[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[vidalia-svn] r3725: Move the code that clears the default CA certificate store a (in vidalia/trunk/src/vidalia: . network res)
Author: edmanm
Date: 2009-04-19 16:55:52 -0400 (Sun, 19 Apr 2009)
New Revision: 3725
Added:
vidalia/trunk/src/vidalia/res/EntrustSecureServerCA.crt
Modified:
vidalia/trunk/src/vidalia/network/geoipresolver.cpp
vidalia/trunk/src/vidalia/res/vidalia.qrc
vidalia/trunk/src/vidalia/vidalia.cpp
vidalia/trunk/src/vidalia/vidalia.h
Log:
Move the code that clears the default CA certificate store and adds in
only those we're interested in, so it doesn't depend on the GeoIP stuff
getting initialized first. Also add the "Entrust Secure Server CA"
certificate so we can verify connections to bridges.torproject.org.
Modified: vidalia/trunk/src/vidalia/network/geoipresolver.cpp
===================================================================
--- vidalia/trunk/src/vidalia/network/geoipresolver.cpp 2009-04-19 01:57:56 UTC (rev 3724)
+++ vidalia/trunk/src/vidalia/network/geoipresolver.cpp 2009-04-19 20:55:52 UTC (rev 3725)
@@ -38,13 +38,6 @@
{
_socksAddr = QHostAddress::LocalHost;
_socksPort = 9050;
-
-#if defined(USE_QSSLSOCKET)
- QSslSocket::setDefaultCaCertificates(QList<QSslCertificate>());
- if (! QSslSocket::addDefaultCaCertificates(":/geoip/cacert_root.crt"))
- vWarn("Failed to add the GeoIP CA certificate to the default CA "
- "certificate database.");
-#endif
}
/** Sets the address and port of Tor, through which GeoIP requests will be
Added: vidalia/trunk/src/vidalia/res/EntrustSecureServerCA.crt
===================================================================
--- vidalia/trunk/src/vidalia/res/EntrustSecureServerCA.crt (rev 0)
+++ vidalia/trunk/src/vidalia/res/EntrustSecureServerCA.crt 2009-04-19 20:55:52 UTC (rev 3725)
@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UE
+BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50
+cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl
+MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UE
+AxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eTAeFw05OTA1MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQsw
+CQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3
+dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlh
+Yi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTow
+OAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDNKIM0
+VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/I0dNxScZgSYMVHIN
+iC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3wkrYKZImZNHk
+mGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OCAdcwggHT
+MBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHboIHY
+pIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
+BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChs
+aW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBM
+aW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNo
+dHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAi
+gA8xOTk5MDUyNTE2MDk0MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMC
+AQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYE
+FPAXYhNVPbP/CgBr+1CEl/PtYtAaMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9
+B0EABAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEFBQADgYEAkNwwAvpkdMKn
+CqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN95K+8cPV1ZVqBLssziY2Zcgx
+xufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd2cNgQ4xYDiKWL2KjLB+6
+rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
+-----END CERTIFICATE-----
Modified: vidalia/trunk/src/vidalia/res/vidalia.qrc
===================================================================
--- vidalia/trunk/src/vidalia/res/vidalia.qrc 2009-04-19 01:57:56 UTC (rev 3724)
+++ vidalia/trunk/src/vidalia/res/vidalia.qrc 2009-04-19 20:55:52 UTC (rev 3725)
@@ -288,7 +288,8 @@
<qresource prefix="/images">
<file>map/world-map.png</file>
</qresource>
- <qresource prefix="/geoip">
+ <qresource prefix="/pki">
<file>cacert_root.crt</file>
+ <file>EntrustSecureServerCA.crt</file>
</qresource>
</RCC>
Modified: vidalia/trunk/src/vidalia/vidalia.cpp
===================================================================
--- vidalia/trunk/src/vidalia/vidalia.cpp 2009-04-19 01:57:56 UTC (rev 3724)
+++ vidalia/trunk/src/vidalia/vidalia.cpp 2009-04-19 20:55:52 UTC (rev 3725)
@@ -35,6 +35,9 @@
#ifdef USE_MARBLE
#include <MarbleDirs.h>
#endif
+#ifdef USE_QSSLSOCKET
+#include <QSslSocket>
+#endif
/* Available command-line arguments. */
#define ARG_LANGUAGE "lang" /**< Argument specifying language. */
@@ -123,6 +126,10 @@
/* Creates a TorControl object, used to talk to Tor. */
_torControl = new TorControl();
+ /* If we were built with QSslSocket support, then populate the default
+ * CA certificate store. */
+ loadDefaultCaCertificates();
+
#ifdef USE_MARBLE
/* Tell Marble where to stash its generated data */
Marble::MarbleDirs::setMarbleDataPath(dataDirectory());
@@ -478,3 +485,20 @@
#endif
}
+void
+Vidalia::loadDefaultCaCertificates() const
+{
+#ifdef USE_QSSLSOCKET
+ QSslSocket::setDefaultCaCertificates(QList<QSslCertificate>());
+
+ if (! QSslSocket::addDefaultCaCertificates(":/pki/cacert_root.crt"))
+ vWarn("Failed to add the GeoIP CA certificate to the default CA "
+ "certificate database.");
+
+ if (! QSslSocket::addDefaultCaCertificates(":/pki/EntrustSecureServerCA.crt"))
+ vWarn("Failed to add the Entrust Secure Server CA certificate to the "
+ "default CA certificate database.");
+
+#endif
+}
+
Modified: vidalia/trunk/src/vidalia/vidalia.h
===================================================================
--- vidalia/trunk/src/vidalia/vidalia.h 2009-04-19 01:57:56 UTC (rev 3724)
+++ vidalia/trunk/src/vidalia/vidalia.h 2009-04-19 20:55:52 UTC (rev 3725)
@@ -128,9 +128,6 @@
bool winEventFilter(MSG *msg, long *result);
#endif
- /** Copies a default settings file (if one exists) to Vidalia's data
- * directory. */
- void copyDefaultSettingsFile() const;
/** Removes all currently installed QTranslators. */
static void removeAllTranslators();
@@ -150,6 +147,16 @@
/** Returns true if the specified arguments wants a value. */
bool argNeedsValue(QString argName);
+ /** Copies a default settings file (if one exists) to Vidalia's data
+ * directory.
+ */
+ void copyDefaultSettingsFile() const;
+
+ /** Clears the list of default CA certificates and adds only the ones
+ * Vidalia is interested in.
+ */
+ void loadDefaultCaCertificates() const;
+
static QMap<QString, QString> _args; /**< List of command-line arguments. */
static QString _style; /**< The current GUI style. */
static QString _language; /**< The current language. */