def __init__(self, engine, parent=None): """ Constructor @param engine reference to the help engine (QHelpEngine) @param parent reference to the parent object (QObject) """ QNetworkAccessManager.__init__(self, parent) self.__adblockNetwork = None self.__schemeHandlers = {} # dictionary of scheme handlers self.__proxyFactory = E4NetworkProxyFactory() self.setProxyFactory(self.__proxyFactory) self.__setDiskCache() self.languagesChanged() if SSL_AVAILABLE: sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() caNew = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray()) for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) try: sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True) except AttributeError: pass QSslConfiguration.setDefaultConfiguration(sslCfg) self.connect(self, SIGNAL("sslErrors(QNetworkReply *, const QList<QSslError> &)"), self.__sslErrors) self.connect( self, SIGNAL("proxyAuthenticationRequired(const QNetworkProxy&, QAuthenticator*)"), self.__proxyAuthenticationRequired, ) self.connect( self, SIGNAL("authenticationRequired(QNetworkReply *, QAuthenticator *)"), self.__authenticationRequired ) # register scheme handlers self.setSchemeHandler("qthelp", QtHelpAccessHandler(engine, self)) self.setSchemeHandler("pyrc", PyrcAccessHandler(self)) self.setSchemeHandler("about", AboutAccessHandler(self)) self.setSchemeHandler("abp", AdBlockAccessHandler(self))
# The one retrieved is http://fm4dd.com/openssl/source/PEM/certs/1024b-rsa-example-cert.pem remote_url = 'http://fm4dd.com/openssl/source/PEM/certs/1024b-rsa-example-cert.pem' pem_path = remote_url.split('/')[-1] # Fetch certificate from remote url and write to file with open(pem_path, 'wb') as f: certificate_string = urllib.urlopen(remote_url).read() f.write(certificate_string) # Instanciate a first QgsAuthCertInfoDialog using QSslCertificate.fromPath auth_cert_info_dialog_1 = QgsAuthCertInfoDialog( QSslCertificate.fromPath(pem_path)[0], True ) auth_cert_info_dialog_1.show() # Instanciate a second QgsAuthCertInfoDialog using QSslCertificate.fromData auth_cert_info_dialog_2 = QgsAuthCertInfoDialog( QSslCertificate.fromData( QByteArray(certificate_string) )[0], False ) auth_cert_info_dialog_2.show() print(auth_cert_info_dialog_1.certInfoWidget()) # QgsAuthCertInfo print(auth_cert_info_dialog_1.trustCacheRebuilt()) # Boolean
from hashlib import sha1 from PyQt4 import QtCore, QtGui from PyQt4.QtCore import QUrl, QObject from PyQt4.QtNetwork import QNetworkAccessManager, QNetworkRequest, QSslConfiguration, QSslCertificate, QNetworkReply import traceback import logging import weakref ##Setup the SSL-Configuration. We accept only the two known Certificates from google; reject all other try: certs = open("cacert.pem", "r").read() except: certs = None if certs: baseSslConfig = QSslConfiguration.defaultConfiguration() baseSslConfig.setCaCertificates( QSslCertificate.fromData( certs ) ) QSslConfiguration.setDefaultConfiguration( baseSslConfig ) nam = QNetworkAccessManager() _isSecureSSL = True else: #We got no valid certificate file - accept all SSL connections nam = QNetworkAccessManager() class SSLFIX( QtCore.QObject ): def onSSLError(self, networkReply, sslErros ): networkReply.ignoreSslErrors() _SSLFIX = SSLFIX() nam.sslErrors.connect( _SSLFIX.onSSLError ) _isSecureSSL = False mimetypes.init() if os.path.exists("mime.types"):
def __sslErrors(self, reply, errors): """ Private slot to handle SSL errors. @param reply reference to the reply object (QNetworkReply) @param errors list of SSL errors (list of QSslError) """ caMerge = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray()) caNew = [] errorStrings = QStringList() for err in errors: if err.certificate() in caMerge: continue errorStrings.append(err.errorString()) if not err.certificate().isNull(): caNew.append(err.certificate()) if errorStrings.isEmpty(): reply.ignoreSslErrors() return errorString = errorStrings.join(".</li><li>") ret = KQMessageBox.warning( None, self.trUtf8("SSL Errors"), self.trUtf8( """<p>SSL Errors for <br /><b>%1</b>""" """<ul><li>%2</li></ul></p>""" """<p>Do you want to ignore these errors?</p>""" ) .arg(reply.url().toString()) .arg(errorString), QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes), QMessageBox.No, ) if ret == QMessageBox.Yes: if len(caNew) > 0: certinfos = QStringList() for cert in caNew: certinfos.append(self.__certToString(cert)) ret = KQMessageBox.question( None, self.trUtf8("Certificates"), self.trUtf8( """<p>Certificates:<br/>%1<br/>""" """Do you want to accept all these certificates?</p>""" ).arg(certinfos.join("")), QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes), QMessageBox.No, ) if ret == QMessageBox.Yes: for cert in caNew: caMerge.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) QSslConfiguration.setDefaultConfiguration(sslCfg) reply.setSslConfiguration(sslCfg) pems = QByteArray() for cert in caMerge: pems.append(cert.toPem() + "\n") Preferences.Prefs.settings.setValue("Help/CaCertificates", QVariant(pems)) reply.ignoreSslErrors()