C++ QSslConfiguration::setPeerVerifyMode方法代码示例

void HeadlessApplication::getFavoriteThreads() {

    // list green + yellow flags
    const QUrl url(DefineConsts::FORUM_URL + "/forum1f.php?owntopic=1");

    qDebug() << "getFavoriteThreads()";
    CookieJar *cookies = new CookieJar();
    cookies->loadFromDisk();
    QNetworkAccessManager *accessManager = new QNetworkAccessManager();
    accessManager->setCookieJar(cookies);


    QNetworkRequest request(url);
    request.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");

    QSslConfiguration sslConfig = request.sslConfiguration();
    sslConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
    sslConfig.setPeerVerifyDepth(1);
    sslConfig.setProtocol(QSsl::TlsV1);
    sslConfig.setSslOption(QSsl::SslOptionDisableSessionTickets, true);

    QNetworkReply* reply = accessManager->get(request);
    bool ok = connect(reply, SIGNAL(finished()), this, SLOT(checkReplyFav()));
    Q_ASSERT(ok);
    Q_UNUSED(ok);
}

void AcceptandPayOfferListPage::RefreshImage()
{
	QIcon ButtonIcon(m_placeholderImage);
	ui->imageButton->setIcon(ButtonIcon);
	
	if(m_imageList.size() > 0 && m_imageList.at(0) != QString(""))
	{
		QString parsedURL = m_imageList.at(0).simplified();
		m_url = QUrl(parsedURL);
		if(m_url.isValid())
		{
			QNetworkRequest request(m_url);
			request.setRawHeader("Accept", "q=0.9,image/webp,*/*;q=0.8");
			request.setRawHeader("Cache-Control", "no-cache");
			request.setRawHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36");
			QSslConfiguration conf = request.sslConfiguration();
			conf.setPeerVerifyMode(QSslSocket::VerifyNone);
			conf.setProtocol(QSsl::TlsV1_0);
			request.setSslConfiguration(conf);
			QNetworkReply *reply = m_netwManager->get(request);
			reply->ignoreSslErrors();
			connect(reply, SIGNAL(finished()), this, SLOT(netwManagerFinished()));
		}
	}
}

void QMQTT::ClientPrivate::init(const QString& hostName, const quint16 port, const bool ssl,
                                const bool ignoreSelfSigned)
{
    _hostName = hostName;
    _port = port;
    if (ssl)
    {
#ifndef QT_NO_SSL
        QSslConfiguration sslConf = QSslConfiguration::defaultConfiguration();
        QList<QSslCertificate> certs = QSslCertificate::fromPath(QStringLiteral("./cert.crt"));
        if (!certs.isEmpty())
            sslConf.setLocalCertificate(certs.first());
        QFile file(QStringLiteral("./cert.key"));
        if (file.open(QIODevice::ReadOnly)) {
            sslConf.setPrivateKey(QSslKey(file.readAll(), QSsl::Rsa));
        }
        sslConf.setPeerVerifyMode(QSslSocket::VerifyNone);
#if QT_VERSION < 0x050000
        sslConf.setProtocol(QSsl::TlsV1);
#endif
        init(hostName, port, sslConf, ignoreSelfSigned);
#else
        Q_UNUSED(ignoreSelfSigned)
        qCritical() << "SSL not supported in this QT build";
#endif // QT_NO_SSL
    }
    else
    {
        init(new Network);
    }
}

QNetworkReply* NetworkAccessManager::createRequest(Operation op, const QNetworkRequest& request, QIODevice *outgoingData)
{
	QNetworkRequest req(request);

	if(!QSslSocket::supportsSsl()) {
		if(req.url().scheme().toLower() == QLatin1String("https"))
			qCritical() << "Request using https scheme without SSL support";
	} else {
		QSslConfiguration sslConfig = req.sslConfiguration();
#ifdef U_NAM_DEBUG
		qDebug() << Q_FUNC_INFO << "NAM: ssl support, configuring it now.";
#endif
		sslConfig.setProtocol(QSsl::TlsV1SslV3);
		sslConfig.setPeerVerifyMode(QSslSocket::AutoVerifyPeer);

		req.setSslConfiguration(sslConfig);
	}

    if(op == QNetworkAccessManager::PostOperation) {
        QString contentType = req.header(QNetworkRequest::ContentTypeHeader).toString();
        if(contentType.isEmpty()) {
            req.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
        }
    }

    return QNetworkAccessManager::createRequest(op, req, outgoingData);
}

//-----------------------------------------------------------------------------
void
UrlFactory::_tryCorrectGoogleVersions(QNetworkAccessManager* networkManager)
{
    QMutexLocker locker(&_googleVersionMutex);
    if (_googleVersionRetrieved) {
        return;
    }
    _googleVersionRetrieved = true;
    if(networkManager)
    {
        QNetworkRequest qheader;
        QNetworkProxy proxy = networkManager->proxy();
        QNetworkProxy tProxy;
        tProxy.setType(QNetworkProxy::DefaultProxy);
        networkManager->setProxy(tProxy);
        QSslConfiguration conf = qheader.sslConfiguration();
        conf.setPeerVerifyMode(QSslSocket::VerifyNone);
        qheader.setSslConfiguration(conf);
        QString url = "http://maps.google.com/maps/api/js?v=3.2&sensor=false";
        qheader.setUrl(QUrl(url));
        QByteArray ua;
        ua.append(getQGCMapEngine()->userAgent());
        qheader.setRawHeader("User-Agent", ua);
        _googleReply = networkManager->get(qheader);
        connect(_googleReply, &QNetworkReply::finished, this, &UrlFactory::_googleVersionCompleted);
        connect(_googleReply, &QNetworkReply::destroyed, this, &UrlFactory::_replyDestroyed);
        connect(_googleReply, static_cast<void (QNetworkReply::*)(QNetworkReply::NetworkError)>(&QNetworkReply::error),
                this, &UrlFactory::_networkReplyError);
        networkManager->setProxy(proxy);
    }
}

QNetworkReply* NetworkAccessManager::createRequest(QNetworkAccessManager::Operation oparation, const QNetworkRequest &request, QIODevice * outgoingData = 0) {
  QNetworkRequest new_request(request);

  // emulate Firefox, allowing to disable certificate
  // verification using an environment variable
  if (!strcmp(getenv("IGNORECERT"), "1")) {
    QSslConfiguration config = request.sslConfiguration();
    config.setPeerVerifyMode(QSslSocket::VerifyNone);
    config.setProtocol(QSsl::TlsV1);
    QNetworkRequest new_request(request);
    new_request.setSslConfiguration(config);
  }

  QHashIterator<QString, QString> item(m_headers);
  while (item.hasNext()) {
      item.next();
      new_request.setRawHeader(item.key().toAscii(), item.value().toAscii());
  }
  QNetworkReply *reply = QNetworkAccessManager::createRequest(oparation, new_request, outgoingData);

  // not sure 100% if this is needed, but just in case
  if (!strcmp(getenv("IGNORECERT"), "1"))
    reply->ignoreSslErrors();

  return reply;
};

QT_USE_NAMESPACE

//! [constructor]
SslEchoServer::SslEchoServer(quint16 port, QObject *parent) :
    QObject(parent),
    m_pWebSocketServer(Q_NULLPTR),
    m_clients()
{
    m_pWebSocketServer = new QWebSocketServer(QStringLiteral("SSL Echo Server"),
                                              QWebSocketServer::SecureMode,
                                              this);
    QSslConfiguration sslConfiguration;
    QFile certFile(QStringLiteral("./localhost.cert"));
    QFile keyFile(QStringLiteral("./localhost.key"));
    certFile.open(QIODevice::ReadOnly);
    keyFile.open(QIODevice::ReadOnly);
    QSslCertificate certificate(&certFile, QSsl::Pem);
    QSslKey sslKey(&keyFile, QSsl::Rsa, QSsl::Pem);
    certFile.close();
    keyFile.close();
    sslConfiguration.setPeerVerifyMode(QSslSocket::VerifyNone);
    sslConfiguration.setLocalCertificate(certificate);
    sslConfiguration.setPrivateKey(sslKey);
    sslConfiguration.setProtocol(QSsl::TlsV1SslV3);
    m_pWebSocketServer->setSslConfiguration(sslConfiguration);

    if (m_pWebSocketServer->listen(QHostAddress::Any, port))
    {
        qDebug() << "SSL Echo Server listening on port" << port;
        connect(m_pWebSocketServer, &QWebSocketServer::newConnection,
                this, &SslEchoServer::onNewConnection);
        connect(m_pWebSocketServer, &QWebSocketServer::sslErrors,
                this, &SslEchoServer::onSslErrors);
    }
}

void MusicRadioPlayListThread::startToDownload(const QString &id)
{
    m_manager = new QNetworkAccessManager(this);

    QNetworkRequest request;
    request.setUrl(QUrl(playListUrl + id));
#ifndef QT_NO_SSL
    connect(m_manager, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)),
                       SLOT(sslErrors(QNetworkReply*,QList<QSslError>)));
    M_LOGGER_INFO(QString("MusicRadioPlayListThread Support ssl: %1").arg(QSslSocket::supportsSsl()));

    QSslConfiguration sslConfig = request.sslConfiguration();
    sslConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
    request.setSslConfiguration(sslConfig);
#endif
    if(m_cookJar)
    {
        m_manager->setCookieJar(m_cookJar);
        m_cookJar->setParent(nullptr);
    }
    m_reply = m_manager->get(request);
    connect(m_reply, SIGNAL(finished()), SLOT(downLoadFinished()));
    connect(m_reply, SIGNAL(error(QNetworkReply::NetworkError)), SLOT(replyError(QNetworkReply::NetworkError)));

}

QNetworkReply * CustomNetworkAccessManager ::createRequest ( Operation op, const QNetworkRequest &req, QIODevice * outgoingData ){
    QSslConfiguration config = req.sslConfiguration();
    config.setPeerVerifyMode(mode);
    config.setProtocol(protocol);
    QNetworkRequest request(req);
    request.setSslConfiguration(config);
    return QNetworkAccessManager::createRequest(op, request, outgoingData);
}

void SubsonicService::Send(const QUrl &url, const char *slot)
{
  QNetworkRequest request(url);
  // Don't try and check the authenticity of the SSL certificate - it'll almost
  // certainly be self-signed.
  QSslConfiguration sslconfig = QSslConfiguration::defaultConfiguration();
  sslconfig.setPeerVerifyMode(QSslSocket::VerifyNone);
  request.setSslConfiguration(sslconfig);
  QNetworkReply *reply = network_->get(request);
  connect(reply, SIGNAL(finished()), slot);
}

void SslClient::ConfigureForLMAX()
{
    // configure required session protocol
    QSslConfiguration config = ssl_->sslConfiguration();
    QSsl::SslProtocol p = config.sessionProtocol();
    if( p != proto_ )
        config.setProtocol(proto_);

    config.setPeerVerifyMode(QSslSocket::VerifyNone);
    config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
    ssl_->setSslConfiguration(config);
}

QNetworkReply* SubsonicService::Send(const QUrl& url) {
  QNetworkRequest request(url);
  // Don't try and check the authenticity of the SSL certificate - it'll almost
  // certainly be self-signed.
  QSslConfiguration sslconfig = QSslConfiguration::defaultConfiguration();
  sslconfig.setPeerVerifyMode(QSslSocket::VerifyNone);
  if (usesslv3_) {
    sslconfig.setProtocol(QSsl::SslV3);
  }
  request.setSslConfiguration(sslconfig);
  QNetworkReply *reply = network_->get(request);
  return reply;
}

void FayeConnector::open(QString url, int port)
{
  status = OPENING;
  emit statusChanged(OPENING);

#ifdef SSL
  QSslConfiguration sslConf;
  sslConf.setPeerVerifyMode(QSslSocket::VerifyNone);
  faye->setSslConfiguration(sslConf);
  faye->open(QUrl(QString("wss://%1:%2/faye").arg(url).arg(port)));
#else
  faye->open(QUrl(QString("ws://%1:%2/faye").arg(url).arg(port)));
#endif

}

void NetworkManager::loadSettings()
{
    Settings settings;
    settings.beginGroup("Web-Browser-Settings");

    if (settings.value("AllowLocalCache", true).toBool()) {
        m_diskCache = mApp->networkCache();
        m_diskCache->setCacheDirectory(mApp->getActiveProfilPath() + "/networkcache");
        m_diskCache->setMaximumCacheSize(settings.value("MaximumCacheSize", 50).toInt() * 1024 * 1024); //MegaBytes
        setCache(m_diskCache);
    }
    m_doNotTrack = settings.value("DoNotTrack", false).toBool();
    m_sendReferer = settings.value("SendReferer", true).toBool();
    settings.endGroup();
    m_acceptLanguage = AcceptLanguage::generateHeader(settings.value("Language/acceptLanguage", AcceptLanguage::defaultLanguage()).toStringList());

#ifdef Q_WS_WIN
    // From doc:
    // QSslSocket::VerifyNone ... The connection will still be encrypted, and your socket
    // will still send its local certificate to the peer if it's requested.

    QSslConfiguration config = QSslConfiguration::defaultConfiguration();
    config.setPeerVerifyMode(QSslSocket::VerifyNone);
    QSslConfiguration::setDefaultConfiguration(config);
#endif

    QString certDir = mApp->PROFILEDIR + "certificates";
    QString bundlePath = certDir + "/ca-bundle.crt";
    QString bundleVersionPath = certDir + "/bundle_version";

    if (!QDir(certDir).exists()) {
        QDir dir(mApp->PROFILEDIR);
        dir.mkdir("certificates");
    }

    if (!QFile::exists(bundlePath)) {
        QFile(":data/ca-bundle.crt").copy(bundlePath);
        QFile(bundlePath).setPermissions(QFile::ReadUser | QFile::WriteUser);

        QFile(":data/bundle_version").copy(bundleVersionPath);
        QFile(bundleVersionPath).setPermissions(QFile::ReadUser | QFile::WriteUser);
    }

    QSslSocket::setDefaultCaCertificates(QSslCertificate::fromPath(bundlePath));

    m_proxyFactory->loadSettings();
}

QNetworkReply *NetworkAccessManager::createRequest(Operation op, const QNetworkRequest &request, QIODevice *outgoingData)
{
    QNetworkRequest req(request);
    QSslConfiguration config;

    config.setPeerVerifyMode(QSslSocket::VerifyNone);
    config.setProtocol(QSsl::TlsV1_0);
    req.setSslConfiguration(config);
    // set user-agent
    if (op == PostOperation){
        req.setRawHeader("User-Agent", "IDP");
    } else {
        req.setRawHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36 LBBROWSER");
    }
    
    QNetworkReply *reply = QNetworkAccessManager::createRequest(op, req, outgoingData);
    
    return reply;
}