51 #include <QtCore/qdatetime.h> 52 #include <QtCore/qdebug.h> 53 #include <QtCore/qdir.h> 54 #include <QtCore/qdiriterator.h> 55 #include <QtCore/qelapsedtimer.h> 56 #include <QtCore/qfile.h> 57 #include <QtCore/qfileinfo.h> 58 #include <QtCore/qmutex.h> 59 #include <QtCore/qthread.h> 60 #include <QtCore/qurl.h> 61 #include <QtCore/qvarlengtharray.h> 64 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) 66 #ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME 67 #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55 72 #if defined(Q_OS_MAC) && !defined(Q_OS_IOS) 73 #define kSecTrustSettingsDomainSystem 2 // so we do not need to include the header file 77 #elif defined(Q_OS_WIN) 81 #elif defined(Q_OS_SYMBIAN) 85 #include <QtCore/private/qcore_symbian_p.h> 159 QMutex *mutex = openssl_locks()->
lock(lockNumber);
162 if (mode & CRYPTO_LOCK)
198 if (descriptionList.
size() > 5) {
201 ciph.
d->
name = descriptionList.
at(0);
203 QString protoString = descriptionList.
at(1);
221 ciph.
d->
bits = cipher->strength_bits;
255 bool reinitialized =
false;
259 #ifndef OPENSSL_NO_SSL2 281 if (!reinitialized) {
282 reinitialized =
true;
297 options = SSL_OP_ALL|SSL_OP_NO_SSLv2;
299 options = SSL_OP_ALL;
303 options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
305 options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
307 #ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 310 options &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
312 options |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
315 #ifdef SSL_OP_NO_TICKET 317 options |= SSL_OP_NO_TICKET;
319 #ifdef SSL_OP_NO_COMPRESSION 321 options |= SSL_OP_NO_COMPRESSION;
353 if (! caCertificate.
isValid()) {
354 expiredCerts.
append(caCertificate);
360 bool addExpiredCerts =
true;
361 #if defined(Q_OS_MAC) && (MAC_OS_X_VERSION_MAX_ALLOWED == MAC_OS_X_VERSION_10_5) 364 addExpiredCerts =
false;
367 if (addExpiredCerts) {
376 for (
int a = 0;
a < unixDirs.
count(); ++
a)
438 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) 443 client &&
q_SSLeay() >= 0x00090806fL) {
453 if (!q_SSL_ctrl(
ssl, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, ace.
data()))
454 qWarning(
"could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled");
553 if (attempts < 500) {
555 struct timespec ts = {0, 33333333};
560 randomish.msec = attempts;
562 randomish.stack = (
void *)&randomish;
565 q_RAND_seed((
const char *)&randomish,
sizeof(randomish));
584 #if defined(Q_OS_MAC) && !defined(Q_OS_IOS) 585 QLibrary securityLib(
"/System/Library/Frameworks/Security.framework/Versions/Current/Security");
586 if (securityLib.
load()) {
589 qWarning(
"could not resolve symbols in security library");
595 qWarning(
"could not resolve symbols in security library");
598 qWarning(
"could not load security library");
600 #elif defined(Q_OS_WIN) 601 HINSTANCE hLib = LoadLibraryW(L
"Crypt32");
603 #if defined(Q_OS_WINCE) 612 if (!ptrCertOpenSystemStoreW || !ptrCertFindCertificateInStore || !ptrCertCloseStore)
613 qWarning(
"could not resolve symbols in crypt32 library");
615 qWarning(
"could not load crypt32 library");
617 #elif defined(Q_OS_QNX) 619 #elif defined(Q_OS_UNIX) && !defined(Q_OS_SYMBIAN) && !defined(Q_OS_MAC) 623 symLinkFilter <<
QLatin1String(
"[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].[0-9]");
624 for (
int a = 0;
a < dirs.
count(); ++
a) {
691 #if defined(Q_OS_SYMBIAN) 693 CSymbianCertificateRetriever::CSymbianCertificateRetriever() : CActive(CActive::EPriorityStandard),
694 iCertificatePtr(0,0,0), iSequenceError(KErrNone)
698 CSymbianCertificateRetriever::~CSymbianCertificateRetriever()
703 CSymbianCertificateRetriever* CSymbianCertificateRetriever::NewL()
705 CSymbianCertificateRetriever*
self =
new (ELeave) CSymbianCertificateRetriever();
706 CleanupStack::PushL(
self);
712 int CSymbianCertificateRetriever::GetCertificates(
QList<QByteArray> &certificates)
714 iCertificates = &certificates;
717 iThread.Logon(status);
719 User::WaitForRequest(status);
720 if (iThread.ExitType() == EExitKill)
726 void CSymbianCertificateRetriever::doThreadEntryL()
728 CActiveScheduler* activeScheduler =
new (ELeave) CActiveScheduler;
729 CleanupStack::PushL(activeScheduler);
730 CActiveScheduler::Install(activeScheduler);
735 iCertStore = CUnifiedCertStore::NewLC(qt_s60GetRFs(), EFalse);
736 iCertFilter = CCertAttributeFilter::NewLC();
739 iCertFilter->SetOwnerType(ECACertificate);
741 iCertFilter->SetFormat(EX509Certificate);
744 iState = Initializing;
745 iCertStore->Initialize(iStatus);
748 CActiveScheduler::Start();
756 CleanupStack::PopAndDestroy(3);
760 TInt CSymbianCertificateRetriever::ThreadEntryPoint(TAny* aParams)
762 User::SetCritical(User::EProcessCritical);
763 CTrapCleanup* cleanupStack = CTrapCleanup::New();
765 CSymbianCertificateRetriever*
self = (CSymbianCertificateRetriever*) aParams;
766 TRAPD(err,
self->doThreadEntryL());
773 return self->iSequenceError;
776 void CSymbianCertificateRetriever::ConstructL()
784 err = iThread.Create(qt_QString2TPtrC(name.
arg(i++)),
785 CSymbianCertificateRetriever::ThreadEntryPoint, 16384, NULL,
this);
786 }
while (err == KErrAlreadyExists);
787 User::LeaveIfError(err);
790 void CSymbianCertificateRetriever::DoCancel()
794 iCertStore->CancelInitialize();
797 iCertStore->CancelList();
799 case RetrievingCertificates:
800 iCertStore->CancelGetCert();
805 TInt CSymbianCertificateRetriever::RunError(TInt aError)
808 iSequenceError = aError;
809 CActiveScheduler::Stop();
813 void CSymbianCertificateRetriever::GetCertificateL()
815 if (iCurrentCertIndex < iCertInfos.Count()) {
816 CCTCertInfo* certInfo = iCertInfos[iCurrentCertIndex++];
818 QT_TRYCATCH_LEAVING(iCertificateData.resize(certInfo->Size()));
819 iCertificatePtr.Set((TUint8*)iCertificateData.data(), 0, iCertificateData.size());
820 #ifdef QSSLSOCKET_DEBUG 821 qDebug() <<
"getting " << qt_TDesC2QString(certInfo->Label()) <<
" size=" << certInfo->Size();
822 qDebug() <<
"format=" << certInfo->CertificateFormat();
823 qDebug() <<
"ownertype=" << certInfo->CertificateOwnerType();
824 qDebug() <<
"type=" <<
hex << certInfo->Type().iUid;
826 iCertStore->Retrieve(*certInfo, iCertificatePtr, iStatus);
827 iState = RetrievingCertificates;
831 CActiveScheduler::Stop();
835 void CSymbianCertificateRetriever::RunL()
837 #ifdef QSSLSOCKET_DEBUG 838 qDebug() <<
"CSymbianCertificateRetriever::RunL status " << iStatus.Int() <<
" count " << iCertInfos.Count() <<
" index " << iCurrentCertIndex;
842 User::LeaveIfError(iStatus.Int());
844 iCertStore->List(iCertInfos, *iCertFilter, iStatus);
849 User::LeaveIfError(iStatus.Int());
850 iCurrentCertIndex = 0;
854 case RetrievingCertificates:
855 if (iStatus.Int() == KErrNone)
856 iCertificates->append(iCertificateData);
858 qWarning() <<
"CSymbianCertificateRetriever: failed to retrieve a certificate, error " << iStatus.Int();
863 #endif // defined(Q_OS_SYMBIAN) 868 #ifdef QSSLSOCKET_DEBUG 873 #if defined(Q_OS_MAC) && !defined(Q_OS_IOS) 878 SecCertificateRef certificate,
888 CFIndex size = CFArrayGetCount(cfCerts);
889 for (CFIndex i = 0; i < size; ++i) {
890 SecCertificateRef cfCert = (SecCertificateRef)CFArrayGetValueAtIndex(cfCerts, i);
892 CSSM_DATA_PTR dataPtr = &
data;
894 qWarning(
"error retrieving a CA certificate from the system store");
896 int len = data.Length;
897 char *rawData =
reinterpret_cast<char *
>(data.Data);
906 qWarning(
"could not retrieve system CA certificates");
909 #elif defined(Q_OS_WIN) 910 if (ptrCertOpenSystemStoreW && ptrCertFindCertificateInStore && ptrCertCloseStore) {
911 HCERTSTORE hSystemStore;
912 #if defined(Q_OS_WINCE) 913 hSystemStore = ptrCertOpenSystemStoreW(CERT_STORE_PROV_SYSTEM_W,
916 CERT_STORE_NO_CRYPT_RELEASE_FLAG|CERT_SYSTEM_STORE_CURRENT_USER,
919 hSystemStore = ptrCertOpenSystemStoreW(0, L
"ROOT");
922 PCCERT_CONTEXT pc = NULL;
924 pc = ptrCertFindCertificateInStore( hSystemStore, X509_ASN_ENCODING, 0, CERT_FIND_ANY, NULL, pc);
927 QByteArray der((
const char *)(pc->pbCertEncoded), static_cast<int>(pc->cbCertEncoded));
931 ptrCertCloseStore(hSystemStore, 0);
934 #elif defined(Q_OS_UNIX) && !defined(Q_OS_SYMBIAN) 941 for (
int a = 0;
a < directories.
count();
a++) {
950 QSetIterator<QString>
it(certFiles);
951 while(it.hasNext()) {
957 #elif defined(Q_OS_SYMBIAN) 961 retriever->GetCertificates(certs);
962 foreach (
const QByteArray &encodedCert, certs) {
965 #ifdef QSSLSOCKET_DEBUG 972 #ifdef QSSLSOCKET_DEBUG 973 qDebug() <<
"systemCaCertificates retrieval time " << timer.
elapsed() <<
"ms";
974 qDebug() <<
"imported " << systemCerts.
count() <<
" certificates";
1024 transmitting =
false;
1029 qint64 totalBytesWritten = 0;
1030 int nextDataBlockSize;
1033 if (writtenBytes <= 0) {
1040 #ifdef QSSLSOCKET_DEBUG 1041 qDebug() <<
"QSslSocketBackendPrivate::transmit: encrypted" << writtenBytes <<
"bytes";
1044 totalBytesWritten += writtenBytes;
1046 if (writtenBytes < nextDataBlockSize) {
1048 transmitting =
true;
1053 if (totalBytesWritten > 0) {
1057 emit q->bytesWritten(totalBytesWritten);
1068 data.
resize(pendingBytes);
1073 #ifdef QSSLSOCKET_DEBUG 1074 qDebug() <<
"QSslSocketBackendPrivate::transmit: wrote" << encryptedBytesRead <<
"encrypted bytes to the socket" << actualWritten <<
"actual.";
1076 if (actualWritten < 0) {
1083 transmitting =
true;
1090 data.
resize(pendingBytes);
1093 #ifdef QSSLSOCKET_DEBUG 1094 qDebug() <<
"QSslSocketBackendPrivate::transmit: read" << encryptedBytesRead <<
"encrypted bytes from the socket";
1100 if (writtenToBio > 0) {
1111 transmitting =
true;
1117 #ifdef QSSLSOCKET_DEBUG 1118 qDebug() <<
"QSslSocketBackendPrivate::transmit: testing encryption";
1121 #ifdef QSSLSOCKET_DEBUG 1122 qDebug() <<
"QSslSocketBackendPrivate::transmit: encryption established";
1125 transmitting =
true;
1127 #ifdef QSSLSOCKET_DEBUG 1128 qDebug() <<
"QSslSocketBackendPrivate::transmit: connection lost";
1132 #ifdef QSSLSOCKET_DEBUG 1133 qDebug() <<
"QSslSocketBackendPrivate::transmit: encryption not done yet";
1149 ::memset(data.
data(), 0, data.
size());
1153 #ifdef QSSLSOCKET_DEBUG 1154 qDebug() <<
"QSslSocketBackendPrivate::transmit: decrypted" << readBytes <<
"bytes";
1157 ::memcpy(ptr, data.
data(), readBytes);
1161 emit q->readyRead();
1162 transmitting =
true;
1168 case SSL_ERROR_WANT_READ:
1169 case SSL_ERROR_WANT_WRITE:
1172 case SSL_ERROR_ZERO_RETURN:
1174 #ifdef QSSLSOCKET_DEBUG 1175 qDebug() <<
"QSslSocketBackendPrivate::transmit: remote disconnect";
1178 q->setErrorString(
QSslSocket::tr(
"The TLS/SSL connection has been closed"));
1182 case SSL_ERROR_SYSCALL:
1201 }
while (
ssl && readBytes > 0);
1202 }
while (
ssl &&
ctx && transmitting);
1208 switch (errorCode) {
1212 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
1214 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
1216 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
1218 case X509_V_ERR_CERT_SIGNATURE_FAILURE:
1220 case X509_V_ERR_CERT_NOT_YET_VALID:
1222 case X509_V_ERR_CERT_HAS_EXPIRED:
1224 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
1226 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
1228 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
1230 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
1232 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
1234 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
1236 case X509_V_ERR_CERT_REVOKED:
1238 case X509_V_ERR_INVALID_CA:
1240 case X509_V_ERR_PATH_LENGTH_EXCEEDED:
1242 case X509_V_ERR_INVALID_PURPOSE:
1244 case X509_V_ERR_CERT_UNTRUSTED:
1246 case X509_V_ERR_CERT_REJECTED:
1260 _q_sslErrorList()->mutex.lock();
1261 _q_sslErrorList()->errors.clear();
1265 for (
int i = 0; i < lastErrors.
size(); ++i) {
1277 _q_sslErrorList()->mutex.unlock();
1286 case SSL_ERROR_WANT_READ:
1287 case SSL_ERROR_WANT_WRITE:
1293 #ifdef QSSLSOCKET_DEBUG 1294 qDebug() <<
"QSslSocketBackendPrivate::startHandshake: error!" << q->errorString();
1320 emit q->peerVerifyError(error);
1341 bool matched =
false;
1354 emit q->peerVerifyError(error);
1366 emit q->peerVerifyError(error);
1375 int err = errorAndDepth.
first;
1376 int depth = errorAndDepth.
second;
1382 emit q->sslErrors(errors);
1384 bool doEmitSslError;
1389 doEmitSslError =
false;
1390 for (
int a = 0;
a < errors.
count();
a++) {
1392 doEmitSslError =
true;
1403 if (doVerifyPeer && doEmitSslError) {
1418 #ifdef QT_DECRYPT_SSL_TRAFFIC 1419 if (
ssl->session &&
ssl->s3) {
1420 const char *mk =
reinterpret_cast<const char *
>(
ssl->session->master_key);
1422 const char *random =
reinterpret_cast<const char *
>(
ssl->s3->client_random);
1423 QByteArray clientRandom(random, SSL3_RANDOM_SIZE);
1434 QByteArray debugLineClientRandom(
"CLIENT_RANDOM ");
1436 debugLineClientRandom.
append(
" ");
1438 debugLineClientRandom.
append(
"\n");
1441 QFile file(sslKeyFile);
1443 qWarning() <<
"could not open file" << sslKeyFile <<
"for appending";
1444 if (!file.
write(debugLineClientRandom))
1445 qWarning() <<
"could not write to file" << sslKeyFile;
1448 qWarning(
"could not decrypt SSL traffic");
1453 emit q->encrypted();
1456 q->disconnectFromHost();
1485 #if OPENSSL_VERSION_NUMBER >= 0x10000000L 1504 return certificates;
1510 unsigned long errNum;
1526 return cn == hostname;
1532 if ((-1 == secondCnDot) || (secondCnDot+1 >= cn.
length()))
1536 if (wildcard+1 != firstCnDot)
1544 if (wildcard && (hostname.
leftRef(wildcard) != cn.
leftRef(wildcard)))
static PtrSecTrustCopyAnchorCertificates ptrSecTrustCopyAnchorCertificates
The QDir class provides access to directory structures and their contents.
int q_SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath)
#define q_OpenSSL_add_all_algorithms()
int q_BIO_read(BIO *a, void *b, int c)
static void deinitialize()
const T * constData() const
int q_SSL_CTX_check_private_key(SSL_CTX *a)
QSsl::KeyAlgorithm algorithm() const
Returns the key algorithm.
int q_SSL_CTX_use_certificate(SSL_CTX *a, X509 *b)
#define q_sk_X509_value(st, i)
bool isNull() const
Returns true if this host address is null (INADDR_ANY or in6addr_any).
int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b)
SSL_METHOD * q_SSLv3_client_method()
BIO_METHOD * q_BIO_s_mem()
QIntegerForSizeof< void * >::Unsigned quintptr
SSL_METHOD * q_SSLv3_server_method()
void q_CRYPTO_set_id_callback(unsigned long(*a)())
#define QT_END_NAMESPACE
This macro expands to.
bool q_resolveOpenSslSymbols()
void lock()
Locks the mutex.
The QMutex class provides access serialization between threads.
static QString fromAscii(const char *, int size=-1)
Returns a QString initialized with the first size characters from the string str. ...
bool hasNext() const
Returns true if there is at least one more entry in the directory; otherwise, false is returned...
char * data()
Returns a pointer to the data stored in the byte array.
QByteArray toUpper() const
Returns an uppercase copy of the byte array.
const char * readPointer() const
QSslSocketBackendPrivate()
static void setDefaultSupportedCiphers(const QList< QSslCipher > &ciphers)
qint64 bytesAvailable() const
Returns the number of incoming bytes that are waiting to be read.
#define it(className, varName)
int q_SSL_CTX_set_cipher_list(SSL_CTX *a, const char *b)
bool open(OpenMode flags)
Opens the file using OpenMode mode, returning true if successful; otherwise false.
QByteArray & append(char c)
Appends the character ch to this byte array.
static QList< QByteArray > unixRootCertDirectories()
Qt::HANDLE handle() const
Returns a pointer to the native key handle, if it is available; otherwise a null pointer is returned...
QSsl::SslOptions sslOptions
void setPath(const QString &path)
Sets the path of the directory to path.
HCERTSTORE(WINAPI * PtrCertOpenSystemStoreW)(LPCSTR, DWORD, HCRYPTPROV_LEGACY, DWORD, const void *)
void q_SSL_CTX_free(SSL_CTX *a)
QList< QSslCipher > ciphers
int nextDataBlockSize() const
The QByteArray class provides an array of bytes.
int length() const
Returns the number of characters in this string.
bool empty() const
This function is provided for STL compatibility.
QString errorString() const
Returns a human-readable description of the last device error that occurred.
The QSslSocket class provides an SSL encrypted socket for both clients and servers.
SSL_CIPHER * q_SSL_get_current_cipher(SSL *a)
bool startsWith(const QString &s, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Returns true if the string starts with s; otherwise returns false.
static LibLoadStatus status
static int q_X509Callback(int ok, X509_STORE_CTX *ctx)
static QString tr(const char *sourceText, const char *comment=0, int n=-1)
int q_SSL_get_error(SSL *a, int b)
QLatin1String(DBUS_INTERFACE_DBUS))) Q_GLOBAL_STATIC_WITH_ARGS(QString
int msec() const
Returns the millisecond part (0 to 999) of the time.
long ASN1_INTEGER_get ASN1_INTEGER * a
int count(const T &t) const
Returns the number of occurrences of value in the list.
int q_SSL_write(SSL *a, const void *b, int c)
void * resolve(const char *symbol)
Returns the address of the exported symbol symbol.
static bool isBlacklisted(const QSslCertificate &certificate)
The QDirIterator class provides an iterator for directory entrylists.
The QString class provides a Unicode character string.
QList< QPair< int, int > > errors
static QList< QSslCertificate > STACKOFX509_to_QSslCertificates(STACK_OF(X509) *x509)
QFileInfo fileInfo() const
Returns a QFileInfo for the current directory entry.
QByteArray toHex() const
Returns a hex encoded copy of the byte array.
BOOL(WINAPI * PtrCertCloseStore)(HCERTSTORE, DWORD)
QString errorString() const
Returns a short localized human-readable description of the error.
#define kSecTrustSettingsDomainSystem
The QElapsedTimer class provides a fast way to calculate elapsed times.
int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b)
static bool s_loadRootCertsOnDemand
QSsl::SslProtocol protocol
The QSslCipher class represents an SSL cryptographic cipher.
qint64 elapsed() const
Returns the number of milliseconds since this QElapsedTimer was last started.
Q_CORE_EXPORT QTextStream & hex(QTextStream &s)
int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
void setNameFilters(const QStringList &nameFilters)
Sets the name filters used by entryList() and entryInfoList() to the list of filters specified by nam...
bool isEmpty() const
Returns true if the list contains no items; otherwise returns false.
The QScopedPointer class stores a pointer to a dynamically allocated object, and deletes it upon dest...
QStringRef leftRef(int n) const Q_REQUIRED_RESULT
Returns a substring reference to the n leftmost characters of the string.
OSStatus(* PtrSecTrustCopyAnchorCertificates)(CFArrayRef *)
qint64 read(char *data, qint64 maxlen)
Reads at most maxSize bytes from the device into data, and returns the number of bytes read...
bool isNull() const
Returns true if this is a null certificate (i.e., a certificate with no contents); otherwise returns ...
Q_CORE_EXPORT void qDebug(const char *,...)
char * q_ERR_error_string(unsigned long a, char *b)
static void setDefaultCiphers(const QList< QSslCipher > &ciphers)
static QByteArray toAce(const QString &)
Returns the ASCII Compatible Encoding of the given domain name domain.
void append(const T &t)
Inserts value at the end of the list.
char * reserve(int bytes)
void q_SSL_set_bio(SSL *a, BIO *b, BIO *c)
QList< QSslError > ignoreErrorsList
EVP_PKEY * q_EVP_PKEY_new()
#define q_sk_SSL_CIPHER_value(st, i)
#define QT_BEGIN_NAMESPACE
This macro expands to.
BIO * q_BIO_new(BIO_METHOD *a)
QBool contains(const T &t) const
Returns true if the list contains an occurrence of value; otherwise returns false.
void q_SSL_set_accept_state(SSL *a)
bool isValid() const
Returns true if this certificate is valid; otherwise returns false.
SSL_METHOD * q_SSLv2_server_method()
int q_SSL_shutdown(SSL *a)
#define q_sk_SSL_CIPHER_num(st)
void startServerEncryption()
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
static bool s_loadedCiphersAndCerts
QScopedPointer< QSslCipherPrivate > d
Qt::HANDLE handle() const
Returns a pointer to the native certificate handle, if there is one, or a null pointer otherwise...
static unsigned long id_function()
void q_CRYPTO_set_locking_callback(void(*a)(int, int, const char *, int))
SSL_METHOD * q_SSLv23_client_method()
static void locking_function(int mode, int lockNumber, const char *, int)
#define Q_GLOBAL_STATIC(TYPE, NAME)
Declares a global static variable with the given type and name.
SSL_METHOD * q_TLSv1_server_method()
const T & at(int i) const
Returns the item at index position i in the list.
The QStringList class provides a list of strings.
static void setDefaultCaCertificates(const QList< QSslCertificate > &certs)
qint64 peek(char *data, qint64 maxlen)
Reads at most maxSize bytes from the device into data, without side effects (i.
QString canonicalFilePath() const
Returns the canonical path including the file name, i.e.
QSslSocket::PeerVerifyMode peerVerifyMode
Q_CORE_EXPORT void qWarning(const char *,...)
int second() const
Returns the second part (0 to 59) of the time.
const_iterator insert(const T &value)
static QSslCertificate QSslCertificate_from_X509(X509 *x509)
static const char * data(const QByteArray &arr)
int indexOf(QChar c, int from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
The QLatin1String class provides a thin wrapper around an US-ASCII/Latin-1 encoded string literal...
QString subjectInfo(SubjectInfo info) const
Returns the information for the subject, or an empty string if there is no information for subject in...
QString issuerInfo(SubjectInfo info) const
Returns the issuer information for the subject from the certificate, or an empty string if there is n...
T value(int i) const
Returns the value at index position i in the list.
const T * ptr(const T &t)
void transmit()
Transmits encrypted data between the BIOs and the socket.
void setReadBufferSize(qint64 size)
Sets the size of QAbstractSocket's internal read buffer to be size bytes.
QByteArray toLatin1() const Q_REQUIRED_RESULT
Returns a Latin-1 representation of the string as a QByteArray.
static QSslError _q_OpenSSL_to_QSslError(int errorCode, const QSslCertificate &cert)
void clear()
Removes all items from the list.
void q_X509_free(X509 *a)
QString name() const
Returns the name of the cipher, or an empty QString if this is a null cipher.
int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b)
static bool supportsSsl()
Does the minimum amount of initialization to determine whether SSL is supported or not...
int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
static void ensureCiphersAndCertsLoaded()
static bool s_libraryLoaded
void unlock()
Unlocks the mutex.
SSL_METHOD * q_SSLv2_client_method()
void q_SSL_CTX_set_verify_depth(SSL_CTX *a, int b)
QSslConfigurationPrivate configuration
static QString tempPath()
Returns the absolute path of the system's temporary directory.
SSL * q_SSL_new(SSL_CTX *a)
T & first()
Returns a reference to the first item in the list.
const char * constData() const
Returns a pointer to the data stored in the byte array.
QSslCertificate localCertificate
QStringRef midRef(int position, int n=-1) const Q_REQUIRED_RESULT
Returns a substring reference to n characters of this string, starting at the specified position...
QString mid(int position, int n=-1) const Q_REQUIRED_RESULT
Returns a string that contains n characters of this string, starting at the specified position index...
OSStatus(* PtrSecTrustSettingsCopyCertificates)(int, CFArrayRef *)
static PtrSecCertificateGetData ptrSecCertificateGetData
The QMutexLocker class is a convenience class that simplifies locking and unlocking mutexes...
QString arg(qlonglong a, int fieldwidth=0, int base=10, const QChar &fillChar=QLatin1Char(' ')) const Q_REQUIRED_RESULT
void disconnectFromHost()
QMultiMap< QSsl::AlternateNameEntryType, QString > alternateSubjectNames() const
Returns the list of alternative subject names for this certificate.
QString & append(QChar c)
bool load()
Loads the library and returns true if the library was loaded successfully; otherwise returns false...
QString next()
Advances the iterator to the next entry, and returns the file path of this new entry.
void setAddress(quint32 ip4Addr)
Set the IPv4 address specified by ip4Addr.
QSsl::SslProtocol protocol
The QFile class provides an interface for reading from and writing to files.
static PtrSecTrustSettingsCopyCertificates ptrSecTrustSettingsCopyCertificates
SSL_METHOD * q_TLSv1_client_method()
static QTime currentTime()
Returns the current time as reported by the system clock.
void q_SSL_CTX_set_verify(SSL_CTX *a, int b, int(*c)(int, X509_STORE_CTX *))
int lastIndexOf(QChar c, int from=-1, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
static void resetDefaultCiphers()
Declared static in QSslSocketPrivate, backend-dependent loading of application-wide global ciphers...
static QList< QSslCertificate > systemCaCertificates()
bool isNull() const
Returns true if this is a null cipher; otherwise returns false.
void q_SSL_load_error_strings()
QString toLower() const Q_REQUIRED_RESULT
Returns a lowercase copy of the string.
QSslCipher sessionCipher() const
int size() const
Returns the number of items in the list.
unsigned long q_ERR_get_error()
OSStatus(* PtrSecCertificateGetData)(SecCertificateRef, CSSM_DATA_PTR)
int q_SSL_read(SSL *a, void *b, int c)
void q_SSL_set_connect_state(SSL *a)
static QList< QSslCertificate > fromPath(const QString &path, QSsl::EncodingFormat format=QSsl::Pem, QRegExp::PatternSyntax syntax=QRegExp::FixedString)
Searches all files in the path for certificates encoded in the specified format and returns them in a...
void q_RAND_seed(const void *a, int b)
bool * readyReadEmittedPointer
void disconnectFromHost()
Attempts to close the socket.
void startClientEncryption()
#define q_sk_X509_num(st)
QString verificationPeerName
static void ensureInitialized()
Declared static in QSslSocketPrivate, makes sure the SSL libraries have been initialized.
QList< QPair< int, int > > errorList
bool isNull() const
Returns true if this is a null key; otherwise false.
static const MacVersion MacintoshVersion
the version of the Macintosh operating system on which the application is run (Mac only)...
int q_SSL_connect(SSL *a)
QList< QSslError > sslErrors
static QSslCipher QSslCipher_from_SSL_CIPHER(SSL_CIPHER *cipher)
The QSslCertificate class provides a convenient API for an X509 certificate.
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
void q_EVP_PKEY_free(EVP_PKEY *a)
static QList< QSslCipher > supportedCiphers()
QStringList split(const QString &sep, SplitBehavior behavior=KeepEmptyParts, Qt::CaseSensitivity cs=Qt::CaseSensitive) const Q_REQUIRED_RESULT
Splits the string into substrings wherever sep occurs, and returns the list of those strings...
The QSslError class provides an SSL error.
char * q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c)
static QList< QSslCipher > defaultCiphers()
The QHostAddress class provides an IP address.
bool allowRootCertOnDemandLoading
PCCERT_CONTEXT(WINAPI * PtrCertFindCertificateInStore)(HCERTSTORE, DWORD, DWORD, DWORD, const void *, PCCERT_CONTEXT)
QSslCertificate peerCertificate
SSL_METHOD * q_SSLv23_server_method()
QString keyExchangeMethod
qint64 write(const char *data, qint64 len)
Writes at most maxSize bytes of data from data to the device.
QList< QSslCertificate > peerCertificateChain
SocketError error() const
Returns the type of error that last occurred.
static QString getErrorsFromOpenSsl()
STACK_OF(SSL_CIPHER) *SSL_get_ciphers SSL *a
const struct __CFArray * CFArrayRef
virtual void close()
Calls QFile::flush() and closes the file.
int q_BIO_write(BIO *a, const void *b, int c)
SSL_CTX * q_SSL_CTX_new(SSL_METHOD *a)
void start()
Starts this timer.
#define q_SSL_CTX_set_options(ctx, op)
static QList< QSslCertificate > fromData(const QByteArray &data, QSsl::EncodingFormat format=QSsl::Pem)
Searches for and parses all certificates in data that are encoded in the specified format and returns...
static Q_AUTOTEST_EXPORT bool isMatchingHostname(const QString &cn, const QString &hostname)
The QLatin1Char class provides an 8-bit ASCII/Latin-1 character.
virtual ~QSslSocketBackendPrivate()
static bool ensureLibraryLoaded()
SocketState state() const
Returns the state of the socket.
The QLibrary class loads shared libraries at runtime.
bool isValid() const
Returns true if the socket is valid and ready for use; otherwise returns false.
The QList class is a template class that provides lists.
int q_X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
static Qt::HANDLE currentThreadId()
Returns the thread handle of the currently executing thread.
QString authenticationMethod
X509 * q_SSL_get_peer_certificate(SSL *a)