Update the QWebSocket's QSslConfiguration when needed

This ensures that the peer certificate chain is kept in sync so that it
can be queried when an encrypted connection has been made.

Change-Id: I5df18bb71ac4bec3a8a939482df5a5ffe5c20cb5
Reviewed-by: Liang Qi <liang.qi@theqtcompany.com>

2 files changed, 20 insertions, 0 deletions

diff --git a/src/websockets/qwebsocket_p.cpp b/src/websockets/qwebsocket_p.cpp
index 1722c15..0eadc93 100644
--- a/src/websockets/qwebsocket_p.cpp
+++ b/src/websockets/qwebsocket_p.cpp
@@ -275,6 +275,15 @@ void QWebSocketPrivate::ignoreSslErrors()
     }
 }
 
+/*!
+* \internal
+*/
+void QWebSocketPrivate::_q_updateSslConfiguration()
+{
+    if (QSslSocket *sslSock = qobject_cast<QSslSocket *>(m_pSocket))
+        m_configuration.m_sslConfiguration = sslSock->sslConfiguration();
+}
+
 #endif
 
 /*!
@@ -294,6 +303,10 @@ QWebSocket *QWebSocketPrivate::upgradeFrom(QTcpSocket *pTcpSocket,
             headerIter.next();
             netRequest.setRawHeader(headerIter.key().toLatin1(), headerIter.value().toLatin1());
         }
+#ifndef QT_NO_SSL
+        if (QSslSocket *sslSock = qobject_cast<QSslSocket *>(pTcpSocket))
+            pWebSocket->setSslConfiguration(sslSock->sslConfiguration());
+#endif
         pWebSocket->d_func()->setExtension(response.acceptedExtension());
         pWebSocket->d_func()->setOrigin(request.origin());
         pWebSocket->d_func()->setRequest(netRequest);
@@ -579,6 +592,8 @@ void QWebSocketPrivate::makeConnections(const QTcpSocket *pTcpSocket)
             QObject::connect(sslSocket,
                              static_cast<sslErrorSignalType>(&QSslSocket::sslErrors),
                              q, &QWebSocket::sslErrors);
+            QObjectPrivate::connect(sslSocket, &QSslSocket::encrypted,
+                                    this, &QWebSocketPrivate::_q_updateSslConfiguration);
         } else
 #endif // QT_NO_SSL
         {
@@ -1058,6 +1073,10 @@ void QWebSocketPrivate::processStateChanged(QAbstractSocket::SocketState socketS
 
     switch (socketState) {
     case QAbstractSocket::ConnectedState:
+#ifndef QT_NO_SSL
+        if (QSslSocket *sslSock = qobject_cast<QSslSocket *>(m_pSocket))
+            m_configuration.m_sslConfiguration = sslSock->sslConfiguration();
+#endif
         if (webSocketState == QAbstractSocket::ConnectingState) {
             m_key = generateKey();
 
diff --git a/src/websockets/qwebsocket_p.h b/src/websockets/qwebsocket_p.h
index 037df61..b7e1a81 100644
--- a/src/websockets/qwebsocket_p.h
+++ b/src/websockets/qwebsocket_p.h
@@ -141,6 +141,7 @@ public:
     void ignoreSslErrors();
     void setSslConfiguration(const QSslConfiguration &sslConfiguration);
     QSslConfiguration sslConfiguration() const;
+    void _q_updateSslConfiguration();
 #endif
 
     void closeGoingAway();