qsslsocket_p.h source code [qtbase/src/network/ssl/qsslsocket_p.h]

1	// Copyright (C) 2021 The Qt Company Ltd.
2	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
3
4
5	#ifndef QSSLSOCKET_P_H
6	#define QSSLSOCKET_P_H
7
8	#include "qsslsocket.h"
9
10	//
11	// W A R N I N G
12	// -------------
13	//
14	// This file is not part of the Qt API. It exists purely as an
15	// implementation detail. This header file may change from version to
16	// version without notice, or even be removed.
17	//
18	// We mean it.
19	//
20
21	#include <QtNetwork/private/qtnetworkglobal_p.h>
22
23	#include <private/qtcpsocket_p.h>
24
25	#include "qocspresponse.h"
26	#include "qsslconfiguration_p.h"
27	#include "qsslkey.h"
28	#include "qtlsbackend_p.h"
29
30	#include <QtCore/qlist.h>
31	#include <QtCore/qmutex.h>
32	#include <QtCore/qstringlist.h>
33
34	#include <memory>
35
36	QT_BEGIN_NAMESPACE
37
38	class QSslContext;
39	class QTlsBackend;
40
41	class Q_NETWORK_EXPORT QSslSocketPrivate : public QTcpSocketPrivate
42	{
43	Q_DECLARE_PUBLIC(QSslSocket)
44	public:
45	QSslSocketPrivate();
46	virtual ~QSslSocketPrivate();
47
48	void init();
49	bool verifyProtocolSupported(const char *where);
50	bool initialized;
51
52	QSslSocket::SslMode mode;
53	bool autoStartHandshake;
54	bool connectionEncrypted;
55	bool ignoreAllSslErrors;
56	QList<QSslError> ignoreErrorsList;
57	bool* readyReadEmittedPointer;
58
59	QSslConfigurationPrivate configuration;
60
61	// if set, this hostname is used for certificate validation instead of the hostname
62	// that was used for connecting to.
63	QString verificationPeerName;
64
65	bool allowRootCertOnDemandLoading;
66
67	static bool s_loadRootCertsOnDemand;
68
69	static bool supportsSsl();
70	static void ensureInitialized();
71
72	static QList<QSslCipher> defaultCiphers();
73	static QList<QSslCipher> defaultDtlsCiphers();
74	static QList<QSslCipher> supportedCiphers();
75	static void setDefaultCiphers(const QList<QSslCipher> &ciphers);
76	static void setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers);
77	static void setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers);
78
79	static QList<QSslEllipticCurve> supportedEllipticCurves();
80	static void setDefaultSupportedEllipticCurves(const QList<QSslEllipticCurve> &curves);
81	static void resetDefaultEllipticCurves();
82
83	static QList<QSslCertificate> defaultCaCertificates();
84	static QList<QSslCertificate> systemCaCertificates();
85	static void setDefaultCaCertificates(const QList<QSslCertificate> &certs);
86	static void addDefaultCaCertificate(const QSslCertificate &cert);
87	static void addDefaultCaCertificates(const QList<QSslCertificate> &certs);
88	static bool isMatchingHostname(const QSslCertificate &cert, const QString &peerName);
89	static bool isMatchingHostname(const QString &cn, const QString &hostname);
90
91	// The socket itself, including private slots.
92	QTcpSocket plainSocket = nullptr*;
93	void createPlainSocket(QIODevice::OpenMode openMode);
94	static void pauseSocketNotifiers(QSslSocket*);
95	static void resumeSocketNotifiers(QSslSocket*);
96	// ### The 2 methods below should be made member methods once the QSslContext class is made public
97	static void checkSettingSslContext(QSslSocket*, std::shared_ptr<QSslContext>);
98	static std::shared_ptr<QSslContext> sslContext(QSslSocket *socket);
99	bool isPaused() const;
100	void setPaused(bool p);
101	bool bind(const QHostAddress &address, quint16, QAbstractSocket::BindMode) override;
102	void _q_connectedSlot();
103	void _q_hostFoundSlot();
104	void _q_disconnectedSlot();
105	void _q_stateChangedSlot(QAbstractSocket::SocketState);
106	void _q_errorSlot(QAbstractSocket::SocketError);
107	void _q_readyReadSlot();
108	void _q_channelReadyReadSlot(int);
109	void _q_bytesWrittenSlot(qint64);
110	void _q_channelBytesWrittenSlot(int, qint64);
111	void _q_readChannelFinishedSlot();
112	void _q_flushWriteBuffer();
113	void _q_flushReadBuffer();
114	void _q_resumeImplementation();
115
116	static QList<QByteArray> unixRootCertDirectories(); // used also by QSslContext
117
118	qint64 peek(char *data, qint64 maxSize) override;
119	QByteArray peek(qint64 maxSize) override;
120	bool flush() override;
121
122	void startClientEncryption();
123	void startServerEncryption();
124	void transmit();
125	void disconnectFromHost();
126	void disconnected();
127	QSslCipher sessionCipher() const;
128	QSsl::SslProtocol sessionProtocol() const;
129	void continueHandshake();
130
131	static bool rootCertOnDemandLoadingSupported();
132	static void setRootCertOnDemandLoadingSupported(bool supported);
133
134	static QTlsBackend *tlsBackendInUse();
135
136	// Needed by TlsCryptograph:
137	QSslSocket::SslMode tlsMode() const;
138	bool isRootsOnDemandAllowed() const;
139	QString verificationName() const;
140	QString tlsHostName() const;
141	QTcpSocket plainTcpSocket() const*;
142	bool verifyErrorsHaveBeenIgnored();
143	bool isAutoStartingHandshake() const;
144	bool isPendingClose() const;
145	void setPendingClose(bool pc);
146	qint64 maxReadBufferSize() const;
147	void setMaxReadBufferSize(qint64 maxSize);
148	void setEncrypted(bool enc);
149	QRingBufferRef &tlsWriteBuffer();
150	QRingBufferRef &tlsBuffer();
151	bool &tlsEmittedBytesWritten();
152	bool *readyReadPointer();
153
154	protected:
155
156	bool hasUndecryptedData() const;
157	bool paused;
158	bool flushTriggered;
159
160	static inline QMutex backendMutex;
161	static inline QString activeBackendName;
162	static inline QTlsBackend tlsBackend = nullptr*;
163
164	std::unique_ptr<QTlsPrivate::TlsCryptograph> backend;
165	};
166
167	QT_END_NAMESPACE
168
169	#endif
170

source code of qtbase/src/network/ssl/qsslsocket_p.h