2012-04-06 10:53:57 +04:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) by Klaas Freitag <freitag@kde.org>
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
|
* for more details.
|
|
|
|
|
*/
|
2012-05-21 18:48:49 +04:00
|
|
|
#include "sslerrordialog.h"
|
|
|
|
|
#include "mirall/mirallconfigfile.h"
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
#include <QtGui>
|
2012-04-06 10:53:57 +04:00
|
|
|
#include <QtNetwork>
|
|
|
|
|
|
|
|
|
|
namespace Mirall
|
|
|
|
|
{
|
2012-08-02 13:02:46 +04:00
|
|
|
#define CA_CERTS_KEY QLatin1String("CaCertificates")
|
2012-04-12 13:37:48 +04:00
|
|
|
|
2012-04-06 10:53:57 +04:00
|
|
|
SslErrorDialog::SslErrorDialog(QWidget *parent) :
|
2012-08-02 13:02:46 +04:00
|
|
|
QDialog(parent), _allTrusted(false)
|
2012-04-06 10:53:57 +04:00
|
|
|
{
|
|
|
|
|
setupUi( this );
|
|
|
|
|
setWindowTitle( tr("SSL Connection") );
|
2012-04-12 13:37:48 +04:00
|
|
|
QPushButton *okButton = _dialogButtonBox->button( QDialogButtonBox::Ok );
|
|
|
|
|
|
|
|
|
|
if( okButton ) {
|
|
|
|
|
okButton->setDefault(true);
|
|
|
|
|
connect( okButton, SIGNAL(clicked()),SLOT(accept()));
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
QList<QSslCertificate> SslErrorDialog::storedCACerts()
|
|
|
|
|
{
|
2012-06-13 13:36:56 +04:00
|
|
|
MirallConfigFile cfg( _customConfigHandle );
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-08-06 15:58:24 +04:00
|
|
|
QList<QSslCertificate> cacerts = QSslCertificate::fromData(cfg.caCerts());
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
return cacerts;
|
2012-04-06 10:53:57 +04:00
|
|
|
}
|
|
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
QString SslErrorDialog::styleSheet() const
|
2012-04-06 10:53:57 +04:00
|
|
|
{
|
2012-04-12 13:37:48 +04:00
|
|
|
const QString style = QLatin1String(
|
|
|
|
|
"#cert {margin-left: 5px;} "
|
|
|
|
|
"#ca_error { color:#a00011; margin-left:5px; margin-right:5px; }"
|
|
|
|
|
"#ca_error p { margin-top: 2px; margin-bottom:2px; }"
|
|
|
|
|
"#ccert { margin-left: 5px; }"
|
|
|
|
|
"#issuer { margin-left: 5px; }"
|
2012-10-24 03:42:25 +04:00
|
|
|
"tt { font-size: small; }"
|
2012-04-12 13:37:48 +04:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return style;
|
|
|
|
|
}
|
|
|
|
|
#define QL(x) QLatin1String(x)
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
bool SslErrorDialog::setErrorList( QList<QSslError> errors )
|
|
|
|
|
{
|
|
|
|
|
QList<QSslCertificate> ourCerts = storedCACerts();
|
|
|
|
|
|
|
|
|
|
// check if unknown certs caused errors.
|
|
|
|
|
_unknownCerts.clear();
|
|
|
|
|
|
|
|
|
|
QStringList errorStrings;
|
|
|
|
|
for (int i = 0; i < errors.count(); ++i) {
|
|
|
|
|
if (ourCerts.contains(errors.at(i).certificate()) ||
|
|
|
|
|
_unknownCerts.contains(errors.at(i).certificate() ))
|
|
|
|
|
continue;
|
|
|
|
|
errorStrings += errors.at(i).errorString();
|
|
|
|
|
if (!errors.at(i).certificate().isNull()) {
|
|
|
|
|
_unknownCerts.append(errors.at(i).certificate());
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
// if there are no errors left, all Certs were known.
|
|
|
|
|
if (errorStrings.isEmpty()) {
|
|
|
|
|
_allTrusted = true;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
QString msg = QL("<html><head>");
|
|
|
|
|
msg += QL("<link rel='stylesheet' type='text/css' href='format.css'>");
|
|
|
|
|
msg += QL("</head><body>");
|
|
|
|
|
|
|
|
|
|
// loop over the unknown certs and line up their errors.
|
|
|
|
|
msg += QL("<h3>") + tr("Warnings about current SSL Connection:") + QL("</h3>");
|
|
|
|
|
msg += QL("<div id=\"ca_errors\">");
|
2012-05-21 18:48:49 +04:00
|
|
|
foreach( const QSslCertificate& cert, _unknownCerts ) {
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += QL("<div id=\"ca_error\">");
|
|
|
|
|
// add the errors for this cert
|
|
|
|
|
foreach( QSslError err, errors ) {
|
|
|
|
|
if( err.certificate() == cert ) {
|
2012-08-17 19:13:17 +04:00
|
|
|
msg += QL("<p>") + err.errorString() + QL("</p>");
|
2012-04-06 10:53:57 +04:00
|
|
|
}
|
|
|
|
|
}
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += QL("</div>");
|
|
|
|
|
msg += certDiv( cert );
|
|
|
|
|
if( _unknownCerts.count() > 1 ) {
|
|
|
|
|
msg += QL("<hr/>");
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
}
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += QL("</div></body></html>");
|
|
|
|
|
|
|
|
|
|
qDebug() << "# # # # # # ";
|
|
|
|
|
qDebug() << msg;
|
|
|
|
|
QTextDocument *doc = new QTextDocument(0);
|
|
|
|
|
QString style = styleSheet();
|
|
|
|
|
qDebug() << "Style: " << style;
|
2012-08-17 19:13:17 +04:00
|
|
|
doc->addResource( QTextDocument::StyleSheetResource, QUrl( QL("format.css") ), style);
|
2012-04-12 13:37:48 +04:00
|
|
|
doc->setHtml( msg );
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
_tbErrors->setDocument( doc );
|
|
|
|
|
_tbErrors->show();
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
return false;
|
2012-04-06 10:53:57 +04:00
|
|
|
}
|
|
|
|
|
|
2012-10-24 03:42:25 +04:00
|
|
|
static QByteArray formatHash(const QByteArray &fmhash)
|
|
|
|
|
{
|
|
|
|
|
QByteArray hash;
|
|
|
|
|
int steps = fmhash.length()/2;
|
|
|
|
|
for (int i = 0; i < steps; i++) {
|
|
|
|
|
hash.append(fmhash[i]);
|
|
|
|
|
hash.append(fmhash[i+1]);
|
|
|
|
|
hash.append(' ');
|
|
|
|
|
}
|
|
|
|
|
return hash;
|
|
|
|
|
}
|
|
|
|
|
|
2012-04-06 10:53:57 +04:00
|
|
|
QString SslErrorDialog::certDiv( QSslCertificate cert ) const
|
|
|
|
|
{
|
|
|
|
|
QString msg;
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += QL("<div id=\"cert\">");
|
|
|
|
|
msg += QL("<h3>") + tr("with Certificate %1").arg( cert.subjectInfo( QSslCertificate::CommonName )) + QL("</h3>");
|
|
|
|
|
|
|
|
|
|
msg += QL("<div id=\"ccert\">");
|
|
|
|
|
QStringList li;
|
2012-10-24 03:42:25 +04:00
|
|
|
|
2012-10-24 14:44:48 +04:00
|
|
|
QString org = Qt::escape(cert.subjectInfo( QSslCertificate::Organization));
|
|
|
|
|
QString unit = Qt::escape(cert.subjectInfo( QSslCertificate::OrganizationalUnitName));
|
|
|
|
|
QString country = Qt::escape(cert.subjectInfo( QSslCertificate::CountryName));
|
2012-10-24 03:42:25 +04:00
|
|
|
if (unit.isEmpty()) unit = tr("<not specified>");
|
|
|
|
|
if (org.isEmpty()) org = tr("<not specified>");
|
|
|
|
|
if (country.isEmpty()) country = tr("<not specified>");
|
|
|
|
|
li << tr("Organization: %1").arg(org);
|
|
|
|
|
li << tr("Unit: %1").arg(unit);
|
|
|
|
|
li << tr("Country: %1").arg(country);
|
2012-08-17 19:13:17 +04:00
|
|
|
msg += QL("<p>") + li.join(QL("<br/>")) + QL("</p>");
|
2012-04-12 13:37:48 +04:00
|
|
|
|
|
|
|
|
msg += QL("<p>");
|
2012-10-24 03:42:25 +04:00
|
|
|
|
|
|
|
|
QString md5sum = QString::fromAscii(formatHash(cert.digest(QCryptographicHash::Md5).toHex()));
|
|
|
|
|
QString sha1sum = QString::fromAscii(formatHash(cert.digest(QCryptographicHash::Sha1).toHex()));
|
2012-10-24 11:13:48 +04:00
|
|
|
msg += tr("Fingerprint (MD5): <tt>%1</tt>").arg(md5sum) + QL("<br/>");
|
|
|
|
|
msg += tr("Fingerprint (SHA1): <tt>%1</tt>").arg(sha1sum) + QL("<br/>");
|
2012-10-24 03:42:25 +04:00
|
|
|
msg += QL("<br/>");
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += tr("Effective Date: %1").arg( cert.effectiveDate().toString()) + QL("<br/>");
|
|
|
|
|
msg += tr("Expiry Date: %1").arg( cert.expiryDate().toString()) + QL("</p>");
|
|
|
|
|
|
|
|
|
|
msg += QL("</div>" );
|
|
|
|
|
|
2012-10-24 14:44:48 +04:00
|
|
|
msg += QL("<h3>") + tr("Issuer: %1").arg(Qt::escape(cert.issuerInfo( QSslCertificate::CommonName))) + QL("</h3>");
|
2012-08-17 19:13:17 +04:00
|
|
|
msg += QL("<div id=\"issuer\">");
|
2012-04-12 13:37:48 +04:00
|
|
|
li.clear();
|
2012-10-24 14:44:48 +04:00
|
|
|
li << tr("Organization: %1").arg(Qt::escape(cert.issuerInfo( QSslCertificate::Organization)));
|
|
|
|
|
li << tr("Unit: %1").arg(Qt::escape(cert.issuerInfo( QSslCertificate::OrganizationalUnitName)));
|
|
|
|
|
li << tr("Country: %1").arg(Qt::escape(cert.issuerInfo( QSslCertificate::CountryName)));
|
2012-08-17 19:13:17 +04:00
|
|
|
msg += QL("<p>") + li.join(QL("<br/>")) + QL("</p>");
|
2012-04-12 13:37:48 +04:00
|
|
|
msg += QL("</div>" );
|
|
|
|
|
msg += QL("</div>" );
|
2012-04-06 10:53:57 +04:00
|
|
|
|
|
|
|
|
return msg;
|
|
|
|
|
}
|
|
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
bool SslErrorDialog::trustConnection()
|
|
|
|
|
{
|
|
|
|
|
if( _allTrusted ) return true;
|
|
|
|
|
|
|
|
|
|
bool stat = ( _cbTrustConnect->checkState() == Qt::Checked );
|
|
|
|
|
qDebug() << "SSL-Connection is trusted: " << stat;
|
|
|
|
|
|
|
|
|
|
return stat;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void SslErrorDialog::accept()
|
|
|
|
|
{
|
|
|
|
|
// Save the contents of _unknownCerts to the settings file.
|
|
|
|
|
if( trustConnection() && _unknownCerts.count() > 0 ) {
|
2012-08-02 13:02:46 +04:00
|
|
|
QSslSocket::addDefaultCaCertificates(_unknownCerts);
|
2012-06-13 13:36:56 +04:00
|
|
|
|
2012-08-02 13:02:46 +04:00
|
|
|
MirallConfigFile cfg( _customConfigHandle );
|
2012-04-12 13:37:48 +04:00
|
|
|
|
2012-08-06 15:58:24 +04:00
|
|
|
QByteArray certs = cfg.caCerts();
|
|
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
qDebug() << "Saving " << _unknownCerts.count() << " unknown certs.";
|
2012-05-21 18:48:49 +04:00
|
|
|
foreach( const QSslCertificate& cert, _unknownCerts ) {
|
2012-04-12 13:37:48 +04:00
|
|
|
certs += cert.toPem() + '\n';
|
|
|
|
|
}
|
2012-08-06 15:58:24 +04:00
|
|
|
cfg.setCaCerts( certs );
|
2012-04-12 13:37:48 +04:00
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-04-12 13:37:48 +04:00
|
|
|
QDialog::accept();
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
2012-06-13 13:36:56 +04:00
|
|
|
void SslErrorDialog::setCustomConfigHandle( const QString& handle )
|
|
|
|
|
{
|
|
|
|
|
_customConfigHandle = handle;
|
|
|
|
|
}
|
2012-04-06 10:53:57 +04:00
|
|
|
|
|
|
|
|
} // end namespace
|
