X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fclient%2Fclientsyncer.cpp;fp=src%2Fclient%2Fclientsyncer.cpp;h=3b68b5c07a2c179ce59f4406a79b861ed44973a5;hp=e9d64f3206131bc36c917050eafca64558455ff6;hb=e06ce3bfa98752cb9e87586477dfaf31e7e1ab0a;hpb=4aed4b037ea6feaeec09743e5d6018f58d47a535 diff --git a/src/client/clientsyncer.cpp b/src/client/clientsyncer.cpp index e9d64f32..3b68b5c0 100644 --- a/src/client/clientsyncer.cpp +++ b/src/client/clientsyncer.cpp @@ -30,6 +30,7 @@ #include "networkmodel.h" #include "quassel.h" #include "signalproxy.h" +#include "util.h" ClientSyncer::ClientSyncer(QObject *parent) : QObject(parent) @@ -349,11 +350,17 @@ void ClientSyncer::resetWarningsHandler() { #ifdef HAVE_SSL void ClientSyncer::ignoreSslWarnings(bool permanently) { - QAbstractSocket *sock = qobject_cast(socket); + QSslSocket *sock = qobject_cast(socket); if(sock) { // ensure that a proper state is displayed and no longer a warning emit socketStateChanged(sock->state()); } + if(permanently) { + if(!sock) + qWarning() << Q_FUNC_INFO << "unable to save cert digest! Socket is either a nullptr or not a QSslSocket"; + else + KnownHostsSettings().saveKnownHost(sock); + } emit connectionMsg(_coreMsgBuffer["CoreInfo"].toString()); connectionReady(); } @@ -366,15 +373,26 @@ void ClientSyncer::sslSocketEncrypted() { } void ClientSyncer::sslErrors(const QList &errors) { + QByteArray knownDigest; QSslSocket *socket = qobject_cast(sender()); if(socket) { socket->ignoreSslErrors(); + knownDigest = KnownHostsSettings().knownDigest(socket); + if(knownDigest == socket->peerCertificate().digest()) { + connectionReady(); + return; + } } QStringList warnings; + foreach(QSslError err, errors) warnings << err.errorString(); + if(!knownDigest.isEmpty()) { + warnings << tr("Cert Digest changed! was: %1").arg(QString(prettyDigest(knownDigest))); + } + setWarningsHandler(SLOT(ignoreSslWarnings(bool))); emit connectionWarnings(warnings); }