From 8d44be1d750173a944ab9bf982f88a64b49e374a Mon Sep 17 00:00:00 2001 From: Michael Neves Date: Thu, 2 Feb 2012 14:45:08 +0100 Subject: setLocalCertificate, readCertificate and dumpCertificate added --- src/fbgui/fbgui.cpp | 70 +++++++++++++++++++++++++++++++++++++++++++---------- src/fbgui/fbgui.h | 18 +++++++++++--- 2 files changed, 71 insertions(+), 17 deletions(-) diff --git a/src/fbgui/fbgui.cpp b/src/fbgui/fbgui.cpp index 9c9efcd..37913b7 100644 --- a/src/fbgui/fbgui.cpp +++ b/src/fbgui/fbgui.cpp @@ -94,11 +94,11 @@ void fbgui::init() { dmThread.start(); // show "waiting for internet" page until triggered. - if (debugMode > -1) { - _webView->load(QUrl("qrc:/html/preload-debug.html")); - } else { - _webView->load(QUrl("qrc:/html/preload.html")); - } +// if (debugMode > -1) { +// _webView->load(QUrl("qrc:/html/preload-debug.html")); +// } else { +// _webView->load(QUrl("qrc:/html/preload.html")); +// } // watcher is not needed anymore since we guarantee internet connection with the networkDiscovery. // start watching for fileToTriggerURL @@ -245,11 +245,15 @@ void fbgui::loadURL() { QByteArray postData = generatePOSTData(); _qnr = new QNetworkRequest(baseURL); + QList certList; + certList.append(readCertificate("/usr/lib/ssl/openslx/CA/certs/openslx-cert.pem")); + registerCACertificates(certList); + //Connect webViews NetworkAccessManager to SSLErrorHandler SLOT QObject::connect(_webView->page()->networkAccessManager(), SIGNAL(finished(QNetworkReply*)), this, - SLOT(errorHandler(QNetworkReply*))); + SLOT(httpErrorHandler(QNetworkReply*))); //Connect webViews NetworkAccessManager to ErrorHandler SLOT QObject::connect(_webView->page()->networkAccessManager(), @@ -274,6 +278,7 @@ void fbgui::loadURLDone(bool success) { // TODO handle failure properly... } else { LOG4CXX_DEBUG(coreLogger, "Loaded URL: " << _webView->url().toString()); + //dumpCACertificates(); } } @@ -284,25 +289,64 @@ void fbgui::sslErrorHandler(QNetworkReply* reply, const QList & errli foreach (QSslError err, errlist) LOG4CXX_DEBUG(coreLogger, "SSL Error: " << err.errorString()); - reply->ignoreSslErrors(); + //reply->ignoreSslErrors(); } //Handles QNetworkReply Errors void fbgui::httpErrorHandler(QNetworkReply* reply) { - LOG4CXX_DEBUG(coreLogger, "HTTP Error: " << reply->attribute(QNetworkRequest::HttpReasonPhraseAttribute).toString()); + if(reply->error() != QNetworkReply::NoError ) + LOG4CXX_DEBUG(coreLogger, "HTTP Error: " << reply->errorString()); +} + +//test function to read Certificates +QSslCertificate fbgui::readCertificate(const QString& fileName){ + QFile certFile(fileName); + Q_ASSERT(certFile.open(QIODevice::ReadOnly)); + QByteArray certContent = certFile.readAll(); + LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << certContent); + QSslCertificate cert(certContent, QSsl::Pem); + return cert; +} + +//Dump all Certificates in SSLConfiguration +void fbgui::dumpCACertificates(){ + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + QList caCerts = sslConfig.caCertificates(); + + foreach (QSslCertificate cert, caCerts){ + LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid()); + LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization)); + } +} + +//Saves CACertificates to SslConfiguration +void fbgui::registerCACertificates(const QList & certificates){ + + foreach (QSslCertificate cert, certificates){ + LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid()); + LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization)); + } + + QSslConfiguration sslConfig = _qnr->sslConfiguration(); + + QList caCerts = sslConfig.caCertificates(); + caCerts.append(certificates); + sslConfig.setCaCertificates(caCerts); + _qnr->setSslConfiguration(sslConfig); + } -//Saves Certificates to SslConfiguration -void fbgui::registerCACertificate(QSslCertificate& cert){ +//Saves PrivateKey to SslConfiguration +void fbgui::setLocalCertificate(QSslCertificate& cert){ LOG4CXX_DEBUG(coreLogger,"Is cert valid: " << cert.isValid()); LOG4CXX_DEBUG(coreLogger,"Cert info: " << cert.issuerInfo(QSslCertificate::Organization)); QSslConfiguration sslConfig = _qnr->sslConfiguration(); - QList caCerts = sslConfig.caCertificates(); - caCerts.append(cert); - sslConfig.setCaCertificates(caCerts); + sslConfig.setLocalCertificate(cert); _qnr->setSslConfiguration(sslConfig); + } + //------------------------------------------------------------------------------------------- /** * This method generates the POST data body. diff --git a/src/fbgui/fbgui.h b/src/fbgui/fbgui.h index 57f4a34..4f60b12 100644 --- a/src/fbgui/fbgui.h +++ b/src/fbgui/fbgui.h @@ -81,6 +81,13 @@ private: void watchForTrigger(); bool checkHost() const; void loadURL(); + + //test function to read and save CACertificates + QSslCertificate readCertificate(const QString&); + + //Dump all Certificates in SSLConfiguration + void dumpCACertificates(); + QByteArray generatePOSTData(); //---------------------------------- @@ -119,13 +126,16 @@ private slots: void loadURLDone(bool success); //SSL Error Handler for SSL Requests - void sslErrorHandler(QNetworkReply* reply, const QList & errlist); + void sslErrorHandler(QNetworkReply*, const QList &); //Error Handler for http Requests - void httpErrorHandler(QNetworkReply* reply); + void httpErrorHandler(QNetworkReply*); + + //Sets CaCertificates in QSslConfiguration + void registerCACertificates(const QList & ); - //Sets CaCertificate in QSslConfiguration - void registerCACertificate(QSslCertificate& cert); + //Sets LocalCertificate in QSslConfiguration + void setLocalCertificate(QSslCertificate& cert); // shut off the system void performShutDown(); -- cgit v1.2.3-55-g7522