1 | /**************************************************************************** |
2 | ** |
3 | ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). |
4 | ** Contact: http://www.qt-project.org/legal |
5 | ** |
6 | ** This file is part of the QtNetwork module of the Qt Toolkit. |
7 | ** |
8 | ** $QT_BEGIN_LICENSE:LGPL$ |
9 | ** Commercial License Usage |
10 | ** Licensees holding valid commercial Qt licenses may use this file in |
11 | ** accordance with the commercial license agreement provided with the |
12 | ** Software or, alternatively, in accordance with the terms contained in |
13 | ** a written agreement between you and Digia. For licensing terms and |
14 | ** conditions see http://qt.digia.com/licensing. For further information |
15 | ** use the contact form at http://qt.digia.com/contact-us. |
16 | ** |
17 | ** GNU Lesser General Public License Usage |
18 | ** Alternatively, this file may be used under the terms of the GNU Lesser |
19 | ** General Public License version 2.1 as published by the Free Software |
20 | ** Foundation and appearing in the file LICENSE.LGPL included in the |
21 | ** packaging of this file. Please review the following information to |
22 | ** ensure the GNU Lesser General Public License version 2.1 requirements |
23 | ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. |
24 | ** |
25 | ** In addition, as a special exception, Digia gives you certain additional |
26 | ** rights. These rights are described in the Digia Qt LGPL Exception |
27 | ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. |
28 | ** |
29 | ** GNU General Public License Usage |
30 | ** Alternatively, this file may be used under the terms of the GNU |
31 | ** General Public License version 3.0 as published by the Free Software |
32 | ** Foundation and appearing in the file LICENSE.GPL included in the |
33 | ** packaging of this file. Please review the following information to |
34 | ** ensure the GNU General Public License version 3.0 requirements will be |
35 | ** met: http://www.gnu.org/copyleft/gpl.html. |
36 | ** |
37 | ** |
38 | ** $QT_END_LICENSE$ |
39 | ** |
40 | ****************************************************************************/ |
41 | |
42 | |
43 | #ifndef QSSLSOCKET_H |
44 | #define QSSLSOCKET_H |
45 | |
46 | #include <QtCore/qlist.h> |
47 | #include <QtCore/qregexp.h> |
48 | #ifndef QT_NO_OPENSSL |
49 | # include <QtNetwork/qtcpsocket.h> |
50 | # include <QtNetwork/qsslerror.h> |
51 | #endif |
52 | |
53 | QT_BEGIN_HEADER |
54 | |
55 | QT_BEGIN_NAMESPACE |
56 | |
57 | QT_MODULE(Network) |
58 | |
59 | #ifndef QT_NO_OPENSSL |
60 | |
61 | class QDir; |
62 | class QSslCipher; |
63 | class QSslCertificate; |
64 | class QSslConfiguration; |
65 | |
66 | class QSslSocketPrivate; |
67 | class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket |
68 | { |
69 | Q_OBJECT |
70 | public: |
71 | enum SslMode { |
72 | UnencryptedMode, |
73 | SslClientMode, |
74 | SslServerMode |
75 | }; |
76 | |
77 | enum PeerVerifyMode { |
78 | VerifyNone, |
79 | QueryPeer, |
80 | VerifyPeer, |
81 | AutoVerifyPeer |
82 | }; |
83 | |
84 | QSslSocket(QObject *parent = 0); |
85 | ~QSslSocket(); |
86 | |
87 | // Autostarting the SSL client handshake. |
88 | void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite); |
89 | void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite); |
90 | bool setSocketDescriptor(int socketDescriptor, SocketState state = ConnectedState, |
91 | OpenMode openMode = ReadWrite); |
92 | |
93 | // ### Qt 5: Make virtual |
94 | void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value); |
95 | QVariant socketOption(QAbstractSocket::SocketOption option); |
96 | |
97 | SslMode mode() const; |
98 | bool isEncrypted() const; |
99 | |
100 | QSsl::SslProtocol protocol() const; |
101 | void setProtocol(QSsl::SslProtocol protocol); |
102 | |
103 | QSslSocket::PeerVerifyMode peerVerifyMode() const; |
104 | void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode); |
105 | |
106 | int peerVerifyDepth() const; |
107 | void setPeerVerifyDepth(int depth); |
108 | |
109 | QString peerVerifyName() const; |
110 | void setPeerVerifyName(const QString &hostName); |
111 | |
112 | // From QIODevice |
113 | qint64 bytesAvailable() const; |
114 | qint64 bytesToWrite() const; |
115 | bool canReadLine() const; |
116 | void close(); |
117 | bool atEnd() const; |
118 | bool flush(); |
119 | void abort(); |
120 | |
121 | // From QAbstractSocket: |
122 | void setReadBufferSize(qint64 size); |
123 | |
124 | // Similar to QIODevice's: |
125 | qint64 encryptedBytesAvailable() const; |
126 | qint64 encryptedBytesToWrite() const; |
127 | |
128 | // SSL configuration |
129 | QSslConfiguration sslConfiguration() const; |
130 | void setSslConfiguration(const QSslConfiguration &config); |
131 | |
132 | // Certificate & cipher accessors. |
133 | void setLocalCertificate(const QSslCertificate &certificate); |
134 | void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem); |
135 | QSslCertificate localCertificate() const; |
136 | QSslCertificate peerCertificate() const; |
137 | QList<QSslCertificate> peerCertificateChain() const; |
138 | QSslCipher sessionCipher() const; |
139 | |
140 | // Private keys, for server sockets. |
141 | void setPrivateKey(const QSslKey &key); |
142 | void setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa, |
143 | QSsl::EncodingFormat format = QSsl::Pem, |
144 | const QByteArray &passPhrase = QByteArray()); |
145 | QSslKey privateKey() const; |
146 | |
147 | // Cipher settings. |
148 | QList<QSslCipher> ciphers() const; |
149 | void setCiphers(const QList<QSslCipher> &ciphers); |
150 | void setCiphers(const QString &ciphers); |
151 | static void setDefaultCiphers(const QList<QSslCipher> &ciphers); |
152 | static QList<QSslCipher> defaultCiphers(); |
153 | static QList<QSslCipher> supportedCiphers(); |
154 | |
155 | // CA settings. |
156 | bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, |
157 | QRegExp::PatternSyntax syntax = QRegExp::FixedString); |
158 | void addCaCertificate(const QSslCertificate &certificate); |
159 | void addCaCertificates(const QList<QSslCertificate> &certificates); |
160 | void setCaCertificates(const QList<QSslCertificate> &certificates); |
161 | QList<QSslCertificate> caCertificates() const; |
162 | static bool addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, |
163 | QRegExp::PatternSyntax syntax = QRegExp::FixedString); |
164 | static void addDefaultCaCertificate(const QSslCertificate &certificate); |
165 | static void addDefaultCaCertificates(const QList<QSslCertificate> &certificates); |
166 | static void setDefaultCaCertificates(const QList<QSslCertificate> &certificates); |
167 | static QList<QSslCertificate> defaultCaCertificates(); |
168 | static QList<QSslCertificate> systemCaCertificates(); |
169 | |
170 | bool waitForConnected(int msecs = 30000); |
171 | bool waitForEncrypted(int msecs = 30000); |
172 | bool waitForReadyRead(int msecs = 30000); |
173 | bool waitForBytesWritten(int msecs = 30000); |
174 | bool waitForDisconnected(int msecs = 30000); |
175 | |
176 | QList<QSslError> sslErrors() const; |
177 | |
178 | static bool supportsSsl(); |
179 | void ignoreSslErrors(const QList<QSslError> &errors); |
180 | |
181 | public Q_SLOTS: |
182 | void startClientEncryption(); |
183 | void startServerEncryption(); |
184 | void ignoreSslErrors(); |
185 | |
186 | Q_SIGNALS: |
187 | void encrypted(); |
188 | void peerVerifyError(const QSslError &error); |
189 | void sslErrors(const QList<QSslError> &errors); |
190 | void modeChanged(QSslSocket::SslMode newMode); |
191 | void encryptedBytesWritten(qint64 totalBytes); |
192 | |
193 | protected Q_SLOTS: |
194 | void connectToHostImplementation(const QString &hostName, quint16 port, |
195 | OpenMode openMode); |
196 | void disconnectFromHostImplementation(); |
197 | |
198 | protected: |
199 | qint64 readData(char *data, qint64 maxlen); |
200 | qint64 writeData(const char *data, qint64 len); |
201 | |
202 | private: |
203 | Q_DECLARE_PRIVATE(QSslSocket) |
204 | Q_DISABLE_COPY(QSslSocket) |
205 | Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot()) |
206 | Q_PRIVATE_SLOT(d_func(), void _q_hostFoundSlot()) |
207 | Q_PRIVATE_SLOT(d_func(), void _q_disconnectedSlot()) |
208 | Q_PRIVATE_SLOT(d_func(), void _q_stateChangedSlot(QAbstractSocket::SocketState)) |
209 | Q_PRIVATE_SLOT(d_func(), void _q_errorSlot(QAbstractSocket::SocketError)) |
210 | Q_PRIVATE_SLOT(d_func(), void _q_readyReadSlot()) |
211 | Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64)) |
212 | Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer()) |
213 | Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer()) |
214 | friend class QSslSocketBackendPrivate; |
215 | }; |
216 | |
217 | #endif // QT_NO_OPENSSL |
218 | |
219 | QT_END_NAMESPACE |
220 | |
221 | #ifndef QT_NO_OPENSSL |
222 | Q_DECLARE_METATYPE(QList<QSslError>) |
223 | #endif |
224 | |
225 | QT_END_HEADER |
226 | |
227 | #endif |
228 | |