Commit some more work on on updating the websocket server to use wss.

2026-01-27 10:20:26 +00:00 · 2016-01-08 14:01:49 -05:00
parent 38321421c4
commit 262ddb637d
2 changed files with 29 additions and 10 deletions
--- a/src/server/WebServer.cpp
+++ b/src/server/WebServer.cpp
@@ -10,6 +10,8 @@
 #include <QFile>
 #include <QTextStream>
 #include <QProcess>
+#include <QSslKey>
+#include <QSslCertificate>

 #define DEBUG 0

@@ -38,6 +40,11 @@ WebServer::~WebServer(){
 }

 bool WebServer::startServer(quint16 port, bool websocket){
+  if(!QSslSocket::supportsSsl()){ qDebug() << "No SSL Support on this system!!!"; return false; }
+  else{
+    qDebug() << "Using SSL Library:";
+    qDebug() << " - Version:" << QSslSocket::sslLibraryVersionString();
+  }
  bool ok = false;
  if(websocket){ ok	= setupWebSocket(port); }
  else{ ok = setupTcp(port); }
@@ -69,9 +76,26 @@ void WebServer::stopServer(){
 //===================
 bool WebServer::setupWebSocket(quint16 port){
  WSServer = new QWebSocketServer("sysadm-server", QWebSocketServer::SecureMode, this);
+  //SSL Configuration
  QSslConfiguration config = QSslConfiguration::defaultConfiguration();
-	//config.setLocalCertificate( QSslCertificate() );
-	//config.setPrivateKey( QSslKey() );
+	QFile CF("/usr/local/etc/wsserver.crt"); 
+	  if(CF.open(QIODevice::ReadOnly) ){
+	    QSslCertificate CERT(&CF,QSsl::Pem);
+	    config.setLocalCertificate( CERT );
+	    CF.close();   
+	  }else{
+	    qWarning() << "Could not read WS certificate file:" << CF.fileName();
+	  }
+	QFile KF("/usr/local/etc/wsserver.key");
+	  if(KF.open(QIODevice::ReadOnly) ){
+	    QSslKey KEY(&KF, QSsl::Rsa, QSsl::Pem);
+	    config.setPrivateKey( KEY );
+	    KF.close();	
+	  }else{
+	    qWarning() << "Could not read WS key file:" << KF.fileName();
+	  }
+	config.setPeerVerifyMode(QSslSocket::VerifyNone);
+	config.setProtocol(QSsl::TlsV1_2);
  WSServer->setSslConfiguration(config);
  //Setup Connections
  connect(WSServer, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) );
@@ -87,11 +111,6 @@ bool WebServer::setupWebSocket(quint16 port){
 }

 bool WebServer::setupTcp(quint16 port){
-  if(!QSslSocket::supportsSsl()){ qDebug() << "No SSL Support on this system!!!"; return false; }
-  else{
-    qDebug() << "Using SSL Library:";
-    qDebug() << " - Version:" << QSslSocket::sslLibraryVersionString();
-  }
  TCPServer = new SslServer(this);
  //Setup Connections
  connect(TCPServer, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) );
--- a/src/server/WebSocket.cpp
+++ b/src/server/WebSocket.cpp
@@ -324,15 +324,15 @@ void WebSocket::EvaluateTcpMessage(){
 //SSL signal handling
 void WebSocket::nowEncrypted(){
  //the socket/connection is now encrypted
-  qDebug() << "Socket now connected";
+  qDebug() << " - Socket now encrypted";
 }

 void WebSocket::peerError(const QSslError&){ //peerVerifyError() signal
-  qDebug() << "Peer Error:";
+  qDebug() << "Socket Peer Error:";
 }

 void WebSocket::SslError(const QList<QSslError> &err){ //sslErrors() signal
-  qDebug() << "SSL Errors:" << err.length();
+  qDebug() << "Socket SSL Errors:" << err.length();
 }

 // ======================