1 /****************************************************************************
2 **
3 ** Copyright (C) 2016 The Qt Company Ltd.
4 ** Contact: https://www.qt.io/licensing/
5 **
6 ** This file is part of the QtNetwork module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and The Qt Company. For licensing terms
14 ** and conditions see https://www.qt.io/terms-conditions. For further
15 ** information use the contact form at https://www.qt.io/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 3 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL3 included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 3 requirements
23 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24 **
25 ** GNU General Public License Usage
26 ** Alternatively, this file may be used under the terms of the GNU
27 ** General Public License version 2.0 or (at your option) the GNU General
28 ** Public license version 3 or any later version approved by the KDE Free
29 ** Qt Foundation. The licenses are as published by the Free Software
30 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31 ** included in the packaging of this file. Please review the following
32 ** information to ensure the GNU General Public License requirements will
33 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34 ** https://www.gnu.org/licenses/gpl-3.0.html.
35 **
36 ** $QT_END_LICENSE$
37 **
38 ****************************************************************************/
39 
40 
41 #ifndef QSSLSOCKET_H
42 #define QSSLSOCKET_H
43 
44 #include <QtNetwork/qtnetworkglobal.h>
45 #include <QtCore/qlist.h>
46 #include <QtCore/qregexp.h>
47 #include <QtCore/qvector.h>
48 #ifndef QT_NO_SSL
49 #   include <QtNetwork/qtcpsocket.h>
50 #   include <QtNetwork/qsslerror.h>
51 #endif
52 
53 QT_BEGIN_NAMESPACE
54 
55 
56 #ifndef QT_NO_SSL
57 
58 class QDir;
59 class QSslCipher;
60 class QSslCertificate;
61 class QSslConfiguration;
62 class QSslEllipticCurve;
63 class QSslPreSharedKeyAuthenticator;
64 class QOcspResponse;
65 
66 class QSslSocketPrivate;
67 class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket
68 {
69     Q_OBJECT
70 public:
71     enum SslMode {
72         UnencryptedMode,
73         SslClientMode,
74         SslServerMode
75     };
76 
77     enum PeerVerifyMode {
78         VerifyNone,
79         QueryPeer,
80         VerifyPeer,
81         AutoVerifyPeer
82     };
83 
84     explicit QSslSocket(QObject *parent = nullptr);
85     ~QSslSocket();
86     void resume() override; // to continue after proxy authentication required, SSL errors etc.
87 
88     // Autostarting the SSL client handshake.
89     void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol);
90     void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol);
91     bool setSocketDescriptor(qintptr socketDescriptor, SocketState state = ConnectedState,
92                              OpenMode openMode = ReadWrite) override;
93 
94     using QAbstractSocket::connectToHost;
95     void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol) override;
96     void disconnectFromHost() override;
97 
98     virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) override;
99     virtual QVariant socketOption(QAbstractSocket::SocketOption option) override;
100 
101     SslMode mode() const;
102     bool isEncrypted() const;
103 
104     QSsl::SslProtocol protocol() const;
105     void setProtocol(QSsl::SslProtocol protocol);
106 
107     QSslSocket::PeerVerifyMode peerVerifyMode() const;
108     void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode);
109 
110     int peerVerifyDepth() const;
111     void setPeerVerifyDepth(int depth);
112 
113     QString peerVerifyName() const;
114     void setPeerVerifyName(const QString &hostName);
115 
116     // From QIODevice
117     qint64 bytesAvailable() const override;
118     qint64 bytesToWrite() const override;
119     bool canReadLine() const override;
120     void close() override;
121     bool atEnd() const override;
122     bool flush(); // ### Qt6: remove me (implementation moved to private flush())
123     void abort();
124 
125     // From QAbstractSocket:
126     void setReadBufferSize(qint64 size) override;
127 
128     // Similar to QIODevice's:
129     qint64 encryptedBytesAvailable() const;
130     qint64 encryptedBytesToWrite() const;
131 
132     // SSL configuration
133     QSslConfiguration sslConfiguration() const;
134     void setSslConfiguration(const QSslConfiguration &config);
135 
136     // Certificate & cipher accessors.
137     void setLocalCertificateChain(const QList<QSslCertificate> &localChain);
138     QList<QSslCertificate> localCertificateChain() const;
139 
140     void setLocalCertificate(const QSslCertificate &certificate);
141     void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem);
142     QSslCertificate localCertificate() const;
143     QSslCertificate peerCertificate() const;
144     QList<QSslCertificate> peerCertificateChain() const;
145     QSslCipher sessionCipher() const;
146     QSsl::SslProtocol sessionProtocol() const;
147     QVector<QOcspResponse> ocspResponses() const;
148 
149     // Private keys, for server sockets.
150     void setPrivateKey(const QSslKey &key);
151     void setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa,
152                        QSsl::EncodingFormat format = QSsl::Pem,
153                        const QByteArray &passPhrase = QByteArray());
154     QSslKey privateKey() const;
155 
156     // Cipher settings.
157 #if QT_DEPRECATED_SINCE(5, 5)
158     QT_DEPRECATED_X("Use QSslConfiguration::ciphers()") QList<QSslCipher> ciphers() const;
159     QT_DEPRECATED_X("Use QSslConfiguration::setCiphers()") void setCiphers(const QList<QSslCipher> &ciphers);
160     QT_DEPRECATED void setCiphers(const QString &ciphers);
161     QT_DEPRECATED static void setDefaultCiphers(const QList<QSslCipher> &ciphers);
162     QT_DEPRECATED static QList<QSslCipher> defaultCiphers();
163     QT_DEPRECATED_X("Use QSslConfiguration::supportedCiphers()") static QList<QSslCipher> supportedCiphers();
164 #endif // QT_DEPRECATED_SINCE(5, 5)
165 
166     // CA settings.
167 #if QT_DEPRECATED_SINCE(5, 15)
168     QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificates()") bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem,
169                            QRegExp::PatternSyntax syntax = QRegExp::FixedString);
170     QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificate()") void addCaCertificate(const QSslCertificate &certificate);
171     QT_DEPRECATED_X("Use QSslConfiguration::addCaCertificates()") void addCaCertificates(const QList<QSslCertificate> &certificates);
172 #endif // QT_DEPRECATED_SINCE(5, 15)
173 #if QT_DEPRECATED_SINCE(5, 5)
174     QT_DEPRECATED_X("Use QSslConfiguration::setCaCertificates()") void setCaCertificates(const QList<QSslCertificate> &certificates);
175     QT_DEPRECATED_X("Use QSslConfiguration::caCertificates()") QList<QSslCertificate> caCertificates() const;
176 #endif // QT_DEPRECATED_SINCE(5, 5)
177 #if QT_DEPRECATED_SINCE(5, 15)
178     QT_DEPRECATED static bool addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem,
179                                          QRegExp::PatternSyntax syntax = QRegExp::FixedString);
180     QT_DEPRECATED static void addDefaultCaCertificate(const QSslCertificate &certificate);
181     QT_DEPRECATED static void addDefaultCaCertificates(const QList<QSslCertificate> &certificates);
182 #endif // QT_DEPRECATED_SINCE(5, 15)
183 #if QT_DEPRECATED_SINCE(5, 5)
184     QT_DEPRECATED static void setDefaultCaCertificates(const QList<QSslCertificate> &certificates);
185     QT_DEPRECATED static QList<QSslCertificate> defaultCaCertificates();
186     QT_DEPRECATED_X("Use QSslConfiguration::systemCaCertificates()") static QList<QSslCertificate> systemCaCertificates();
187 #endif // QT_DEPRECATED_SINCE(5, 5)
188 
189     bool waitForConnected(int msecs = 30000) override;
190     bool waitForEncrypted(int msecs = 30000);
191     bool waitForReadyRead(int msecs = 30000) override;
192     bool waitForBytesWritten(int msecs = 30000) override;
193     bool waitForDisconnected(int msecs = 30000) override;
194 
195 #if QT_DEPRECATED_SINCE(5, 15)
196     QT_DEPRECATED_X("Use sslHandshakeErrors()") QList<QSslError> sslErrors() const;
197 #endif // QT_DEPRECATED_SINCE(5, 15)
198     QList<QSslError> sslHandshakeErrors() const;
199 
200     static bool supportsSsl();
201     static long sslLibraryVersionNumber();
202     static QString sslLibraryVersionString();
203     static long sslLibraryBuildVersionNumber();
204     static QString sslLibraryBuildVersionString();
205 
206     void ignoreSslErrors(const QList<QSslError> &errors);
207 
208 public Q_SLOTS:
209     void startClientEncryption();
210     void startServerEncryption();
211     void ignoreSslErrors();
212 
213 Q_SIGNALS:
214     void encrypted();
215     void peerVerifyError(const QSslError &error);
216     void sslErrors(const QList<QSslError> &errors);
217     void modeChanged(QSslSocket::SslMode newMode);
218     void encryptedBytesWritten(qint64 totalBytes);
219     void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator);
220     void newSessionTicketReceived();
221 
222 protected:
223     qint64 readData(char *data, qint64 maxlen) override;
224     qint64 writeData(const char *data, qint64 len) override;
225 
226 private:
227     Q_DECLARE_PRIVATE(QSslSocket)
228     Q_DISABLE_COPY(QSslSocket)
229     Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot())
230     Q_PRIVATE_SLOT(d_func(), void _q_hostFoundSlot())
231     Q_PRIVATE_SLOT(d_func(), void _q_disconnectedSlot())
232     Q_PRIVATE_SLOT(d_func(), void _q_stateChangedSlot(QAbstractSocket::SocketState))
233     Q_PRIVATE_SLOT(d_func(), void _q_errorSlot(QAbstractSocket::SocketError))
234     Q_PRIVATE_SLOT(d_func(), void _q_readyReadSlot())
235     Q_PRIVATE_SLOT(d_func(), void _q_channelReadyReadSlot(int))
236     Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64))
237     Q_PRIVATE_SLOT(d_func(), void _q_channelBytesWrittenSlot(int, qint64))
238     Q_PRIVATE_SLOT(d_func(), void _q_readChannelFinishedSlot())
239     Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer())
240     Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer())
241     Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation())
242 #if defined(Q_OS_WIN) && !defined(Q_OS_WINRT) && !QT_CONFIG(schannel)
243     Q_PRIVATE_SLOT(d_func(), void _q_caRootLoaded(QSslCertificate,QSslCertificate))
244 #endif
245     friend class QSslSocketBackendPrivate;
246 };
247 
248 #endif // QT_NO_SSL
249 
250 QT_END_NAMESPACE
251 
252 #endif
253