Merge branch 'ssl' of git.openslx.org:openslx-ng/fbgui into ssl

2 files changed, 71 insertions, 17 deletions

diff --git a/src/fbgui/fbgui.cpp b/src/fbgui/fbgui.cpp
index 9c9efcd..37913b7 100644
--- a/src/fbgui/fbgui.cpp
+++ b/src/fbgui/fbgui.cpp
@@ -94,11 +94,11 @@ void fbgui::init() {
 	dmThread.start();
 
 	// show "waiting for internet" page until triggered.
-	if (debugMode > -1) {
-		_webView->load(QUrl("qrc:/html/preload-debug.html"));
-	} else {
-		_webView->load(QUrl("qrc:/html/preload.html"));
-	}
+//	if (debugMode > -1) {
+//		_webView->load(QUrl("qrc:/html/preload-debug.html"));
+//	} else {
+//		_webView->load(QUrl("qrc:/html/preload.html"));
+//	}
 
 	// watcher is not needed anymore since we guarantee internet connection with the networkDiscovery.
 	// start watching for fileToTriggerURL
@@ -245,11 +245,15 @@ void fbgui::loadURL() {
       QByteArray postData = generatePOSTData();
       _qnr = new QNetworkRequest(baseURL);
 
+      QList<QSslCertificate> certList;
+      certList.append(readCertificate("/usr/lib/ssl/openslx/CA/certs/openslx-cert.pem"));
+      registerCACertificates(certList);
+
       //Connect webViews NetworkAccessManager to SSLErrorHandler SLOT
       QObject::connect(_webView->page()->networkAccessManager(),
               SIGNAL(finished(QNetworkReply*)),
               this,
-              SLOT(errorHandler(QNetworkReply*)));
+              SLOT(httpErrorHandler(QNetworkReply*)));
 
       //Connect webViews NetworkAccessManager to ErrorHandler SLOT
       QObject::connect(_webView->page()->networkAccessManager(),
@@ -274,6 +278,7 @@ void fbgui::loadURLDone(bool success) {
       // TODO handle failure properly...
    } else {
       LOG4CXX_DEBUG(coreLogger, "Loaded URL: " << _webView->url().toString());
+      //dumpCACertificates();
    }
 }
 
@@ -284,25 +289,64 @@ void fbgui::sslErrorHandler(QNetworkReply* reply, const QList<QSslError> & errli
   foreach (QSslError err, errlist)
 	LOG4CXX_DEBUG(coreLogger, "SSL Error: " << err.errorString());
 
-   reply->ignoreSslErrors();
+   //reply->ignoreSslErrors();
 }
 
 //Handles QNetworkReply Errors
 void fbgui::httpErrorHandler(QNetworkReply* reply) {
-	LOG4CXX_DEBUG(coreLogger, "HTTP Error: " << reply->attribute(QNetworkRequest::HttpReasonPhraseAttribute).toString());
+	if(reply->error() != QNetworkReply::NoError )
+		LOG4CXX_DEBUG(coreLogger, "HTTP Error: " << reply->errorString());
+}
+
+//test function to read Certificates
+QSslCertificate fbgui::readCertificate(const QString& fileName){
+	QFile certFile(fileName);
+	Q_ASSERT(certFile.open(QIODevice::ReadOnly));
+	QByteArray certContent = certFile.readAll();
+	LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << certContent);
+	QSslCertificate cert(certContent, QSsl::Pem);
+	return cert;
+}
+
+//Dump all Certificates in SSLConfiguration
+void fbgui::dumpCACertificates(){
+	QSslConfiguration sslConfig = _qnr->sslConfiguration();
+	QList<QSslCertificate> caCerts = sslConfig.caCertificates();
+
+	foreach (QSslCertificate cert, caCerts){
+		LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid());
+		LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization));
+	}
+}
+
+//Saves CACertificates to SslConfiguration
+void fbgui::registerCACertificates(const QList<QSslCertificate> & certificates){
+
+	foreach (QSslCertificate cert, certificates){
+		LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid());
+		LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization));
+	}
+
+	QSslConfiguration sslConfig = _qnr->sslConfiguration();
+
+	QList<QSslCertificate> caCerts = sslConfig.caCertificates();
+	caCerts.append(certificates);
+    sslConfig.setCaCertificates(caCerts);
+    _qnr->setSslConfiguration(sslConfig);
+
 }
 
-//Saves Certificates to SslConfiguration
-void fbgui::registerCACertificate(QSslCertificate& cert){
+//Saves PrivateKey to SslConfiguration
+void fbgui::setLocalCertificate(QSslCertificate& cert){
 	LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid());
 	LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization));
 
 	QSslConfiguration sslConfig = _qnr->sslConfiguration();
-    QList<QSslCertificate> caCerts = sslConfig.caCertificates();
-    caCerts.append(cert);
-    sslConfig.setCaCertificates(caCerts);
+    sslConfig.setLocalCertificate(cert);
     _qnr->setSslConfiguration(sslConfig);
+
 }
+
 //-------------------------------------------------------------------------------------------
 /**
  * This method generates the POST data body.
diff --git a/src/fbgui/fbgui.h b/src/fbgui/fbgui.h
index 57f4a34..4f60b12 100644
--- a/src/fbgui/fbgui.h
+++ b/src/fbgui/fbgui.h
@@ -81,6 +81,13 @@ private:
   void watchForTrigger();
   bool checkHost() const;
   void loadURL();
+
+  //test function to read and save CACertificates
+  QSslCertificate readCertificate(const QString&);
+
+  //Dump all Certificates in SSLConfiguration
+  void dumpCACertificates();
+
   QByteArray generatePOSTData();
 
   //----------------------------------
@@ -119,13 +126,16 @@ private slots:
   void loadURLDone(bool success);
 
   //SSL Error Handler for SSL Requests
-  void sslErrorHandler(QNetworkReply* reply, const QList<QSslError> & errlist);
+  void sslErrorHandler(QNetworkReply*, const QList<QSslError> &);
 
   //Error Handler for http Requests
-  void httpErrorHandler(QNetworkReply* reply);
+  void httpErrorHandler(QNetworkReply*);
+
+  //Sets CaCertificates in QSslConfiguration
+  void registerCACertificates(const QList<QSslCertificate> & );
 
-  //Sets CaCertificate in QSslConfiguration
-  void registerCACertificate(QSslCertificate& cert);
+  //Sets LocalCertificate in QSslConfiguration
+  void setLocalCertificate(QSslCertificate& cert);
 
   // shut off the system
   void performShutDown();