Welcome to mirror list, hosted at ThFree Co, Russian Federation.

credentialscommon.cpp « creds « src - github.com/owncloud/client.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src/creds/credentialscommon.cpp
blob: 7b0e4da8ca74cd40c5f9485044d49e8159ffa8de (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

/*
 * Copyright (C) by Klaas Freitag <freitag@kde.org>
 * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
 * for more details.
 */

#include <QList>
#include <QRegExp>
#include <QString>
#include <QSslCertificate>
#include <QSslConfiguration>

#include <QDebug>

#include "creds/credentialscommon.h"

#include "mirall/utility.h"
#include "mirall/account.h"

namespace Mirall
{

int handleNeonSSLProblems(const char* prompt,
                          char* buf,
                          size_t /*len*/,
                          int /*echo*/,
                          int /*verify*/,
                          void* /*userdata*/)
{
    int re = 0;
    const QString qPrompt = QString::fromLatin1( prompt ).trimmed();

    if( qPrompt.startsWith( QLatin1String("There are problems with the SSL certificate:"))) {
        // SSL is requested. If the program came here, the SSL check was done by mirall
        // It needs to be checked if the  chain is still equal to the one which
        // was verified by the user.
        const QRegExp regexp("fingerprint: ([\\w\\d:]+)");
        bool certOk = false;
        int pos = 0;
        // This is the set of certificates which QNAM accepted, so we should accept
        // them as well
        QList<QSslCertificate> certs = AccountManager::instance()->account()->sslConfiguration().peerCertificateChain();

        while (!certOk && (pos = regexp.indexIn(qPrompt, 1+pos)) != -1) {
            QString neon_fingerprint = regexp.cap(1);

            foreach( const QSslCertificate& c, certs ) {
                QString verified_shasum = Utility::formatFingerprint(c.digest(QCryptographicHash::Sha1).toHex());
                qDebug() << "SSL Fingerprint from neon: " << neon_fingerprint << " compared to verified: " << verified_shasum;
                if( verified_shasum == neon_fingerprint ) {
                    certOk = true;
                    break;
                }
            }
        }
        // certOk = false;     DEBUG setting, keep disabled!
        if( !certOk ) { // Problem!
            qstrcpy( buf, "no" );
            re = -1;
        } else {
            qstrcpy( buf, "yes" ); // Certificate is fine!
        }
    } else {
        qDebug() << "Unknown prompt: <" << prompt << ">";
        re = -1;
    }
    return re;
}

} // ns Mirall
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 09:45:44 +0300