From 98df84dd6f968cf35d0b6f5c4a292613a5ca103b Mon Sep 17 00:00:00 2001
From: Tobias Triffterer <tobias@ep1.ruhr-uni-bochum.de>
Date: Tue, 4 May 2021 00:47:02 +0200
Subject: [PATCH] Configure Encryption on the Client

The code necessary to encrypt the connection and verify the server using
the list of CA certificates from libfp311online.
---
 src/logingui.cpp | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/logingui.cpp b/src/logingui.cpp
index 2d7fc18..8741233 100644
--- a/src/logingui.cpp
+++ b/src/logingui.cpp
@@ -30,8 +30,10 @@
 #include <QTimer>
 #include <QPalette>
 #include <QPixmap>
+#include <QSslConfiguration>
 #include <QUrl>
 
+#include "cacertificates.h"
 #include "clientgui.h"
 #include "command.h"
 #include "legalstuff.h"
@@ -63,8 +65,13 @@ void LoginGui::doLogin()
     _ui.txtStartPin->setEnabled(false);
     _ui.cmdLogin->setEnabled(false);
 
-    logInfo(QStringLiteral("Opening web socket to address ws://") + _ui.txtUrl->text());
+    logInfo(QStringLiteral("Opening web socket to address wss://") + _ui.txtUrl->text());
     _socket.reset(new QWebSocket);
+
+    QSslConfiguration sslconfig = _socket->sslConfiguration();
+    sslconfig.setCaCertificates(CaCertificates::getCaCertificatesFromResource());
+    _socket->setSslConfiguration(sslconfig);
+
     connect(_socket.get(), QOverload<QAbstractSocket::SocketError>::of(&QWebSocket::error), this, &LoginGui::socketError);
     connect(_socket.get(), &QWebSocket::connected, this, &LoginGui::sendAuthenticateMessage);
     connect(_socket.get(), &QWebSocket::textFrameReceived, this, &LoginGui::receivedMessageFromServer);
@@ -73,7 +80,7 @@ void LoginGui::doLogin()
     _ui.pbStatus->setMinimum(0); // Activate busy indicator
     _ui.pbStatus->setMaximum(0);
 
-    _socket->open(QUrl(QStringLiteral("ws://") + _ui.txtUrl->text()));
+    _socket->open(QUrl(QStringLiteral("wss://") + _ui.txtUrl->text()));
 }
 
 void LoginGui::sendAuthenticateMessage()
-- 
GitLab