QGIS API Documentation  3.21.0-Master (5b68dc587e)
qgsauthsslconfigwidget.cpp
Go to the documentation of this file.
1 /***************************************************************************
2  qgsauthsslconfigwidget.cpp
3  ---------------------
4  begin : May 17, 2015
5  copyright : (C) 2015 by Boundless Spatial, Inc. USA
6  author : Larry Shaffer
7  email : lshaffer at boundlessgeo dot com
8  ***************************************************************************
9  * *
10  * This program is free software; you can redistribute it and/or modify *
11  * it under the terms of the GNU General Public License as published by *
12  * the Free Software Foundation; either version 2 of the License, or *
13  * (at your option) any later version. *
14  * *
15  ***************************************************************************/
16 
17 #include "qgsauthsslconfigwidget.h"
18 #include "qgsauthcertificateinfo.h"
19 
20 #include <QDialogButtonBox>
21 #include <QPushButton>
22 #include <QSpinBox>
23 #include <QUrl>
24 
25 #include "qgsauthguiutils.h"
26 #include "qgsauthmanager.h"
27 #include "qgslogger.h"
28 #include "qgsapplication.h"
29 
30 
31 static void setItemBold_( QTreeWidgetItem *item )
32 {
33  item->setFirstColumnSpanned( true );
34  QFont secf( item->font( 0 ) );
35  secf.setBold( true );
36  item->setFont( 0, secf );
37 }
38 
39 static const QString configFoundText_() { return QObject::tr( "Configuration loaded from database" ); }
40 static const QString configNotFoundText_() { return QObject::tr( "Configuration not found in database" ); }
41 
43  const QSslCertificate &cert,
44  const QString &hostport,
45  const QList<QSslCertificate> &connectionCAs )
46  : QWidget( parent )
47  , mCert( nullptr )
48  , mConnectionCAs( connectionCAs )
49 {
50  if ( QgsApplication::authManager()->isDisabled() )
51  {
52  mDisabled = true;
53  mAuthNotifyLayout = new QVBoxLayout;
54  this->setLayout( mAuthNotifyLayout );
55  mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );
56  mAuthNotifyLayout->addWidget( mAuthNotify );
57  }
58  else
59  {
60  setupUi( this );
61  connect( btnCertInfo, &QToolButton::clicked, this, &QgsAuthSslConfigWidget::btnCertInfo_clicked );
62 
63  connect( grpbxSslConfig, &QGroupBox::toggled, this, &QgsAuthSslConfigWidget::configEnabledChanged );
66 
67  setUpSslConfigTree();
68 
69  lblLoadedConfig->setVisible( false );
70  lblLoadedConfig->clear();
71 
72  connect( leHost, &QLineEdit::textChanged,
74 
75  if ( !cert.isNull() )
76  {
77  setSslCertificate( cert, hostport );
78  }
79  }
80 }
81 
83 {
84  if ( mDisabled )
85  {
86  return nullptr;
87  }
88  return grpbxCert;
89 }
90 
92 {
93  if ( mDisabled )
94  {
95  return nullptr;
96  }
97  return grpbxSslConfig;
98 }
99 
100 // private
101 QTreeWidgetItem *QgsAuthSslConfigWidget::addRootItem( const QString &label )
102 {
103  QTreeWidgetItem *item = new QTreeWidgetItem(
104  QStringList() << label,
105  static_cast<int>( ConfigParent ) );
106  setItemBold_( item );
107  item->setTextAlignment( 0, Qt::AlignVCenter );
108  item->setFlags( item->flags() & ~Qt::ItemIsSelectable );
109  treeSslConfig->insertTopLevelItem( treeSslConfig->topLevelItemCount(), item );
110 
111  return item;
112 }
113 
114 void QgsAuthSslConfigWidget::setUpSslConfigTree()
115 {
116  treeSslConfig->setColumnCount( 1 );
117 
118  // add config field names
119  mProtocolItem = addRootItem( tr( "Protocol" ) );
120  mProtocolCmbBx = new QComboBox( treeSslConfig );
121  mProtocolCmbBx->addItem( QgsAuthCertUtils::getSslProtocolName( QSsl::SecureProtocols ),
122  static_cast<int>( QSsl::SecureProtocols ) );
123 #if QT_VERSION < QT_VERSION_CHECK(5, 15, 0)
124  mProtocolCmbBx->addItem( QgsAuthCertUtils::getSslProtocolName( QSsl::TlsV1SslV3 ),
125  static_cast<int>( QSsl::TlsV1SslV3 ) );
126 #endif
127  mProtocolCmbBx->addItem( QgsAuthCertUtils::getSslProtocolName( QSsl::TlsV1_0 ),
128  static_cast<int>( QSsl::TlsV1_0 ) );
129 #if QT_VERSION < QT_VERSION_CHECK(5, 15, 0)
130  mProtocolCmbBx->addItem( QgsAuthCertUtils::getSslProtocolName( QSsl::SslV3 ),
131  static_cast<int>( QSsl::SslV3 ) );
132  mProtocolCmbBx->addItem( QgsAuthCertUtils::getSslProtocolName( QSsl::SslV2 ),
133  static_cast<int>( QSsl::SslV2 ) );
134 #endif
135  mProtocolCmbBx->setMaximumWidth( 300 );
136  mProtocolCmbBx->setCurrentIndex( 0 );
137  QTreeWidgetItem *protocolitem = new QTreeWidgetItem(
138  mProtocolItem,
139  QStringList() << QString(),
140  static_cast<int>( ConfigItem ) );
141  protocolitem->setFlags( protocolitem->flags() & ~Qt::ItemIsSelectable );
142  treeSslConfig->setItemWidget( protocolitem, 0, mProtocolCmbBx );
143  mProtocolItem->setExpanded( true );
144 
145  mVerifyModeItem = addRootItem( tr( "Peer verification" ) );
146  mVerifyPeerCmbBx = new QComboBox( treeSslConfig );
147  mVerifyPeerCmbBx->addItem( tr( "Verify Peer Certs" ),
148  static_cast<int>( QSslSocket::VerifyPeer ) );
149  mVerifyPeerCmbBx->addItem( tr( "Do Not Verify Peer Certs" ),
150  static_cast<int>( QSslSocket::VerifyNone ) );
151  mVerifyPeerCmbBx->setMaximumWidth( 300 );
152  mVerifyPeerCmbBx->setCurrentIndex( 0 );
153  QTreeWidgetItem *peerverifycmbxitem = new QTreeWidgetItem(
154  mVerifyModeItem,
155  QStringList() << QString(),
156  static_cast<int>( ConfigItem ) );
157  peerverifycmbxitem->setFlags( peerverifycmbxitem->flags() & ~Qt::ItemIsSelectable );
158  treeSslConfig->setItemWidget( peerverifycmbxitem, 0, mVerifyPeerCmbBx );
159  mVerifyModeItem->setExpanded( true );
160 
161  mVerifyDepthItem = addRootItem( tr( "Peer verification depth (0 = complete cert chain)" ) );
162  mVerifyDepthSpnBx = new QSpinBox( treeSslConfig );
163  mVerifyDepthSpnBx->setMinimum( 0 );
164  mVerifyDepthSpnBx->setMaximum( 10 );
165  mVerifyDepthSpnBx->setMaximumWidth( 200 );
166  mVerifyDepthSpnBx->setAlignment( Qt::AlignHCenter );
167  QTreeWidgetItem *peerverifyspnbxitem = new QTreeWidgetItem(
168  mVerifyDepthItem,
169  QStringList() << QString(),
170  static_cast<int>( ConfigItem ) );
171  peerverifyspnbxitem->setFlags( peerverifyspnbxitem->flags() & ~Qt::ItemIsSelectable );
172  treeSslConfig->setItemWidget( peerverifyspnbxitem, 0, mVerifyDepthSpnBx );
173  mVerifyDepthItem->setExpanded( true );
174 
175  mIgnoreErrorsItem = addRootItem( tr( "Ignore errors" ) );
176 
177  const QList<QPair<QSslError::SslError, QString> > errenums = QgsAuthCertUtils::sslErrorEnumStrings();
178  for ( int i = 0; i < errenums.size(); i++ )
179  {
180  QTreeWidgetItem *item = new QTreeWidgetItem(
181  mIgnoreErrorsItem,
182  QStringList() << errenums.at( i ).second,
183  static_cast<int>( ConfigItem ) );
184  item->setCheckState( 0, Qt::Unchecked );
185  item->setTextAlignment( 0, Qt::AlignVCenter );
186  item->setFlags( item->flags() & ~Qt::ItemIsSelectable );
187  item->setData( 0, Qt::UserRole, errenums.at( i ).first );
188  }
189  mIgnoreErrorsItem->setExpanded( true );
190 }
191 
193 {
194  QgsAuthConfigSslServer config;
195  if ( mDisabled )
196  {
197  return config;
198  }
199  config.setSslCertificate( mCert );
200  config.setSslHostPort( leHost->text() );
201  config.setSslProtocol( sslProtocol() );
205  return config;
206 }
207 
209 {
210  if ( mDisabled )
211  {
212  return QSslCertificate();
213  }
214  return mCert;
215 }
216 
218 {
219  if ( mDisabled )
220  {
221  return QString();
222  }
223  return leHost->text();
224 }
225 
227 {
228  if ( mDisabled )
229  {
230  return;
231  }
232  if ( grpbxSslConfig->isCheckable() )
233  {
234  grpbxSslConfig->setChecked( enable );
235  }
236 }
237 
238 void QgsAuthSslConfigWidget::setSslCertificate( const QSslCertificate &cert, const QString &hostport )
239 {
240  if ( mDisabled )
241  {
242  return;
243  }
244  if ( cert.isNull() )
245  {
246  return;
247  }
248  mCert = cert;
249 
250  if ( !hostport.isEmpty() )
251  {
252  setSslHost( hostport );
253  }
254 
255  const QString sha( QgsAuthCertUtils::shaHexForCert( cert ) );
256  const QgsAuthConfigSslServer config(
257  QgsApplication::authManager()->sslCertCustomConfig( sha, hostport.isEmpty() ? sslHost() : hostport ) );
258 
259  emit certFoundInAuthDatabase( !config.isNull() );
260 
261  lblLoadedConfig->setVisible( true );
262  if ( !config.isNull() )
263  {
264  loadSslCustomConfig( config );
265  leCommonName->setStyleSheet( QgsAuthGuiUtils::greenTextStyleSheet() );
266  }
267  else
268  {
269  lblLoadedConfig->setText( configNotFoundText_() );
270  leCommonName->setText( QgsAuthCertUtils::resolvedCertName( mCert ) );
271  leCommonName->setStyleSheet( QgsAuthGuiUtils::orangeTextStyleSheet() );
272  }
273  validateHostPortText( leHost->text() );
274 }
275 
277 {
278  if ( mDisabled )
279  {
280  return;
281  }
283  if ( config.isNull() )
284  {
285  QgsDebugMsg( QStringLiteral( "Passed-in SSL custom config is null" ) );
286  return;
287  }
288 
289  const QSslCertificate cert( config.sslCertificate() );
290  if ( cert.isNull() )
291  {
292  QgsDebugMsg( QStringLiteral( "SSL custom config's cert is null" ) );
293  return;
294  }
295 
296  enableSslCustomOptions( true );
297  mCert = cert;
298  leCommonName->setText( QgsAuthCertUtils::resolvedCertName( cert ) );
299  leHost->setText( config.sslHostPort() );
301  setSslProtocol( config.sslProtocol() );
303 
304  lblLoadedConfig->setVisible( true );
305  lblLoadedConfig->setText( configFoundText_() );
306 }
307 
309 {
310  if ( mDisabled )
311  {
312  return;
313  }
314  if ( !QgsApplication::authManager()->storeSslCertCustomConfig( sslCustomConfig() ) )
315  {
316  QgsDebugMsg( QStringLiteral( "SSL custom config FAILED to store in authentication database" ) );
317  }
318 }
319 
321 {
322  if ( mDisabled )
323  {
324  return;
325  }
326  mCert.clear();
327  mConnectionCAs.clear();
328  leCommonName->clear();
329  leCommonName->setStyleSheet( QString() );
330  leHost->clear();
331 
332  lblLoadedConfig->setVisible( false );
333  lblLoadedConfig->clear();
337  enableSslCustomOptions( false );
338 }
339 
341 {
342  if ( mDisabled )
343  {
344  return QSsl::UnknownProtocol;
345  }
346  return ( QSsl::SslProtocol )mProtocolCmbBx->currentData().toInt();
347 }
348 
349 void QgsAuthSslConfigWidget::setSslProtocol( QSsl::SslProtocol protocol )
350 {
351  if ( mDisabled )
352  {
353  return;
354  }
355  const int indx( mProtocolCmbBx->findData( static_cast<int>( protocol ) ) );
356  mProtocolCmbBx->setCurrentIndex( indx );
357 }
358 
360 {
361  if ( mDisabled )
362  {
363  return;
364  }
365  mProtocolCmbBx->setCurrentIndex( 0 );
366 }
367 
368 void QgsAuthSslConfigWidget::appendSslIgnoreErrors( const QList<QSslError> &errors )
369 {
370  if ( mDisabled )
371  {
372  return;
373  }
374  enableSslCustomOptions( true );
375 
376  QList<QSslError::SslError> errenums;
377  const auto constErrors = errors;
378  for ( const QSslError &err : constErrors )
379  {
380  errenums << err.error();
381  }
382 
383  for ( int i = 0; i < mIgnoreErrorsItem->childCount(); i++ )
384  {
385  QTreeWidgetItem *item( mIgnoreErrorsItem->child( i ) );
386  if ( errenums.contains( ( QSslError::SslError )item->data( 0, Qt::UserRole ).toInt() ) )
387  {
388  item->setCheckState( 0, Qt::Checked );
389  }
390  }
391 }
392 
393 void QgsAuthSslConfigWidget::setSslIgnoreErrorEnums( const QList<QSslError::SslError> &errorenums )
394 {
395  if ( mDisabled )
396  {
397  return;
398  }
399  QList<QSslError> errors;
400  const auto constErrorenums = errorenums;
401  for ( const QSslError::SslError errorenum : constErrorenums )
402  {
403  errors << QSslError( errorenum );
404  }
405  setSslIgnoreErrors( errors );
406 }
407 
408 void QgsAuthSslConfigWidget::setSslIgnoreErrors( const QList<QSslError> &errors )
409 {
410  if ( mDisabled )
411  {
412  return;
413  }
414  if ( errors.isEmpty() )
415  {
416  return;
417  }
418 
419  enableSslCustomOptions( true );
420 
421  QList<QSslError::SslError> errenums;
422  const auto constErrors = errors;
423  for ( const QSslError &err : constErrors )
424  {
425  errenums << err.error();
426  }
427 
428  for ( int i = 0; i < mIgnoreErrorsItem->childCount(); i++ )
429  {
430  QTreeWidgetItem *item( mIgnoreErrorsItem->child( i ) );
431  const bool enable( errenums.contains( ( QSslError::SslError )item->data( 0, Qt::UserRole ).toInt() ) );
432  item->setCheckState( 0, enable ? Qt::Checked : Qt::Unchecked );
433  }
434 }
435 
437 {
438  if ( mDisabled )
439  {
440  return;
441  }
442  for ( int i = 0; i < mIgnoreErrorsItem->childCount(); i++ )
443  {
444  mIgnoreErrorsItem->child( i )->setCheckState( 0, Qt::Unchecked );
445  }
446 }
447 
448 const QList<QSslError::SslError> QgsAuthSslConfigWidget::sslIgnoreErrorEnums()
449 {
450  QList<QSslError::SslError> errs;
451  if ( mDisabled )
452  {
453  return errs;
454  }
455  for ( int i = 0; i < mIgnoreErrorsItem->childCount(); i++ )
456  {
457  QTreeWidgetItem *item( mIgnoreErrorsItem->child( i ) );
458  if ( item->checkState( 0 ) == Qt::Checked )
459  {
460  errs.append( ( QSslError::SslError )item->data( 0, Qt::UserRole ).toInt() );
461  }
462  }
463  return errs;
464 }
465 
466 QSslSocket::PeerVerifyMode QgsAuthSslConfigWidget::sslPeerVerifyMode()
467 {
468  if ( mDisabled )
469  {
470  return QSslSocket::AutoVerifyPeer;
471  }
472  return ( QSslSocket::PeerVerifyMode )mVerifyPeerCmbBx->currentData().toInt();
473 }
474 
476 {
477  if ( mDisabled )
478  {
479  return 0;
480  }
481  return mVerifyDepthSpnBx->value();
482 }
483 
484 void QgsAuthSslConfigWidget::setSslPeerVerify( QSslSocket::PeerVerifyMode mode, int modedepth )
485 {
486  if ( mDisabled )
487  {
488  return;
489  }
490  enableSslCustomOptions( true );
491 
492  const int indx( mVerifyPeerCmbBx->findData( static_cast<int>( mode ) ) );
493  mVerifyPeerCmbBx->setCurrentIndex( indx );
494 
495  mVerifyDepthSpnBx->setValue( modedepth );
496 }
497 
499 {
500  if ( mDisabled )
501  {
502  return;
503  }
504  mVerifyPeerCmbBx->setCurrentIndex( 0 );
505  mVerifyDepthSpnBx->setValue( 0 );
506 }
507 
509 {
510  if ( mDisabled )
511  {
512  return false;
513  }
514  const bool cansave = ( isEnabled()
515  && ( grpbxSslConfig->isCheckable() ? grpbxSslConfig->isChecked() : true )
516  && validateHostPort( leHost->text() ) );
517  if ( mCanSave != cansave )
518  {
519  mCanSave = cansave;
520  emit readyToSaveChanged( cansave );
521  }
522  return cansave;
523 }
524 
525 void QgsAuthSslConfigWidget::setSslHost( const QString &host )
526 {
527  if ( mDisabled )
528  {
529  return;
530  }
531  leHost->setText( host );
532 }
533 
534 bool QgsAuthSslConfigWidget::validateHostPort( const QString &txt )
535 {
536  const QString hostport( txt );
537  if ( hostport.isEmpty() )
538  {
539  return false;
540  }
541 
542  // TODO: add QRegex checks against valid IP and domain.tld input
543  // i.e., currently accepts unlikely (though maybe valid) host:port combo, like 'a:1'
544  const QString urlbase( QStringLiteral( "https://%1" ).arg( hostport ) );
545  const QUrl url( urlbase );
546  return ( !url.host().isEmpty() && QString::number( url.port() ).size() > 0
547  && QStringLiteral( "https://%1:%2" ).arg( url.host() ).arg( url.port() ) == urlbase );
548 }
549 
551 {
552  if ( mDisabled )
553  {
554  return;
555  }
556  const bool valid = validateHostPort( txt );
557  leHost->setStyleSheet( valid ? QgsAuthGuiUtils::greenTextStyleSheet()
559  emit hostPortValidityChanged( valid );
560 }
561 
563 {
564  if ( mDisabled )
565  {
566  return;
567  }
568  grpbxSslConfig->setCheckable( checkable );
569  if ( !checkable )
570  {
571  grpbxSslConfig->setEnabled( true );
572  }
573 }
574 
575 void QgsAuthSslConfigWidget::btnCertInfo_clicked()
576 {
577  if ( mCert.isNull() )
578  {
579  return;
580  }
581 
582  QgsAuthCertInfoDialog *dlg = new QgsAuthCertInfoDialog( mCert, false, this, mConnectionCAs );
583  dlg->setWindowModality( Qt::WindowModal );
584  dlg->resize( 675, 500 );
585  dlg->exec();
586  dlg->deleteLater();
587 }
588 
589 
591 
592 QgsAuthSslConfigDialog::QgsAuthSslConfigDialog( QWidget *parent, const QSslCertificate &cert, const QString &hostport )
593  : QDialog( parent )
594 
595 {
596  setWindowTitle( tr( "Custom Certificate Configuration" ) );
597  QVBoxLayout *layout = new QVBoxLayout( this );
598  layout->setContentsMargins( 6, 6, 6, 6 );
599 
600  mSslConfigWdgt = new QgsAuthSslConfigWidget( this, cert, hostport );
601  connect( mSslConfigWdgt, &QgsAuthSslConfigWidget::readyToSaveChanged,
602  this, &QgsAuthSslConfigDialog::checkCanSave );
603  layout->addWidget( mSslConfigWdgt );
604 
605  QDialogButtonBox *buttonBox = new QDialogButtonBox(
606  QDialogButtonBox::Close | QDialogButtonBox::Save, Qt::Horizontal, this );
607 
608  buttonBox->button( QDialogButtonBox::Close )->setDefault( true );
609  mSaveButton = buttonBox->button( QDialogButtonBox::Save );
610  connect( buttonBox, &QDialogButtonBox::rejected, this, &QWidget::close );
611  connect( buttonBox, &QDialogButtonBox::accepted, this, &QgsAuthSslConfigDialog::accept );
612  layout->addWidget( buttonBox );
613 
614  setLayout( layout );
615  mSaveButton->setEnabled( mSslConfigWdgt->readyToSave() );
616 }
617 
619 {
620  mSslConfigWdgt->saveSslCertConfig();
621  QDialog::accept();
622 }
623 
624 void QgsAuthSslConfigDialog::checkCanSave( bool cansave )
625 {
626  mSaveButton->setEnabled( cansave );
627 }
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Dialog wrapper for widget displaying detailed info on a certificate and its hierarchical trust chain.
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Gets the general name via RFC 5280 resolution.
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Gets the sha1 hash for certificate.
static QString getSslProtocolName(QSsl::SslProtocol protocol)
SSL Protocol name strings per enum.
static QList< QPair< QSslError::SslError, QString > > sslErrorEnumStrings()
Gets short strings describing SSL errors.
Configuration container for SSL server connection exceptions or overrides.
void setSslProtocol(QSsl::SslProtocol protocol)
Sets SSL server protocol to use in connections.
void setSslCertificate(const QSslCertificate &cert)
Sets server certificate object.
void setSslHostPort(const QString &hostport)
Sets server host:port string.
QSsl::SslProtocol sslProtocol() const
SSL server protocol to use in connections.
void setSslPeerVerifyMode(QSslSocket::PeerVerifyMode mode)
Sets SSL client's peer verify mode to use in connections.
void setSslPeerVerifyDepth(int depth)
Set number or SSL client's peer to verify in connections.
const QList< QSslError::SslError > sslIgnoredErrorEnums() const
SSL server errors (as enum list) to ignore in connections.
int sslPeerVerifyDepth() const
Number or SSL client's peer to verify in connections.
bool isNull() const
Whether configuration is null (missing components)
void setSslIgnoredErrorEnums(const QList< QSslError::SslError > &errors)
Sets SSL server errors (as enum list) to ignore in connections.
QSslSocket::PeerVerifyMode sslPeerVerifyMode() const
SSL client's peer verify mode to use in connections.
const QSslCertificate sslCertificate() const
Server certificate object.
const QString sslHostPort() const
Server host:port string.
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
static QString orangeTextStyleSheet(const QString &selector="*")
Orange text stylesheet representing loaded component, but not stored in database.
QgsAuthSslConfigDialog(QWidget *parent=nullptr, const QSslCertificate &cert=QSslCertificate(), const QString &hostport=QString())
Construct wrapper dialog for the SSL config widget.
Widget for editing an SSL server configuration.
QgsAuthSslConfigWidget(QWidget *parent=nullptr, const QSslCertificate &cert=QSslCertificate(), const QString &hostport=QString(), const QList< QSslCertificate > &connectionCAs=QList< QSslCertificate >())
Construct a widget for editing an SSL server certificate configuration.
const QSslCertificate sslCertificate()
Gets the SSL server certificate.
void validateHostPortText(const QString &txt)
Parse string for host:port.
void setSslPeerVerify(QSslSocket::PeerVerifyMode mode, int modedepth)
Sets the client's peer verify mode for connections.
QSslSocket::PeerVerifyMode sslPeerVerifyMode()
Gets the client's peer verify mode for connections.
QSsl::SslProtocol sslProtocol()
Gets the SSL protocol used for connections.
QGroupBox * sslConfigGroupBox()
Access to the SSL configuration's group box widget.
const QString sslHost()
Gets the host:port to associate with the server certificate.
void resetSslCertConfig()
Clear the current SSL server configuration and disabled it.
void setSslCertificate(const QSslCertificate &cert, const QString &hostport=QString())
Sets SSl certificate and any associated host:port.
void saveSslCertConfig()
Save the current SSL server configuration to the authentication database.
void certFoundInAuthDatabase(bool found)
Emitted when an certificate of same SHA hash is found in authentication database.
void resetSslProtocol()
Reset the SSL protocol to use in connections to the default.
void setSslHost(const QString &host)
Sets the host of the server.
void appendSslIgnoreErrors(const QList< QSslError > &errors)
Add to SSL errors to ignore for the connection.
void hostPortValidityChanged(bool valid)
Emitted when the validity of the host:port changes.
void setSslIgnoreErrorEnums(const QList< QSslError::SslError > &errorenums)
Sets the SSL errors (as enums) to ignore for the connection.
void readyToSaveChanged(bool cansave)
Emitted when the configuration can be saved changes.
void resetSslIgnoreErrors()
Clear the SSL errors to ignore for the connection.
void configEnabledChanged(bool enabled)
Emitted when the enabled state of the configuration changes.
void setSslIgnoreErrors(const QList< QSslError > &errors)
Sets the SSL errors to ignore for the connection.
int sslPeerVerifyDepth()
Gets the client's peer verify depth for connections.
void loadSslCustomConfig(const QgsAuthConfigSslServer &config=QgsAuthConfigSslServer())
Load an existing SSL server configuration.
const QList< QSslError::SslError > sslIgnoreErrorEnums()
Gets list of the SSL errors (as enums) to be ignored for connections.
bool readyToSave()
Verify if the configuration if ready to save.
void setSslProtocol(QSsl::SslProtocol protocol)
Sets the SSL protocol to use in connections.
QGroupBox * certificateGroupBox()
Access to the certificate's group box widget.
void enableSslCustomOptions(bool enable)
Enable or disable the custom options widget.
void resetSslPeerVerify()
Reset the client's peer verify mode for connections to default.
void setConfigCheckable(bool checkable)
Sets whether the config group box is checkable.
const QgsAuthConfigSslServer sslCustomConfig()
Gets the SSL configuration.
#define QgsDebugMsg(str)
Definition: qgslogger.h:38