From b886f45d068764fffaf6a13fca6f8f86f0b22531 Mon Sep 17 00:00:00 2001
From: Rainer Keller <Rainer.Keller@qt.io>
Date: Tue, 23 Jul 2019 10:30:21 +0200
Subject: Adds some checks before attempting a connection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In case of a connection to a secure endpoint the PKI configuration
has to contain some mandatory settings.

Change-Id: Ib92348222fdb3fa2af8d7d4a701f2f4bb94baf7b
Reviewed-by: Jannis Völker <jannis.voelker@basyskom.com>
---
 src/opcua/client/qopcuaclientprivate.cpp | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/opcua/client/qopcuaclientprivate.cpp b/src/opcua/client/qopcuaclientprivate.cpp
index 1e4c0ae..dfec694 100644
--- a/src/opcua/client/qopcuaclientprivate.cpp
+++ b/src/opcua/client/qopcuaclientprivate.cpp
@@ -125,6 +125,23 @@ QOpcUaClientPrivate::~QOpcUaClientPrivate()
 
 void QOpcUaClientPrivate::connectToEndpoint(const QOpcUaEndpointDescription &endpoint)
 {
+    // Some pre-connection checks
+    if (QOpcUa::isSecurePolicy(endpoint.securityPolicy())) {
+        // We are going to connect to a secure endpoint
+
+        if (!m_pkiConfig.isPkiValid()) {
+            qCWarning(QT_OPCUA) << "Can not connect to a secure endpoint without a valid PKI setup.";
+            setStateAndError(m_state, QOpcUaClient::AccessDenied);
+            return;
+        }
+
+        if (!m_pkiConfig.isKeyAndCertificateFileSet()) {
+            qCWarning(QT_OPCUA) << "Can not connect to a secure endpoint without a client certificate.";
+            setStateAndError(m_state, QOpcUaClient::AccessDenied);
+            return;
+        }
+    }
+
     m_endpoint = endpoint;
     m_impl->connectToEndpoint(endpoint);
 }
-- 
cgit v1.2.3