Fixes a double-error-handlign with SSL trust. Error page is now more correct

author: Felix (xq) Queißner <git@mq32.de> 2020-06-21 18:48:46 +0200
committer: Felix (xq) Queißner <git@mq32.de> 2020-06-21 18:48:46 +0200
commit: 75084776140610f31f28371a2c78191464577c40 (patch)
tree: c8967b31c5d64e7e4592ad62742a9cbd61304f64 /src/webclient.cpp
parent: 79a03469fc46ced070980a1446af94877dc8c466 (diff)
download: kristall-75084776140610f31f28371a2c78191464577c40.tar.gz
1 files changed, 15 insertions, 5 deletions
diff --git a/src/webclient.cpp b/src/webclient.cpp
index b50d508..ecbcfef 100644
--- a/src/webclient.cpp
+++ b/src/webclient.cpp
@@ -54,6 +54,8 @@ bool WebClient::startRequest(const QUrl &url, RequestOptions options)
     if(this->current_reply == nullptr)
         return false;
 
+    this->suppress_socket_tls_error = true;
+
     connect(this->current_reply, &QNetworkReply::readyRead, this, &WebClient::on_data);
     connect(this->current_reply, &QNetworkReply::finished, this,  &WebClient::on_finished);
     connect(this->current_reply, &QNetworkReply::sslErrors, this, &WebClient::on_sslErrors);
@@ -129,7 +131,10 @@ void WebClient::on_finished()
 
         qDebug() << "web network error" << reply->errorString();
         qDebug() << this->body;
-        emit this->networkError(error, reply->errorString());
+
+        if(not this->suppress_socket_tls_error) {
+            emit this->networkError(error, reply->errorString());
+        }
     }
     else
     {
@@ -170,14 +175,19 @@ void WebClient::on_sslErrors(const QList<QSslError> &errors)
         bool ignore = false;
         if(SslTrust::isTrustRelated(err.error()))
         {
-            if(global_https_trust.isTrusted(current_reply->url(), current_reply->sslConfiguration().peerCertificate()))
+            switch(global_https_trust.getTrust(this->current_reply->url(), this->current_reply->sslConfiguration().peerCertificate()))
             {
+            case SslTrust::Trusted:
                 ignore = true;
-            }
-            else
-            {
+                break;
+            case SslTrust::Untrusted:
+                this->suppress_socket_tls_error = true;
                 emit this->networkError(UntrustedHost, "The requested host is not trusted.");
                 return;
+            case SslTrust::Mistrusted:
+                this->suppress_socket_tls_error = true;
+                emit this->networkError(MistrustedHost, "The requested is in the trust store and its signature changed..");
+                return;
             }
         }
         else if(err.error() == QSslError::UnableToVerifyFirstCertificate)
author	Felix (xq) Queißner <git@mq32.de>	2020-06-21 18:48:46 +0200
committer	Felix (xq) Queißner <git@mq32.de>	2020-06-21 18:48:46 +0200
commit	75084776140610f31f28371a2c78191464577c40 (patch)
tree	c8967b31c5d64e7e4592ad62742a9cbd61304f64 /src/webclient.cpp
parent	79a03469fc46ced070980a1446af94877dc8c466 (diff)
download	kristall-75084776140610f31f28371a2c78191464577c40.tar.gz