Browse Source

Fixed handling of certificate "permanent" acceptance. This relates to

bug 1287.
Signed-off-by: Emanoil Kotsev <deloptes@gmail.com>

Partially cleaned up and modified.
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
pull/1/head
Emanoil Kotsev 2 years ago
parent
commit
7406ed0563
1 changed files with 27 additions and 10 deletions
  1. 27
    10
      tdeio/misc/kssld/kssld.cpp

+ 27
- 10
tdeio/misc/kssld/kssld.cpp View File

@@ -71,8 +71,13 @@ static void updatePoliciesConfig(TDEConfig *cfg) {
71 71
 
72 72
 		cfg->setGroup(*i);
73 73
 
74
+		bool permanent = cfg->readBoolEntry("Permanent");
75
+		TQDateTime expires = cfg->readDateTimeEntry("Expires");
76
+		kdDebug(7029) << "static void updatePoliciesConfig(TDEConfig *cfg) permanent: " << permanent << endl;
77
+		kdDebug(7029) << "static void updatePoliciesConfig(TDEConfig *cfg) expires: " << expires.toString() << endl;
78
+
74 79
 		// remove it if it has expired
75
-		if (!cfg->readBoolEntry("Permanent") && cfg->readDateTimeEntry("Expires") < TQDateTime::currentDateTime()) {
80
+		if (!permanent && expires < TQDateTime::currentDateTime()) {
76 81
 			cfg->deleteGroup(*i);
77 82
 			continue;
78 83
 		}
@@ -86,8 +91,6 @@ static void updatePoliciesConfig(TDEConfig *cfg) {
86 91
 		}
87 92
 
88 93
 		KSSLCertificateCache::KSSLCertificatePolicy policy = (KSSLCertificateCache::KSSLCertificatePolicy) cfg->readNumEntry("Policy");
89
-		bool permanent = cfg->readBoolEntry("Permanent");
90
-		TQDateTime expires = cfg->readDateTimeEntry("Expires");
91 94
 		TQStringList hosts = cfg->readListEntry("Hosts");
92 95
 		TQStringList chain = cfg->readListEntry("Chain");
93 96
 		cfg->deleteGroup(*i);
@@ -182,7 +185,7 @@ KSSLCNode *node;
182 185
 			for (KSSLCertificate *c = cl.first();
183 186
 							c != 0;
184 187
 							c = cl.next()) {
185
-				//kdDebug() << "Certificate in chain: "
188
+				//kdDebug(7029) << "Certificate in chain: "
186 189
 				//	    <<  c->toString() << endl;
187 190
 				qsl << c->toString();
188 191
 			}
@@ -275,14 +278,23 @@ KSSLCNode *node;
275 278
 	for (node = certList.first(); node; node = certList.next()) {
276 279
 		if (cert == *(node->cert)) {
277 280
 			node->policy = policy;
278
-			node->permanent = permanent;
281
+		
282
+			if (!permanent) // check if we've set it to permanent before
283
+			   node->permanent = cacheIsPermanent(cert);
284
+			else
285
+			   node->permanent = true;
279 286
 
280
-			if (!permanent) {
287
+			if ( !node->permanent ) {
281 288
 				node->expires = TQDateTime::currentDateTime();
282 289
 				// FIXME: make this configurable
283 290
 				node->expires = TQT_TQDATETIME_OBJECT(node->expires.addSecs(3600));
291
+			} else {
292
+				if ( !node->expires.isValid() )
293
+					node->expires = node->cert->getQDTNotAfter(); // set to certs expiry date
284 294
 			}
285 295
 
296
+			kdDebug(7029) << "KSSLD::cacheAddCertificate(...) node permanent: " << node->permanent << endl;
297
+			kdDebug(7029) << "KSSLD::cacheAddCertificate(...) node expires: " << node->expires.toString() << endl;
286 298
 			cacheSaveToDisk();
287 299
 			return;
288 300
 		}
@@ -299,7 +311,12 @@ KSSLCNode *node;
299 311
 	if (!permanent) {
300 312
 		n->expires = TQDateTime::currentDateTime();
301 313
 		n->expires = TQT_TQDATETIME_OBJECT(n->expires.addSecs(3600));
314
+	} else {
315
+		if ( !n->expires.isValid() )
316
+			n->expires = n->cert->getQDTNotAfter(); // set to certs expiry date
302 317
 	}
318
+	kdDebug(7029) << "KSSLD::cacheAddCertificate(...) new node permanent: " << n->permanent << endl;
319
+	kdDebug(7029) << "KSSLD::cacheAddCertificate(...) new node expires: " << n->expires.toString() << endl;
303 320
 
304 321
 	searchAddCert(n->cert);
305 322
 	cacheSaveToDisk();
@@ -905,7 +922,7 @@ TQStringList KSSLD::getKDEKeyByEmail(const TQString &email) {
905 922
 	TQStringList rc;
906 923
 	TQMap<TQString, TQPtrVector<KSSLCertificate> >::iterator it = skEmail.find(email.lower());
907 924
 
908
-	kdDebug() << "GETKDEKey " << email.latin1() << endl;
925
+	kdDebug(7029) << "GETKDEKey " << email.latin1() << endl;
909 926
 
910 927
 	if (it == skEmail.end())
911 928
 		return rc;
@@ -918,7 +935,7 @@ TQStringList KSSLD::getKDEKeyByEmail(const TQString &email) {
918 935
 		}
919 936
 	}
920 937
 
921
-	kdDebug() << "ergebnisse: " << rc.size() << " " << elem.size() << endl;
938
+	kdDebug(7029) << "results: " << rc.size() << " " << elem.size() << endl;
922 939
 	return rc;
923 940
 }
924 941
 
@@ -926,13 +943,13 @@ TQStringList KSSLD::getKDEKeyByEmail(const TQString &email) {
926 943
 KSSLCertificate KSSLD::getCertByMD5Digest(const TQString &key) {
927 944
 	TQMap<TQString, KSSLCertificate *>::iterator iter = skMD5Digest.find(key);
928 945
 	
929
-	kdDebug() << "Searching cert for " << key.latin1() << endl;
946
+	kdDebug(7029) << "Searching cert for " << key.latin1() << endl;
930 947
 
931 948
 	if (iter != skMD5Digest.end())
932 949
 		return **iter;
933 950
 	
934 951
 	KSSLCertificate rc; // FIXME: Better way to return a not found condition?
935
-	kdDebug() << "Not found: " << rc.toString().latin1() << endl;
952
+	kdDebug(7029) << "Not found: " << rc.toString().latin1() << endl;
936 953
 	return rc;
937 954
 }	
938 955
 

Loading…
Cancel
Save