Package: cutycapt Version: 0.0~svn6-3 Severity: normal Hi,
Basically, the thing is that Cutycapt does not handle invalid (self-signed) SSL certificates. This is an issue that is already being discussed in other forums/bugtrackers, so maybe it's better to just point you to them [0] [1]. The attached patch it's just a port of the proposed fix explained in the links above. I've tested it in production and seems to behave fine. A more elegant approach to fix this would be to add a command line option to bypass certificate verification if the user wants so. Feel free to modify the attached patch at you convenience :) Was told upstream development was frozen, but it'd awesome to have this fixed in Debian. HTH. Nacho [0] http://sourceforge.net/tracker/?func=detail&aid=3106303&group_id=230656&atid=1081395 [1] https://bugs.gentoo.org/show_bug.cgi?id=374943 -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages cutycapt depends on: ii libc6 2.13-21 ii libgcc1 1:4.6.2-5 ii libqt4-network 4:4.7.3-5 ii libqt4-svg 4:4.7.3-5 ii libqtcore4 4:4.7.3-5 ii libqtgui4 4:4.7.3-5 ii libqtwebkit4 2.1.0~2011week13-2 ii libstdc++6 4.6.2-5 cutycapt recommends no packages. Versions of packages cutycapt suggests: ii xvfb 2:1.11.2.901-1 -- no debconf information
diff -urNa cutycapt-0.0~svn6.orig/debian/changelog cutycapt-0.0~svn6.new/debian/changelog --- cutycapt-0.0~svn6.orig/debian/changelog 2011-03-13 19:08:10.000000000 +0100 +++ cutycapt-0.0~svn6.new/debian/changelog 2011-12-22 11:42:49.948064059 +0100 @@ -1,3 +1,12 @@ +cutycapt (0.0~svn6-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Add patch 02-ignore_ssl_errors to ignore errors derived + from self-signed certificates. Stolen from: + https://bugs.gentoo.org/show_bug.cgi?id=374943 + + -- Nacho Barrientos Arias <na...@debian.org> Wed, 21 Dec 2011 17:33:54 +0100 + cutycapt (0.0~svn6-3) unstable; urgency=low * Add Build-Depends on libqtwebkit-dev (Closes: #618240) diff -urNa cutycapt-0.0~svn6.orig/debian/patches/02-ignore_ssl_errors cutycapt-0.0~svn6.new/debian/patches/02-ignore_ssl_errors --- cutycapt-0.0~svn6.orig/debian/patches/02-ignore_ssl_errors 1970-01-01 01:00:00.000000000 +0100 +++ cutycapt-0.0~svn6.new/debian/patches/02-ignore_ssl_errors 2011-12-22 11:50:37.172071068 +0100 @@ -0,0 +1,36 @@ +--- a/CutyCapt.cpp ++++ b/CutyCapt.cpp +@@ -163,6 +163,11 @@ + // This is not really nice, but some restructuring work is + // needed anyway, so this should not be that bad for now. + mPage->setCutyCapt(this); ++ ++ // Ignore SSL errors ++ QNetworkAccessManager* mManager = mPage->networkAccessManager(); ++ connect(mManager, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)), ++ this, SLOT(handleSslErrors(QNetworkReply*,QList<QSslError>))); + } + + void +@@ -226,6 +231,11 @@ + } + + void ++CutyCapt::handleSslErrors(QNetworkReply* reply, QList<QSslError> errors) { ++ reply->ignoreSslErrors(); ++} ++ ++void + CutyCapt::saveSnapshot() { + QWebFrame *mainFrame = mPage->mainFrame(); + QPainter painter; +--- a/CutyCapt.hpp ++++ b/CutyCapt.hpp +@@ -48,6 +48,7 @@ + void JavaScriptWindowObjectCleared(); + void Timeout(); + void Delayed(); ++ void handleSslErrors(QNetworkReply* reply, QList<QSslError> errors); + + private: + void TryDelayedRender(); diff -urNa cutycapt-0.0~svn6.orig/debian/patches/series cutycapt-0.0~svn6.new/debian/patches/series --- cutycapt-0.0~svn6.orig/debian/patches/series 2011-03-01 12:53:37.000000000 +0100 +++ cutycapt-0.0~svn6.new/debian/patches/series 2011-12-22 11:43:27.788064623 +0100 @@ -1 +1,2 @@ 01-assume_http_as_default.patch +02-ignore_ssl_errors
