Skip to content

Commit 8e090d1

Browse files
noisecode3noisecode3
committed
only use TLSv1.3 and fix rule 15.5
1 parent fc0477e commit 8e090d1

File tree

2 files changed

+34
-49
lines changed

2 files changed

+34
-49
lines changed

src/Model.hpp

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -64,12 +64,6 @@ class Model : public QObject {
6464
QString getGameDirectory(int id);
6565
void setupGame(int id);
6666
bool getLevel(int id);
67-
bool getLevelHaveFile(
68-
const int id, const QString& md5sum, const QString& name);
69-
bool getLevelDontHaveFile(
70-
const int id, const QString& md5sum, const QString& name);
71-
72-
bool unpackLevel(const int id, const QString& name);
7367
const InfoData getInfo(int id);
7468
const QString getWalkthrough(int id);
7569
bool setDirectory(const QString& level, const QString& game);
@@ -80,6 +74,12 @@ class Model : public QObject {
8074
void modelTickSignal();
8175

8276
private:
77+
bool getLevelHaveFile(
78+
const int id, const QString& md5sum, const QString& name);
79+
bool getLevelDontHaveFile(
80+
const int id, const QString& md5sum, const QString& name);
81+
bool unpackLevel(const int id, const QString& name);
82+
8383
QList<int> m_availableGames;
8484
Data& data = Data::getInstance();
8585
FileManager& fileManager = FileManager::getInstance();

src/Network.cpp

Lines changed: 28 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -23,14 +23,17 @@ namespace ssl = boost::asio::ssl;
2323
using tcp = boost::asio::ip::tcp;
2424

2525
std::string get_ssl_certificate(const std::string& host) {
26+
bool status = true;
27+
std::string cert_buffer;
2628
boost::asio::io_context io_context;
2729

2830
// Use SSLv23 context (it's compatible with all versions of SSL/TLS)
2931
ssl::context ssl_context(ssl::context::sslv23);
3032

31-
// Restrict supported protocols to TLSv1.3 and TLSv1.2, these are no no
33+
// Restrict supported protocol to TLSv1.3
3234
ssl_context.set_options(ssl::context::no_sslv2 | ssl::context::no_sslv3);
3335
ssl_context.set_options(ssl::context::no_tlsv1 | ssl::context::no_tlsv1_1);
36+
ssl_context.set_options(ssl::context::no_tlsv1_2);
3437

3538
// Resolver for HTTPS (default port 443)
3639
tcp::resolver resolver(io_context);
@@ -44,33 +47,34 @@ std::string get_ssl_certificate(const std::string& host) {
4447
stream.handshake(ssl::stream_base::client);
4548
} catch (const boost::system::system_error& e) {
4649
std::cerr << "SSL handshake failed: " << e.what() << std::endl;
47-
return "";
50+
status = false;
4851
}
4952

50-
// Get certificate
51-
X509* cert = SSL_get_peer_certificate(stream.native_handle());
52-
if (!cert) {
53-
std::cerr << "No certificate found." << std::endl;
54-
return "";
55-
}
56-
57-
// Verify the certificate matches the host
58-
if (X509_check_host(cert, host.c_str(), host.length(), 0, nullptr) != 1) {
59-
std::cerr << "Hostname verification failed." << std::endl;
53+
if (status) {
54+
// Get certificate
55+
X509* cert = SSL_get_peer_certificate(stream.native_handle());
56+
if (!cert) {
57+
std::cerr << "No certificate found." << std::endl;
58+
status = false;
59+
}
60+
if (status) {
61+
// Verify the certificate matches the host
62+
if (X509_check_host(
63+
cert, host.c_str(), host.length(), 0, nullptr) != 1) {
64+
std::cerr << "Hostname verification failed." << std::endl;
65+
status = false;
66+
}
67+
if (status) {
68+
BIO* bio = BIO_new(BIO_s_mem());
69+
PEM_write_bio_X509(bio, cert);
70+
char* cert_str = nullptr;
71+
qint64 cert_len = BIO_get_mem_data(bio, &cert_str);
72+
cert_buffer = std::string(cert_str, cert_len);
73+
BIO_free(bio);
74+
}
75+
}
6076
X509_free(cert);
61-
return "";
6277
}
63-
64-
BIO* bio = BIO_new(BIO_s_mem());
65-
PEM_write_bio_X509(bio, cert);
66-
char* cert_str = nullptr;
67-
qint64 cert_len = BIO_get_mem_data(bio, &cert_str);
68-
std::string cert_buffer(cert_str, cert_len);
69-
70-
// Clean up
71-
BIO_free(bio);
72-
X509_free(cert);
73-
7478
return cert_buffer;
7579
}
7680

@@ -96,25 +100,6 @@ int Downloader::getStatus() {
96100
return m_status;
97101
}
98102

99-
void Downloader::saveToFile(const QByteArray& data, const QString& filePath) {
100-
QFileInfo fileInfo(filePath);
101-
102-
if (fileInfo.exists() && !fileInfo.isFile()) {
103-
qDebug() << "Error: The zip path is not a regular file." << filePath;
104-
return;
105-
}
106-
107-
QFile file(filePath);
108-
109-
if (file.open(QIODevice::WriteOnly) == true) { // flawfinder: ignore
110-
file.write(data);
111-
file.close();
112-
qDebug() << "Data saved to file:" << filePath;
113-
} else {
114-
qDebug() << "Error saving data to file:" << file.errorString();
115-
}
116-
}
117-
118103
void Downloader::run() {
119104
if (m_url.isEmpty() || m_file.isEmpty() || m_levelDir.isEmpty()) {
120105
m_status = 3; // object error

0 commit comments

Comments
 (0)