Changeset View
Changeset View
Standalone View
Standalone View
src/core/ksslcertificatemanager.cpp
| Show First 20 Lines • Show All 117 Lines • ▼ Show 20 Line(s) | |||||
| 118 | 118 | | |||
| 119 | bool KSslCertificateRule::isRejected() const | 119 | bool KSslCertificateRule::isRejected() const | ||
| 120 | { | 120 | { | ||
| 121 | return d->isRejected; | 121 | return d->isRejected; | ||
| 122 | } | 122 | } | ||
| 123 | 123 | | |||
| 124 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | 124 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | ||
| 125 | { | 125 | { | ||
| 126 | foreach (KSslError::Error ignoredError, d->ignoredErrors) | 126 | for (KSslError::Error ignoredError : qAsConst(d->ignoredErrors)) { | ||
| 127 | if (error == ignoredError) { | 127 | if (error == ignoredError) { | ||
| 128 | return true; | 128 | return true; | ||
| 129 | } | 129 | } | ||
| 130 | } | ||||
| 130 | 131 | | |||
| 131 | return false; | 132 | return false; | ||
| 132 | } | 133 | } | ||
| 133 | 134 | | |||
| 134 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | 135 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | ||
| 135 | { | 136 | { | ||
| 136 | d->ignoredErrors.clear(); | 137 | d->ignoredErrors.clear(); | ||
| 137 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | 138 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | ||
| ▲ Show 20 Lines • Show All 141 Lines • ▼ Show 20 Line(s) | 276 | if (!QFile::remove(userCertDir + QString::fromLatin1(old.certHash))) { | |||
| 279 | // the rest of the code will work fine because it loads all certificate files from | 280 | // the rest of the code will work fine because it loads all certificate files from | ||
| 280 | // userCertDir without asking for the name, we just can't remove the certificate using | 281 | // userCertDir without asking for the name, we just can't remove the certificate using | ||
| 281 | // its digest as filename - so search the whole directory. | 282 | // its digest as filename - so search the whole directory. | ||
| 282 | // if the certificate was added with the digest as name *and* with a different name, we | 283 | // if the certificate was added with the digest as name *and* with a different name, we | ||
| 283 | // still fail to remove it completely at first try - BAD USER! BAD! | 284 | // still fail to remove it completely at first try - BAD USER! BAD! | ||
| 284 | 285 | | |||
| 285 | bool removed = false; | 286 | bool removed = false; | ||
| 286 | QDir dir(userCertDir); | 287 | QDir dir(userCertDir); | ||
| 287 | foreach (const QString &certFilename, dir.entryList(QDir::Files)) { | 288 | const QStringList dirList = dir.entryList(QDir::Files); | ||
| 289 | for (const QString &certFilename : dirList) { | ||||
| 288 | const QString certPath = userCertDir + certFilename; | 290 | const QString certPath = userCertDir + certFilename; | ||
| 289 | QList<QSslCertificate> certs = QSslCertificate::fromPath(certPath); | 291 | QList<QSslCertificate> certs = QSslCertificate::fromPath(certPath); | ||
| 290 | 292 | | |||
| 291 | if (!certs.isEmpty() && certs.at(0).digest().toHex() == old.certHash) { | 293 | if (!certs.isEmpty() && certs.at(0).digest().toHex() == old.certHash) { | ||
| 292 | if (QFile::remove(certPath)) { | 294 | if (QFile::remove(certPath)) { | ||
| 293 | removed = true; | 295 | removed = true; | ||
| 294 | } else { | 296 | } else { | ||
| 295 | // maybe the file is readable but not writable | 297 | // maybe the file is readable but not writable | ||
| ▲ Show 20 Lines • Show All 69 Lines • ▼ Show 20 Line(s) | 329 | { | |||
| 365 | isCertListLoaded = false; | 367 | isCertListLoaded = false; | ||
| 366 | loadDefaultCaCertificates(); | 368 | loadDefaultCaCertificates(); | ||
| 367 | } | 369 | } | ||
| 368 | 370 | | |||
| 369 | QList<KSslCaCertificate> KSslCertificateManagerPrivate::allCertificates() const | 371 | QList<KSslCaCertificate> KSslCertificateManagerPrivate::allCertificates() const | ||
| 370 | { | 372 | { | ||
| 371 | //qDebug() << Q_FUNC_INFO; | 373 | //qDebug() << Q_FUNC_INFO; | ||
| 372 | QList<KSslCaCertificate> ret; | 374 | QList<KSslCaCertificate> ret; | ||
| 373 | foreach (const QSslCertificate &cert, deduplicate(QSslConfiguration::systemCaCertificates())) { | 375 | const QList<QSslCertificate> list = deduplicate(QSslConfiguration::systemCaCertificates()); | ||
| 376 | for (const QSslCertificate &cert : list) { | ||||
| 374 | ret += KSslCaCertificate(cert, KSslCaCertificate::SystemStore, false); | 377 | ret += KSslCaCertificate(cert, KSslCaCertificate::SystemStore, false); | ||
| 375 | } | 378 | } | ||
| 376 | 379 | | |||
| 377 | foreach (const QSslCertificate &cert, QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), | 380 | const QList<QSslCertificate> list2 = QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), QSsl::Pem, | ||
dfaure: `userList` would be a better variable name | |||||
| 378 | QSsl::Pem, QRegExp::Wildcard)) { | 381 | QRegExp::Wildcard); | ||
| 382 | for (const QSslCertificate &cert : list2) { | ||||
| 379 | ret += KSslCaCertificate(cert, KSslCaCertificate::UserStore, false); | 383 | ret += KSslCaCertificate(cert, KSslCaCertificate::UserStore, false); | ||
| 380 | } | 384 | } | ||
| 381 | 385 | | |||
| 382 | KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); | 386 | KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); | ||
| 383 | KConfigGroup group = config.group("Blacklist of CA Certificates"); | 387 | KConfigGroup group = config.group("Blacklist of CA Certificates"); | ||
| 384 | for (int i = 0; i < ret.size(); i++) { | 388 | for (int i = 0; i < ret.size(); i++) { | ||
| 385 | if (group.hasKey(ret[i].certHash.constData())) { | 389 | if (group.hasKey(ret[i].certHash.constData())) { | ||
| 386 | ret[i].isBlacklisted = true; | 390 | ret[i].isBlacklisted = true; | ||
| ▲ Show 20 Lines • Show All 112 Lines • Show Last 20 Lines | |||||
userList would be a better variable name