KDECore
ktcpsocket.h
Go to the documentation of this file.
00001 /* This file is part of the KDE libraries 00002 Copyright (C) 2007 Thiago Macieira <thiago@kde.org> 00003 Copyright (C) 2007 Andreas Hartmetz <ahartmetz@gmail.com> 00004 00005 This library is free software; you can redistribute it and/or 00006 modify it under the terms of the GNU Library General Public 00007 License as published by the Free Software Foundation; either 00008 version 2 of the License, or (at your option) any later version. 00009 00010 This library is distributed in the hope that it will be useful, 00011 but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00013 Library General Public License for more details. 00014 00015 You should have received a copy of the GNU Library General Public License 00016 along with this library; see the file COPYING.LIB. If not, write to 00017 the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 00018 Boston, MA 02110-1301, USA. 00019 */ 00020 00021 #ifndef KTCPSOCKET_H 00022 #define KTCPSOCKET_H 00023 00024 #include <QtNetwork/QSslSocket> 00025 //#include <QtCore/QRegExp> 00026 00027 #include "kdecore_export.h" 00028 00029 /* 00030 Notes on QCA::TLS compatibility 00031 In order to check for all validation problems as far as possible we need to use: 00032 Validity QCA::TLS::peerCertificateValidity() 00033 TLS::IdentityResult QCA::TLS::peerIdentityResult() 00034 CertificateChain QCA::TLS::peerCertificateChain().validate() - to find the failing cert! 00035 TLS::Error QCA::TLS::errorCode() - for more generic (but stil SSL) errors 00036 */ 00037 00038 00039 class KSslKeyPrivate; 00040 00041 class KDECORE_EXPORT KSslKey { 00042 public: 00043 enum Algorithm { 00044 Rsa = 0, 00045 Dsa, 00046 Dh 00047 }; 00048 enum KeySecrecy { 00049 PublicKey, 00050 PrivateKey 00051 }; 00052 00053 KSslKey(); 00054 KSslKey(const KSslKey &other); 00055 KSslKey(const QSslKey &sslKey); 00056 ~KSslKey(); 00057 KSslKey &operator=(const KSslKey &other); 00058 00059 Algorithm algorithm() const; 00060 bool isExportable() const; 00061 KeySecrecy secrecy() const; 00062 QByteArray toDer() const; 00063 private: 00064 KSslKeyPrivate *const d; 00065 }; 00066 00067 00068 class KSslCipherPrivate; 00069 00070 class KDECORE_EXPORT KSslCipher { 00071 public: 00072 KSslCipher(); 00073 KSslCipher(const KSslCipher &other); 00074 KSslCipher(const QSslCipher &); 00075 ~KSslCipher(); 00076 KSslCipher &operator=(const KSslCipher &other); 00077 00078 bool isNull() const; 00079 QString authenticationMethod() const; 00080 QString encryptionMethod() const; 00081 QString keyExchangeMethod() const; 00082 QString digestMethod() const; 00083 /* mainly for internal use */ 00084 QString name() const; 00085 int supportedBits() const; 00086 int usedBits() const; 00087 00088 static QList<KSslCipher> supportedCiphers(); 00089 00090 private: 00091 KSslCipherPrivate *const d; 00092 }; 00093 00094 00095 class KSslErrorPrivate; 00096 class KTcpSocket; 00097 00098 class KDECORE_EXPORT KSslError 00099 { 00100 public: 00101 enum Error { 00102 NoError = 0, 00103 UnknownError, 00104 InvalidCertificateAuthorityCertificate, 00105 InvalidCertificate, 00106 CertificateSignatureFailed, 00107 SelfSignedCertificate, 00108 ExpiredCertificate, 00109 RevokedCertificate, 00110 InvalidCertificatePurpose, 00111 RejectedCertificate, 00112 UntrustedCertificate, 00113 NoPeerCertificate, 00114 HostNameMismatch, 00115 PathLengthExceeded 00116 }; 00117 KSslError(KSslError::Error error = NoError, const QSslCertificate &cert = QSslCertificate()); 00118 KSslError(const QSslError &error); //### explicit yes or no? 00119 KSslError(const KSslError &other); 00120 ~KSslError(); 00121 KSslError &operator=(const KSslError &other); 00122 00123 Error error() const; 00124 QString errorString() const; 00125 QSslCertificate certificate() const; 00126 private: 00127 KSslErrorPrivate *const d; 00128 }; 00129 00130 00131 //consider killing more convenience functions with huge signatures 00132 //### do we need setSession() / session() ? 00133 00134 //BIG FAT TODO: do we keep openMode() up to date everywhere it can change? 00135 00136 //other TODO: limit possible error strings?, SSL key stuff 00137 00138 //TODO protocol (or maybe even application?) dependent automatic proxy choice 00139 00140 class KTcpSocketPrivate; 00141 class QHostAddress; 00142 class KUrl; 00143 00144 class KDECORE_EXPORT KTcpSocket: public QIODevice 00145 { 00146 Q_OBJECT 00147 public: 00148 enum State { 00149 UnconnectedState = 0, 00150 HostLookupState, 00151 ConnectingState, 00152 ConnectedState, 00153 BoundState, 00154 ListeningState, 00155 ClosingState 00156 //hmmm, do we need an SslNegotiatingState? 00157 }; 00158 enum SslVersion { 00159 UnknownSslVersion = 0x01, 00160 SslV2 = 0x02, 00161 SslV3 = 0x04, 00162 TlsV1 = 0x08, 00163 SslV3_1 = 0x08, 00164 TlsV1SslV3 = 0x10, 00165 SecureProtocols = 0x20, 00166 AnySslVersion = SslV2 | SslV3 | TlsV1 00167 }; 00168 Q_DECLARE_FLAGS(SslVersions, SslVersion) 00169 enum Error { 00170 UnknownError = 0, 00171 ConnectionRefusedError, 00172 RemoteHostClosedError, 00173 HostNotFoundError, 00174 SocketAccessError, 00175 SocketResourceError, 00176 SocketTimeoutError, 00177 NetworkError, 00178 UnsupportedSocketOperationError 00179 }; 00180 /* 00181 The following is based on reading the OpenSSL interface code of both QSslSocket 00182 and QCA::TLS. Barring oversights it should be accurate. The two cases with the 00183 question marks apparently will never be emitted by QSslSocket so there is nothing 00184 to compare. 00185 00186 QSslError::NoError KTcpSocket::NoError 00187 QSslError::UnableToGetIssuerCertificate QCA::ErrorSignatureFailed 00188 QSslError::UnableToDecryptCertificateSignature QCA::ErrorSignatureFailed 00189 QSslError::UnableToDecodeIssuerPublicKey QCA::ErrorInvalidCA 00190 QSslError::CertificateSignatureFailed QCA::ErrorSignatureFailed 00191 QSslError::CertificateNotYetValid QCA::ErrorExpired 00192 QSslError::CertificateExpired QCA::ErrorExpired 00193 QSslError::InvalidNotBeforeField QCA::ErrorExpired 00194 QSslError::InvalidNotAfterField QCA::ErrorExpired 00195 QSslError::SelfSignedCertificate QCA::ErrorSelfSigned 00196 QSslError::SelfSignedCertificateInChain QCA::ErrorSelfSigned 00197 QSslError::UnableToGetLocalIssuerCertificate QCA::ErrorInvalidCA 00198 QSslError::UnableToVerifyFirstCertificate QCA::ErrorSignatureFailed 00199 QSslError::CertificateRevoked QCA::ErrorRevoked 00200 QSslError::InvalidCaCertificate QCA::ErrorInvalidCA 00201 QSslError::PathLengthExceeded QCA::ErrorPathLengthExceeded 00202 QSslError::InvalidPurpose QCA::ErrorInvalidPurpose 00203 QSslError::CertificateUntrusted QCA::ErrorUntrusted 00204 QSslError::CertificateRejected QCA::ErrorRejected 00205 QSslError::SubjectIssuerMismatch QCA::TLS::InvalidCertificate ? 00206 QSslError::AuthorityIssuerSerialNumberMismatch QCA::TLS::InvalidCertificate ? 00207 QSslError::NoPeerCertificate QCA::TLS::NoCertificate 00208 QSslError::HostNameMismatch QCA::TLS::HostMismatch 00209 QSslError::UnspecifiedError KTcpSocket::UnknownError 00210 QSslError::NoSslSupport Never happens :) 00211 */ 00212 enum EncryptionMode { 00213 UnencryptedMode = 0, 00214 SslClientMode, 00215 SslServerMode //### not implemented 00216 }; 00217 enum ProxyPolicy { 00219 AutoProxy = 0, 00221 ManualProxy 00222 }; 00223 00224 KTcpSocket(QObject *parent = 0); 00225 ~KTcpSocket(); 00226 00227 //from QIODevice 00228 //reimplemented virtuals - the ones not reimplemented are OK for us 00229 virtual bool atEnd() const; 00230 virtual qint64 bytesAvailable() const; 00231 virtual qint64 bytesToWrite() const; 00232 virtual bool canReadLine() const; 00233 virtual void close(); 00234 virtual bool isSequential() const; 00235 virtual bool open(QIODevice::OpenMode open); 00236 virtual bool waitForBytesWritten(int msecs); 00237 //### Document that this actually tries to read *more* data 00238 virtual bool waitForReadyRead(int msecs = 30000); 00239 protected: 00240 virtual qint64 readData (char *data, qint64 maxSize); 00241 virtual qint64 writeData (const char *data, qint64 maxSize); 00242 signals: 00245 void encryptedBytesWritten( qint64 written ); 00246 public: 00247 //from QAbstractSocket 00248 void abort(); 00249 void connectToHost(const QString &hostName, quint16 port, ProxyPolicy policy = AutoProxy); 00250 void connectToHost(const QHostAddress &hostAddress, quint16 port, ProxyPolicy policy = AutoProxy); 00251 00258 void connectToHost(const KUrl &url, ProxyPolicy policy = AutoProxy); 00259 void disconnectFromHost(); 00260 Error error() const; //### QAbstractSocket's model is strange. error() should be related to the 00261 //current state and *NOT* just report the last error if there was one. 00262 QList<KSslError> sslErrors() const; //### the errors returned can only have a subset of all 00263 //possible QSslError::SslError enum values depending on backend 00264 bool flush(); 00265 bool isValid() const; 00266 QHostAddress localAddress() const; 00267 QHostAddress peerAddress() const; 00268 QString peerName() const; 00269 quint16 peerPort() const; 00270 void setVerificationPeerName(const QString& hostName); 00271 00272 #ifndef QT_NO_NETWORKPROXY 00273 00276 QNetworkProxy proxy() const; 00277 #endif 00278 qint64 readBufferSize() const; //probably hard to implement correctly 00279 00280 #ifndef QT_NO_NETWORKPROXY 00281 00284 void setProxy(const QNetworkProxy &proxy); //people actually seem to need it 00285 #endif 00286 void setReadBufferSize(qint64 size); 00287 State state() const; 00288 bool waitForConnected(int msecs = 30000); 00289 bool waitForDisconnected(int msecs = 30000); 00290 00291 //from QSslSocket 00292 void addCaCertificate(const QSslCertificate &certificate); 00293 // bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, 00294 // QRegExp::PatternSyntax syntax = QRegExp::FixedString); 00295 void addCaCertificates(const QList<QSslCertificate> &certificates); 00296 QList<QSslCertificate> caCertificates() const; 00297 QList<KSslCipher> ciphers() const; 00298 void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite); 00299 // bool isEncrypted() const { return encryptionMode() != UnencryptedMode } 00300 QSslCertificate localCertificate() const; 00301 QList<QSslCertificate> peerCertificateChain() const; 00302 KSslKey privateKey() const; 00303 KSslCipher sessionCipher() const; 00304 void setCaCertificates(const QList<QSslCertificate> &certificates); 00305 void setCiphers(const QList<KSslCipher> &ciphers); 00306 //### void setCiphers(const QString &ciphers); //what about i18n? 00307 void setLocalCertificate(const QSslCertificate &certificate); 00308 void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem); 00309 void setPrivateKey(const KSslKey &key); 00310 void setPrivateKey(const QString &fileName, KSslKey::Algorithm algorithm = KSslKey::Rsa, 00311 QSsl::EncodingFormat format = QSsl::Pem, 00312 const QByteArray &passPhrase = QByteArray()); 00313 void setAdvertisedSslVersion(SslVersion version); 00314 SslVersion advertisedSslVersion() const; //always equal to last setSslAdvertisedVersion 00315 SslVersion negotiatedSslVersion() const; //negotiated version; downgrades are possible. 00316 QString negotiatedSslVersionName() const; 00317 bool waitForEncrypted(int msecs = 30000); 00318 00319 EncryptionMode encryptionMode() const; 00320 00328 QVariant socketOption(QAbstractSocket::SocketOption options) const; 00329 00337 void setSocketOption(QAbstractSocket::SocketOption options, const QVariant &value); 00338 00339 Q_SIGNALS: 00340 //from QAbstractSocket 00341 void connected(); 00342 void disconnected(); 00343 void error(KTcpSocket::Error); 00344 void hostFound(); 00345 #ifndef QT_NO_NETWORKPROXY 00346 void proxyAuthenticationRequired(const QNetworkProxy &proxy, QAuthenticator *authenticator); 00347 #endif 00348 // only for raw socket state, SSL is separate 00349 void stateChanged(KTcpSocket::State); 00350 00351 //from QSslSocket 00352 void encrypted(); 00353 void encryptionModeChanged(EncryptionMode); 00354 void sslErrors(const QList<KSslError> &errors); 00355 00356 public Q_SLOTS: 00357 void ignoreSslErrors(); 00358 void startClientEncryption(); 00359 // void startServerEncryption(); //not implemented 00360 private: 00361 Q_PRIVATE_SLOT(d, void reemitReadyRead()) 00362 Q_PRIVATE_SLOT(d, void reemitSocketError(QAbstractSocket::SocketError)) 00363 Q_PRIVATE_SLOT(d, void reemitSslErrors(const QList<QSslError> &)) 00364 Q_PRIVATE_SLOT(d, void reemitStateChanged(QAbstractSocket::SocketState)) 00365 Q_PRIVATE_SLOT(d, void reemitModeChanged(QSslSocket::SslMode)) 00366 00367 //debugging H4X 00368 void showSslErrors(); 00369 00370 friend class KTcpSocketPrivate; 00371 KTcpSocketPrivate *const d; 00372 }; 00373 00374 00382 class KDECORE_EXPORT KSslErrorUiData 00383 { 00384 public: 00388 KSslErrorUiData(); 00392 KSslErrorUiData(const KTcpSocket *socket); 00396 KSslErrorUiData(const QSslSocket *socket); 00397 KSslErrorUiData(const KSslErrorUiData &other); 00398 KSslErrorUiData &operator=(const KSslErrorUiData &); 00403 ~KSslErrorUiData(); 00404 class Private; 00405 private: 00406 friend class Private; 00407 Private *const d; 00408 }; 00409 00410 00411 #endif // KTCPSOCKET_H
This file is part of the KDE documentation.
Documentation copyright © 1996-2012 The KDE developers.
Generated on Wed May 2 2012 17:05:22 by doxygen 1.8.0 written by Dimitri van Heesch, © 1997-2006
Documentation copyright © 1996-2012 The KDE developers.
Generated on Wed May 2 2012 17:05:22 by doxygen 1.8.0 written by Dimitri van Heesch, © 1997-2006
KDE's Doxygen guidelines are available online.
