diff options
Diffstat (limited to 'src/fbgui/fbgui.cpp')
-rw-r--r-- | src/fbgui/fbgui.cpp | 115 |
1 files changed, 111 insertions, 4 deletions
diff --git a/src/fbgui/fbgui.cpp b/src/fbgui/fbgui.cpp index 7bf84e8..b4a8a13 100644 --- a/src/fbgui/fbgui.cpp +++ b/src/fbgui/fbgui.cpp @@ -24,7 +24,8 @@ int updateInterval = -1; QString fileToTriggerURL(""); QString serialLocation(""); QString sessionID(""); -//int debugMode = -1; +bool sslSupport; +//int debugMode=-1; //QString logFilePath(""); //------------------------------------------------------------------------------------------- @@ -52,6 +53,9 @@ void fbgui::init() { // start fbgui LOG4CXX_DEBUG(coreLogger, "Initializing fbgui..."); + if(sslSupport) + LOG4CXX_DEBUG(coreLogger, "SSL enabled."); + // initialize javascript interface JavascriptInterface* jsi = new JavascriptInterface( _webView->page()->mainFrame()); @@ -125,16 +129,50 @@ void fbgui::loadURL() { // Generate POST identification data needed by PBS. QByteArray postData = generatePOSTData(); - QNetworkRequest req(baseURL); + // Generate a Network Request Object + _qnr = new QNetworkRequest(baseURL); + + //Add OpenSLX Certificate to SSLConfiguration + QList<QSslCertificate> certList = QSslCertificate::fromPath(QLatin1String("/usr/lib/ssl/openslx/CA/certs/openslx-cert.pem")); + setCACertificates(certList); + + //Ignore the SelfSignedCertificateInChain-error for the OpenSLX-Certificate + QSslError error(QSslError::SelfSignedCertificateInChain, certList.at(0)); + _expectedSslErrors.append(error); + + //Add User Certificate to SSLConfiguration + QList<QSslCertificate> userCertList = QSslCertificate::fromPath(QLatin1String("/usr/lib/ssl/openslx/CA/certs/guest-cert.pem")); + setLocalCertificate(userCertList.at(0)); + + //Add User PrivateKey to SSLConfiguration + QFile keyFile("/usr/lib/ssl/openslx/CA/private/guest.pem"); + Q_ASSERT(keyFile.open(QIODevice::ReadOnly)); + QByteArray keyContent = keyFile.readAll(); + setPrivateKey(QSslKey(keyContent, QSsl::Rsa)); + + + + //Connect webViews NetworkAccessManager to SSLErrorHandler SLOT + QObject::connect(_webView->page()->networkAccessManager(), + SIGNAL(finished(QNetworkReply*)), + this, + SLOT(httpErrorHandler(QNetworkReply*))); + + //Connect webViews NetworkAccessManager to ErrorHandler SLOT + QObject::connect(_webView->page()->networkAccessManager(), + SIGNAL(sslErrors(QNetworkReply*, const QList<QSslError> & )), + this, + SLOT(sslErrorHandler(QNetworkReply*, const QList<QSslError> & ))); // show cursor again since user is about to interact. //QWSServer::instance()->setCursorVisible(true); //TODO: ?enabled in original - req.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded"); + _qnr->setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded"); QObject::connect(_webView, SIGNAL(loadFinished(bool)), this, SLOT(loadURLDone(bool))); - _webView->load(req, QNetworkAccessManager::PostOperation, postData); + _webView->load(*_qnr, QNetworkAccessManager::PostOperation, postData); } // TODO: error page if no host. } + void fbgui::loadURLDone(bool success) { // done contains the success of the loading: false / true if (!success) { @@ -145,6 +183,75 @@ void fbgui::loadURLDone(bool success) { LOG4CXX_DEBUG(coreLogger, "Loaded URL: " << _webView->url().toString()); } } + + +//Handles QNetworkReply SSL Errors +void fbgui::sslErrorHandler(QNetworkReply* reply, const QList<QSslError> & errlist) { + + foreach (QSslError err, errlist) + LOG4CXX_DEBUG(coreLogger, "SSL Error: " << err.error()); + +// QSslConfiguration replySslConf = reply->sslConfiguration(); +// foreach (QSslCertificate cert, replySslConf.peerCertificateChain()) +// LOG4CXX_DEBUG(coreLogger,"Cert info: \n" << cert.toPem()); + + reply->ignoreSslErrors(_expectedSslErrors); +} + +//Handles QNetworkReply Errors +void fbgui::httpErrorHandler(QNetworkReply* reply) { + if(reply->error() != QNetworkReply::NoError ) + LOG4CXX_DEBUG(coreLogger, "HTTP Error: " << reply->errorString()); +} + +//Dump all Certificates in SSLConfiguration +void fbgui::dumpCACertificates(){ + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + QList<QSslCertificate> caCerts = sslConfig.caCertificates(); + + foreach (QSslCertificate cert, caCerts){ + LOG4CXX_DEBUG(coreLogger,"Cert info: \n" << cert.toPem()); + } +} + +//Saves CACertificates to SslConfiguration +void fbgui::setCACertificates(const QList<QSslCertificate> & certificates){ + + foreach (QSslCertificate cert, certificates){ + LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid()); + LOG4CXX_DEBUG(coreLogger,"Cert Issuer: " << cert.issuerInfo(QSslCertificate::CommonName)); + LOG4CXX_DEBUG(coreLogger,"Cert Subject: " << cert.subjectInfo(QSslCertificate::CommonName)); + } + + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + + QList<QSslCertificate> caCerts = sslConfig.caCertificates(); + caCerts.append(certificates); + sslConfig.setCaCertificates(caCerts); + _qnr->setSslConfiguration(sslConfig); + +} + +//Saves User Certificate to SslConfiguration +void fbgui::setLocalCertificate(const QSslCertificate& cert){ + LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid()); + LOG4CXX_DEBUG(coreLogger,"Cert Issuer: " << cert.issuerInfo(QSslCertificate::CommonName)); + LOG4CXX_DEBUG(coreLogger,"Cert Subject: " << cert.subjectInfo(QSslCertificate::CommonName)); + + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + sslConfig.setLocalCertificate(cert); + _qnr->setSslConfiguration(sslConfig); +} + +//Saves PrivateKey to SslConfiguration +void fbgui::setPrivateKey(const QSslKey & key){ + LOG4CXX_DEBUG(coreLogger,"Is key valid: " << key.isNull()); + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + sslConfig.setPrivateKey(key); + _qnr->setSslConfiguration(sslConfig); +} + + //------------------------------------------------------------------------------------------- /** * This method generates the POST data body. |