#include <QFile>
#include "logger.h"
-#include "util.h"
+#include "quassel.h"
#ifdef HAVE_SSL
_isCertValid(false)
{
static bool sslWarningShown = false;
- if(!setCertificate(quasselDir().absolutePath() + "/quasselCert.pem")) {
+ if(!setCertificate(Quassel::configDirPath() + "quasselCert.pem")) {
if(!sslWarningShown) {
quWarning()
<< "SslServer: Unable to set certificate file\n"
if(isCertValid()) {
serverSocket->setLocalCertificate(_cert);
serverSocket->setPrivateKey(_key);
+ serverSocket->addCaCertificates(_ca);
}
_pendingConnections << serverSocket;
emit newConnection();
<< "error:" << certFile.error();
return false;
}
- _cert = QSslCertificate(&certFile);
+
+ QList<QSslCertificate> certList = QSslCertificate::fromDevice(&certFile);
+
+ if (certList.isEmpty()) {
+ quWarning() << "SslServer: Certificate file doesn't contain a certificate";
+ return false;
+ }
+
+ _cert = certList[0];
+ certList.removeFirst(); // remove server cert
+
+ // store CA and intermediates certs
+ _ca = certList;
if(!certFile.reset()) {
quWarning() << "SslServer: IO error reading certificate file";
projects / quassel.git / blobdiff