diff options
| author | Hannah von Reth <vonreth@kde.org> | 2022-05-10 16:37:43 +0300 |
|---|---|---|
| committer | Hannah von Reth <vonreth@kde.org> | 2022-05-10 16:37:43 +0300 |
| commit | 19171795ff10e92c8422a321d51e70ddf1fc7b60 (patch) | |
| tree | 18c8a7fac877ef02f3a608490b4ac5645b899b33 | |
| parent | 9cd14166b2a587f47f7b65eb445554831f6b4c4f (diff) | |
Remove Account:sslConfigurationwork/remove_QSslConfiguration
| -rw-r--r-- | src/gui/accountstate.cpp | 8 | ||||
| -rw-r--r-- | src/libsync/accessmanager.cpp | 8 | ||||
| -rw-r--r-- | src/libsync/account.cpp | 26 | ||||
| -rw-r--r-- | src/libsync/account.h | 5 | ||||
| -rw-r--r-- | src/libsync/networkjobs.cpp | 1 |
5 files changed, 7 insertions, 41 deletions
diff --git a/src/gui/accountstate.cpp b/src/gui/accountstate.cpp index b0faa2809..3f59661c2 100644 --- a/src/gui/accountstate.cpp +++ b/src/gui/accountstate.cpp @@ -315,19 +315,13 @@ void AccountState::checkConnectivity(bool blockJobs) // Check the server and then the auth. // Let's try this for all OS and see if it fixes the Qt issues we have on Linux #4720 #3888 #4051 - //#ifdef Q_OS_WIN // There seems to be a bug in Qt on Windows where QNAM sometimes stops // working correctly after the computer woke up from sleep. See #2895 #2899 // and #2973. // As an attempted workaround, reset the QNAM regularly if the account is // disconnected. - account()->resetAccessManager(); - - // If we don't reset the ssl config a second CheckServerJob can produce a - // ssl config that does not have a sensible certificate chain. - account()->setSslConfiguration(QSslConfiguration()); - //#endif account()->clearCookieJar(); + account()->resetAccessManager(); _connectionValidator->checkServerAndUpdate(); } } diff --git a/src/libsync/accessmanager.cpp b/src/libsync/accessmanager.cpp index 223531fdd..d731ddb69 100644 --- a/src/libsync/accessmanager.cpp +++ b/src/libsync/accessmanager.cpp @@ -80,11 +80,15 @@ QNetworkReply *AccessManager::createRequest(QNetworkAccessManager::Operation op, // for some reason, passing an empty list causes the default chain to be removed // this behavior does not match the documentation + auto sslConfiguration = newRequest.sslConfiguration(); + + sslConfiguration.setSslOption(QSsl::SslOptionDisableSessionTickets, false); + sslConfiguration.setSslOption(QSsl::SslOptionDisableSessionSharing, false); + sslConfiguration.setSslOption(QSsl::SslOptionDisableSessionPersistence, false); if (!_customTrustedCaCertificates.isEmpty()) { - auto sslConfiguration = newRequest.sslConfiguration(); sslConfiguration.addCaCertificates({ _customTrustedCaCertificates.begin(), _customTrustedCaCertificates.end() }); - newRequest.setSslConfiguration(sslConfiguration); } + newRequest.setSslConfiguration(sslConfiguration); const auto reply = QNetworkAccessManager::createRequest(op, newRequest, outgoingData); HttpLogger::logRequest(reply, op, outgoingData); diff --git a/src/libsync/account.cpp b/src/libsync/account.cpp index 90218acad..0087eba0e 100644 --- a/src/libsync/account.cpp +++ b/src/libsync/account.cpp @@ -253,7 +253,6 @@ QNetworkReply *Account::sendRawRequest(const QByteArray &verb, const QUrl &url, { Q_ASSERT(verb.isUpper()); req.setUrl(url); - req.setSslConfiguration(this->getOrCreateSslConfig()); if (verb == "HEAD" && !data) { return _am->head(req); } else if (verb == "GET" && !data) { @@ -268,31 +267,6 @@ QNetworkReply *Account::sendRawRequest(const QByteArray &verb, const QUrl &url, return _am->sendCustomRequest(req, verb, data); } -void Account::setSslConfiguration(const QSslConfiguration &config) -{ - _sslConfiguration = config; -} - -QSslConfiguration Account::getOrCreateSslConfig() -{ - if (!_sslConfiguration.isNull()) { - // Will be set by CheckServerJob::finished() - // We need to use a central shared config to get SSL session tickets - return _sslConfiguration; - } - - // if setting the client certificate fails, you will probably get an error similar to this: - // "An internal error number 1060 happened. SSL handshake failed, client certificate was requested: SSL error: sslv3 alert handshake failure" - QSslConfiguration sslConfig = QSslConfiguration::defaultConfiguration(); - - // Try hard to re-use session for different requests - sslConfig.setSslOption(QSsl::SslOptionDisableSessionTickets, false); - sslConfig.setSslOption(QSsl::SslOptionDisableSessionSharing, false); - sslConfig.setSslOption(QSsl::SslOptionDisableSessionPersistence, false); - - return sslConfig; -} - void Account::setApprovedCerts(const QList<QSslCertificate> &certs) { _approvedCerts = { certs.begin(), certs.end() }; diff --git a/src/libsync/account.h b/src/libsync/account.h index ad0768822..a33adaa3e 100644 --- a/src/libsync/account.h +++ b/src/libsync/account.h @@ -156,10 +156,6 @@ public: QNetworkRequest req = QNetworkRequest(), QIODevice *data = nullptr); - /** The ssl configuration during the first connection */ - QSslConfiguration getOrCreateSslConfig(); - QSslConfiguration sslConfiguration() const { return _sslConfiguration; } - void setSslConfiguration(const QSslConfiguration &config); // Because of bugs in Qt, we use this to store info needed for the SSL Button QSslCipher _sessionCipher; QByteArray _sessionTicket; @@ -288,7 +284,6 @@ private: QUrl _url; QSet<QSslCertificate> _approvedCerts; - QSslConfiguration _sslConfiguration; Capabilities _capabilities; QString _serverVersion; QScopedPointer<AbstractSslErrorHandler> _sslErrorHandler; diff --git a/src/libsync/networkjobs.cpp b/src/libsync/networkjobs.cpp index 25e2af003..6dedb2c32 100644 --- a/src/libsync/networkjobs.cpp +++ b/src/libsync/networkjobs.cpp @@ -488,7 +488,6 @@ void CheckServerJob::setMaxRedirectsAllowed(int maxRedirectsAllowed) void CheckServerJob::metaDataChangedSlot() { - account()->setSslConfiguration(reply()->sslConfiguration()); mergeSslConfigurationForSslButton(reply()->sslConfiguration(), account()); } |