db/d05/qqmlsslconfiguration_8cpp_source.html

// Copyright (C) 2023 The Qt Company Ltd.

// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only


#include <QtCore/qfile.h>

#include <QtNetwork/qsslcipher.h>

#include "qqmlsslconfiguration_p.h"

#include <array>


QT_BEGIN_NAMESPACE


static constexpr std::array<QSsl::SslOption, 8> SslOptions = {

    QSsl::SslOptionDisableEmptyFragments,

    QSsl::SslOptionDisableSessionTickets,

    QSsl::SslOptionDisableCompression,

    QSsl::SslOptionDisableServerNameIndication,

    QSsl::SslOptionDisableLegacyRenegotiation,

    QSsl::SslOptionDisableSessionSharing,

    QSsl::SslOptionDisableSessionPersistence,

    QSsl::SslOptionDisableServerCipherPreference

};


QString QQmlSslConfiguration::ciphers() const

{

    return m_ciphers;

}


QList<QSsl::SslOption> QQmlSslConfiguration::sslOptions() const

{

    return m_sslOptions;

}


QSsl::SslProtocol QQmlSslConfiguration::protocol() const

{

    return m_configuration.protocol();

}


QSslSocket::PeerVerifyMode QQmlSslConfiguration::peerVerifyMode() const

{

    return m_configuration.peerVerifyMode();

}


int QQmlSslConfiguration::peerVerifyDepth() const

{

    return m_configuration.peerVerifyDepth();

}


QByteArray QQmlSslConfiguration::sessionTicket() const

{

    return m_configuration.sessionTicket();

}


QSslConfiguration const QQmlSslConfiguration::configuration()

{

    return m_configuration;

}


void QQmlSslConfiguration::setCertificateFiles(const QStringList &certificateFiles)

{

    if (m_certificateFiles == certificateFiles)

        return;


    m_certificateFiles = certificateFiles;

    QList<QSslCertificate> certificates;

    for (const QString &fileName: m_certificateFiles) {

        QFile certificateFile(fileName);

        if (certificateFile.open(QIODevice::ReadOnly)) {

            QByteArray cert = certificateFile.readAll();

            certificates.append(QSslCertificate(cert));

        } else {

            qWarning() << "File: " << fileName << "is not found. It will be skipped.";

        }

    }


    if (!certificates.isEmpty())

        m_configuration.setCaCertificates(certificates);

    else

        qWarning() << "No certificates loaded.";

}


void QQmlSslConfiguration::setProtocol(QSsl::SslProtocol protocol)

{

    if (m_configuration.protocol() == protocol)

        return;


    m_configuration.setProtocol(protocol);

}


void QQmlSslConfiguration::setPeerVerifyMode(QSslSocket::PeerVerifyMode mode)

{

    if (m_configuration.peerVerifyMode() == mode)

        return;


    m_configuration.setPeerVerifyMode(mode);

}


void QQmlSslConfiguration::setPeerVerifyDepth(int depth)

{

    if (m_configuration.peerVerifyDepth() == depth)

        return;


    m_configuration.setPeerVerifyDepth(depth);

}


void QQmlSslConfiguration::setCiphers(const QString &ciphers)

{

    if (ciphers == m_ciphers)

        return;


    m_ciphers = ciphers;

    m_configuration.setCiphers(ciphers); // split(":") is used inside

}


void QQmlSslConfiguration::setSslOptions(const QList<QSsl::SslOption> &options)

{

    if (m_sslOptions == options)

        return;


    m_sslOptions = options;

    for (QSsl::SslOption option: m_sslOptions)

        m_configuration.setSslOption(option, true);

}


void QQmlSslConfiguration::setSessionTicket(const QByteArray &sessionTicket)

{

    if (m_configuration.sessionTicket() == sessionTicket)

        return;


    m_configuration.setSessionTicket(sessionTicket);

}


void QQmlSslConfiguration::setPrivateKey(const QQmlSslKey &privateKey)

{

    m_configuration.setPrivateKey(privateKey.getSslKey());

}


void QQmlSslConfiguration::setSslOptionsList(const QSslConfiguration &configuration)

{

    for (QSsl::SslOption option: SslOptions) {

        if (configuration.testSslOption(option))

            m_sslOptions.append(option);

    }

}


void QQmlSslConfiguration::setCiphersList(const QSslConfiguration &configuration)

{

    QList<QSslCipher> ciphers = configuration.ciphers();

    for (int i = 0; i < ciphers.size(); ++i) {

        if (i != 0) {

            m_ciphers += QString::fromUtf8(":");

        }

        m_ciphers += ciphers[i].name();

    }

}


QQmlSslDefaultConfiguration::QQmlSslDefaultConfiguration()

    : QQmlSslConfiguration()

{

    m_configuration = QSslConfiguration::defaultConfiguration();

    setSslOptionsList(m_configuration);

    setCiphersList(m_configuration);

}


QQmlSslDefaultDtlsConfiguration::QQmlSslDefaultDtlsConfiguration()

    : QQmlSslConfiguration()

{

#if QT_CONFIG(dtls)

    m_configuration = QSslConfiguration::defaultDtlsConfiguration();

#else

    qWarning() << "No dtls support enabled";

    m_configuration = QSslConfiguration::defaultConfiguration();

#endif // QT_CONFIG(dtls)

    setSslOptionsList(m_configuration);

    setCiphersList(m_configuration);

}


QT_END_NAMESPACE

QByteArray
\inmodule QtCore
Definition qbytearray.h:57

QFile
\inmodule QtCore
Definition qfile.h:93

QIODeviceBase::ReadOnly
@ ReadOnly
Definition qiodevicebase.h:18

QList::append
void append(parameter_type t)
Definition qlist.h:458

QQmlSslConfiguration
Definition qqmlsslconfiguration_p.h:31

QQmlSslConfiguration::m_ciphers
QString m_ciphers
Definition qqmlsslconfiguration_p.h:82

QQmlSslConfiguration::setPrivateKey
Q_INVOKABLE void setPrivateKey(const QQmlSslKey &privateKey)
Definition qqmlsslconfiguration.cpp:130

QQmlSslConfiguration::setSessionTicket
void setSessionTicket(const QByteArray &sessionTicket)
Definition qqmlsslconfiguration.cpp:122

QQmlSslConfiguration::m_sslOptions
QList< QSsl::SslOption > m_sslOptions
Definition qqmlsslconfiguration_p.h:83

QQmlSslConfiguration::setCiphersList
void setCiphersList(const QSslConfiguration &configuration)
Definition qqmlsslconfiguration.cpp:143

QQmlSslConfiguration::sessionTicket
QByteArray sessionTicket
Definition qqmlsslconfiguration_p.h:40

QQmlSslConfiguration::setPeerVerifyDepth
void setPeerVerifyDepth(int depth)
Definition qqmlsslconfiguration.cpp:95

QQmlSslConfiguration::sslOptions
QList< QSsl::SslOption > sslOptions
Definition qqmlsslconfiguration_p.h:35

QQmlSslConfiguration::setCiphers
void setCiphers(const QString &ciphers)
Definition qqmlsslconfiguration.cpp:103

QQmlSslConfiguration::peerVerifyMode
QSslSocket::PeerVerifyMode peerVerifyMode
Definition qqmlsslconfiguration_p.h:38

QQmlSslConfiguration::setSslOptionsList
void setSslOptionsList(const QSslConfiguration &configuration)
Definition qqmlsslconfiguration.cpp:135

QQmlSslConfiguration::peerVerifyDepth
int peerVerifyDepth
Definition qqmlsslconfiguration_p.h:39

QQmlSslConfiguration::protocol
QSsl::SslProtocol protocol
Definition qqmlsslconfiguration_p.h:36

QQmlSslConfiguration::setCertificateFiles
Q_INVOKABLE void setCertificateFiles(const QStringList &certificateFiles)
Definition qqmlsslconfiguration.cpp:56

QQmlSslConfiguration::m_certificateFiles
QStringList m_certificateFiles
Definition qqmlsslconfiguration_p.h:81

QQmlSslConfiguration::setProtocol
void setProtocol(QSsl::SslProtocol protocol)
Definition qqmlsslconfiguration.cpp:79

QQmlSslConfiguration::ciphers
QString ciphers
Definition qqmlsslconfiguration_p.h:34

QQmlSslConfiguration::setPeerVerifyMode
void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode)
Definition qqmlsslconfiguration.cpp:87

QQmlSslConfiguration::m_configuration
QSslConfiguration m_configuration
Definition qqmlsslconfiguration_p.h:84

QQmlSslConfiguration::configuration
QSslConfiguration const configuration()
Definition qqmlsslconfiguration.cpp:51

QQmlSslConfiguration::setSslOptions
void setSslOptions(const QList< QSsl::SslOption > &options)
Definition qqmlsslconfiguration.cpp:112

QQmlSslDefaultConfiguration::QQmlSslDefaultConfiguration
QQmlSslDefaultConfiguration()
Definition qqmlsslconfiguration.cpp:154

QQmlSslDefaultDtlsConfiguration::QQmlSslDefaultDtlsConfiguration
QQmlSslDefaultDtlsConfiguration()
Definition qqmlsslconfiguration.cpp:162

QQmlSslKey
Definition qqmlsslkey_p.h:29

QQmlSslKey::getSslKey
QSslKey getSslKey() const
Definition qqmlsslkey.cpp:9

QSslCertificate
The QSslCertificate class provides a convenient API for an X509 certificate.
Definition qsslcertificate.h:35

QSslConfiguration
The QSslConfiguration class holds the configuration and state of an SSL connection.
Definition qsslconfiguration.h:41

QSslConfiguration::testSslOption
bool testSslOption(QSsl::SslOption option) const
Definition qsslconfiguration.cpp:759

QSslConfiguration::setSessionTicket
void setSessionTicket(const QByteArray &sessionTicket)
Definition qsslconfiguration.cpp:795

QSslConfiguration::setPeerVerifyMode
void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode)
Sets the verify mode to mode.
Definition qsslconfiguration.cpp:300

QSslConfiguration::peerVerifyMode
QSslSocket::PeerVerifyMode peerVerifyMode() const
Returns the verify mode.
Definition qsslconfiguration.cpp:284

QSslConfiguration::protocol
QSsl::SslProtocol protocol() const
Returns the protocol setting for this SSL configuration.
Definition qsslconfiguration.cpp:254

QSslConfiguration::peerVerifyDepth
int peerVerifyDepth() const
Returns the maximum number of certificates in the peer's certificate chain to be checked during the S...
Definition qsslconfiguration.cpp:317

QSslConfiguration::setSslOption
void setSslOption(QSsl::SslOption option, bool on)
Enables or disables an SSL compatibility option.
Definition qsslconfiguration.cpp:747

QSslConfiguration::ciphers
QList< QSslCipher > ciphers() const
Returns this connection's current cryptographic cipher suite.
Definition qsslconfiguration.cpp:561

QSslConfiguration::sessionTicket
QByteArray sessionTicket() const
Definition qsslconfiguration.cpp:780

QSslConfiguration::setPrivateKey
void setPrivateKey(const QSslKey &key)
Sets the connection's private \l {QSslKey} {key} to key.
Definition qsslconfiguration.cpp:537

QSslConfiguration::setCiphers
void setCiphers(const QList< QSslCipher > &ciphers)
Sets the cryptographic cipher suite for this socket to ciphers, which must contain a subset of the ci...
Definition qsslconfiguration.cpp:576

QSslConfiguration::setPeerVerifyDepth
void setPeerVerifyDepth(int depth)
Sets the maximum number of certificates in the peer's certificate chain to be checked during the SSL ...
Definition qsslconfiguration.cpp:333

QSslConfiguration::defaultConfiguration
static QSslConfiguration defaultConfiguration()
Returns the default SSL configuration to be used in new SSL connections.
Definition qsslconfiguration.cpp:1095

QSslConfiguration::setCaCertificates
void setCaCertificates(const QList< QSslCertificate > &certificates)
Sets this socket's CA certificate database to be certificates.
Definition qsslconfiguration.cpp:649

QSslConfiguration::setProtocol
void setProtocol(QSsl::SslProtocol protocol)
Sets the protocol setting for this configuration to be protocol.
Definition qsslconfiguration.cpp:268

QSslSocket::PeerVerifyMode
PeerVerifyMode
Definition qsslsocket.h:40

QStringList
\inmodule QtCore

QString
\macro QT_RESTRICTED_CAST_FROM_ASCII
Definition qstring.h:129

QString::size
qsizetype size() const noexcept
Returns the number of characters in this string.
Definition qstring.h:186

QString::fromUtf8
static QString fromUtf8(QByteArrayView utf8)
This is an overloaded member function, provided for convenience. It differs from the above function o...
Definition qstring.cpp:6018

i
i
[1]
Definition doc_src_containers.cpp:169

QSsl::SslOption
SslOption
Describes the options that can be used to control the details of SSL behaviour.
Definition qssl.h:73

QSsl::SslOptionDisableSessionPersistence
@ SslOptionDisableSessionPersistence
Definition qssl.h:80

QSsl::SslOptionDisableCompression
@ SslOptionDisableCompression
Definition qssl.h:76

QSsl::SslOptionDisableSessionTickets
@ SslOptionDisableSessionTickets
Definition qssl.h:75

QSsl::SslOptionDisableServerNameIndication
@ SslOptionDisableServerNameIndication
Definition qssl.h:77

QSsl::SslOptionDisableLegacyRenegotiation
@ SslOptionDisableLegacyRenegotiation
Definition qssl.h:78

QSsl::SslOptionDisableSessionSharing
@ SslOptionDisableSessionSharing
Definition qssl.h:79

QSsl::SslOptionDisableServerCipherPreference
@ SslOptionDisableServerCipherPreference
Definition qssl.h:81

QSsl::SslOptionDisableEmptyFragments
@ SslOptionDisableEmptyFragments
Definition qssl.h:74

QSsl::SslProtocol
SslProtocol
Describes the protocol of the cipher.
Definition qssl.h:50

QT_BEGIN_NAMESPACE
Combined button and popup list for selecting options.
Definition qstandardpaths_haiku.cpp:21

QT_END_NAMESPACE
Definition qsharedpointer.cpp:1590

qWarning
#define qWarning
Definition qlogging.h:166

depth
GLint GLenum GLsizei GLsizei GLsizei depth
Definition qopengles2ext.h:603

mode
GLenum mode
Definition qopengles2ext.h:333

option
GLuint GLenum option
Definition qopenglext.h:5929

SslOptions
static QT_BEGIN_NAMESPACE constexpr std::array< QSsl::SslOption, 8 > SslOptions
Definition qqmlsslconfiguration.cpp:10

qqmlsslconfiguration_p.h

fileName
fileName
[0]
Definition src_gui_dialogs_qfiledialog.cpp:5

cert
QList< QSslCertificate > cert
[0]
Definition src_network_access_qnetworkreply.cpp:7