def set_ssl_configuration(self): ssl_config = QSslConfiguration.defaultConfiguration() ssl_config.setCaCertificates([]) ssl_config.setPeerVerifyMode(QSslSocket.QueryPeer) ssl_config.setProtocol(QSsl.TlsV1) QSslConfiguration.setDefaultConfiguration(ssl_config)
def __init__(self, engine, parent=None): """ Constructor @param engine reference to the help engine (QHelpEngine) @param parent reference to the parent object (QObject) """ QNetworkAccessManager.__init__(self, parent) self.__adblockNetwork = None self.__schemeHandlers = {} # dictionary of scheme handlers self.__proxyFactory = E4NetworkProxyFactory() self.setProxyFactory(self.__proxyFactory) self.__setDiskCache() self.languagesChanged() if SSL_AVAILABLE: sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() caNew = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray()) for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) try: sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True) except AttributeError: pass QSslConfiguration.setDefaultConfiguration(sslCfg) self.connect(self, SIGNAL("sslErrors(QNetworkReply *, const QList<QSslError> &)"), self.__sslErrors) self.connect( self, SIGNAL("proxyAuthenticationRequired(const QNetworkProxy&, QAuthenticator*)"), self.__proxyAuthenticationRequired, ) self.connect( self, SIGNAL("authenticationRequired(QNetworkReply *, QAuthenticator *)"), self.__authenticationRequired ) # register scheme handlers self.setSchemeHandler("qthelp", QtHelpAccessHandler(engine, self)) self.setSchemeHandler("pyrc", PyrcAccessHandler(self)) self.setSchemeHandler("about", AboutAccessHandler(self)) self.setSchemeHandler("abp", AdBlockAccessHandler(self))
def __init__(self, *args, **kwargs): """Initialize this instance.""" super(WebClient, self).__init__(*args, **kwargs) self.nam = QNetworkAccessManager(QCoreApplication.instance()) self.nam.finished.connect(self._handle_finished) self.nam.authenticationRequired.connect(self._handle_authentication) self.nam.proxyAuthenticationRequired.connect(self.handle_proxy_auth) self.nam.sslErrors.connect(self._handle_ssl_errors) self.replies = {} self.proxy_retry = False self.setup_proxy() # Force Qt to load the system certificates QSslSocket.setDefaultCaCertificates(QSslSocket.systemCaCertificates()) # Apply our local certificates as the SSL configuration to be used # for all QNetworkRequest calls. self.ssl_config = QSslConfiguration.defaultConfiguration() ca_certs = self.ssl_config.caCertificates() try: for path in glob.glob( os.path.join(get_cert_dir(), "UbuntuOne*.pem")): with open(path) as f: cert = QSslCertificate(f.read()) if cert.isValid(): ca_certs.append(cert) else: logger.error("invalid certificate: {}".format(path)) except (IndexError, IOError) as err: raise WebClientError( "Unable to configure SSL certificates: {}".format(err)) self.ssl_config.setCaCertificates(ca_certs)
def __init__(self, *args, **kwargs): """Initialize this instance.""" super(WebClient, self).__init__(*args, **kwargs) self.nam = QNetworkAccessManager(QCoreApplication.instance()) self.nam.finished.connect(self._handle_finished) self.nam.authenticationRequired.connect(self._handle_authentication) self.nam.proxyAuthenticationRequired.connect(self.handle_proxy_auth) self.nam.sslErrors.connect(self._handle_ssl_errors) self.replies = {} self.proxy_retry = False self.setup_proxy() # Force Qt to load the system certificates QSslSocket.setDefaultCaCertificates(QSslSocket.systemCaCertificates()) # Apply our local certificates as the SSL configuration to be used # for all QNetworkRequest calls. self.ssl_config = QSslConfiguration.defaultConfiguration() ca_certs = self.ssl_config.caCertificates() try: for path in glob.glob(os.path.join(get_cert_dir(), "UbuntuOne*.pem")): with open(path) as f: cert = QSslCertificate(f.read()) if cert.isValid(): ca_certs.append(cert) else: logger.error("invalid certificate: {}".format(path)) except (IndexError, IOError) as err: raise WebClientError( "Unable to configure SSL certificates: {}".format(err)) self.ssl_config.setCaCertificates(ca_certs)
def create_instance(context=None): """ Inicializa la instancia, este método debe llamarse antes que getInstance() y debe llamarse por el hilo de la aplicación QT """ if context is None: class DummyDataAdapter(DataAdapter): pass o = options.Options() o.data_adapter_class = DummyDataAdapter context = Context(o) BrowserFactory.__instance = BrowserFactory(context) # deshabilita la verificación de certificados SSL ssl = QSslConfiguration.defaultConfiguration() ssl.setPeerVerifyMode(QSslSocket.VerifyNone) QSslConfiguration.setDefaultConfiguration(ssl)
from queue import Queue, Empty as QEmpty, Full as QFull from hashlib import sha1 from PyQt4 import QtCore, QtGui from PyQt4.QtCore import QUrl, QObject from PyQt4.QtNetwork import QNetworkAccessManager, QNetworkRequest, QSslConfiguration, QSslCertificate, QNetworkReply import traceback import logging import weakref ##Setup the SSL-Configuration. We accept only the two known Certificates from google; reject all other try: certs = open("cacert.pem", "r").read() except: certs = None if certs: baseSslConfig = QSslConfiguration.defaultConfiguration() baseSslConfig.setCaCertificates( QSslCertificate.fromData( certs ) ) QSslConfiguration.setDefaultConfiguration( baseSslConfig ) nam = QNetworkAccessManager() _isSecureSSL = True else: #We got no valid certificate file - accept all SSL connections nam = QNetworkAccessManager() class SSLFIX( QtCore.QObject ): def onSSLError(self, networkReply, sslErros ): networkReply.ignoreSslErrors() _SSLFIX = SSLFIX() nam.sslErrors.connect( _SSLFIX.onSSLError ) _isSecureSSL = False mimetypes.init()
def __sslErrors(self, reply, errors): """ Private slot to handle SSL errors. @param reply reference to the reply object (QNetworkReply) @param errors list of SSL errors (list of QSslError) """ caMerge = QSslCertificate.fromData(Preferences.Prefs.settings.value("Help/CaCertificates").toByteArray()) caNew = [] errorStrings = QStringList() for err in errors: if err.certificate() in caMerge: continue errorStrings.append(err.errorString()) if not err.certificate().isNull(): caNew.append(err.certificate()) if errorStrings.isEmpty(): reply.ignoreSslErrors() return errorString = errorStrings.join(".</li><li>") ret = KQMessageBox.warning( None, self.trUtf8("SSL Errors"), self.trUtf8( """<p>SSL Errors for <br /><b>%1</b>""" """<ul><li>%2</li></ul></p>""" """<p>Do you want to ignore these errors?</p>""" ) .arg(reply.url().toString()) .arg(errorString), QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes), QMessageBox.No, ) if ret == QMessageBox.Yes: if len(caNew) > 0: certinfos = QStringList() for cert in caNew: certinfos.append(self.__certToString(cert)) ret = KQMessageBox.question( None, self.trUtf8("Certificates"), self.trUtf8( """<p>Certificates:<br/>%1<br/>""" """Do you want to accept all these certificates?</p>""" ).arg(certinfos.join("")), QMessageBox.StandardButtons(QMessageBox.No | QMessageBox.Yes), QMessageBox.No, ) if ret == QMessageBox.Yes: for cert in caNew: caMerge.append(cert) sslCfg = QSslConfiguration.defaultConfiguration() caList = sslCfg.caCertificates() for cert in caNew: caList.append(cert) sslCfg.setCaCertificates(caList) sslCfg.setProtocol(QSsl.AnyProtocol) QSslConfiguration.setDefaultConfiguration(sslCfg) reply.setSslConfiguration(sslCfg) pems = QByteArray() for cert in caMerge: pems.append(cert.toPem() + "\n") Preferences.Prefs.settings.setValue("Help/CaCertificates", QVariant(pems)) reply.ignoreSslErrors()