30 #include <QtCore/QStringList>
31 #include <QtNetwork/QSslKey>
32 #include <QtNetwork/QSslCipher>
33 #include <QtNetwork/QHostAddress>
34 #include <QtNetwork/QNetworkProxy>
45 case QSsl::AnyProtocol:
47 #if QT_VERSION >= 0x040800
48 case QSsl::TlsV1SslV3:
50 case QSsl::SecureProtocols:
63 return QSsl::AnyProtocol;
67 #if QT_VERSION >= 0x040800
71 if (!(sslVersion & validVersions)) {
72 return QSsl::UnknownProtocol;
82 #if QT_VERSION >= 0x040800
84 return QSsl::TlsV1SslV3;
86 return QSsl::SecureProtocols;
91 return QSsl::AnyProtocol;
102 foreach (
const QSslCipher &c, QSslSocket::supportedCiphers()) {
103 allCiphers.insert(c.name(), c);
109 return allCiphers.value(ksc.
name());
113 QHash<QString, QSslCipher> allCiphers;
117 class KSslErrorPrivate
125 case QSslError::UnableToGetLocalIssuerCertificate:
126 case QSslError::InvalidCaCertificate:
128 case QSslError::InvalidNotBeforeField:
129 case QSslError::InvalidNotAfterField:
130 case QSslError::CertificateNotYetValid:
131 case QSslError::CertificateExpired:
133 case QSslError::UnableToDecodeIssuerPublicKey:
134 case QSslError::SubjectIssuerMismatch:
135 case QSslError::AuthorityIssuerSerialNumberMismatch:
137 case QSslError::SelfSignedCertificate:
138 case QSslError::SelfSignedCertificateInChain:
140 case QSslError::CertificateRevoked:
142 case QSslError::InvalidPurpose:
144 case QSslError::CertificateUntrusted:
146 case QSslError::CertificateRejected:
148 case QSslError::NoPeerCertificate:
150 case QSslError::HostNameMismatch:
152 case QSslError::UnableToVerifyFirstCertificate:
153 case QSslError::UnableToDecryptCertificateSignature:
154 case QSslError::UnableToGetIssuerCertificate:
155 case QSslError::CertificateSignatureFailed:
157 case QSslError::PathLengthExceeded:
159 case QSslError::UnspecifiedError:
160 case QSslError::NoSslSupport:
170 return i18nc(
"SSL error",
"No error");
172 return i18nc(
"SSL error",
"The certificate authority's certificate is invalid");
174 return i18nc(
"SSL error",
"The certificate has expired");
176 return i18nc(
"SSL error",
"The certificate is invalid");
178 return i18nc(
"SSL error",
"The certificate is not signed by any trusted certificate authority");
180 return i18nc(
"SSL error",
"The certificate has been revoked");
182 return i18nc(
"SSL error",
"The certificate is unsuitable for this purpose");
184 return i18nc(
"SSL error",
"The root certificate authority's certificate is not trusted for this purpose");
186 return i18nc(
"SSL error",
"The certificate authority's certificate is marked to reject this certificate's purpose");
188 return i18nc(
"SSL error",
"The peer did not present any certificate");
190 return i18nc(
"SSL error",
"The certificate does not apply to the given host");
192 return i18nc(
"SSL error",
"The certificate cannot be verified for internal reasons");
194 return i18nc(
"SSL error",
"The certificate chain is too long");
197 return i18nc(
"SSL error",
"Unknown error");
202 QSslCertificate certificate;
207 : d(new KSslErrorPrivate())
209 d->error = errorCode;
215 : d(new KSslErrorPrivate())
217 d->error = KSslErrorPrivate::errorFromQSslError(other.error());
218 d->certificate = other.certificate();
223 : d(new KSslErrorPrivate())
256 return d->certificate;
260 class KTcpSocketPrivate
265 certificatesLoaded(false),
266 emittedReadyRead(false)
275 case QAbstractSocket::UnconnectedState:
277 case QAbstractSocket::HostLookupState:
279 case QAbstractSocket::ConnectingState:
281 case QAbstractSocket::ConnectedState:
283 case QAbstractSocket::ClosingState:
285 case QAbstractSocket::BoundState:
286 case QAbstractSocket::ListeningState:
296 case QSslSocket::SslClientMode:
298 case QSslSocket::SslServerMode:
308 case QAbstractSocket::ConnectionRefusedError:
310 case QAbstractSocket::RemoteHostClosedError:
312 case QAbstractSocket::HostNotFoundError:
314 case QAbstractSocket::SocketAccessError:
316 case QAbstractSocket::SocketResourceError:
318 case QAbstractSocket::SocketTimeoutError:
320 case QAbstractSocket::NetworkError:
322 case QAbstractSocket::UnsupportedSocketOperationError:
324 case QAbstractSocket::DatagramTooLargeError:
326 case QAbstractSocket::AddressInUseError:
327 case QAbstractSocket::SocketAddressNotAvailableError:
329 case QAbstractSocket::ProxyAuthenticationRequiredError:
331 case QAbstractSocket::UnknownSocketError:
338 void reemitSocketError(QAbstractSocket::SocketError e)
340 emit q->error(errorFromAbsSocket(e));
343 void reemitSslErrors(
const QList<QSslError> &errors)
346 QList<KSslError> kErrors;
347 foreach (
const QSslError &e, errors) {
350 emit q->sslErrors(kErrors);
353 void reemitStateChanged(QAbstractSocket::SocketState s)
355 emit q->stateChanged(state(s));
358 void reemitModeChanged(QSslSocket::SslMode m)
360 emit q->encryptionModeChanged(encryptionMode(m));
366 void reemitReadyRead()
368 if (!emittedReadyRead) {
369 emittedReadyRead =
true;
371 emittedReadyRead =
false;
375 void maybeLoadCertificates()
377 if (!certificatesLoaded) {
379 certificatesLoaded =
true;
384 bool certificatesLoaded;
385 bool emittedReadyRead;
387 QList<KSslCipher> ciphers;
395 d(new KTcpSocketPrivate(this))
397 d->advertisedSslVersion =
SslV3;
399 connect(&d->sock, SIGNAL(aboutToClose()),
this, SIGNAL(aboutToClose()));
400 connect(&d->sock, SIGNAL(bytesWritten(
qint64)),
this, SIGNAL(bytesWritten(
qint64)));
402 connect(&d->sock, SIGNAL(readyRead()),
this, SLOT(reemitReadyRead()));
406 #ifndef QT_NO_NETWORKPROXY
410 connect(&d->sock, SIGNAL(
error(QAbstractSocket::SocketError)),
411 this, SLOT(reemitSocketError(QAbstractSocket::SocketError)));
412 connect(&d->sock, SIGNAL(
sslErrors(QList<QSslError>)),
413 this, SLOT(reemitSslErrors(QList<QSslError>)));
415 connect(&d->sock, SIGNAL(
stateChanged(QAbstractSocket::SocketState)),
416 this, SLOT(reemitStateChanged(QAbstractSocket::SocketState)));
417 connect(&d->sock, SIGNAL(modeChanged(QSslSocket::SslMode)),
418 this, SLOT(reemitModeChanged(QSslSocket::SslMode)));
443 return d->sock.bytesToWrite();
468 bool ret = d->sock.open(open);
469 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
476 return d->sock.waitForBytesWritten(msecs);
482 return d->sock.waitForReadyRead(msecs);
488 return d->sock.read(data, maxSize);
494 return d->sock.write(data, maxSize);
510 d->sock.connectToHost(hostName, port);
517 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
526 d->sock.connectToHost(hostAddress, port);
527 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
536 d->sock.connectToHost(url.host(), url.port());
537 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
543 d->sock.disconnectFromHost();
544 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
550 return d->errorFromAbsSocket(d->sock.error());
559 QList<KSslError> ret;
560 foreach (
const QSslError &e, d->sock.sslErrors())
568 return d->sock.flush();
574 return d->sock.isValid();
580 return d->sock.localAddress();
586 return d->sock.peerAddress();
592 return d->sock.peerName();
598 return d->sock.peerPort();
602 #ifndef QT_NO_NETWORKPROXY
605 return d->sock.proxy();
611 return d->sock.readBufferSize();
615 #ifndef QT_NO_NETWORKPROXY
618 d->sock.setProxy(proxy);
624 d->sock.setReadBufferSize(size);
630 return d->state(d->sock.state());
636 bool ret = d->sock.waitForConnected(msecs);
638 setErrorString(d->sock.errorString());
639 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
646 bool ret = d->sock.waitForDisconnected(msecs);
648 setErrorString(d->sock.errorString());
649 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
657 d->maybeLoadCertificates();
658 d->sock.addCaCertificate(certificate);
674 d->maybeLoadCertificates();
675 d->sock.addCaCertificates(certificates);
681 d->maybeLoadCertificates();
682 return d->sock.caCertificates();
694 d->maybeLoadCertificates();
696 d->sock.connectToHostEncrypted(hostName, port, openMode);
697 setOpenMode(d->sock.openMode() | QIODevice::Unbuffered);
703 return d->sock.localCertificate();
709 return d->sock.peerCertificateChain();
715 return KSslKey(d->sock.privateKey());
727 d->sock.setCaCertificates(certificates);
728 d->certificatesLoaded =
true;
735 QList<QSslCipher> cl;
737 cl.append(d->ccc.converted(c));
739 d->sock.setCiphers(cl);
745 d->sock.setLocalCertificate(certificate);
751 d->sock.setLocalCertificate(fileName, format);
757 #if QT_VERSION >= 0x040800
758 d->sock.setPeerVerifyName(hostName);
771 QSslKey _key(key.
toDer(),
776 d->sock.setPrivateKey(_key);
781 QSsl::EncodingFormat format,
const QByteArray &passPhrase)
787 d->sock.setPrivateKey(fileName,
796 return d->sock.waitForEncrypted(msecs);
802 return d->encryptionMode(d->sock.mode());
807 return d->sock.socketOption(options);
812 d->sock.setSocketOption(options, value);
817 return d->sock.sslConfiguration();
822 d->sock.setSslConfiguration(configuration);
828 d->sock.ignoreSslErrors();
835 d->maybeLoadCertificates();
837 d->sock.startClientEncryption();
842 void KTcpSocket::showSslErrors()
844 foreach (
const QSslError &e, d->sock.sslErrors())
845 kDebug(7029) << e.errorString();
851 d->advertisedSslVersion =
version;
857 return d->advertisedSslVersion;
863 if (!d->sock.isEncrypted()) {
872 if (!d->sock.isEncrypted()) {
875 return d->sock.sessionCipher().protocolString();
902 : d(new KSslKeyPrivate)
906 d->isExportable =
true;
911 : d(new KSslKeyPrivate)
918 : d(new KSslKeyPrivate)
920 d->algorithm = d->convertAlgorithm(qsk.algorithm());
922 d->isExportable =
true;
923 d->der = qsk.toDer();
948 return d->isExportable;
966 class KSslCipherPrivate
981 : d(new KSslCipherPrivate)
984 d->supportedBits = 0;
990 : d(new KSslCipherPrivate)
997 : d(new KSslCipherPrivate)
999 d->authenticationMethod = qsc.authenticationMethod();
1000 d->encryptionMethod = qsc.encryptionMethod();
1003 int parenIdx = d->encryptionMethod.indexOf(QLatin1Char(
'('));
1005 d->encryptionMethod.truncate(parenIdx);
1006 d->keyExchangeMethod = qsc.keyExchangeMethod();
1007 d->name = qsc.name();
1008 d->isNull = qsc.isNull();
1009 d->supportedBits = qsc.supportedBits();
1010 d->usedBits = qsc.usedBits();
1035 return d->authenticationMethod;
1041 return d->encryptionMethod;
1047 return d->keyExchangeMethod;
1055 if (d->name.endsWith(QLatin1String(
"SHA")))
1056 return QString::fromLatin1(
"SHA-1");
1057 else if (d->name.endsWith(QLatin1String(
"MD5")))
1058 return QString::fromLatin1(
"MD5");
1060 return QString::fromLatin1(
"");
1072 return d->supportedBits;
1085 QList<KSslCipher> ret;
1087 foreach(
const QSslCipher &c, candidates) {
1121 foreach (
const QSslError &e, socket->sslErrors())
1124 d->
ip = socket->peerAddress().toString();
1125 d->
host = socket->peerName();
1126 if (socket->isEncrypted()) {
1127 d->
sslProtocol = socket->sessionCipher().protocolString();
1129 d->
cipher = socket->sessionCipher().name();
1130 d->
usedBits = socket->sessionCipher().usedBits();
1131 d->
bits = socket->sessionCipher().supportedBits();
1151 #include "ktcpsocket.moc"