diff options
| author | Felix (xq) Queißner <git@mq32.de> | 2020-06-21 18:48:46 +0200 |
|---|---|---|
| committer | Felix (xq) Queißner <git@mq32.de> | 2020-06-21 18:48:46 +0200 |
| commit | 75084776140610f31f28371a2c78191464577c40 (patch) | |
| tree | c8967b31c5d64e7e4592ad62742a9cbd61304f64 /src/geminiclient.cpp | |
| parent | 79a03469fc46ced070980a1446af94877dc8c466 (diff) | |
| download | kristall-75084776140610f31f28371a2c78191464577c40.tar.gz | |
Fixes a double-error-handlign with SSL trust. Error page is now more correct
Diffstat (limited to 'src/geminiclient.cpp')
| -rw-r--r-- | src/geminiclient.cpp | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/geminiclient.cpp b/src/geminiclient.cpp index 1f4acfb..12351ca 100644 --- a/src/geminiclient.cpp +++ b/src/geminiclient.cpp @@ -55,11 +55,13 @@ bool GeminiClient::startRequest(const QUrl &url, RequestOptions options) ssl_config.setCaCertificates(QSslConfiguration::systemCaCertificates()); socket.setSslConfiguration(ssl_config); + socket.connectToHostEncrypted(url.host(), url.port(1965)); - buffer.clear(); - body.clear(); - is_receiving_body = false; + this->buffer.clear(); + this->body.clear(); + this->is_receiving_body = false; + this->suppress_socket_tls_error = true; if(not socket.isOpen()) return false; @@ -309,14 +311,19 @@ void GeminiClient::sslErrors(QList<QSslError> const & errors) bool ignore = false; if(SslTrust::isTrustRelated(err.error())) { - if(global_gemini_trust.isTrusted(target_url, socket.peerCertificate())) + switch(global_gemini_trust.getTrust(target_url, socket.peerCertificate())) { + case SslTrust::Trusted: ignore = true; - } - else - { + break; + case SslTrust::Untrusted: + this->suppress_socket_tls_error = true; emit this->networkError(UntrustedHost, "The requested host is not trusted."); return; + case SslTrust::Mistrusted: + this->suppress_socket_tls_error = true; + emit this->networkError(MistrustedHost, "The requested host is in the trust store and its signature changed..."); + return; } } else if(err.error() == QSslError::UnableToVerifyFirstCertificate) @@ -353,6 +360,8 @@ void GeminiClient::socketError(QAbstractSocket::SocketError socketError) if(socketError == QAbstractSocket::RemoteHostClosedError) { socket.close(); } else { - this->emitNetworkError(socketError, socket.errorString()); + if(not this->suppress_socket_tls_error) { + this->emitNetworkError(socketError, socket.errorString()); + } } } |