diff options
author | BogDan Vatra <bogdan@kde.org> | 2019-06-11 16:55:24 +0300 |
---|---|---|
committer | BogDan Vatra <bogdan@kde.org> | 2019-06-12 16:11:46 +0300 |
commit | dea04056ac0225f6051a974c9d623eabaaa7eee4 (patch) | |
tree | e1bc208da551c653ff6b5bb6046334525d1989a3 /examples/remoteobjects/websockets/wsserver | |
parent | b8a71125f038b5a52d034b804d32ecddd9e19286 (diff) |
WebSockets: Add SSL Support
We should discourage people to use unencrypted connections.
Change-Id: Ie8945d19ae47c48a0f80d39d0ce919aed42713a1
Reviewed-by: Brett Stottlemyer <bstottle@ford.com>
Diffstat (limited to 'examples/remoteobjects/websockets/wsserver')
-rw-r--r-- | examples/remoteobjects/websockets/wsserver/main.cpp | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/examples/remoteobjects/websockets/wsserver/main.cpp b/examples/remoteobjects/websockets/wsserver/main.cpp index 8354fdd..26bbc02 100644 --- a/examples/remoteobjects/websockets/wsserver/main.cpp +++ b/examples/remoteobjects/websockets/wsserver/main.cpp @@ -56,6 +56,12 @@ #include <QWebSocket> #include <QWebSocketServer> +#ifndef QT_NO_SSL +# include <QFile> +# include <QSslConfiguration> +# include <QSslKey> +#endif + #include "websocketiodevice.h" struct TimerHandler : public QObject @@ -149,7 +155,7 @@ int main(int argc, char *argv[]) roles << Qt::DisplayRole << Qt::BackgroundRole; QWebSocketServer webSockServer{QStringLiteral("WS QtRO"), QWebSocketServer::NonSecureMode}; - webSockServer.listen(QHostAddress::LocalHost, 8088); + webSockServer.listen(QHostAddress::Any, 8088); QRemoteObjectHost hostNode; hostNode.setHostUrl(webSockServer.serverAddress().toString(), QRemoteObjectHost::AllowExternalRegistration); @@ -158,6 +164,23 @@ int main(int argc, char *argv[]) QObject::connect(&webSockServer, &QWebSocketServer::newConnection, &hostNode, [&hostNode, &webSockServer]{ while (auto conn = webSockServer.nextPendingConnection()) { +#ifndef QT_NO_SSL + // Always use secure connections when available + QSslConfiguration sslConf; + QFile certFile(QStringLiteral(":/sslcert/server.crt")); + if (!certFile.open(QIODevice::ReadOnly)) + qFatal("Can't open client.crt file"); + sslConf.setLocalCertificate(QSslCertificate{certFile.readAll()}); + + QFile keyFile(QStringLiteral(":/sslcert/server.key")); + if (!keyFile.open(QIODevice::ReadOnly)) + qFatal("Can't open client.key file"); + sslConf.setPrivateKey(QSslKey{keyFile.readAll(), QSsl::Rsa}); + + sslConf.setPeerVerifyMode(QSslSocket::VerifyPeer); + conn->setSslConfiguration(sslConf); + QObject::connect(conn, &QWebSocket::sslErrors, conn, &QWebSocket::deleteLater); +#endif QObject::connect(conn, &QWebSocket::disconnected, conn, &QWebSocket::deleteLater); QObject::connect(conn, QOverload<QAbstractSocket::SocketError>::of(&QWebSocket::error), conn, &QWebSocket::deleteLater); auto ioDevice = new WebSocketIoDevice(conn); |