diff options
| author | Philip Kaufmann <phil.kaufmann@t-online.de> | 2015-01-10 14:48:55 +0100 |
|---|---|---|
| committer | Philip Kaufmann <phil.kaufmann@t-online.de> | 2015-01-11 19:16:57 +0100 |
| commit | 851296a72fc6930404abb94f4175acc1b1aab859 (patch) | |
| tree | e264ef12eb4b0b8991d04f71504df1a11d54bf93 /src/qt | |
| parent | 4f73a8f64d1555b4053f2a0a5c79083e50a0ce21 (diff) | |
[Qt] add option to allow self signed root certs (for testing)
- it is helpful to be able to test and verify payment request processing
by allowing self signed root certificates (e.g. generated by Gavins
"certificate authority in a box")
- This option is just shown in the UI options, if -help-debug is enabled.
Diffstat (limited to 'src/qt')
| -rw-r--r-- | src/qt/paymentrequestplus.cpp | 10 | ||||
| -rw-r--r-- | src/qt/utilitydialog.cpp | 7 |
2 files changed, 16 insertions, 1 deletions
diff --git a/src/qt/paymentrequestplus.cpp b/src/qt/paymentrequestplus.cpp index 35846bc153..39171c89eb 100644 --- a/src/qt/paymentrequestplus.cpp +++ b/src/qt/paymentrequestplus.cpp @@ -9,6 +9,8 @@ #include "paymentrequestplus.h" +#include "util.h" + #include <stdexcept> #include <openssl/x509.h> @@ -150,7 +152,13 @@ bool PaymentRequestPlus::getMerchant(X509_STORE* certStore, QString& merchant) c int result = X509_verify_cert(store_ctx); if (result != 1) { int error = X509_STORE_CTX_get_error(store_ctx); - throw SSLVerifyError(X509_verify_cert_error_string(error)); + // For testing payment requests, we allow self signed root certs! + // This option is just shown in the UI options, if -help-debug is enabled. + if (!(error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT && GetBoolArg("-allowselfsignedrootcertificates", false))) { + throw SSLVerifyError(X509_verify_cert_error_string(error)); + } else { + qDebug() << "PaymentRequestPlus::getMerchant: Allowing self signed root certificate, because -allowselfsignedrootcertificates is true."; + } } X509_NAME *certname = X509_get_subject_name(signing_cert); diff --git a/src/qt/utilitydialog.cpp b/src/qt/utilitydialog.cpp index 9ee408179d..1e1583fb19 100644 --- a/src/qt/utilitydialog.cpp +++ b/src/qt/utilitydialog.cpp @@ -12,6 +12,7 @@ #include "clientversion.h" #include "init.h" +#include "util.h" #include <stdio.h> @@ -108,6 +109,12 @@ HelpMessageDialog::HelpMessageDialog(QWidget *parent, bool about) : cursor.movePosition(QTextCursor::NextRow); cursor.insertText(tr("UI options") + ":", bold); cursor.movePosition(QTextCursor::NextRow); + if (GetBoolArg("-help-debug", false)) { + cursor.insertText("-allowselfsignedrootcertificates"); + cursor.movePosition(QTextCursor::NextCell); + cursor.insertText(tr("Allow self signed root certificates (default: 0)")); + cursor.movePosition(QTextCursor::NextCell); + } cursor.insertText("-choosedatadir"); cursor.movePosition(QTextCursor::NextCell); cursor.insertText(tr("Choose data directory on startup (default: 0)")); |