mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-08-12 09:04:33 +02:00
Code Issues Releases Wiki Activity

Use SSL/TLS for API 2.0

Browse Source 
* Permanent storage for the x509 certificate is still missing
This commit is contained in:
Uwe L. Korn
2013-06-22 00:00:19 +02:00
parent 5e0ae4fda1
commit 571f5c7e7d
2 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/tomahawk/TomahawkApp.cpp
View File

@@ -114,6 +114,11 @@
#include <QFile> #include <QFile>
#include <QFileInfo> #include <QFileInfo>
#include <QTranslator> #include <QTranslator>
#include <QUuid>
#include <QtCrypto>
#include <QSslKey>
#include <QxtNetwork/QxtSslServer>
#include <iostream> #include <iostream>
@@ -536,7 +541,7 @@ TomahawkApp::initHTTP()
else else
{ {
m_httpv2_session = QPointer< QxtHttpSessionManager >( new QxtHttpSessionManager() ); m_httpv2_session = QPointer< QxtHttpSessionManager >( new QxtHttpSessionManager() );
m_httpv2_connector = QPointer< QxtHttpServerConnector >( new QxtHttpServerConnector ); m_httpv2_connector = QPointer< QxtHttpsServerConnector >( new QxtHttpsServerConnector );
if ( m_httpv2_session.isNull() || m_httpv2_connector.isNull() ) if ( m_httpv2_session.isNull() || m_httpv2_connector.isNull() )
{ {
if ( !m_httpv2_session.isNull() ) if ( !m_httpv2_session.isNull() )
@@ -558,6 +563,24 @@ TomahawkApp::initHTTP()
Api_v2* api = new Api_v2( m_httpv2_session.data() ); Api_v2* api = new Api_v2( m_httpv2_session.data() );
m_httpv2_session->setStaticContentService( api ); m_httpv2_session->setStaticContentService( api );
QCA::KeyGenerator generator;
QCA::PrivateKey key = generator.createRSA( 4096 );
// TODO: Store and load this key with qtkeychain
QCA::CertificateOptions certOpts;
QCA::CertificateInfo certInfo;
certInfo.insert( QCA::CommonName, QString( "tomahawk-%1" ).arg( Database::instance()->impl()->dbid() ) );
certInfo.insert( QCA::Organization, "Tomahawk Player" );
certInfo.insert( QCA::OrganizationalUnit, "HTTP API" );
certOpts.setInfo( certInfo );
certOpts.setSerialNumber( QCA::BigInteger( QCA::SecureArray( QUuid::createUuid().toByteArray() ) ) );
// TODO: Check for validity of ceritifcate and renew if needed
certOpts.setValidityPeriod( QDateTime::currentDateTime(), QDateTime::currentDateTime().addYears( 3 ) );
QCA::Certificate cert( certOpts, key );
QSslCertificate qcert( cert.toDER(), QSsl::Der);
QSslKey qkey( key.toDER().toByteArray(), QSsl::Rsa, QSsl::Der );
QxtSslServer* sslServer = m_httpv2_connector->tcpServer();
sslServer->setPrivateKey(qkey);
sslServer->setLocalCertificate(qcert);
tLog() << "Starting HTTPd for API v2.0 on" << m_httpv2_session->listenInterface().toString() << m_httpv2_session->port(); tLog() << "Starting HTTPd for API v2.0 on" << m_httpv2_session->listenInterface().toString() << m_httpv2_session->port();
if ( !m_httpv2_session->start() ) if ( !m_httpv2_session->start() )

2
src/tomahawk/TomahawkApp.h
View File

@@ -150,7 +150,7 @@ private:
QPointer< QxtHttpServerConnector > m_httpv1_connector; QPointer< QxtHttpServerConnector > m_httpv1_connector;
QPointer< QxtHttpSessionManager > m_httpv1_session; QPointer< QxtHttpSessionManager > m_httpv1_session;
QPointer< QxtHttpServerConnector > m_httpv2_connector; QPointer< QxtHttpsServerConnector > m_httpv2_connector;
QPointer< QxtHttpSessionManager > m_httpv2_session; QPointer< QxtHttpSessionManager > m_httpv2_session;
}; };