void KWebKitPart::slotShowSecurity()
{
if (!page())
return;
const WebSslInfo& sslInfo = page()->sslInfo();
if (!sslInfo.isValid()) {
KMessageBox::information(0, i18n("The SSL information for this site "
"appears to be corrupt."),
i18nc("Secure Sockets Layer", "SSL"));
return;
}
KSslInfoDialog *dlg = new KSslInfoDialog (widget());
dlg->setSslInfo(sslInfo.certificateChain(),
sslInfo.peerAddress().toString(),
url().host(),
sslInfo.protocol(),
sslInfo.ciphers(),
sslInfo.usedChiperBits(),
sslInfo.supportedChiperBits(),
KSslInfoDialog::errorsFromString(sslInfo.certificateErrors()));
dlg->open();
}
bool KIO::SslUi::askIgnoreSslErrors(const KSslErrorUiData &uiData, RulesStorage storedRules)
{
const KSslErrorUiData::Private *ud = KSslErrorUiData::Private::get(&uiData);
if (ud->sslErrors.isEmpty()) {
return true;
}
QList<KSslError> fatalErrors = KSslCertificateManager::nonIgnorableErrors(ud->sslErrors);
if (!fatalErrors.isEmpty()) {
//TODO message "sorry, fatal error, you can't override it"
return false;
}
if (ud->certificateChain.isEmpty()) {
// SSL without certificates is quite useless and should never happen
KMessageBox::sorry(0, i18n("The remote host did not send any SSL certificates.\n"
"Aborting because the identity of the host cannot be established."));
return false;
}
KSslCertificateManager *const cm = KSslCertificateManager::self();
KSslCertificateRule rule(ud->certificateChain.first(), ud->host);
if (storedRules & RecallRules) {
rule = cm->rule(ud->certificateChain.first(), ud->host);
// remove previously seen and acknowledged errors
QList<KSslError> remainingErrors = rule.filterErrors(ud->sslErrors);
if (remainingErrors.isEmpty()) {
//qDebug() << "Error list empty after removing errors to be ignored. Continuing.";
return true;
}
}
//### We don't ask to permanently reject the certificate
QString message = i18n("The server failed the authenticity check (%1).\n\n", ud->host);
foreach (const KSslError &err, ud->sslErrors) {
message.append(err.errorString());
message.append('\n');
}
message = message.trimmed();
int msgResult;
do {
msgResult = KMessageBox::warningYesNoCancel(0, message, i18n("Server Authentication"),
KGuiItem(i18n("&Details"), QStringLiteral("help-about")),
KGuiItem(i18n("Co&ntinue"), QStringLiteral("arrow-right")));
if (msgResult == KMessageBox::Yes) {
//Details was chosen - show the certificate and error details
QList<QList<KSslError::Error> > meh; // parallel list to cert list :/
foreach (const QSslCertificate &cert, ud->certificateChain) {
QList<KSslError::Error> errors;
foreach (const KSslError &error, ud->sslErrors) {
if (error.certificate() == cert) {
// we keep only the error code enum here
errors.append(error.error());
}
}
meh.append(errors);
}
KSslInfoDialog *dialog = new KSslInfoDialog();
dialog->setSslInfo(ud->certificateChain, ud->ip, ud->host, ud->sslProtocol,
ud->cipher, ud->usedBits, ud->bits, meh);
dialog->exec();
} else if (msgResult == KMessageBox::Cancel) {
return false;
}
//fall through on KMessageBox::No
} while (msgResult == KMessageBox::Yes);
