fix: Always perform SSL peer verification

As the datastore now has real (no self-signed) TLS certificates, the host
verification should not be disabled by default. When testing locally,
one could use non-TLS connections.

src/blackcore/db/databasewriter.cpp

@@ -81,7 +81,6 @@ namespace BlackCore::Db
         QUrl url(m_modelPublishUrl.toQUrl());
         if (compress) { url.setQuery(CDatabaseUtils::getCompressedQuery()); }
         QNetworkRequest request(url);
-        CNetworkUtils::ignoreSslVerification(request);
         const QByteArray eInfo = extraInfo.toLatin1();
         request.setRawHeader(QByteArray("swift-extrainfo"), eInfo);
         const int logId = m_writeLog.addPendingUrl(url);
@@ -122,7 +121,6 @@ namespace BlackCore::Db
         url.setQuery(query);
 
         QNetworkRequest request(url);
-        CNetworkUtils::ignoreSslVerification(request);
         const int logId = m_writeLog.addPendingUrl(url);
         m_pendingAutoPublishReply = sApp->postToNetwork(request, logId, multiPart, { this, &CDatabaseWriter::postedAutoPublishResponse });
         m_autoPublishReplyPendingSince = QDateTime::currentMSecsSinceEpoch();

src/blackmisc/network/networkutils.cpp

@@ -11,24 +11,16 @@
 #include <QMetaEnum>
 #include <QHostAddress>
 #include <QList>
-#include <QProcess>
-#include <QNetworkAddressEntry>
 #include <QNetworkInterface>
 #include <QNetworkReply>
 #include <QNetworkConfiguration>
 #include <QObject>
 #include <QSignalMapper>
-#include <QSslCertificate>
-#include <QSslConfiguration>
-#include <QSslKey>
-#include <QSslSocket>
 #include <QTcpSocket>
-#include <QTextStream>
 #include <QUrl>
 #include <QUrlQuery>
 #include <QStringBuilder>
 #include <QVariant>
-#include <QtDebug>
 #include <QRegularExpression>
 
 using namespace BlackConfig;
@@ -173,13 +165,6 @@ namespace BlackMisc::Network
         return protocol + "://" + url;
     }
 
-    void CNetworkUtils::ignoreSslVerification(QNetworkRequest &request)
-    {
-        QSslConfiguration conf = request.sslConfiguration();
-        conf.setPeerVerifyMode(QSslSocket::VerifyNone);
-        request.setSslConfiguration(conf);
-    }
-
     void CNetworkUtils::setSwiftUserAgent(QNetworkRequest &request, const QString &userAgentDetails)
     {
         static const QString defaultUserAgent("swift/" + CBuildConfig::getVersionString());
@@ -205,7 +190,6 @@ namespace BlackMisc::Network
         default:
             break;
         }
-        CNetworkUtils::ignoreSslVerification(request);
         CNetworkUtils::setSwiftUserAgent(request, userAgentDetails);
         return request;
     }
@@ -213,7 +197,6 @@ namespace BlackMisc::Network
     QNetworkRequest CNetworkUtils::getSwiftNetworkRequest(const QNetworkRequest &request, const QString &userAgentDetails)
     {
         QNetworkRequest req(request); // copy
-        CNetworkUtils::ignoreSslVerification(req);
         CNetworkUtils::setSwiftUserAgent(req, userAgentDetails);
         return req;
     }

src/blackmisc/network/networkutils.h

@@ -81,9 +81,6 @@ namespace BlackMisc::Network
         //! Build / concatenate an URL
         static QString buildUrl(const QString &protocol, const QString &server, const QString &baseUrl, const QString &serviceUrl);
 
-        //! Ignore SSL verification such as self signed certificates
-        static void ignoreSslVerification(QNetworkRequest &request);
-
         //! Set user agent for request
         static void setSwiftUserAgent(QNetworkRequest &request, const QString &userAgentDetails = {});