1 /**************************************************************************** 2 ** 3 ** Copyright (C) 2016 The Qt Company Ltd. 4 ** Copyright (C) 2014 BlackBerry Limited. All rights reserved. 5 ** Contact: https://www.qt.io/licensing/ 6 ** 7 ** This file is part of the QtNetwork module of the Qt Toolkit. 8 ** 9 ** $QT_BEGIN_LICENSE:LGPL$ 10 ** Commercial License Usage 11 ** Licensees holding valid commercial Qt licenses may use this file in 12 ** accordance with the commercial license agreement provided with the 13 ** Software or, alternatively, in accordance with the terms contained in 14 ** a written agreement between you and The Qt Company. For licensing terms 15 ** and conditions see https://www.qt.io/terms-conditions. For further 16 ** information use the contact form at https://www.qt.io/contact-us. 17 ** 18 ** GNU Lesser General Public License Usage 19 ** Alternatively, this file may be used under the terms of the GNU Lesser 20 ** General Public License version 3 as published by the Free Software 21 ** Foundation and appearing in the file LICENSE.LGPL3 included in the 22 ** packaging of this file. Please review the following information to 23 ** ensure the GNU Lesser General Public License version 3 requirements 24 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. 25 ** 26 ** GNU General Public License Usage 27 ** Alternatively, this file may be used under the terms of the GNU 28 ** General Public License version 2.0 or (at your option) the GNU General 29 ** Public license version 3 or any later version approved by the KDE Free 30 ** Qt Foundation. The licenses are as published by the Free Software 31 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 32 ** included in the packaging of this file. Please review the following 33 ** information to ensure the GNU General Public License requirements will 34 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and 35 ** https://www.gnu.org/licenses/gpl-3.0.html. 36 ** 37 ** $QT_END_LICENSE$ 38 ** 39 ****************************************************************************/ 40 41 /**************************************************************************** 42 ** 43 ** In addition, as a special exception, the copyright holders listed above give 44 ** permission to link the code of its release of Qt with the OpenSSL project's 45 ** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the 46 ** same license as the original version), and distribute the linked executables. 47 ** 48 ** You must comply with the GNU General Public License version 2 in all 49 ** respects for all of the code used other than the "OpenSSL" code. If you 50 ** modify this file, you may extend this exception to your version of the file, 51 ** but you are not obligated to do so. If you do not wish to do so, delete 52 ** this exception statement from your version of this file. 53 ** 54 ****************************************************************************/ 55 56 #ifndef QSSLCONFIGURATION_H 57 #define QSSLCONFIGURATION_H 58 59 #include <QtNetwork/qtnetworkglobal.h> 60 #include <QtCore/qmap.h> 61 #include <QtCore/qshareddata.h> 62 #include <QtNetwork/qsslsocket.h> 63 #include <QtNetwork/qssl.h> 64 65 #ifndef QT_NO_SSL 66 67 QT_BEGIN_NAMESPACE 68 69 template<typename T> class QList; 70 class QSslCertificate; 71 class QSslCipher; 72 class QSslKey; 73 class QSslEllipticCurve; 74 class QSslDiffieHellmanParameters; 75 76 namespace dtlsopenssl 77 { 78 class DtlsState; 79 } 80 81 class QSslConfigurationPrivate; 82 class Q_NETWORK_EXPORT QSslConfiguration 83 { 84 public: 85 QSslConfiguration(); 86 QSslConfiguration(const QSslConfiguration &other); 87 ~QSslConfiguration(); 88 QSslConfiguration &operator=(QSslConfiguration &&other) noexcept { swap(other); return *this; } 89 QSslConfiguration &operator=(const QSslConfiguration &other); 90 swap(QSslConfiguration & other)91 void swap(QSslConfiguration &other) noexcept 92 { qSwap(d, other.d); } 93 94 bool operator==(const QSslConfiguration &other) const; 95 inline bool operator!=(const QSslConfiguration &other) const 96 { return !(*this == other); } 97 98 bool isNull() const; 99 100 QSsl::SslProtocol protocol() const; 101 void setProtocol(QSsl::SslProtocol protocol); 102 103 // Verification 104 QSslSocket::PeerVerifyMode peerVerifyMode() const; 105 void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode); 106 107 int peerVerifyDepth() const; 108 void setPeerVerifyDepth(int depth); 109 110 // Certificate & cipher configuration 111 QList<QSslCertificate> localCertificateChain() const; 112 void setLocalCertificateChain(const QList<QSslCertificate> &localChain); 113 114 QSslCertificate localCertificate() const; 115 void setLocalCertificate(const QSslCertificate &certificate); 116 117 QSslCertificate peerCertificate() const; 118 QList<QSslCertificate> peerCertificateChain() const; 119 QSslCipher sessionCipher() const; 120 QSsl::SslProtocol sessionProtocol() const; 121 122 // Private keys, for server sockets 123 QSslKey privateKey() const; 124 void setPrivateKey(const QSslKey &key); 125 126 // Cipher settings 127 QList<QSslCipher> ciphers() const; 128 void setCiphers(const QList<QSslCipher> &ciphers); 129 static QList<QSslCipher> supportedCiphers(); 130 131 // Certificate Authority (CA) settings 132 QList<QSslCertificate> caCertificates() const; 133 void setCaCertificates(const QList<QSslCertificate> &certificates); 134 bool addCaCertificates( 135 const QString &path, QSsl::EncodingFormat format = QSsl::Pem, 136 QSslCertificate::PatternSyntax syntax = QSslCertificate::PatternSyntax::FixedString); 137 void addCaCertificate(const QSslCertificate &certificate); 138 void addCaCertificates(const QList<QSslCertificate> &certificates); 139 140 static QList<QSslCertificate> systemCaCertificates(); 141 142 void setSslOption(QSsl::SslOption option, bool on); 143 bool testSslOption(QSsl::SslOption option) const; 144 145 QByteArray sessionTicket() const; 146 void setSessionTicket(const QByteArray &sessionTicket); 147 int sessionTicketLifeTimeHint() const; 148 149 QSslKey ephemeralServerKey() const; 150 151 // EC settings 152 QVector<QSslEllipticCurve> ellipticCurves() const; 153 void setEllipticCurves(const QVector<QSslEllipticCurve> &curves); 154 static QVector<QSslEllipticCurve> supportedEllipticCurves(); 155 156 QByteArray preSharedKeyIdentityHint() const; 157 void setPreSharedKeyIdentityHint(const QByteArray &hint); 158 159 QSslDiffieHellmanParameters diffieHellmanParameters() const; 160 void setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams); 161 162 QMap<QByteArray, QVariant> backendConfiguration() const; 163 void setBackendConfigurationOption(const QByteArray &name, const QVariant &value); 164 void setBackendConfiguration(const QMap<QByteArray, QVariant> &backendConfiguration = QMap<QByteArray, QVariant>()); 165 166 static QSslConfiguration defaultConfiguration(); 167 static void setDefaultConfiguration(const QSslConfiguration &configuration); 168 169 #if QT_CONFIG(dtls) || defined(Q_CLANG_QDOC) 170 bool dtlsCookieVerificationEnabled() const; 171 void setDtlsCookieVerificationEnabled(bool enable); 172 173 static QSslConfiguration defaultDtlsConfiguration(); 174 static void setDefaultDtlsConfiguration(const QSslConfiguration &configuration); 175 #endif // dtls 176 177 void setOcspStaplingEnabled(bool enable); 178 bool ocspStaplingEnabled() const; 179 180 enum NextProtocolNegotiationStatus { 181 NextProtocolNegotiationNone, 182 NextProtocolNegotiationNegotiated, 183 NextProtocolNegotiationUnsupported 184 }; 185 186 #if QT_VERSION >= QT_VERSION_CHECK(6,0,0) 187 void setAllowedNextProtocols(const QList<QByteArray> &protocols); 188 #else 189 void setAllowedNextProtocols(QList<QByteArray> protocols); 190 #endif 191 QList<QByteArray> allowedNextProtocols() const; 192 193 QByteArray nextNegotiatedProtocol() const; 194 NextProtocolNegotiationStatus nextProtocolNegotiationStatus() const; 195 196 static const char ALPNProtocolHTTP2[]; 197 static const char NextProtocolSpdy3_0[]; 198 static const char NextProtocolHttp1_1[]; 199 200 private: 201 friend class QSslSocket; 202 friend class QSslConfigurationPrivate; 203 friend class QSslSocketBackendPrivate; 204 friend class QSslContext; 205 friend class QDtlsBasePrivate; 206 friend class dtlsopenssl::DtlsState; 207 QSslConfiguration(QSslConfigurationPrivate *dd); 208 QSharedDataPointer<QSslConfigurationPrivate> d; 209 }; 210 211 Q_DECLARE_SHARED(QSslConfiguration) 212 213 QT_END_NAMESPACE 214 215 Q_DECLARE_METATYPE(QSslConfiguration) 216 217 #endif // QT_NO_SSL 218 219 #endif 220