/* * Bittorrent Client using Qt and libtorrent. * Copyright (C) 2014 Vladimir Golovnev * Copyright (C) 2006 Christophe Dumez * Copyright (C) 2006 Ishan Arora * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * * In addition, as a special exception, the copyright holders give permission to * link this program with the OpenSSL project's "OpenSSL" library (or with * modified versions of it that use the same license as the "OpenSSL" library), * and distribute the linked executables. You must obey the GNU General Public * License in all respects for all of the code used other than "OpenSSL". If you * modify file(s), you may extend this exception to your version of the file(s), * but you are not obligated to do so. If you do not wish to do so, delete this * exception statement from your version. */ #ifndef QT_NO_OPENSSL #include #else #include #endif #include #include "connection.h" #include "server.h" using namespace Http; Server::Server(IRequestHandler *requestHandler, QObject *parent) : QTcpServer(parent) , m_requestHandler(requestHandler) #ifndef QT_NO_OPENSSL , m_https(false) #endif { setProxy(QNetworkProxy::NoProxy); #ifndef QT_NO_OPENSSL QSslSocket::setDefaultCiphers(safeCipherList()); #endif } Server::~Server() { } #ifndef QT_NO_OPENSSL void Server::enableHttps(const QList &certificates, const QSslKey &key) { m_certificates = certificates; m_key = key; m_https = true; } void Server::disableHttps() { m_https = false; m_certificates.clear(); m_key.clear(); } #endif #ifdef QBT_USES_QT5 void Server::incomingConnection(qintptr socketDescriptor) #else void Server::incomingConnection(int socketDescriptor) #endif { QTcpSocket *serverSocket; #ifndef QT_NO_OPENSSL if (m_https) serverSocket = new QSslSocket(this); else #endif serverSocket = new QTcpSocket(this); if (serverSocket->setSocketDescriptor(socketDescriptor)) { #ifndef QT_NO_OPENSSL if (m_https) { static_cast(serverSocket)->setProtocol(QSsl::SecureProtocols); static_cast(serverSocket)->setPrivateKey(m_key); #ifdef QBT_USES_QT5 static_cast(serverSocket)->setLocalCertificateChain(m_certificates); #else static_cast(serverSocket)->setLocalCertificate(m_certificates.first()); #endif static_cast(serverSocket)->setPeerVerifyMode(QSslSocket::VerifyNone); static_cast(serverSocket)->startServerEncryption(); } #endif new Connection(serverSocket, m_requestHandler, this); } else { serverSocket->deleteLater(); } } #ifndef QT_NO_OPENSSL QList Server::safeCipherList() const { const QStringList badCiphers = {"idea", "rc4"}; const QList allCiphers = QSslSocket::supportedCiphers(); QList safeCiphers; foreach (const QSslCipher &cipher, allCiphers) { bool isSafe = true; foreach (const QString &badCipher, badCiphers) { if (cipher.name().contains(badCipher, Qt::CaseInsensitive)) { isSafe = false; break; } } if (isSafe) safeCiphers += cipher; } return safeCiphers; } #endif