NOISSUE remove macOS SSL workarounds

Should not be necessary anymore...
2017-04-25 23:03:11 +02:00 · 2017-04-25 23:03:11 +02:00 · 6fe9258161
commit 6fe9258161
parent 4fa3e2a714
7 changed files with 1 additions and 172 deletions
--- a/application/CMakeLists.txt
+++ b/application/CMakeLists.txt
@ -313,18 +313,8 @@ set(MULTIMC_QRCS
 	resources/pe_blue/pe_blue.qrc
 	resources/OSX/OSX.qrc
 	resources/iOS/iOS.qrc
 	resources/certs/certs.qrc
 )
 set(MultiMC_OSX_source
 	CertWorkaround.cpp
 	CertWorkaround.h
 )
 if(APPLE)
 	list(APPEND MULTIMC_SOURCES ${MultiMC_OSX_source})
 endif()
 ######## Windows resource files ########
 if(WIN32)
 	set(MULTIMC_RCS resources/multimc.rc)
--- a/application/CertWorkaround.cpp
+++ b/application/CertWorkaround.cpp
@ -1,120 +0,0 @@
 #include <stdexcept>
 #include <iostream>
 #include <QByteArray>
 #include <QSslSocket>
 #include <QDebug>
 #include <Security/Security.h>
 // CFRelease will crash if passed NULL
 #define SafeCFRelease(ref)                                                                     \
 	if (ref)                                                                                   \
 		CFRelease(ref);
 /*!
 * \brief LoadCertificatesFromKeyChain  Load all certificates from the KeyChain path provided
 * and return them as
 *                                      QSslCertificates.
 * \param keyChainPath                  The KeyChain path. Pass an empty string to use the
 * user's keychain.
 * \return                              A list of new QSslCertificates generated from the
 * KeyChain DER data.
 */
 static QList<QSslCertificate>
 LoadCertificatesFromKeyChain(const std::string &keyChainPath = std::string())
 {
 	QList<QSslCertificate> qtCerts;
 	SecKeychainRef certsKeyChain = NULL;
 	SecKeychainSearchRef searchItem = NULL;
 	SecKeychainItemRef itemRef = NULL;
 	CSSM_DATA certData = {0, 0};
 	try
 	{
 		OSStatus status = errSecSuccess;
 		// if a keychain path was provided, obtain a pointer
 		if (!keyChainPath.empty())
 		{
 			status = SecKeychainOpen(keyChainPath.c_str(), &certsKeyChain);
 			if (status != errSecSuccess)
 			{
 				throw status;
 			}
 		}
 		// build a search query reference for certificates
 		status = SecKeychainSearchCreateFromAttributes(certsKeyChain, kSecCertificateItemClass,
 													   NULL, &searchItem);
 		if (status != errSecSuccess)
 		{
 			throw status;
 		}
 		// loop through the certificates
 		while (SecKeychainSearchCopyNext(searchItem, &itemRef) != errSecItemNotFound)
 		{
 			// copy the KeyChain item data into a CSSM_DATA struct - this will be the certs Der
 			// data
 			status = SecKeychainItemCopyContent(itemRef, NULL, NULL,
 												reinterpret_cast<UInt32 *>(&certData.Length),
 												reinterpret_cast<void **>(&certData.Data));
 			if (status != errSecSuccess)
 			{
 				throw status;
 			}
 			// create a Qt byte array from the data - the data is NOT copied
 			const QByteArray byteArray = QByteArray::fromRawData(
 				reinterpret_cast<const char *>(certData.Data), certData.Length);
 			// create a Qt certificate from the data and add it to the list
 			QSslCertificate qtCert(byteArray, QSsl::Der);
 			qDebug() << "COMMON NAME: "
 					 << qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
 					 << " ORG NAME: "
 					 << qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
 			qtCerts << qtCert;
 		}
 	}
 	catch (OSStatus status)
 	{
 		CFStringRef errorMessage = SecCopyErrorMessageString(status, NULL);
 		std::cerr << CFStringGetCStringPtr(errorMessage, kCFStringEncodingMacRoman)
 				  << std::endl;
 		SafeCFRelease(errorMessage);
 	}
 	SecKeychainItemFreeContent(NULL, certData.Data);
 	SafeCFRelease(itemRef);
 	SafeCFRelease(searchItem);
 	SafeCFRelease(certsKeyChain);
 	return qtCerts;
 }
 void RebuildQtCertificates()
 {
 	const QList<QSslCertificate> existingCerts = QSslSocket::defaultCaCertificates();
 	QList<QSslCertificate> certs = LoadCertificatesFromKeyChain();
 	certs += LoadCertificatesFromKeyChain(
 		"/System/Library/Keychains/SystemRootCertificates.keychain");
 	Q_FOREACH (const QSslCertificate qtCert, certs)
 	{
 		if (!existingCerts.contains(qtCert))
 		{
 			qDebug() << "cert not known to Qt - adding";
 			qDebug() << "COMMON NAME: "
 					 << qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
 					 << " ORG NAME: "
 					 << qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
 			QSslSocket::addDefaultCaCertificate(qtCert);
 		}
 	}
 }
--- a/application/CertWorkaround.h
+++ b/application/CertWorkaround.h
@ -1,3 +0,0 @@
 #pragma once
 void RebuildQtCertificates();
--- a/application/MainWindow.cpp
+++ b/application/MainWindow.cpp
@ -1268,6 +1268,7 @@ void MainWindow::on_actionSettings_triggered()
 {
 	SettingsUI::ShowPageDialog(MMC->globalSettingsPages(), this, "global-settings");
 	// FIXME: quick HACK to make this work. improve, optimize.
 	MMC->instances()->loadList(true);
 	proxymodel->invalidate();
 	proxymodel->sort(0);
 	updateToolsMenu();
--- a/application/MultiMC.cpp
+++ b/application/MultiMC.cpp
@ -501,10 +501,6 @@ void MultiMC::messageReceived(const QString& message)
 	}
 }
 #ifdef Q_OS_MAC
 #include "CertWorkaround.h"
 #endif
 void MultiMC::initNetwork()
 {
 	// init the http meta cache
@ -519,15 +515,6 @@ void MultiMC::initNetwork()
 		QString pass = settings()->get("ProxyPass").toString();
 		ENV.updateProxySettings(proxyTypeStr, addr, port, user, pass);
 	}
 #ifdef Q_OS_MAC
 	Q_INIT_RESOURCE(certs);
 	RebuildQtCertificates();
 	QFile equifaxFile(":/certs/Equifax_Secure_Certificate_Authority.pem");
 	equifaxFile.open(QIODevice::ReadOnly);
 	QSslCertificate equifaxCert(equifaxFile.readAll(), QSsl::Pem);
 	QSslSocket::addDefaultCaCertificate(equifaxCert);
 #endif
 }
 void MultiMC::initTranslations()
--- a/application/resources/certs/Equifax_Secure_Certificate_Authority.pem
+++ b/application/resources/certs/Equifax_Secure_Certificate_Authority.pem
@ -1,19 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
 UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
 dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
 MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
 dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
 AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
 BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
 cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
 AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
 MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
 aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
 ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
 IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
 MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
 A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
 7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
 1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
 -----END CERTIFICATE-----
--- a/application/resources/certs/certs.qrc
+++ b/application/resources/certs/certs.qrc
@ -1,7 +0,0 @@
 <!DOCTYPE RCC>
 <RCC version="1.0">
 	<qresource prefix="/certs">
 		<file>Equifax_Secure_Certificate_Authority.pem</file>
 	</qresource>
 </RCC>
		`@ -1,3 +0,0 @@`
			`#pragma once`

			`void RebuildQtCertificates();`