NOISSUE remove macOS SSL workarounds
Should not be necessary anymore...
This commit is contained in:
parent
4fa3e2a714
commit
6fe9258161
@ -313,18 +313,8 @@ set(MULTIMC_QRCS
|
||||
resources/pe_blue/pe_blue.qrc
|
||||
resources/OSX/OSX.qrc
|
||||
resources/iOS/iOS.qrc
|
||||
resources/certs/certs.qrc
|
||||
)
|
||||
|
||||
set(MultiMC_OSX_source
|
||||
CertWorkaround.cpp
|
||||
CertWorkaround.h
|
||||
)
|
||||
|
||||
if(APPLE)
|
||||
list(APPEND MULTIMC_SOURCES ${MultiMC_OSX_source})
|
||||
endif()
|
||||
|
||||
######## Windows resource files ########
|
||||
if(WIN32)
|
||||
set(MULTIMC_RCS resources/multimc.rc)
|
||||
|
@ -1,120 +0,0 @@
|
||||
#include <stdexcept>
|
||||
#include <iostream>
|
||||
|
||||
#include <QByteArray>
|
||||
#include <QSslSocket>
|
||||
#include <QDebug>
|
||||
|
||||
#include <Security/Security.h>
|
||||
|
||||
// CFRelease will crash if passed NULL
|
||||
#define SafeCFRelease(ref) \
|
||||
if (ref) \
|
||||
CFRelease(ref);
|
||||
|
||||
/*!
|
||||
* \brief LoadCertificatesFromKeyChain Load all certificates from the KeyChain path provided
|
||||
* and return them as
|
||||
* QSslCertificates.
|
||||
* \param keyChainPath The KeyChain path. Pass an empty string to use the
|
||||
* user's keychain.
|
||||
* \return A list of new QSslCertificates generated from the
|
||||
* KeyChain DER data.
|
||||
*/
|
||||
static QList<QSslCertificate>
|
||||
LoadCertificatesFromKeyChain(const std::string &keyChainPath = std::string())
|
||||
{
|
||||
QList<QSslCertificate> qtCerts;
|
||||
|
||||
SecKeychainRef certsKeyChain = NULL;
|
||||
SecKeychainSearchRef searchItem = NULL;
|
||||
SecKeychainItemRef itemRef = NULL;
|
||||
CSSM_DATA certData = {0, 0};
|
||||
|
||||
try
|
||||
{
|
||||
OSStatus status = errSecSuccess;
|
||||
|
||||
// if a keychain path was provided, obtain a pointer
|
||||
if (!keyChainPath.empty())
|
||||
{
|
||||
status = SecKeychainOpen(keyChainPath.c_str(), &certsKeyChain);
|
||||
if (status != errSecSuccess)
|
||||
{
|
||||
throw status;
|
||||
}
|
||||
}
|
||||
|
||||
// build a search query reference for certificates
|
||||
status = SecKeychainSearchCreateFromAttributes(certsKeyChain, kSecCertificateItemClass,
|
||||
NULL, &searchItem);
|
||||
if (status != errSecSuccess)
|
||||
{
|
||||
throw status;
|
||||
}
|
||||
|
||||
// loop through the certificates
|
||||
while (SecKeychainSearchCopyNext(searchItem, &itemRef) != errSecItemNotFound)
|
||||
{
|
||||
// copy the KeyChain item data into a CSSM_DATA struct - this will be the certs Der
|
||||
// data
|
||||
status = SecKeychainItemCopyContent(itemRef, NULL, NULL,
|
||||
reinterpret_cast<UInt32 *>(&certData.Length),
|
||||
reinterpret_cast<void **>(&certData.Data));
|
||||
|
||||
if (status != errSecSuccess)
|
||||
{
|
||||
throw status;
|
||||
}
|
||||
|
||||
// create a Qt byte array from the data - the data is NOT copied
|
||||
const QByteArray byteArray = QByteArray::fromRawData(
|
||||
reinterpret_cast<const char *>(certData.Data), certData.Length);
|
||||
|
||||
// create a Qt certificate from the data and add it to the list
|
||||
QSslCertificate qtCert(byteArray, QSsl::Der);
|
||||
qDebug() << "COMMON NAME: "
|
||||
<< qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
|
||||
<< " ORG NAME: "
|
||||
<< qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
|
||||
|
||||
qtCerts << qtCert;
|
||||
}
|
||||
}
|
||||
catch (OSStatus status)
|
||||
{
|
||||
CFStringRef errorMessage = SecCopyErrorMessageString(status, NULL);
|
||||
std::cerr << CFStringGetCStringPtr(errorMessage, kCFStringEncodingMacRoman)
|
||||
<< std::endl;
|
||||
SafeCFRelease(errorMessage);
|
||||
}
|
||||
|
||||
SecKeychainItemFreeContent(NULL, certData.Data);
|
||||
SafeCFRelease(itemRef);
|
||||
SafeCFRelease(searchItem);
|
||||
SafeCFRelease(certsKeyChain);
|
||||
|
||||
return qtCerts;
|
||||
}
|
||||
|
||||
void RebuildQtCertificates()
|
||||
{
|
||||
const QList<QSslCertificate> existingCerts = QSslSocket::defaultCaCertificates();
|
||||
QList<QSslCertificate> certs = LoadCertificatesFromKeyChain();
|
||||
certs += LoadCertificatesFromKeyChain(
|
||||
"/System/Library/Keychains/SystemRootCertificates.keychain");
|
||||
|
||||
Q_FOREACH (const QSslCertificate qtCert, certs)
|
||||
{
|
||||
if (!existingCerts.contains(qtCert))
|
||||
{
|
||||
qDebug() << "cert not known to Qt - adding";
|
||||
qDebug() << "COMMON NAME: "
|
||||
<< qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
|
||||
<< " ORG NAME: "
|
||||
<< qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
|
||||
|
||||
QSslSocket::addDefaultCaCertificate(qtCert);
|
||||
}
|
||||
}
|
||||
}
|
@ -1,3 +0,0 @@
|
||||
#pragma once
|
||||
|
||||
void RebuildQtCertificates();
|
@ -1268,6 +1268,7 @@ void MainWindow::on_actionSettings_triggered()
|
||||
{
|
||||
SettingsUI::ShowPageDialog(MMC->globalSettingsPages(), this, "global-settings");
|
||||
// FIXME: quick HACK to make this work. improve, optimize.
|
||||
MMC->instances()->loadList(true);
|
||||
proxymodel->invalidate();
|
||||
proxymodel->sort(0);
|
||||
updateToolsMenu();
|
||||
|
@ -501,10 +501,6 @@ void MultiMC::messageReceived(const QString& message)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef Q_OS_MAC
|
||||
#include "CertWorkaround.h"
|
||||
#endif
|
||||
|
||||
void MultiMC::initNetwork()
|
||||
{
|
||||
// init the http meta cache
|
||||
@ -519,15 +515,6 @@ void MultiMC::initNetwork()
|
||||
QString pass = settings()->get("ProxyPass").toString();
|
||||
ENV.updateProxySettings(proxyTypeStr, addr, port, user, pass);
|
||||
}
|
||||
|
||||
#ifdef Q_OS_MAC
|
||||
Q_INIT_RESOURCE(certs);
|
||||
RebuildQtCertificates();
|
||||
QFile equifaxFile(":/certs/Equifax_Secure_Certificate_Authority.pem");
|
||||
equifaxFile.open(QIODevice::ReadOnly);
|
||||
QSslCertificate equifaxCert(equifaxFile.readAll(), QSsl::Pem);
|
||||
QSslSocket::addDefaultCaCertificate(equifaxCert);
|
||||
#endif
|
||||
}
|
||||
|
||||
void MultiMC::initTranslations()
|
||||
|
@ -1,19 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV
|
||||
UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy
|
||||
dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1
|
||||
MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx
|
||||
dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B
|
||||
AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f
|
||||
BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A
|
||||
cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC
|
||||
AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ
|
||||
MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm
|
||||
aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw
|
||||
ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj
|
||||
IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF
|
||||
MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA
|
||||
A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
|
||||
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
|
||||
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
|
||||
-----END CERTIFICATE-----
|
@ -1,7 +0,0 @@
|
||||
<!DOCTYPE RCC>
|
||||
<RCC version="1.0">
|
||||
<qresource prefix="/certs">
|
||||
<file>Equifax_Secure_Certificate_Authority.pem</file>
|
||||
</qresource>
|
||||
</RCC>
|
||||
|
Loading…
Reference in New Issue
Block a user