Skip to content

Commit

Permalink
[auth] Add checkbox to exclud root CAs from bundles on pkipath method
Browse files Browse the repository at this point in the history
  • Loading branch information
elpaso committed Oct 16, 2017
1 parent d293e8f commit 891f8f2
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 29 deletions.
5 changes: 5 additions & 0 deletions src/auth/pkipaths/qgsauthpkipathsedit.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -36,9 +36,11 @@ QgsAuthPkiPathsEdit::QgsAuthPkiPathsEdit( QWidget *parent )
connect( chkPkiPathsPassShow, &QCheckBox::stateChanged, this, &QgsAuthPkiPathsEdit::chkPkiPathsPassShow_stateChanged );
connect( btnPkiPathsCert, &QToolButton::clicked, this, &QgsAuthPkiPathsEdit::btnPkiPathsCert_clicked );
connect( btnPkiPathsKey, &QToolButton::clicked, this, &QgsAuthPkiPathsEdit::btnPkiPathsKey_clicked );
connect( cbAddCas, &QCheckBox::stateChanged, this, [ = ]( int state ) { cbAddRootCa->setEnabled( state == Qt::Checked ); } );
lblCas->hide();
twCas->hide();
cbAddCas->hide();
cbAddRootCa->hide();
}

bool QgsAuthPkiPathsEdit::validateConfig()
Expand Down Expand Up @@ -107,6 +109,7 @@ bool QgsAuthPkiPathsEdit::validateConfig()
lblCas->setVisible( showCas );
twCas->setVisible( showCas );
cbAddCas->setVisible( showCas );
cbAddRootCa->setVisible( showCas );

return validityChange( certvalid );
}
Expand All @@ -118,6 +121,7 @@ QgsStringMap QgsAuthPkiPathsEdit::configMap() const
config.insert( QStringLiteral( "keypath" ), lePkiPathsKey->text() );
config.insert( QStringLiteral( "keypass" ), lePkiPathsKeyPass->text() );
config.insert( QStringLiteral( "addcas" ), cbAddCas->isChecked() ? QStringLiteral( "true" ) : QStringLiteral( "false" ) );
config.insert( QStringLiteral( "addrootca" ), cbAddRootCa->isChecked() ? QStringLiteral( "true" ) : QStringLiteral( "false" ) );

return config;
}
Expand All @@ -131,6 +135,7 @@ void QgsAuthPkiPathsEdit::loadConfig( const QgsStringMap &configmap )
lePkiPathsKey->setText( configmap.value( QStringLiteral( "keypath" ) ) );
lePkiPathsKeyPass->setText( configmap.value( QStringLiteral( "keypass" ) ) );
cbAddCas->setChecked( configmap.value( QStringLiteral( "addcas" ), QStringLiteral( "false " ) ) == QStringLiteral( "true" ) );
cbAddRootCa->setChecked( configmap.value( QStringLiteral( "addrootca" ), QStringLiteral( "false " ) ) == QStringLiteral( "true" ) );

validateConfig();
}
Expand Down
95 changes: 67 additions & 28 deletions src/auth/pkipaths/qgsauthpkipathsedit.ui
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@
<rect>
<x>0</x>
<y>0</y>
<width>449</width>
<height>260</height>
<width>415</width>
<height>268</height>
</rect>
</property>
<layout class="QGridLayout" name="gridLayout">
Expand Down Expand Up @@ -51,7 +51,7 @@
</property>
</widget>
</item>
<item row="2" column="1">
<item row="2" column="1" rowspan="2">
<widget class="QTreeWidget" name="twCas">
<property name="editTriggers">
<set>QAbstractItemView::NoEditTriggers</set>
Expand All @@ -75,17 +75,7 @@
</column>
</widget>
</item>
<item row="2" column="2" colspan="2">
<widget class="QCheckBox" name="cbAddCas">
<property name="toolTip">
<string>Add bundle CAs to the connection</string>
</property>
<property name="text">
<string>Add</string>
</property>
</widget>
</item>
<item row="3" column="0">
<item row="4" column="0">
<widget class="QLabel" name="lblPkiPathsKey">
<property name="sizePolicy">
<sizepolicy hsizetype="Maximum" vsizetype="Preferred">
Expand All @@ -98,7 +88,7 @@
</property>
</widget>
</item>
<item row="3" column="1">
<item row="4" column="1">
<widget class="QLineEdit" name="lePkiPathsKey">
<property name="readOnly">
<bool>true</bool>
Expand All @@ -108,7 +98,7 @@
</property>
</widget>
</item>
<item row="4" column="1">
<item row="5" column="1">
<widget class="QLineEdit" name="lePkiPathsKeyPass">
<property name="echoMode">
<enum>QLineEdit::Password</enum>
Expand All @@ -118,7 +108,7 @@
</property>
</widget>
</item>
<item row="5" column="1" colspan="2">
<item row="6" column="1" colspan="3">
<spacer name="verticalSpacer">
<property name="orientation">
<enum>Qt::Vertical</enum>
Expand All @@ -131,8 +121,8 @@
</property>
</spacer>
</item>
<item row="3" column="2">
<widget class="QToolButton" name="btnPkiPathsKey">
<item row="0" column="2">
<widget class="QToolButton" name="btnPkiPathsCert">
<property name="text">
<string>…</string>
</property>
Expand All @@ -142,6 +132,16 @@
</widget>
</item>
<item row="4" column="2">
<widget class="QToolButton" name="btnPkiPathsKey">
<property name="text">
<string>…</string>
</property>
<property name="popupMode">
<enum>QToolButton::InstantPopup</enum>
</property>
</widget>
</item>
<item row="5" column="2">
<widget class="QCheckBox" name="chkPkiPathsPassShow">
<property name="sizePolicy">
<sizepolicy hsizetype="Maximum" vsizetype="Fixed">
Expand All @@ -154,18 +154,57 @@
</property>
</widget>
</item>
<item row="0" column="2">
<widget class="QToolButton" name="btnPkiPathsCert">
<property name="text">
<string>…</string>
</property>
<property name="popupMode">
<enum>QToolButton::InstantPopup</enum>
</property>
</widget>
<item row="2" column="2" rowspan="2">
<layout class="QVBoxLayout" name="verticalLayout_2">
<item>
<widget class="QCheckBox" name="cbAddCas">
<property name="toolTip">
<string>Add bundle CAs to the connection</string>
</property>
<property name="text">
<string>Add</string>
</property>
</widget>
</item>
<item>
<widget class="QCheckBox" name="cbAddRootCa">
<property name="toolTip">
<string>Add also root (self-signed) CA</string>
</property>
<property name="text">
<string>Root</string>
</property>
</widget>
</item>
<item>
<spacer name="verticalSpacer_2">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
</layout>
</item>
</layout>
</widget>
<tabstops>
<tabstop>lePkiPathsCert</tabstop>
<tabstop>btnPkiPathsCert</tabstop>
<tabstop>twCas</tabstop>
<tabstop>cbAddCas</tabstop>
<tabstop>cbAddRootCa</tabstop>
<tabstop>lePkiPathsKey</tabstop>
<tabstop>btnPkiPathsKey</tabstop>
<tabstop>lePkiPathsKeyPass</tabstop>
<tabstop>chkPkiPathsPassShow</tabstop>
<tabstop>lePkiPathsMsg</tabstop>
</tabstops>
<resources/>
<connections/>
</ui>
9 changes: 8 additions & 1 deletion src/auth/pkipaths/qgsauthpkipathsmethod.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,14 @@ bool QgsAuthPkiPathsMethod::updateNetworkRequest( QNetworkRequest &request, cons
// this does not work due to the fact that QNAM overrides it in createRequest!
if ( pkibundle->config().config( QStringLiteral( "addcas" ), QStringLiteral( "false" ) ) == QStringLiteral( "true" ) )
{
sslConfig.setCaCertificates( pkibundle->caChain() );
if ( pkibundle->config().config( QStringLiteral( "addrootca" ), QStringLiteral( "false" ) ) == QStringLiteral( "true" ) )
{
sslConfig.setCaCertificates( pkibundle->caChain() );
}
else
{
sslConfig.setCaCertificates( QgsAuthCertUtils::casRemoveSelfSigned( pkibundle->caChain() ) );
}
}
request.setSslConfiguration( sslConfig );

Expand Down

0 comments on commit 891f8f2

Please sign in to comment.