SSL qt qnetworkaccessmanager qnetworkrequest

QNetworkRequest 和默认 SSL 配置

发布于 2024-09-18 09:11:56 字数 822 浏览 0 评论 0原文

我使用以下代码向服务器发出 HTTPS 请求。

QNetworkRequest request;

//request.setSslConfiguration(QSslConfiguration::defaultConfiguration());
request.setUrl(QUrl("https://www.someurl.com/"));

QNetworkReply *reply = manager->get(request);

一切似乎都适用于我的测试服务器，但我想知道是否建议设置defaultConfiguration（取消注释第二行），或者网络API在使用SSL时是否自动检查所有defaultConfiguration？如果它检查了，如果我添加一个自定义配置它也可以吗？我的意思是，是否需要将自定义配置附加到默认配置列表中？例如：

QSslConfiguration SslConfiguration(QSslConfiguration::defaultConfiguration());

QList<QSslCertificate> certificates = SslConfiguration.caCertificates();
certificates.append(QSslCertificate::fromData(certificate.toAscii(), QSsl::Pem));
SslConfiguration.setCaCertificates(certificates);

request.setSslConfiguration(SslConfiguration);

编辑：我想补充一点，我正在 Symbian 平台上工作。

原文

I'm using the following piece of code to make HTTPS requests with a server.

QNetworkRequest request;

//request.setSslConfiguration(QSslConfiguration::defaultConfiguration());
request.setUrl(QUrl("https://www.someurl.com/"));

QNetworkReply *reply = manager->get(request);

Everything seems to be working with my test server, but I would like to know if it is recommended to set the defaultConfiguration (uncomment second line) or does the network API automatically check all defaultConfigurations when using SSL? And if it checks, does it also do if I add one custom configuration? I mean, is it required to append the custom configuration to the list of default configuration? For example:

QSslConfiguration SslConfiguration(QSslConfiguration::defaultConfiguration());

QList<QSslCertificate> certificates = SslConfiguration.caCertificates();
certificates.append(QSslCertificate::fromData(certificate.toAscii(), QSsl::Pem));
SslConfiguration.setCaCertificates(certificates);

request.setSslConfiguration(SslConfiguration);

Edit: I would like to add that I'm working on Symbian platform.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

宣告ˉ结束 2024-09-25 09:11:56

来自
的文档
void QNetworkRequest::setSslConfiguration ( const QSslConfiguration & config ) ：

默认情况下，没有 SSL 配置
设置，这允许后端
自由选择配置是什么
最适合他们。

您可以使用以下代码验证此声明：

#include <QtGui/QApplication>
#include <QtCore/QDebug>
#include <QtNetwork/QNetworkAccessManager>
#include <QtNetwork/QNetworkRequest>
#include <QtNetwork/QNetworkReply>
#include <QtNetwork/QSslConfiguration>

int main(int argc, char *argv[])
{
    QApplication app(argc, argv);

    QNetworkAccessManager qnam;
    QNetworkRequest request;
    QNetworkReply* reply = qnam.get(request);

    qDebug() << "Default SSL configuration isNull: "
             << QSslConfiguration::defaultConfiguration().isNull();

    qDebug() << "SSL configuration used by QNAM isNull: "
             << reply->sslConfiguration().isNull();

    return app.exec();
}

但是，您似乎将根 CA 证书存储与 SSL 配置混淆了。前者只是后者的一部分（参见 QListQSslConfiguration ::caCertificates () const)。如果您想确保 QNAM 使用您的根 CA 证书，您可以利用 QNAM 使用 QSslSocket 建立 SSL 连接，并使用以下任一静态方法

void addDefaultCaCertificate ( const QSslCertificate & certificate )
bool addDefaultCaCertificates ( const QString & path, QSsl::EncodingFormat encoding = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString )
void addDefaultCaCertificates ( const QList<QSslCertificate> & certificates )
void setDefaultCaCertificates ( const QList<QSslCertificate> & certificates )

设置根 CA 证书，供使用 QSslSocket 建立的所有 SSL 连接使用。请记住，这是全局设置，会影响使用 QSslSocket 建立的所有 SSL 连接而不仅仅是使用 QNAM 建立的连接。没有 API 可以仅针对特定 QNAM 或所有 QNAM 设置此项。

From documentation of
void QNetworkRequest::setSslConfiguration ( const QSslConfiguration & config ):

By default, no SSL configuration is
set, which allows the backends to
choose freely what configuration is
best for them.

You can verify this statement using the following code:

#include <QtGui/QApplication>
#include <QtCore/QDebug>
#include <QtNetwork/QNetworkAccessManager>
#include <QtNetwork/QNetworkRequest>
#include <QtNetwork/QNetworkReply>
#include <QtNetwork/QSslConfiguration>

int main(int argc, char *argv[])
{
    QApplication app(argc, argv);

    QNetworkAccessManager qnam;
    QNetworkRequest request;
    QNetworkReply* reply = qnam.get(request);

    qDebug() << "Default SSL configuration isNull: "
             << QSslConfiguration::defaultConfiguration().isNull();

    qDebug() << "SSL configuration used by QNAM isNull: "
             << reply->sslConfiguration().isNull();

    return app.exec();
}

However, you seem to confuse root CA certificates store with SSL configuration. The former is only one part of the latter (see QList<QSslCertificate> QSslConfiguration::caCertificates () const). If you want to make sure your root CA certificates will be used by QNAM you can take advantage of the fact that QNAM uses QSslSocket to make SSL connections and use any of the following static methods

void addDefaultCaCertificate ( const QSslCertificate & certificate )
bool addDefaultCaCertificates ( const QString & path, QSsl::EncodingFormat encoding = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString )
void addDefaultCaCertificates ( const QList<QSslCertificate> & certificates )
void setDefaultCaCertificates ( const QList<QSslCertificate> & certificates )

to set root CA certificates to be used by all SSL connections made using QSslSocket. Remember, this is global setting and affects all SSL connections made using QSslSocket not only these made using QNAM. There's no API to set this only for specific QNAM or for all QNAMs.

回复收藏 0 原文

~没有更多了~