HTTPS support

Added new `QAbstractHttpServer::sslSetup` which enables HTTPS usage.
Added new `QSslServer` which inherits from `QTcpServer` and configures
incoming TCP clients to use SSL.

[ChangeLog][QHttpServer][Https support] Https support added to
QAbstractHttpServer class

Change-Id: I536cf48b86b246e3f4b9d960f793b93670afe06f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Guy Poizat <gerrit.qt@gmail.com>
Reviewed-by: Mikhail Svetkin <mikhail.svetkin@gmail.com>

10 files changed, 298 insertions, 0 deletions

diff --git a/src/httpserver/httpserver.pro b/src/httpserver/httpserver.pro
index 1ba716b..20f567f 100644
--- a/src/httpserver/httpserver.pro
+++ b/src/httpserver/httpserver.pro
@@ -4,6 +4,7 @@ INCLUDEPATH += .
 QT = network core-private
 
 qtHaveModule(websockets): QT += websockets-private
+qtConfig(ssl): QT += sslserver
 
 HEADERS += \
     qthttpserverglobal.h \
diff --git a/src/httpserver/qabstracthttpserver.cpp b/src/httpserver/qabstracthttpserver.cpp
index 1ccd91d..26e6e97 100644
--- a/src/httpserver/qabstracthttpserver.cpp
+++ b/src/httpserver/qabstracthttpserver.cpp
@@ -148,11 +148,20 @@ QAbstractHttpServer::QAbstractHttpServer(QAbstractHttpServerPrivate &dd, QObject
 */
 int QAbstractHttpServer::listen(const QHostAddress &address, quint16 port)
 {
+#if QT_CONFIG(ssl)
+    Q_D(QAbstractHttpServer);
+    QTcpServer *tcpServer = d->sslEnabled ? new QSslServer(d->sslConfiguration, this)
+                                          : new QTcpServer(this);
+#else
     auto tcpServer = new QTcpServer(this);
+#endif
     const auto listening = tcpServer->listen(address, port);
     if (listening) {
         bind(tcpServer);
         return tcpServer->serverPort();
+    } else {
+        qCCritical(lcHttpServer, "listen failed: %s",
+                   tcpServer->errorString().toStdString().c_str());
     }
 
     delete tcpServer;
@@ -254,4 +263,24 @@ QHttpServerResponder QAbstractHttpServer::makeResponder(const QHttpServerRequest
     return QHttpServerResponder(request, socket);
 }
 
+#if QT_CONFIG(ssl)
+void QAbstractHttpServer::sslSetup(const QSslCertificate &certificate,
+                                   const QSslKey &privateKey,
+                                   QSsl::SslProtocol protocol)
+{
+    QSslConfiguration conf;
+    conf.setLocalCertificate(certificate);
+    conf.setPrivateKey(privateKey);
+    conf.setProtocol(protocol);
+    sslSetup(conf);
+}
+
+void QAbstractHttpServer::sslSetup(const QSslConfiguration &sslConfiguration)
+{
+    Q_D(QAbstractHttpServer);
+    d->sslConfiguration = sslConfiguration;
+    d->sslEnabled = true;
+}
+#endif
+
 QT_END_NAMESPACE
diff --git a/src/httpserver/qabstracthttpserver.h b/src/httpserver/qabstracthttpserver.h
index 6b59115..ffcdc2a 100644
--- a/src/httpserver/qabstracthttpserver.h
+++ b/src/httpserver/qabstracthttpserver.h
@@ -36,6 +36,12 @@
 
 #include <QtNetwork/qhostaddress.h>
 
+#if QT_CONFIG(ssl)
+#include <QtSslServer/qsslserver.h>
+#include <QSslCertificate>
+#include <QSslKey>
+#endif
+
 QT_BEGIN_NAMESPACE
 
 class QHttpServerRequest;
@@ -57,6 +63,12 @@ public:
     void bind(QTcpServer *server = nullptr);
     QVector<QTcpServer *> servers() const;
 
+#if QT_CONFIG(ssl)
+    void sslSetup(const QSslCertificate &certificate, const QSslKey &privateKey,
+                  QSsl::SslProtocol protocol = QSsl::SecureProtocols);
+    void sslSetup(const QSslConfiguration &sslConfiguration);
+#endif
+
 Q_SIGNALS:
     void missingHandler(const QHttpServerRequest &request, QTcpSocket *socket);
 
diff --git a/src/httpserver/qabstracthttpserver_p.h b/src/httpserver/qabstracthttpserver_p.h
index 69732ff..2c02b19 100644
--- a/src/httpserver/qabstracthttpserver_p.h
+++ b/src/httpserver/qabstracthttpserver_p.h
@@ -70,6 +70,11 @@ public:
     void handleNewConnections();
     void handleReadyRead(QTcpSocket *socket,
                          QHttpServerRequest *request);
+
+#if QT_CONFIG(ssl)
+    QSslConfiguration sslConfiguration;
+    bool sslEnabled = false;
+#endif
 };
 
 QT_END_NAMESPACE
diff --git a/src/src.pro b/src/src.pro
index 68d9ed3..7a4c276 100644
--- a/src/src.pro
+++ b/src/src.pro
@@ -1,4 +1,11 @@
 TEMPLATE = subdirs
 
+QT = network
+
 SUBDIRS = \
     httpserver
+
+qtConfig(ssl) {
+    SUBDIRS += sslserver
+    httpserver.depends = sslserver
+}
diff --git a/src/sslserver/qsslserver.cpp b/src/sslserver/qsslserver.cpp
new file mode 100644
index 0000000..b22cadb
--- /dev/null
+++ b/src/sslserver/qsslserver.cpp
@@ -0,0 +1,73 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 Sylvain Garcia <garcia.6l20@gmail.com>.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtHttpServer module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:GPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3 or (at your option) any later version
+** approved by the KDE Free Qt Foundation. The licenses are as published by
+** the Free Software Foundation and appearing in the file LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#include <private/qsslserver_p.h>
+
+#include <QtCore/qloggingcategory.h>
+
+QT_BEGIN_NAMESPACE
+
+Q_LOGGING_CATEGORY(lcSS, "qt.sslserver");
+
+QSslServer::QSslServer(QObject *parent):
+    QTcpServer (QAbstractSocket::TcpSocket, *new QSslServerPrivate, parent)
+{
+}
+
+QSslServer::QSslServer(const QSslConfiguration &sslConfiguration,
+                       QObject *parent):
+    QTcpServer (QAbstractSocket::TcpSocket, *new QSslServerPrivate, parent)
+{
+    Q_D(QSslServer);
+    d->sslConfiguration = sslConfiguration;
+}
+
+void QSslServer::incomingConnection(qintptr handle)
+{
+    Q_D(QSslServer);
+    QSslSocket *socket = new QSslSocket(this);
+    connect(socket, QOverload<const QList<QSslError>&>::of(&QSslSocket::sslErrors),
+            [this, socket](const QList<QSslError> &errors) {
+        for (auto &err: errors)
+            qCCritical(lcSS) << err;
+        Q_EMIT sslErrors(socket, errors);
+    });
+    socket->setSocketDescriptor(handle);
+    socket->setSslConfiguration(d->sslConfiguration);
+    socket->startServerEncryption();
+
+    addPendingConnection(socket);
+}
+
+void QSslServer::setSslConfiguration(const QSslConfiguration &sslConfiguration)
+{
+    Q_D(QSslServer);
+    d->sslConfiguration = sslConfiguration;
+}
+QT_END_NAMESPACE
diff --git a/src/sslserver/qsslserver.h b/src/sslserver/qsslserver.h
new file mode 100644
index 0000000..13b01d1
--- /dev/null
+++ b/src/sslserver/qsslserver.h
@@ -0,0 +1,62 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 Sylvain Garcia <garcia.6l20@gmail.com>.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtHttpServer module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:GPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3 or (at your option) any later version
+** approved by the KDE Free Qt Foundation. The licenses are as published by
+** the Free Software Foundation and appearing in the file LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QSSLSERVER_H
+#define QSSLSERVER_H
+
+#include <QtSslServer/qtsslserverglobal.h>
+
+#include <QtNetwork/qtcpserver.h>
+#include <QtNetwork/qsslconfiguration.h>
+
+QT_BEGIN_NAMESPACE
+
+class QSslServerPrivate;
+class Q_SSLSERVER_EXPORT QSslServer : public QTcpServer
+{
+    Q_OBJECT
+public:
+    QSslServer(QObject *parent = nullptr);
+    QSslServer(const QSslConfiguration &sslConfiguration, QObject *parent = nullptr);
+
+    void setSslConfiguration(const QSslConfiguration &sslConfiguration);
+
+Q_SIGNALS:
+    void sslErrors(QSslSocket *socket, const QList<QSslError> &errors);
+
+protected:
+    void incomingConnection(qintptr handle) override final;
+
+private:
+    Q_DECLARE_PRIVATE(QSslServer)
+};
+
+QT_END_NAMESPACE
+
+#endif // QSSLSERVER_HPP
diff --git a/src/sslserver/qsslserver_p.h b/src/sslserver/qsslserver_p.h
new file mode 100644
index 0000000..4556c3d
--- /dev/null
+++ b/src/sslserver/qsslserver_p.h
@@ -0,0 +1,46 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 Sylvain Garcia <garcia.6l20@gmail.com>.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtHttpServer module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:GPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3 or (at your option) any later version
+** approved by the KDE Free Qt Foundation. The licenses are as published by
+** the Free Software Foundation and appearing in the file LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QSSLSERVER_P_H
+#define QSSLSERVER_P_H
+
+#include <QtSslServer/qsslserver.h>
+
+#include <private/qtcpserver_p.h>
+
+QT_BEGIN_NAMESPACE
+
+class QSslServerPrivate: public QTcpServerPrivate {
+public:
+    QSslConfiguration sslConfiguration;
+};
+
+QT_END_NAMESPACE
+
+#endif // QSSLSERVER_P_H
diff --git a/src/sslserver/qtsslserverglobal.h b/src/sslserver/qtsslserverglobal.h
new file mode 100644
index 0000000..8f9b55d
--- /dev/null
+++ b/src/sslserver/qtsslserverglobal.h
@@ -0,0 +1,49 @@
+/****************************************************************************
+**
+** Copyright (C) 2019 Sylvain Garcia <garcia.6l20@gmail.com>.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtHttpServer module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:GPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 3 or (at your option) any later version
+** approved by the KDE Free Qt Foundation. The licenses are as published by
+** the Free Software Foundation and appearing in the file LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QTSSLSERVERGLOBAL_H
+#define QTSSLSERVERGLOBAL_H
+
+#include <QtCore/qglobal.h>
+
+QT_BEGIN_NAMESPACE
+
+#ifndef QT_STATIC
+#  if defined(QT_BUILD_SSLSERVER_LIB)
+#    define Q_SSLSERVER_EXPORT Q_DECL_EXPORT
+#  else
+#    define Q_SSLSERVER_EXPORT Q_DECL_IMPORT
+#  endif
+#else
+#  define Q_SSLSERVER_EXPORT
+#endif
+
+QT_END_NAMESPACE
+
+#endif // QTSSLSERVERGLOBAL_H
diff --git a/src/sslserver/sslserver.pro b/src/sslserver/sslserver.pro
new file mode 100644
index 0000000..6d09233
--- /dev/null
+++ b/src/sslserver/sslserver.pro
@@ -0,0 +1,14 @@
+TARGET = QtSslServer
+INCLUDEPATH += .
+
+QT = network network-private core-private
+
+HEADERS += \
+    qsslserver.h \
+    qtsslserverglobal.h \
+    qsslserver_p.h
+
+SOURCES += \
+    qsslserver.cpp
+
+load(qt_module)