fix: Client side TLS with Strict-Transport-Security

Signed-off-by: rbran <[email protected]>

Author: rbran

src/gui/wizard/owncloudconnectionmethoddialog.cpp

@@ -24,6 +24,10 @@ void OwncloudConnectionMethodDialog::setUrl(const QUrl &url)
     ui->label->setText(tr("<html><head/><body><p>Failed to connect to the secure server address <em>%1</em>. How do you wish to proceed?</p></body></html>").arg(url.toDisplayString().toHtmlEscaped()));
 }
 
+void OwncloudConnectionMethodDialog::setHTTPOnly(const bool retryHTTPonly)
+{
+    ui->btnNoTLS->setEnabled(retryHTTPonly);
+}
 
 void OwncloudConnectionMethodDialog::returnNoTLS()
 {

src/gui/wizard/owncloudconnectionmethoddialog.h

@@ -37,6 +37,7 @@ class OwncloudConnectionMethodDialog : public QDialog
 
     // The URL that was tried
     void setUrl(const QUrl &);
+    void setHTTPOnly(const bool);
 
 public slots:
     void returnNoTLS();

src/gui/wizard/owncloudsetuppage.cpp

@@ -349,35 +349,34 @@ void OwncloudSetupPage::setErrorString(const QString &err, bool retryHTTPonly)
     if (err.isEmpty()) {
         _ui.errorLabel->setVisible(false);
     } else {
-        if (retryHTTPonly) {
-            const auto urlString = url();
-            auto url = QUrl::fromUserInput(urlString);
-            if (url.scheme() == "https") {
-                // Ask the user how to proceed when connecting to a https:// URL fails.
-                // It is possible that the server is secured with client-side TLS certificates,
-                // but that it has no way of informing the owncloud client that this is the case.
-
-                OwncloudConnectionMethodDialog dialog;
-                dialog.setUrl(url);
-                // FIXME: Synchronous dialogs are not so nice because of event loop recursion
-                int retVal = dialog.exec();
-
-                switch (retVal) {
-                case OwncloudConnectionMethodDialog::No_TLS: {
-                    url.setScheme("http");
-                    _ui.leUrl->setFullText(url.toString());
-                    // skip ahead to next page, since the user would expect us to retry automatically
-                    wizard()->next();
-                } break;
-                case OwncloudConnectionMethodDialog::Client_Side_TLS:
-                    addCertDial->show();
-                    break;
-                case OwncloudConnectionMethodDialog::Closed:
-                case OwncloudConnectionMethodDialog::Back:
-                default:
-                    // No-op.
-                    break;
-                }
+        const auto urlString = url();
+        auto url = QUrl::fromUserInput(urlString);
+        if (url.scheme() == "https") {
+            // Ask the user how to proceed when connecting to a https:// URL fails.
+            // It is possible that the server is secured with client-side TLS certificates,
+            // but that it has no way of informing the owncloud client that this is the case.
+
+            OwncloudConnectionMethodDialog dialog;
+            dialog.setUrl(url);
+            dialog.setHTTPOnly(retryHTTPonly);
+            // FIXME: Synchronous dialogs are not so nice because of event loop recursion
+            int retVal = dialog.exec();
+
+            switch (retVal) {
+            case OwncloudConnectionMethodDialog::No_TLS: {
+                url.setScheme("http");
+                _ui.leUrl->setFullText(url.toString());
+                // skip ahead to next page, since the user would expect us to retry automatically
+                wizard()->next();
+            } break;
+            case OwncloudConnectionMethodDialog::Client_Side_TLS:
+                addCertDial->show();
+                break;
+            case OwncloudConnectionMethodDialog::Closed:
+            case OwncloudConnectionMethodDialog::Back:
+            default:
+                // No-op.
+                break;
             }
         }