From 47ddcf0d11f626e8a6fe6d3142bd38f9c129ef8b Mon Sep 17 00:00:00 2001
From: deva <deva>
Date: Wed, 4 Nov 2009 10:01:23 +0000
Subject: Prepare for SSL encrypted connection (https).

---
 client/netcom.cc     | 34 +++++++++++++++++++++++++++++++++-
 client/netcom.h      |  5 +++++
 server/src/server.cc | 49 +++++++++++++++++++++++++++++++++++++++++++++++--
 3 files changed, 85 insertions(+), 3 deletions(-)

diff --git a/client/netcom.cc b/client/netcom.cc
index 6150227..5cbcd22 100644
--- a/client/netcom.cc
+++ b/client/netcom.cc
@@ -26,6 +26,8 @@
  */
 #include "netcom.h"
 
+#include <QtNetwork>
+
 #include <QApplication>
 #include <QByteArray>
 
@@ -33,13 +35,31 @@
 
 #include "widgets/widget.h"
 
+#ifdef USE_SSL
+#include <QMessageBox>
+#include <QList>
+#include <QSslError>
+#include <QSslSocket>
+
+#ifdef QT_NO_OPENSSL
+#error "QT not compiled with SSL support."
+#endif
+#endif
+
 NetCom::NetCom(QString host, quint16 port, QString user, QString cpr)
 {
   this->user = user;
   this->cpr = cpr;
 
   connect(&http, SIGNAL(done(bool)), this, SLOT(done(bool)));
-  http.setHost(host, port);
+
+#ifdef USE_SSL
+  connect(&http, SIGNAL(sslErrors(const QList<QSslError> &)),
+          this, SLOT(sslError(const QList<QSslError> &)));
+  http.setHost(host, QHttp::ConnectionModeHttps, port);
+#else
+  http.setHost(host, QHttp::ConnectionModeHttp, port);
+#endif
   
   transfering = false;
 }
@@ -146,3 +166,15 @@ void NetCom::done(bool)
   buffer = http.readAll();
   transfering = false;
 }
+
+#ifdef USE_SSL
+void NetCom::sslError(const QList<QSslError> &errlst)
+{
+  QList<QSslError>::const_iterator i = errlst.begin();
+  while(i != errlst.end()) {
+    QMessageBox::warning(qApp->activeWindow(), "SSL Error", i->errorString());
+    i++;
+  }
+  http.ignoreSslErrors();
+}
+#endif
diff --git a/client/netcom.h b/client/netcom.h
index e11509b..c40f85c 100644
--- a/client/netcom.h
+++ b/client/netcom.h
@@ -33,6 +33,8 @@
 #include <QDomDocument>
 #include <QHttp>
 
+//#define USE_SSL
+
 //#include "widgets/widget.h"
 class Widget;
 
@@ -47,6 +49,9 @@ public:
 
 public slots:
   void done(bool);
+#ifdef USE_SSL
+  void sslError(const QList<QSslError> &errlst);
+#endif
 
 private:
   volatile bool transfering;
diff --git a/server/src/server.cc b/server/src/server.cc
index 9d3caba..a94cca3 100644
--- a/server/src/server.cc
+++ b/server/src/server.cc
@@ -355,6 +355,44 @@ static int handle_request(void *cls,
   return ret;
 }
 
+static void httpderr(void *arg, const char *fmt, va_list ap)
+{
+  PRACRO_ERR_VA(server, fmt, ap);
+}
+
+#define CERT "\
+-----BEGIN CERTIFICATE-----\n\
+MIICFTCCAX6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBVMRswGQYDVQQKExJBcGFj\n\
+aGUgSFRUUCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciB0ZXN0aW5nIHB1cnBvc2VzIG9u\n\
+bHkxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0wNzA2MjEwODE4MzZaFw0wODA2MjAw\n\
+ODE4MzZaMEwxGzAZBgNVBAoTEkFwYWNoZSBIVFRQIFNlcnZlcjEZMBcGA1UECxMQ\n\
+VGVzdCBDZXJ0aWZpY2F0ZTESMBAGA1UEAxMJbG9jYWxob3N0MIGfMA0GCSqGSIb3\n\
+DQEBAQUAA4GNADCBiQKBgQDWTACKSoxd5cL06w7RtPIhFqY1l3UE/aRGmPmh8gEo\n\
+w3zNf+gWxco2yjQgBTQhGww1ybOsAUtXPIsUOSFAGvPUKJZf8ibZMiJEzl2919uz\n\
+IcV9+cUm7k3jFPQx4ALQEalbV++o/lfT5lhgsSiH1t1eln2omVrGCjI/1HeYrw7X\n\
+owIDAQABMA0GCSqGSIb3DQEBBQUAA4GBALVFzprK6rYkWVZZZwq85w2lCYJpEl9a\n\
+66IMzIwNNRfyZMoc9D9PSwsXKYfYOg1RpMt7RhWT/bpggGlsFqctsAgJSv8Ol5Cz\n\
+DqTXhpV+8WOG6l4xDYZz3U3ajiu2jth2+aaMuWKy9Wkr8bzHGDufltToLalucne2\n\
+npM7yCJ83Ana\n\
+-----END CERTIFICATE-----"
+
+#define KEY "\
+-----BEGIN RSA PRIVATE KEY-----\n\
+MIICXAIBAAKBgQDWTACKSoxd5cL06w7RtPIhFqY1l3UE/aRGmPmh8gEow3zNf+gW\n\
+xco2yjQgBTQhGww1ybOsAUtXPIsUOSFAGvPUKJZf8ibZMiJEzl2919uzIcV9+cUm\n\
+7k3jFPQx4ALQEalbV++o/lfT5lhgsSiH1t1eln2omVrGCjI/1HeYrw7XowIDAQAB\n\
+AoGANUXHjJljs6P+hyw4DuHQn3El+ISiTo9PW02EIUIsD5opWFzHsYGR93Tk6GDi\n\
+yKgUrPprdAMOW61tVaWuImWQ32R2xyrJogjGYo9XE2xAej9N37jM0AGBtn/vd4Dr\n\
+LsYfpjNaM3gqIChD73iYfO+CrNbdLqTxIdG53g/u05GJ4cECQQD0vMm5+a8N82Jb\n\
+oHJgE2jb83WqaYBHe0O03ujtiq3+hPZHoVV3iJWmA/aMlgdtunkJT3PdEsVfQNkH\n\
+fvzR9JhbAkEA4CiZRk5Gcz7cEqyogDTMQYtmrE8hbgofISLuz1rpTEzd8hFAcerU\n\
+nuwFIT3go3hO7oIHMlKU1H5iT1BsFvegWQJBAOSa6A+5A+STIKAX+l52Iu+5tYKN\n\
+885RfMgZpBgm/yoMxwPX1r7GLYsajpV5mszLbz3cIo0xeH3mVBOlccEoqZsCQECP\n\
+8PWq/eebp09Jo46pplsKh5wBfqNvDuBAa4AVszRiv1pFVcZ52JudZyzX4aezsyhH\n\
+E0OPPYamkDI/+6Hx2KECQHF9xV1XatyXuFmfRAInK2BtfGY5UIvJaLxVD3Z1+i6q\n\
+/enz7/wUwvC6G4FSWNMYgAYJOfwZ3BerdkqcRNxyR/Q=\n\
+-----END RSA PRIVATE KEY-----"
+
 extern bool pracro_is_running;
 void server()
 {
@@ -363,16 +401,23 @@ void server()
   PRACRO_DEBUG(server, "Server running on port %d.\n", port);
 
   struct MHD_Daemon *d;
-  d = MHD_start_daemon(MHD_USE_DEBUG |  MHD_USE_SELECT_INTERNALLY,
+  d = MHD_start_daemon(MHD_USE_DEBUG |  MHD_USE_SELECT_INTERNALLY, // | MHD_USE_SSL,
                        port,
                        NULL, NULL,
                        handle_request, NULL,
                        MHD_OPTION_NOTIFY_COMPLETED, NULL, NULL,
                        // MHD_OPTION_CONNECTION_LIMIT, 42,
+                       MHD_OPTION_HTTPS_MEM_KEY, KEY,
+                       MHD_OPTION_HTTPS_MEM_CERT, CERT,
                        MHD_OPTION_CONNECTION_TIMEOUT, 0,
-                       MHD_OPTION_EXTERNAL_LOGGER, NULL, NULL,
+                       MHD_OPTION_EXTERNAL_LOGGER, httpderr, NULL,
                        MHD_OPTION_END);
 
+  if(!d) {
+    PRACRO_ERR(server, "Failed to initialise MHD_start_daemon!\n");
+    return;
+  }
+
   while(pracro_is_running) sleep(1);
 
   MHD_stop_daemon(d);
-- 
cgit v1.2.3