qsslsocket.h source code [qtbase/src/network/ssl/qsslsocket.h]

1	// Copyright (C) 2021 The Qt Company Ltd.
2	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3	// Qt-Security score:significant reason:default
4
5
6	#ifndef QSSLSOCKET_H
7	#define QSSLSOCKET_H
8
9	#include <QtNetwork/qtnetworkglobal.h>
10	#include <QtCore/qlist.h>
11	#ifndef QT_NO_SSL
12	# include <QtNetwork/qtcpsocket.h>
13	# include <QtNetwork/qsslerror.h>
14	#endif
15
16	QT_BEGIN_NAMESPACE
17
18
19	#ifndef QT_NO_SSL
20
21	class QDir;
22	class QSslCipher;
23	class QSslCertificate;
24	class QSslConfiguration;
25	class QSslPreSharedKeyAuthenticator;
26	class QOcspResponse;
27
28	class QSslSocketPrivate;
29	class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket
30	{
31	Q_OBJECT
32	Q_MOC_INCLUDE(<QtNetwork/qsslpresharedkeyauthenticator.h>)
33	public:
34	enum SslMode {
35	UnencryptedMode,
36	SslClientMode,
37	SslServerMode
38	};
39	Q_ENUM(SslMode)
40
41	enum PeerVerifyMode {
42	VerifyNone,
43	QueryPeer,
44	VerifyPeer,
45	AutoVerifyPeer
46	};
47	Q_ENUM(PeerVerifyMode)
48
49	explicit QSslSocket(QObject parent = nullptr*);
50	~QSslSocket();
51	void resume() override; // to continue after proxy authentication required, SSL errors etc.
52
53	// Autostarting the SSL client handshake.
54	void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol);
55	void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol);
56	bool setSocketDescriptor(qintptr socketDescriptor, SocketState state = ConnectedState,
57	OpenMode openMode = ReadWrite) override;
58
59	using QAbstractSocket::connectToHost;
60	void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol) override;
61	void disconnectFromHost() override;
62
63	virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) override;
64	virtual QVariant socketOption(QAbstractSocket::SocketOption option) override;
65
66	SslMode mode() const;
67	bool isEncrypted() const;
68
69	QSsl::SslProtocol protocol() const;
70	void setProtocol(QSsl::SslProtocol protocol);
71
72	QSslSocket::PeerVerifyMode peerVerifyMode() const;
73	void setPeerVerifyMode(QSslSocket::PeerVerifyMode mode);
74
75	int peerVerifyDepth() const;
76	void setPeerVerifyDepth(int depth);
77
78	QString peerVerifyName() const;
79	void setPeerVerifyName(const QString &hostName);
80
81	// From QIODevice
82	qint64 bytesAvailable() const override;
83	qint64 bytesToWrite() const override;
84	bool canReadLine() const override;
85	void close() override;
86	bool atEnd() const override;
87
88	// From QAbstractSocket:
89	void setReadBufferSize(qint64 size) override;
90
91	// Similar to QIODevice's:
92	qint64 encryptedBytesAvailable() const;
93	qint64 encryptedBytesToWrite() const;
94
95	// SSL configuration
96	QSslConfiguration sslConfiguration() const;
97	void setSslConfiguration(const QSslConfiguration &config);
98
99	// Certificate & cipher accessors.
100	void setLocalCertificateChain(const QList<QSslCertificate> &localChain);
101	QList<QSslCertificate> localCertificateChain() const;
102
103	void setLocalCertificate(const QSslCertificate &certificate);
104	void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem);
105	QSslCertificate localCertificate() const;
106	QSslCertificate peerCertificate() const;
107	QList<QSslCertificate> peerCertificateChain() const;
108	QSslCipher sessionCipher() const;
109	QSsl::SslProtocol sessionProtocol() const;
110	QList<QOcspResponse> ocspResponses() const;
111
112	// Private keys, for server sockets.
113	void setPrivateKey(const QSslKey &key);
114	void setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa,
115	QSsl::EncodingFormat format = QSsl::Pem,
116	const QByteArray &passPhrase = QByteArray ());
117	QSslKey privateKey() const;
118
119	bool waitForConnected(int msecs = `30000`) override;
120	bool waitForEncrypted(int msecs = `30000`);
121	bool waitForReadyRead(int msecs = `30000`) override;
122	bool waitForBytesWritten(int msecs = `30000`) override;
123	bool waitForDisconnected(int msecs = `30000`) override;
124
125	QList<QSslError> sslHandshakeErrors() const;
126
127	static bool supportsSsl();
128	static long sslLibraryVersionNumber();
129	static QString sslLibraryVersionString();
130	static long sslLibraryBuildVersionNumber();
131	static QString sslLibraryBuildVersionString();
132
133	static QList<QString> availableBackends();
134	static QString activeBackend();
135	static bool setActiveBackend(const QString &backendName);
136	static QList<QSsl::SslProtocol> supportedProtocols(const QString &backendName = {});
137	static bool isProtocolSupported(QSsl::SslProtocol protocol, const QString &backendName = {});
138	static QList<QSsl::ImplementedClass> implementedClasses(const QString &backendName = {});
139	static bool isClassImplemented(QSsl::ImplementedClass cl, const QString &backendName = {});
140	static QList<QSsl::SupportedFeature> supportedFeatures(const QString &backendName = {});
141	static bool isFeatureSupported(QSsl::SupportedFeature feat, const QString &backendName = {});
142
143	void ignoreSslErrors(const QList<QSslError> &errors);
144	void continueInterruptedHandshake();
145
146	public Q_SLOTS:
147	void startClientEncryption();
148	void startServerEncryption();
149	void ignoreSslErrors();
150
151	Q_SIGNALS:
152	void encrypted();
153	void peerVerifyError(const QSslError &error);
154	void sslErrors(const QList<QSslError> &errors);
155	void modeChanged(QSslSocket::SslMode newMode);
156	void encryptedBytesWritten(qint64 totalBytes);
157	void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator);
158	void newSessionTicketReceived();
159	void alertSent(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description);
160	void alertReceived(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description);
161	void handshakeInterruptedOnError(const QSslError &error);
162
163	protected:
164	qint64 readData(char *data, qint64 maxlen) override;
165	qint64 skipData(qint64 maxSize) override;
166	qint64 writeData(const char *data, qint64 len) override;
167
168	private:
169	Q_DECLARE_PRIVATE(QSslSocket)
170	Q_DISABLE_COPY_MOVE(QSslSocket)
171
172	Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot())
173	Q_PRIVATE_SLOT(d_func(), void _q_hostFoundSlot())
174	Q_PRIVATE_SLOT(d_func(), void _q_disconnectedSlot())
175	Q_PRIVATE_SLOT(d_func(), void _q_stateChangedSlot(QAbstractSocket::SocketState))
176	Q_PRIVATE_SLOT(d_func(), void _q_errorSlot(QAbstractSocket::SocketError))
177	Q_PRIVATE_SLOT(d_func(), void _q_readyReadSlot())
178	Q_PRIVATE_SLOT(d_func(), void _q_channelReadyReadSlot(int))
179	Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64))
180	Q_PRIVATE_SLOT(d_func(), void _q_channelBytesWrittenSlot(int, qint64))
181	Q_PRIVATE_SLOT(d_func(), void _q_readChannelFinishedSlot())
182	Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer())
183	Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer())
184	Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation())
185	};
186
187	#endif // QT_NO_SSL
188
189	QT_END_NAMESPACE
190
191	#endif
192

source code of qtbase/src/network/ssl/qsslsocket.h