sharpetronics/QGIS
1
0
Fork 0
mirror of https://github.com/qgis/QGIS.git synced 2025-04-18 00:03:05 -04:00
Code Issues Packages Projects Releases Wiki Activity

[bugfix][auth] Basic method uses trusted CAs when connecting to DB

Browse Source 
Fixes #17392
This commit is contained in:
Alessandro Pasotti 2017-11-03 14:55:01 +01:00
parent 9c5ace096c
commit 73fec4adc7
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/auth/basic/qgsauthbasicmethod.cpp
View File

@ -23,6 +23,7 @@
#include <QNetworkProxy>
#include <QMutexLocker>
#include <QUuid>
static const QString AUTH_METHOD_KEY = QStringLiteral( "Basic" );
static const QString AUTH_METHOD_DESCRIPTION = QStringLiteral( "Basic authentication" );
@ -123,6 +124,28 @@ bool QgsAuthBasicMethod::updateDataSourceUriItems( QStringList &connectionItems,
connectionItems.append( passparam );
}
// add extra CAs
QList<QSslCertificate> cas;
cas = QgsApplication::authManager()->trustedCaCerts();
// save CAs to temp file
QString tempFileBase = QStringLiteral( "tmp_basic_%1.pem" );
QString caFilePath = QgsAuthCertUtils::pemTextToTempFile(
tempFileBase.arg( QUuid::createUuid().toString() ),
QgsAuthCertUtils::certsToPemText( cas ) );
if ( ! caFilePath.isEmpty() )
{
QString caparam = "sslrootcert='" + caFilePath + "'";
int sslcaindx = connectionItems.indexOf( QRegExp( "^sslrootcert='.*" ) );
if ( sslcaindx != -1 )
{
connectionItems.replace( sslcaindx, caparam );
}
else
{
connectionItems.append( caparam );
}
}
return true;
}