X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fsslserver.cpp;h=203c377eb8991489814672d819082bb4c16f5333;hp=c31b507f73638c01ce17fe28916bb34fa86c22d0;hb=2d753d5d08707cc668c7d029adec09c16a6f5298;hpb=694f9bfbf7f1af19108461c7e00d133e55082bce

diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
index c31b507f..203c377e 100644
--- a/src/core/sslserver.cpp
+++ b/src/core/sslserver.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-09 by the Quassel Project                          *
+ *   Copyright (C) 2005-2014 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -15,7 +15,7 @@
  *   You should have received a copy of the GNU General Public License     *
  *   along with this program; if not, write to the                         *
  *   Free Software Foundation, Inc.,                                       *
- *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
+ *   51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.         *
  ***************************************************************************/
 
 #include "sslserver.h"
@@ -24,6 +24,7 @@
 #  include <QSslSocket>
 #endif
 
+#include <QDateTime>
 #include <QFile>
 
 #include "logger.h"
@@ -56,8 +57,11 @@ QTcpSocket *SslServer::nextPendingConnection()
         return _pendingConnections.takeFirst();
 }
 
-
+#if QT_VERSION >= 0x050000
+void SslServer::incomingConnection(qintptr socketDescriptor)
+#else
 void SslServer::incomingConnection(int socketDescriptor)
+#endif
 {
     QSslSocket *serverSocket = new QSslSocket(this);
     if (serverSocket->setSocketDescriptor(socketDescriptor)) {
@@ -120,8 +124,22 @@ bool SslServer::setCertificate(const QString &path)
         quWarning() << "SslServer:" << qPrintable(path) << "contains no certificate data";
         return false;
     }
-    if (!_cert.isValid()) {
-        quWarning() << "SslServer: Invalid certificate (most likely expired)";
+
+    // We allow the core to offer SSL anyway, so no "return false" here. Client will warn about the cert being invalid.
+    const QDateTime now = QDateTime::currentDateTime();
+    if (now < _cert.effectiveDate())
+        quWarning() << "SslServer: Certificate won't be valid before" << _cert.effectiveDate().toString();
+
+    else if (now > _cert.expiryDate())
+        quWarning() << "SslServer: Certificate expired on" << _cert.expiryDate().toString();
+
+    else { // Qt4's isValid() checks for time range and blacklist; avoid a double warning, hence the else block
+#if QT_VERSION < 0x050000
+        if (!_cert.isValid())
+#else
+        if (_cert.isBlacklisted())
+#endif
+            quWarning() << "SslServer: Certificate blacklisted";
     }
     if (_key.isNull()) {
         quWarning() << "SslServer:" << qPrintable(path) << "contains no key data";