VirtualBox

Changeset 49105 in vbox for trunk/src


Ignore:
Timestamp:
Oct 15, 2013 7:40:51 AM (11 years ago)
Author:
vboxsync
Message:

FE/Qt: temporarily add the intermediate certificate as long as the servers are not fixed

Location:
trunk/src/VBox/Frontends/VirtualBox
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Frontends/VirtualBox/Makefile.kmk

    r48996 r49105  
    695695        src/wizards/firstrun/UIWizardFirstRunPageBasic.cpp
    696696
     697ifndef VBOX_OSE
     698 VirtualBox_SOURCES += \
     699        src/net/Intermediate.cpp
     700endif
     701
    697702VirtualBox_SOURCES.darwin += \
    698703        src/platform/darwin/UIAbstractDockIconPreview.cpp \

  • trunk/src/VBox/Frontends/VirtualBox/src/net/UINetworkReply.cpp

    r45574 r49105  
    8080    static int verifyCertificatePca3G5(RTHTTP pHttp, QByteArray &certificate);
    8181    static int verifyCertificatePca3(RTHTTP pHttp, QByteArray &certificate);
     82    static int verifyCertificatePca3IntG3(RTHTTP pHttp, QByteArray &certificate);
    8283    static int verifyCertificate(RTHTTP pHttp, QByteArray &certificate, const QByteArray &sha1, const QByteArray &sha512);
    8384    static int saveCertificate(QFile &file, const QByteArray &certificate);
     
    292293#ifdef Q_WS_WIN
    293294        QRegExp regExp("(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\r\\n]+-{5}END CERTIFICATE-{5})\\r\\n"
     295# ifndef VBOX_OSE
     296                       "(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\r\\n]+-{5}END CERTIFICATE-{5})\\r\\n"
     297# endif
    294298                       "(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\r\\n]+-{5}END CERTIFICATE-{5})");
    295299#else /* Q_WS_WIN */
    296300        QRegExp regExp("(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\n]+-{5}END CERTIFICATE-{5})\\n"
     301# ifndef VBOX_OSE
     302                       "(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\n]+-{5}END CERTIFICATE-{5})\\n"
     303# endif
    297304                       "(-{5}BEGIN CERTIFICATE-{5}[\\s\\S\\n]+-{5}END CERTIFICATE-{5})");
    298305#endif /* !Q_WS_WIN */
     
    313320            rc = verifyCertificatePca3(pHttp, certificate);
    314321        }
     322#ifndef VBOX_OSE
     323        if (RT_SUCCESS(rc))
     324        {
     325            QByteArray certificate = regExp.cap(3).toAscii();
     326            rc = verifyCertificatePca3IntG3(pHttp, certificate);
     327        }
     328#endif
    315329    }
    316330
     
    337351    if (RT_SUCCESS(rc))
    338352        rc = downloadCertificatePca3(pHttp, file);
     353#ifndef VBOX_OSE
     354    /* Write the intermediate certificate: */
     355    if (RT_SUCCESS(rc))
     356    {
     357        /* Unfortunately the "VeriSign Class 3 International Server CA - G3" certificate
     358         * cannot be downloaded directly so we include a static copy here. */
     359        extern const char *g_pcszIntermediateCert;
     360        rc = file.write(g_pcszIntermediateCert) != -1 ? VINF_SUCCESS : VERR_WRITE_ERROR;
     361    }
     362    /* Add 'new-line' character: */
     363    if (RT_SUCCESS(rc))
     364# ifdef Q_WS_WIN
     365        rc = file.write("\r\n") != -1 ? VINF_SUCCESS : VERR_WRITE_ERROR;
     366# else /* Q_WS_WIN */
     367        rc = file.write("\n") != -1 ? VINF_SUCCESS : VERR_WRITE_ERROR;
     368# endif /* !Q_WS_WIN */
     369#endif
    339370
    340371    /* Close certificates file: */
     
    442473}
    443474
     475#ifndef VBOX_OSE
     476int UINetworkReplyPrivateThread::verifyCertificatePca3IntG3(RTHTTP pHttp, QByteArray &certificate)
     477{
     478    /* PCA 3 secure hash algorithm 1: */
     479    const unsigned char baSha1PCA3Int[] =
     480    {
     481        0xb1, 0x8d, 0x9d, 0x19, 0x56, 0x69, 0xba, 0x0f, 0x78, 0x29,
     482        0x51, 0x75, 0x66, 0xc2, 0x5f, 0x42, 0x2a, 0x27, 0x71, 0x04
     483    };
     484    /* PCA 3 secure hash algorithm 512: */
     485    const unsigned char baSha512PCA3Int[] =
     486    {
     487        0x43, 0x5a, 0xca, 0x67, 0x0a, 0xe4, 0x17, 0xfc,
     488        0x2d, 0xcd, 0xe9, 0x6c, 0x40, 0xde, 0x66, 0xed,
     489        0x39, 0x63, 0xfb, 0xe4, 0xd5, 0x60, 0xb8, 0xcc,
     490        0x83, 0x37, 0xc8, 0x50, 0x03, 0x2d, 0xb9, 0x1f,
     491        0x58, 0x02, 0x92, 0xcd, 0x2f, 0x66, 0xe8, 0x7c,
     492        0x2a, 0x70, 0x52, 0xce, 0x6d, 0xeb, 0x4d, 0x52,
     493        0x8a, 0x2a, 0x32, 0xc1, 0x15, 0x26, 0x63, 0x0c,
     494        0xbb, 0xc1, 0x64, 0x76, 0x9d, 0x54, 0x09, 0x0f
     495    };
     496    QByteArray pca3intsha1 = QByteArray::fromRawData((const char *)baSha1PCA3Int, sizeof(baSha1PCA3Int));
     497    QByteArray pca3intsha512 = QByteArray::fromRawData((const char *)baSha512PCA3Int, sizeof(baSha512PCA3Int));
     498
     499    return verifyCertificate(pHttp, certificate, pca3intsha1, pca3intsha512);
     500}
     501#endif
     502
    444503/* static */
    445504int UINetworkReplyPrivateThread::verifyCertificate(RTHTTP pHttp, QByteArray &certificate, const QByteArray &sha1, const QByteArray &sha512)
     
    459518    /* Verify digest: */
    460519    if (cbSha1 != (size_t)sha1.size())
    461     {
    462520        rc = VERR_HTTP_CACERT_WRONG_FORMAT;
    463     }
    464521    else if (memcmp(sha1.constData(), abSha1, cbSha1))
    465     {
    466522        rc = VERR_HTTP_CACERT_WRONG_FORMAT;
    467     }
    468523    if (cbSha512 != (size_t)sha512.size())
    469     {
    470524        rc = VERR_HTTP_CACERT_WRONG_FORMAT;
    471     }
    472525    else if (memcmp(sha512.constData(), abSha512, cbSha512))
    473     {
    474526        rc = VERR_HTTP_CACERT_WRONG_FORMAT;
    475     }
    476527
    477528    /* Cleanup digest: */
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette