diff --git a/auth/assets/ca/lets-encrypt-r3.pem b/auth/assets/ca/lets-encrypt-r3.pem new file mode 100644 index 0000000000..43b222a60a --- /dev/null +++ b/auth/assets/ca/lets-encrypt-r3.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- diff --git a/auth/lib/core/network.dart b/auth/lib/core/network.dart index 0efa09fb5d..c14c9e758b 100644 --- a/auth/lib/core/network.dart +++ b/auth/lib/core/network.dart @@ -1,10 +1,8 @@ import 'dart:io'; import 'package:dio/dio.dart'; -import 'package:dio/io.dart'; import 'package:ente_auth/core/configuration.dart'; import 'package:ente_auth/core/event_bus.dart'; -import 'package:ente_auth/core/win_http_client.dart'; import 'package:ente_auth/events/endpoint_updated_event.dart'; import 'package:ente_auth/utils/package_info_util.dart'; import 'package:ente_auth/utils/platform_util.dart'; @@ -52,19 +50,6 @@ class Network { }, ), ); - if (Platform.isWindows) { - final customHttpClient = windowsHttpClient(); - _enteDio.httpClientAdapter = IOHttpClientAdapter( - createHttpClient: () { - return customHttpClient; - }, - ); - _dio.httpClientAdapter = IOHttpClientAdapter( - createHttpClient: () { - return customHttpClient; - }, - ); - } _setupInterceptors(endpoint); Bus.instance.on().listen((event) { diff --git a/auth/lib/main.dart b/auth/lib/main.dart index 18a8c3e1ae..9f6e611b3f 100644 --- a/auth/lib/main.dart +++ b/auth/lib/main.dart @@ -28,6 +28,7 @@ import 'package:ente_crypto_dart/ente_crypto_dart.dart'; import 'package:flutter/foundation.dart'; import "package:flutter/material.dart"; import 'package:flutter/scheduler.dart'; +import 'package:flutter/services.dart'; import 'package:flutter_displaymode/flutter_displaymode.dart'; import 'package:logging/logging.dart'; import 'package:path_provider/path_provider.dart'; @@ -65,6 +66,9 @@ Future initSystemTray() async { void main() async { WidgetsFlutterBinding.ensureInitialized(); + if (Platform.isWindows) { + await whiteListLetsEncryptRootCA(); + } if (PlatformUtil.isDesktop()) { await windowManager.ensureInitialized(); @@ -86,6 +90,19 @@ void main() async { } } +Future whiteListLetsEncryptRootCA() async { + try { + // https://stackoverflow.com/a/71090239 + // https://github.com/ente-io/ente/issues/2178 + ByteData data = + await PlatformAssetBundle().load('assets/ca/lets-encrypt-r3.pem'); + SecurityContext.defaultContext + .setTrustedCertificatesBytes(data.buffer.asUint8List()); + } catch (e) { + _logger.severe("Failed to whitelist Let's Encrypt Root CA", e); + } +} + Future _runInForeground() async { final savedThemeMode = _themeMode(await AdaptiveTheme.getThemeMode()); return await _runWithLogs(() async { diff --git a/auth/pubspec.yaml b/auth/pubspec.yaml index 211159b768..d1881bf54d 100644 --- a/auth/pubspec.yaml +++ b/auth/pubspec.yaml @@ -1,6 +1,6 @@ name: ente_auth description: ente two-factor authenticator -version: 3.0.17+317 +version: 3.0.18+318 publish_to: none environment: @@ -132,6 +132,7 @@ flutter: - assets/custom-icons/icons/ - assets/custom-icons/_data/ - assets/svg/ + - assets/ca/ fonts: - family: Inter