Make the SSL settings for the servers appear as defined within globals-qt.h. This makes it easy to change key/cert files or SSL versions later on for both types of server simultaneously.

2026-01-27 10:20:26 +00:00 · 2016-01-21 07:49:47 -05:00
parent 155026aab1
commit 7d6ea3ff11
3 changed files with 15 additions and 12 deletions
--- a/src/server/SslServer.h
+++ b/src/server/SslServer.h
@@ -8,12 +8,7 @@
 #ifndef _PCBSD_REST_WEB_SSL_SERVER_H
 #define _PCBSD_REST_WEB_SSL_SERVER_H

-#include <QTcpServer>
-#include <QSslSocket>
-#include <QTcpSocket>
-#include <QQueue>
-#include <QSslConfiguration>
-#include <QDebug>
+#include "globals-qt.h"

 class SslServer : public QTcpServer{
 	Q_OBJECT
@@ -38,9 +33,9 @@ protected:
 	  qDebug() << "New Ssl Connection:";
 	  //setup any supported encruption types here
 	  serverSocket->setSslConfiguration(QSslConfiguration::defaultConfiguration());
-	  serverSocket->setProtocol(QSsl::TlsV1_2);
-	  serverSocket->setPrivateKey("/usr/local/etc/sysadm/restserver.key");
-	  serverSocket->setLocalCertificate("/usr/local/etc/sysadm/restserver.crt");
+	  serverSocket->setProtocol(SSLVERSION);
+	  serverSocket->setPrivateKey(SSLKEYFILE);
+	  serverSocket->setLocalCertificate(SSLCERTFILE);
 	  //qDebug() << " - Supported Protocols:" << serverSocket->sslConfiguration().protocol();

 	  if (serverSocket->setSocketDescriptor(socketDescriptor)) {
--- a/src/server/WebServer.cpp
+++ b/src/server/WebServer.cpp
@@ -55,7 +55,7 @@ bool WebServer::setupWebSocket(quint16 port){
  WSServer = new QWebSocketServer("sysadm-server", QWebSocketServer::SecureMode, this);
  //SSL Configuration
  QSslConfiguration config = QSslConfiguration::defaultConfiguration();
-	QFile CF( QStringLiteral("/usr/local/etc/sysadm/wsserver.crt") ); 
+	QFile CF( QStringLiteral(SSLCERTFILE) ); 
 	  if(CF.open(QIODevice::ReadOnly) ){
 	    QSslCertificate CERT(&CF,QSsl::Pem);
 	    config.setLocalCertificate( CERT );
@@ -63,7 +63,7 @@ bool WebServer::setupWebSocket(quint16 port){
 	  }else{
 	    qWarning() << "Could not read WS certificate file:" << CF.fileName();
 	  }
-	QFile KF( QStringLiteral("/usr/local/etc/sysadm/wsserver.key"));
+	QFile KF( QStringLiteral(SSLKEYFILE));
 	  if(KF.open(QIODevice::ReadOnly) ){
 	    QSslKey KEY(&KF, QSsl::Rsa, QSsl::Pem);
 	    config.setPrivateKey( KEY );
@@ -72,7 +72,7 @@ bool WebServer::setupWebSocket(quint16 port){
 	    qWarning() << "Could not read WS key file:" << KF.fileName();
 	  }
 	config.setPeerVerifyMode(QSslSocket::VerifyNone);
-	config.setProtocol(QSsl::TlsV1_0);
+	config.setProtocol(SSLVERSION);
  WSServer->setSslConfiguration(config);
  //Setup Connections
  connect(WSServer, SIGNAL(newConnection()), this, SLOT(NewSocketConnection()) );
--- a/src/server/globals-qt.h
+++ b/src/server/globals-qt.h
@@ -25,16 +25,20 @@
 #include <QSslKey>
 #include <QSslCertificate>
 #include <QSslError>
+#include <QSslConfiguration>

 #include <QWebSocketServer>
 #include <QWebSocketCorsAuthenticator>
 #include <QWebSocket>
 #include <QTcpServer>
 #include <QSslSocket>
+#include <QTcpSocket>

 #include <QThread>
 #include <QFileSystemWatcher>
+#include <QQueue>

+#include <QDebug>
 #include <QList>
 #include <QHash>
 #include <QObject>
@@ -42,6 +46,10 @@
 #include <QDebug>
 #include <QtDebug>

+#define SSLVERSION QSsl::TlsV1_0
+#define SSLCERTFILE "/usr/local/etc/sysadm/restserver.crt"
+#define SSLKEYFILE "/usr/local/etc/sysadm/restserver.key"
+
 inline QString DisplayPriority(int pri){
  //ensure bounds
  if(pri<0){ pri = 0; }