/* # Copyright (c) 2009 - OpenSLX Project, Computer Center University of Freiburg # # This program is free software distributed under the GPL version 2. # See http://openslx.org/COPYING # # If you have any feedback please consult http://openslx.org/feedback and # send your suggestions, praise, or complaints to feedback@openslx.org # # General information about OpenSLX can be found at http://openslx.org/ # ----------------------------------------------------------------------------- # src/net/SslServer.cpp # - provide QTcpServer-like behaviour for SSL # ----------------------------------------------------------------------------- */ #include "SslServer.h" #include #include #include "src/util/CertManager.h" SslServer::SslServer() { _tmr = startTimer(7000); //QSslSocket::setDefaultCiphers(QSslSocket::supportedCiphers()); } SslServer::~SslServer() { killTimer((_tmr)); } void SslServer::incomingConnection(int socketDescriptor) { QSslSocket *serverSocket = new QSslSocket(this); connect(serverSocket, SIGNAL(sslErrors(const QList &)), this, SLOT(sslErrors(const QList &)) ); serverSocket->setPrivateKey(CertManager::getPrivateKey("manager")); serverSocket->setLocalCertificate(CertManager::getCertificate("manager")); serverSocket->setPeerVerifyMode(QSslSocket::VerifyNone); serverSocket->setProtocol(QSsl::SslV3); //printf("Keylen %d\n", serverSocket->privateKey().length()); if (serverSocket->setSocketDescriptor(socketDescriptor)) { // Once the connection is successfully encrypted, raise out newConnection event connect(serverSocket, SIGNAL(encrypted()), this, SIGNAL(newConnection())); serverSocket->startServerEncryption(); _pending.push_back(serverSocket); } else { delete serverSocket; } } void SslServer :: sslErrors ( const QList & errors ) { qDebug("FIXME: SSL ERRORS on SERVER: %s", qPrintable(errors.begin()->errorString())); } void SslServer::timerEvent (QTimerEvent* event) { // Remove all sockets marked for deletion for (QList::iterator it = _delete.begin(); it != _delete.end(); it++) { (*it)->deleteLater(); } _delete.clear(); // Mark all sockets for deletion where the ssl handshake did not happen after connecting /* bool flag; do { flag = false; for (QList::iterator it = _pending.begin(); it != _pending.end(); it++) { if ((*it)->state() != QAbstractSocket::ConnectedState || !(*it)->isEncrypted()) { _delete.push_back(*it); _pending.removeAll(*it); flag = true; break; } } } while (flag); */ _delete.append(_pending); _pending.clear(); } bool SslServer::hasPendingConnections() { for (QList::iterator it = _pending.begin(); it != _pending.end(); it++) { qDebug("State: %d - Encrypted: %d", (int)(*it)->state(), (*it)->isEncrypted()); if ((*it)->state() == QAbstractSocket::ConnectedState && (*it)->isEncrypted()) return true; } return false; } QTcpSocket* SslServer::nextPendingConnection() { for (QList::iterator it = _pending.begin(); it != _pending.end(); it++) { if ((*it)->state() == QAbstractSocket::ConnectedState && (*it)->isEncrypted()) { _pending.removeAll(*it); _delete.removeAll(*it); return *it; } } for (QList::iterator it = _delete.begin(); it != _delete.end(); it++) { if ((*it)->state() == QAbstractSocket::ConnectedState && (*it)->isEncrypted()) { _pending.removeAll(*it); _delete.removeAll(*it); return *it; } } return NULL; }