Connecting Qt with SSL to a jetty server

Question

I have some problems with connecting a qt client to an embedded jetty server.

At first, I use the following components:

Qt 4.4.3 (compiled with active openssl support) jetty 8.8.1 java 6

I know, the versions are not most recent, but because of licencing issues and customer wishes I can not use newer one.

So, the scenario is that a qt client has to send http GET and POST requests to the jetty server. As long I use simple http with the QHttp object it works fine, the problems start when I switch to SSL.

My first try was to use the QSslSocket object for the GET request:

// Load certs + private key to socket   
_pSocket = new QSslSocket(this);
_pSocket->setLocalCertificate(_certificate);
_pSocket->setPrivateKey(_privatekey);
_pSocket->addDefaultCaCertificate(_cacertificate);

connect (_pSocket, SIGNAL(encrypted()), this, SLOT(_encrypted()));
_pSocket->connectToHostEncrypted("localhost", 8000);

with the following slot function for the encrypted state:

void TestClient::_encrypted() {
    QString _path("/testpath/list");
    QByteArray buffer("GET ");
    buffer.append(_path).append(" HTTP/1.1\r\n");
    _pSocket->write(buffer);
}

Here I have my first problem:

This results in the following string, which is as far as I see compliant to RFC 2616:

"GET /testpath/list HTTP/1.1\r\n"

For some reason, the jetty server has a problem with that, keeping in a loop till the client close the connection because of a time out.

But if I use the following string, it works perfect:

"GET /testpath/list\r\n"

Here is my first question: Do you now an explanation for this behaviour ? I can live with it, but I want to know the reason

My second problem is the POST request, this fails always.

These examples I already tried:

"POST /testpath/receive/\r\n{"data":"hello world ?!"}\r\n"
"POST /testpath/receive/ HTTP/1.1\r\n{"data":"hello world ?!"}\r\n"
"POST /testpath/receive/\r\n\r\n{"data":"hello world ?!"}\r\n"
"POST /testpath/receive/ HTTP/1.1\r\n\r\n{"data":"hello world ?!"}\r\n"

I have the feeling, that the body is every time empty, so my server crashes because he tries to parse an empty string as json. At least, the following log shows that:

2013-11-19 17:11:51.671, INFO, foo.bar.RepositoryHandler, qtp11155366-16 - /testpath/receive request type : /receive
2013-11-19 17:11:51.811, ERROR, foo.bar.RepositoryHandler, qtp11155366-16 - /testpath/receive missing or unknown elements in JSON request. Check JSON against documentation
2013-11-19 17:11:51.874, WARN, org.eclipse.jetty.server.AbstractHttpConnection, qtp11155366-16 - /testpath/receive /testpath/receive
java.lang.NullPointerException: null
    at foo.bar.RepositoryHandler.decodeViewingRequest(RepositoryHandler.java:366) ~[MyServer.jar:na]
    at foo.bar.RepositoryHandler.handle(RepositoryHandler.java:182) ~[MyServer.jar:na]

So, all together, I think I have several major errors in my requests. But which ?

My second try was to use the QHttp object and change the QSocket it uses with a QSslSocket I already initiated.

Here's the code of the main function:

QSslSocket* _pSocket;
QHttp* _pHttp;
int _id;
QBuffer* _pBuffer;
QByteArray _data;   

_pSocket = new QSslSocket(this);
_pSocket->setLocalCertificate(_certificate);
_pSocket->setPrivateKey(_privatekey);
_pSocket->addDefaultCaCertificate(_cacertificate);

QUrl url;
url.setScheme("https");
url.setHost("localhost");
url.setPort(8001);
url.setPath("/testpath/receive");

connect (_pSocket, SIGNAL(encrypted()), this, SLOT(_encrypted()));
connect(_pHttp,SIGNAL(requestFinished(int,bool)),this,SLOT(_requestFinished(int,bool))); 
connect(_pHttp,SIGNAL(done(bool)),this,SLOT(_done(bool)));

_pBuffer = new QBuffer(&_data);
_pHttp->setSocket(_pSocket);
_pSocket->connectToHostEncrypted(strHost, strPort.toInt());
_id = _pHttp->get(url.toString(),_pBuffer);

And the callbacks:

void _requestFinished(int id, bool error) {
    if(id = _id)
        qDebug() << "data=" << _data;
}

void _encrypted() {
    qDebug() << "encrypted";
}

void _done(bool error) {
    logInfo() << "_done";

    if(_pHttp) {
        _pHttp->abort();
        delete _pHttp;
        _pHttp = 0;
    }
    if(_pBuffer) {
        delete _pBuffer;
        _pBuffer = 0;
    }    

    if(_pSocket) {
        _pSocket->disconnectFromHost();
        delete _pSocket;
        _pSocket = 0;
    }
}

I think, I only have to change the position of the _pHttp->get call, perhaps in the _encrypted callback, but I'm not sure.

Some good advise ?

Thanks, Robert

Answer 1

Your HTTP request is incomplete, per RFC2616.

"GET /testpath/list HTTP/1.1\r\n"

That is invalid.

Try this instead.

"GET /testpath/list HTTP/1.1\r\n" + /* request line (required) */
"Host: localhost\r\n" + /* host header (required minimum) */
"\r\n" /* terminating CR + LF (required) */

As outlined in Section 5.1.2

   The most common form of Request-URI is that used to identify a
   resource on an origin server or gateway. In this case the absolute
   path of the URI MUST be transmitted (see section 3.2.1, abs_path) as
   the Request-URI, and the network location of the URI (authority) MUST
   be transmitted in a Host header field. For example, a client wishing
   to retrieve the resource above directly from the origin server would
   create a TCP connection to port 80 of the host "www.w3.org" and send
   the lines:

       GET /pub/WWW/TheProject.html HTTP/1.1
       Host: www.w3.org

The Request-URI line and Host header Header are mandated.