WebSockets: Add SSL Support

We should discourage people to use unencrypted connections. Change-Id: Ie8945d19ae47c48a0f80d39d0ce919aed42713a1 Reviewed-by: Brett Stottlemyer <bstottle@ford.com>
author: BogDan Vatra <bogdan@kde.org> 2019-06-11 16:55:24 +0300
committer: BogDan Vatra <bogdan@kde.org> 2019-06-12 16:11:46 +0300
commit: dea04056ac0225f6051a974c9d623eabaaa7eee4 (patch)
tree: e1bc208da551c653ff6b5bb6046334525d1989a3 /examples/remoteobjects/websockets/wsserver
parent: b8a71125f038b5a52d034b804d32ecddd9e19286 (diff)
1 files changed, 24 insertions, 1 deletions
diff --git a/examples/remoteobjects/websockets/wsserver/main.cpp b/examples/remoteobjects/websockets/wsserver/main.cpp
index 8354fdd..26bbc02 100644
--- a/examples/remoteobjects/websockets/wsserver/main.cpp
+++ b/examples/remoteobjects/websockets/wsserver/main.cpp
@@ -56,6 +56,12 @@
 #include <QWebSocket>
 #include <QWebSocketServer>
 
+#ifndef QT_NO_SSL
+# include <QFile>
+# include <QSslConfiguration>
+# include <QSslKey>
+#endif
+
 #include "websocketiodevice.h"
 
 struct TimerHandler : public QObject
@@ -149,7 +155,7 @@ int main(int argc, char *argv[])
     roles << Qt::DisplayRole << Qt::BackgroundRole;
 
     QWebSocketServer webSockServer{QStringLiteral("WS QtRO"), QWebSocketServer::NonSecureMode};
-    webSockServer.listen(QHostAddress::LocalHost, 8088);
+    webSockServer.listen(QHostAddress::Any, 8088);
 
     QRemoteObjectHost hostNode;
     hostNode.setHostUrl(webSockServer.serverAddress().toString(), QRemoteObjectHost::AllowExternalRegistration);
@@ -158,6 +164,23 @@ int main(int argc, char *argv[])
 
     QObject::connect(&webSockServer, &QWebSocketServer::newConnection, &hostNode, [&hostNode, &webSockServer]{
         while (auto conn = webSockServer.nextPendingConnection()) {
+#ifndef QT_NO_SSL
+            // Always use secure connections when available
+            QSslConfiguration sslConf;
+            QFile certFile(QStringLiteral(":/sslcert/server.crt"));
+            if (!certFile.open(QIODevice::ReadOnly))
+                qFatal("Can't open client.crt file");
+            sslConf.setLocalCertificate(QSslCertificate{certFile.readAll()});
+
+            QFile keyFile(QStringLiteral(":/sslcert/server.key"));
+            if (!keyFile.open(QIODevice::ReadOnly))
+                qFatal("Can't open client.key file");
+            sslConf.setPrivateKey(QSslKey{keyFile.readAll(), QSsl::Rsa});
+
+            sslConf.setPeerVerifyMode(QSslSocket::VerifyPeer);
+            conn->setSslConfiguration(sslConf);
+            QObject::connect(conn, &QWebSocket::sslErrors, conn, &QWebSocket::deleteLater);
+#endif
             QObject::connect(conn, &QWebSocket::disconnected, conn, &QWebSocket::deleteLater);
             QObject::connect(conn,  QOverload<QAbstractSocket::SocketError>::of(&QWebSocket::error), conn, &QWebSocket::deleteLater);
             auto ioDevice = new WebSocketIoDevice(conn);
author	BogDan Vatra <bogdan@kde.org>	2019-06-11 16:55:24 +0300
committer	BogDan Vatra <bogdan@kde.org>	2019-06-12 16:11:46 +0300
commit	dea04056ac0225f6051a974c9d623eabaaa7eee4 (patch)
tree	e1bc208da551c653ff6b5bb6046334525d1989a3 /examples/remoteobjects/websockets/wsserver
parent	b8a71125f038b5a52d034b804d32ecddd9e19286 (diff)