projects
/
quassel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
You can now add a core to the known hosts.
[quassel.git]
/
src
/
client
/
clientsyncer.cpp
diff --git
a/src/client/clientsyncer.cpp
b/src/client/clientsyncer.cpp
index
e9d64f3
..
3b68b5c
100644
(file)
--- a/
src/client/clientsyncer.cpp
+++ b/
src/client/clientsyncer.cpp
@@
-30,6
+30,7
@@
#include "networkmodel.h"
#include "quassel.h"
#include "signalproxy.h"
#include "networkmodel.h"
#include "quassel.h"
#include "signalproxy.h"
+#include "util.h"
ClientSyncer::ClientSyncer(QObject *parent)
: QObject(parent)
ClientSyncer::ClientSyncer(QObject *parent)
: QObject(parent)
@@
-349,11
+350,17
@@
void ClientSyncer::resetWarningsHandler() {
#ifdef HAVE_SSL
void ClientSyncer::ignoreSslWarnings(bool permanently) {
#ifdef HAVE_SSL
void ClientSyncer::ignoreSslWarnings(bool permanently) {
- Q
AbstractSocket *sock = qobject_cast<QAbstract
Socket *>(socket);
+ Q
SslSocket *sock = qobject_cast<QSsl
Socket *>(socket);
if(sock) {
// ensure that a proper state is displayed and no longer a warning
emit socketStateChanged(sock->state());
}
if(sock) {
// ensure that a proper state is displayed and no longer a warning
emit socketStateChanged(sock->state());
}
+ if(permanently) {
+ if(!sock)
+ qWarning() << Q_FUNC_INFO << "unable to save cert digest! Socket is either a nullptr or not a QSslSocket";
+ else
+ KnownHostsSettings().saveKnownHost(sock);
+ }
emit connectionMsg(_coreMsgBuffer["CoreInfo"].toString());
connectionReady();
}
emit connectionMsg(_coreMsgBuffer["CoreInfo"].toString());
connectionReady();
}
@@
-366,15
+373,26
@@
void ClientSyncer::sslSocketEncrypted() {
}
void ClientSyncer::sslErrors(const QList<QSslError> &errors) {
}
void ClientSyncer::sslErrors(const QList<QSslError> &errors) {
+ QByteArray knownDigest;
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
if(socket) {
socket->ignoreSslErrors();
QSslSocket *socket = qobject_cast<QSslSocket *>(sender());
if(socket) {
socket->ignoreSslErrors();
+ knownDigest = KnownHostsSettings().knownDigest(socket);
+ if(knownDigest == socket->peerCertificate().digest()) {
+ connectionReady();
+ return;
+ }
}
QStringList warnings;
}
QStringList warnings;
+
foreach(QSslError err, errors)
warnings << err.errorString();
foreach(QSslError err, errors)
warnings << err.errorString();
+ if(!knownDigest.isEmpty()) {
+ warnings << tr("Cert Digest changed! was: %1").arg(QString(prettyDigest(knownDigest)));
+ }
+
setWarningsHandler(SLOT(ignoreSslWarnings(bool)));
emit connectionWarnings(warnings);
}
setWarningsHandler(SLOT(ignoreSslWarnings(bool)));
emit connectionWarnings(warnings);
}