WebContent+WebWorker: Use custom certificate paths with Qt networking

This change adds a `--certificate` option to both WebContent and
WebWorker, which allows one or more custom root certificate paths to be
specified. Certificates are then loaded from these paths when Qt
networking is used.

This allows WPT tests that require a https connection to be run locally
with Qt networking.

Ladybird/Qt/RequestManagerQt.cpp

@@ -5,15 +5,24 @@
  */
 
 #include "RequestManagerQt.h"
+#include "StringUtils.h"
 #include "WebSocketImplQt.h"
 #include "WebSocketQt.h"
 #include <QNetworkCookie>
 
 namespace Ladybird {
 
-RequestManagerQt::RequestManagerQt()
+RequestManagerQt::RequestManagerQt(Vector<ByteString> const& certificate_paths)
 {
     m_qnam = new QNetworkAccessManager(this);
+    auto ssl_configuration = QSslConfiguration::defaultConfiguration();
+    ssl_configuration.setPeerVerifyMode(QSslSocket::VerifyNone);
+    for (auto const& certificate_path : certificate_paths) {
+        auto certificates = QSslCertificate::fromPath(qstring_from_ak_string(certificate_path));
+        for (auto const& certificate : certificates)
+            ssl_configuration.addCaCertificate(certificate);
+    }
+    QSslConfiguration::setDefaultConfiguration(ssl_configuration);
 
     QObject::connect(m_qnam, &QNetworkAccessManager::finished, this, &RequestManagerQt::reply_finished);
 }

Ladybird/Qt/RequestManagerQt.h

@@ -17,9 +17,9 @@ class RequestManagerQt
     , public Web::ResourceLoaderConnector {
     Q_OBJECT
 public:
-    static NonnullRefPtr<RequestManagerQt> create()
+    static NonnullRefPtr<RequestManagerQt> create(Vector<ByteString> const& certificate_paths)
     {
-        return adopt_ref(*new RequestManagerQt());
+        return adopt_ref(*new RequestManagerQt(certificate_paths));
     }
 
     virtual ~RequestManagerQt() override { }
@@ -34,7 +34,7 @@ private slots:
     void reply_finished(QNetworkReply*);
 
 private:
-    RequestManagerQt();
+    explicit RequestManagerQt(Vector<ByteString> const& certificate_paths);
 
     class Request
         : public Web::ResourceLoaderConnectorRequest {

Ladybird/WebContent/main.cpp

@@ -113,6 +113,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
     args_parser.add_option(is_layout_test_mode, "Is layout test mode", "layout-test-mode");
     args_parser.add_option(expose_internals_object, "Expose internals object", "expose-internals-object");
     args_parser.add_option(use_lagom_networking, "Enable Lagom servers for networking", "use-lagom-networking");
+    args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
     args_parser.add_option(use_skia_painter, "Enable Skia painter", "use-skia-painting");
     args_parser.add_option(wait_for_debugger, "Wait for debugger", "wait-for-debugger");
     args_parser.add_option(mach_server_name, "Mach server name", "mach-server-name", 0, "mach_server_name");
@@ -150,7 +151,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
 
 #if defined(HAVE_QT)
     if (!use_lagom_networking)
-        Web::ResourceLoader::initialize(Ladybird::RequestManagerQt::create());
+        Web::ResourceLoader::initialize(Ladybird::RequestManagerQt::create(certificates));
     else
 #endif
         TRY(initialize_lagom_networking(request_server_socket));

Ladybird/WebWorker/main.cpp

@@ -39,12 +39,14 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
 
     int request_server_socket { -1 };
     StringView serenity_resource_root;
+    Vector<ByteString> certificates;
     bool use_lagom_networking { false };
 
     Core::ArgsParser args_parser;
     args_parser.add_option(request_server_socket, "File descriptor of the request server socket", "request-server-socket", 's', "request-server-socket");
     args_parser.add_option(serenity_resource_root, "Absolute path to directory for serenity resources", "serenity-resource-root", 'r', "serenity-resource-root");
     args_parser.add_option(use_lagom_networking, "Enable Lagom servers for networking", "use-lagom-networking");
+    args_parser.add_option(certificates, "Path to a certificate file", "certificate", 'C', "certificate");
     args_parser.parse(arguments);
 
 #if defined(HAVE_QT)
@@ -61,7 +63,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
 
 #if defined(HAVE_QT)
     if (!use_lagom_networking)
-        Web::ResourceLoader::initialize(Ladybird::RequestManagerQt::create());
+        Web::ResourceLoader::initialize(Ladybird::RequestManagerQt::create(certificates));
     else
 #endif
         TRY(initialize_lagom_networking(request_server_socket));