1 /****************************************************************************
2 **
3 ** Copyright (C) 2016 The Qt Company Ltd.
4 ** Copyright (C) 2014 BlackBerry Limited. All rights reserved.
5 ** Contact: https://www.qt.io/licensing/
6 **
7 ** This file is part of the QtNetwork module of the Qt Toolkit.
8 **
9 ** $QT_BEGIN_LICENSE:LGPL$
10 ** Commercial License Usage
11 ** Licensees holding valid commercial Qt licenses may use this file in
12 ** accordance with the commercial license agreement provided with the
13 ** Software or, alternatively, in accordance with the terms contained in
14 ** a written agreement between you and The Qt Company. For licensing terms
15 ** and conditions see https://www.qt.io/terms-conditions. For further
16 ** information use the contact form at https://www.qt.io/contact-us.
17 **
18 ** GNU Lesser General Public License Usage
19 ** Alternatively, this file may be used under the terms of the GNU Lesser
20 ** General Public License version 3 as published by the Free Software
21 ** Foundation and appearing in the file LICENSE.LGPL3 included in the
22 ** packaging of this file. Please review the following information to
23 ** ensure the GNU Lesser General Public License version 3 requirements
24 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
25 **
26 ** GNU General Public License Usage
27 ** Alternatively, this file may be used under the terms of the GNU
28 ** General Public License version 2.0 or (at your option) the GNU General
29 ** Public license version 3 or any later version approved by the KDE Free
30 ** Qt Foundation. The licenses are as published by the Free Software
31 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
32 ** included in the packaging of this file. Please review the following
33 ** information to ensure the GNU General Public License requirements will
34 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and
35 ** https://www.gnu.org/licenses/gpl-3.0.html.
36 **
37 ** $QT_END_LICENSE$
38 **
39 ****************************************************************************/
40
41 /****************************************************************************
42 **
43 ** In addition, as a special exception, the copyright holders listed above give
44 ** permission to link the code of its release of Qt with the OpenSSL project's
45 ** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
46 ** same license as the original version), and distribute the linked executables.
47 **
48 ** You must comply with the GNU General Public License version 2 in all
49 ** respects for all of the code used other than the "OpenSSL" code. If you
50 ** modify this file, you may extend this exception to your version of the file,
51 ** but you are not obligated to do so. If you do not wish to do so, delete
52 ** this exception statement from your version of this file.
53 **
54 ****************************************************************************/
55
56 #ifndef QSSLCONFIGURATION_P_H
57 #define QSSLCONFIGURATION_P_H
58
59 //
60 // W A R N I N G
61 // -------------
62 //
63 // This file is not part of the Qt API. It exists for the convenience
64 // of the QSslSocket API. This header file may change from
65 // version to version without notice, or even be removed.
66 //
67 // We mean it.
68 //
69
70 #include <QtCore/qmap.h>
71 #include <QtNetwork/private/qtnetworkglobal_p.h>
72 #include "qsslconfiguration.h"
73 #include "qlist.h"
74 #include "qsslcertificate.h"
75 #include "qsslcipher.h"
76 #include "qsslkey.h"
77 #include "qsslellipticcurve.h"
78 #include "qssldiffiehellmanparameters.h"
79
80 QT_BEGIN_NAMESPACE
81
82 class QSslConfigurationPrivate: public QSharedData
83 {
84 public:
QSslConfigurationPrivate()85 QSslConfigurationPrivate()
86 : sessionProtocol(QSsl::UnknownProtocol),
87 protocol(QSsl::SecureProtocols),
88 peerVerifyMode(QSslSocket::AutoVerifyPeer),
89 peerVerifyDepth(0),
90 allowRootCertOnDemandLoading(true),
91 peerSessionShared(false),
92 sslOptions(QSslConfigurationPrivate::defaultSslOptions),
93 dhParams(QSslDiffieHellmanParameters::defaultParameters()),
94 sslSessionTicketLifeTimeHint(-1),
95 ephemeralServerKey(),
96 preSharedKeyIdentityHint(),
97 nextProtocolNegotiationStatus(QSslConfiguration::NextProtocolNegotiationNone)
98 { }
99
100 QSslCertificate peerCertificate;
101 QList<QSslCertificate> peerCertificateChain;
102
103 QList<QSslCertificate> localCertificateChain;
104
105 QSslKey privateKey;
106 QSslCipher sessionCipher;
107 QSsl::SslProtocol sessionProtocol;
108 QList<QSslCipher> ciphers;
109 QList<QSslCertificate> caCertificates;
110
111 QSsl::SslProtocol protocol;
112 QSslSocket::PeerVerifyMode peerVerifyMode;
113 int peerVerifyDepth;
114 bool allowRootCertOnDemandLoading;
115 bool peerSessionShared;
116
117 Q_AUTOTEST_EXPORT static bool peerSessionWasShared(const QSslConfiguration &configuration);
118
119 QSsl::SslOptions sslOptions;
120
121 Q_AUTOTEST_EXPORT static const QSsl::SslOptions defaultSslOptions;
122
123 QVector<QSslEllipticCurve> ellipticCurves;
124
125 QSslDiffieHellmanParameters dhParams;
126
127 QMap<QByteArray, QVariant> backendConfig;
128
129 QByteArray sslSession;
130 int sslSessionTicketLifeTimeHint;
131
132 QSslKey ephemeralServerKey;
133
134 QByteArray preSharedKeyIdentityHint;
135
136 QList<QByteArray> nextAllowedProtocols;
137 QByteArray nextNegotiatedProtocol;
138 QSslConfiguration::NextProtocolNegotiationStatus nextProtocolNegotiationStatus;
139
140 #if QT_CONFIG(dtls)
141 bool dtlsCookieEnabled = true;
142 #else
143 const bool dtlsCookieEnabled = false;
144 #endif // dtls
145
146 #if QT_CONFIG(ocsp)
147 bool ocspStaplingEnabled = false;
148 #else
149 const bool ocspStaplingEnabled = false;
150 #endif
151
152 // in qsslsocket.cpp:
153 static QSslConfiguration defaultConfiguration();
154 static void setDefaultConfiguration(const QSslConfiguration &configuration);
155 static void deepCopyDefaultConfiguration(QSslConfigurationPrivate *config);
156
157 static QSslConfiguration defaultDtlsConfiguration();
158 static void setDefaultDtlsConfiguration(const QSslConfiguration &configuration);
159 };
160
161 // implemented here for inlining purposes
QSslConfiguration(QSslConfigurationPrivate * dd)162 inline QSslConfiguration::QSslConfiguration(QSslConfigurationPrivate *dd)
163 : d(dd)
164 {
165 }
166
167 QT_END_NAMESPACE
168
169 #endif
170