From 7a2fdf3fd60a63c1a67986d9f83b321ea3758b9d Mon Sep 17 00:00:00 2001 From: Dominik Riebeling Date: Sat, 19 Mar 2022 16:54:27 +0100 Subject: rbutil: Handle SSL certificate errors on first request. Qt uses the systems certificate store. On old(er) systems the root certificate might not be present, so checking the certificate from the rockbox.org server might fail. On startup we try to download the build-info file. If this fails with a certificate error allow the user to temporarily accept the rockbox.org certificate for all successive requests. Change-Id: I459e12d53286aaedea4db659d90a5e057c56801f --- utils/rbutilqt/base/httpget.h | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'utils/rbutilqt/base/httpget.h') diff --git a/utils/rbutilqt/base/httpget.h b/utils/rbutilqt/base/httpget.h index 443a606e6d..fb5b920b47 100644 --- a/utils/rbutilqt/base/httpget.h +++ b/utils/rbutilqt/base/httpget.h @@ -73,6 +73,8 @@ class HttpGet : public QObject //< set global user agent string static void setGlobalUserAgent(const QString& u) { m_globalUserAgent = u; } + static void addTrustedPeerCert(QSslCertificate cert) + { m_acceptedClientCerts.append(cert);} public slots: void abort(void); @@ -81,14 +83,17 @@ class HttpGet : public QObject void done(QNetworkReply::NetworkError error); void dataReadProgress(int, int); void headerFinished(void); + void sslError(const QSslError& error, const QSslCertificate& peerCert); private slots: void requestFinished(QNetworkReply* reply); void startRequest(QUrl url); void downloadProgress(qint64 received, qint64 total); void networkError(QNetworkReply::NetworkError error); + void gotSslError(const QList &errors); private: + static QList m_acceptedClientCerts; static QString m_globalUserAgent; static QNetworkProxy m_globalProxy; QNetworkAccessManager m_mgr; -- cgit v1.2.3