From 1a5709501f94014d41987b956338bb6424b9f90c Mon Sep 17 00:00:00 2001
From: sr
Date: Mon, 4 Feb 2013 19:50:31 +0100
Subject: Initial commit

---
 src/server/net/certmanager.cpp | 92 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 92 insertions(+)
 create mode 100644 src/server/net/certmanager.cpp

(limited to 'src/server/net/certmanager.cpp')

diff --git a/src/server/net/certmanager.cpp b/src/server/net/certmanager.cpp
new file mode 100644
index 0000000..e661a70
--- /dev/null
+++ b/src/server/net/certmanager.cpp
@@ -0,0 +1,92 @@
+/*
+ # Copyright (c) 2009 - OpenSLX Project, Computer Center University of Freiburg
+ #
+ # This program is free software distributed under the GPL version 2.
+ # See http://openslx.org/COPYING
+ #
+ # If you have any feedback please consult http://openslx.org/feedback and
+ # send your suggestions, praise, or complaints to feedback@openslx.org
+ #
+ # General information about OpenSLX can be found at http://openslx.org/
+ # -----------------------------------------------------------------------------
+ # src/util/CertManager.cpp
+ #    - Manage SSL certificates
+ #    - provide access by name
+ # -----------------------------------------------------------------------------
+ */
+
+#include "certmanager.h"
+#include "../util/util.h"
+#include <QMap>
+#include <QFileInfo>
+#include <QSettings>
+#include <cstdlib>
+
+namespace CertManager
+{
+static QMap<QString, QSslCertificate> _certs;
+static QMap<QString, QSslKey> _keys;
+
+static void generateFiles(QString& key, QString& cert);
+static bool loadFiles(QString& keyFile, QString& certFile, QSslKey &key, QSslCertificate &cert);
+
+bool getPrivateKeyAndCert(const QString &name, QSslKey &key, QSslCertificate &cert)
+{
+	if (_keys.contains(name))
+	{
+		key = _keys[name];
+		cert = _certs[name];
+		return true;
+	}
+	USER_SETTINGS(settings);
+	QString certFile = settings.fileName().append(".").append(name);
+	QString keyFile = certFile;
+	keyFile.append(".rsa");
+	certFile.append(".crt");
+	//
+	if (!loadFiles(keyFile, certFile, key, cert))
+	{
+		generateFiles(keyFile, certFile);
+		if (!loadFiles(keyFile, certFile, key, cert))
+			return false;
+	}
+	_certs.insert(name, cert);
+	_keys.insert(name, key);
+	return true;
+}
+
+static bool loadFiles(QString& keyFile, QString& certFile, QSslKey &key, QSslCertificate &cert)
+{
+	QFileInfo keyInfo(keyFile);
+	QFileInfo certInfo(certFile);
+	if (keyInfo.exists() && certInfo.exists())
+	{   // Both files exist, see if they're valid and return
+		QFile kf(keyFile);
+		kf.open(QFile::ReadOnly);
+		key = QSslKey(&kf, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey);
+		QList<QSslCertificate> certlist = QSslCertificate::fromPath(certFile);
+		if (!key.isNull() && !certlist.empty())
+		{
+			cert = certlist.first();
+			if (!cert.isNull())
+			{
+				return true;
+			}
+		}
+	}
+	return false;
+}
+
+static void generateFiles(QString& key, QString& cert)
+{
+	char tmp[1000];
+	unlink(key.toLocal8Bit().data());
+	unlink(cert.toLocal8Bit().data());
+	snprintf(tmp, 1000,
+	   "openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -subj '/C=DE/ST=BaWue/L=Freiburg/CN=openslx.org' -keyout \"%s\" -out \"%s\"",
+	   key.toLocal8Bit().data(), cert.toLocal8Bit().data());
+	system(tmp);
+	snprintf(tmp, 1000, "chmod 0600 \"%s\" \"%s\"", key.toLocal8Bit().data(), cert.toLocal8Bit().data());
+	system(tmp);
+}
+}
-- 
cgit v1.2.3-55-g7522