NOISSUE remove macOS SSL workarounds
Should not be necessary anymore...
This commit is contained in:
parent
4fa3e2a714
commit
6fe9258161
@ -313,18 +313,8 @@ set(MULTIMC_QRCS
|
|||||||
resources/pe_blue/pe_blue.qrc
|
resources/pe_blue/pe_blue.qrc
|
||||||
resources/OSX/OSX.qrc
|
resources/OSX/OSX.qrc
|
||||||
resources/iOS/iOS.qrc
|
resources/iOS/iOS.qrc
|
||||||
resources/certs/certs.qrc
|
|
||||||
)
|
)
|
||||||
|
|
||||||
set(MultiMC_OSX_source
|
|
||||||
CertWorkaround.cpp
|
|
||||||
CertWorkaround.h
|
|
||||||
)
|
|
||||||
|
|
||||||
if(APPLE)
|
|
||||||
list(APPEND MULTIMC_SOURCES ${MultiMC_OSX_source})
|
|
||||||
endif()
|
|
||||||
|
|
||||||
######## Windows resource files ########
|
######## Windows resource files ########
|
||||||
if(WIN32)
|
if(WIN32)
|
||||||
set(MULTIMC_RCS resources/multimc.rc)
|
set(MULTIMC_RCS resources/multimc.rc)
|
||||||
|
@ -1,120 +0,0 @@
|
|||||||
#include <stdexcept>
|
|
||||||
#include <iostream>
|
|
||||||
|
|
||||||
#include <QByteArray>
|
|
||||||
#include <QSslSocket>
|
|
||||||
#include <QDebug>
|
|
||||||
|
|
||||||
#include <Security/Security.h>
|
|
||||||
|
|
||||||
// CFRelease will crash if passed NULL
|
|
||||||
#define SafeCFRelease(ref) \
|
|
||||||
if (ref) \
|
|
||||||
CFRelease(ref);
|
|
||||||
|
|
||||||
/*!
|
|
||||||
* \brief LoadCertificatesFromKeyChain Load all certificates from the KeyChain path provided
|
|
||||||
* and return them as
|
|
||||||
* QSslCertificates.
|
|
||||||
* \param keyChainPath The KeyChain path. Pass an empty string to use the
|
|
||||||
* user's keychain.
|
|
||||||
* \return A list of new QSslCertificates generated from the
|
|
||||||
* KeyChain DER data.
|
|
||||||
*/
|
|
||||||
static QList<QSslCertificate>
|
|
||||||
LoadCertificatesFromKeyChain(const std::string &keyChainPath = std::string())
|
|
||||||
{
|
|
||||||
QList<QSslCertificate> qtCerts;
|
|
||||||
|
|
||||||
SecKeychainRef certsKeyChain = NULL;
|
|
||||||
SecKeychainSearchRef searchItem = NULL;
|
|
||||||
SecKeychainItemRef itemRef = NULL;
|
|
||||||
CSSM_DATA certData = {0, 0};
|
|
||||||
|
|
||||||
try
|
|
||||||
{
|
|
||||||
OSStatus status = errSecSuccess;
|
|
||||||
|
|
||||||
// if a keychain path was provided, obtain a pointer
|
|
||||||
if (!keyChainPath.empty())
|
|
||||||
{
|
|
||||||
status = SecKeychainOpen(keyChainPath.c_str(), &certsKeyChain);
|
|
||||||
if (status != errSecSuccess)
|
|
||||||
{
|
|
||||||
throw status;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// build a search query reference for certificates
|
|
||||||
status = SecKeychainSearchCreateFromAttributes(certsKeyChain, kSecCertificateItemClass,
|
|
||||||
NULL, &searchItem);
|
|
||||||
if (status != errSecSuccess)
|
|
||||||
{
|
|
||||||
throw status;
|
|
||||||
}
|
|
||||||
|
|
||||||
// loop through the certificates
|
|
||||||
while (SecKeychainSearchCopyNext(searchItem, &itemRef) != errSecItemNotFound)
|
|
||||||
{
|
|
||||||
// copy the KeyChain item data into a CSSM_DATA struct - this will be the certs Der
|
|
||||||
// data
|
|
||||||
status = SecKeychainItemCopyContent(itemRef, NULL, NULL,
|
|
||||||
reinterpret_cast<UInt32 *>(&certData.Length),
|
|
||||||
reinterpret_cast<void **>(&certData.Data));
|
|
||||||
|
|
||||||
if (status != errSecSuccess)
|
|
||||||
{
|
|
||||||
throw status;
|
|
||||||
}
|
|
||||||
|
|
||||||
// create a Qt byte array from the data - the data is NOT copied
|
|
||||||
const QByteArray byteArray = QByteArray::fromRawData(
|
|
||||||
reinterpret_cast<const char *>(certData.Data), certData.Length);
|
|
||||||
|
|
||||||
// create a Qt certificate from the data and add it to the list
|
|
||||||
QSslCertificate qtCert(byteArray, QSsl::Der);
|
|
||||||
qDebug() << "COMMON NAME: "
|
|
||||||
<< qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
|
|
||||||
<< " ORG NAME: "
|
|
||||||
<< qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
|
|
||||||
|
|
||||||
qtCerts << qtCert;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch (OSStatus status)
|
|
||||||
{
|
|
||||||
CFStringRef errorMessage = SecCopyErrorMessageString(status, NULL);
|
|
||||||
std::cerr << CFStringGetCStringPtr(errorMessage, kCFStringEncodingMacRoman)
|
|
||||||
<< std::endl;
|
|
||||||
SafeCFRelease(errorMessage);
|
|
||||||
}
|
|
||||||
|
|
||||||
SecKeychainItemFreeContent(NULL, certData.Data);
|
|
||||||
SafeCFRelease(itemRef);
|
|
||||||
SafeCFRelease(searchItem);
|
|
||||||
SafeCFRelease(certsKeyChain);
|
|
||||||
|
|
||||||
return qtCerts;
|
|
||||||
}
|
|
||||||
|
|
||||||
void RebuildQtCertificates()
|
|
||||||
{
|
|
||||||
const QList<QSslCertificate> existingCerts = QSslSocket::defaultCaCertificates();
|
|
||||||
QList<QSslCertificate> certs = LoadCertificatesFromKeyChain();
|
|
||||||
certs += LoadCertificatesFromKeyChain(
|
|
||||||
"/System/Library/Keychains/SystemRootCertificates.keychain");
|
|
||||||
|
|
||||||
Q_FOREACH (const QSslCertificate qtCert, certs)
|
|
||||||
{
|
|
||||||
if (!existingCerts.contains(qtCert))
|
|
||||||
{
|
|
||||||
qDebug() << "cert not known to Qt - adding";
|
|
||||||
qDebug() << "COMMON NAME: "
|
|
||||||
<< qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
|
|
||||||
<< " ORG NAME: "
|
|
||||||
<< qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
|
|
||||||
|
|
||||||
QSslSocket::addDefaultCaCertificate(qtCert);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,3 +0,0 @@
|
|||||||
#pragma once
|
|
||||||
|
|
||||||
void RebuildQtCertificates();
|
|
@ -1268,6 +1268,7 @@ void MainWindow::on_actionSettings_triggered()
|
|||||||
{
|
{
|
||||||
SettingsUI::ShowPageDialog(MMC->globalSettingsPages(), this, "global-settings");
|
SettingsUI::ShowPageDialog(MMC->globalSettingsPages(), this, "global-settings");
|
||||||
// FIXME: quick HACK to make this work. improve, optimize.
|
// FIXME: quick HACK to make this work. improve, optimize.
|
||||||
|
MMC->instances()->loadList(true);
|
||||||
proxymodel->invalidate();
|
proxymodel->invalidate();
|
||||||
proxymodel->sort(0);
|
proxymodel->sort(0);
|
||||||
updateToolsMenu();
|
updateToolsMenu();
|
||||||
|
@ -501,10 +501,6 @@ void MultiMC::messageReceived(const QString& message)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef Q_OS_MAC
|
|
||||||
#include "CertWorkaround.h"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
void MultiMC::initNetwork()
|
void MultiMC::initNetwork()
|
||||||
{
|
{
|
||||||
// init the http meta cache
|
// init the http meta cache
|
||||||
@ -519,15 +515,6 @@ void MultiMC::initNetwork()
|
|||||||
QString pass = settings()->get("ProxyPass").toString();
|
QString pass = settings()->get("ProxyPass").toString();
|
||||||
ENV.updateProxySettings(proxyTypeStr, addr, port, user, pass);
|
ENV.updateProxySettings(proxyTypeStr, addr, port, user, pass);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef Q_OS_MAC
|
|
||||||
Q_INIT_RESOURCE(certs);
|
|
||||||
RebuildQtCertificates();
|
|
||||||
QFile equifaxFile(":/certs/Equifax_Secure_Certificate_Authority.pem");
|
|
||||||
equifaxFile.open(QIODevice::ReadOnly);
|
|
||||||
QSslCertificate equifaxCert(equifaxFile.readAll(), QSsl::Pem);
|
|
||||||
QSslSocket::addDefaultCaCertificate(equifaxCert);
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void MultiMC::initTranslations()
|
void MultiMC::initTranslations()
|
||||||
|
@ -1,19 +0,0 @@
|
|||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
|
|
||||||
UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
|
|
||||||
dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
|
|
||||||
MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
|
|
||||||
dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
|
|
||||||
AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
|
|
||||||
BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
|
|
||||||
cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
|
|
||||||
AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
|
|
||||||
MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
|
|
||||||
aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
|
|
||||||
ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
|
|
||||||
IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
|
|
||||||
MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
|
|
||||||
A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
|
|
||||||
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
|
|
||||||
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
|
|
||||||
-----END CERTIFICATE-----
|
|
@ -1,7 +0,0 @@
|
|||||||
<!DOCTYPE RCC>
|
|
||||||
<RCC version="1.0">
|
|
||||||
<qresource prefix="/certs">
|
|
||||||
<file>Equifax_Secure_Certificate_Authority.pem</file>
|
|
||||||
</qresource>
|
|
||||||
</RCC>
|
|
||||||
|
|
Loading…
x
Reference in New Issue
Block a user