moonlight-stream/moonlight-qt
1
0
Fork 0
mirror of https://github.com/moonlight-stream/moonlight-qt.git synced 2026-04-16 21:30:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pin server cert to host during pairing

Browse Source
This commit is contained in:
Cameron Gutman
2018-12-21 18:08:07 -08:00
parent b4d8e0e551
commit c6383f042c
9 changed files with 50 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app/backend/nvhttp.cpp
View File

@@ -14,8 +14,9 @@
#define REQUEST_TIMEOUT_MS 5000
NvHTTP::NvHTTP(QString address) :
m_Address(address)
NvHTTP::NvHTTP(QString address, QSslCertificate serverCert) :
m_Address(address),
m_ServerCert(serverCert)
{
Q_ASSERT(!address.isEmpty());
@@ -390,8 +391,17 @@ NvHTTP::openConnection(QUrl baseUrl,
QNetworkReply* reply = m_Nam.get(request);
// Ignore self-signed certificate errors (since GFE uses them)
reply->ignoreSslErrors();
if (m_ServerCert.isNull()) {
// No server cert yet
reply->ignoreSslErrors();
}
else {
// Pin the server certificate received during pairing
QList<QSslError> expectedSslErrors;
expectedSslErrors.append(QSslError(QSslError::HostNameMismatch, m_ServerCert));
expectedSslErrors.append(QSslError(QSslError::SelfSignedCertificate, m_ServerCert));
reply->ignoreSslErrors(expectedSslErrors);
}
// Run the request with a timeout if requested
QEventLoop loop;