1 /**************************************************************************** 2 ** 3 ** Copyright (C) 2016 The Qt Company Ltd. 4 ** Contact: https://www.qt.io/licensing/ 5 ** 6 ** This file is part of the QtNetwork module of the Qt Toolkit. 7 ** 8 ** $QT_BEGIN_LICENSE:LGPL$ 9 ** Commercial License Usage 10 ** Licensees holding valid commercial Qt licenses may use this file in 11 ** accordance with the commercial license agreement provided with the 12 ** Software or, alternatively, in accordance with the terms contained in 13 ** a written agreement between you and The Qt Company. For licensing terms 14 ** and conditions see https://www.qt.io/terms-conditions. For further 15 ** information use the contact form at https://www.qt.io/contact-us. 16 ** 17 ** GNU Lesser General Public License Usage 18 ** Alternatively, this file may be used under the terms of the GNU Lesser 19 ** General Public License version 3 as published by the Free Software 20 ** Foundation and appearing in the file LICENSE.LGPL3 included in the 21 ** packaging of this file. Please review the following information to 22 ** ensure the GNU Lesser General Public License version 3 requirements 23 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. 24 ** 25 ** GNU General Public License Usage 26 ** Alternatively, this file may be used under the terms of the GNU 27 ** General Public License version 2.0 or (at your option) the GNU General 28 ** Public license version 3 or any later version approved by the KDE Free 29 ** Qt Foundation. The licenses are as published by the Free Software 30 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 31 ** included in the packaging of this file. Please review the following 32 ** information to ensure the GNU General Public License requirements will 33 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and 34 ** https://www.gnu.org/licenses/gpl-3.0.html. 35 ** 36 ** $QT_END_LICENSE$ 37 ** 38 ****************************************************************************/ 39 40 41 #ifndef QSSLSOCKET_H 42 #define QSSLSOCKET_H 43 44 #include <QtNetwork/qtnetworkglobal.h> 45 #include <QtCore/qlist.h> 46 #include <QtCore/qregexp.h> 47 #include <QtCore/qvector.h> 48 #ifndef QT_NO_SSL 49 # include <QtNetwork/qtcpsocket.h> 50 # include <QtNetwork/qsslerror.h> 51 #endif 52 53 QT_BEGIN_NAMESPACE 54 55 56 #ifndef QT_NO_SSL 57 58 class QDir; 59 class QSslCipher; 60 class QSslCertificate; 61 class QSslConfiguration; 62 class QSslEllipticCurve; 63 class QSslPreSharedKeyAuthenticator; 64 class QOcspResponse; 65 66 class QSslSocketPrivate; 67 class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket 68 { 69 Q_OBJECT 70 public: 71 enum SslMode { 72 UnencryptedMode, 73 SslClientMode, 74 SslServerMode 75 }; 76 77 enum PeerVerifyMode { 78 VerifyNone, 79 QueryPeer, 80 VerifyPeer, 81 AutoVerifyPeer 82 }; 83 84 explicit QSslSocket(QObject *parent = nullptr); 85 ~QSslSocket(); 86 void resume() override; // to continue after proxy authentication required, SSL errors etc. 87 88 // Autostarting the SSL client handshake. 89 void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); 90 void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); 91 bool setSocketDescriptor(qintptr socketDescriptor, SocketState state = ConnectedState, 92 OpenMode openMode = ReadWrite) override; 93 94 using QAbstractSocket::connectToHost; 95 void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol) override; 96 void disconnectFromHost() override; 97 98 virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) override; 99 virtual QVariant socketOption(QAbstractSocket::SocketOption option) override; 100 101 SslMode mode() const; 102 bool isEncrypted() const; 103 104 QSsl::SslProtocol protocol() const; 105 void setProtocol(QSsl::SslProtocol protocol); 106 107 QSslSocket::PeerVerifyMode peerVerifyMode() const; 108 void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode); 109 110 int peerVerifyDepth() const; 111 void setPeerVerifyDepth(int depth); 112 113 QString peerVerifyName() const; 114 void setPeerVerifyName(const QString &hostName); 115 116 // From QIODevice 117 qint64 bytesAvailable() const override; 118 qint64 bytesToWrite() const override; 119 bool canReadLine() const override; 120 void close() override; 121 bool atEnd() const override; 122 bool flush(); // ### Qt6: remove me (implementation moved to private flush()) 123 void abort(); 124 125 // From QAbstractSocket: 126 void setReadBufferSize(qint64 size) override; 127 128 // Similar to QIODevice's: 129 qint64 encryptedBytesAvailable() const; 130 qint64 encryptedBytesToWrite() const; 131 132 // SSL configuration 133 QSslConfiguration sslConfiguration() const; 134 void setSslConfiguration(const QSslConfiguration &config); 135 136 // Certificate & cipher accessors. 137 void setLocalCertificateChain(const QList<QSslCertificate> &localChain); 138 QList<QSslCertificate> localCertificateChain() const; 139 140 void setLocalCertificate(const QSslCertificate &certificate); 141 void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem); 142 QSslCertificate localCertificate() const; 143 QSslCertificate peerCertificate() const; 144 QList<QSslCertificate> peerCertificateChain() const; 145 QSslCipher sessionCipher() const; 146 QSsl::SslProtocol sessionProtocol() const; 147 QVector<QOcspResponse> ocspResponses() const; 148 149 // Private keys, for server sockets. 150 void setPrivateKey(const QSslKey &key); 151 void setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa, 152 QSsl::EncodingFormat format = QSsl::Pem, 153 const QByteArray &passPhrase = QByteArray()); 154 QSslKey privateKey() const; 155 156 // Cipher settings. 157 #if QT_DEPRECATED_SINCE(5, 5) 158 QT_DEPRECATED_X("Use QSslConfiguration::ciphers()") QList<QSslCipher> ciphers() const; 159 QT_DEPRECATED_X("Use QSslConfiguration::setCiphers()") void setCiphers(const QList<QSslCipher> &ciphers); 160 QT_DEPRECATED void setCiphers(const QString &ciphers); 161 QT_DEPRECATED static void setDefaultCiphers(const QList<QSslCipher> &ciphers); 162 QT_DEPRECATED static QList<QSslCipher> defaultCiphers(); 163 QT_DEPRECATED_X("Use QSslConfiguration::supportedCiphers()") static QList<QSslCipher> supportedCiphers(); 164 #endif // QT_DEPRECATED_SINCE(5, 5) 165 166 // CA settings. 167 #if QT_DEPRECATED_SINCE(5, 15) 168 QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificates()") bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, 169 QRegExp::PatternSyntax syntax = QRegExp::FixedString); 170 QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificate()") void addCaCertificate(const QSslCertificate &certificate); 171 QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificates()") void addCaCertificates(const QList<QSslCertificate> &certificates); 172 #endif // QT_DEPRECATED_SINCE(5, 15) 173 #if QT_DEPRECATED_SINCE(5, 5) 174 QT_DEPRECATED_X("Use QSslConfiguration::setCaCertificates()") void setCaCertificates(const QList<QSslCertificate> &certificates); 175 QT_DEPRECATED_X("Use QSslConfiguration::caCertificates()") QList<QSslCertificate> caCertificates() const; 176 #endif // QT_DEPRECATED_SINCE(5, 5) 177 #if QT_DEPRECATED_SINCE(5, 15) 178 QT_DEPRECATED static bool addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, 179 QRegExp::PatternSyntax syntax = QRegExp::FixedString); 180 QT_DEPRECATED static void addDefaultCaCertificate(const QSslCertificate &certificate); 181 QT_DEPRECATED static void addDefaultCaCertificates(const QList<QSslCertificate> &certificates); 182 #endif // QT_DEPRECATED_SINCE(5, 15) 183 #if QT_DEPRECATED_SINCE(5, 5) 184 QT_DEPRECATED static void setDefaultCaCertificates(const QList<QSslCertificate> &certificates); 185 QT_DEPRECATED static QList<QSslCertificate> defaultCaCertificates(); 186 QT_DEPRECATED_X("Use QSslConfiguration::systemCaCertificates()") static QList<QSslCertificate> systemCaCertificates(); 187 #endif // QT_DEPRECATED_SINCE(5, 5) 188 189 bool waitForConnected(int msecs = 30000) override; 190 bool waitForEncrypted(int msecs = 30000); 191 bool waitForReadyRead(int msecs = 30000) override; 192 bool waitForBytesWritten(int msecs = 30000) override; 193 bool waitForDisconnected(int msecs = 30000) override; 194 195 #if QT_DEPRECATED_SINCE(5, 15) 196 QT_DEPRECATED_X("Use sslHandshakeErrors()") QList<QSslError> sslErrors() const; 197 #endif // QT_DEPRECATED_SINCE(5, 15) 198 QList<QSslError> sslHandshakeErrors() const; 199 200 static bool supportsSsl(); 201 static long sslLibraryVersionNumber(); 202 static QString sslLibraryVersionString(); 203 static long sslLibraryBuildVersionNumber(); 204 static QString sslLibraryBuildVersionString(); 205 206 void ignoreSslErrors(const QList<QSslError> &errors); 207 208 public Q_SLOTS: 209 void startClientEncryption(); 210 void startServerEncryption(); 211 void ignoreSslErrors(); 212 213 Q_SIGNALS: 214 void encrypted(); 215 void peerVerifyError(const QSslError &error); 216 void sslErrors(const QList<QSslError> &errors); 217 void modeChanged(QSslSocket::SslMode newMode); 218 void encryptedBytesWritten(qint64 totalBytes); 219 void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator); 220 void newSessionTicketReceived(); 221 222 protected: 223 qint64 readData(char *data, qint64 maxlen) override; 224 qint64 writeData(const char *data, qint64 len) override; 225 226 private: 227 Q_DECLARE_PRIVATE(QSslSocket) 228 Q_DISABLE_COPY(QSslSocket) 229 Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot()) 230 Q_PRIVATE_SLOT(d_func(), void _q_hostFoundSlot()) 231 Q_PRIVATE_SLOT(d_func(), void _q_disconnectedSlot()) 232 Q_PRIVATE_SLOT(d_func(), void _q_stateChangedSlot(QAbstractSocket::SocketState)) 233 Q_PRIVATE_SLOT(d_func(), void _q_errorSlot(QAbstractSocket::SocketError)) 234 Q_PRIVATE_SLOT(d_func(), void _q_readyReadSlot()) 235 Q_PRIVATE_SLOT(d_func(), void _q_channelReadyReadSlot(int)) 236 Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64)) 237 Q_PRIVATE_SLOT(d_func(), void _q_channelBytesWrittenSlot(int, qint64)) 238 Q_PRIVATE_SLOT(d_func(), void _q_readChannelFinishedSlot()) 239 Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer()) 240 Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer()) 241 Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation()) 242 #if defined(Q_OS_WIN) && !defined(Q_OS_WINRT) && !QT_CONFIG(schannel) 243 Q_PRIVATE_SLOT(d_func(), void _q_caRootLoaded(QSslCertificate,QSslCertificate)) 244 #endif 245 friend class QSslSocketBackendPrivate; 246 }; 247 248 #endif // QT_NO_SSL 249 250 QT_END_NAMESPACE 251 252 #endif 253