2013-08-06 13:50:08 +04:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) by Klaas Freitag <freitag@kde.org>
|
|
|
|
|
* Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
|
* for more details.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <QList>
|
|
|
|
|
#include <QRegExp>
|
|
|
|
|
#include <QString>
|
|
|
|
|
#include <QSslCertificate>
|
2014-01-21 04:45:02 +04:00
|
|
|
#include <QSslConfiguration>
|
2013-08-06 13:50:08 +04:00
|
|
|
|
2013-10-23 16:48:44 +04:00
|
|
|
#include <QDebug>
|
|
|
|
|
|
2013-08-06 13:50:08 +04:00
|
|
|
#include "creds/credentialscommon.h"
|
|
|
|
|
|
2014-07-11 02:31:24 +04:00
|
|
|
#include "utility.h"
|
|
|
|
|
#include "account.h"
|
2013-08-06 13:50:08 +04:00
|
|
|
|
2014-11-10 00:34:07 +03:00
|
|
|
namespace OCC
|
2013-08-06 13:50:08 +04:00
|
|
|
{
|
|
|
|
|
|
|
|
|
|
int handleNeonSSLProblems(const char* prompt,
|
|
|
|
|
char* buf,
|
|
|
|
|
size_t /*len*/,
|
|
|
|
|
int /*echo*/,
|
|
|
|
|
int /*verify*/,
|
|
|
|
|
void* /*userdata*/)
|
|
|
|
|
{
|
|
|
|
|
int re = 0;
|
|
|
|
|
const QString qPrompt = QString::fromLatin1( prompt ).trimmed();
|
|
|
|
|
|
|
|
|
|
if( qPrompt.startsWith( QLatin1String("There are problems with the SSL certificate:"))) {
|
2014-12-08 19:54:32 +03:00
|
|
|
// SSL is requested. If the program came here, the SSL check was done by Qt
|
2013-08-06 13:50:08 +04:00
|
|
|
// It needs to be checked if the chain is still equal to the one which
|
|
|
|
|
// was verified by the user.
|
|
|
|
|
const QRegExp regexp("fingerprint: ([\\w\\d:]+)");
|
|
|
|
|
bool certOk = false;
|
|
|
|
|
int pos = 0;
|
|
|
|
|
// This is the set of certificates which QNAM accepted, so we should accept
|
|
|
|
|
// them as well
|
2014-01-21 04:45:02 +04:00
|
|
|
QList<QSslCertificate> certs = AccountManager::instance()->account()->sslConfiguration().peerCertificateChain();
|
2013-08-06 13:50:08 +04:00
|
|
|
|
|
|
|
|
while (!certOk && (pos = regexp.indexIn(qPrompt, 1+pos)) != -1) {
|
|
|
|
|
QString neon_fingerprint = regexp.cap(1);
|
|
|
|
|
|
|
|
|
|
foreach( const QSslCertificate& c, certs ) {
|
|
|
|
|
QString verified_shasum = Utility::formatFingerprint(c.digest(QCryptographicHash::Sha1).toHex());
|
|
|
|
|
qDebug() << "SSL Fingerprint from neon: " << neon_fingerprint << " compared to verified: " << verified_shasum;
|
|
|
|
|
if( verified_shasum == neon_fingerprint ) {
|
|
|
|
|
certOk = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// certOk = false; DEBUG setting, keep disabled!
|
|
|
|
|
if( !certOk ) { // Problem!
|
|
|
|
|
qstrcpy( buf, "no" );
|
|
|
|
|
re = -1;
|
|
|
|
|
} else {
|
|
|
|
|
qstrcpy( buf, "yes" ); // Certificate is fine!
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
qDebug() << "Unknown prompt: <" << prompt << ">";
|
|
|
|
|
re = -1;
|
|
|
|
|
}
|
|
|
|
|
return re;
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-10 00:34:07 +03:00
|
|
|
} // namespace OCC
|
