Reset certFile instead of reopening in SslServer::setCertificate.

[quassel.git] / src / core / sslserver.cpp

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index 343af53..7fee3ca 100644 (file)
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
 /***************************************************************************

- *   Copyright (C) 2005-08 by the Quassel Project                          *
+ *   Copyright (C) 2005-09 by the Quassel Project                          *

  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *


@@ -20,35 +20,22 @@
 
 #include "sslserver.h"
 
 
 #include "sslserver.h"
 

-#ifndef QT_NO_OPENSSL
+#ifdef HAVE_SSL

 #  include <QSslSocket>
 #endif
 
 #include <QFile>
 #include <QDebug>
 
 #  include <QSslSocket>
 #endif
 
 #include <QFile>
 #include <QDebug>
 

+#include "logger.h"

 #include "util.h"
 
 #include "util.h"
 

-#ifndef QT_NO_OPENSSL
+#ifdef HAVE_SSL

 
 SslServer::SslServer(QObject *parent)
   : QTcpServer(parent)
 {
 
 SslServer::SslServer(QObject *parent)
   : QTcpServer(parent)
 {

-  QFile certFile(quasselDir().absolutePath() + "/quasselCert.pem");
-  certFile.open(QIODevice::ReadOnly);
-  _cert = QSslCertificate(&certFile);
-  certFile.close();
-
-  certFile.open(QIODevice::ReadOnly);
-  _key = QSslKey(&certFile, QSsl::Rsa);
-  certFile.close();
-
-  _certIsValid = !_cert.isNull() && _cert.isValid() && !_key.isNull();
-  if(!_certIsValid) {
-    qWarning() << "SslServer: SSL Certificate is either missing or has wrong format!";
-    qWarning() << "           make sure that ~/.quassel/quasselCert.pem is pem format and contains the cert and an rsa key!";
-    qWarning() << "SslServer: this Quassel Core cannot provide SSL!";
-  }
+  setCertificate(quasselDir().absolutePath() + "/quasselCert.pem");

 }
 
 QTcpSocket *SslServer::nextPendingConnection() {
 }
 
 QTcpSocket *SslServer::nextPendingConnection() {


@@ -72,4 +59,35 @@ void SslServer::incomingConnection(int socketDescriptor) {
   }
 }
 
   }
 }
 

-#endif // QT_NO_OPENSSL
+bool SslServer::setCertificate(const QString &path) {
+  _certIsValid = false;
+
+  if (path.isNull()) {
+    return false;
+  }
+
+  QFile certFile(path);
+  if (! certFile.exists()) {
+    qWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
+    return false;
+  }
+
+  certFile.open(QIODevice::ReadOnly);
+  _cert = QSslCertificate(&certFile);
+
+  certFile.reset();
+  _key = QSslKey(&certFile, QSsl::Rsa);
+  certFile.close();
+
+  if(_cert.isNull() || !_cert.isValid() || _key.isNull()) {
+    qWarning() << "SslServer: SSL Certificate is either missing or has a wrong format!\n"
+               << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
+               << "          Please see http://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+  } else {
+    _certIsValid = true;
+  }
+
+  return _certIsValid;
+}
+
+#endif // HAVE_SSL