Mercurial > trustbridge
changeset 991:6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 01 Sep 2014 12:07:19 +0200 (2014-09-01) |
parents | 2949f1842955 |
children | a1e8ef2d7081 |
files | ui/sslconnection_curl.cpp ui/sslconnection_curl.h |
diffstat | 2 files changed, 10 insertions(+), 23 deletions(-) [+] |
line wrap: on
line diff
--- a/ui/sslconnection_curl.cpp Mon Sep 01 12:04:11 2014 +0200 +++ b/ui/sslconnection_curl.cpp Mon Sep 01 12:07:19 2014 +0200 @@ -16,25 +16,6 @@ SSLConnection (url, certificate), mCurl (NULL) { - if (certificate.isEmpty()) { - /* Security: curl does not support leaf certificate pinning. So - * while the bare connection pins the certificate directly the - * curl implementation pins the issuer of the peer certificate - * - * CURLINFO_TLS_SESSION is also not implmented for polarssl - * so there is no way to obtain / verify peer certificate manually - * at this point. - **/ -#ifdef RELEASE_BUILD -#error "Curl release build is not supported at this moment." -#else - QFile certResource(":certs/geotrust"); -#endif - certResource.open(QFile::ReadOnly); - mPinnedCert = certResource.readAll(); - certResource.close(); - } - curl_global_init(CURL_GLOBAL_DEFAULT); mCurl = curl_easy_init(); @@ -66,6 +47,7 @@ qDebug() << "Failed to write temporary certificate"; return; } + mInitialized = true; #ifdef CONNECTION_DEBUG @@ -110,7 +92,7 @@ return 0; } -/* Globally do this as we can't pass this to the c function */ +/* Globally do this as we can't pass "this" (the ptr) to the c function */ size_t ssl_curl_max_write, ssl_curl_written; size_t write_data(void *ptr, size_t size, size_t nmemb, @@ -135,9 +117,9 @@ const QString &fileName, size_t maxSize) { - QSaveFile outputFile(fileName); ssl_curl_written = 0; ssl_curl_max_write = maxSize; + QSaveFile outputFile(fileName); // Open / Create the file to write to. if (!outputFile.open(QIODevice::WriteOnly)) { qDebug() << "Failed to open file"; @@ -241,5 +223,8 @@ qDebug() << "Failed to set proxy"; return; } - qDebug() << "Set proxy to: " << proxyUrl; } + +void SSLConnectionCurl::setCiphersuites(int ciphers[]) { + qDebug() << "Set ciphersuites not supported."; +}
--- a/ui/sslconnection_curl.h Mon Sep 01 12:04:11 2014 +0200 +++ b/ui/sslconnection_curl.h Mon Sep 01 12:07:19 2014 +0200 @@ -39,14 +39,16 @@ void setProxy(const QUrl &proxyUrl); + void setCiphersuites(int ciphers[]); + private: CURL *mCurl; QTemporaryFile mCertFile; char mErrBuf[CURL_ERROR_SIZE + 1]; - /** @brief Internal write function for curl */ }; +/** @brief Internal write function for curl */ size_t write_data(void *ptr, size_t size, size_t nmemb, QSaveFile *fp); #endif // UI_SSLCONNECTION_CURL_H