Changeset View
Changeset View
Standalone View
Standalone View
src/core/ksslcertificatemanager.cpp
Show All 28 Lines | |||||
29 | #include <klocalizedstring.h> | 29 | #include <klocalizedstring.h> | ||
30 | 30 | | |||
31 | #include <QDebug> | 31 | #include <QDebug> | ||
32 | #include <qstandardpaths.h> | 32 | #include <qstandardpaths.h> | ||
33 | #include <QFile> | 33 | #include <QFile> | ||
34 | #include <QDir> | 34 | #include <QDir> | ||
35 | #include <QDBusConnection> | 35 | #include <QDBusConnection> | ||
36 | #include <QDBusConnectionInterface> | 36 | #include <QDBusConnectionInterface> | ||
37 | #include <QSslConfiguration> | ||||
37 | 38 | | |||
38 | #include "kssld_interface.h" | 39 | #include "kssld_interface.h" | ||
39 | 40 | | |||
40 | /* | 41 | /* | ||
41 | Config file format: | 42 | Config file format: | ||
42 | [<MD5-Digest>] | 43 | [<MD5-Digest>] | ||
43 | <Host> = <Date> <List of ignored errors> | 44 | <Host> = <Date> <List of ignored errors> | ||
44 | #for example | 45 | #for example | ||
▲ Show 20 Lines • Show All 62 Lines • ▼ Show 20 Line(s) | 107 | { | |||
107 | d->isRejected = rejected; | 108 | d->isRejected = rejected; | ||
108 | } | 109 | } | ||
109 | 110 | | |||
110 | bool KSslCertificateRule::isRejected() const | 111 | bool KSslCertificateRule::isRejected() const | ||
111 | { | 112 | { | ||
112 | return d->isRejected; | 113 | return d->isRejected; | ||
113 | } | 114 | } | ||
114 | 115 | | |||
116 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
115 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | 117 | bool KSslCertificateRule::isErrorIgnored(KSslError::Error error) const | ||
116 | { | 118 | { | ||
117 | return d->ignoredErrors.contains(KSslErrorPrivate::errorFromKSslError(error)); | 119 | return d->ignoredErrors.contains(KSslErrorPrivate::errorFromKSslError(error)); | ||
118 | } | 120 | } | ||
121 | #endif | ||||
119 | 122 | | |||
120 | bool KSslCertificateRule::isErrorIgnored(QSslError::SslError error) const | 123 | bool KSslCertificateRule::isErrorIgnored(QSslError::SslError error) const | ||
121 | { | 124 | { | ||
122 | return d->ignoredErrors.contains(error); | 125 | return d->ignoredErrors.contains(error); | ||
123 | } | 126 | } | ||
124 | 127 | | |||
128 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
125 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | 129 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError::Error> &errors) | ||
126 | { | 130 | { | ||
127 | d->ignoredErrors.clear(); | 131 | d->ignoredErrors.clear(); | ||
128 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | 132 | //### Quadratic runtime, woohoo! Use a QSet if that should ever be an issue. | ||
129 | for (KSslError::Error e : errors) { | 133 | for (KSslError::Error e : errors) { | ||
130 | QSslError::SslError error = KSslErrorPrivate::errorFromKSslError(e); | 134 | QSslError::SslError error = KSslErrorPrivate::errorFromKSslError(e); | ||
131 | if (!isErrorIgnored(error)) { | 135 | if (!isErrorIgnored(error)) { | ||
132 | d->ignoredErrors.append(error); | 136 | d->ignoredErrors.append(error); | ||
133 | } | 137 | } | ||
134 | } | 138 | } | ||
135 | } | 139 | } | ||
140 | #endif | ||||
136 | 141 | | |||
142 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
137 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError> &errors) | 143 | void KSslCertificateRule::setIgnoredErrors(const QList<KSslError> &errors) | ||
138 | { | 144 | { | ||
139 | QList<KSslError::Error> el; | 145 | QList<KSslError::Error> el; | ||
140 | el.reserve(errors.size()); | 146 | el.reserve(errors.size()); | ||
141 | for (const KSslError &e : errors) { | 147 | for (const KSslError &e : errors) { | ||
142 | el.append(e.error()); | 148 | el.append(e.error()); | ||
143 | } | 149 | } | ||
144 | setIgnoredErrors(el); | 150 | setIgnoredErrors(el); | ||
145 | } | 151 | } | ||
152 | #endif | ||||
146 | 153 | | |||
147 | void KSslCertificateRule::setIgnoredErrors(const QList<QSslError> &errors) | 154 | void KSslCertificateRule::setIgnoredErrors(const QList<QSslError> &errors) | ||
148 | { | 155 | { | ||
149 | d->ignoredErrors.clear(); | 156 | d->ignoredErrors.clear(); | ||
150 | for (const QSslError &error : errors) { | 157 | for (const QSslError &error : errors) { | ||
151 | if (!isErrorIgnored(error.error())) { | 158 | if (!isErrorIgnored(error.error())) { | ||
152 | d->ignoredErrors.append(error.error()); | 159 | d->ignoredErrors.append(error.error()); | ||
153 | } | 160 | } | ||
154 | } | 161 | } | ||
155 | } | 162 | } | ||
156 | 163 | | |||
157 | void KSslCertificateRule::setIgnoredErrors(const QList<QSslError::SslError> &errors) | 164 | void KSslCertificateRule::setIgnoredErrors(const QList<QSslError::SslError> &errors) | ||
158 | { | 165 | { | ||
159 | d->ignoredErrors.clear(); | 166 | d->ignoredErrors.clear(); | ||
160 | for (QSslError::SslError error : errors) { | 167 | for (QSslError::SslError error : errors) { | ||
161 | if (!isErrorIgnored(error)) { | 168 | if (!isErrorIgnored(error)) { | ||
162 | d->ignoredErrors.append(error); | 169 | d->ignoredErrors.append(error); | ||
163 | } | 170 | } | ||
164 | } | 171 | } | ||
165 | } | 172 | } | ||
166 | 173 | | |||
174 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
167 | QList<KSslError::Error> KSslCertificateRule::ignoredErrors() const | 175 | QList<KSslError::Error> KSslCertificateRule::ignoredErrors() const | ||
168 | { | 176 | { | ||
169 | // TODO KF6: return d->ignoredErrors | 177 | // KF6: replace by QList<QSslError::SslError> below | ||
170 | // return d->ignoredErrors; | | |||
171 | QList<KSslError::Error> errors; | 178 | QList<KSslError::Error> errors; | ||
172 | errors.reserve(d->ignoredErrors.size()); | 179 | errors.reserve(d->ignoredErrors.size()); | ||
173 | std::transform(d->ignoredErrors.cbegin(), d->ignoredErrors.cend(), std::back_inserter(errors), KSslErrorPrivate::errorFromQSslError); | 180 | std::transform(d->ignoredErrors.cbegin(), d->ignoredErrors.cend(), std::back_inserter(errors), KSslErrorPrivate::errorFromQSslError); | ||
174 | return errors; | 181 | return errors; | ||
175 | } | 182 | } | ||
183 | #else | ||||
184 | QList<QSslError::SslError> KSslCertificateRule::ignoredErrors() const | ||||
185 | { | ||||
186 | return d->ignoredErrors; | ||||
187 | } | ||||
188 | #endif | ||||
176 | 189 | | |||
190 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
177 | QList<KSslError::Error> KSslCertificateRule::filterErrors(const QList<KSslError::Error> &errors) const | 191 | QList<KSslError::Error> KSslCertificateRule::filterErrors(const QList<KSslError::Error> &errors) const | ||
178 | { | 192 | { | ||
179 | QList<KSslError::Error> ret; | 193 | QList<KSslError::Error> ret; | ||
180 | for (KSslError::Error error : errors) { | 194 | for (KSslError::Error error : errors) { | ||
181 | if (!isErrorIgnored(error)) { | 195 | if (!isErrorIgnored(error)) { | ||
182 | ret.append(error); | 196 | ret.append(error); | ||
183 | } | 197 | } | ||
184 | } | 198 | } | ||
185 | return ret; | 199 | return ret; | ||
186 | } | 200 | } | ||
201 | #endif | ||||
187 | 202 | | |||
203 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
188 | QList<KSslError> KSslCertificateRule::filterErrors(const QList<KSslError> &errors) const | 204 | QList<KSslError> KSslCertificateRule::filterErrors(const QList<KSslError> &errors) const | ||
189 | { | 205 | { | ||
190 | QList<KSslError> ret; | 206 | QList<KSslError> ret; | ||
191 | for (const KSslError &error : errors) { | 207 | for (const KSslError &error : errors) { | ||
192 | if (!isErrorIgnored(error.error())) { | 208 | if (!isErrorIgnored(error.error())) { | ||
193 | ret.append(error); | 209 | ret.append(error); | ||
194 | } | 210 | } | ||
195 | } | 211 | } | ||
196 | return ret; | 212 | return ret; | ||
197 | } | 213 | } | ||
214 | #endif | ||||
198 | 215 | | |||
199 | QList<QSslError> KSslCertificateRule::filterErrors(const QList<QSslError> &errors) const | 216 | QList<QSslError> KSslCertificateRule::filterErrors(const QList<QSslError> &errors) const | ||
200 | { | 217 | { | ||
201 | QList<QSslError> ret; | 218 | QList<QSslError> ret; | ||
202 | for (const QSslError &error : errors) { | 219 | for (const QSslError &error : errors) { | ||
203 | if (!isErrorIgnored(error.error())) { | 220 | if (!isErrorIgnored(error.error())) { | ||
204 | ret.append(error); | 221 | ret.append(error); | ||
205 | } | 222 | } | ||
▲ Show 20 Lines • Show All 290 Lines • ▼ Show 20 Line(s) | |||||
496 | { | 513 | { | ||
497 | QMutexLocker certLocker(&d->certListMutex); | 514 | QMutexLocker certLocker(&d->certListMutex); | ||
498 | if (!d->isCertListLoaded) { | 515 | if (!d->isCertListLoaded) { | ||
499 | d->loadDefaultCaCertificates(); | 516 | d->loadDefaultCaCertificates(); | ||
500 | } | 517 | } | ||
501 | return d->defaultCaCertificates; | 518 | return d->defaultCaCertificates; | ||
502 | } | 519 | } | ||
503 | 520 | | |||
521 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
504 | //static | 522 | //static | ||
505 | QList<KSslError> KSslCertificateManager::nonIgnorableErrors(const QList<KSslError> &errors) | 523 | QList<KSslError> KSslCertificateManager::nonIgnorableErrors(const QList<KSslError> &errors) | ||
506 | { | 524 | { | ||
507 | QList<KSslError> ret; | 525 | QList<KSslError> ret; | ||
508 | // errors not handled in KSSLD | 526 | // errors not handled in KSSLD | ||
509 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const KSslError &e) { | 527 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const KSslError &e) { | ||
510 | return e.error() == KSslError::NoPeerCertificate || e.error() == KSslError::PathLengthExceeded; | 528 | return e.error() == KSslError::NoPeerCertificate || e.error() == KSslError::PathLengthExceeded; | ||
511 | }); | 529 | }); | ||
512 | return ret; | 530 | return ret; | ||
513 | } | 531 | } | ||
532 | #endif | ||||
514 | 533 | | |||
534 | #if KIOCORE_BUILD_DEPRECATED_SINCE(5, 64) | ||||
515 | //static | 535 | //static | ||
516 | QList<KSslError::Error> KSslCertificateManager::nonIgnorableErrors(const QList<KSslError::Error> &errors) | 536 | QList<KSslError::Error> KSslCertificateManager::nonIgnorableErrors(const QList<KSslError::Error> &errors) | ||
517 | { | 537 | { | ||
518 | QList<KSslError::Error> ret; | 538 | QList<KSslError::Error> ret; | ||
519 | // errors not handled in KSSLD | 539 | // errors not handled in KSSLD | ||
520 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const KSslError::Error &e) { | 540 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const KSslError::Error &e) { | ||
521 | return e == KSslError::NoPeerCertificate || e == KSslError::PathLengthExceeded; | 541 | return e == KSslError::NoPeerCertificate || e == KSslError::PathLengthExceeded; | ||
522 | }); | 542 | }); | ||
523 | return ret; | 543 | return ret; | ||
524 | } | 544 | } | ||
545 | #endif | ||||
525 | 546 | | |||
526 | QList<QSslError> KSslCertificateManager::nonIgnorableErrors(const QList<QSslError> &errors) | 547 | QList<QSslError> KSslCertificateManager::nonIgnorableErrors(const QList<QSslError> &errors) | ||
527 | { | 548 | { | ||
528 | QList<QSslError> ret; | 549 | QList<QSslError> ret; | ||
529 | // errors not handled in KSSLD | 550 | // errors not handled in KSSLD | ||
530 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const QSslError &e) { | 551 | std::copy_if(errors.begin(), errors.end(), std::back_inserter(ret), [](const QSslError &e) { | ||
531 | return e.error() == QSslError::NoPeerCertificate || e.error() == QSslError::PathLengthExceeded || e.error() == QSslError::NoSslSupport; | 552 | return e.error() == QSslError::NoPeerCertificate || e.error() == QSslError::PathLengthExceeded || e.error() == QSslError::NoSslSupport; | ||
532 | }); | 553 | }); | ||
Show All 14 Lines |