diff --git a/src/server/SslServer.h b/src/server/SslServer.h index 57ac7cd..fbe5917 100644 --- a/src/server/SslServer.h +++ b/src/server/SslServer.h @@ -38,17 +38,17 @@ protected: qDebug() << "New Ssl Connection:"; //setup any supported encruption types here serverSocket->setSslConfiguration(QSslConfiguration::defaultConfiguration()); - serverSocket->setProtocol(QSsl::SslV3); //no TLS support (all sorts of issues with that) - //serverSocket->setPrivateKey(); - //serverSocket->setLocalCertificate(); - qDebug() << " - Supported Protocols:" << serverSocket->sslConfiguration().protocol(); + serverSocket->setProtocol(QSsl::TlsV1_2); + serverSocket->setPrivateKey("/usr/local/etc/sysadm/restserver.key"); + serverSocket->setLocalCertificate("/usr/local/etc/sysadm/restserver.crt"); + //qDebug() << " - Supported Protocols:" << serverSocket->sslConfiguration().protocol(); if (serverSocket->setSocketDescriptor(socketDescriptor)) { pendingConnections.enqueue(serverSocket); //connect(serverSocket, SIGNAL(encrypted()), this, SLOT(ready())); - qDebug() << " - Starting Server Encryption Handshake"; - serverSocket->startServerEncryption(); - } else { + //qDebug() << " - Starting Server Encryption Handshake"; + //serverSocket->startServerEncryption(); + }else{ delete serverSocket; } } diff --git a/src/server/WebSocket.cpp b/src/server/WebSocket.cpp index fcab1d3..707f21b 100644 --- a/src/server/WebSocket.cpp +++ b/src/server/WebSocket.cpp @@ -40,6 +40,12 @@ WebSocket::WebSocket(QSslSocket *sock, QString ID, AuthorizationManager *auth){ connect(idletimer, SIGNAL(timeout()), this, SLOT(checkIdle()) ); connect(TSOCKET, SIGNAL(readyRead()), this, SLOT(EvaluateTcpMessage()) ); connect(TSOCKET, SIGNAL(aboutToClose()), this, SLOT(SocketClosing()) ); + connect(TSOCKET, SIGNAL(encrypted()), this, SLOT(nowEncrypted()) ); + connect(TSOCKET, SIGNAL(peerVerifyError(const QSslError &)), this, SLOT(peerError(const QSslError &)) ); + connect(TSOCKET, SIGNAL(sslErrors(const QList &)), this, SLOT(SslError(const QList &)) ); + qDebug() << " - Starting Server Encryption Handshake"; + TSOCKET->startServerEncryption(); + //qDebug() << " - Socket Encrypted:" << TSOCKET->isEncrypted(); idletimer->start(); } @@ -68,6 +74,7 @@ void WebSocket::setLastDispatch(QString msg){ // PRIVATE //======================= void WebSocket::sendReply(QString msg){ + qDebug() << "Sending Socket Reply"; if(SOCKET!=0){ SOCKET->sendTextMessage(msg); } //Websocket connection else if(TSOCKET!=0){ //TCP Socket connection @@ -223,8 +230,6 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){ } //Return any information this->sendReply(out.assembleMessage()); - /*if(SOCKET!=0){ SOCKET->sendTextMessage(out.assembleMessage()); } - else if(TSOCKET!=0){ TSOCKET->write(out.assembleMessage().toUtf8().data()); }*/ } // === GENERAL PURPOSE UTILITY FUNCTIONS === @@ -316,6 +321,20 @@ void WebSocket::EvaluateTcpMessage(){ qDebug() << " - Done with TCP Message"; } +//SSL signal handling +void WebSocket::nowEncrypted(){ + //the socket/connection is now encrypted + qDebug() << "Socket now connected"; +} + +void WebSocket::peerError(const QSslError&){ //peerVerifyError() signal + qDebug() << "Peer Error:"; +} + +void WebSocket::SslError(const QList &err){ //sslErrors() signal + qDebug() << "SSL Errors:" << err.length(); +} + // ====================== // PUBLIC SLOTS // ====================== diff --git a/src/server/WebSocket.h b/src/server/WebSocket.h index 6f08993..1222ccf 100644 --- a/src/server/WebSocket.h +++ b/src/server/WebSocket.h @@ -8,6 +8,7 @@ #include #include +#include #include #include #include @@ -68,6 +69,11 @@ private slots: void EvaluateMessage(const QString&); void EvaluateTcpMessage(); + //SSL signal handling + void nowEncrypted(); //the socket/connection is now encrypted + void peerError(const QSslError&); //peerVerifyError() signal + void SslError(const QList&); //sslErrors() signal + public slots: void AppCafeStatusUpdate(QString msg = "");