Changeset 51734 in vbox for trunk/src/VBox/Frontends/VirtualBox

Timestamp:

Jun 26, 2014 9:28:58 AM (10 years ago)

Author:

vboxsync

Message:

FE/Qt: 7418: Network Manager: Save SSL certificates only if both downloaded/verified.

File:

• trunk/src/VBox/Frontends/VirtualBox/src/net/UINetworkReply.cpp (modified) (7 diffs)

trunk/src/VBox/Frontends/VirtualBox/src/net/UINetworkReply.cpp

@@ -77 +77 @@
     static int checkCertificates(RTHTTP pHttp, const QString &strFullCertificateFileName);
     static int downloadCertificates(RTHTTP pHttp, const QString &strFullCertificateFileName);
-    static int downloadCertificatePca3G5(RTHTTP pHttp, QFile &file);
-    static int downloadCertificatePca3(RTHTTP pHttp, QFile &file);
+    static int downloadCertificatePca3G5(RTHTTP pHttp, QByteArray &certificate);
+    static int downloadCertificatePca3(RTHTTP pHttp, QByteArray &certificate);
     static int verifyCertificatePca3G5(RTHTTP pHttp, QByteArray &certificate);
     static int verifyCertificatePca3(RTHTTP pHttp, QByteArray &certificate);
     static int verifyCertificate(RTHTTP pHttp, QByteArray &certificate, const QByteArray &sha1, const QByteArray &sha512);
+    static int saveCertificates(const QString &strFullCertificateFileName, const QByteArray &certificatePca3G5, const QByteArray &certificatePca3);
     static int saveCertificate(QFile &file, const QByteArray &certificate);
 
@@ -356 +357 @@
 int UINetworkReplyPrivateThread::downloadCertificates(RTHTTP pHttp, const QString &strFullCertificateFileName)
 {
-    /* Open certificates file: */
-    QFile file(strFullCertificateFileName);
-    bool fFileOpened = file.open(QIODevice::WriteOnly);
-    int rc = fFileOpened ? VINF_SUCCESS : VERR_OPEN_FAILED;
+    /* Prepare certificates: */
+    QByteArray certificatePca3G5;
+    QByteArray certificatePca3;
+    /* Prepare result: */
+    int rc = VINF_SUCCESS;
 
     /* Download PCA-3G5 certificate: */
     if (RT_SUCCESS(rc))
-        rc = downloadCertificatePca3G5(pHttp, file);
+        rc = downloadCertificatePca3G5(pHttp, certificatePca3G5);
     /* Download PCA-3 certificate: */
     if (RT_SUCCESS(rc))
-        rc = downloadCertificatePca3(pHttp, file);
-
-    /* Close certificates file: */
-    if (fFileOpened)
-        file.close();
+        rc = downloadCertificatePca3(pHttp, certificatePca3);
+
+    /* Save certificates: */
+    if (RT_SUCCESS(rc))
+        saveCertificates(strFullCertificateFileName, certificatePca3G5, certificatePca3);
 
     /* Return result-code: */
@@ -377 +379 @@
 
 /* static */
-int UINetworkReplyPrivateThread::downloadCertificatePca3G5(RTHTTP pHttp, QFile &file)
+int UINetworkReplyPrivateThread::downloadCertificatePca3G5(RTHTTP pHttp, QByteArray &certificate)
 {
     /* Receive certificate: */
-    QByteArray certificate;
     const QNetworkRequest address(QUrl("http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem"));
     int rc = performGetRequestForText(pHttp, address, certificate);
@@ -388 +389 @@
         rc = verifyCertificatePca3G5(pHttp, certificate);
 
-    /* Save certificate: */
-    if (RT_SUCCESS(rc))
-        rc = saveCertificate(file, certificate);
-
     /* Return result-code: */
     return rc;
@@ -397 +394 @@
 
 /* static */
-int UINetworkReplyPrivateThread::downloadCertificatePca3(RTHTTP pHttp, QFile &file)
+int UINetworkReplyPrivateThread::downloadCertificatePca3(RTHTTP pHttp, QByteArray &certificate)
 {
     /* Receive certificate: */
-    QByteArray certificate;
     const QNetworkRequest address(QUrl("http://www.verisign.com/repository/roots/root-certificates/PCA-3.pem"));
     int rc = performGetRequestForText(pHttp, address, certificate);
@@ -407 +403 @@
     if (RT_SUCCESS(rc))
         rc = verifyCertificatePca3(pHttp, certificate);
-
-    /* Save certificate: */
-    if (RT_SUCCESS(rc))
-        rc = saveCertificate(file, certificate);
 
     /* Return result-code: */
@@ -500 +492 @@
     RTMemFree(abSha1);
     RTMemFree(abSha512);
+
+    /* Return result-code: */
+    return rc;
+}
+
+/* static */
+int UINetworkReplyPrivateThread::saveCertificates(const QString &strFullCertificateFileName,
+                                                  const QByteArray &certificatePca3G5,
+                                                  const QByteArray &certificatePca3)
+{
+    /* Open certificates file: */
+    QFile file(strFullCertificateFileName);
+    bool fFileOpened = file.open(QIODevice::WriteOnly);
+    int rc = fFileOpened ? VINF_SUCCESS : VERR_OPEN_FAILED;
+
+    /* Save certificates: */
+    if (RT_SUCCESS(rc))
+        rc = saveCertificate(file, certificatePca3G5);
+    if (RT_SUCCESS(rc))
+        rc = saveCertificate(file, certificatePca3);
+
+    /* Close certificates file: */
+    if (fFileOpened)
+        file.close();
 
     /* Return result-code: */