def __init__(self, parent=None): """ Constructor @param parent reference to the parent object (QObject) """ super(E5SslErrorHandler, self).__init__(parent) caList = self.__getSystemCaCertificates() if Preferences.Prefs.settings.contains("Help/CaCertificatesDict"): # port old entries stored under 'Help' certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Help/CaCertificatesDict")) Preferences.Prefs.settings.setValue( "Ssl/CaCertificatesDict", certificateDict) Preferences.Prefs.settings.remove("Help/CaCertificatesDict") else: certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for server in certificateDict: for cert in QSslCertificate.fromData(certificateDict[server]): if cert not in caList: caList.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) try: sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True) except AttributeError: pass QSslConfiguration.setDefaultConfiguration(sslCfg)
def __init__(self, parent=None): """ Constructor @param parent reference to the parent object (QObject) """ super(E5SslErrorHandler, self).__init__(parent) caList = self.__getSystemCaCertificates() if Preferences.Prefs.settings.contains("Help/CaCertificatesDict"): # port old entries stored under 'Help' certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Help/CaCertificatesDict")) Preferences.Prefs.settings.setValue( "Ssl/CaCertificatesDict", certificateDict) Preferences.Prefs.settings.remove("Help/CaCertificatesDict") else: certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for server in certificateDict: for cert in QSslCertificate.fromData(certificateDict[server]): if cert not in caList: caList.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) try: sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True) except AttributeError: pass QSslConfiguration.setDefaultConfiguration(sslCfg)
def __updateDefaultConfiguration(self): """ Private method to update the default SSL configuration. """ caList = self.__getSystemCaCertificates() certificateDict = Globals.toDict(Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for server in certificateDict: for cert in QSslCertificate.fromData(certificateDict[server]): if cert not in caList: caList.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() sslCfg.setCaCertificates(caList) QSslConfiguration.setDefaultConfiguration(sslCfg)
def __updateDefaultConfiguration(self): """ Private method to update the default SSL configuration. """ caList = self.__getSystemCaCertificates() certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for server in certificateDict: for cert in QSslCertificate.fromData(certificateDict[server]): if cert not in caList: caList.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() sslCfg.setCaCertificates(caList) QSslConfiguration.setDefaultConfiguration(sslCfg)
def __init__(self, *args, **kwargs): super(Window, self).__init__(*args, **kwargs) self.resize(800, 600) # 浏览器设置 setting = QWebSettings.globalSettings() setting.setAttribute(QWebSettings.PluginsEnabled, True) # 解决xp下ssl问题 self.page().networkAccessManager().sslErrors.connect(self.handleSslErrors) sslconf = QSslConfiguration.defaultConfiguration() clist = sslconf.caCertificates() cnew = QSslCertificate.fromData(b"CaCertificates") clist.extend(cnew) sslconf.setCaCertificates(clist) sslconf.setProtocol(QSsl.AnyProtocol) QSslConfiguration.setDefaultConfiguration(sslconf)
def load_certificates(): """ load (if existing and not empty) the local PEM file; split it into individual certificates, add each to the default configuration """ local_cert_path = expanduser("~/.eilat/local.pem") local_certificates = split_certificates(local_cert_path) if local_certificates: print(r""" /----------------------------\ SETTING LOCAL SSL CERTIFICATES \----------------------------/ """) current_configuration = QSslConfiguration.defaultConfiguration() current_certs = current_configuration.caCertificates() for certificate in local_certificates: current_certs.append(QSslCertificate(certificate)) current_configuration.setCaCertificates(current_certs) QSslConfiguration.setDefaultConfiguration(current_configuration)
def load_certificates(): """ load (if existing and not empty) the local PEM file; split it into individual certificates, add each to the default configuration """ local_cert_path = expanduser("~/.eilat/local.pem") local_certificates = split_certificates(local_cert_path) if local_certificates: print(r""" /----------------------------\ SETTING LOCAL SSL CERTIFICATES \----------------------------/ """) current_configuration = QSslConfiguration.defaultConfiguration() current_certs = current_configuration.caCertificates() for certificate in local_certificates: current_certs.append(QSslCertificate(certificate)) current_configuration.setCaCertificates(current_certs) QSslConfiguration.setDefaultConfiguration(current_configuration)
logger = getLogger(__name__) logger.debug("icons_rc found: %r", viur_admin.ui.icons_rc) # import guard if not isPyodide: # Setup the SSL-Configuration. We accept only the two known Certificates from google; reject all other try: css = QtCore.QFile(":resources/cacert.pem") css.open(QtCore.QFile.ReadOnly) certs = css.readAll() except: certs = None if certs: baseSslConfig = QSslConfiguration.defaultConfiguration() baseSslConfig.setCaCertificates(QSslCertificate.fromData(certs)) QSslConfiguration.setDefaultConfiguration(baseSslConfig) nam = QNetworkAccessManager() _isSecureSSL = True else: # We got no valid certificate file - accept all SSL connections nam = QNetworkAccessManager() class SSLFIX(QtCore.QObject): def onSSLError(self, networkReply: Any, sslErros: Any) -> None: networkReply.ignoreSslErrors() _SSLFIX = SSLFIX() nam.sslErrors.connect(_SSLFIX.onSSLError) _isSecureSSL = False class MyCookieJar(QNetworkCookieJar):
def sslErrors(self, errors, server, port=-1): """ Public method to handle SSL errors. @param errors list of SSL errors (list of QSslError) @param server name of the server (string) @keyparam port value of the port (integer) @return tuple indicating to ignore the SSL errors (one of NotIgnored, SystemIgnored or UserIgnored) and indicating a change of the default SSL configuration (boolean) """ caMerge = {} certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for caServer in certificateDict: caMerge[caServer] = QSslCertificate.fromData( certificateDict[caServer]) caNew = [] errorStrings = [] if port != -1: server += ":{0:d}".format(port) if errors: for err in errors: if err.error() == QSslError.NoError: continue if server in caMerge and err.certificate() in caMerge[server]: continue errorStrings.append(err.errorString()) if not err.certificate().isNull(): cert = err.certificate() if cert not in caNew: caNew.append(cert) if not errorStrings: return E5SslErrorHandler.SystemIgnored, False errorString = '.</li><li>'.join(errorStrings) ret = E5MessageBox.yesNo( None, self.tr("SSL Errors"), self.tr("""<p>SSL Errors for <br /><b>{0}</b>""" """<ul><li>{1}</li></ul></p>""" """<p>Do you want to ignore these errors?</p>""").format( server, errorString), icon=E5MessageBox.Warning) if ret: caRet = False if len(caNew) > 0: certinfos = [] for cert in caNew: certinfos.append(self.__certToString(cert)) caRet = E5MessageBox.yesNo( None, self.tr("Certificates"), self.tr("""<p>Certificates:<br/>{0}<br/>""" """Do you want to accept all these certificates?""" """</p>""").format("".join(certinfos))) if caRet: if server not in caMerge: caMerge[server] = [] for cert in caNew: caMerge[server].append(cert) sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) try: sslCfg.setProtocol(QSsl.TlsV1_1OrLater) except AttributeError: sslCfg.setProtocol(QSsl.SecureProtocols) try: sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True) except AttributeError: pass QSslConfiguration.setDefaultConfiguration(sslCfg) certificateDict = {} for server in caMerge: pems = QByteArray() for cert in caMerge[server]: pems.append(cert.toPem() + b'\n') certificateDict[server] = pems Preferences.Prefs.settings.setValue( "Ssl/CaCertificatesDict", certificateDict) return E5SslErrorHandler.UserIgnored, caRet else: return E5SslErrorHandler.NotIgnored, False
def sslErrors(self, errors, server, port=-1): """ Public method to handle SSL errors. @param errors list of SSL errors (list of QSslError) @param server name of the server (string) @keyparam port value of the port (integer) @return tuple indicating to ignore the SSL errors (one of NotIgnored, SystemIgnored or UserIgnored) and indicating a change of the default SSL configuration (boolean) """ caMerge = {} certificateDict = Globals.toDict( Preferences.Prefs.settings.value("Ssl/CaCertificatesDict")) for caServer in certificateDict: caMerge[caServer] = QSslCertificate.fromData( certificateDict[caServer]) caNew = [] errorStrings = [] if port != -1: server += ":{0:d}".format(port) if errors: for err in errors: if err.error() == QSslError.NoError: continue if server in caMerge and err.certificate() in caMerge[server]: continue errorStrings.append(err.errorString()) if not err.certificate().isNull(): cert = err.certificate() if cert not in caNew: caNew.append(cert) if not errorStrings: return E5SslErrorHandler.SystemIgnored, False errorString = '.</li><li>'.join(errorStrings) ret = E5MessageBox.yesNo( None, self.tr("SSL Errors"), self.tr("""<p>SSL Errors for <br /><b>{0}</b>""" """<ul><li>{1}</li></ul></p>""" """<p>Do you want to ignore these errors?</p>""") .format(server, errorString), icon=E5MessageBox.Warning) if ret: caRet = False if len(caNew) > 0: certinfos = [] for cert in caNew: certinfos.append(self.__certToString(cert)) caRet = E5MessageBox.yesNo( None, self.tr("Certificates"), self.tr( """<p>Certificates:<br/>{0}<br/>""" """Do you want to accept all these certificates?""" """</p>""") .format("".join(certinfos))) if caRet: if server not in caMerge: caMerge[server] = [] for cert in caNew: caMerge[server].append(cert) sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) QSslConfiguration.setDefaultConfiguration(sslCfg) certificateDict = {} for server in caMerge: pems = QByteArray() for cert in caMerge[server]: pems.append(cert.toPem() + b'\n') certificateDict[server] = pems Preferences.Prefs.settings.setValue( "Ssl/CaCertificatesDict", certificateDict) return E5SslErrorHandler.UserIgnored, caRet else: return E5SslErrorHandler.NotIgnored, False
os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = old_env # WORKAROUND: CURA-6739 # Similar CTM file loading fix for Linux, but NOTE THAT this doesn't work directly with Python 3.5.7. There's a fix # for ctypes.util.find_library() in Python 3.6 and 3.7. That fix makes sure that find_library() will check # LD_LIBRARY_PATH. With Python 3.5, that fix needs to be backported to make this workaround work. if Platform.isLinux() and getattr(sys, "frozen", False): old_env = os.environ.get("LD_LIBRARY_PATH", "") # This is where libopenctm.so is in the AppImage. search_path = os.path.join(CuraApplication.getInstallPrefix(), "bin") path_list = old_env.split(":") if search_path not in path_list: path_list.append(search_path) os.environ["LD_LIBRARY_PATH"] = ":".join(path_list) import trimesh.exchange.load os.environ["LD_LIBRARY_PATH"] = old_env # WORKAROUND: Cura#5488 # When using the KDE qqc2-desktop-style, the UI layout is completely broken, and # even worse, it crashes when switching to the "Preview" pane. if Platform.isLinux(): os.environ["QT_QUICK_CONTROLS_STYLE"] = "default" if ApplicationMetadata.CuraDebugMode: ssl_conf = QSslConfiguration.defaultConfiguration() ssl_conf.setPeerVerifyMode(QSslSocket.VerifyNone) QSslConfiguration.setDefaultConfiguration(ssl_conf) app = CuraApplication() app.run()