Qt
Internal/Contributor docs for the Qt SDK. Note: These are NOT official API docs; those are found at https://doc.qt.io/
Loading...
Searching...
No Matches
qsslsocket_p.h
Go to the documentation of this file.
1// Copyright (C) 2021 The Qt Company Ltd.
2// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3// Qt-Security score:significant reason:default
4
5
6#ifndef QSSLSOCKET_P_H
7#define QSSLSOCKET_P_H
8
9#include "qsslsocket.h"
10
11//
12// W A R N I N G
13// -------------
14//
15// This file is not part of the Qt API. It exists purely as an
16// implementation detail. This header file may change from version to
17// version without notice, or even be removed.
18//
19// We mean it.
20//
21
22#include <QtNetwork/private/qtnetworkglobal_p.h>
23
24#include <private/qtcpsocket_p.h>
25
26#include "qocspresponse.h"
27#include "qsslconfiguration_p.h"
28#include "qsslkey.h"
29#include "qtlsbackend_p.h"
30
31#include <QtCore/qlist.h>
32#include <QtCore/qmutex.h>
33#include <QtCore/qstringlist.h>
34
35#include <memory>
36
37QT_BEGIN_NAMESPACE
38
39class QSslContext;
40class QTlsBackend;
41
42class Q_NETWORK_EXPORT QSslSocketPrivate : public QTcpSocketPrivate
43{
44 Q_DECLARE_PUBLIC(QSslSocket)
45public:
46 QSslSocketPrivate();
47 virtual ~QSslSocketPrivate();
48
49 void init();
50 bool verifyProtocolSupported(const char *where);
51 bool initialized;
52
53 QSslSocket::SslMode mode;
54 bool autoStartHandshake;
55 bool connectionEncrypted;
56 bool ignoreAllSslErrors;
57 QList<QSslError> ignoreErrorsList;
58 bool* readyReadEmittedPointer;
59
60 QSslConfigurationPrivate configuration;
61
62 // if set, this hostname is used for certificate validation instead of the hostname
63 // that was used for connecting to.
64 QString verificationPeerName;
65
66 bool allowRootCertOnDemandLoading;
67
68 static bool s_loadRootCertsOnDemand;
69
70 static bool supportsSsl();
71 static void ensureInitialized();
72
73 static QList<QSslCipher> defaultCiphers();
74 static QList<QSslCipher> defaultDtlsCiphers();
75 static QList<QSslCipher> supportedCiphers();
76 static void setDefaultCiphers(const QList<QSslCipher> &ciphers);
77 static void setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers);
78 static void setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers);
79
80 static QList<QSslEllipticCurve> supportedEllipticCurves();
81 static void setDefaultSupportedEllipticCurves(const QList<QSslEllipticCurve> &curves);
82 static void resetDefaultEllipticCurves();
83
84 static QList<QSslCertificate> defaultCaCertificates();
85 static QList<QSslCertificate> systemCaCertificates();
86 static void setDefaultCaCertificates(const QList<QSslCertificate> &certs);
87 static void addDefaultCaCertificate(const QSslCertificate &cert);
88 static void addDefaultCaCertificates(const QList<QSslCertificate> &certs);
89 static bool isMatchingHostname(const QSslCertificate &cert, const QString &peerName);
90 static bool isMatchingHostname(const QString &cn, const QString &hostname);
91
92 // The socket itself, including private slots.
93 QTcpSocket *plainSocket = nullptr;
94 void createPlainSocket(QIODevice::OpenMode openMode);
95 static void pauseSocketNotifiers(QSslSocket*);
96 static void resumeSocketNotifiers(QSslSocket*);
97 // ### The 2 methods below should be made member methods once the QSslContext class is made public
98 static void checkSettingSslContext(QSslSocket*, std::shared_ptr<QSslContext>);
99 static std::shared_ptr<QSslContext> sslContext(QSslSocket *socket);
100 bool isPaused() const;
101 void setPaused(bool p);
102 bool bind(const QHostAddress &address, quint16, QAbstractSocket::BindMode, const QNetworkInterface *iface = nullptr) override;
103 void _q_connectedSlot();
104 void _q_hostFoundSlot();
105 void _q_disconnectedSlot();
106 void _q_stateChangedSlot(QAbstractSocket::SocketState);
107 void _q_errorSlot(QAbstractSocket::SocketError);
108 void _q_readyReadSlot();
109 void _q_channelReadyReadSlot(int);
110 void _q_bytesWrittenSlot(qint64);
111 void _q_channelBytesWrittenSlot(int, qint64);
112 void _q_readChannelFinishedSlot();
113 void _q_flushWriteBuffer();
114 void _q_flushReadBuffer();
115 void _q_resumeImplementation();
116
117 static QList<QByteArray> unixRootCertDirectories(); // used also by QSslContext
118
119 qint64 peek(char *data, qint64 maxSize) override;
120 QByteArray peek(qint64 maxSize) override;
121 bool flush() override;
122
123 void startClientEncryption();
124 void startServerEncryption();
125 void transmit();
126 void disconnectFromHost();
127 void disconnected();
128 QSslCipher sessionCipher() const;
129 QSsl::SslProtocol sessionProtocol() const;
130 void continueHandshake();
131
132 static bool rootCertOnDemandLoadingSupported();
133 static void setRootCertOnDemandLoadingSupported(bool supported);
134
135 static QTlsBackend *tlsBackendInUse();
136
137 // Needed by TlsCryptograph:
138 QSslSocket::SslMode tlsMode() const;
139 bool isRootsOnDemandAllowed() const;
140 QString verificationName() const;
141 QString tlsHostName() const;
142 QTcpSocket *plainTcpSocket() const;
143 bool verifyErrorsHaveBeenIgnored();
144 bool isAutoStartingHandshake() const;
145 bool isPendingClose() const;
146 void setPendingClose(bool pc);
147 qint64 maxReadBufferSize() const;
148 void setMaxReadBufferSize(qint64 maxSize);
149 void setEncrypted(bool enc);
150 QRingBufferRef &tlsWriteBuffer();
151 QRingBufferRef &tlsBuffer();
152 bool &tlsEmittedBytesWritten();
153 bool *readyReadPointer();
154
155protected:
156
157 bool hasUndecryptedData() const;
158 bool paused;
159 bool flushTriggered;
160
161 static inline QMutex backendMutex;
162 static inline QString activeBackendName;
163 static inline QTlsBackend *tlsBackend = nullptr;
164
165 std::unique_ptr<QTlsPrivate::TlsCryptograph> backend;
166};
167
168QT_END_NAMESPACE
169
170#endif
msgUnsupportedMulticastAddress
static QT_BEGIN_NAMESPACE QString msgUnsupportedMulticastAddress()
Definition qdtls.cpp:304