1 /*************************************************************************** 2 qgsauthsslconfigwidget.h 3 --------------------- 4 begin : May 17, 2015 5 copyright : (C) 2015 by Boundless Spatial, Inc. USA 6 author : Larry Shaffer 7 email : lshaffer at boundlessgeo dot com 8 *************************************************************************** 9 * * 10 * This program is free software; you can redistribute it and/or modify * 11 * it under the terms of the GNU General Public License as published by * 12 * the Free Software Foundation; either version 2 of the License, or * 13 * (at your option) any later version. * 14 * * 15 ***************************************************************************/ 16 17 #ifndef QGSAUTHSSLCONFIGWIDGET_H 18 #define QGSAUTHSSLCONFIGWIDGET_H 19 20 #include <QDialog> 21 #include "qgis_sip.h" 22 #include <QWidget> 23 #include "ui_qgsauthsslconfigwidget.h" 24 25 #include <QSslCertificate> 26 #include <QSslConfiguration> 27 28 #include "qgsauthconfig.h" 29 #include "qgis_gui.h" 30 31 class QComboBox; 32 class QGroupBox; 33 class QSpinBox; 34 35 /** 36 * \ingroup gui 37 * \brief Widget for editing an SSL server configuration 38 */ 39 class GUI_EXPORT QgsAuthSslConfigWidget : public QWidget, private Ui::QgsAuthSslConfigWidget 40 { 41 Q_OBJECT 42 43 public: 44 45 /** 46 * Construct a widget for editing an SSL server certificate configuration 47 * \param parent Parent widget 48 * \param cert SSL server certificate object 49 * \param hostport Unique host:port to associate with the server certificate 50 * \param connectionCAs List of trusted Certificate Authorities objects 51 */ 52 explicit QgsAuthSslConfigWidget( QWidget *parent SIP_TRANSFERTHIS = nullptr, 53 const QSslCertificate &cert = QSslCertificate(), 54 const QString &hostport = QString(), 55 const QList<QSslCertificate> &connectionCAs = QList<QSslCertificate>() ); 56 57 //! Access to the certificate's group box widget 58 QGroupBox *certificateGroupBox(); 59 //! Access to the SSL configuration's group box widget 60 QGroupBox *sslConfigGroupBox(); 61 62 //! Gets the SSL configuration 63 const QgsAuthConfigSslServer sslCustomConfig(); 64 65 //! Gets the SSL server certificate 66 const QSslCertificate sslCertificate(); 67 68 //! Gets the host:port to associate with the server certificate 69 const QString sslHost(); 70 71 //! Gets the SSL protocol used for connections 72 QSsl::SslProtocol sslProtocol(); 73 74 //! Gets list of the SSL errors (as enums) to be ignored for connections 75 const QList<QSslError::SslError> sslIgnoreErrorEnums(); 76 77 //! Gets the client's peer verify mode for connections 78 QSslSocket::PeerVerifyMode sslPeerVerifyMode(); 79 80 /** 81 * Gets the client's peer verify depth for connections 82 * \note Value of 0 = unlimited 83 */ 84 int sslPeerVerifyDepth(); 85 86 public slots: 87 //! Enable or disable the custom options widget 88 void enableSslCustomOptions( bool enable ); 89 90 // may also load existing config, if found 91 //! Sets SSl certificate and any associated host:port 92 void setSslCertificate( const QSslCertificate &cert, const QString &hostport = QString() ); 93 94 //! Load an existing SSL server configuration 95 void loadSslCustomConfig( const QgsAuthConfigSslServer &config = QgsAuthConfigSslServer() ); 96 97 //! Save the current SSL server configuration to the authentication database 98 void saveSslCertConfig(); 99 100 //! Clear the current SSL server configuration and disabled it 101 void resetSslCertConfig(); 102 103 //! Sets the SSL protocol to use in connections 104 void setSslProtocol( QSsl::SslProtocol protocol ); 105 106 //! Reset the SSL protocol to use in connections to the default 107 void resetSslProtocol(); 108 109 //! Add to SSL errors to ignore for the connection 110 void appendSslIgnoreErrors( const QList<QSslError> &errors ); 111 112 //! Sets the SSL errors (as enums) to ignore for the connection 113 void setSslIgnoreErrorEnums( const QList<QSslError::SslError> &errorenums ); 114 115 //! Sets the SSL errors to ignore for the connection 116 void setSslIgnoreErrors( const QList<QSslError> &errors ); 117 118 //! Clear the SSL errors to ignore for the connection 119 void resetSslIgnoreErrors(); 120 121 //! Sets the client's peer verify mode for connections 122 void setSslPeerVerify( QSslSocket::PeerVerifyMode mode, int modedepth ); 123 124 //! Reset the client's peer verify mode for connections to default 125 void resetSslPeerVerify(); 126 127 //! Sets the host of the server 128 void setSslHost( const QString &host ); 129 130 //! Sets whether the config group box is checkable 131 void setConfigCheckable( bool checkable ); 132 133 //! Parse string for host:port 134 void validateHostPortText( const QString &txt ); 135 136 //! Verify if the configuration if ready to save 137 bool readyToSave(); 138 139 signals: 140 //! Emitted when the enabled state of the configuration changes 141 void configEnabledChanged( bool enabled ); 142 143 //! Emitted when an certificate of same SHA hash is found in authentication database 144 void certFoundInAuthDatabase( bool found ); 145 146 //! Emitted when the validity of the host:port changes 147 void hostPortValidityChanged( bool valid ); 148 149 //! Emitted when the configuration can be saved changes 150 void readyToSaveChanged( bool cansave ); 151 152 private slots: 153 void btnCertInfo_clicked(); 154 155 private: 156 enum ConfigType 157 { 158 ConfigParent = 1000, 159 ConfigItem = 1001, 160 }; 161 162 bool validateHostPort( const QString &txt ); 163 164 void setUpSslConfigTree(); 165 QTreeWidgetItem *addRootItem( const QString &label ); 166 167 QSslCertificate mCert; 168 QList<QSslCertificate> mConnectionCAs; 169 170 QTreeWidgetItem *mProtocolItem = nullptr; 171 QComboBox *mProtocolCmbBx = nullptr; 172 QTreeWidgetItem *mIgnoreErrorsItem = nullptr; 173 QTreeWidgetItem *mVerifyModeItem = nullptr; 174 QComboBox *mVerifyPeerCmbBx = nullptr; 175 QTreeWidgetItem *mVerifyDepthItem = nullptr; 176 QSpinBox *mVerifyDepthSpnBx = nullptr; 177 178 bool mCanSave = false; 179 180 bool mDisabled = false; 181 QVBoxLayout *mAuthNotifyLayout = nullptr; 182 QLabel *mAuthNotify = nullptr; 183 }; 184 185 //////////////// Embed in dialog /////////////////// 186 187 /** 188 * \ingroup gui 189 * \brief Dialog wrapper of widget for editing an SSL server configuration 190 */ 191 class GUI_EXPORT QgsAuthSslConfigDialog : public QDialog 192 { 193 Q_OBJECT 194 195 public: 196 197 /** 198 * Construct wrapper dialog for the SSL config widget 199 * \param parent Parent widget 200 * \param cert SSL server certificate object 201 * \param hostport Unique host:port to associate with the server certificate 202 */ 203 explicit QgsAuthSslConfigDialog( QWidget *parent = nullptr, 204 const QSslCertificate &cert = QSslCertificate(), 205 const QString &hostport = QString() ); 206 207 //! Access the embedded SSL server configuration widget sslCustomConfigWidget()208 QgsAuthSslConfigWidget *sslCustomConfigWidget() { return mSslConfigWdgt; } 209 210 public slots: 211 void accept() override; 212 213 private slots: 214 void checkCanSave( bool cansave ); 215 216 private: 217 QgsAuthSslConfigWidget *mSslConfigWdgt = nullptr; 218 QPushButton *mSaveButton = nullptr; 219 }; 220 221 #endif // QGSAUTHSSLCONFIGWIDGET_H 222