def set_ssl_configuration(self):
ssl_config = QSslConfiguration.defaultConfiguration()
ssl_config.setCaCertificates([])
ssl_config.setPeerVerifyMode(QSslSocket.QueryPeer)
ssl_config.setProtocol(QSsl.TlsV1)
QSslConfiguration.setDefaultConfiguration(ssl_config)
def __init__(self, engine, parent=None):
"""
Constructor
@param engine reference to the help engine (QHelpEngine)
@param parent reference to the parent object (QObject)
"""
QNetworkAccessManager.__init__(self, parent)
self.__adblockNetwork = None
self.__schemeHandlers = {} # dictionary of scheme handlers
self.__proxyFactory = E4NetworkProxyFactory()
self.setProxyFactory(self.__proxyFactory)
self.__setDiskCache()
self.languagesChanged()
if SSL_AVAILABLE:
sslCfg = QSslConfiguration.defaultConfiguration()
caList = sslCfg.caCertificates()
caNew = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray())
for cert in caNew:
caList.append(cert)
sslCfg.setCaCertificates(caList)
sslCfg.setProtocol(QSsl.AnyProtocol)
try:
sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True)
except AttributeError:
pass
QSslConfiguration.setDefaultConfiguration(sslCfg)
self.connect(self, SIGNAL("sslErrors(QNetworkReply *, const QList<QSslError> &)"), self.__sslErrors)
self.connect(
self,
SIGNAL("proxyAuthenticationRequired(const QNetworkProxy&, QAuthenticator*)"),
self.__proxyAuthenticationRequired,
)
self.connect(
self, SIGNAL("authenticationRequired(QNetworkReply *, QAuthenticator *)"), self.__authenticationRequired
)
# register scheme handlers
self.setSchemeHandler("qthelp", QtHelpAccessHandler(engine, self))
self.setSchemeHandler("pyrc", PyrcAccessHandler(self))
self.setSchemeHandler("about", AboutAccessHandler(self))
self.setSchemeHandler("abp", AdBlockAccessHandler(self))
def __init__(self, *args, **kwargs):
"""Initialize this instance."""
super(WebClient, self).__init__(*args, **kwargs)
self.nam = QNetworkAccessManager(QCoreApplication.instance())
self.nam.finished.connect(self._handle_finished)
self.nam.authenticationRequired.connect(self._handle_authentication)
self.nam.proxyAuthenticationRequired.connect(self.handle_proxy_auth)
self.nam.sslErrors.connect(self._handle_ssl_errors)
self.replies = {}
self.proxy_retry = False
self.setup_proxy()
# Force Qt to load the system certificates
QSslSocket.setDefaultCaCertificates(QSslSocket.systemCaCertificates())
# Apply our local certificates as the SSL configuration to be used
# for all QNetworkRequest calls.
self.ssl_config = QSslConfiguration.defaultConfiguration()
ca_certs = self.ssl_config.caCertificates()
try:
for path in glob.glob(
os.path.join(get_cert_dir(), "UbuntuOne*.pem")):
with open(path) as f:
cert = QSslCertificate(f.read())
if cert.isValid():
ca_certs.append(cert)
else:
logger.error("invalid certificate: {}".format(path))
except (IndexError, IOError) as err:
raise WebClientError(
"Unable to configure SSL certificates: {}".format(err))
self.ssl_config.setCaCertificates(ca_certs)
def __init__(self, *args, **kwargs):
"""Initialize this instance."""
super(WebClient, self).__init__(*args, **kwargs)
self.nam = QNetworkAccessManager(QCoreApplication.instance())
self.nam.finished.connect(self._handle_finished)
self.nam.authenticationRequired.connect(self._handle_authentication)
self.nam.proxyAuthenticationRequired.connect(self.handle_proxy_auth)
self.nam.sslErrors.connect(self._handle_ssl_errors)
self.replies = {}
self.proxy_retry = False
self.setup_proxy()
# Force Qt to load the system certificates
QSslSocket.setDefaultCaCertificates(QSslSocket.systemCaCertificates())
# Apply our local certificates as the SSL configuration to be used
# for all QNetworkRequest calls.
self.ssl_config = QSslConfiguration.defaultConfiguration()
ca_certs = self.ssl_config.caCertificates()
try:
for path in glob.glob(os.path.join(get_cert_dir(),
"UbuntuOne*.pem")):
with open(path) as f:
cert = QSslCertificate(f.read())
if cert.isValid():
ca_certs.append(cert)
else:
logger.error("invalid certificate: {}".format(path))
except (IndexError, IOError) as err:
raise WebClientError(
"Unable to configure SSL certificates: {}".format(err))
self.ssl_config.setCaCertificates(ca_certs)
def create_instance(context=None): """ Inicializa la instancia, este método debe llamarse antes que getInstance() y debe llamarse por el hilo de la aplicación QT """ if context is None: class DummyDataAdapter(DataAdapter): pass o = options.Options() o.data_adapter_class = DummyDataAdapter context = Context(o) BrowserFactory.__instance = BrowserFactory(context) # deshabilita la verificación de certificados SSL ssl = QSslConfiguration.defaultConfiguration() ssl.setPeerVerifyMode(QSslSocket.VerifyNone) QSslConfiguration.setDefaultConfiguration(ssl)
from queue import Queue, Empty as QEmpty, Full as QFull
from hashlib import sha1
from PyQt4 import QtCore, QtGui
from PyQt4.QtCore import QUrl, QObject
from PyQt4.QtNetwork import QNetworkAccessManager, QNetworkRequest, QSslConfiguration, QSslCertificate, QNetworkReply
import traceback
import logging
import weakref
##Setup the SSL-Configuration. We accept only the two known Certificates from google; reject all other
try:
certs = open("cacert.pem", "r").read()
except:
certs = None
if certs:
baseSslConfig = QSslConfiguration.defaultConfiguration()
baseSslConfig.setCaCertificates( QSslCertificate.fromData( certs ) )
QSslConfiguration.setDefaultConfiguration( baseSslConfig )
nam = QNetworkAccessManager()
_isSecureSSL = True
else:
#We got no valid certificate file - accept all SSL connections
nam = QNetworkAccessManager()
class SSLFIX( QtCore.QObject ):
def onSSLError(self, networkReply, sslErros ):
networkReply.ignoreSslErrors()
_SSLFIX = SSLFIX()
nam.sslErrors.connect( _SSLFIX.onSSLError )
_isSecureSSL = False
mimetypes.init()
def __sslErrors(self, reply, errors):
"""
Private slot to handle SSL errors.
@param reply reference to the reply object (QNetworkReply)
@param errors list of SSL errors (list of QSslError)
"""
caMerge = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray())
caNew = []
errorStrings = QStringList()
for err in errors:
if err.certificate() in caMerge:
continue
errorStrings.append(err.errorString())
if not err.certificate().isNull():
caNew.append(err.certificate())
if errorStrings.isEmpty():
reply.ignoreSslErrors()
return
errorString = errorStrings.join(".</li><li>")
ret = KQMessageBox.warning(
None,
self.trUtf8("SSL Errors"),
self.trUtf8(
"""<p>SSL Errors for <br /><b>%1</b>"""
"""<ul><li>%2</li></ul></p>"""
"""<p>Do you want to ignore these errors?</p>"""
)
.arg(reply.url().toString())
.arg(errorString),
QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes),
QMessageBox.No,
)
if ret == QMessageBox.Yes:
if len(caNew) > 0:
certinfos = QStringList()
for cert in caNew:
certinfos.append(self.__certToString(cert))
ret = KQMessageBox.question(
None,
self.trUtf8("Certificates"),
self.trUtf8(
"""<p>Certificates:<br/>%1<br/>""" """Do you want to accept all these certificates?</p>"""
).arg(certinfos.join("")),
QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes),
QMessageBox.No,
)
if ret == QMessageBox.Yes:
for cert in caNew:
caMerge.append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
caList = sslCfg.caCertificates()
for cert in caNew:
caList.append(cert)
sslCfg.setCaCertificates(caList)
sslCfg.setProtocol(QSsl.AnyProtocol)
QSslConfiguration.setDefaultConfiguration(sslCfg)
reply.setSslConfiguration(sslCfg)
pems = QByteArray()
for cert in caMerge:
pems.append(cert.toPem() + "\n")
Preferences.Prefs.settings.setValue("Help/CaCertificates", QVariant(pems))
reply.ignoreSslErrors()
