Improve TLS error messages
* Add fallback to .toPem() when .toText() is not implemented by the TLS plugin * Add error number (Qt's enum value) * Remove leftover cerr logging
This commit is contained in:
parent
feb7fb04db
commit
ab605049aa
|
@ -105,6 +105,21 @@ SyncthingConnection::Reply SyncthingConnection::prepareReply(QList<QNetworkReply
|
||||||
return handleReply(reply, readData, handleAborting);
|
return handleReply(reply, readData, handleAborting);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// \cond
|
||||||
|
static QString certText(const QSslCertificate &cert)
|
||||||
|
{
|
||||||
|
auto text = cert.toText();
|
||||||
|
if (text.startsWith(QStringLiteral("Certificate: "))) {
|
||||||
|
return text;
|
||||||
|
}
|
||||||
|
if (text.isEmpty()) {
|
||||||
|
// .toText() is not implemented for all backends so use .toPem() as fallback
|
||||||
|
text = QChar('\n') + QString::fromUtf8(cert.toPem());
|
||||||
|
}
|
||||||
|
return text.isEmpty() ? QStringLiteral("Certificate: [no information available]") : QStringLiteral("Certificate: ") + text;
|
||||||
|
}
|
||||||
|
/// \endcond
|
||||||
|
|
||||||
/*!
|
/*!
|
||||||
* \brief Handles SSL errors of replies; just for logging purposes at this point.
|
* \brief Handles SSL errors of replies; just for logging purposes at this point.
|
||||||
*/
|
*/
|
||||||
|
@ -125,20 +140,20 @@ void SyncthingConnection::handleSslErrors(const QList<QSslError> &errors)
|
||||||
// handle the error by emitting the error signal with all the details including the certificate
|
// handle the error by emitting the error signal with all the details including the certificate
|
||||||
// note: Of course the failing request would cause a QNetworkReply::SslHandshakeFailedError anyways. However,
|
// note: Of course the failing request would cause a QNetworkReply::SslHandshakeFailedError anyways. However,
|
||||||
// at this point the concrete SSL error with the certificate is not accessible anymore.
|
// at this point the concrete SSL error with the certificate is not accessible anymore.
|
||||||
auto errorMessage = QStringLiteral("TLS error: ") + error.errorString();
|
auto errorMessage
|
||||||
|
= QString(QStringLiteral("TLS error: ") % error.errorString() % QChar(' ') % QChar('(') % QString::number(error.error()) % QChar(')'));
|
||||||
if (const auto cert = error.certificate(); !cert.isNull()) {
|
if (const auto cert = error.certificate(); !cert.isNull()) {
|
||||||
errorMessage += QChar('\n');
|
errorMessage += QChar('\n');
|
||||||
if (cert == m_certFromLastSslError) {
|
if (cert == m_certFromLastSslError) {
|
||||||
errorMessage += QStringLiteral("Certificate: same as last");
|
errorMessage += QStringLiteral("Certificate: same as last");
|
||||||
} else {
|
} else {
|
||||||
errorMessage += cert.toText();
|
errorMessage += certText(cert);
|
||||||
if (!m_expectedSslErrors.isEmpty()) {
|
if (!m_expectedSslErrors.isEmpty()) {
|
||||||
errorMessage += QStringLiteral("\nExpected ") + m_expectedSslErrors.front().certificate().toText();
|
errorMessage += QStringLiteral("\nExpected ") + certText(m_expectedSslErrors.front().certificate());
|
||||||
}
|
}
|
||||||
m_certFromLastSslError = cert;
|
m_certFromLastSslError = cert;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
cerr << "TLS ERROR" << endl;
|
|
||||||
emit this->error(errorMessage, SyncthingErrorCategory::TLS, QNetworkReply::NoError, reply->request());
|
emit this->error(errorMessage, SyncthingErrorCategory::TLS, QNetworkReply::NoError, reply->request());
|
||||||
hasUnexpectedErrors = true;
|
hasUnexpectedErrors = true;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue