/***************************************************************************
- * Copyright (C) 2005-08 by the Quassel Project *
+ * Copyright (C) 2005-09 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
#include "sslserver.h"
-#ifndef QT_NO_OPENSSL
+#ifdef HAVE_SSL
# include <QSslSocket>
#endif
#include <QFile>
#include <QDebug>
+#include "logger.h"
#include "util.h"
-#ifndef QT_NO_OPENSSL
+#ifdef HAVE_SSL
SslServer::SslServer(QObject *parent)
: QTcpServer(parent)
{
- QFile certFile(quasselDir().absolutePath() + "/quasselCert.pem");
- certFile.open(QIODevice::ReadOnly);
- _cert = QSslCertificate(&certFile);
- certFile.close();
-
- certFile.open(QIODevice::ReadOnly);
- _key = QSslKey(&certFile, QSsl::Rsa);
- certFile.close();
-
- _certIsValid = !_cert.isNull() && _cert.isValid() && !_key.isNull();
- if(!_certIsValid) {
- qWarning() << "SslServer: SSL Certificate is either missing or has wrong format!";
- qWarning() << " make sure that ~/.quassel/quasselCert.pem is pem format and contains the cert and an rsa key!";
- qWarning() << "SslServer: this Quassel Core cannot provide SSL!";
- }
+ setCertificate(quasselDir().absolutePath() + "/quasselCert.pem");
}
QTcpSocket *SslServer::nextPendingConnection() {
}
}
-#endif // QT_NO_OPENSSL
+bool SslServer::setCertificate(const QString &path) {
+ _certIsValid = false;
+
+ if (path.isNull()) {
+ return false;
+ }
+
+ QFile certFile(path);
+ if (! certFile.exists()) {
+ qWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
+ return false;
+ }
+
+ certFile.open(QIODevice::ReadOnly);
+ _cert = QSslCertificate(&certFile);
+
+ certFile.reset();
+ _key = QSslKey(&certFile, QSsl::Rsa);
+ certFile.close();
+
+ if(_cert.isNull() || !_cert.isValid() || _key.isNull()) {
+ qWarning() << "SslServer: SSL Certificate is either missing or has a wrong format!\n"
+ << " Quassel Core will still work, but cannot provide SSL for client connections.\n"
+ << " Please see http://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+ } else {
+ _certIsValid = true;
+ }
+
+ return _certIsValid;
+}
+
+#endif // HAVE_SSL