From c0c9350c43a206fd37c77f67c65197bbdc386f76 Mon Sep 17 00:00:00 2001 From: Andrea Diamantini Date: Wed, 20 Jul 2011 18:46:52 +0200 Subject: Improve SSL management Hopefully addressed the problems against our (new) SSL code. CCMAIL:timb@nth-dimension.org.uk --- src/sslinfodialog.cpp | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) (limited to 'src/sslinfodialog.cpp') diff --git a/src/sslinfodialog.cpp b/src/sslinfodialog.cpp index 56cd0858..97aafd81 100644 --- a/src/sslinfodialog.cpp +++ b/src/sslinfodialog.cpp @@ -28,6 +28,7 @@ #include "sslinfodialog.h" #include "sslinfodialog.moc" + #include #include @@ -37,12 +38,12 @@ #include #include #include -#include #include #include #include +#include SslInfoDialog::SslInfoDialog(const QString &host, const WebSslInfo &info, QWidget *parent) @@ -87,20 +88,39 @@ void SslInfoDialog::showCertificateInfo(QSslCertificate subjectCert, const QStri c += QL1S(""); ui.certInfoLabel->setText(c); + // WARNING (Security Issue): set these labels to use PlainText! ui.subjectCN->setText(subjectCert.subjectInfo(QSslCertificate::CommonName)); + ui.subjectCN->setTextFormat(Qt::PlainText); + ui.subjectO->setText(subjectCert.subjectInfo(QSslCertificate::Organization)); + ui.subjectO->setTextFormat(Qt::PlainText); + ui.subjectOU->setText(subjectCert.subjectInfo(QSslCertificate::OrganizationalUnitName)); + ui.subjectOU->setTextFormat(Qt::PlainText); + ui.subjectSN->setText(subjectCert.serialNumber()); + ui.subjectSN->setTextFormat(Qt::PlainText); ui.issuerCN->setText(subjectCert.issuerInfo(QSslCertificate::CommonName)); + ui.issuerCN->setTextFormat(Qt::PlainText); + ui.issuerO->setText(subjectCert.issuerInfo(QSslCertificate::Organization)); + ui.issuerO->setTextFormat(Qt::PlainText); + ui.issuerOU->setText(subjectCert.issuerInfo(QSslCertificate::OrganizationalUnitName)); + ui.issuerOU->setTextFormat(Qt::PlainText); ui.issuedOn->setText(subjectCert.effectiveDate().date().toString(Qt::SystemLocaleShortDate)); + ui.issuedOn->setTextFormat(Qt::PlainText); + ui.expiresOn->setText(subjectCert.expiryDate().date().toString(Qt::SystemLocaleShortDate)); + ui.expiresOn->setTextFormat(Qt::PlainText); + ui.md5->setText(subjectCert.digest(QCryptographicHash::Md5).toHex()); - ui.sha1->setText(subjectCert.digest(QCryptographicHash::Sha1).toHex()); + ui.md5->setTextFormat(Qt::PlainText); + ui.sha1->setText(subjectCert.digest(QCryptographicHash::Sha1).toHex()); + ui.sha1->setTextFormat(Qt::PlainText); } @@ -109,7 +129,9 @@ void SslInfoDialog::displayFromChain(int i) QList caList = m_info.certificateChain(); QSslCertificate cert = caList.at(i); - if(cert.isValid()) + QStringList errors = SslInfoDialog::errorsFromString(m_info.certificateErrors()).at(i); + + if(cert.isValid() && errors.isEmpty()) { QStringList certInfo; certInfo << i18n("The Certificate is Valid!"); @@ -117,7 +139,6 @@ void SslInfoDialog::displayFromChain(int i) } else { - QStringList errors = SslInfoDialog::errorsFromString(m_info.certificateErrors()).at(i); errors.prepend(i18n("The certificate for this site is NOT valid for the following reasons:")); showCertificateInfo(cert, errors); } @@ -155,10 +176,10 @@ QList SslInfoDialog::errorsFromString(const QString &s) Q_FOREACH(const QString & s, sl) { bool didConvert; - QSslError::SslError error = static_cast(s.trimmed().toInt(&didConvert)); + KSslError::Error error = static_cast(s.trimmed().toInt(&didConvert)); if(didConvert) { - errors << QSslError(error).errorString(); + errors << KSslError(error).errorString(); } } resultList << errors; -- cgit v1.2.1