summaryrefslogtreecommitdiffstats
path: root/application/CertWorkaround.cpp
diff options
context:
space:
mode:
authorPetr Mrázek <peterix@gmail.com>2017-04-25 23:03:11 +0200
committerPetr Mrázek <peterix@gmail.com>2017-04-25 23:03:11 +0200
commit6fe9258161d73535466af0ac19655563b57cada1 (patch)
tree4a434991094c84652bd7578642f493be47ae6331 /application/CertWorkaround.cpp
parent4fa3e2a7144c532af62520c9da53f423d6f002ca (diff)
downloadMultiMC-6fe9258161d73535466af0ac19655563b57cada1.tar
MultiMC-6fe9258161d73535466af0ac19655563b57cada1.tar.gz
MultiMC-6fe9258161d73535466af0ac19655563b57cada1.tar.lz
MultiMC-6fe9258161d73535466af0ac19655563b57cada1.tar.xz
MultiMC-6fe9258161d73535466af0ac19655563b57cada1.zip
NOISSUE remove macOS SSL workarounds
Should not be necessary anymore...
Diffstat (limited to 'application/CertWorkaround.cpp')
-rw-r--r--application/CertWorkaround.cpp120
1 files changed, 0 insertions, 120 deletions
diff --git a/application/CertWorkaround.cpp b/application/CertWorkaround.cpp
deleted file mode 100644
index 3bd1b16e..00000000
--- a/application/CertWorkaround.cpp
+++ /dev/null
@@ -1,120 +0,0 @@
-#include <stdexcept>
-#include <iostream>
-
-#include <QByteArray>
-#include <QSslSocket>
-#include <QDebug>
-
-#include <Security/Security.h>
-
-// CFRelease will crash if passed NULL
-#define SafeCFRelease(ref) \
- if (ref) \
- CFRelease(ref);
-
-/*!
- * \brief LoadCertificatesFromKeyChain Load all certificates from the KeyChain path provided
- * and return them as
- * QSslCertificates.
- * \param keyChainPath The KeyChain path. Pass an empty string to use the
- * user's keychain.
- * \return A list of new QSslCertificates generated from the
- * KeyChain DER data.
- */
-static QList<QSslCertificate>
-LoadCertificatesFromKeyChain(const std::string &keyChainPath = std::string())
-{
- QList<QSslCertificate> qtCerts;
-
- SecKeychainRef certsKeyChain = NULL;
- SecKeychainSearchRef searchItem = NULL;
- SecKeychainItemRef itemRef = NULL;
- CSSM_DATA certData = {0, 0};
-
- try
- {
- OSStatus status = errSecSuccess;
-
- // if a keychain path was provided, obtain a pointer
- if (!keyChainPath.empty())
- {
- status = SecKeychainOpen(keyChainPath.c_str(), &certsKeyChain);
- if (status != errSecSuccess)
- {
- throw status;
- }
- }
-
- // build a search query reference for certificates
- status = SecKeychainSearchCreateFromAttributes(certsKeyChain, kSecCertificateItemClass,
- NULL, &searchItem);
- if (status != errSecSuccess)
- {
- throw status;
- }
-
- // loop through the certificates
- while (SecKeychainSearchCopyNext(searchItem, &itemRef) != errSecItemNotFound)
- {
- // copy the KeyChain item data into a CSSM_DATA struct - this will be the certs Der
- // data
- status = SecKeychainItemCopyContent(itemRef, NULL, NULL,
- reinterpret_cast<UInt32 *>(&certData.Length),
- reinterpret_cast<void **>(&certData.Data));
-
- if (status != errSecSuccess)
- {
- throw status;
- }
-
- // create a Qt byte array from the data - the data is NOT copied
- const QByteArray byteArray = QByteArray::fromRawData(
- reinterpret_cast<const char *>(certData.Data), certData.Length);
-
- // create a Qt certificate from the data and add it to the list
- QSslCertificate qtCert(byteArray, QSsl::Der);
- qDebug() << "COMMON NAME: "
- << qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
- << " ORG NAME: "
- << qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
-
- qtCerts << qtCert;
- }
- }
- catch (OSStatus status)
- {
- CFStringRef errorMessage = SecCopyErrorMessageString(status, NULL);
- std::cerr << CFStringGetCStringPtr(errorMessage, kCFStringEncodingMacRoman)
- << std::endl;
- SafeCFRelease(errorMessage);
- }
-
- SecKeychainItemFreeContent(NULL, certData.Data);
- SafeCFRelease(itemRef);
- SafeCFRelease(searchItem);
- SafeCFRelease(certsKeyChain);
-
- return qtCerts;
-}
-
-void RebuildQtCertificates()
-{
- const QList<QSslCertificate> existingCerts = QSslSocket::defaultCaCertificates();
- QList<QSslCertificate> certs = LoadCertificatesFromKeyChain();
- certs += LoadCertificatesFromKeyChain(
- "/System/Library/Keychains/SystemRootCertificates.keychain");
-
- Q_FOREACH (const QSslCertificate qtCert, certs)
- {
- if (!existingCerts.contains(qtCert))
- {
- qDebug() << "cert not known to Qt - adding";
- qDebug() << "COMMON NAME: "
- << qtCert.issuerInfo(QSslCertificate::CommonName).join('\n')
- << " ORG NAME: "
- << qtCert.issuerInfo(QSslCertificate::Organization).join('\n');
-
- QSslSocket::addDefaultCaCertificate(qtCert);
- }
- }
-}