diff --git a/src/base/http/server.cpp b/src/base/http/server.cpp index be1877d38..35be36d98 100644 --- a/src/base/http/server.cpp +++ b/src/base/http/server.cpp @@ -60,22 +60,6 @@ Server::~Server() { } -#ifndef QT_NO_OPENSSL -void Server::enableHttps(const QList &certificates, const QSslKey &key) -{ - m_certificates = certificates; - m_key = key; - m_https = true; -} - -void Server::disableHttps() -{ - m_https = false; - m_certificates.clear(); - m_key.clear(); -} -#endif - void Server::incomingConnection(qintptr socketDescriptor) { QTcpSocket *serverSocket; @@ -104,6 +88,36 @@ void Server::incomingConnection(qintptr socketDescriptor) } #ifndef QT_NO_OPENSSL +bool Server::setupHttps(const QByteArray &certificates, const QByteArray &key) +{ + QSslKey sslKey(key, QSsl::Rsa); + if (sslKey.isNull()) + sslKey = QSslKey(key, QSsl::Ec); + + const QList certs = QSslCertificate::fromData(certificates); + const bool areCertsValid = !certs.empty() && std::all_of(certs.begin(), certs.end(), [](const QSslCertificate &c) { return !c.isNull(); }); + + if (!sslKey.isNull() && areCertsValid) + { + m_key = sslKey; + m_certificates = certs; + m_https = true; + return true; + } + else + { + disableHttps(); + return false; + } +} + +void Server::disableHttps() +{ + m_https = false; + m_certificates.clear(); + m_key.clear(); +} + QList Server::safeCipherList() const { const QStringList badCiphers = {"idea", "rc4"}; diff --git a/src/base/http/server.h b/src/base/http/server.h index 7f8f3af7c..31f33b735 100644 --- a/src/base/http/server.h +++ b/src/base/http/server.h @@ -34,6 +34,7 @@ #define HTTP_SERVER_H #include + #ifndef QT_NO_OPENSSL #include #include @@ -55,17 +56,18 @@ namespace Http ~Server(); #ifndef QT_NO_OPENSSL - void enableHttps(const QList &certificates, const QSslKey &key); + bool setupHttps(const QByteArray &certificates, const QByteArray &key); void disableHttps(); #endif private: - IRequestHandler *m_requestHandler; - void incomingConnection(qintptr socketDescriptor); + IRequestHandler *m_requestHandler; + #ifndef QT_NO_OPENSSL QList safeCipherList() const; + bool m_https; QList m_certificates; QSslKey m_key; diff --git a/src/webui/webui.cpp b/src/webui/webui.cpp index 7e0f2996a..6b03ef04d 100644 --- a/src/webui/webui.cpp +++ b/src/webui/webui.cpp @@ -45,78 +45,79 @@ WebUI::WebUI(QObject *parent) void WebUI::init() { - Preferences* const pref = Preferences::instance(); Logger* const logger = Logger::instance(); + Preferences* const pref = Preferences::instance(); + + const quint16 oldPort = m_port; + m_port = pref->getWebUiPort(); if (pref->isWebUiEnabled()) { - const quint16 port = pref->getWebUiPort(); - if (m_port != port) { - Net::PortForwarder::instance()->deletePort(port); - m_port = port; + // UPnP/NAT-PMP + if (pref->useUPnPForWebUIPort()) { + if (m_port != oldPort) { + Net::PortForwarder::instance()->deletePort(oldPort); + Net::PortForwarder::instance()->addPort(m_port); + } + } + else { + Net::PortForwarder::instance()->deletePort(oldPort); } - if (httpServer_) { - if (httpServer_->serverPort() != m_port) - httpServer_->close(); + // http server + if (!m_httpServer) { + m_webapp = new WebApplication(this); + m_httpServer = new Http::Server(m_webapp, this); } else { - webapp_ = new WebApplication(this); - httpServer_ = new Http::Server(webapp_, this); + if (m_httpServer->serverPort() != m_port) + m_httpServer->close(); } #ifndef QT_NO_OPENSSL if (pref->isWebUiHttpsEnabled()) { - const QByteArray keyRaw = pref->getWebUiHttpsKey(); - QSslKey key(keyRaw, QSsl::Rsa); - if (key.isNull()) - key = QSslKey(keyRaw, QSsl::Ec); - - const QList certs = QSslCertificate::fromData(pref->getWebUiHttpsCertificate()); - const bool areCertsValid = !certs.empty() && std::all_of(certs.begin(), certs.end(), [](QSslCertificate c) { return !c.isNull(); }); - - if (!key.isNull() && areCertsValid) - httpServer_->enableHttps(certs, key); + const QByteArray certs = pref->getWebUiHttpsCertificate(); + const QByteArray key = pref->getWebUiHttpsKey(); + bool success = m_httpServer->setupHttps(certs, key); + if (success) + logger->addMessage(tr("Web UI: https setup successful")); else - httpServer_->disableHttps(); + logger->addMessage(tr("Web UI: https setup failed, fallback to http"), Log::CRITICAL); } else { - httpServer_->disableHttps(); + m_httpServer->disableHttps(); } #endif - if (!httpServer_->isListening()) { - bool success = httpServer_->listen(QHostAddress::Any, m_port); + if (!m_httpServer->isListening()) { + bool success = m_httpServer->listen(QHostAddress::Any, m_port); if (success) - logger->addMessage(tr("The Web UI is listening on port %1").arg(m_port)); + logger->addMessage(tr("Web UI: Now listening on port %1").arg(m_port)); else - logger->addMessage(tr("Web UI Error - Unable to bind Web UI to port %1").arg(m_port), Log::CRITICAL); + logger->addMessage(tr("Web UI: Unable to bind to port %1").arg(m_port), Log::CRITICAL); } // DynDNS if (pref->isDynDNSEnabled()) { - if (!dynDNSUpdater_) - dynDNSUpdater_ = new Net::DNSUpdater(this); + if (!m_dnsUpdater) + m_dnsUpdater = new Net::DNSUpdater(this); else - dynDNSUpdater_->updateCredentials(); + m_dnsUpdater->updateCredentials(); } else { - if (dynDNSUpdater_) - delete dynDNSUpdater_; + if (m_dnsUpdater) + delete m_dnsUpdater; } - - // Use UPnP/NAT-PMP for Web UI - if (pref->useUPnPForWebUIPort()) - Net::PortForwarder::instance()->addPort(m_port); - else - Net::PortForwarder::instance()->deletePort(m_port); } else { - if (httpServer_) - delete httpServer_; - if (webapp_) - delete webapp_; - if (dynDNSUpdater_) - delete dynDNSUpdater_; - Net::PortForwarder::instance()->deletePort(m_port); + Net::PortForwarder::instance()->deletePort(oldPort); + + if (m_httpServer) + delete m_httpServer; + + if (m_webapp) + delete m_webapp; + + if (m_dnsUpdater) + delete m_dnsUpdater; } } diff --git a/src/webui/webui.h b/src/webui/webui.h index 5f156a92e..a7903640b 100644 --- a/src/webui/webui.h +++ b/src/webui/webui.h @@ -55,9 +55,9 @@ private slots: void init(); private: - QPointer httpServer_; - QPointer dynDNSUpdater_; - QPointer webapp_; + QPointer m_httpServer; + QPointer m_dnsUpdater; + QPointer m_webapp; quint16 m_port; };