From: Diego 'Flameeyes' Pettenò <flameeyes@gmail.com>
Date: Mon, 16 Jun 2008 17:56:13 +0000 (+0200)
Subject: Allow user to provide a key/certificate pair for outgoing IRC connections.
X-Git-Tag: 0.3.0~375
X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=commitdiff_plain;h=e91445dfdb33704e5daafa8631bc9a1419251c1c

Allow user to provide a key/certificate pair for outgoing IRC connections.

OFTC supports a way to identify clients based on the fingerprint of
the SSL certificated used to initialise the connection.

This patch allows to make use of the CertFP identification by creating
a ~/.quassel/quasselClientCert.pem key/certificate file, which will be
used for all the outgoing SSL connections to IRC servers.

At the moment the message sent by the server at the connection is not
displayed by quassel, so you'll have to find the certificate's
fingerprint through OpenSSL (or any other method).

Signed-off-by: Manuel Nickschas <sputnick@quassel-irc.org>
---

diff --git a/src/core/networkconnection.cpp b/src/core/networkconnection.cpp
index 3d9fcc73..c74dc4ef 100644
--- a/src/core/networkconnection.cpp
+++ b/src/core/networkconnection.cpp
@@ -91,6 +91,23 @@ NetworkConnection::NetworkConnection(Network *network, CoreSession *session)
   connect(network, SIGNAL(autoReconnectRetriesSet(quint16)), this, SLOT(autoReconnectSettingsChanged()));
 
 #ifndef QT_NO_OPENSSL
+  {
+    QFile certFile(quasselDir().absolutePath() + "/quasselClientCert.pem");
+    certFile.open(QIODevice::ReadOnly);
+    QSslCertificate cert(&certFile);
+    certFile.close();
+
+    certFile.open(QIODevice::ReadOnly);
+    QSslKey key(&certFile, QSsl::Rsa);
+    certFile.close();
+
+    if ( !cert.isNull() && cert.isValid() &&
+	 !key.isNull() ) {
+      socket.setLocalCertificate(cert);
+      socket.setPrivateKey(key);
+    }
+  }
+
   connect(&socket, SIGNAL(encrypted()), this, SLOT(socketEncrypted()));
   connect(&socket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(sslErrors(const QList<QSslError> &)));
 #endif