qsslcontext_openssl_p.h source code [qtbase/src/plugins/tls/openssl/qsslcontext_openssl_p.h]

1	// Copyright (C) 2016 The Qt Company Ltd.
2	// Copyright (C) 2014 BlackBerry Limited. All rights reserved.
3	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
4	// Qt-Security score:significant reason:default
5
6
7	#ifndef QSSLCONTEXT_OPENSSL_P_H
8	#define QSSLCONTEXT_OPENSSL_P_H
9
10	//
11	// W A R N I N G
12	// -------------
13	//
14	// This file is not part of the Qt API. It exists purely as an
15	// implementation detail. This header file may change from version to
16	// version without notice, or even be removed.
17	//
18	// We mean it.
19	//
20
21	#include <QtNetwork/private/qtnetworkglobal_p.h>
22	#include <QtCore/qvariant.h>
23	#include <QtNetwork/qsslcertificate.h>
24	#include <QtNetwork/qsslconfiguration.h>
25	#include <openssl/ssl.h>
26
27	QT_BEGIN_NAMESPACE
28
29	#ifndef QT_NO_SSL
30
31	class QSslContext
32	{
33	public:
34	Q_DISABLE_COPY_MOVE(QSslContext)
35
36	~QSslContext();
37
38	static std::shared_ptr<QSslContext> sharedFromConfiguration(QSslSocket::SslMode mode, const QSslConfiguration &configuration,
39	bool allowRootCertOnDemandLoading);
40	static std::shared_ptr<QSslContext> sharedFromPrivateConfiguration(QSslSocket::SslMode mode, QSslConfigurationPrivate *privConfiguration,
41	bool allowRootCertOnDemandLoading);
42
43	static qssloptions setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions);
44
45	QSslError::SslError error() const;
46	QString errorString() const;
47
48	SSL* createSsl();
49	bool cacheSession(SSL); // should be called when handshake completed*
50
51	QByteArray sessionASN1() const;
52	void setSessionASN1(const QByteArray &sessionASN1);
53	int sessionTicketLifeTimeHint() const;
54
55	static void forceAutoTestSecurityLevel();
56
57	#ifndef OPENSSL_NO_NEXTPROTONEG
58	// must be public because we want to use it from an OpenSSL callback
59	struct NPNContext {
60	NPNContext() : data(nullptr),
61	len(`0`),
62	status(QSslConfiguration::NextProtocolNegotiationNone)
63	{ }
64	unsigned char *data;
65	unsigned short len;
66	QSslConfiguration::NextProtocolNegotiationStatus status;
67	};
68	NPNContext npnContext() const;
69	#endif // !OPENSSL_NO_NEXTPROTONEG
70
71	protected:
72	QSslContext();
73
74	private:
75	static void initSslContext(QSslContext* sslContext, QSslSocket::SslMode mode, const QSslConfiguration &configuration,
76	bool allowRootCertOnDemandLoading);
77	static void applyBackendConfig(QSslContext *sslContext);
78
79	private:
80	SSL_CTX* ctx;
81	EVP_PKEY *pkey;
82	SSL_SESSION *session;
83	QByteArray m_sessionASN1;
84	int m_sessionTicketLifeTimeHint;
85	QSslError::SslError errorCode = {};
86	QString errorStr;
87	QSslConfiguration sslConfiguration;
88	#ifndef OPENSSL_NO_NEXTPROTONEG
89	QByteArray m_supportedNPNVersions;
90	NPNContext m_npnContext;
91	#endif // !OPENSSL_NO_NEXTPROTONEG
92	};
93
94	#endif // QT_NO_SSL
95
96	QT_END_NAMESPACE
97
98	#endif // QSSLCONTEXT_OPENSSL_P_H
99

source code of qtbase/src/plugins/tls/openssl/qsslcontext_openssl_p.h