check if self signed certs are really unknown (debugging): refs #130
This commit is contained in:
		| @@ -11,6 +11,7 @@ | |||||||
| #include <qbrowserlib/log.hxx> | #include <qbrowserlib/log.hxx> | ||||||
| #include <QtNetwork/QNetworkReply> | #include <QtNetwork/QNetworkReply> | ||||||
| #include <QtNetwork/QSslError> | #include <QtNetwork/QSslError> | ||||||
|  | #include <QtNetwork/QSslConfiguration> | ||||||
| #include <map> | #include <map> | ||||||
|  |  | ||||||
| #include <cassert> | #include <cassert> | ||||||
| @@ -216,6 +217,28 @@ class DownloadManager: public QObject { | |||||||
|            <<"C="<<err->certificate().subjectInfo(QSslCertificate::CountryName) |            <<"C="<<err->certificate().subjectInfo(QSslCertificate::CountryName) | ||||||
|            <<"ST="<<err->certificate().subjectInfo(QSslCertificate::StateOrProvinceName); |            <<"ST="<<err->certificate().subjectInfo(QSslCertificate::StateOrProvinceName); | ||||||
| 	LOG<<"Certificate:\n"<<err->certificate().toPem(); | 	LOG<<"Certificate:\n"<<err->certificate().toPem(); | ||||||
|  |         switch (err->error()) { | ||||||
|  |           case QSslError::SelfSignedCertificate: | ||||||
|  |           case QSslError::SelfSignedCertificateInChain: { | ||||||
|  |             QSslConfiguration sslConfig | ||||||
|  |               (QSslConfiguration::defaultConfiguration()); | ||||||
|  |             QList<QSslCertificate> certs(sslConfig.caCertificates()); | ||||||
|  |             for (QList<QSslCertificate>::iterator cert(certs.begin()); | ||||||
|  |                  cert!=certs.end(); ++cert) { | ||||||
|  |               if (err->certificate().subjectInfo(QSslCertificate::CommonName) == | ||||||
|  |                   cert->subjectInfo(QSslCertificate::CommonName)) { | ||||||
|  |                 LOG<<"Found matching CN:" | ||||||
|  |                    <<cert->subjectInfo(QSslCertificate::CommonName); | ||||||
|  |                 if (err->certificate()==*cert) { | ||||||
|  |                   LOG<<"QT-BUG! Certificate matches known certificate"; | ||||||
|  |                 } else { | ||||||
|  |                   LOG<<"CERTIFICATE ERROR! Certificates are different"; | ||||||
|  |                 } | ||||||
|  |               } | ||||||
|  |             } | ||||||
|  |           } break; | ||||||
|  |           default:; // ignore | ||||||
|  |         } | ||||||
|         _downloads[reply].error += |         _downloads[reply].error += | ||||||
|           tr("<h1>SSL Error</h1>" |           tr("<h1>SSL Error</h1>" | ||||||
|              "<dl><dt>URL:</dt><dd>%1</dd>" |              "<dl><dt>URL:</dt><dd>%1</dd>" | ||||||
| @@ -237,7 +260,7 @@ class DownloadManager: public QObject { | |||||||
|              "<tr><th>Location:</th><td>%12</td></tr>" |              "<tr><th>Location:</th><td>%12</td></tr>" | ||||||
|              "<tr><th>Organizational Unit:</th><td>%13</td></tr>" |              "<tr><th>Organizational Unit:</th><td>%13</td></tr>" | ||||||
|              "<tr><th>Country:</th><td>%14</td></tr>" |              "<tr><th>Country:</th><td>%14</td></tr>" | ||||||
|              "<tr><th>State or Provive:</th><td>%15</td></tr>" |              "<tr><th>State or Province:</th><td>%15</td></tr>" | ||||||
|              "</table>") |              "</table>") | ||||||
|           .arg(reply->url().toString()) |           .arg(reply->url().toString()) | ||||||
|           .arg(err->errorString()) |           .arg(err->errorString()) | ||||||
|   | |||||||
| @@ -588,7 +588,7 @@ openssl-%7 (%9) %10</source> | |||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
|     <message> |     <message> | ||||||
|         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Provive:</th><td>%15</td></tr></table></source> |         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Province:</th><td>%15</td></tr></table></source> | ||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
| </context> | </context> | ||||||
|   | |||||||
| @@ -588,7 +588,7 @@ openssl-%7 (%9) %10</source> | |||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
|     <message> |     <message> | ||||||
|         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Provive:</th><td>%15</td></tr></table></source> |         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Province:</th><td>%15</td></tr></table></source> | ||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
| </context> | </context> | ||||||
|   | |||||||
| @@ -588,7 +588,7 @@ openssl-%7 (%9) %10</source> | |||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
|     <message> |     <message> | ||||||
|         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Provive:</th><td>%15</td></tr></table></source> |         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Province:</th><td>%15</td></tr></table></source> | ||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
| </context> | </context> | ||||||
|   | |||||||
| @@ -588,7 +588,7 @@ openssl-%7 (%9) %10</source> | |||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
|     <message> |     <message> | ||||||
|         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Provive:</th><td>%15</td></tr></table></source> |         <source><h1>SSL Error</h1><dl><dt>URL:</dt><dd>%1</dd><dt>Error Code:</dt><dd>%3</dd><dt>Error Details:</dt><dd>%2</dd></dl><table><caption>Certificate Issuer</caption><tr><th>Organization:</th><td>%4</td></tr><tr><th>Common Name:</th><td>%5</td></tr><tr><th>Location:</th><td>%6</td></tr><tr><th>Organizational Unit:</th><td>%7</td></tr><tr><th>Country:</th><td>%8</td></tr><tr><th>State or Provive:</th><td>%9</td></tr></table><table><caption>Certificate Subject</caption><tr><th>Organization:</th><td>%10</td></tr><tr><th>Common Name:</th><td>%11</td></tr><tr><th>Location:</th><td>%12</td></tr><tr><th>Organizational Unit:</th><td>%13</td></tr><tr><th>Country:</th><td>%14</td></tr><tr><th>State or Province:</th><td>%15</td></tr></table></source> | ||||||
|         <translation type="unfinished"></translation> |         <translation type="unfinished"></translation> | ||||||
|     </message> |     </message> | ||||||
| </context> | </context> | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user