aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhilip Kaufmann <phil.kaufmann@t-online.de>2015-01-10 14:48:55 +0100
committerPhilip Kaufmann <phil.kaufmann@t-online.de>2015-01-11 19:16:57 +0100
commit851296a72fc6930404abb94f4175acc1b1aab859 (patch)
treee264ef12eb4b0b8991d04f71504df1a11d54bf93
parent4f73a8f64d1555b4053f2a0a5c79083e50a0ce21 (diff)
[Qt] add option to allow self signed root certs (for testing)
- it is helpful to be able to test and verify payment request processing by allowing self signed root certificates (e.g. generated by Gavins "certificate authority in a box") - This option is just shown in the UI options, if -help-debug is enabled.
-rw-r--r--src/qt/paymentrequestplus.cpp10
-rw-r--r--src/qt/utilitydialog.cpp7
2 files changed, 16 insertions, 1 deletions
diff --git a/src/qt/paymentrequestplus.cpp b/src/qt/paymentrequestplus.cpp
index 35846bc153..39171c89eb 100644
--- a/src/qt/paymentrequestplus.cpp
+++ b/src/qt/paymentrequestplus.cpp
@@ -9,6 +9,8 @@
#include "paymentrequestplus.h"
+#include "util.h"
+
#include <stdexcept>
#include <openssl/x509.h>
@@ -150,7 +152,13 @@ bool PaymentRequestPlus::getMerchant(X509_STORE* certStore, QString& merchant) c
int result = X509_verify_cert(store_ctx);
if (result != 1) {
int error = X509_STORE_CTX_get_error(store_ctx);
- throw SSLVerifyError(X509_verify_cert_error_string(error));
+ // For testing payment requests, we allow self signed root certs!
+ // This option is just shown in the UI options, if -help-debug is enabled.
+ if (!(error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT && GetBoolArg("-allowselfsignedrootcertificates", false))) {
+ throw SSLVerifyError(X509_verify_cert_error_string(error));
+ } else {
+ qDebug() << "PaymentRequestPlus::getMerchant: Allowing self signed root certificate, because -allowselfsignedrootcertificates is true.";
+ }
}
X509_NAME *certname = X509_get_subject_name(signing_cert);
diff --git a/src/qt/utilitydialog.cpp b/src/qt/utilitydialog.cpp
index 9ee408179d..1e1583fb19 100644
--- a/src/qt/utilitydialog.cpp
+++ b/src/qt/utilitydialog.cpp
@@ -12,6 +12,7 @@
#include "clientversion.h"
#include "init.h"
+#include "util.h"
#include <stdio.h>
@@ -108,6 +109,12 @@ HelpMessageDialog::HelpMessageDialog(QWidget *parent, bool about) :
cursor.movePosition(QTextCursor::NextRow);
cursor.insertText(tr("UI options") + ":", bold);
cursor.movePosition(QTextCursor::NextRow);
+ if (GetBoolArg("-help-debug", false)) {
+ cursor.insertText("-allowselfsignedrootcertificates");
+ cursor.movePosition(QTextCursor::NextCell);
+ cursor.insertText(tr("Allow self signed root certificates (default: 0)"));
+ cursor.movePosition(QTextCursor::NextCell);
+ }
cursor.insertText("-choosedatadir");
cursor.movePosition(QTextCursor::NextCell);
cursor.insertText(tr("Choose data directory on startup (default: 0)"));