X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fsslserver.cpp;h=203c377eb8991489814672d819082bb4c16f5333;hp=a9fe750e7f1c2bea929b7ecdc79bd9a527ec7293;hb=2d753d5d08707cc668c7d029adec09c16a6f5298;hpb=64cf9f9b8a737dad5f29447805d4004cfd03c454

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index a9fe750e..203c377e 100644
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2013 by the Quassel Project                        *
+ *   Copyright (C) 2005-2014 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -24,6 +24,7 @@
 #  include <QSslSocket>
 #endif
 
+#include <QDateTime>
 #include <QFile>
 
 #include "logger.h"
@@ -56,8 +57,11 @@ QTcpSocket *SslServer::nextPendingConnection()
         return _pendingConnections.takeFirst();
 }
 
-
+#if QT_VERSION >= 0x050000
+void SslServer::incomingConnection(qintptr socketDescriptor)
+#else
 void SslServer::incomingConnection(int socketDescriptor)
+#endif
 {
     QSslSocket *serverSocket = new QSslSocket(this);
     if (serverSocket->setSocketDescriptor(socketDescriptor)) {
@@ -120,9 +124,22 @@ bool SslServer::setCertificate(const QString &path)
         quWarning() << "SslServer:" << qPrintable(path) << "contains no certificate data";
         return false;
     }
-    if (!_cert.isValid()) {
-        quWarning() << "SslServer: Invalid certificate (most likely expired)";
-        // We allow the core to offer SSL anyway, so no "return false" here. Client will warn about the cert being invalid.
+
+    // We allow the core to offer SSL anyway, so no "return false" here. Client will warn about the cert being invalid.
+    const QDateTime now = QDateTime::currentDateTime();
+    if (now < _cert.effectiveDate())
+        quWarning() << "SslServer: Certificate won't be valid before" << _cert.effectiveDate().toString();
+
+    else if (now > _cert.expiryDate())
+        quWarning() << "SslServer: Certificate expired on" << _cert.expiryDate().toString();
+
+    else { // Qt4's isValid() checks for time range and blacklist; avoid a double warning, hence the else block
+#if QT_VERSION < 0x050000
+        if (!_cert.isValid())
+#else
+        if (_cert.isBlacklisted())
+#endif
+            quWarning() << "SslServer: Certificate blacklisted";
     }
     if (_key.isNull()) {
         quWarning() << "SslServer:" << qPrintable(path) << "contains no key data";