def __init__(self, parent=None):
"""
Constructor
@param parent reference to the parent object (QObject)
"""
super(E5SslErrorHandler, self).__init__(parent)
caList = self.__getSystemCaCertificates()
if Preferences.Prefs.settings.contains("Help/CaCertificatesDict"):
# port old entries stored under 'Help'
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Help/CaCertificatesDict"))
Preferences.Prefs.settings.setValue(
"Ssl/CaCertificatesDict", certificateDict)
Preferences.Prefs.settings.remove("Help/CaCertificatesDict")
else:
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for server in certificateDict:
for cert in QSslCertificate.fromData(certificateDict[server]):
if cert not in caList:
caList.append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
sslCfg.setCaCertificates(caList)
sslCfg.setProtocol(QSsl.AnyProtocol)
try:
sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True)
except AttributeError:
pass
QSslConfiguration.setDefaultConfiguration(sslCfg)
def __init__(self, parent=None):
"""
Constructor
@param parent reference to the parent object (QObject)
"""
super(E5SslErrorHandler, self).__init__(parent)
caList = self.__getSystemCaCertificates()
if Preferences.Prefs.settings.contains("Help/CaCertificatesDict"):
# port old entries stored under 'Help'
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Help/CaCertificatesDict"))
Preferences.Prefs.settings.setValue(
"Ssl/CaCertificatesDict", certificateDict)
Preferences.Prefs.settings.remove("Help/CaCertificatesDict")
else:
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for server in certificateDict:
for cert in QSslCertificate.fromData(certificateDict[server]):
if cert not in caList:
caList.append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
sslCfg.setCaCertificates(caList)
sslCfg.setProtocol(QSsl.AnyProtocol)
try:
sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True)
except AttributeError:
pass
QSslConfiguration.setDefaultConfiguration(sslCfg)
def __updateDefaultConfiguration(self):
"""
Private method to update the default SSL configuration.
"""
caList = self.__getSystemCaCertificates()
certificateDict = Globals.toDict(Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for server in certificateDict:
for cert in QSslCertificate.fromData(certificateDict[server]):
if cert not in caList:
caList.append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
sslCfg.setCaCertificates(caList)
QSslConfiguration.setDefaultConfiguration(sslCfg)
def __updateDefaultConfiguration(self):
"""
Private method to update the default SSL configuration.
"""
caList = self.__getSystemCaCertificates()
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for server in certificateDict:
for cert in QSslCertificate.fromData(certificateDict[server]):
if cert not in caList:
caList.append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
sslCfg.setCaCertificates(caList)
QSslConfiguration.setDefaultConfiguration(sslCfg)
def __init__(self, *args, **kwargs):
super(Window, self).__init__(*args, **kwargs)
self.resize(800, 600)
# 浏览器设置
setting = QWebSettings.globalSettings()
setting.setAttribute(QWebSettings.PluginsEnabled, True)
# 解决xp下ssl问题
self.page().networkAccessManager().sslErrors.connect(self.handleSslErrors)
sslconf = QSslConfiguration.defaultConfiguration()
clist = sslconf.caCertificates()
cnew = QSslCertificate.fromData(b"CaCertificates")
clist.extend(cnew)
sslconf.setCaCertificates(clist)
sslconf.setProtocol(QSsl.AnyProtocol)
QSslConfiguration.setDefaultConfiguration(sslconf)
def load_certificates():
""" load (if existing and not empty) the local PEM file; split it into
individual certificates, add each to the default configuration
"""
local_cert_path = expanduser("~/.eilat/local.pem")
local_certificates = split_certificates(local_cert_path)
if local_certificates:
print(r"""
/----------------------------\
SETTING LOCAL SSL CERTIFICATES
\----------------------------/
""")
current_configuration = QSslConfiguration.defaultConfiguration()
current_certs = current_configuration.caCertificates()
for certificate in local_certificates:
current_certs.append(QSslCertificate(certificate))
current_configuration.setCaCertificates(current_certs)
QSslConfiguration.setDefaultConfiguration(current_configuration)
def load_certificates():
""" load (if existing and not empty) the local PEM file; split it into
individual certificates, add each to the default configuration
"""
local_cert_path = expanduser("~/.eilat/local.pem")
local_certificates = split_certificates(local_cert_path)
if local_certificates:
print(r"""
/----------------------------\
SETTING LOCAL SSL CERTIFICATES
\----------------------------/
""")
current_configuration = QSslConfiguration.defaultConfiguration()
current_certs = current_configuration.caCertificates()
for certificate in local_certificates:
current_certs.append(QSslCertificate(certificate))
current_configuration.setCaCertificates(current_certs)
QSslConfiguration.setDefaultConfiguration(current_configuration)
logger = getLogger(__name__)
logger.debug("icons_rc found: %r", viur_admin.ui.icons_rc) # import guard
if not isPyodide:
# Setup the SSL-Configuration. We accept only the two known Certificates from google; reject all other
try:
css = QtCore.QFile(":resources/cacert.pem")
css.open(QtCore.QFile.ReadOnly)
certs = css.readAll()
except:
certs = None
if certs:
baseSslConfig = QSslConfiguration.defaultConfiguration()
baseSslConfig.setCaCertificates(QSslCertificate.fromData(certs))
QSslConfiguration.setDefaultConfiguration(baseSslConfig)
nam = QNetworkAccessManager()
_isSecureSSL = True
else:
# We got no valid certificate file - accept all SSL connections
nam = QNetworkAccessManager()
class SSLFIX(QtCore.QObject):
def onSSLError(self, networkReply: Any, sslErros: Any) -> None:
networkReply.ignoreSslErrors()
_SSLFIX = SSLFIX()
nam.sslErrors.connect(_SSLFIX.onSSLError)
_isSecureSSL = False
class MyCookieJar(QNetworkCookieJar):
def sslErrors(self, errors, server, port=-1):
"""
Public method to handle SSL errors.
@param errors list of SSL errors (list of QSslError)
@param server name of the server (string)
@keyparam port value of the port (integer)
@return tuple indicating to ignore the SSL errors (one of NotIgnored,
SystemIgnored or UserIgnored) and indicating a change of the
default SSL configuration (boolean)
"""
caMerge = {}
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for caServer in certificateDict:
caMerge[caServer] = QSslCertificate.fromData(
certificateDict[caServer])
caNew = []
errorStrings = []
if port != -1:
server += ":{0:d}".format(port)
if errors:
for err in errors:
if err.error() == QSslError.NoError:
continue
if server in caMerge and err.certificate() in caMerge[server]:
continue
errorStrings.append(err.errorString())
if not err.certificate().isNull():
cert = err.certificate()
if cert not in caNew:
caNew.append(cert)
if not errorStrings:
return E5SslErrorHandler.SystemIgnored, False
errorString = '.</li><li>'.join(errorStrings)
ret = E5MessageBox.yesNo(
None,
self.tr("SSL Errors"),
self.tr("""<p>SSL Errors for <br /><b>{0}</b>"""
"""<ul><li>{1}</li></ul></p>"""
"""<p>Do you want to ignore these errors?</p>""").format(
server, errorString),
icon=E5MessageBox.Warning)
if ret:
caRet = False
if len(caNew) > 0:
certinfos = []
for cert in caNew:
certinfos.append(self.__certToString(cert))
caRet = E5MessageBox.yesNo(
None, self.tr("Certificates"),
self.tr("""<p>Certificates:<br/>{0}<br/>"""
"""Do you want to accept all these certificates?"""
"""</p>""").format("".join(certinfos)))
if caRet:
if server not in caMerge:
caMerge[server] = []
for cert in caNew:
caMerge[server].append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
caList = sslCfg.caCertificates()
for cert in caNew:
caList.append(cert)
sslCfg.setCaCertificates(caList)
try:
sslCfg.setProtocol(QSsl.TlsV1_1OrLater)
except AttributeError:
sslCfg.setProtocol(QSsl.SecureProtocols)
try:
sslCfg.setSslOption(QSsl.SslOptionDisableCompression,
True)
except AttributeError:
pass
QSslConfiguration.setDefaultConfiguration(sslCfg)
certificateDict = {}
for server in caMerge:
pems = QByteArray()
for cert in caMerge[server]:
pems.append(cert.toPem() + b'\n')
certificateDict[server] = pems
Preferences.Prefs.settings.setValue(
"Ssl/CaCertificatesDict", certificateDict)
return E5SslErrorHandler.UserIgnored, caRet
else:
return E5SslErrorHandler.NotIgnored, False
def sslErrors(self, errors, server, port=-1):
"""
Public method to handle SSL errors.
@param errors list of SSL errors (list of QSslError)
@param server name of the server (string)
@keyparam port value of the port (integer)
@return tuple indicating to ignore the SSL errors (one of NotIgnored,
SystemIgnored or UserIgnored) and indicating a change of the
default SSL configuration (boolean)
"""
caMerge = {}
certificateDict = Globals.toDict(
Preferences.Prefs.settings.value("Ssl/CaCertificatesDict"))
for caServer in certificateDict:
caMerge[caServer] = QSslCertificate.fromData(
certificateDict[caServer])
caNew = []
errorStrings = []
if port != -1:
server += ":{0:d}".format(port)
if errors:
for err in errors:
if err.error() == QSslError.NoError:
continue
if server in caMerge and err.certificate() in caMerge[server]:
continue
errorStrings.append(err.errorString())
if not err.certificate().isNull():
cert = err.certificate()
if cert not in caNew:
caNew.append(cert)
if not errorStrings:
return E5SslErrorHandler.SystemIgnored, False
errorString = '.</li><li>'.join(errorStrings)
ret = E5MessageBox.yesNo(
None,
self.tr("SSL Errors"),
self.tr("""<p>SSL Errors for <br /><b>{0}</b>"""
"""<ul><li>{1}</li></ul></p>"""
"""<p>Do you want to ignore these errors?</p>""")
.format(server, errorString),
icon=E5MessageBox.Warning)
if ret:
caRet = False
if len(caNew) > 0:
certinfos = []
for cert in caNew:
certinfos.append(self.__certToString(cert))
caRet = E5MessageBox.yesNo(
None,
self.tr("Certificates"),
self.tr(
"""<p>Certificates:<br/>{0}<br/>"""
"""Do you want to accept all these certificates?"""
"""</p>""")
.format("".join(certinfos)))
if caRet:
if server not in caMerge:
caMerge[server] = []
for cert in caNew:
caMerge[server].append(cert)
sslCfg = QSslConfiguration.defaultConfiguration()
caList = sslCfg.caCertificates()
for cert in caNew:
caList.append(cert)
sslCfg.setCaCertificates(caList)
sslCfg.setProtocol(QSsl.AnyProtocol)
QSslConfiguration.setDefaultConfiguration(sslCfg)
certificateDict = {}
for server in caMerge:
pems = QByteArray()
for cert in caMerge[server]:
pems.append(cert.toPem() + b'\n')
certificateDict[server] = pems
Preferences.Prefs.settings.setValue(
"Ssl/CaCertificatesDict",
certificateDict)
return E5SslErrorHandler.UserIgnored, caRet
else:
return E5SslErrorHandler.NotIgnored, False
os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = old_env
# WORKAROUND: CURA-6739
# Similar CTM file loading fix for Linux, but NOTE THAT this doesn't work directly with Python 3.5.7. There's a fix
# for ctypes.util.find_library() in Python 3.6 and 3.7. That fix makes sure that find_library() will check
# LD_LIBRARY_PATH. With Python 3.5, that fix needs to be backported to make this workaround work.
if Platform.isLinux() and getattr(sys, "frozen", False):
old_env = os.environ.get("LD_LIBRARY_PATH", "")
# This is where libopenctm.so is in the AppImage.
search_path = os.path.join(CuraApplication.getInstallPrefix(), "bin")
path_list = old_env.split(":")
if search_path not in path_list:
path_list.append(search_path)
os.environ["LD_LIBRARY_PATH"] = ":".join(path_list)
import trimesh.exchange.load
os.environ["LD_LIBRARY_PATH"] = old_env
# WORKAROUND: Cura#5488
# When using the KDE qqc2-desktop-style, the UI layout is completely broken, and
# even worse, it crashes when switching to the "Preview" pane.
if Platform.isLinux():
os.environ["QT_QUICK_CONTROLS_STYLE"] = "default"
if ApplicationMetadata.CuraDebugMode:
ssl_conf = QSslConfiguration.defaultConfiguration()
ssl_conf.setPeerVerifyMode(QSslSocket.VerifyNone)
QSslConfiguration.setDefaultConfiguration(ssl_conf)
app = CuraApplication()
app.run()
