+#if QT_VERSION >= 0x050000
+void SslServer::incomingConnection(qintptr socketDescriptor)
+#else
+void SslServer::incomingConnection(int socketDescriptor)
+#endif
+{
+ QSslSocket *serverSocket = new QSslSocket(this);
+ if (serverSocket->setSocketDescriptor(socketDescriptor)) {
+ if (isCertValid()) {
+ serverSocket->setLocalCertificate(_cert);
+ serverSocket->setPrivateKey(_key);
+ serverSocket->addCaCertificates(_ca);
+ }
+ _pendingConnections << serverSocket;
+ emit newConnection();
+ }
+ else {
+ delete serverSocket;
+ }
+}
+
+
+bool SslServer::loadCerts()
+{
+ // Load the certificates specified in the path. If needed, other prep work can be done here.
+ return setCertificate(_sslCertPath, _sslKeyPath);
+}
+
+
+bool SslServer::reloadCerts()
+{
+ if (loadCerts()) {
+ return true;
+ } else {
+ // Reloading certificates currently only occur in response to a request. Always print an
+ // error if something goes wrong, in order to simplify checking if it's working.
+ if (isCertValid()) {
+ quWarning()
+ << "SslServer: Unable to reload certificate file, reverting\n"
+ << " Quassel Core will use the previous key to provide SSL for client connections.\n"
+ << " Please see http://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+ } else {
+ quWarning()
+ << "SslServer: Unable to reload certificate file\n"
+ << " Quassel Core will still work, but cannot provide SSL for client connections.\n"
+ << " Please see http://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+ }
+ return false;
+ }
+}
+
+
+bool SslServer::setCertificate(const QString &path, const QString &keyPath)
+{
+ // Don't reset _isCertValid here, in case an older but valid certificate is still loaded.
+ // Use temporary variables in order to avoid overwriting the existing certificates until
+ // everything is confirmed good.
+ QSslCertificate untestedCert;
+ QList<QSslCertificate> untestedCA;
+ QSslKey untestedKey;
+
+ if (path.isEmpty())
+ return false;
+
+ QFile certFile(path);
+ if (!certFile.exists()) {
+ quWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
+ return false;
+ }
+
+ if (!certFile.open(QIODevice::ReadOnly)) {
+ quWarning()
+ << "SslServer: Failed to open certificate file" << qPrintable(path)
+ << "error:" << certFile.error();
+ return false;
+ }
+
+ QList<QSslCertificate> certList = QSslCertificate::fromDevice(&certFile);
+
+ if (certList.isEmpty()) {
+ quWarning() << "SslServer: Certificate file doesn't contain a certificate";
+ return false;