //qDebug() << Q_FUNC_INFO; // cannot add a certificate to the system store if (in.store == KSslCaCertificate::SystemStore) { Q_ASSERT(false); return false; } if (knownCerts.contains(in.certHash)) { Q_ASSERT(false); return false; } QString certFilename = userCertDir + QString::fromLatin1(in.certHash); QFile certFile(certFilename); if (!QDir().mkpath(userCertDir) || certFile.open(QIODevice::ReadOnly)) { return false; } if (!certFile.open(QIODevice::WriteOnly)) { return false; } if (certFile.write(in.cert.toPem()) < 1) { return false; } knownCerts.insert(in.certHash); updateCertificateBlacklisted(in); return true; } bool KSslCertificateManagerPrivate::removeCertificate(const KSslCaCertificate &old) { //qDebug() << Q_FUNC_INFO; // cannot remove a certificate from the system store if (old.store == KSslCaCertificate::SystemStore) { Q_ASSERT(false); return false; } if (!QFile::remove(userCertDir + QString::fromLatin1(old.certHash))) { // suppose somebody copied a certificate file into userCertDir without changing the // filename to the digest. // the rest of the code will work fine because it loads all certificate files from // userCertDir without asking for the name, we just can't remove the certificate using // its digest as filename - so search the whole directory. // if the certificate was added with the digest as name *and* with a different name, we // still fail to remove it completely at first try - BAD USER! BAD! bool removed = false; QDir dir(userCertDir); const QStringList dirList = dir.entryList(QDir::Files); for (const QString &certFilename : dirList) { const QString certPath = userCertDir + certFilename; QList certs = QSslCertificate::fromPath(certPath); if (!certs.isEmpty() && certs.at(0).digest().toHex() == old.certHash) { if (QFile::remove(certPath)) { removed = true; } else { // maybe the file is readable but not writable return false; } } } if (!removed) { // looks like the file is not there return false; } } // note that knownCerts *should* need no updating due to the way setAllCertificates() works - // it should never call addCertificate and removeCertificate for the same cert in one run // clean up the blacklist setCertificateBlacklisted(old.certHash, false); return true; } static bool certLessThan(const KSslCaCertificate &cacert1, const KSslCaCertificate &cacert2) { if (cacert1.store != cacert2.store) { // SystemStore is numerically smaller so the system certs come first; this is important // so that system certificates come first in case the user added an already-present // certificate as a user certificate. return cacert1.store < cacert2.store; } return cacert1.certHash < cacert2.certHash; } void KSslCertificateManagerPrivate::setAllCertificates(const QList &certsIn) { Q_ASSERT(knownCerts.isEmpty()); QList in = certsIn; QList old = allCertificates(); std::sort(in.begin(), in.end(), certLessThan); std::sort(old.begin(), old.end(), certLessThan); for (int ii = 0, oi = 0; ii < in.size() || oi < old.size(); ++ii, ++oi) { // look at all elements in both lists, even if we reach the end of one early. if (ii >= in.size()) { removeCertificate(old.at(oi)); continue; } else if (oi >= old.size()) { addCertificate(in.at(ii)); continue; } if (certLessThan(old.at(oi), in.at(ii))) { // the certificate in "old" is not in "in". only advance the index of "old". removeCertificate(old.at(oi)); ii--; } else if (certLessThan(in.at(ii), old.at(oi))) { // the certificate in "in" is not in "old". only advance the index of "in". addCertificate(in.at(ii)); oi--; } else { // in.at(ii) "==" old.at(oi) if (in.at(ii).cert != old.at(oi).cert) { // hash collision, be prudent(?) and don't do anything. } else { knownCerts.insert(old.at(oi).certHash); if (in.at(ii).isBlacklisted != old.at(oi).isBlacklisted) { updateCertificateBlacklisted(in.at(ii)); } } } } knownCerts.clear(); QMutexLocker certListLocker(&certListMutex); isCertListLoaded = false; loadDefaultCaCertificates(); } QList KSslCertificateManagerPrivate::allCertificates() const { //qDebug() << Q_FUNC_INFO; QList ret; const QList list = deduplicate(QSslConfiguration::systemCaCertificates()); for (const QSslCertificate &cert : list) { ret += KSslCaCertificate(cert, KSslCaCertificate::SystemStore, false); } const QList userList = QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), QSsl::Pem, QRegExp::Wildcard); for (const QSslCertificate &cert : userList) { ret += KSslCaCertificate(cert, KSslCaCertificate::UserStore, false); } KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); KConfigGroup group = config.group("Blacklist of CA Certificates"); for (KSslCaCertificate &cert : ret) { if (group.hasKey(cert.certHash.constData())) { cert.isBlacklisted = true; //qDebug() << "is blacklisted"; } } return ret; } bool KSslCertificateManagerPrivate::updateCertificateBlacklisted(const KSslCaCertificate &cert) { return setCertificateBlacklisted(cert.certHash, cert.isBlacklisted); } bool KSslCertificateManagerPrivate::setCertificateBlacklisted(const QByteArray &certHash, bool isBlacklisted) { //qDebug() << Q_FUNC_INFO << isBlacklisted; KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); KConfigGroup group = config.group("Blacklist of CA Certificates"); if (isBlacklisted) { // TODO check against certificate list ? group.writeEntry(certHash.constData(), QString()); } else { if (!group.hasKey(certHash.constData())) { return false; } group.deleteEntry(certHash.constData()); } return true; } class KSslCertificateManagerContainer { public: KSslCertificateManager sslCertificateManager; }; Q_GLOBAL_STATIC(KSslCertificateManagerContainer, g_instance) KSslCertificateManager::KSslCertificateManager() : d(new KSslCertificateManagerPrivate()) { } KSslCertificateManager::~KSslCertificateManager() { delete d; } //static KSslCertificateManager *KSslCertificateManager::self() { return &g_instance()->sslCertificateManager; } void KSslCertificateManager::setRule(const KSslCertificateRule &rule) { d->iface->setRule(rule); } void KSslCertificateManager::clearRule(const KSslCertificateRule &rule) { d->iface->clearRule(rule); } void KSslCertificateManager::clearRule(const QSslCertificate &cert, const QString &hostName) { d->iface->clearRule(cert, hostName); } KSslCertificateRule KSslCertificateManager::rule(const QSslCertificate &cert, const QString &hostName) const { return d->iface->rule(cert, hostName); } QList KSslCertificateManager::caCertificates() const { QMutexLocker certLocker(&d->certListMutex); if (!d->isCertListLoaded) { d->loadDefaultCaCertificates(); } return d->defaultCaCertificates; } //static QList KSslCertificateManager::nonIgnorableErrors(const QList &/*e*/) { QList ret; // ### add filtering here... return ret; } //static QList KSslCertificateManager::nonIgnorableErrors(const QList &/*e*/) { QList ret; // ### add filtering here... return ret; } QList KSslCertificateManager::nonIgnorableErrors(const QList &errors) { Q_UNUSED(errors) // ### add filtering here... return {}; } QList _allKsslCaCertificates(KSslCertificateManager *cm) { return KSslCertificateManagerPrivate::get(cm)->allCertificates(); } void _setAllKsslCaCertificates(KSslCertificateManager *cm, const QList &certsIn) { KSslCertificateManagerPrivate::get(cm)->setAllCertificates(certsIn); } #include "moc_kssld_interface.cpp" diff --git a/src/core/ksslcertificatemanager.h b/src/core/ksslcertificatemanager.h index 838376df..2e16453a 100644 --- a/src/core/ksslcertificatemanager.h +++ b/src/core/ksslcertificatemanager.h @@ -1,139 +1,146 @@ /* This file is part of the KDE project * * Copyright (C) 2007, 2008, 2010 Andreas Hartmetz * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Library General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library General Public License for more details. * * You should have received a copy of the GNU Library General Public License * along with this library; see the file COPYING.LIB. If not, write to * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, * Boston, MA 02110-1301, USA. */ #ifndef _INCLUDE_KSSLCERTIFICATEMANAGER_H #define _INCLUDE_KSSLCERTIFICATEMANAGER_H #include "ktcpsocket.h" // TODO KF6 remove include #include #include #include #include #include +class QDBusArgument; class QSslCertificate; class KSslCertificateRulePrivate; class KSslCertificateManagerPrivate; //### document this... :/ /** Certificate rule. */ class KIOCORE_EXPORT KSslCertificateRule { public: KSslCertificateRule(const QSslCertificate &cert = QSslCertificate(), const QString &hostName = QString()); KSslCertificateRule(const KSslCertificateRule &other); ~KSslCertificateRule(); KSslCertificateRule &operator=(const KSslCertificateRule &other); QSslCertificate certificate() const; QString hostName() const; void setExpiryDateTime(const QDateTime &dateTime); QDateTime expiryDateTime() const; void setRejected(bool rejected); bool isRejected() const; #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 64) /** @deprecated since 5.64, use the QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateRule::isErrorIgnored(QSslError::SslError)") bool isErrorIgnored(KSslError::Error error) const; #endif /** * Returns whether @p error is ignored for this certificate. * @since 5.64 */ bool isErrorIgnored(QSslError::SslError error) const; #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 64) /** @deprecated since 5.64, use the QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateRule::setIgnoredErrors(const QList &)") void setIgnoredErrors(const QList &errors); /** @deprecated since 5.64, use the QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateRule::setIgnoredErrors(const QList &)") void setIgnoredErrors(const QList &errors); #endif /** * Set the ignored errors for this certificate. * @since 5.64 */ void setIgnoredErrors(const QList &errors); + /** + * Set the ignored errors for this certificate. + * @since 5.64 + */ + void setIgnoredErrors(const QList &errors); QList ignoredErrors() const; // TODO KF6 return QSslError::SslError list #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 64) /** @deprecated since 5.64, use the QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateRule::filterErrors(const QList &)") QList filterErrors(const QList &errors) const; /** @deprecated since 5.64, use the QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateRule::filterErrors(const QList &)") QList filterErrors(const QList &errors) const; #endif /** * Filter out errors that are already ignored. * @since 5.64 */ QList filterErrors(const QList &errors) const; private: + friend QDBusArgument &operator<<(QDBusArgument &argument, const KSslCertificateRule &rule); // TODO KF6 remove KSslCertificateRulePrivate *const d; }; //### document this too... :/ /** Certificate manager. */ class KIOCORE_EXPORT KSslCertificateManager { public: static KSslCertificateManager *self(); void setRule(const KSslCertificateRule &rule); void clearRule(const KSslCertificateRule &rule); void clearRule(const QSslCertificate &cert, const QString &hostName); KSslCertificateRule rule(const QSslCertificate &cert, const QString &hostName) const; #if KIOCORE_ENABLE_DEPRECATED_SINCE(4, 6) /** @deprecated Since 4.6, use caCertificates() instead */ KIOCORE_DEPRECATED_VERSION(4, 6, "Use KSslCertificateManager::caCertificates()") QList rootCertificates() const { return caCertificates(); } #endif QList caCertificates() const; #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 64) /** @deprecated since 5.64, use the corresponding QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateManager::nonIgnorableErrors(const QList &)") static QList nonIgnorableErrors(const QList &); /** @deprecated since 5.64, use the corresponding QSslError variant. */ KIOCORE_DEPRECATED_VERSION(5, 64, "Use KSslCertificateManager::nonIgnorableErrors(const QList &)") static QList nonIgnorableErrors(const QList &); #endif /** * Returns the subset of @p errors that cannot be ignored, ie. that is considered fatal. * @since 5.64 */ static QList nonIgnorableErrors(const QList &errors); private: friend class KSslCertificateManagerContainer; friend class KSslCertificateManagerPrivate; KSslCertificateManager(); ~KSslCertificateManager(); KSslCertificateManagerPrivate *const d; }; #endif diff --git a/src/core/ksslcertificatemanager_p.h b/src/core/ksslcertificatemanager_p.h index f151976e..215e775d 100644 --- a/src/core/ksslcertificatemanager_p.h +++ b/src/core/ksslcertificatemanager_p.h @@ -1,96 +1,106 @@ /* This file is part of the KDE project * * Copyright (C) 2010 Andreas Hartmetz * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Library General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library General Public License for more details. * * You should have received a copy of the GNU Library General Public License * along with this library; see the file COPYING.LIB. If not, write to * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, * Boston, MA 02110-1301, USA. */ #ifndef KSSLCERTIFICATEMANAGER_P_H #define KSSLCERTIFICATEMANAGER_P_H #include #include "kconfig.h" +class KSslCertificateRulePrivate +{ +public: + QSslCertificate certificate; + QString hostName; + bool isRejected; + QDateTime expiryDateTime; + QList ignoredErrors; +}; + struct KSslCaCertificate { enum Store { SystemStore = 0, UserStore }; // TODO see if we can get rid of the .toHex() for storage and comparison; requires // several changes in KSslCertificateManager and CaCertificatesPage! KSslCaCertificate(const QSslCertificate &c, Store s, bool _isBlacklisted) : cert(c), certHash(c.digest().toHex()), store(s), isBlacklisted(_isBlacklisted) { } QSslCertificate cert; QByteArray certHash; Store store; bool isBlacklisted; }; class OrgKdeKSSLDInterface; // aka org::kde::KSSLDInterface namespace org { namespace kde { typedef ::OrgKdeKSSLDInterface KSSLDInterface; } } class KSslCertificateManagerPrivate { public: KSslCertificateManagerPrivate(); ~KSslCertificateManagerPrivate(); static KSslCertificateManagerPrivate *get(KSslCertificateManager *q) { return q->d; } void loadDefaultCaCertificates(); // helpers for setAllCertificates() bool addCertificate(const KSslCaCertificate &in); bool removeCertificate(const KSslCaCertificate &old); bool updateCertificateBlacklisted(const KSslCaCertificate &cert); bool setCertificateBlacklisted(const QByteArray &certHash, bool isBlacklisted); void setAllCertificates(const QList &certsIn); QList allCertificates() const; KConfig config; org::kde::KSSLDInterface *iface; QList defaultCaCertificates; // for use in setAllCertificates() only QSet knownCerts; QMutex certListMutex; bool isCertListLoaded; QString userCertDir; }; // don't export KSslCertificateManagerPrivate to avoid unnecessary symbols KIOCORE_EXPORT QList _allKsslCaCertificates(KSslCertificateManager *cm); KIOCORE_EXPORT void _setAllKsslCaCertificates(KSslCertificateManager *cm, const QList &certsIn); #endif //KSSLCERTIFICATEMANAGER_P_H diff --git a/src/core/kssld_dbusmetatypes.h b/src/core/kssld_dbusmetatypes.h index f4917675..18e82d73 100644 --- a/src/core/kssld_dbusmetatypes.h +++ b/src/core/kssld_dbusmetatypes.h @@ -1,106 +1,108 @@ /* This file is part of the KDE libraries Copyright (c) 2007 Andreas Hartmetz This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with this library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #ifndef KSSLD_DBUSMETATYPES_H #define KSSLD_DBUSMETATYPES_H +#include "ksslcertificatemanager_p.h" + #include #include #include Q_DECLARE_METATYPE(KSslCertificateRule) -Q_DECLARE_METATYPE(KSslError::Error) +Q_DECLARE_METATYPE(QSslError::SslError) QDBusArgument &operator<<(QDBusArgument &argument, const QSslCertificate &cert) { argument.beginStructure(); argument << cert.toDer(); argument.endStructure(); return argument; } const QDBusArgument &operator>>(const QDBusArgument &argument, QSslCertificate &cert) { QByteArray data; argument.beginStructure(); argument >> data; argument.endStructure(); cert = QSslCertificate(data, QSsl::Der); return argument; } QDBusArgument &operator<<(QDBusArgument &argument, const KSslCertificateRule &rule) { argument.beginStructure(); argument << rule.certificate() << rule.hostName() << rule.isRejected() << rule.expiryDateTime().toString(Qt::ISODate) - << rule.ignoredErrors(); + << rule.d->ignoredErrors; // TODO KF6: replace by a call to rule.ignoredErrors argument.endStructure(); return argument; } const QDBusArgument &operator>>(const QDBusArgument &argument, KSslCertificateRule &rule) { QSslCertificate cert; QString hostName; bool isRejected; QString expiryStr; - QList ignoredErrors; + QList ignoredErrors; argument.beginStructure(); argument >> cert >> hostName >> isRejected >> expiryStr >> ignoredErrors; argument.endStructure(); KSslCertificateRule ret(cert, hostName); ret.setRejected(isRejected); ret.setExpiryDateTime(QDateTime::fromString(expiryStr, Qt::ISODate)); ret.setIgnoredErrors(ignoredErrors); rule = ret; return argument; } -QDBusArgument &operator<<(QDBusArgument &argument, const KSslError::Error &error) +QDBusArgument &operator<<(QDBusArgument &argument, const QSslError::SslError &error) { argument.beginStructure(); //overhead ho! argument << static_cast(error); argument.endStructure(); return argument; } -const QDBusArgument &operator>>(const QDBusArgument &argument, KSslError::Error &error) +const QDBusArgument &operator>>(const QDBusArgument &argument, QSslError::SslError &error) { int data; argument.beginStructure(); argument >> data; argument.endStructure(); - error = static_cast(data); + error = static_cast(data); return argument; } static void registerMetaTypesForKSSLD() { qDBusRegisterMetaType(); qDBusRegisterMetaType(); qDBusRegisterMetaType >(); - qDBusRegisterMetaType(); - qDBusRegisterMetaType >(); + qDBusRegisterMetaType(); + qDBusRegisterMetaType>(); } #endif //KSSLD_DBUSMETATYPES_H