Qt 4.8
qsslsocket_p.h
Go to the documentation of this file.
1 /****************************************************************************
2 **
3 ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
4 ** Contact: http://www.qt-project.org/legal
5 **
6 ** This file is part of the QtNetwork module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and Digia. For licensing terms and
14 ** conditions see http://qt.digia.com/licensing. For further information
15 ** use the contact form at http://qt.digia.com/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 2.1 requirements
23 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
24 **
25 ** In addition, as a special exception, Digia gives you certain additional
26 ** rights. These rights are described in the Digia Qt LGPL Exception
27 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
28 **
29 ** GNU General Public License Usage
30 ** Alternatively, this file may be used under the terms of the GNU
31 ** General Public License version 3.0 as published by the Free Software
32 ** Foundation and appearing in the file LICENSE.GPL included in the
33 ** packaging of this file. Please review the following information to
34 ** ensure the GNU General Public License version 3.0 requirements will be
35 ** met: http://www.gnu.org/copyleft/gpl.html.
36 **
37 **
38 ** $QT_END_LICENSE$
39 **
40 ****************************************************************************/
41 
42 
43 #ifndef QSSLSOCKET_P_H
44 #define QSSLSOCKET_P_H
45 
46 #include "qsslsocket.h"
47 
48 //
49 // W A R N I N G
50 // -------------
51 //
52 // This file is not part of the Qt API. It exists for the convenience
53 // of the QLibrary class. This header file may change from
54 // version to version without notice, or even be removed.
55 //
56 // We mean it.
57 //
58 
59 #include <private/qtcpsocket_p.h>
60 #include "qsslkey.h"
61 #include "qsslconfiguration_p.h"
62 
63 #include <QtCore/qstringlist.h>
64 
65 #include <private/qringbuffer_p.h>
66 
67 #if defined(Q_OS_MAC)
68 #include <Security/SecCertificate.h>
69 #include <CoreFoundation/CFArray.h>
70 #elif defined(Q_OS_WIN)
71 #include <windows.h>
72 #include <wincrypt.h>
73 #ifndef HCRYPTPROV_LEGACY
74 #define HCRYPTPROV_LEGACY HCRYPTPROV
75 #endif
76 #endif
77 
78 QT_BEGIN_NAMESPACE
79 
80 #if defined(Q_OS_MAC) && !defined(Q_OS_IOS)
81  typedef OSStatus (*PtrSecCertificateGetData)(SecCertificateRef, CSSM_DATA_PTR);
82  typedef OSStatus (*PtrSecTrustSettingsCopyCertificates)(int, CFArrayRef*);
83  typedef OSStatus (*PtrSecTrustCopyAnchorCertificates)(CFArrayRef*);
84 #endif
85 
86 #if defined(Q_OS_WIN)
87 #if defined(Q_OS_WINCE)
88  typedef HCERTSTORE (WINAPI *PtrCertOpenSystemStoreW)(LPCSTR, DWORD, HCRYPTPROV_LEGACY, DWORD, const void*);
89 #else
90  typedef HCERTSTORE (WINAPI *PtrCertOpenSystemStoreW)(HCRYPTPROV_LEGACY, LPCWSTR);
91 #endif
92  typedef PCCERT_CONTEXT (WINAPI *PtrCertFindCertificateInStore)(HCERTSTORE, DWORD, DWORD, DWORD, const void*, PCCERT_CONTEXT);
93  typedef BOOL (WINAPI *PtrCertCloseStore)(HCERTSTORE, DWORD);
94 #endif
95 
96 
97 
98 class QSslSocketPrivate : public QTcpSocketPrivate
99 {
100  Q_DECLARE_PUBLIC(QSslSocket)
101 public:
102  QSslSocketPrivate();
103  virtual ~QSslSocketPrivate();
104 
105  void init();
106  bool initialized;
107 
108  QSslSocket::SslMode mode;
109  bool autoStartHandshake;
110  bool connectionEncrypted;
111  bool shutdown;
112  bool ignoreAllSslErrors;
113  QList<QSslError> ignoreErrorsList;
114  bool* readyReadEmittedPointer;
115 
116  QSslConfigurationPrivate configuration;
117  QList<QSslError> sslErrors;
118 
119  // if set, this hostname is used for certificate validation instead of the hostname
120  // that was used for connecting to.
121  QString verificationPeerName;
122 
123  bool allowRootCertOnDemandLoading;
124 
125  static bool supportsSsl();
126  static void ensureInitialized();
127  static void deinitialize();
128  static QList<QSslCipher> defaultCiphers();
129  static QList<QSslCipher> supportedCiphers();
130  static void setDefaultCiphers(const QList<QSslCipher> &ciphers);
131  static void setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers);
132  static void resetDefaultCiphers();
133 
134  static QList<QSslCertificate> defaultCaCertificates();
135  static QList<QSslCertificate> systemCaCertificates();
136  static void setDefaultCaCertificates(const QList<QSslCertificate> &certs);
137  static bool addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format,
138  QRegExp::PatternSyntax syntax);
139  static void addDefaultCaCertificate(const QSslCertificate &cert);
140  static void addDefaultCaCertificates(const QList<QSslCertificate> &certs);
141 
142 #if defined(Q_OS_MAC) && !defined(Q_OS_IOS)
143  static PtrSecCertificateGetData ptrSecCertificateGetData;
144  static PtrSecTrustSettingsCopyCertificates ptrSecTrustSettingsCopyCertificates;
145  static PtrSecTrustCopyAnchorCertificates ptrSecTrustCopyAnchorCertificates;
146 #elif defined(Q_OS_WIN)
147  static PtrCertOpenSystemStoreW ptrCertOpenSystemStoreW;
148  static PtrCertFindCertificateInStore ptrCertFindCertificateInStore;
149  static PtrCertCloseStore ptrCertCloseStore;
150 #endif
151 
152  // The socket itself, including private slots.
153  QTcpSocket *plainSocket;
154  void createPlainSocket(QIODevice::OpenMode openMode);
155  static void pauseSocketNotifiers(QSslSocket*);
156  static void resumeSocketNotifiers(QSslSocket*);
157  void _q_connectedSlot();
158  void _q_hostFoundSlot();
159  void _q_disconnectedSlot();
160  void _q_stateChangedSlot(QAbstractSocket::SocketState);
161  void _q_errorSlot(QAbstractSocket::SocketError);
162  void _q_readyReadSlot();
163  void _q_bytesWrittenSlot(qint64);
164  void _q_flushWriteBuffer();
165  void _q_flushReadBuffer();
166 
167  virtual qint64 peek(char *data, qint64 maxSize);
168  virtual QByteArray peek(qint64 maxSize);
169 
170  // Platform specific functions
171  virtual void startClientEncryption() = 0;
172  virtual void startServerEncryption() = 0;
173  virtual void transmit() = 0;
174  virtual void disconnectFromHost() = 0;
175  virtual void disconnected() = 0;
176  virtual QSslCipher sessionCipher() const = 0;
177 
178  Q_AUTOTEST_EXPORT static bool rootCertOnDemandLoadingSupported();
179 
180 private:
181  static bool ensureLibraryLoaded();
182  static void ensureCiphersAndCertsLoaded();
183 
184  static bool s_libraryLoaded;
185  static bool s_loadedCiphersAndCerts;
186 protected:
187  static bool s_loadRootCertsOnDemand;
188  static QList<QByteArray> unixRootCertDirectories();
189 };
190 
191 QT_END_NAMESPACE
192 
193 #endif
QSslSocketPrivate::ptrSecTrustCopyAnchorCertificates
static PtrSecTrustCopyAnchorCertificates ptrSecTrustCopyAnchorCertificates
Definition: qsslsocket_p.h:145
QSslSocketPrivate::deinitialize
static void deinitialize()
Definition: qsslsocket_openssl.cpp:504
QSslSocketPrivate::addDefaultCaCertificates
static bool addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format, QRegExp::PatternSyntax syntax)
Definition: qsslsocket.cpp:2024
QSslSocketPrivate::startServerEncryption
virtual void startServerEncryption()=0
QT_END_NAMESPACE
#define QT_END_NAMESPACE
This macro expands to.
Definition: qglobal.h:90
QIODevicePrivate::openMode
QIODevice::OpenMode openMode
Definition: qiodevice_p.h:212
QSslSocketPrivate::resumeSocketNotifiers
static void resumeSocketNotifiers(QSslSocket *)
Definition: qsslsocket.cpp:2173
QSslSocketPrivate::setDefaultSupportedCiphers
static void setDefaultSupportedCiphers(const QList< QSslCipher > &ciphers)
Definition: qsslsocket.cpp:1989
QSslSocketPrivate::unixRootCertDirectories
static QList< QByteArray > unixRootCertDirectories()
Definition: qsslsocket.cpp:2385
QSslSocketPrivate::createPlainSocket
void createPlainSocket(QIODevice::OpenMode openMode)
Definition: qsslsocket.cpp:2114
PtrCertOpenSystemStoreW
HCERTSTORE(WINAPI * PtrCertOpenSystemStoreW)(LPCSTR, DWORD, HCRYPTPROV_LEGACY, DWORD, const void *)
Definition: qsslsocket_p.h:88
QByteArray
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
QSslSocket
The QSslSocket class provides an SSL encrypted socket for both clients and servers.
Definition: qsslsocket.h:67
QSslSocketPrivate::startClientEncryption
virtual void startClientEncryption()=0
QSslSocketPrivate::addDefaultCaCertificate
static void addDefaultCaCertificate(const QSslCertificate &cert)
Definition: qsslsocket.cpp:2041
QSslSocketPrivate::_q_stateChangedSlot
void _q_stateChangedSlot(QAbstractSocket::SocketState)
Definition: qsslsocket.cpp:2240
QString
The QString class provides a Unicode character string.
Definition: qstring.h:83
QSslSocketPrivate::disconnectFromHost
virtual void disconnectFromHost()=0
QSslSocketPrivate::defaultCaCertificates
static QList< QSslCertificate > defaultCaCertificates()
Definition: qsslsocket.cpp:1999
PtrCertCloseStore
BOOL(WINAPI * PtrCertCloseStore)(HCERTSTORE, DWORD)
Definition: qsslsocket_p.h:93
QSslSocketPrivate::mode
QSslSocket::SslMode mode
Definition: qsslsocket_p.h:108
QSslSocketPrivate::s_loadRootCertsOnDemand
static bool s_loadRootCertsOnDemand
Definition: qsslsocket_p.h:187
QSslSocketPrivate::_q_bytesWrittenSlot
void _q_bytesWrittenSlot(qint64)
Definition: qsslsocket.cpp:2288
QSslCipher
The QSslCipher class represents an SSL cryptographic cipher.
Definition: qsslcipher.h:59
PtrSecTrustCopyAnchorCertificates
OSStatus(* PtrSecTrustCopyAnchorCertificates)(CFArrayRef *)
Definition: qsslsocket_p.h:83
QSslSocketPrivate::_q_disconnectedSlot
void _q_disconnectedSlot()
Definition: qsslsocket.cpp:2226
QAbstractSocket::SocketState
SocketState
This enum describes the different states in which a socket can be.
Definition: qabstractsocket.h:102
QSslSocketPrivate::setDefaultCiphers
static void setDefaultCiphers(const QList< QSslCipher > &ciphers)
Definition: qsslsocket.cpp:1979
QSslSocketPrivate::ignoreErrorsList
QList< QSslError > ignoreErrorsList
Definition: qsslsocket_p.h:113
QT_BEGIN_NAMESPACE
#define QT_BEGIN_NAMESPACE
This macro expands to.
Definition: qglobal.h:89
QSslSocketPrivate::transmit
virtual void transmit()=0
QSslSocket::SslMode
SslMode
Describes the connection modes available for QSslSocket.
Definition: qsslsocket.h:71
QSslSocketPrivate::s_loadedCiphersAndCerts
static bool s_loadedCiphersAndCerts
Definition: qsslsocket_p.h:185
QAbstractSocket::SocketError
SocketError
This enum describes the socket errors that can occur.
Definition: qabstractsocket.h:79
QSslSocketPrivate::setDefaultCaCertificates
static void setDefaultCaCertificates(const QList< QSslCertificate > &certs)
Definition: qsslsocket.cpp:2010
data
static const char * data(const QByteArray &arr)
Definition: qdbusmessage.cpp:60
QTcpSocket
The QTcpSocket class provides a TCP socket.
Definition: qtcpsocket.h:56
qint64
__int64 qint64
Definition: qglobal.h:942
QSslSocketPrivate::supportsSsl
static bool supportsSsl()
Does the minimum amount of initialization to determine whether SSL is supported or not...
Definition: qsslsocket_openssl.cpp:520
QSslSocketPrivate::ensureCiphersAndCertsLoaded
static void ensureCiphersAndCertsLoaded()
Definition: qsslsocket_openssl.cpp:574
OSStatus
signed long OSStatus
Definition: qmacdefines_mac.h:105
QSslSocketPrivate::s_libraryLoaded
static bool s_libraryLoaded
Definition: qsslsocket_p.h:184
QSslSocketPrivate::sessionCipher
virtual QSslCipher sessionCipher() const =0
QSslSocketPrivate::configuration
QSslConfigurationPrivate configuration
Definition: qsslsocket_p.h:116
PtrSecTrustSettingsCopyCertificates
OSStatus(* PtrSecTrustSettingsCopyCertificates)(int, CFArrayRef *)
Definition: qsslsocket_p.h:82
QSslSocketPrivate::ptrSecCertificateGetData
static PtrSecCertificateGetData ptrSecCertificateGetData
Definition: qsslsocket_p.h:143
Q_DECLARE_PUBLIC
#define Q_DECLARE_PUBLIC(Class)
Definition: qglobal.h:2477
QRegExp::PatternSyntax
PatternSyntax
The syntax used to interpret the meaning of the pattern.
Definition: qregexp.h:64
QSsl::EncodingFormat
EncodingFormat
Describes supported encoding formats for certificates and keys.
Definition: qssl.h:61
format
format
Definition: qprintengine_ps.cpp:286
QSslSocketPrivate::ptrSecTrustSettingsCopyCertificates
static PtrSecTrustSettingsCopyCertificates ptrSecTrustSettingsCopyCertificates
Definition: qsslsocket_p.h:144
QSslSocketPrivate::disconnected
virtual void disconnected()=0
QSslSocketPrivate::resetDefaultCiphers
static void resetDefaultCiphers()
Declared static in QSslSocketPrivate, backend-dependent loading of application-wide global ciphers...
Definition: qsslsocket_openssl.cpp:664
QSslSocketPrivate::systemCaCertificates
static QList< QSslCertificate > systemCaCertificates()
Definition: qsslsocket_openssl.cpp:865
QSslSocketPrivate::plainSocket
QTcpSocket * plainSocket
Definition: qsslsocket_p.h:153
QSslSocketPrivate::_q_flushWriteBuffer
void _q_flushWriteBuffer()
Definition: qsslsocket.cpp:2306
PtrSecCertificateGetData
OSStatus(* PtrSecCertificateGetData)(SecCertificateRef, CSSM_DATA_PTR)
Definition: qsslsocket_p.h:81
Q_AUTOTEST_EXPORT
#define Q_AUTOTEST_EXPORT
Definition: qglobal.h:1510
QSslSocketPrivate::_q_errorSlot
void _q_errorSlot(QAbstractSocket::SocketError)
Definition: qsslsocket.cpp:2253
QSslSocketPrivate::readyReadEmittedPointer
bool * readyReadEmittedPointer
Definition: qsslsocket_p.h:114
QSslSocketPrivate::~QSslSocketPrivate
virtual ~QSslSocketPrivate()
Definition: qsslsocket.cpp:1932
QSslSocketPrivate::verificationPeerName
QString verificationPeerName
Definition: qsslsocket_p.h:121
QSslSocketPrivate::ensureInitialized
static void ensureInitialized()
Declared static in QSslSocketPrivate, makes sure the SSL libraries have been initialized.
Definition: qsslsocket_openssl.cpp:647
QSslSocketPrivate::sslErrors
QList< QSslError > sslErrors
Definition: qsslsocket_p.h:117
QSslCertificate
The QSslCertificate class provides a convenient API for an X509 certificate.
Definition: qsslcertificate.h:70
QSslSocketPrivate::supportedCiphers
static QList< QSslCipher > supportedCiphers()
Definition: qsslsocket.cpp:1969
QSslSocketPrivate::defaultCiphers
static QList< QSslCipher > defaultCiphers()
Definition: qsslsocket.cpp:1960
QSslSocketPrivate::allowRootCertOnDemandLoading
bool allowRootCertOnDemandLoading
Definition: qsslsocket_p.h:123
PtrCertFindCertificateInStore
PCCERT_CONTEXT(WINAPI * PtrCertFindCertificateInStore)(HCERTSTORE, DWORD, DWORD, DWORD, const void *, PCCERT_CONTEXT)
Definition: qsslsocket_p.h:92
CFArrayRef
const struct __CFArray * CFArrayRef
Definition: qfilesystemwatcher_fsevents_p.h:71
qsslconfiguration_p.h
QSslSocketPrivate::pauseSocketNotifiers
static void pauseSocketNotifiers(QSslSocket *)
Definition: qsslsocket.cpp:2166
QSslSocketPrivate::ensureLibraryLoaded
static bool ensureLibraryLoaded()
Definition: qsslsocket_openssl.cpp:525
QSslSocketPrivate::peek
virtual qint64 peek(char *data, qint64 maxSize)
Definition: qsslsocket.cpp:2326
QSslSocketPrivate::rootCertOnDemandLoadingSupported
static Q_AUTOTEST_EXPORT bool rootCertOnDemandLoadingSupported()
Definition: qsslsocket.cpp:2377
Qt 4.8 Source Code Browser