Changeset View
Changeset View
Standalone View
Standalone View
src/core/ksslcertificatemanager.cpp
Show First 20 Lines • Show All 117 Lines • ▼ Show 20 Line(s) | |||||
118 | 118 | | |||
119 | bool KSslCertificateRule::isRejected() const | 119 | bool KSslCertificateRule::isRejected() const | ||
120 | { | 120 | { | ||
121 | return d->isRejected; | 121 | return d->isRejected; | ||
122 | } | 122 | } | ||
123 | 123 | | |||
124 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | 124 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | ||
125 | { | 125 | { | ||
126 | foreach (KSslError::Error ignoredError, d->ignoredErrors) | 126 | for (KSslError::Error ignoredError : qAsConst(d->ignoredErrors)) { | ||
127 | if (error == ignoredError) { | 127 | if (error == ignoredError) { | ||
128 | return true; | 128 | return true; | ||
129 | } | 129 | } | ||
130 | } | ||||
130 | 131 | | |||
131 | return false; | 132 | return false; | ||
132 | } | 133 | } | ||
133 | 134 | | |||
134 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | 135 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | ||
135 | { | 136 | { | ||
136 | d->ignoredErrors.clear(); | 137 | d->ignoredErrors.clear(); | ||
137 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | 138 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | ||
▲ Show 20 Lines • Show All 141 Lines • ▼ Show 20 Line(s) | 276 | if (!QFile::remove(userCertDir + QString::fromLatin1(old.certHash))) { | |||
279 | // the rest of the code will work fine because it loads all certificate files from | 280 | // the rest of the code will work fine because it loads all certificate files from | ||
280 | // userCertDir without asking for the name, we just can't remove the certificate using | 281 | // userCertDir without asking for the name, we just can't remove the certificate using | ||
281 | // its digest as filename - so search the whole directory. | 282 | // its digest as filename - so search the whole directory. | ||
282 | // if the certificate was added with the digest as name *and* with a different name, we | 283 | // if the certificate was added with the digest as name *and* with a different name, we | ||
283 | // still fail to remove it completely at first try - BAD USER! BAD! | 284 | // still fail to remove it completely at first try - BAD USER! BAD! | ||
284 | 285 | | |||
285 | bool removed = false; | 286 | bool removed = false; | ||
286 | QDir dir(userCertDir); | 287 | QDir dir(userCertDir); | ||
287 | foreach (const QString &certFilename, dir.entryList(QDir::Files)) { | 288 | const QStringList dirList = dir.entryList(QDir::Files); | ||
289 | for (const QString &certFilename : dirList) { | ||||
288 | const QString certPath = userCertDir + certFilename; | 290 | const QString certPath = userCertDir + certFilename; | ||
289 | QList<QSslCertificate> certs = QSslCertificate::fromPath(certPath); | 291 | QList<QSslCertificate> certs = QSslCertificate::fromPath(certPath); | ||
290 | 292 | | |||
291 | if (!certs.isEmpty() && certs.at(0).digest().toHex() == old.certHash) { | 293 | if (!certs.isEmpty() && certs.at(0).digest().toHex() == old.certHash) { | ||
292 | if (QFile::remove(certPath)) { | 294 | if (QFile::remove(certPath)) { | ||
293 | removed = true; | 295 | removed = true; | ||
294 | } else { | 296 | } else { | ||
295 | // maybe the file is readable but not writable | 297 | // maybe the file is readable but not writable | ||
▲ Show 20 Lines • Show All 69 Lines • ▼ Show 20 Line(s) | 329 | { | |||
365 | isCertListLoaded = false; | 367 | isCertListLoaded = false; | ||
366 | loadDefaultCaCertificates(); | 368 | loadDefaultCaCertificates(); | ||
367 | } | 369 | } | ||
368 | 370 | | |||
369 | QList<KSslCaCertificate> KSslCertificateManagerPrivate::allCertificates() const | 371 | QList<KSslCaCertificate> KSslCertificateManagerPrivate::allCertificates() const | ||
370 | { | 372 | { | ||
371 | //qDebug() << Q_FUNC_INFO; | 373 | //qDebug() << Q_FUNC_INFO; | ||
372 | QList<KSslCaCertificate> ret; | 374 | QList<KSslCaCertificate> ret; | ||
373 | foreach (const QSslCertificate &cert, deduplicate(QSslConfiguration::systemCaCertificates())) { | 375 | const QList<QSslCertificate> list = deduplicate(QSslConfiguration::systemCaCertificates()); | ||
376 | for (const QSslCertificate &cert : list) { | ||||
374 | ret += KSslCaCertificate(cert, KSslCaCertificate::SystemStore, false); | 377 | ret += KSslCaCertificate(cert, KSslCaCertificate::SystemStore, false); | ||
375 | } | 378 | } | ||
376 | 379 | | |||
377 | foreach (const QSslCertificate &cert, QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), | 380 | const QList<QSslCertificate> list2 = QSslCertificate::fromPath(userCertDir + QLatin1Char('*'), QSsl::Pem, | ||
dfaure: `userList` would be a better variable name | |||||
378 | QSsl::Pem, QRegExp::Wildcard)) { | 381 | QRegExp::Wildcard); | ||
382 | for (const QSslCertificate &cert : list2) { | ||||
379 | ret += KSslCaCertificate(cert, KSslCaCertificate::UserStore, false); | 383 | ret += KSslCaCertificate(cert, KSslCaCertificate::UserStore, false); | ||
380 | } | 384 | } | ||
381 | 385 | | |||
382 | KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); | 386 | KConfig config(QStringLiteral("ksslcablacklist"), KConfig::SimpleConfig); | ||
383 | KConfigGroup group = config.group("Blacklist of CA Certificates"); | 387 | KConfigGroup group = config.group("Blacklist of CA Certificates"); | ||
384 | for (int i = 0; i < ret.size(); i++) { | 388 | for (int i = 0; i < ret.size(); i++) { | ||
385 | if (group.hasKey(ret[i].certHash.constData())) { | 389 | if (group.hasKey(ret[i].certHash.constData())) { | ||
386 | ret[i].isBlacklisted = true; | 390 | ret[i].isBlacklisted = true; | ||
▲ Show 20 Lines • Show All 112 Lines • Show Last 20 Lines |
userList would be a better variable name