[Pkg-owncloud-commits] [owncloud-client] 67/120: Abort the request and reset the QNAM if user does not ACK a new cert.

[Sandro Knauß]

This is an automated email from the git hooks/post-receive script.

hefee-guest pushed a commit to branch master
in repository owncloud-client.

commit 76ce5adbf02af052ab8d7596b8ded75c7d4d7fcb
Author: Klaas Freitag <freitag at owncloud.com>
Date:   Tue Jun 2 12:21:49 2015 +0200

    Abort the request and reset the QNAM if user does not ACK a new cert.
    
    This is supposed to fix bug #3283
    
    (cherry picked from commit 75b38d1a2ffe57d0f1eb3ebb8c5f30b8b2a185e4)
---
 src/libsync/account.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/libsync/account.cpp b/src/libsync/account.cpp
index d0d59a8..6909252 100644
--- a/src/libsync/account.cpp
+++ b/src/libsync/account.cpp
@@ -408,6 +408,11 @@ void Account::slotHandleSslErrors(QNetworkReply *reply , QList<QSslError> errors
         reply->ignoreSslErrors(errors);
     } else {
         _treatSslErrorsAsFailure = true;
+        // if during normal operation, a new certificate was MITM'ed, and the user does not
+        // ACK it, the running request must be aborted and the QNAM must be reset, to not
+        // treat the new cert as granted. See bug #3283
+        reply->abort();
+        resetNetworkAccessManager();
         return;
     }
 }

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud-client.git