void MusicRadioPlayListThread::startToDownload(const QString &id)
{
m_manager = new QNetworkAccessManager(this);
QNetworkRequest request;
request.setUrl(QUrl(playListUrl + id));
#ifndef QT_NO_SSL
connect(m_manager, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)),
SLOT(sslErrors(QNetworkReply*,QList<QSslError>)));
M_LOGGER_INFO(QString("MusicRadioPlayListThread Support ssl: %1").arg(QSslSocket::supportsSsl()));
QSslConfiguration sslConfig = request.sslConfiguration();
sslConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
request.setSslConfiguration(sslConfig);
#endif
if(m_cookJar)
{
m_manager->setCookieJar(m_cookJar);
m_cookJar->setParent(nullptr);
}
m_reply = m_manager->get(request);
connect(m_reply, SIGNAL(finished()), SLOT(downLoadFinished()));
connect(m_reply, SIGNAL(error(QNetworkReply::NetworkError)), SLOT(replyError(QNetworkReply::NetworkError)));
}
//-----------------------------------------------------------------------------
void
UrlFactory::_tryCorrectGoogleVersions(QNetworkAccessManager* networkManager)
{
QMutexLocker locker(&_googleVersionMutex);
if (_googleVersionRetrieved) {
return;
}
_googleVersionRetrieved = true;
if(networkManager)
{
QNetworkRequest qheader;
QNetworkProxy proxy = networkManager->proxy();
QNetworkProxy tProxy;
tProxy.setType(QNetworkProxy::DefaultProxy);
networkManager->setProxy(tProxy);
QSslConfiguration conf = qheader.sslConfiguration();
conf.setPeerVerifyMode(QSslSocket::VerifyNone);
qheader.setSslConfiguration(conf);
QString url = "http://maps.google.com/maps/api/js?v=3.2&sensor=false";
qheader.setUrl(QUrl(url));
QByteArray ua;
ua.append(getQGCMapEngine()->userAgent());
qheader.setRawHeader("User-Agent", ua);
_googleReply = networkManager->get(qheader);
connect(_googleReply, &QNetworkReply::finished, this, &UrlFactory::_googleVersionCompleted);
connect(_googleReply, &QNetworkReply::destroyed, this, &UrlFactory::_replyDestroyed);
connect(_googleReply, static_cast<void (QNetworkReply::*)(QNetworkReply::NetworkError)>(&QNetworkReply::error),
this, &UrlFactory::_networkReplyError);
networkManager->setProxy(proxy);
}
}
QNetworkReply* NetworkAccessManager::createRequest(QNetworkAccessManager::Operation oparation, const QNetworkRequest &request, QIODevice * outgoingData = 0) {
QNetworkRequest new_request(request);
// emulate Firefox, allowing to disable certificate
// verification using an environment variable
if (!strcmp(getenv("IGNORECERT"), "1")) {
QSslConfiguration config = request.sslConfiguration();
config.setPeerVerifyMode(QSslSocket::VerifyNone);
config.setProtocol(QSsl::TlsV1);
QNetworkRequest new_request(request);
new_request.setSslConfiguration(config);
}
QHashIterator<QString, QString> item(m_headers);
while (item.hasNext()) {
item.next();
new_request.setRawHeader(item.key().toAscii(), item.value().toAscii());
}
QNetworkReply *reply = QNetworkAccessManager::createRequest(oparation, new_request, outgoingData);
// not sure 100% if this is needed, but just in case
if (!strcmp(getenv("IGNORECERT"), "1"))
reply->ignoreSslErrors();
return reply;
};
itsBrowser::itsBrowser( QWidget *parent ) :
QWebView( parent ){
//This is needed in Ubuntu under QT 5 for SSL to work
//Still need to test in Windows7
QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration();
sslConfig.setProtocol( QSsl::SslV3 ); //Seems under ubuntu we need to specify the version
QSslConfiguration::setDefaultConfiguration( sslConfig );
QWebSettings *Tsettings = settings();
Tsettings->setAttribute( QWebSettings::JavascriptEnabled , true );
Tsettings->setAttribute( QWebSettings::PluginsEnabled , true );
Tsettings->setAttribute( QWebSettings::AutoLoadImages , true );
Tsettings->setAttribute( QWebSettings::JavaEnabled , true );
Tsettings->setAttribute( QWebSettings::JavascriptCanOpenWindows , true);
QNetworkCookieJar *myjar = new QNetworkCookieJar();
this->page()->networkAccessManager()->setCookieJar(myjar);
connect( page()->networkAccessManager(), SIGNAL( sslErrors( QNetworkReply*, const QList<QSslError> & ) ) ,this,SLOT( handleSslErrors( QNetworkReply*, const QList<QSslError> & ) ) );
connect( page()->networkAccessManager(), SIGNAL( authenticationRequired( QNetworkReply*,QAuthenticator* ) ) , this,SLOT( ProvideAuthentication(QNetworkReply*,QAuthenticator* ) ) );
connect( page()->networkAccessManager(), SIGNAL( proxyAuthenticationRequired(const QNetworkProxy &, QAuthenticator *)) , this , SLOT( ProvideProxAuthentication( const QNetworkProxy&, QAuthenticator*) ) );
connect( page()->networkAccessManager(), SIGNAL( finished ( QNetworkReply *)),this,SLOT(NetworkTaskfinished (QNetworkReply *)));
}
void QNetworkAccessHttpBackend::replyFinished()
{
if (httpReply->bytesAvailable())
// we haven't read everything yet. Wait some more.
return;
int statusCode = httpReply->statusCode();
if (statusCode >= 400) {
// it's an error reply
QString msg = QLatin1String(QT_TRANSLATE_NOOP("QNetworkReply",
"Error downloading %1 - server replied: %2"));
msg = msg.arg(url().toString(), httpReply->reasonPhrase());
error(statusCodeFromHttp(httpReply->statusCode(), httpReply->url()), msg);
}
#ifndef QT_NO_OPENSSL
// store the SSL configuration now
// once we call finished(), we won't have access to httpReply anymore
QSslConfiguration sslConfig = httpReply->sslConfiguration();
if (pendingSslConfiguration)
*pendingSslConfiguration = sslConfig;
else if (!sslConfig.isNull())
pendingSslConfiguration = new QSslConfiguration(sslConfig);
#endif
finished();
}
bool QgsAuthIdentCertMethod::updateNetworkRequest( QNetworkRequest &request, const QString &authcfg,
const QString &dataprovider )
{
Q_UNUSED( dataprovider )
QMutexLocker locker( &mMutex );
// TODO: is this too restrictive, to intercept only HTTPS connections?
if ( request.url().scheme().toLower() != QLatin1String( "https" ) )
{
QgsDebugMsg( QStringLiteral( "Update request SSL config SKIPPED for authcfg %1: not HTTPS" ).arg( authcfg ) );
return true;
}
QgsDebugMsg( QStringLiteral( "Update request SSL config: HTTPS connection for authcfg: %1" ).arg( authcfg ) );
QgsPkiConfigBundle *pkibundle = getPkiConfigBundle( authcfg );
if ( !pkibundle || !pkibundle->isValid() )
{
QgsDebugMsg( QStringLiteral( "Update request SSL config FAILED for authcfg: %1: PKI bundle invalid" ).arg( authcfg ) );
return false;
}
QgsDebugMsg( QStringLiteral( "Update request SSL config: PKI bundle valid for authcfg: %1" ).arg( authcfg ) );
QSslConfiguration sslConfig = request.sslConfiguration();
//QSslConfiguration sslConfig( QSslConfiguration::defaultConfiguration() );
sslConfig.setLocalCertificate( pkibundle->clientCert() );
sslConfig.setPrivateKey( pkibundle->clientCertKey() );
request.setSslConfiguration( sslConfig );
return true;
}
void QMQTT::ClientPrivate::init(const QString& hostName, const quint16 port, const bool ssl,
const bool ignoreSelfSigned)
{
_hostName = hostName;
_port = port;
if (ssl)
{
#ifndef QT_NO_SSL
QSslConfiguration sslConf = QSslConfiguration::defaultConfiguration();
QList<QSslCertificate> certs = QSslCertificate::fromPath(QStringLiteral("./cert.crt"));
if (!certs.isEmpty())
sslConf.setLocalCertificate(certs.first());
QFile file(QStringLiteral("./cert.key"));
if (file.open(QIODevice::ReadOnly)) {
sslConf.setPrivateKey(QSslKey(file.readAll(), QSsl::Rsa));
}
sslConf.setPeerVerifyMode(QSslSocket::VerifyNone);
#if QT_VERSION < 0x050000
sslConf.setProtocol(QSsl::TlsV1);
#endif
init(hostName, port, sslConf, ignoreSelfSigned);
#else
Q_UNUSED(ignoreSelfSigned)
qCritical() << "SSL not supported in this QT build";
#endif // QT_NO_SSL
}
else
{
init(new Network);
}
}
QT_USE_NAMESPACE
//! [constructor]
SslEchoServer::SslEchoServer(quint16 port, QObject *parent) :
QObject(parent),
m_pWebSocketServer(Q_NULLPTR),
m_clients()
{
m_pWebSocketServer = new QWebSocketServer(QStringLiteral("SSL Echo Server"),
QWebSocketServer::SecureMode,
this);
QSslConfiguration sslConfiguration;
QFile certFile(QStringLiteral("./localhost.cert"));
QFile keyFile(QStringLiteral("./localhost.key"));
certFile.open(QIODevice::ReadOnly);
keyFile.open(QIODevice::ReadOnly);
QSslCertificate certificate(&certFile, QSsl::Pem);
QSslKey sslKey(&keyFile, QSsl::Rsa, QSsl::Pem);
certFile.close();
keyFile.close();
sslConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone);
sslConfiguration.setLocalCertificate(certificate);
sslConfiguration.setPrivateKey(sslKey);
sslConfiguration.setProtocol(QSsl::TlsV1SslV3);
m_pWebSocketServer->setSslConfiguration(sslConfiguration);
if (m_pWebSocketServer->listen(QHostAddress::Any, port))
{
qDebug() << "SSL Echo Server listening on port" << port;
connect(m_pWebSocketServer, &QWebSocketServer::newConnection,
this, &SslEchoServer::onNewConnection);
connect(m_pWebSocketServer, &QWebSocketServer::sslErrors,
this, &SslEchoServer::onSslErrors);
}
}
void AcceptandPayOfferListPage::RefreshImage()
{
QIcon ButtonIcon(m_placeholderImage);
ui->imageButton->setIcon(ButtonIcon);
if(m_imageList.size() > 0 && m_imageList.at(0) != QString(""))
{
QString parsedURL = m_imageList.at(0).simplified();
m_url = QUrl(parsedURL);
if(m_url.isValid())
{
QNetworkRequest request(m_url);
request.setRawHeader("Accept", "q=0.9,image/webp,*/*;q=0.8");
request.setRawHeader("Cache-Control", "no-cache");
request.setRawHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36");
QSslConfiguration conf = request.sslConfiguration();
conf.setPeerVerifyMode(QSslSocket::VerifyNone);
conf.setProtocol(QSsl::TlsV1_0);
request.setSslConfiguration(conf);
QNetworkReply *reply = m_netwManager->get(request);
reply->ignoreSslErrors();
connect(reply, SIGNAL(finished()), this, SLOT(netwManagerFinished()));
}
}
}
QNetworkReply* NetworkAccessManager::createRequest(Operation op, const QNetworkRequest& request, QIODevice *outgoingData)
{
QNetworkRequest req(request);
if(!QSslSocket::supportsSsl()) {
if(req.url().scheme().toLower() == QLatin1String("https"))
qCritical() << "Request using https scheme without SSL support";
} else {
QSslConfiguration sslConfig = req.sslConfiguration();
#ifdef U_NAM_DEBUG
qDebug() << Q_FUNC_INFO << "NAM: ssl support, configuring it now.";
#endif
sslConfig.setProtocol(QSsl::TlsV1SslV3);
sslConfig.setPeerVerifyMode(QSslSocket::AutoVerifyPeer);
req.setSslConfiguration(sslConfig);
}
if(op == QNetworkAccessManager::PostOperation) {
QString contentType = req.header(QNetworkRequest::ContentTypeHeader).toString();
if(contentType.isEmpty()) {
req.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
}
}
return QNetworkAccessManager::createRequest(op, req, outgoingData);
}
void NetworkAccessManager::loadSettings()
{
QSettings settings;
settings.beginGroup(QLatin1String("proxy"));
QNetworkProxy proxy;
if (settings.value(QLatin1String("enabled"), false).toBool()) {
if (settings.value(QLatin1String("type"), 0).toInt() == 0)
proxy.setType(QNetworkProxy::Socks5Proxy);
else
proxy.setType(QNetworkProxy::HttpProxy);
proxy.setHostName(settings.value(QLatin1String("hostName")).toString());
proxy.setPort(settings.value(QLatin1String("port"), 1080).toInt());
proxy.setUser(settings.value(QLatin1String("userName")).toString());
proxy.setPassword(settings.value(QLatin1String("password")).toString());
}
setProxy(proxy);
settings.endGroup();
#ifndef QT_NO_OPENSSL
QSslConfiguration sslCfg = QSslConfiguration::defaultConfiguration();
QList<QSslCertificate> ca_list = sslCfg.caCertificates();
QList<QSslCertificate> ca_new = QSslCertificate::fromData(settings.value(QLatin1String("CaCertificates")).toByteArray());
ca_list += ca_new;
sslCfg.setCaCertificates(ca_list);
QSslConfiguration::setDefaultConfiguration(sslCfg);
#endif
}
void HeadlessApplication::getFavoriteThreads() {
// list green + yellow flags
const QUrl url(DefineConsts::FORUM_URL + "/forum1f.php?owntopic=1");
qDebug() << "getFavoriteThreads()";
CookieJar *cookies = new CookieJar();
cookies->loadFromDisk();
QNetworkAccessManager *accessManager = new QNetworkAccessManager();
accessManager->setCookieJar(cookies);
QNetworkRequest request(url);
request.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
QSslConfiguration sslConfig = request.sslConfiguration();
sslConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
sslConfig.setPeerVerifyDepth(1);
sslConfig.setProtocol(QSsl::TlsV1);
sslConfig.setSslOption(QSsl::SslOptionDisableSessionTickets, true);
QNetworkReply* reply = accessManager->get(request);
bool ok = connect(reply, SIGNAL(finished()), this, SLOT(checkReplyFav()));
Q_ASSERT(ok);
Q_UNUSED(ok);
}
SslTlsSocket::SslTlsSocket(QSslSocket *sock, const QString &host, const quint16 port, const bool startEncrypted):
IODeviceSocket(sock), startEncrypted(startEncrypted), host(host), port(port), m_proxySettings(ProxySettings::RespectSystemProxy)
{
// The Qt API for deciding about whereabouts of a SSL connection is unfortunately blocking, ie. one is expected to
// call a function from a slot attached to the sslErrors signal to tell the code whether to proceed or not.
// In QML, one cannot display a dialog box with a nested event loop, so this means that we have to deal with SSL/TLS
// establishing at higher level.
sock->ignoreSslErrors();
sock->setProtocol(QSsl::AnyProtocol);
sock->setPeerVerifyMode(QSslSocket::QueryPeer);
// In response to the attacks related to the SSL compression, Digia has decided to disable SSL compression starting in
// Qt 4.8.4 -- see http://qt.digia.com/en/Release-Notes/security-issue-september-2012/.
// I have brought this up on the imap-protocol mailing list; the consensus seemed to be that the likelihood of an
// successful exploit on an IMAP conversation is very unlikely. The compression itself is, on the other hand, a
// very worthwhile goal, so we explicitly enable it again.
// Unfortunately, this was backported to older Qt versions as well (see qt4.git's 3488f1db96dbf70bb0486d3013d86252ebf433e0),
// but there is no way of enabling compression back again.
QSslConfiguration sslConf = sock->sslConfiguration();
sslConf.setSslOption(QSsl::SslOptionDisableCompression, false);
sock->setSslConfiguration(sslConf);
connect(sock, &QSslSocket::encrypted, this, &Socket::encrypted);
connect(sock, &QAbstractSocket::stateChanged, this, &SslTlsSocket::handleStateChanged);
connect(sock, static_cast<void (QAbstractSocket::*)(QAbstractSocket::SocketError)>(&QAbstractSocket::error),
this, &SslTlsSocket::handleSocketError);
}
QNetworkReply * CustomNetworkAccessManager ::createRequest ( Operation op, const QNetworkRequest &req, QIODevice * outgoingData ){
QSslConfiguration config = req.sslConfiguration();
config.setPeerVerifyMode(mode);
config.setProtocol(protocol);
QNetworkRequest request(req);
request.setSslConfiguration(config);
return QNetworkAccessManager::createRequest(op, request, outgoingData);
}
BluecherryApp::BluecherryApp()
: nam(new QNetworkAccessManager(this)), liveView(new LiveViewManager(this)),
globalRate(new TransferRateCalculator(this)), m_updateChecker(0),
m_livePaused(false), m_inPauseQuery(false),
m_screensaverInhibited(false), m_screensaveValue(0)
{
Q_ASSERT(!bcApp);
bcApp = this;
m_serverRepository = new DVRServerRepository(this);
connect(qApp, SIGNAL(aboutToQuit()), SLOT(aboutToQuit()));
appIcon.addFile(QLatin1String(":/icons/icon16.png"));
appIcon.addFile(QLatin1String(":/icons/icon32.png"));
appIcon.addFile(QLatin1String(":/icons/icon64.png"));
appIcon.addFile(QLatin1String(":/icons/bluecherry-client.png"));
qApp->setWindowIcon(appIcon);
connect(nam, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)), SLOT(sslErrors(QNetworkReply*,QList<QSslError>)));
/* Don't use the system CAs to verify certificates */
QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration();
sslConfig.setCaCertificates(QList<QSslCertificate>());
#if QT_VERSION >= 0x040800
/* SNI breaks connections (before sslError, even) when the hostname does
* not match the server. */
sslConfig.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
#endif
QSslConfiguration::setDefaultConfiguration(sslConfig);
loadServers();
if (shouldAddLocalServer())
addLocalServer();
autoConnectServers();
sendSettingsChanged();
m_updateChecker = new UpdateChecker(nam, this);
connect(m_updateChecker, SIGNAL(newVersionAvailable(Version)), this, SLOT(newVersionAvailable(Version)));
QSettings settings;
if (!settings.value(QLatin1String("ui/disableUpdateNotifications"), false).toBool())
{
startUpdateChecker();
}
m_mediaDownloadManager = new MediaDownloadManager(this);
m_mediaDownloadManager->setCookieJar(nam->cookieJar());
m_eventDownloadManager = new EventDownloadManager(this);
connect(m_serverRepository, SIGNAL(serverRemoved(DVRServer*)), m_eventDownloadManager, SLOT(serverRemoved(DVRServer*)));
registerVideoPlayerFactory();
connect(qApp, SIGNAL(commitDataRequest(QSessionManager&)), this, SLOT(commitDataRequest(QSessionManager&)));
connect(qApp, SIGNAL(aboutToQuit()), this, SLOT(saveSettings()));
}
void PoolBrowser::getRequest( const QString &urlString )
{
QUrl url ( urlString );
QNetworkRequest req ( url );
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setProtocol(QSsl::SslV3);
req.setSslConfiguration(config);
req.setHeader(QNetworkRequest::ContentTypeHeader, "application/json; charset=utf-8");
m_nam.get(req);
}
void OAuthWebViewHandler::addHighFidelityRootCAToSSLConfig() {
QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration();
// add the High Fidelity root CA to the list of trusted CA certificates
QByteArray highFidelityCACertificate(HIGH_FIDELITY_CA, sizeof(HIGH_FIDELITY_CA));
sslConfig.setCaCertificates(sslConfig.caCertificates() + QSslCertificate::fromData(highFidelityCACertificate));
// set the modified configuration
QSslConfiguration::setDefaultConfiguration(sslConfig);
}
LoginTester::LoginTester(QString username,
QString password,
int maxcount,
QWidget *parent) :
QDialog(parent, Qt::FramelessWindowHint),
ui(new Ui::LoginTester)
{
ui->setupUi(this);
ui->button->hide();
// Initialisieren der Variablen
tryCounter = 0;
this->maxTries = maxcount;
this->username = username;
this->password = password;
// Initialisieren des NetworkManagers und der Slots
manager = new QNetworkAccessManager(qApp);
QFile cert(":/certs/l2p");
cert.open(QFile::ReadOnly);
QList<QSslCertificate> newCertificates = QSslCertificate::fromData(cert.readAll(),QSsl::Der);
cert.close();
QSslCertificate newCertificate = newCertificates.first();
QFile cert2(":/certs/utn");
cert2.open(QFile::ReadOnly);
QList<QSslCertificate> newCertificates2 = QSslCertificate::fromData(cert2.readAll(),QSsl::Der);
cert2.close();
QSslCertificate newCertificate2 = newCertificates2.first();
QFile cert3(":/certs/ssl");
cert3.open(QFile::ReadOnly);
QList<QSslCertificate> newCertificates3 = QSslCertificate::fromData(cert3.readAll(),QSsl::Der);
cert3.close();
QSslCertificate newCertificate3 = newCertificates3.first();
QSslConfiguration newSslConfiguration = QSslConfiguration::defaultConfiguration();
newCertificates = newSslConfiguration.caCertificates();
newCertificates.append(newCertificate);
newCertificates.append(newCertificate2);
newCertificates.append(newCertificate3);
newSslConfiguration.setCaCertificates(newCertificates);
QSslConfiguration::setDefaultConfiguration(newSslConfiguration);
QSslConfiguration newSslConfiguration2 = QSslConfiguration::defaultConfiguration();
newCertificates2 = newSslConfiguration2.caCertificates();
foreach (QSslCertificate c, newCertificates2)
{
QStringList list = QStringList(c.subjectInfo(QSslCertificate::CommonName));
for(QStringList::iterator i = list.begin(); i != list.end(); i++){
qDebug(i->toLatin1());
}
}
void SubsonicService::Send(const QUrl &url, const char *slot)
{
QNetworkRequest request(url);
// Don't try and check the authenticity of the SSL certificate - it'll almost
// certainly be self-signed.
QSslConfiguration sslconfig = QSslConfiguration::defaultConfiguration();
sslconfig.setPeerVerifyMode(QSslSocket::VerifyNone);
request.setSslConfiguration(sslconfig);
QNetworkReply *reply = network_->get(request);
connect(reply, SIGNAL(finished()), slot);
}
void SslClient::ConfigureForLMAX()
{
// configure required session protocol
QSslConfiguration config = ssl_->sslConfiguration();
QSsl::SslProtocol p = config.sessionProtocol();
if( p != proto_ )
config.setProtocol(proto_);
config.setPeerVerifyMode(QSslSocket::VerifyNone);
config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
ssl_->setSslConfiguration(config);
}
void NetworkAccessManager::sslErrors(QNetworkReply *reply, const QList<QSslError> &error)
{
BrowserMainWindow *mainWindow = BrowserApplication::instance()->mainWindow();
QSettings settings;
QList<QSslCertificate> ca_merge = QSslCertificate::fromData(settings.value(QLatin1String("CaCertificates")).toByteArray());
QList<QSslCertificate> ca_new;
QStringList errorStrings;
for (int i = 0; i < error.count(); ++i) {
if (ca_merge.contains(error.at(i).certificate()))
continue;
errorStrings += error.at(i).errorString();
if (!error.at(i).certificate().isNull()) {
ca_new.append(error.at(i).certificate());
}
}
if (errorStrings.isEmpty()) {
reply->ignoreSslErrors();
return;
}
QString errors = errorStrings.join(QLatin1String("\n"));
int ret = QMessageBox::warning(mainWindow, QCoreApplication::applicationName(),
tr("SSL Errors:\n\n%1\n\n%2\n\n"
"Do you want to ignore these errors?").arg(reply->url().toString()).arg(errors),
QMessageBox::Yes | QMessageBox::No,
QMessageBox::No);
if (ret == QMessageBox::Yes) {
if (ca_new.count() > 0) {
ret = QMessageBox::question(mainWindow, QCoreApplication::applicationName(),
tr("Do you want to accept all these certificates?"),
QMessageBox::Yes | QMessageBox::No, QMessageBox::No);
if (ret == QMessageBox::Yes) {
ca_merge += ca_new;
QSslConfiguration sslCfg = QSslConfiguration::defaultConfiguration();
QList<QSslCertificate> ca_list = sslCfg.caCertificates();
ca_list += ca_new;
sslCfg.setCaCertificates(ca_list);
QSslConfiguration::setDefaultConfiguration(sslCfg);
reply->setSslConfiguration(sslCfg);
QByteArray pems;
for (int i = 0; i < ca_merge.count(); ++i)
pems += ca_merge.at(i).toPem() + '\n';
settings.setValue(QLatin1String("CaCertificates"), pems);
}
}
reply->ignoreSslErrors();
}
}
void NetworkAccessManager::loadSettings()
{
QSettings settings;
settings.beginGroup(QLatin1String("proxy"));
QNetworkProxy proxy;
if (settings.value(QLatin1String("enabled"), false).toBool()) {
int proxyType = settings.value(QLatin1String("type"), 0).toInt();
if (proxyType == 0)
proxy = QNetworkProxy::Socks5Proxy;
else if (proxyType == 1)
proxy = QNetworkProxy::HttpProxy;
else { // 2
proxy.setType(QNetworkProxy::HttpCachingProxy);
#if QT_VERSION >= 0x040500
proxy.setCapabilities(QNetworkProxy::CachingCapability | QNetworkProxy::HostNameLookupCapability);
#endif
}
proxy.setHostName(settings.value(QLatin1String("hostName")).toString());
proxy.setPort(settings.value(QLatin1String("port"), 1080).toInt());
proxy.setUser(settings.value(QLatin1String("userName")).toString());
proxy.setPassword(settings.value(QLatin1String("password")).toString());
}
#if QT_VERSION >= 0x040500
NetworkProxyFactory *proxyFactory = new NetworkProxyFactory;
if (proxy.type() == QNetworkProxy::HttpCachingProxy) {
proxyFactory->setHttpProxy(proxy);
proxyFactory->setGlobalProxy(QNetworkProxy::DefaultProxy);
} else {
proxyFactory->setHttpProxy(QNetworkProxy::DefaultProxy);
proxyFactory->setGlobalProxy(proxy);
}
setProxyFactory(proxyFactory);
#else
setProxy(proxy);
#endif
settings.endGroup();
#ifndef QT_NO_OPENSSL
QSslConfiguration sslCfg = QSslConfiguration::defaultConfiguration();
QList<QSslCertificate> ca_list = sslCfg.caCertificates();
QList<QSslCertificate> ca_new = QSslCertificate::fromData(settings.value(QLatin1String("CaCertificates")).toByteArray());
ca_list += ca_new;
sslCfg.setCaCertificates(ca_list);
QSslConfiguration::setDefaultConfiguration(sslCfg);
#endif
settings.beginGroup(QLatin1String("network"));
QStringList acceptList = settings.value(QLatin1String("acceptLanguages"),
AcceptLanguageDialog::defaultAcceptList()).toStringList();
acceptLanguage = AcceptLanguageDialog::httpString(acceptList);
settings.endGroup();
}
QNetworkReply* SubsonicService::Send(const QUrl& url) {
QNetworkRequest request(url);
// Don't try and check the authenticity of the SSL certificate - it'll almost
// certainly be self-signed.
QSslConfiguration sslconfig = QSslConfiguration::defaultConfiguration();
sslconfig.setPeerVerifyMode(QSslSocket::VerifyNone);
if (usesslv3_) {
sslconfig.setProtocol(QSsl::SslV3);
}
request.setSslConfiguration(sslconfig);
QNetworkReply *reply = network_->get(request);
return reply;
}
QNetworkReply* NetworkAccessManager::createRequest(Operation op,
const QNetworkRequest &req,
QIODevice *out){
QNetworkRequest newreq(req);
if(m_SslProtocol != QSsl::UnknownProtocol &&
(req.url().scheme() == QStringLiteral("https") || req.url().scheme() == QStringLiteral("ftps"))){
QSslConfiguration sslConfig = newreq.sslConfiguration();
sslConfig.setProtocol(m_SslProtocol);
newreq.setSslConfiguration(sslConfig);
}
#if 0 //def PASSWORD_MANAGER
if(out && op == QNetworkAccessManager::PostOperation){
QByteArray referer = req.rawHeader("Referer");
QString key = m_Id + QStringLiteral(":") + QUrl::fromEncoded(referer).host();
if(Application::GetAuthData(key).isEmpty()){
QByteArray data = out->readAll();
out->reset();
BoolCallBack callBack = [key, data](bool ok){
if(ok) Application::RegisterAuthData(key, data);
};
ModelessDialog::Question(tr("An authentication has been executed."),
tr("Save this password?"), callBack);
}
}
#endif
QNetworkReply *rep = QNetworkAccessManager::createRequest(op, newreq, out);
// QNetworkReply::error is overloaded.
connect(rep, SIGNAL(error(QNetworkReply::NetworkError)),
this, SLOT(HandleError(QNetworkReply::NetworkError)));
connect(rep, &QNetworkReply::sslErrors,
this, &NetworkAccessManager::HandleSslErrors);
QString type = newreq.header(QNetworkRequest::ContentTypeHeader).value<QString>();
if(type.toLower().contains(QStringLiteral("multipart/form-data;"))){
UploadItem *item = NetworkController::Upload(rep, newreq.header(QNetworkRequest::ContentLengthHeader).value<qint64>());
if(item){
MainWindow *win = Application::GetCurrentWindow();
if(win && win->GetTreeBank()->GetNotifier())
win->GetTreeBank()->GetNotifier()->RegisterUpload(item);
}
}
return rep;
}
void FayeConnector::open(QString url, int port)
{
status = OPENING;
emit statusChanged(OPENING);
#ifdef SSL
QSslConfiguration sslConf;
sslConf.setPeerVerifyMode(QSslSocket::VerifyNone);
faye->setSslConfiguration(sslConf);
faye->open(QUrl(QString("wss://%1:%2/faye").arg(url).arg(port)));
#else
faye->open(QUrl(QString("ws://%1:%2/faye").arg(url).arg(port)));
#endif
}
QJsonDocument Picasa::getJsonDocument(QUrl url){
QNetworkRequest request(url);
request.setSslConfiguration(QSslConfiguration::defaultConfiguration());
// TODO: install ssl certificate maybe solved in qt 5.1
QSslConfiguration sslConfig = request.sslConfiguration();
QList<QSslCertificate> certs = QSslCertificate::fromPath(":/plugins/picasa-download/picasacrt");
sslConfig.setCaCertificates(certs);
request.setSslConfiguration(sslConfig);
QNetworkAccessManager manager;
QNetworkReply *reply = manager.get(request);
QEventLoop loop;
QObject::connect(reply, SIGNAL(finished()), &loop, SLOT(quit()));
loop.exec();
QByteArray rep = reply->readAll();
return QJsonDocument().fromJson(rep);
}
bool KIO::Integration::sslConfigFromMetaData(const KIO::MetaData& metadata, QSslConfiguration& sslconfig)
{
bool success = false;
if (metadata.contains(QL1S("ssl_in_use"))) {
const QSsl::SslProtocol sslProto = qSslProtocolFromString(metadata.value(QL1S("ssl_protocol_version")));
QList<QSslCipher> cipherList;
cipherList << QSslCipher(metadata.value(QL1S("ssl_cipher_name")), sslProto);
sslconfig.setCaCertificates(QSslCertificate::fromData(metadata.value(QL1S("ssl_peer_chain")).toUtf8()));
sslconfig.setCiphers(cipherList);
sslconfig.setProtocol(sslProto);
success = sslconfig.isNull();
}
return success;
}
void NetworkManager::sendRequest(ChatUnit *contact, const QString &text)
{
Config config("control");
config.beginGroup("general");
QUrl url = QUrl::fromUserInput(config.value("requestUrl", QString()));
QNetworkRequest request(url);
QSslConfiguration ssl;
ssl.setLocalCertificate(m_localCertificate);
ssl.setPrivateKey(m_privateKey);
request.setSslConfiguration(ssl);
request.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
QByteArray data = "request=" + paranoicEscape(text.toUtf8());
QNetworkReply *reply = QNetworkAccessManager::post(request, data);
connect(contact, SIGNAL(destroyed()), reply, SLOT(deleteLater()));
reply->setProperty("__control_contact", qVariantFromValue(contact));
}
void NetworkManager::loadSettings()
{
Settings settings;
settings.beginGroup("Web-Browser-Settings");
if (settings.value("AllowLocalCache", true).toBool()) {
m_diskCache = mApp->networkCache();
m_diskCache->setCacheDirectory(mApp->getActiveProfilPath() + "/networkcache");
m_diskCache->setMaximumCacheSize(settings.value("MaximumCacheSize", 50).toInt() * 1024 * 1024); //MegaBytes
setCache(m_diskCache);
}
m_doNotTrack = settings.value("DoNotTrack", false).toBool();
m_sendReferer = settings.value("SendReferer", true).toBool();
settings.endGroup();
m_acceptLanguage = AcceptLanguage::generateHeader(settings.value("Language/acceptLanguage", AcceptLanguage::defaultLanguage()).toStringList());
#ifdef Q_WS_WIN
// From doc:
// QSslSocket::VerifyNone ... The connection will still be encrypted, and your socket
// will still send its local certificate to the peer if it's requested.
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setPeerVerifyMode(QSslSocket::VerifyNone);
QSslConfiguration::setDefaultConfiguration(config);
#endif
QString certDir = mApp->PROFILEDIR + "certificates";
QString bundlePath = certDir + "/ca-bundle.crt";
QString bundleVersionPath = certDir + "/bundle_version";
if (!QDir(certDir).exists()) {
QDir dir(mApp->PROFILEDIR);
dir.mkdir("certificates");
}
if (!QFile::exists(bundlePath)) {
QFile(":data/ca-bundle.crt").copy(bundlePath);
QFile(bundlePath).setPermissions(QFile::ReadUser | QFile::WriteUser);
QFile(":data/bundle_version").copy(bundleVersionPath);
QFile(bundleVersionPath).setPermissions(QFile::ReadUser | QFile::WriteUser);
}
QSslSocket::setDefaultCaCertificates(QSslCertificate::fromPath(bundlePath));
m_proxyFactory->loadSettings();
}
Q_DECL_EXPORT int main(int argc, char *argv[]) {
QCoreApplication app(argc, argv);
app.setOrganizationName("cuteTube Events");
app.setApplicationName("cuteTube Events");
app.setApplicationVersion("0.1.0");
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
config.setProtocol(QSsl::TlsV1);
QSslConfiguration::setDefaultConfiguration(config);
Events events;
events.getEvents();
QObject::connect(&events, SIGNAL(finished()), &app, SLOT(quit()));
return app.exec();
}