Get the TCP server running with SSL encryption all the time now (TLS1.2)

src/server/SslServer.h

@@ -38,17 +38,17 @@ protected:
 	  qDebug() << "New Ssl Connection:";
 	  //setup any supported encruption types here
 	  serverSocket->setSslConfiguration(QSslConfiguration::defaultConfiguration());
-	  serverSocket->setProtocol(QSsl::SslV3); //no TLS support (all sorts of issues with that)
-	  //serverSocket->setPrivateKey();
-	  //serverSocket->setLocalCertificate();
-	  qDebug() << " - Supported Protocols:" << serverSocket->sslConfiguration().protocol();
+	  serverSocket->setProtocol(QSsl::TlsV1_2);
+	  serverSocket->setPrivateKey("/usr/local/etc/sysadm/restserver.key");
+	  serverSocket->setLocalCertificate("/usr/local/etc/sysadm/restserver.crt");
+	  //qDebug() << " - Supported Protocols:" << serverSocket->sslConfiguration().protocol();
 
 	  if (serverSocket->setSocketDescriptor(socketDescriptor)) {
 	    pendingConnections.enqueue(serverSocket);
 	    //connect(serverSocket, SIGNAL(encrypted()), this, SLOT(ready()));
-	    qDebug() << " - Starting Server Encryption Handshake";
-            serverSocket->startServerEncryption();
-	  } else {
+	    //qDebug() << " - Starting Server Encryption Handshake";
+            //serverSocket->startServerEncryption();
+	  }else{
             delete serverSocket;
 	  }		
 	}

src/server/WebSocket.cpp

@@ -40,6 +40,12 @@ WebSocket::WebSocket(QSslSocket *sock, QString ID, AuthorizationManager *auth){
   connect(idletimer, SIGNAL(timeout()), this, SLOT(checkIdle()) );
   connect(TSOCKET, SIGNAL(readyRead()), this, SLOT(EvaluateTcpMessage()) );
   connect(TSOCKET, SIGNAL(aboutToClose()), this, SLOT(SocketClosing()) );
+  connect(TSOCKET, SIGNAL(encrypted()), this, SLOT(nowEncrypted()) );
+  connect(TSOCKET, SIGNAL(peerVerifyError(const QSslError &)), this, SLOT(peerError(const QSslError &)) );
+  connect(TSOCKET, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(SslError(const QList<QSslError> &)) );
+  qDebug() << " - Starting Server Encryption Handshake";
+   TSOCKET->startServerEncryption();
+  //qDebug() << " - Socket Encrypted:" << TSOCKET->isEncrypted();
   idletimer->start();
 }
 
@@ -68,6 +74,7 @@ void WebSocket::setLastDispatch(QString msg){
 //             PRIVATE
 //=======================
 void WebSocket::sendReply(QString msg){
+  qDebug() << "Sending Socket Reply";
  if(SOCKET!=0){ SOCKET->sendTextMessage(msg); } //Websocket connection
  else if(TSOCKET!=0){ 
     //TCP Socket connection
@@ -223,8 +230,6 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
   }
   //Return any information
   this->sendReply(out.assembleMessage());
-  /*if(SOCKET!=0){ SOCKET->sendTextMessage(out.assembleMessage()); }
-  else if(TSOCKET!=0){ TSOCKET->write(out.assembleMessage().toUtf8().data()); }*/
 }
 
 // === GENERAL PURPOSE UTILITY FUNCTIONS ===
@@ -316,6 +321,20 @@ void WebSocket::EvaluateTcpMessage(){
   qDebug() << " - Done with TCP Message";	
 }
 
+//SSL signal handling
+void WebSocket::nowEncrypted(){
+  //the socket/connection is now encrypted
+  qDebug() << "Socket now connected";
+}
+
+void WebSocket::peerError(const QSslError&){ //peerVerifyError() signal
+  qDebug() << "Peer Error:";
+}
+
+void WebSocket::SslError(const QList<QSslError> &err){ //sslErrors() signal
+  qDebug() << "SSL Errors:" << err.length();
+}
+
 // ======================
 //       PUBLIC SLOTS
 // ======================

src/server/WebSocket.h

@@ -8,6 +8,7 @@
 
 #include <QWebSocket>
 #include <QSslSocket>
+#include <QSslError>
 #include <QList>
 #include <QObject>
 #include <QJsonDocument>
@@ -68,6 +69,11 @@ private slots:
 	void EvaluateMessage(const QString&);
 	void EvaluateTcpMessage();
 
+	//SSL signal handling
+	void nowEncrypted(); //the socket/connection is now encrypted
+	void peerError(const QSslError&); //peerVerifyError() signal
+	void SslError(const QList<QSslError>&); //sslErrors() signal
+	
 public slots:
 	void AppCafeStatusUpdate(QString msg = "");