X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fsslserver.cpp;h=16e3f3e98581dfad7e2af0a614886032e821c482;hp=c076a5fe80e730614300cfd133269acf3a287ef0;hb=a8ab790b2218d6131f12b622b1373ba62958f3ef;hpb=c1cf157116de7fc3da96203aa6f03c38c7ebb650

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index c076a5fe..16e3f3e9 100644
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2018 by the Quassel Project                        *
+ *   Copyright (C) 2005-2019 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -26,7 +26,7 @@
 
 #include <QDateTime>
 
-#include "logmessage.h"
+#include "core.h"
 #include "quassel.h"
 
 #ifdef HAVE_SSL
@@ -54,9 +54,9 @@ SslServer::SslServer(QObject* parent)
     // Initialize the certificates for first-time usage
     if (!loadCerts()) {
         if (!sslWarningShown) {
-            quWarning() << "SslServer: Unable to set certificate file\n"
-                        << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
-                        << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+            qWarning() << "SslServer: Unable to set certificate file\n"
+                       << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
+                       << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
             sslWarningShown = true;
         }
     }
@@ -102,14 +102,14 @@ bool SslServer::reloadCerts()
         // Reloading certificates currently only occur in response to a request.  Always print an
         // error if something goes wrong, in order to simplify checking if it's working.
         if (isCertValid()) {
-            quWarning() << "SslServer: Unable to reload certificate file, reverting\n"
-                        << "          Quassel Core will use the previous key to provide SSL for client connections.\n"
-                        << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+            qWarning() << "SslServer: Unable to reload certificate file, reverting\n"
+                       << "          Quassel Core will use the previous key to provide SSL for client connections.\n"
+                       << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
         }
         else {
-            quWarning() << "SslServer: Unable to reload certificate file\n"
-                        << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
-                        << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
+            qWarning() << "SslServer: Unable to reload certificate file\n"
+                       << "          Quassel Core will still work, but cannot provide SSL for client connections.\n"
+                       << "          Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.";
         }
         return false;
     }
@@ -129,19 +129,19 @@ bool SslServer::setCertificate(const QString& path, const QString& keyPath)
 
     QFile certFile(path);
     if (!certFile.exists()) {
-        quWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
+        qWarning() << "SslServer: Certificate file" << qPrintable(path) << "does not exist";
         return false;
     }
 
     if (!certFile.open(QIODevice::ReadOnly)) {
-        quWarning() << "SslServer: Failed to open certificate file" << qPrintable(path) << "error:" << certFile.error();
+        qWarning() << "SslServer: Failed to open certificate file" << qPrintable(path) << "error:" << certFile.error();
         return false;
     }
 
     QList<QSslCertificate> certList = QSslCertificate::fromDevice(&certFile);
 
     if (certList.isEmpty()) {
-        quWarning() << "SslServer: Certificate file doesn't contain a certificate";
+        qWarning() << "SslServer: Certificate file doesn't contain a certificate";
         return false;
     }
 
@@ -152,7 +152,7 @@ bool SslServer::setCertificate(const QString& path, const QString& keyPath)
     untestedCA = certList;
 
     if (!certFile.reset()) {
-        quWarning() << "SslServer: IO error reading certificate file";
+        qWarning() << "SslServer: IO error reading certificate file";
         return false;
     }
 
@@ -160,12 +160,12 @@ bool SslServer::setCertificate(const QString& path, const QString& keyPath)
     if (path != keyPath) {
         QFile keyFile(keyPath);
         if (!keyFile.exists()) {
-            quWarning() << "SslServer: Key file" << qPrintable(keyPath) << "does not exist";
+            qWarning() << "SslServer: Key file" << qPrintable(keyPath) << "does not exist";
             return false;
         }
 
         if (!keyFile.open(QIODevice::ReadOnly)) {
-            quWarning() << "SslServer: Failed to open key file" << qPrintable(keyPath) << "error:" << keyFile.error();
+            qWarning() << "SslServer: Failed to open key file" << qPrintable(keyPath) << "error:" << keyFile.error();
             return false;
         }
 
@@ -179,27 +179,32 @@ bool SslServer::setCertificate(const QString& path, const QString& keyPath)
     certFile.close();
 
     if (untestedCert.isNull()) {
-        quWarning() << "SslServer:" << qPrintable(path) << "contains no certificate data";
+        qWarning() << "SslServer:" << qPrintable(path) << "contains no certificate data";
         return false;
     }
 
     // We allow the core to offer SSL anyway, so no "return false" here. Client will warn about the cert being invalid.
     const QDateTime now = QDateTime::currentDateTime();
     if (now < untestedCert.effectiveDate()) {
-        quWarning() << "SslServer: Certificate won't be valid before" << untestedCert.effectiveDate().toString();
+        qWarning() << "SslServer: Certificate won't be valid before" << untestedCert.effectiveDate().toString();
     }
     else if (now > untestedCert.expiryDate()) {
-        quWarning() << "SslServer: Certificate expired on" << untestedCert.expiryDate().toString();
+        qWarning() << "SslServer: Certificate expired on" << untestedCert.expiryDate().toString();
     }
     else if (untestedCert.isBlacklisted()) {
-        quWarning() << "SslServer: Certificate blacklisted";
+        qWarning() << "SslServer: Certificate blacklisted";
     }
 
     if (untestedKey.isNull()) {
-        quWarning() << "SslServer:" << qPrintable(keyPath) << "contains no key data";
+        qWarning() << "SslServer:" << qPrintable(keyPath) << "contains no key data";
         return false;
     }
 
+    _certificateExpires = untestedCert.expiryDate();
+    if (_metricsServer) {
+        _metricsServer->setCertificateExpires(_certificateExpires);
+    }
+
     _isCertValid = true;
 
     // All keys are valid, update the externally visible copy used for new connections.
@@ -216,7 +221,7 @@ QSslKey SslServer::loadKey(QFile* keyFile)
     key = QSslKey(keyFile, QSsl::Rsa);
     if (key.isNull()) {
         if (!keyFile->reset()) {
-            quWarning() << "SslServer: IO error reading key file";
+            qWarning() << "SslServer: IO error reading key file";
             return key;
         }
         key = QSslKey(keyFile, QSsl::Ec);
@@ -224,4 +229,11 @@ QSslKey SslServer::loadKey(QFile* keyFile)
     return key;
 }
 
+void SslServer::setMetricsServer(MetricsServer* metricsServer) {
+    _metricsServer = metricsServer;
+    if (_metricsServer) {
+        _metricsServer->setCertificateExpires(_certificateExpires);
+    }
+}
+
 #endif  // HAVE_SSL