diff options
| author | Felix (xq) Queißner <git@mq32.de> | 2020-06-16 23:32:15 +0200 |
|---|---|---|
| committer | Felix (xq) Queißner <git@mq32.de> | 2020-06-16 23:32:15 +0200 |
| commit | 62005f23ba21f1246c1f7768e60f401b2083da90 (patch) | |
| tree | 6f98a373746e78fb1f9a8681a7693bfabf2af741 /src | |
| parent | 94dbe30902e36cedb30cb89ea3bd7ecd6c5a03f2 (diff) | |
| download | kristall-62005f23ba21f1246c1f7768e60f401b2083da90.tar.gz | |
Improves SSL handling a tad.
Diffstat (limited to 'src')
| -rw-r--r-- | src/geminiclient.cpp | 13 | ||||
| -rw-r--r-- | src/webclient.cpp | 9 |
2 files changed, 17 insertions, 5 deletions
diff --git a/src/geminiclient.cpp b/src/geminiclient.cpp index c8a9642..a21eea4 100644 --- a/src/geminiclient.cpp +++ b/src/geminiclient.cpp @@ -16,11 +16,6 @@ GeminiClient::GeminiClient() : ProtocolHandler(nullptr) #else connect(&socket, QOverload<QAbstractSocket::SocketError>::of(&QTcpSocket::error), this, &GeminiClient::socketError); #endif - - QSslConfiguration ssl_config; - ssl_config.setProtocol(QSsl::TlsV1_2); - ssl_config.setCaCertificates(QList<QSslCertificate> { }); - socket.setSslConfiguration(ssl_config); } GeminiClient::~GeminiClient() @@ -41,6 +36,14 @@ bool GeminiClient::startRequest(const QUrl &url) if(socket.isOpen()) return false; + QSslConfiguration ssl_config; + ssl_config.setProtocol(QSsl::TlsV1_2); + if(not global_trust.enable_ca) + ssl_config.setCaCertificates(QList<QSslCertificate> { }); + else + ssl_config.setCaCertificates(QSslConfiguration::systemCaCertificates()); + socket.setSslConfiguration(ssl_config); + socket.connectToHostEncrypted(url.host(), url.port(1965)); buffer.clear(); diff --git a/src/webclient.cpp b/src/webclient.cpp index 40beec0..e8a9959 100644 --- a/src/webclient.cpp +++ b/src/webclient.cpp @@ -1,4 +1,5 @@ #include "webclient.hpp" +#include "kristall.hpp" #include <QNetworkRequest> #include <QNetworkReply> @@ -30,9 +31,17 @@ bool WebClient::startRequest(const QUrl &url) this->body.clear(); + QSslConfiguration ssl_config; + // ssl_config.setProtocol(QSsl::TlsV1_2); + // if(global_trust.enable_ca) + // ssl_config.setCaCertificates(QSslConfiguration::systemCaCertificates()); + // else + // ssl_config.setCaCertificates(QList<QSslCertificate> { }); + QNetworkRequest request(url); request.setMaximumRedirectsAllowed(5); request.setAttribute(QNetworkRequest::FollowRedirectsAttribute, true); + request.setSslConfiguration(ssl_config); this->current_reply = manager.get(request); if(this->current_reply == nullptr) |