1 | // Copyright (C) 2021 The Qt Company Ltd. |
2 | // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only |
3 | |
4 | |
5 | #ifndef QSSLSOCKET_H |
6 | #define QSSLSOCKET_H |
7 | |
8 | #include <QtNetwork/qtnetworkglobal.h> |
9 | #include <QtCore/qlist.h> |
10 | #ifndef QT_NO_SSL |
11 | # include <QtNetwork/qtcpsocket.h> |
12 | # include <QtNetwork/qsslerror.h> |
13 | #endif |
14 | |
15 | QT_BEGIN_NAMESPACE |
16 | |
17 | |
18 | #ifndef QT_NO_SSL |
19 | |
20 | class QDir; |
21 | class QSslCipher; |
22 | class QSslCertificate; |
23 | class QSslConfiguration; |
24 | class QSslPreSharedKeyAuthenticator; |
25 | class QOcspResponse; |
26 | |
27 | class QSslSocketPrivate; |
28 | class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket |
29 | { |
30 | Q_OBJECT |
31 | Q_MOC_INCLUDE(<QtNetwork/qsslpresharedkeyauthenticator.h>) |
32 | public: |
33 | enum SslMode { |
34 | UnencryptedMode, |
35 | SslClientMode, |
36 | SslServerMode |
37 | }; |
38 | Q_ENUM(SslMode) |
39 | |
40 | enum PeerVerifyMode { |
41 | VerifyNone, |
42 | QueryPeer, |
43 | VerifyPeer, |
44 | AutoVerifyPeer |
45 | }; |
46 | Q_ENUM(PeerVerifyMode) |
47 | |
48 | explicit QSslSocket(QObject *parent = nullptr); |
49 | ~QSslSocket(); |
50 | void resume() override; // to continue after proxy authentication required, SSL errors etc. |
51 | |
52 | // Autostarting the SSL client handshake. |
53 | void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); |
54 | void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); |
55 | bool setSocketDescriptor(qintptr socketDescriptor, SocketState state = ConnectedState, |
56 | OpenMode openMode = ReadWrite) override; |
57 | |
58 | using QAbstractSocket::connectToHost; |
59 | void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol) override; |
60 | void disconnectFromHost() override; |
61 | |
62 | virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) override; |
63 | virtual QVariant socketOption(QAbstractSocket::SocketOption option) override; |
64 | |
65 | SslMode mode() const; |
66 | bool isEncrypted() const; |
67 | |
68 | QSsl::SslProtocol protocol() const; |
69 | void setProtocol(QSsl::SslProtocol protocol); |
70 | |
71 | QSslSocket::PeerVerifyMode peerVerifyMode() const; |
72 | void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode); |
73 | |
74 | int peerVerifyDepth() const; |
75 | void setPeerVerifyDepth(int depth); |
76 | |
77 | QString peerVerifyName() const; |
78 | void setPeerVerifyName(const QString &hostName); |
79 | |
80 | // From QIODevice |
81 | qint64 bytesAvailable() const override; |
82 | qint64 bytesToWrite() const override; |
83 | bool canReadLine() const override; |
84 | void close() override; |
85 | bool atEnd() const override; |
86 | |
87 | // From QAbstractSocket: |
88 | void setReadBufferSize(qint64 size) override; |
89 | |
90 | // Similar to QIODevice's: |
91 | qint64 encryptedBytesAvailable() const; |
92 | qint64 encryptedBytesToWrite() const; |
93 | |
94 | // SSL configuration |
95 | QSslConfiguration sslConfiguration() const; |
96 | void setSslConfiguration(const QSslConfiguration &config); |
97 | |
98 | // Certificate & cipher accessors. |
99 | void setLocalCertificateChain(const QList<QSslCertificate> &localChain); |
100 | QList<QSslCertificate> localCertificateChain() const; |
101 | |
102 | void setLocalCertificate(const QSslCertificate &certificate); |
103 | void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem); |
104 | QSslCertificate localCertificate() const; |
105 | QSslCertificate peerCertificate() const; |
106 | QList<QSslCertificate> peerCertificateChain() const; |
107 | QSslCipher sessionCipher() const; |
108 | QSsl::SslProtocol sessionProtocol() const; |
109 | QList<QOcspResponse> ocspResponses() const; |
110 | |
111 | // Private keys, for server sockets. |
112 | void setPrivateKey(const QSslKey &key); |
113 | void setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa, |
114 | QSsl::EncodingFormat format = QSsl::Pem, |
115 | const QByteArray &passPhrase = QByteArray()); |
116 | QSslKey privateKey() const; |
117 | |
118 | bool waitForConnected(int msecs = 30000) override; |
119 | bool waitForEncrypted(int msecs = 30000); |
120 | bool waitForReadyRead(int msecs = 30000) override; |
121 | bool waitForBytesWritten(int msecs = 30000) override; |
122 | bool waitForDisconnected(int msecs = 30000) override; |
123 | |
124 | QList<QSslError> sslHandshakeErrors() const; |
125 | |
126 | static bool supportsSsl(); |
127 | static long sslLibraryVersionNumber(); |
128 | static QString sslLibraryVersionString(); |
129 | static long sslLibraryBuildVersionNumber(); |
130 | static QString sslLibraryBuildVersionString(); |
131 | |
132 | static QList<QString> availableBackends(); |
133 | static QString activeBackend(); |
134 | static bool setActiveBackend(const QString &backendName); |
135 | static QList<QSsl::SslProtocol> supportedProtocols(const QString &backendName = {}); |
136 | static bool isProtocolSupported(QSsl::SslProtocol protocol, const QString &backendName = {}); |
137 | static QList<QSsl::ImplementedClass> implementedClasses(const QString &backendName = {}); |
138 | static bool isClassImplemented(QSsl::ImplementedClass cl, const QString &backendName = {}); |
139 | static QList<QSsl::SupportedFeature> supportedFeatures(const QString &backendName = {}); |
140 | static bool isFeatureSupported(QSsl::SupportedFeature feat, const QString &backendName = {}); |
141 | |
142 | void ignoreSslErrors(const QList<QSslError> &errors); |
143 | void continueInterruptedHandshake(); |
144 | |
145 | public Q_SLOTS: |
146 | void startClientEncryption(); |
147 | void startServerEncryption(); |
148 | void ignoreSslErrors(); |
149 | |
150 | Q_SIGNALS: |
151 | void encrypted(); |
152 | void peerVerifyError(const QSslError &error); |
153 | void sslErrors(const QList<QSslError> &errors); |
154 | void modeChanged(QSslSocket::SslMode newMode); |
155 | void encryptedBytesWritten(qint64 totalBytes); |
156 | void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator); |
157 | void newSessionTicketReceived(); |
158 | void alertSent(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description); |
159 | void alertReceived(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description); |
160 | void handshakeInterruptedOnError(const QSslError &error); |
161 | |
162 | protected: |
163 | qint64 readData(char *data, qint64 maxlen) override; |
164 | qint64 skipData(qint64 maxSize) override; |
165 | qint64 writeData(const char *data, qint64 len) override; |
166 | |
167 | private: |
168 | Q_DECLARE_PRIVATE(QSslSocket) |
169 | Q_DISABLE_COPY_MOVE(QSslSocket) |
170 | |
171 | Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot()) |
172 | Q_PRIVATE_SLOT(d_func(), void _q_hostFoundSlot()) |
173 | Q_PRIVATE_SLOT(d_func(), void _q_disconnectedSlot()) |
174 | Q_PRIVATE_SLOT(d_func(), void _q_stateChangedSlot(QAbstractSocket::SocketState)) |
175 | Q_PRIVATE_SLOT(d_func(), void _q_errorSlot(QAbstractSocket::SocketError)) |
176 | Q_PRIVATE_SLOT(d_func(), void _q_readyReadSlot()) |
177 | Q_PRIVATE_SLOT(d_func(), void _q_channelReadyReadSlot(int)) |
178 | Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64)) |
179 | Q_PRIVATE_SLOT(d_func(), void _q_channelBytesWrittenSlot(int, qint64)) |
180 | Q_PRIVATE_SLOT(d_func(), void _q_readChannelFinishedSlot()) |
181 | Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer()) |
182 | Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer()) |
183 | Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation()) |
184 | }; |
185 | |
186 | #endif // QT_NO_SSL |
187 | |
188 | QT_END_NAMESPACE |
189 | |
190 | #endif |
191 | |