ssl/qsslsocket.cpp

Source codeSwitch to Preprocessed file
LineSource CodeCoverage
1/****************************************************************************-
**
** Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies).
** Contact: http://www.qt-project.org/legal
**
** This file is part of the QtNetwork module of the Qt Toolkit.
**
** $QT_BEGIN_LICENSE:LGPL$
** Commercial License Usage
** Licensees holding valid commercial Qt licenses may use this file in
** accordance with the commercial license agreement provided with the
** Software or, alternatively, in accordance with the terms contained in
** a written agreement between you and Digia. For licensing terms and
** conditions see http://qt.digia.com/licensing. For further information
** use the contact form at http://qt.digia.com/contact-us.
**
** GNU Lesser General Public License Usage
** Alternatively, this file may be used under the terms of the GNU Lesser
** General Public License version 2.1 as published by the Free Software
** Foundation and appearing in the file LICENSE.LGPL included in the
** packaging of this file. Please review the following information to
** ensure the GNU Lesser General Public License version 2.1 requirements
** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
**
** In addition, as a special exception, Digia gives you certain additional
** rights. These rights are described in the Digia Qt LGPL Exception
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
**
** GNU General Public License Usage
** Alternatively, this file may be used under the terms of the GNU
** General Public License version 3.0 as published by the Free Software
** Foundation and appearing in the file LICENSE.GPL included in the
** packaging of this file. Please review the following information to
** ensure the GNU General Public License version 3.0 requirements will be
** met: http://www.gnu.org/copyleft/gpl.html.
**
**
** $QT_END_LICENSE$
**
****************************************************************************/****************************************************************************
2** -
3** Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies). -
4** Contact: http://www.qt-project.org/legal -
5** -
6** This file is part of the QtNetwork module of the Qt Toolkit. -
7** -
8** $QT_BEGIN_LICENSE:LGPL$ -
9** Commercial License Usage -
10** Licensees holding valid commercial Qt licenses may use this file in -
11** accordance with the commercial license agreement provided with the -
12** Software or, alternatively, in accordance with the terms contained in -
13** a written agreement between you and Digia. For licensing terms and -
14** conditions see http://qt.digia.com/licensing. For further information -
15** use the contact form at http://qt.digia.com/contact-us. -
16** -
17** GNU Lesser General Public License Usage -
18** Alternatively, this file may be used under the terms of the GNU Lesser -
19** General Public License version 2.1 as published by the Free Software -
20** Foundation and appearing in the file LICENSE.LGPL included in the -
21** packaging of this file. Please review the following information to -
22** ensure the GNU Lesser General Public License version 2.1 requirements -
23** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. -
24** -
25** In addition, as a special exception, Digia gives you certain additional -
26** rights. These rights are described in the Digia Qt LGPL Exception -
27** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. -
28** -
29** GNU General Public License Usage -
30** Alternatively, this file may be used under the terms of the GNU -
31** General Public License version 3.0 as published by the Free Software -
32** Foundation and appearing in the file LICENSE.GPL included in the -
33** packaging of this file. Please review the following information to -
34** ensure the GNU General Public License version 3.0 requirements will be -
35** met: http://www.gnu.org/copyleft/gpl.html. -
36** -
37** -
38** $QT_END_LICENSE$ -
39** -
40****************************************************************************/ -
41 -
42 -
43//#define QSSLSOCKET_DEBUG -
44 -
45/*! -
46 \class QSslSocket -
47 \brief The QSslSocket class provides an SSL encrypted socket for both -
48 clients and servers. -
49 \since 4.3 -
50 -
51 \reentrant -
52 \ingroup network -
53 \ingroup ssl -
54 \inmodule QtNetwork -
55 -
56 QSslSocket establishes a secure, encrypted TCP connection you can -
57 use for transmitting encrypted data. It can operate in both client -
58 and server mode, and it supports modern SSL protocols, including -
59 SSLv3 and TLSv1_0. By default, QSslSocket uses TLSv1_0, but you can -
60 change the SSL protocol by calling setProtocol() as long as you do -
61 it before the handshake has started. -
62 -
63 SSL encryption operates on top of the existing TCP stream after -
64 the socket enters the ConnectedState. There are two simple ways to -
65 establish a secure connection using QSslSocket: With an immediate -
66 SSL handshake, or with a delayed SSL handshake occurring after the -
67 connection has been established in unencrypted mode. -
68 -
69 The most common way to use QSslSocket is to construct an object -
70 and start a secure connection by calling connectToHostEncrypted(). -
71 This method starts an immediate SSL handshake once the connection -
72 has been established. -
73 -
74 \snippet code/src_network_ssl_qsslsocket.cpp 0 -
75 -
76 As with a plain QTcpSocket, QSslSocket enters the HostLookupState, -
77 ConnectingState, and finally the ConnectedState, if the connection -
78 is successful. The handshake then starts automatically, and if it -
79 succeeds, the encrypted() signal is emitted to indicate the socket -
80 has entered the encrypted state and is ready for use. -
81 -
82 Note that data can be written to the socket immediately after the -
83 return from connectToHostEncrypted() (i.e., before the encrypted() -
84 signal is emitted). The data is queued in QSslSocket until after -
85 the encrypted() signal is emitted. -
86 -
87 An example of using the delayed SSL handshake to secure an -
88 existing connection is the case where an SSL server secures an -
89 incoming connection. Suppose you create an SSL server class as a -
90 subclass of QTcpServer. You would override -
91 QTcpServer::incomingConnection() with something like the example -
92 below, which first constructs an instance of QSslSocket and then -
93 calls setSocketDescriptor() to set the new socket's descriptor to -
94 the existing one passed in. It then initiates the SSL handshake -
95 by calling startServerEncryption(). -
96 -
97 \snippet code/src_network_ssl_qsslsocket.cpp 1 -
98 -
99 If an error occurs, QSslSocket emits the sslErrors() signal. In this -
100 case, if no action is taken to ignore the error(s), the connection -
101 is dropped. To continue, despite the occurrence of an error, you -
102 can call ignoreSslErrors(), either from within this slot after the -
103 error occurs, or any time after construction of the QSslSocket and -
104 before the connection is attempted. This will allow QSslSocket to -
105 ignore the errors it encounters when establishing the identity of -
106 the peer. Ignoring errors during an SSL handshake should be used -
107 with caution, since a fundamental characteristic of secure -
108 connections is that they should be established with a successful -
109 handshake. -
110 -
111 Once encrypted, you use QSslSocket as a regular QTcpSocket. When -
112 readyRead() is emitted, you can call read(), canReadLine() and -
113 readLine(), or getChar() to read decrypted data from QSslSocket's -
114 internal buffer, and you can call write() or putChar() to write -
115 data back to the peer. QSslSocket will automatically encrypt the -
116 written data for you, and emit encryptedBytesWritten() once -
117 the data has been written to the peer. -
118 -
119 As a convenience, QSslSocket supports QTcpSocket's blocking -
120 functions waitForConnected(), waitForReadyRead(), -
121 waitForBytesWritten(), and waitForDisconnected(). It also provides -
122 waitForEncrypted(), which will block the calling thread until an -
123 encrypted connection has been established. -
124 -
125 \snippet code/src_network_ssl_qsslsocket.cpp 2 -
126 -
127 QSslSocket provides an extensive, easy-to-use API for handling -
128 cryptographic ciphers, private keys, and local, peer, and -
129 Certification Authority (CA) certificates. It also provides an API -
130 for handling errors that occur during the handshake phase. -
131 -
132 The following features can also be customized: -
133 -
134 \list -
135 \li The socket's cryptographic cipher suite can be customized before -
136 the handshake phase with setCiphers() and setDefaultCiphers(). -
137 \li The socket's local certificate and private key can be customized -
138 before the handshake phase with setLocalCertificate() and -
139 setPrivateKey(). -
140 \li The CA certificate database can be extended and customized with -
141 addCaCertificate(), addCaCertificates(), setCaCertificates(), -
142 addDefaultCaCertificate(), addDefaultCaCertificates(), and -
143 setDefaultCaCertificates(). -
144 \endlist -
145 -
146 \note If available, root certificates on Unix (excluding Mac OS X) will be -
147 loaded on demand from the standard certificate directories. If -
148 you do not want to load root certificates on demand, you need to call either -
149 the static function setDefaultCaCertificates() before the first SSL handshake -
150 is made in your application, (e.g. via -
151 "QSslSocket::setDefaultCaCertificates(QSslSocket::systemCaCertificates());"), -
152 or call setCaCertificates() on your QSslSocket instance prior to the SSL -
153 handshake. -
154 -
155 For more information about ciphers and certificates, refer to QSslCipher and -
156 QSslCertificate. -
157 -
158 This product includes software developed by the OpenSSL Project -
159 for use in the OpenSSL Toolkit (\l{http://www.openssl.org/}). -
160 -
161 \note Be aware of the difference between the bytesWritten() signal and -
162 the encryptedBytesWritten() signal. For a QTcpSocket, bytesWritten() -
163 will get emitted as soon as data has been written to the TCP socket. -
164 For a QSslSocket, bytesWritten() will get emitted when the data -
165 is being encrypted and encryptedBytesWritten() -
166 will get emitted as soon as data has been written to the TCP socket. -
167 -
168 \sa QSslCertificate, QSslCipher, QSslError -
169*/ -
170 -
171/*! -
172 \enum QSslSocket::SslMode -
173 -
174 Describes the connection modes available for QSslSocket. -
175 -
176 \value UnencryptedMode The socket is unencrypted. Its -
177 behavior is identical to QTcpSocket. -
178 -
179 \value SslClientMode The socket is a client-side SSL socket. -
180 It is either alreayd encrypted, or it is in the SSL handshake -
181 phase (see QSslSocket::isEncrypted()). -
182 -
183 \value SslServerMode The socket is a server-side SSL socket. -
184 It is either already encrypted, or it is in the SSL handshake -
185 phase (see QSslSocket::isEncrypted()). -
186*/ -
187 -
188/*! -
189 \enum QSslSocket::PeerVerifyMode -
190 \since 4.4 -
191 -
192 Describes the peer verification modes for QSslSocket. The default mode is -
193 AutoVerifyPeer, which selects an appropriate mode depending on the -
194 socket's QSocket::SslMode. -
195 -
196 \value VerifyNone QSslSocket will not request a certificate from the -
197 peer. You can set this mode if you are not interested in the identity of -
198 the other side of the connection. The connection will still be encrypted, -
199 and your socket will still send its local certificate to the peer if it's -
200 requested. -
201 -
202 \value QueryPeer QSslSocket will request a certificate from the peer, but -
203 does not require this certificate to be valid. This is useful when you -
204 want to display peer certificate details to the user without affecting the -
205 actual SSL handshake. This mode is the default for servers. -
206 -
207 \value VerifyPeer QSslSocket will request a certificate from the peer -
208 during the SSL handshake phase, and requires that this certificate is -
209 valid. On failure, QSslSocket will emit the QSslSocket::sslErrors() -
210 signal. This mode is the default for clients. -
211 -
212 \value AutoVerifyPeer QSslSocket will automatically use QueryPeer for -
213 server sockets and VerifyPeer for client sockets. -
214 -
215 \sa QSslSocket::peerVerifyMode() -
216*/ -
217 -
218/*! -
219 \fn QSslSocket::encrypted() -
220 -
221 This signal is emitted when QSslSocket enters encrypted mode. After this -
222 signal has been emitted, QSslSocket::isEncrypted() will return true, and -
223 all further transmissions on the socket will be encrypted. -
224 -
225 \sa QSslSocket::connectToHostEncrypted(), QSslSocket::isEncrypted() -
226*/ -
227 -
228/*! -
229 \fn QSslSocket::modeChanged(QSslSocket::SslMode mode) -
230 -
231 This signal is emitted when QSslSocket changes from \l -
232 QSslSocket::UnencryptedMode to either \l QSslSocket::SslClientMode or \l -
233 QSslSocket::SslServerMode. \a mode is the new mode. -
234 -
235 \sa QSslSocket::mode() -
236*/ -
237 -
238/*! -
239 \fn QSslSocket::encryptedBytesWritten(qint64 written) -
240 \since 4.4 -
241 -
242 This signal is emitted when QSslSocket writes its encrypted data to the -
243 network. The \a written parameter contains the number of bytes that were -
244 successfully written. -
245 -
246 \sa QIODevice::bytesWritten() -
247*/ -
248 -
249/*! -
250 \fn void QSslSocket::peerVerifyError(const QSslError &error) -
251 \since 4.4 -
252 -
253 QSslSocket can emit this signal several times during the SSL handshake, -
254 before encryption has been established, to indicate that an error has -
255 occurred while establishing the identity of the peer. The \a error is -
256 usually an indication that QSslSocket is unable to securely identify the -
257 peer. -
258 -
259 This signal provides you with an early indication when something's wrong. -
260 By connecting to this signal, you can manually choose to tear down the -
261 connection from inside the connected slot before the handshake has -
262 completed. If no action is taken, QSslSocket will proceed to emitting -
263 QSslSocket::sslErrors(). -
264 -
265 \sa sslErrors() -
266*/ -
267 -
268/*! -
269 \fn void QSslSocket::sslErrors(const QList<QSslError> &errors); -
270 -
271 QSslSocket emits this signal after the SSL handshake to indicate that one -
272 or more errors have occurred while establishing the identity of the -
273 peer. The errors are usually an indication that QSslSocket is unable to -
274 securely identify the peer. Unless any action is taken, the connection -
275 will be dropped after this signal has been emitted. -
276 -
277 If you want to continue connecting despite the errors that have occurred, -
278 you must call QSslSocket::ignoreSslErrors() from inside a slot connected to -
279 this signal. If you need to access the error list at a later point, you -
280 can call sslErrors() (without arguments). -
281 -
282 \a errors contains one or more errors that prevent QSslSocket from -
283 verifying the identity of the peer. -
284 -
285 Note: You cannot use Qt::QueuedConnection when connecting to this signal, -
286 or calling QSslSocket::ignoreSslErrors() will have no effect. -
287 -
288 \sa peerVerifyError() -
289*/ -
290 -
291#include "qsslsocket.h" -
292#include "qsslcipher.h" -
293#include "qsslsocket_openssl_p.h" -
294#include "qsslconfiguration_p.h" -
295 -
296#include <QtCore/qdebug.h> -
297#include <QtCore/qdir.h> -
298#include <QtCore/qmutex.h> -
299#include <QtCore/qelapsedtimer.h> -
300#include <QtNetwork/qhostaddress.h> -
301#include <QtNetwork/qhostinfo.h> -
302 -
303QT_BEGIN_NAMESPACE -
304 -
305/* -
306 Returns the difference between msecs and elapsed. If msecs is -1, -
307 however, -1 is returned. -
308*/ -
309static int qt_timeout_value(int msecs, int elapsed) -
310{ -
311 if (msecs == -1) -
312 return -1; -
313 -
314 int timeout = msecs - elapsed; -
315 return timeout < 0 ? 0 : timeout; -
316} -
317 -
318class QSslSocketGlobalData -
319{ -
320public: -
321 QSslSocketGlobalData() : config(new QSslConfigurationPrivate) {} -
322 -
323 QMutex mutex; -
324 QList<QSslCipher> supportedCiphers; -
325 QExplicitlySharedDataPointer<QSslConfigurationPrivate> config; -
326}; -
327Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData) -
328 -
329/*! -
330 Constructs a QSslSocket object. \a parent is passed to QObject's -
331 constructor. The new socket's \l {QSslCipher} {cipher} suite is -
332 set to the one returned by the static method defaultCiphers(). -
333*/ -
334QSslSocket::QSslSocket(QObject *parent) -
335 : QTcpSocket(*new QSslSocketBackendPrivate, parent) -
336{ -
337 Q_D(QSslSocket); -
338#ifdef QSSLSOCKET_DEBUG -
339 qDebug() << "QSslSocket::QSslSocket(" << parent << "), this =" << (void *)this; -
340#endif -
341 d->q_ptr = this; -
342 d->init(); -
343} -
344 -
345/*! -
346 Destroys the QSslSocket. -
347*/ -
348QSslSocket::~QSslSocket() -
349{ -
350 Q_D(QSslSocket); -
351#ifdef QSSLSOCKET_DEBUG -
352 qDebug() << "QSslSocket::~QSslSocket(), this =" << (void *)this; -
353#endif -
354 delete d->plainSocket; -
355 d->plainSocket = 0; -
356} -
357 -
358/*! -
359 \reimp -
360 -
361 \since 5.0 -
362 -
363 Continues data transfer on the socket after it has been paused. If -
364 "setPauseMode(QAbstractSocket::PauseOnSslErrors);" has been called on -
365 this socket and a sslErrors() signal is received, calling this method -
366 is necessary for the socket to continue. -
367 -
368 \sa QAbstractSocket::pauseMode(), QAbstractSocket::setPauseMode() -
369*/ -
370void QSslSocket::resume() -
371{ -
372 // continuing might emit signals, rather do this through the event loop -
373 QMetaObject::invokeMethod(this, "_q_resumeImplementation", Qt::QueuedConnection); -
374} -
375 -
376/*! -
377 Starts an encrypted connection to the device \a hostName on \a -
378 port, using \a mode as the \l OpenMode. This is equivalent to -
379 calling connectToHost() to establish the connection, followed by a -
380 call to startClientEncryption(). The \a protocol parameter can be -
381 used to specify which network protocol to use (eg. IPv4 or IPv6). -
382 -
383 QSslSocket first enters the HostLookupState. Then, after entering -
384 either the event loop or one of the waitFor...() functions, it -
385 enters the ConnectingState, emits connected(), and then initiates -
386 the SSL client handshake. At each state change, QSslSocket emits -
387 signal stateChanged(). -
388 -
389 After initiating the SSL client handshake, if the identity of the -
390 peer can't be established, signal sslErrors() is emitted. If you -
391 want to ignore the errors and continue connecting, you must call -
392 ignoreSslErrors(), either from inside a slot function connected to -
393 the sslErrors() signal, or prior to entering encrypted mode. If -
394 ignoreSslErrors() is not called, the connection is dropped, signal -
395 disconnected() is emitted, and QSslSocket returns to the -
396 UnconnectedState. -
397 -
398 If the SSL handshake is successful, QSslSocket emits encrypted(). -
399 -
400 \snippet code/src_network_ssl_qsslsocket.cpp 3 -
401 -
402 \b{Note:} The example above shows that text can be written to -
403 the socket immediately after requesting the encrypted connection, -
404 before the encrypted() signal has been emitted. In such cases, the -
405 text is queued in the object and written to the socket \e after -
406 the connection is established and the encrypted() signal has been -
407 emitted. -
408 -
409 The default for \a mode is \l ReadWrite. -
410 -
411 If you want to create a QSslSocket on the server side of a connection, you -
412 should instead call startServerEncryption() upon receiving the incoming -
413 connection through QTcpServer. -
414 -
415 \sa connectToHost(), startClientEncryption(), waitForConnected(), waitForEncrypted() -
416*/ -
417void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode, NetworkLayerProtocol protocol) -
418{ -
419 Q_D(QSslSocket); -
420 if (d->state == ConnectedState || d->state == ConnectingState) { -
421 qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected"); -
422 return; -
423 } -
424 -
425 d->init(); -
426 d->autoStartHandshake = true; -
427 d->initialized = true; -
428 -
429 // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs) -
430 // establish the connection immediately (i.e., first attempt). -
431 connectToHost(hostName, port, mode, protocol); -
432} -
433 -
434/*! -
435 \since 4.6 -
436 \overload -
437 -
438 In addition to the original behaviour of connectToHostEncrypted, -
439 this overloaded method enables the usage of a different hostname -
440 (\a sslPeerName) for the certificate validation instead of -
441 the one used for the TCP connection (\a hostName). -
442 -
443 \sa connectToHostEncrypted() -
444*/ -
445void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, -
446 const QString &sslPeerName, OpenMode mode, -
447 NetworkLayerProtocol protocol) -
448{ -
449 Q_D(QSslSocket); -
450 if (d->state == ConnectedState || d->state == ConnectingState) { -
451 qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected"); -
452 return; -
453 } -
454 -
455 d->init(); -
456 d->autoStartHandshake = true; -
457 d->initialized = true; -
458 d->verificationPeerName = sslPeerName; -
459 -
460 // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs) -
461 // establish the connection immediately (i.e., first attempt). -
462 connectToHost(hostName, port, mode, protocol); -
463} -
464 -
465/*! -
466 Initializes QSslSocket with the native socket descriptor \a -
467 socketDescriptor. Returns true if \a socketDescriptor is accepted -
468 as a valid socket descriptor; otherwise returns false. -
469 The socket is opened in the mode specified by \a openMode, and -
470 enters the socket state specified by \a state. -
471 -
472 \b{Note:} It is not possible to initialize two sockets with the same -
473 native socket descriptor. -
474 -
475 \sa socketDescriptor() -
476*/ -
477bool QSslSocket::setSocketDescriptor(qintptr socketDescriptor, SocketState state, OpenMode openMode) -
478{ -
479 Q_D(QSslSocket); -
480#ifdef QSSLSOCKET_DEBUG -
481 qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ',' -
482 << state << ',' << openMode << ')'; -
483#endif -
484 if (!d->plainSocket) -
485 d->createPlainSocket(openMode); -
486 bool retVal = d->plainSocket->setSocketDescriptor(socketDescriptor, state, openMode); -
487 d->cachedSocketDescriptor = d->plainSocket->socketDescriptor(); -
488 setSocketError(d->plainSocket->error()); -
489 setSocketState(state); -
490 setOpenMode(openMode); -
491 setLocalPort(d->plainSocket->localPort()); -
492 setLocalAddress(d->plainSocket->localAddress()); -
493 setPeerPort(d->plainSocket->peerPort()); -
494 setPeerAddress(d->plainSocket->peerAddress()); -
495 setPeerName(d->plainSocket->peerName()); -
496 return retVal; -
497} -
498 -
499/*! -
500 \since 4.6 -
501 Sets the given \a option to the value described by \a value. -
502 -
503 \sa socketOption() -
504*/ -
505void QSslSocket::setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) -
506{ -
507 Q_D(QSslSocket); -
508 if (d->plainSocket) -
509 d->plainSocket->setSocketOption(option, value); -
510} -
511 -
512/*! -
513 \since 4.6 -
514 Returns the value of the \a option option. -
515 -
516 \sa setSocketOption() -
517*/ -
518QVariant QSslSocket::socketOption(QAbstractSocket::SocketOption option) -
519{ -
520 Q_D(QSslSocket); -
521 if (d->plainSocket) -
522 return d->plainSocket->socketOption(option); -
523 else -
524 return QVariant(); -
525} -
526 -
527/*! -
528 Returns the current mode for the socket; either UnencryptedMode, where -
529 QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or -
530 SslServerMode, where the client is either negotiating or in encrypted -
531 mode. -
532 -
533 When the mode changes, QSslSocket emits modeChanged() -
534 -
535 \sa SslMode -
536*/ -
537QSslSocket::SslMode QSslSocket::mode() const -
538{ -
539 Q_D(const QSslSocket); -
540 return d->mode; -
541} -
542 -
543/*! -
544 Returns true if the socket is encrypted; otherwise, false is returned. -
545 -
546 An encrypted socket encrypts all data that is written by calling write() -
547 or putChar() before the data is written to the network, and decrypts all -
548 incoming data as the data is received from the network, before you call -
549 read(), readLine() or getChar(). -
550 -
551 QSslSocket emits encrypted() when it enters encrypted mode. -
552 -
553 You can call sessionCipher() to find which cryptographic cipher is used to -
554 encrypt and decrypt your data. -
555 -
556 \sa mode() -
557*/ -
558bool QSslSocket::isEncrypted() const -
559{ -
560 Q_D(const QSslSocket); -
561 return d->connectionEncrypted; -
562} -
563 -
564/*! -
565 Returns the socket's SSL protocol. By default, \l QSsl::SecureProtocols is used. -
566 -
567 \sa setProtocol() -
568*/ -
569QSsl::SslProtocol QSslSocket::protocol() const -
570{ -
571 Q_D(const QSslSocket); -
572 return d->configuration.protocol; -
573} -
574 -
575/*! -
576 Sets the socket's SSL protocol to \a protocol. This will affect the next -
577 initiated handshake; calling this function on an already-encrypted socket -
578 will not affect the socket's protocol. -
579*/ -
580void QSslSocket::setProtocol(QSsl::SslProtocol protocol) -
581{ -
582 Q_D(QSslSocket); -
583 d->configuration.protocol = protocol; -
584} -
585 -
586/*! -
587 \since 4.4 -
588 -
589 Returns the socket's verify mode. This mode decides whether -
590 QSslSocket should request a certificate from the peer (i.e., the client -
591 requests a certificate from the server, or a server requesting a -
592 certificate from the client), and whether it should require that this -
593 certificate is valid. -
594 -
595 The default mode is AutoVerifyPeer, which tells QSslSocket to use -
596 VerifyPeer for clients and QueryPeer for servers. -
597 -
598 \sa setPeerVerifyMode(), peerVerifyDepth(), mode() -
599*/ -
600QSslSocket::PeerVerifyMode QSslSocket::peerVerifyMode() const -
601{ -
602 Q_D(const QSslSocket); -
603 return d->configuration.peerVerifyMode; -
604} -
605 -
606/*! -
607 \since 4.4 -
608 -
609 Sets the socket's verify mode to \a mode. This mode decides whether -
610 QSslSocket should request a certificate from the peer (i.e., the client -
611 requests a certificate from the server, or a server requesting a -
612 certificate from the client), and whether it should require that this -
613 certificate is valid. -
614 -
615 The default mode is AutoVerifyPeer, which tells QSslSocket to use -
616 VerifyPeer for clients and QueryPeer for servers. -
617 -
618 Setting this mode after encryption has started has no effect on the -
619 current connection. -
620 -
621 \sa peerVerifyMode(), setPeerVerifyDepth(), mode() -
622*/ -
623void QSslSocket::setPeerVerifyMode(QSslSocket::PeerVerifyMode mode) -
624{ -
625 Q_D(QSslSocket); -
626 d->configuration.peerVerifyMode = mode; -
627} -
628 -
629/*! -
630 \since 4.4 -
631 -
632 Returns the maximum number of certificates in the peer's certificate chain -
633 to be checked during the SSL handshake phase, or 0 (the default) if no -
634 maximum depth has been set, indicating that the whole certificate chain -
635 should be checked. -
636 -
637 The certificates are checked in issuing order, starting with the peer's -
638 own certificate, then its issuer's certificate, and so on. -
639 -
640 \sa setPeerVerifyDepth(), peerVerifyMode() -
641*/ -
642int QSslSocket::peerVerifyDepth() const -
643{ -
644 Q_D(const QSslSocket); -
645 return d->configuration.peerVerifyDepth; -
646} -
647 -
648/*! -
649 \since 4.4 -
650 -
651 Sets the maximum number of certificates in the peer's certificate chain to -
652 be checked during the SSL handshake phase, to \a depth. Setting a depth of -
653 0 means that no maximum depth is set, indicating that the whole -
654 certificate chain should be checked. -
655 -
656 The certificates are checked in issuing order, starting with the peer's -
657 own certificate, then its issuer's certificate, and so on. -
658 -
659 \sa peerVerifyDepth(), setPeerVerifyMode() -
660*/ -
661void QSslSocket::setPeerVerifyDepth(int depth) -
662{ -
663 Q_D(QSslSocket); -
664 if (depth < 0) { -
665 qWarning("QSslSocket::setPeerVerifyDepth: cannot set negative depth of %d", depth); -
666 return; -
667 } -
668 d->configuration.peerVerifyDepth = depth; -
669} -
670 -
671/*! -
672 \since 4.8 -
673 -
674 Returns the different hostname for the certificate validation, as set by -
675 setPeerVerifyName or by connectToHostEncrypted. -
676 -
677 \sa setPeerVerifyName(), connectToHostEncrypted() -
678*/ -
679QString QSslSocket::peerVerifyName() const -
680{ -
681 Q_D(const QSslSocket); -
682 return d->verificationPeerName; -
683} -
684 -
685/*! -
686 \since 4.8 -
687 -
688 Sets a different host name, given by \a hostName, for the certificate -
689 validation instead of the one used for the TCP connection. -
690 -
691 \sa connectToHostEncrypted() -
692*/ -
693void QSslSocket::setPeerVerifyName(const QString &hostName) -
694{ -
695 Q_D(QSslSocket); -
696 d->verificationPeerName = hostName; -
697} -
698 -
699/*! -
700 \reimp -
701 -
702 Returns the number of decrypted bytes that are immediately available for -
703 reading. -
704*/ -
705qint64 QSslSocket::bytesAvailable() const -
706{ -
707 Q_D(const QSslSocket); -
708 if (d->mode == UnencryptedMode) -
709 return QIODevice::bytesAvailable() + (d->plainSocket ? d->plainSocket->bytesAvailable() : 0); -
710 return QIODevice::bytesAvailable(); -
711} -
712 -
713/*! -
714 \reimp -
715 -
716 Returns the number of unencrypted bytes that are waiting to be encrypted -
717 and written to the network. -
718*/ -
719qint64 QSslSocket::bytesToWrite() const -
720{ -
721 Q_D(const QSslSocket); -
722 if (d->mode == UnencryptedMode) -
723 return d->plainSocket ? d->plainSocket->bytesToWrite() : 0; -
724 return d->writeBuffer.size(); -
725} -
726 -
727/*! -
728 \since 4.4 -
729 -
730 Returns the number of encrypted bytes that are awaiting decryption. -
731 Normally, this function will return 0 because QSslSocket decrypts its -
732 incoming data as soon as it can. -
733*/ -
734qint64 QSslSocket::encryptedBytesAvailable() const -
735{ -
736 Q_D(const QSslSocket); -
737 if (d->mode == UnencryptedMode) -
738 return 0; -
739 return d->plainSocket->bytesAvailable(); -
740} -
741 -
742/*! -
743 \since 4.4 -
744 -
745 Returns the number of encrypted bytes that are waiting to be written to -
746 the network. -
747*/ -
748qint64 QSslSocket::encryptedBytesToWrite() const -
749{ -
750 Q_D(const QSslSocket); -
751 if (d->mode == UnencryptedMode) -
752 return 0; -
753 return d->plainSocket->bytesToWrite(); -
754} -
755 -
756/*! -
757 \reimp -
758 -
759 Returns true if you can read one while line (terminated by a single ASCII -
760 '\\n' character) of decrypted characters; otherwise, false is returned. -
761*/ -
762bool QSslSocket::canReadLine() const -
763{ -
764 Q_D(const QSslSocket); -
765 if (d->mode == UnencryptedMode) -
766 return QIODevice::canReadLine() || (d->plainSocket && d->plainSocket->canReadLine()); -
767 return QIODevice::canReadLine(); -
768} -
769 -
770/*! -
771 \reimp -
772*/ -
773void QSslSocket::close() -
774{ -
775#ifdef QSSLSOCKET_DEBUG -
776 qDebug() << "QSslSocket::close()"; -
777#endif -
778 Q_D(QSslSocket); -
779 if (d->plainSocket) -
780 d->plainSocket->close(); -
781 QTcpSocket::close(); -
782 -
783 // must be cleared, reading/writing not possible on closed socket: -
784 d->buffer.clear(); -
785 d->writeBuffer.clear(); -
786} -
787 -
788/*! -
789 \reimp -
790*/ -
791bool QSslSocket::atEnd() const -
792{ -
793 Q_D(const QSslSocket); -
794 if (d->mode == UnencryptedMode) -
795 return QIODevice::atEnd() && (!d->plainSocket || d->plainSocket->atEnd()); -
796 return QIODevice::atEnd(); -
797} -
798 -
799/*! -
800 This function writes as much as possible from the internal write buffer to -
801 the underlying network socket, without blocking. If any data was written, -
802 this function returns true; otherwise false is returned. -
803 -
804 Call this function if you need QSslSocket to start sending buffered data -
805 immediately. The number of bytes successfully written depends on the -
806 operating system. In most cases, you do not need to call this function, -
807 because QAbstractSocket will start sending data automatically once control -
808 goes back to the event loop. In the absence of an event loop, call -
809 waitForBytesWritten() instead. -
810 -
811 \sa write(), waitForBytesWritten() -
812*/ -
813// Note! docs copied from QAbstractSocket::flush() -
814bool QSslSocket::flush() -
815{ -
816 Q_D(QSslSocket); -
817#ifdef QSSLSOCKET_DEBUG -
818 qDebug() << "QSslSocket::flush()"; -
819#endif -
820 if (d->mode != UnencryptedMode) -
821 // encrypt any unencrypted bytes in our buffer -
822 d->transmit(); -
823 -
824 return d->plainSocket ? d->plainSocket->flush() : false; -
825} -
826 -
827/*! -
828 \since 4.4 -
829 -
830 Sets the size of QSslSocket's internal read buffer to be \a size bytes. -
831*/ -
832void QSslSocket::setReadBufferSize(qint64 size) -
833{ -
834 Q_D(QSslSocket); -
835 d->readBufferMaxSize = size; -
836 -
837 if (d->plainSocket) -
838 d->plainSocket->setReadBufferSize(size); -
839} -
840 -
841/*! -
842 Aborts the current connection and resets the socket. Unlike -
843 disconnectFromHost(), this function immediately closes the socket, -
844 clearing any pending data in the write buffer. -
845 -
846 \sa disconnectFromHost(), close() -
847*/ -
848void QSslSocket::abort() -
849{ -
850 Q_D(QSslSocket); -
851#ifdef QSSLSOCKET_DEBUG -
852 qDebug() << "QSslSocket::abort()"; -
853#endif -
854 if (d->plainSocket) -
855 d->plainSocket->abort(); -
856 close(); -
857} -
858 -
859/*! -
860 \since 4.4 -
861 -
862 Returns the socket's SSL configuration state. The default SSL -
863 configuration of a socket is to use the default ciphers, -
864 default CA certificates, no local private key or certificate. -
865 -
866 The SSL configuration also contains fields that can change with -
867 time without notice. -
868 -
869 \sa localCertificate(), peerCertificate(), peerCertificateChain(), -
870 sessionCipher(), privateKey(), ciphers(), caCertificates() -
871*/ -
872QSslConfiguration QSslSocket::sslConfiguration() const -
873{ -
874 Q_D(const QSslSocket); -
875 -
876 // create a deep copy of our configuration -
877 QSslConfigurationPrivate *copy = new QSslConfigurationPrivate(d->configuration); -
878 copy->ref.store(0); // the QSslConfiguration constructor refs up -
879 copy->sessionCipher = d->sessionCipher(); -
880 -
881 return QSslConfiguration(copy); -
882} -
883 -
884/*! -
885 \since 4.4 -
886 -
887 Sets the socket's SSL configuration to be the contents of \a configuration. -
888 This function sets the local certificate, the ciphers, the private key and the CA -
889 certificates to those stored in \a configuration. -
890 -
891 It is not possible to set the SSL-state related fields. -
892 -
893 \sa setLocalCertificate(), setPrivateKey(), setCaCertificates(), setCiphers() -
894*/ -
895void QSslSocket::setSslConfiguration(const QSslConfiguration &configuration) -
896{ -
897 Q_D(QSslSocket);
executed (the execution status of this line is deduced): QSslSocketPrivate * const d = d_func();
-
898 d->configuration.localCertificate = configuration.localCertificate();
executed (the execution status of this line is deduced): d->configuration.localCertificate = configuration.localCertificate();
-
899 d->configuration.privateKey = configuration.privateKey();
executed (the execution status of this line is deduced): d->configuration.privateKey = configuration.privateKey();
-
900 d->configuration.ciphers = configuration.ciphers();
executed (the execution status of this line is deduced): d->configuration.ciphers = configuration.ciphers();
-
901 d->configuration.caCertificates = configuration.caCertificates();
executed (the execution status of this line is deduced): d->configuration.caCertificates = configuration.caCertificates();
-
902 d->configuration.peerVerifyDepth = configuration.peerVerifyDepth();
executed (the execution status of this line is deduced): d->configuration.peerVerifyDepth = configuration.peerVerifyDepth();
-
903 d->configuration.peerVerifyMode = configuration.peerVerifyMode();
executed (the execution status of this line is deduced): d->configuration.peerVerifyMode = configuration.peerVerifyMode();
-
904 d->configuration.protocol = configuration.protocol();
executed (the execution status of this line is deduced): d->configuration.protocol = configuration.protocol();
-
905 d->configuration.sslOptions = configuration.d->sslOptions;
executed (the execution status of this line is deduced): d->configuration.sslOptions = configuration.d->sslOptions;
-
906 -
907 // if the CA certificates were set explicitly (either via -
908 // QSslConfiguration::setCaCertificates() or QSslSocket::setCaCertificates(), -
909 // we cannot load the certificates on demand -
910 if (!configuration.d->allowRootCertOnDemandLoading)
partially evaluated: !configuration.d->allowRootCertOnDemandLoading
TRUEFALSE
yes
Evaluation Count:42
no
Evaluation Count:0
0-42
911 d->allowRootCertOnDemandLoading = false;
executed: d->allowRootCertOnDemandLoading = false;
Execution Count:42
42
912}
executed: }
Execution Count:42
42
913 -
914/*! -
915 Sets the socket's local certificate to \a certificate. The local -
916 certificate is necessary if you need to confirm your identity to the -
917 peer. It is used together with the private key; if you set the local -
918 certificate, you must also set the private key. -
919 -
920 The local certificate and private key are always necessary for server -
921 sockets, but are also rarely used by client sockets if the server requires -
922 the client to authenticate. -
923 -
924 \sa localCertificate(), setPrivateKey() -
925*/ -
926void QSslSocket::setLocalCertificate(const QSslCertificate &certificate) -
927{ -
928 Q_D(QSslSocket); -
929 d->configuration.localCertificate = certificate; -
930} -
931 -
932/*! -
933 \overload -
934 -
935 Sets the socket's local \l {QSslCertificate} {certificate} to the -
936 first one found in file \a path, which is parsed according to the -
937 specified \a format. -
938*/ -
939void QSslSocket::setLocalCertificate(const QString &path, -
940 QSsl::EncodingFormat format) -
941{ -
942 Q_D(QSslSocket); -
943 QFile file(path); -
944 if (file.open(QIODevice::ReadOnly | QIODevice::Text)) -
945 d->configuration.localCertificate = QSslCertificate(file.readAll(), format); -
946} -
947 -
948/*! -
949 Returns the socket's local \l {QSslCertificate} {certificate}, or -
950 an empty certificate if no local certificate has been assigned. -
951 -
952 \sa setLocalCertificate(), privateKey() -
953*/ -
954QSslCertificate QSslSocket::localCertificate() const -
955{ -
956 Q_D(const QSslSocket); -
957 return d->configuration.localCertificate; -
958} -
959 -
960/*! -
961 Returns the peer's digital certificate (i.e., the immediate -
962 certificate of the host you are connected to), or a null -
963 certificate, if the peer has not assigned a certificate. -
964 -
965 The peer certificate is checked automatically during the -
966 handshake phase, so this function is normally used to fetch -
967 the certificate for display or for connection diagnostic -
968 purposes. It contains information about the peer, including -
969 its host name, the certificate issuer, and the peer's public -
970 key. -
971 -
972 Because the peer certificate is set during the handshake phase, it -
973 is safe to access the peer certificate from a slot connected to -
974 the sslErrors() signal or the encrypted() signal. -
975 -
976 If a null certificate is returned, it can mean the SSL handshake -
977 failed, or it can mean the host you are connected to doesn't have -
978 a certificate, or it can mean there is no connection. -
979 -
980 If you want to check the peer's complete chain of certificates, -
981 use peerCertificateChain() to get them all at once. -
982 -
983 \sa peerCertificateChain() -
984*/ -
985QSslCertificate QSslSocket::peerCertificate() const -
986{ -
987 Q_D(const QSslSocket); -
988 return d->configuration.peerCertificate; -
989} -
990 -
991/*! -
992 Returns the peer's chain of digital certificates, or an empty list -
993 of certificates. -
994 -
995 Peer certificates are checked automatically during the handshake -
996 phase. This function is normally used to fetch certificates for -
997 display, or for performing connection diagnostics. Certificates -
998 contain information about the peer and the certificate issuers, -
999 including host name, issuer names, and issuer public keys. -
1000 -
1001 The peer certificates are set in QSslSocket during the handshake -
1002 phase, so it is safe to call this function from a slot connected -
1003 to the sslErrors() signal or the encrypted() signal. -
1004 -
1005 If an empty list is returned, it can mean the SSL handshake -
1006 failed, or it can mean the host you are connected to doesn't have -
1007 a certificate, or it can mean there is no connection. -
1008 -
1009 If you want to get only the peer's immediate certificate, use -
1010 peerCertificate(). -
1011 -
1012 \sa peerCertificate() -
1013*/ -
1014QList<QSslCertificate> QSslSocket::peerCertificateChain() const -
1015{ -
1016 Q_D(const QSslSocket); -
1017 return d->configuration.peerCertificateChain; -
1018} -
1019 -
1020/*! -
1021 Returns the socket's cryptographic \l {QSslCipher} {cipher}, or a -
1022 null cipher if the connection isn't encrypted. The socket's cipher -
1023 for the session is set during the handshake phase. The cipher is -
1024 used to encrypt and decrypt data transmitted through the socket. -
1025 -
1026 QSslSocket also provides functions for setting the ordered list of -
1027 ciphers from which the handshake phase will eventually select the -
1028 session cipher. This ordered list must be in place before the -
1029 handshake phase begins. -
1030 -
1031 \sa ciphers(), setCiphers(), setDefaultCiphers(), defaultCiphers(), -
1032 supportedCiphers() -
1033*/ -
1034QSslCipher QSslSocket::sessionCipher() const -
1035{ -
1036 Q_D(const QSslSocket); -
1037 return d->sessionCipher(); -
1038} -
1039 -
1040/*! -
1041 Sets the socket's private \l {QSslKey} {key} to \a key. The -
1042 private key and the local \l {QSslCertificate} {certificate} are -
1043 used by clients and servers that must prove their identity to -
1044 SSL peers. -
1045 -
1046 Both the key and the local certificate are required if you are -
1047 creating an SSL server socket. If you are creating an SSL client -
1048 socket, the key and local certificate are required if your client -
1049 must identify itself to an SSL server. -
1050 -
1051 \sa privateKey(), setLocalCertificate() -
1052*/ -
1053void QSslSocket::setPrivateKey(const QSslKey &key) -
1054{ -
1055 Q_D(QSslSocket); -
1056 d->configuration.privateKey = key; -
1057} -
1058 -
1059/*! -
1060 \overload -
1061 -
1062 Reads the string in file \a fileName and decodes it using -
1063 a specified \a algorithm and encoding \a format to construct -
1064 an \l {QSslKey} {SSL key}. If the encoded key is encrypted, -
1065 \a passPhrase is used to decrypt it. -
1066 -
1067 The socket's private key is set to the constructed key. The -
1068 private key and the local \l {QSslCertificate} {certificate} are -
1069 used by clients and servers that must prove their identity to SSL -
1070 peers. -
1071 -
1072 Both the key and the local certificate are required if you are -
1073 creating an SSL server socket. If you are creating an SSL client -
1074 socket, the key and local certificate are required if your client -
1075 must identify itself to an SSL server. -
1076 -
1077 \sa privateKey(), setLocalCertificate() -
1078*/ -
1079void QSslSocket::setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm, -
1080 QSsl::EncodingFormat format, const QByteArray &passPhrase) -
1081{ -
1082 Q_D(QSslSocket); -
1083 QFile file(fileName); -
1084 if (file.open(QIODevice::ReadOnly)) { -
1085 d->configuration.privateKey = QSslKey(file.readAll(), algorithm, -
1086 format, QSsl::PrivateKey, passPhrase); -
1087 } -
1088} -
1089 -
1090/*! -
1091 Returns this socket's private key. -
1092 -
1093 \sa setPrivateKey(), localCertificate() -
1094*/ -
1095QSslKey QSslSocket::privateKey() const -
1096{ -
1097 Q_D(const QSslSocket); -
1098 return d->configuration.privateKey; -
1099} -
1100 -
1101/*! -
1102 Returns this socket's current cryptographic cipher suite. This -
1103 list is used during the socket's handshake phase for choosing a -
1104 session cipher. The returned list of ciphers is ordered by -
1105 descending preference. (i.e., the first cipher in the list is the -
1106 most preferred cipher). The session cipher will be the first one -
1107 in the list that is also supported by the peer. -
1108 -
1109 By default, the handshake phase can choose any of the ciphers -
1110 supported by this system's SSL libraries, which may vary from -
1111 system to system. The list of ciphers supported by this system's -
1112 SSL libraries is returned by supportedCiphers(). You can restrict -
1113 the list of ciphers used for choosing the session cipher for this -
1114 socket by calling setCiphers() with a subset of the supported -
1115 ciphers. You can revert to using the entire set by calling -
1116 setCiphers() with the list returned by supportedCiphers(). -
1117 -
1118 You can restrict the list of ciphers used for choosing the session -
1119 cipher for \e all sockets by calling setDefaultCiphers() with a -
1120 subset of the supported ciphers. You can revert to using the -
1121 entire set by calling setCiphers() with the list returned by -
1122 supportedCiphers(). -
1123 -
1124 \sa setCiphers(), defaultCiphers(), setDefaultCiphers(), supportedCiphers() -
1125*/ -
1126QList<QSslCipher> QSslSocket::ciphers() const -
1127{ -
1128 Q_D(const QSslSocket); -
1129 return d->configuration.ciphers; -
1130} -
1131 -
1132/*! -
1133 Sets the cryptographic cipher suite for this socket to \a ciphers, -
1134 which must contain a subset of the ciphers in the list returned by -
1135 supportedCiphers(). -
1136 -
1137 Restricting the cipher suite must be done before the handshake -
1138 phase, where the session cipher is chosen. -
1139 -
1140 \sa ciphers(), setDefaultCiphers(), supportedCiphers() -
1141*/ -
1142void QSslSocket::setCiphers(const QList<QSslCipher> &ciphers) -
1143{ -
1144 Q_D(QSslSocket); -
1145 d->configuration.ciphers = ciphers; -
1146} -
1147 -
1148/*! -
1149 Sets the cryptographic cipher suite for this socket to \a ciphers, which -
1150 is a colon-separated list of cipher suite names. The ciphers are listed in -
1151 order of preference, starting with the most preferred cipher. For example: -
1152 -
1153 \snippet code/src_network_ssl_qsslsocket.cpp 4 -
1154 -
1155 Each cipher name in \a ciphers must be the name of a cipher in the -
1156 list returned by supportedCiphers(). Restricting the cipher suite -
1157 must be done before the handshake phase, where the session cipher -
1158 is chosen. -
1159 -
1160 \sa ciphers(), setDefaultCiphers(), supportedCiphers() -
1161*/ -
1162void QSslSocket::setCiphers(const QString &ciphers) -
1163{ -
1164 Q_D(QSslSocket); -
1165 d->configuration.ciphers.clear(); -
1166 foreach (const QString &cipherName, ciphers.split(QLatin1String(":"),QString::SkipEmptyParts)) { -
1167 for (int i = 0; i < 3; ++i) { -
1168 // ### Crude -
1169 QSslCipher cipher(cipherName, QSsl::SslProtocol(i)); -
1170 if (!cipher.isNull()) -
1171 d->configuration.ciphers << cipher; -
1172 } -
1173 } -
1174} -
1175 -
1176/*! -
1177 Sets the default cryptographic cipher suite for all sockets in -
1178 this application to \a ciphers, which must contain a subset of the -
1179 ciphers in the list returned by supportedCiphers(). -
1180 -
1181 Restricting the default cipher suite only affects SSL sockets -
1182 that perform their handshake phase after the default cipher -
1183 suite has been changed. -
1184 -
1185 \sa setCiphers(), defaultCiphers(), supportedCiphers() -
1186*/ -
1187void QSslSocket::setDefaultCiphers(const QList<QSslCipher> &ciphers) -
1188{ -
1189 QSslSocketPrivate::setDefaultCiphers(ciphers); -
1190} -
1191 -
1192/*! -
1193 Returns the default cryptographic cipher suite for all sockets in -
1194 this application. This list is used during the socket's handshake -
1195 phase when negotiating with the peer to choose a session cipher. -
1196 The list is ordered by preference (i.e., the first cipher in the -
1197 list is the most preferred cipher). -
1198 -
1199 By default, the handshake phase can choose any of the ciphers -
1200 supported by this system's SSL libraries, which may vary from -
1201 system to system. The list of ciphers supported by this system's -
1202 SSL libraries is returned by supportedCiphers(). -
1203 -
1204 \sa supportedCiphers() -
1205*/ -
1206QList<QSslCipher> QSslSocket::defaultCiphers() -
1207{ -
1208 return QSslSocketPrivate::defaultCiphers(); -
1209} -
1210 -
1211/*! -
1212 Returns the list of cryptographic ciphers supported by this -
1213 system. This list is set by the system's SSL libraries and may -
1214 vary from system to system. -
1215 -
1216 \sa defaultCiphers(), ciphers(), setCiphers() -
1217*/ -
1218QList<QSslCipher> QSslSocket::supportedCiphers() -
1219{ -
1220 return QSslSocketPrivate::supportedCiphers(); -
1221} -
1222 -
1223/*! -
1224 Searches all files in the \a path for certificates encoded in the -
1225 specified \a format and adds them to this socket's CA certificate -
1226 database. \a path can be explicit, or it can contain wildcards in -
1227 the format specified by \a syntax. Returns true if one or more -
1228 certificates are added to the socket's CA certificate database; -
1229 otherwise returns false. -
1230 -
1231 The CA certificate database is used by the socket during the -
1232 handshake phase to validate the peer's certificate. -
1233 -
1234 For more precise control, use addCaCertificate(). -
1235 -
1236 \sa addCaCertificate(), QSslCertificate::fromPath() -
1237*/ -
1238bool QSslSocket::addCaCertificates(const QString &path, QSsl::EncodingFormat format, -
1239 QRegExp::PatternSyntax syntax) -
1240{ -
1241 Q_D(QSslSocket); -
1242 QList<QSslCertificate> certs = QSslCertificate::fromPath(path, format, syntax); -
1243 if (certs.isEmpty()) -
1244 return false; -
1245 -
1246 d->configuration.caCertificates += certs; -
1247 return true; -
1248} -
1249 -
1250/*! -
1251 Adds the \a certificate to this socket's CA certificate database. -
1252 The CA certificate database is used by the socket during the -
1253 handshake phase to validate the peer's certificate. -
1254 -
1255 To add multiple certificates, use addCaCertificates(). -
1256 -
1257 \sa caCertificates(), setCaCertificates() -
1258*/ -
1259void QSslSocket::addCaCertificate(const QSslCertificate &certificate) -
1260{ -
1261 Q_D(QSslSocket); -
1262 d->configuration.caCertificates += certificate; -
1263} -
1264 -
1265/*! -
1266 Adds the \a certificates to this socket's CA certificate database. -
1267 The CA certificate database is used by the socket during the -
1268 handshake phase to validate the peer's certificate. -
1269 -
1270 For more precise control, use addCaCertificate(). -
1271 -
1272 \sa caCertificates(), addDefaultCaCertificate() -
1273*/ -
1274void QSslSocket::addCaCertificates(const QList<QSslCertificate> &certificates) -
1275{ -
1276 Q_D(QSslSocket); -
1277 d->configuration.caCertificates += certificates; -
1278} -
1279 -
1280/*! -
1281 Sets this socket's CA certificate database to be \a certificates. -
1282 The certificate database must be set prior to the SSL handshake. -
1283 The CA certificate database is used by the socket during the -
1284 handshake phase to validate the peer's certificate. -
1285 -
1286 The CA certificate database can be reset to the current default CA -
1287 certificate database by calling this function with the list of CA -
1288 certificates returned by defaultCaCertificates(). -
1289 -
1290 \sa defaultCaCertificates() -
1291*/ -
1292void QSslSocket::setCaCertificates(const QList<QSslCertificate> &certificates) -
1293{ -
1294 Q_D(QSslSocket); -
1295 d->configuration.caCertificates = certificates; -
1296 d->allowRootCertOnDemandLoading = false; -
1297} -
1298 -
1299/*! -
1300 Returns this socket's CA certificate database. The CA certificate -
1301 database is used by the socket during the handshake phase to -
1302 validate the peer's certificate. It can be moodified prior to the -
1303 handshake with addCaCertificate(), addCaCertificates(), and -
1304 setCaCertificates(). -
1305 -
1306 \note On Unix, this method may return an empty list if the root -
1307 certificates are loaded on demand. -
1308 -
1309 \sa addCaCertificate(), addCaCertificates(), setCaCertificates() -
1310*/ -
1311QList<QSslCertificate> QSslSocket::caCertificates() const -
1312{ -
1313 Q_D(const QSslSocket); -
1314 return d->configuration.caCertificates; -
1315} -
1316 -
1317/*! -
1318 Searches all files in the \a path for certificates with the -
1319 specified \a encoding and adds them to the default CA certificate -
1320 database. \a path can be an explicit file, or it can contain -
1321 wildcards in the format specified by \a syntax. Returns true if -
1322 any CA certificates are added to the default database. -
1323 -
1324 Each SSL socket's CA certificate database is initialized to the -
1325 default CA certificate database. -
1326 -
1327 \sa defaultCaCertificates(), addCaCertificates(), addDefaultCaCertificate() -
1328*/ -
1329bool QSslSocket::addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat encoding, -
1330 QRegExp::PatternSyntax syntax) -
1331{ -
1332 return QSslSocketPrivate::addDefaultCaCertificates(path, encoding, syntax); -
1333} -
1334 -
1335/*! -
1336 Adds \a certificate to the default CA certificate database. Each -
1337 SSL socket's CA certificate database is initialized to the default -
1338 CA certificate database. -
1339 -
1340 \sa defaultCaCertificates(), addCaCertificates() -
1341*/ -
1342void QSslSocket::addDefaultCaCertificate(const QSslCertificate &certificate) -
1343{ -
1344 QSslSocketPrivate::addDefaultCaCertificate(certificate); -
1345} -
1346 -
1347/*! -
1348 Adds \a certificates to the default CA certificate database. Each -
1349 SSL socket's CA certificate database is initialized to the default -
1350 CA certificate database. -
1351 -
1352 \sa defaultCaCertificates(), addCaCertificates() -
1353*/ -
1354void QSslSocket::addDefaultCaCertificates(const QList<QSslCertificate> &certificates) -
1355{ -
1356 QSslSocketPrivate::addDefaultCaCertificates(certificates); -
1357} -
1358 -
1359/*! -
1360 Sets the default CA certificate database to \a certificates. The -
1361 default CA certificate database is originally set to your system's -
1362 default CA certificate database. You can override the default CA -
1363 certificate database with your own CA certificate database using -
1364 this function. -
1365 -
1366 Each SSL socket's CA certificate database is initialized to the -
1367 default CA certificate database. -
1368 -
1369 \sa addDefaultCaCertificate() -
1370*/ -
1371void QSslSocket::setDefaultCaCertificates(const QList<QSslCertificate> &certificates) -
1372{ -
1373 QSslSocketPrivate::setDefaultCaCertificates(certificates); -
1374} -
1375 -
1376/*! -
1377 Returns the current default CA certificate database. This database -
1378 is originally set to your system's default CA certificate database. -
1379 If no system default database is found, an empty database will be -
1380 returned. You can override the default CA certificate database -
1381 with your own CA certificate database using setDefaultCaCertificates(). -
1382 -
1383 Each SSL socket's CA certificate database is initialized to the -
1384 default CA certificate database. -
1385 -
1386 \note On Unix, this method may return an empty list if the root -
1387 certificates are loaded on demand. -
1388 -
1389 \sa caCertificates() -
1390*/ -
1391QList<QSslCertificate> QSslSocket::defaultCaCertificates() -
1392{ -
1393 return QSslSocketPrivate::defaultCaCertificates(); -
1394} -
1395 -
1396/*! -
1397 This function provides the CA certificate database -
1398 provided by the operating system. The CA certificate database -
1399 returned by this function is used to initialize the database -
1400 returned by defaultCaCertificates(). You can replace that database -
1401 with your own with setDefaultCaCertificates(). -
1402 -
1403 \sa caCertificates(), defaultCaCertificates(), setDefaultCaCertificates() -
1404*/ -
1405QList<QSslCertificate> QSslSocket::systemCaCertificates() -
1406{ -
1407 // we are calling ensureInitialized() in the method below -
1408 return QSslSocketPrivate::systemCaCertificates(); -
1409} -
1410 -
1411/*! -
1412 Waits until the socket is connected, or \a msecs milliseconds, -
1413 whichever happens first. If the connection has been established, -
1414 this function returns true; otherwise it returns false. -
1415 -
1416 \sa QAbstractSocket::waitForConnected() -
1417*/ -
1418bool QSslSocket::waitForConnected(int msecs) -
1419{ -
1420 Q_D(QSslSocket); -
1421 if (!d->plainSocket) -
1422 return false; -
1423 bool retVal = d->plainSocket->waitForConnected(msecs); -
1424 if (!retVal) { -
1425 setSocketState(d->plainSocket->state()); -
1426 setSocketError(d->plainSocket->error()); -
1427 setErrorString(d->plainSocket->errorString()); -
1428 } -
1429 return retVal; -
1430} -
1431 -
1432/*! -
1433 Waits until the socket has completed the SSL handshake and has -
1434 emitted encrypted(), or \a msecs milliseconds, whichever comes -
1435 first. If encrypted() has been emitted, this function returns -
1436 true; otherwise (e.g., the socket is disconnected, or the SSL -
1437 handshake fails), false is returned. -
1438 -
1439 The following example waits up to one second for the socket to be -
1440 encrypted: -
1441 -
1442 \snippet code/src_network_ssl_qsslsocket.cpp 5 -
1443 -
1444 If msecs is -1, this function will not time out. -
1445 -
1446 \sa startClientEncryption(), startServerEncryption(), encrypted(), isEncrypted() -
1447*/ -
1448bool QSslSocket::waitForEncrypted(int msecs) -
1449{ -
1450 Q_D(QSslSocket); -
1451 if (!d->plainSocket || d->connectionEncrypted) -
1452 return false; -
1453 if (d->mode == UnencryptedMode && !d->autoStartHandshake) -
1454 return false; -
1455 -
1456 QElapsedTimer stopWatch; -
1457 stopWatch.start(); -
1458 -
1459 if (d->plainSocket->state() != QAbstractSocket::ConnectedState) { -
1460 // Wait until we've entered connected state. -
1461 if (!d->plainSocket->waitForConnected(msecs)) -
1462 return false; -
1463 } -
1464 -
1465 while (!d->connectionEncrypted) { -
1466 // Start the handshake, if this hasn't been started yet. -
1467 if (d->mode == UnencryptedMode) -
1468 startClientEncryption(); -
1469 // Loop, waiting until the connection has been encrypted or an error -
1470 // occurs. -
1471 if (!d->plainSocket->waitForReadyRead(qt_timeout_value(msecs, stopWatch.elapsed()))) -
1472 return false; -
1473 } -
1474 return d->connectionEncrypted; -
1475} -
1476 -
1477/*! -
1478 \reimp -
1479*/ -
1480bool QSslSocket::waitForReadyRead(int msecs) -
1481{ -
1482 Q_D(QSslSocket); -
1483 if (!d->plainSocket) -
1484 return false; -
1485 if (d->mode == UnencryptedMode && !d->autoStartHandshake) -
1486 return d->plainSocket->waitForReadyRead(msecs); -
1487 -
1488 // This function must return true if and only if readyRead() *was* emitted. -
1489 // So we initialize "readyReadEmitted" to false and check if it was set to true. -
1490 // waitForReadyRead() could be called recursively, so we can't use the same variable -
1491 // (the inner waitForReadyRead() may fail, but the outer one still succeeded) -
1492 bool readyReadEmitted = false; -
1493 bool *previousReadyReadEmittedPointer = d->readyReadEmittedPointer; -
1494 d->readyReadEmittedPointer = &readyReadEmitted; -
1495 -
1496 QElapsedTimer stopWatch; -
1497 stopWatch.start(); -
1498 -
1499 if (!d->connectionEncrypted) { -
1500 // Wait until we've entered encrypted mode, or until a failure occurs. -
1501 if (!waitForEncrypted(msecs)) { -
1502 d->readyReadEmittedPointer = previousReadyReadEmittedPointer; -
1503 return false; -
1504 } -
1505 } -
1506 -
1507 if (!d->writeBuffer.isEmpty()) { -
1508 // empty our cleartext write buffer first -
1509 d->transmit(); -
1510 } -
1511 -
1512 // test readyReadEmitted first because either operation above -
1513 // (waitForEncrypted or transmit) may have set it -
1514 while (!readyReadEmitted && -
1515 d->plainSocket->waitForReadyRead(qt_timeout_value(msecs, stopWatch.elapsed()))) { -
1516 } -
1517 -
1518 d->readyReadEmittedPointer = previousReadyReadEmittedPointer; -
1519 return readyReadEmitted; -
1520} -
1521 -
1522/*! -
1523 \reimp -
1524*/ -
1525bool QSslSocket::waitForBytesWritten(int msecs) -
1526{ -
1527 Q_D(QSslSocket); -
1528 if (!d->plainSocket) -
1529 return false; -
1530 if (d->mode == UnencryptedMode) -
1531 return d->plainSocket->waitForBytesWritten(msecs); -
1532 -
1533 QElapsedTimer stopWatch; -
1534 stopWatch.start(); -
1535 -
1536 if (!d->connectionEncrypted) { -
1537 // Wait until we've entered encrypted mode, or until a failure occurs. -
1538 if (!waitForEncrypted(msecs)) -
1539 return false; -
1540 } -
1541 if (!d->writeBuffer.isEmpty()) { -
1542 // empty our cleartext write buffer first -
1543 d->transmit(); -
1544 } -
1545 -
1546 return d->plainSocket->waitForBytesWritten(qt_timeout_value(msecs, stopWatch.elapsed())); -
1547} -
1548 -
1549/*! -
1550 Waits until the socket has disconnected or \a msecs milliseconds, -
1551 whichever comes first. If the connection has been disconnected, -
1552 this function returns true; otherwise it returns false. -
1553 -
1554 \sa QAbstractSocket::waitForDisconnected() -
1555*/ -
1556bool QSslSocket::waitForDisconnected(int msecs) -
1557{ -
1558 Q_D(QSslSocket); -
1559 -
1560 // require calling connectToHost() before waitForDisconnected() -
1561 if (state() == UnconnectedState) { -
1562 qWarning("QSslSocket::waitForDisconnected() is not allowed in UnconnectedState"); -
1563 return false; -
1564 } -
1565 -
1566 if (!d->plainSocket) -
1567 return false; -
1568 if (d->mode == UnencryptedMode) -
1569 return d->plainSocket->waitForDisconnected(msecs); -
1570 -
1571 QElapsedTimer stopWatch; -
1572 stopWatch.start(); -
1573 -
1574 if (!d->connectionEncrypted) { -
1575 // Wait until we've entered encrypted mode, or until a failure occurs. -
1576 if (!waitForEncrypted(msecs)) -
1577 return false; -
1578 } -
1579 bool retVal = d->plainSocket->waitForDisconnected(qt_timeout_value(msecs, stopWatch.elapsed())); -
1580 if (!retVal) { -
1581 setSocketState(d->plainSocket->state()); -
1582 setSocketError(d->plainSocket->error()); -
1583 setErrorString(d->plainSocket->errorString()); -
1584 } -
1585 return retVal; -
1586} -
1587 -
1588/*! -
1589 Returns a list of the last SSL errors that occurred. This is the -
1590 same list as QSslSocket passes via the sslErrors() signal. If the -
1591 connection has been encrypted with no errors, this function will -
1592 return an empty list. -
1593 -
1594 \sa connectToHostEncrypted() -
1595*/ -
1596QList<QSslError> QSslSocket::sslErrors() const -
1597{ -
1598 Q_D(const QSslSocket); -
1599 return d->sslErrors; -
1600} -
1601 -
1602/*! -
1603 Returns true if this platform supports SSL; otherwise, returns -
1604 false. If the platform doesn't support SSL, the socket will fail -
1605 in the connection phase. -
1606*/ -
1607bool QSslSocket::supportsSsl() -
1608{ -
1609 return QSslSocketPrivate::supportsSsl(); -
1610} -
1611 -
1612/*! -
1613 \since 5.0 -
1614 Returns the version number of the SSL library in use. Note that -
1615 this is the version of the library in use at run-time not compile -
1616 time. If no SSL support is available then this will return an -
1617 undefined value. -
1618*/ -
1619long QSslSocket::sslLibraryVersionNumber() -
1620{ -
1621 return QSslSocketPrivate::sslLibraryVersionNumber(); -
1622} -
1623 -
1624/*! -
1625 \since 5.0 -
1626 Returns the version string of the SSL library in use. Note that -
1627 this is the version of the library in use at run-time not compile -
1628 time. If no SSL support is available then this will return an empty value. -
1629*/ -
1630QString QSslSocket::sslLibraryVersionString() -
1631{ -
1632 return QSslSocketPrivate::sslLibraryVersionString(); -
1633} -
1634 -
1635/*! -
1636 Starts a delayed SSL handshake for a client connection. This -
1637 function can be called when the socket is in the \l ConnectedState -
1638 but still in the \l UnencryptedMode. If it is not yet connected, -
1639 or if it is already encrypted, this function has no effect. -
1640 -
1641 Clients that implement STARTTLS functionality often make use of -
1642 delayed SSL handshakes. Most other clients can avoid calling this -
1643 function directly by using connectToHostEncrypted() instead, which -
1644 automatically performs the handshake. -
1645 -
1646 \sa connectToHostEncrypted(), startServerEncryption() -
1647*/ -
1648void QSslSocket::startClientEncryption() -
1649{ -
1650 Q_D(QSslSocket); -
1651 if (d->mode != UnencryptedMode) { -
1652 qWarning("QSslSocket::startClientEncryption: cannot start handshake on non-plain connection"); -
1653 return; -
1654 } -
1655 if (state() != ConnectedState) { -
1656 qWarning("QSslSocket::startClientEncryption: cannot start handshake when not connected"); -
1657 return; -
1658 } -
1659#ifdef QSSLSOCKET_DEBUG -
1660 qDebug() << "QSslSocket::startClientEncryption()"; -
1661#endif -
1662 d->mode = SslClientMode; -
1663 emit modeChanged(d->mode); -
1664 d->startClientEncryption(); -
1665} -
1666 -
1667/*! -
1668 Starts a delayed SSL handshake for a server connection. This -
1669 function can be called when the socket is in the \l ConnectedState -
1670 but still in \l UnencryptedMode. If it is not connected or it is -
1671 already encrypted, the function has no effect. -
1672 -
1673 For server sockets, calling this function is the only way to -
1674 initiate the SSL handshake. Most servers will call this function -
1675 immediately upon receiving a connection, or as a result of having -
1676 received a protocol-specific command to enter SSL mode (e.g, the -
1677 server may respond to receiving the string "STARTTLS\\r\\n" by -
1678 calling this function). -
1679 -
1680 The most common way to implement an SSL server is to create a -
1681 subclass of QTcpServer and reimplement -
1682 QTcpServer::incomingConnection(). The returned socket descriptor -
1683 is then passed to QSslSocket::setSocketDescriptor(). -
1684 -
1685 \sa connectToHostEncrypted(), startClientEncryption() -
1686*/ -
1687void QSslSocket::startServerEncryption() -
1688{ -
1689 Q_D(QSslSocket); -
1690 if (d->mode != UnencryptedMode) { -
1691 qWarning("QSslSocket::startServerEncryption: cannot start handshake on non-plain connection"); -
1692 return; -
1693 } -
1694#ifdef QSSLSOCKET_DEBUG -
1695 qDebug() << "QSslSocket::startServerEncryption()"; -
1696#endif -
1697 d->mode = SslServerMode; -
1698 emit modeChanged(d->mode); -
1699 d->startServerEncryption(); -
1700} -
1701 -
1702/*!-
This slot tells QSslSocket to ignore errors during QSslSocket's
handshake phase and continue connecting. If you want to continue
with the connection even if errors occur during the handshake
phase, then you must call this slot, either from a slot connected
to sslErrors(), or before the handshake phase. If you don't call
this slot, either in response to errors or before the handshake,
the connection will be dropped after the sslErrors() signal has
been emitted.
If there are no errors during the SSL handshake phase (i.e., the
identity of the peer is established with no problems), QSslSocket
will not emit the sslErrors() signal, and it is unnecessary to
call this function.
Ignoring errors that occur during an SSL handshake should be done
with caution. A fundamental characteristic of secure connections
is that they should be established with an error free handshake.
\sa sslErrors()
*/*!
1703 This slot tells QSslSocket to ignore errors during QSslSocket's -
1704 handshake phase and continue connecting. If you want to continue -
1705 with the connection even if errors occur during the handshake -
1706 phase, then you must call this slot, either from a slot connected -
1707 to sslErrors(), or before the handshake phase. If you don't call -
1708 this slot, either in response to errors or before the handshake, -
1709 the connection will be dropped after the sslErrors() signal has -
1710 been emitted. -
1711 -
1712 If there are no errors during the SSL handshake phase (i.e., the -
1713 identity of the peer is established with no problems), QSslSocket -
1714 will not emit the sslErrors() signal, and it is unnecessary to -
1715 call this function. -
1716 -
1717 \warning Be sure to always let the user inspect the errors -
1718 reported by the sslErrors() signal, and only call this method -
1719 upon confirmation from the user that proceeding is ok. -
1720 If there are unexpected errors, the connection should be aborted. -
1721 Calling this method without inspecting the actual errors will -
1722 most likely pose a security risk for your application. Use it -
1723 with great care! -
1724 -
1725 \sa sslErrors() -
1726*/ -
1727void QSslSocket::ignoreSslErrors() -
1728{ -
1729 Q_D(QSslSocket); -
1730 d->ignoreAllSslErrors = true; -
1731} -
1732 -
1733/*! -
1734 \overload -
1735 \since 4.6 -
1736 -
1737 This method tells QSslSocket to ignore only the errors given in \a -
1738 errors. -
1739 -
1740 Note that you can set the expected certificate in the SSL error: -
1741 If, for instance, you want to connect to a server that uses -
1742 a self-signed certificate, consider the following snippet: -
1743 -
1744 \snippet code/src_network_ssl_qsslsocket.cpp 6 -
1745 -
1746 Multiple calls to this function will replace the list of errors that -
1747 were passed in previous calls. -
1748 You can clear the list of errors you want to ignore by calling this -
1749 function with an empty list. -
1750 -
1751 \sa sslErrors() -
1752*/ -
1753void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) -
1754{ -
1755 Q_D(QSslSocket); -
1756 d->ignoreErrorsList = errors; -
1757} -
1758 -
1759/*! -
1760 \internal -
1761*/ -
1762void QSslSocket::connectToHost(const QString &hostName, quint16 port, OpenMode openMode, NetworkLayerProtocol protocol) -
1763{ -
1764 Q_D(QSslSocket); -
1765 d->preferredNetworkLayerProtocol = protocol; -
1766 if (!d->initialized) -
1767 d->init(); -
1768 d->initialized = false; -
1769 -
1770#ifdef QSSLSOCKET_DEBUG -
1771 qDebug() << "QSslSocket::connectToHost(" -
1772 << hostName << ',' << port << ',' << openMode << ')'; -
1773#endif -
1774 if (!d->plainSocket) { -
1775#ifdef QSSLSOCKET_DEBUG -
1776 qDebug() << "\tcreating internal plain socket"; -
1777#endif -
1778 d->createPlainSocket(openMode); -
1779 } -
1780#ifndef QT_NO_NETWORKPROXY -
1781 d->plainSocket->setProxy(proxy()); -
1782#endif -
1783 QIODevice::open(openMode); -
1784 d->plainSocket->connectToHost(hostName, port, openMode, d->preferredNetworkLayerProtocol); -
1785 d->cachedSocketDescriptor = d->plainSocket->socketDescriptor(); -
1786} -
1787 -
1788/*! -
1789 \internal -
1790*/ -
1791void QSslSocket::disconnectFromHost() -
1792{ -
1793 Q_D(QSslSocket); -
1794#ifdef QSSLSOCKET_DEBUG -
1795 qDebug() << "QSslSocket::disconnectFromHost()"; -
1796#endif -
1797 if (!d->plainSocket) -
1798 return; -
1799 if (d->state == UnconnectedState) -
1800 return; -
1801 if (d->mode == UnencryptedMode && !d->autoStartHandshake) { -
1802 d->plainSocket->disconnectFromHost(); -
1803 return; -
1804 } -
1805 if (d->state <= ConnectingState) { -
1806 d->pendingClose = true; -
1807 return; -
1808 } -
1809 -
1810 // Perhaps emit closing() -
1811 if (d->state != ClosingState) { -
1812 d->state = ClosingState; -
1813 emit stateChanged(d->state); -
1814 } -
1815 -
1816 if (!d->writeBuffer.isEmpty()) -
1817 return; -
1818 -
1819 if (d->mode == UnencryptedMode) { -
1820 d->plainSocket->disconnectFromHost(); -
1821 } else { -
1822 d->disconnectFromHost(); -
1823 } -
1824} -
1825 -
1826/*! -
1827 \reimp -
1828*/ -
1829qint64 QSslSocket::readData(char *data, qint64 maxlen) -
1830{ -
1831 Q_D(QSslSocket); -
1832 qint64 readBytes = 0; -
1833 -
1834 if (d->mode == UnencryptedMode && !d->autoStartHandshake) { -
1835 readBytes = d->plainSocket->read(data, maxlen); -
1836 } else { -
1837 int bytesToRead = qMin<int>(maxlen, d->buffer.size()); -
1838 readBytes = d->buffer.read(data, bytesToRead); -
1839 } -
1840 -
1841#ifdef QSSLSOCKET_DEBUG -
1842 qDebug() << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" << readBytes; -
1843#endif -
1844 -
1845 // possibly trigger another transmit() to decrypt more data from the socket -
1846 if (d->buffer.isEmpty() && d->plainSocket->bytesAvailable()) { -
1847 QMetaObject::invokeMethod(this, "_q_flushReadBuffer", Qt::QueuedConnection); -
1848 } -
1849 -
1850 return readBytes; -
1851} -
1852 -
1853/*! -
1854 \reimp -
1855*/ -
1856qint64 QSslSocket::writeData(const char *data, qint64 len) -
1857{ -
1858 Q_D(QSslSocket); -
1859#ifdef QSSLSOCKET_DEBUG -
1860 qDebug() << "QSslSocket::writeData(" << (void *)data << ',' << len << ')'; -
1861#endif -
1862 if (d->mode == UnencryptedMode && !d->autoStartHandshake) -
1863 return d->plainSocket->write(data, len); -
1864 -
1865 char *writePtr = d->writeBuffer.reserve(len); -
1866 ::memcpy(writePtr, data, len); -
1867 -
1868 // make sure we flush to the plain socket's buffer -
1869 QMetaObject::invokeMethod(this, "_q_flushWriteBuffer", Qt::QueuedConnection); -
1870 -
1871 return len; -
1872} -
1873 -
1874/*! -
1875 \internal -
1876*/ -
1877QSslSocketPrivate::QSslSocketPrivate() -
1878 : initialized(false) -
1879 , mode(QSslSocket::UnencryptedMode) -
1880 , autoStartHandshake(false) -
1881 , connectionEncrypted(false) -
1882 , ignoreAllSslErrors(false) -
1883 , readyReadEmittedPointer(0) -
1884 , allowRootCertOnDemandLoading(true) -
1885 , plainSocket(0) -
1886 , paused(false) -
1887{ -
1888 QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration); -
1889} -
1890 -
1891/*! -
1892 \internal -
1893*/ -
1894QSslSocketPrivate::~QSslSocketPrivate() -
1895{ -
1896} -
1897 -
1898/*! -
1899 \internal -
1900*/ -
1901void QSslSocketPrivate::init() -
1902{ -
1903 mode = QSslSocket::UnencryptedMode; -
1904 autoStartHandshake = false; -
1905 connectionEncrypted = false; -
1906 ignoreAllSslErrors = false; -
1907 -
1908 // we don't want to clear the ignoreErrorsList, so -
1909 // that it is possible setting it before connecting -
1910// ignoreErrorsList.clear(); -
1911 -
1912 buffer.clear(); -
1913 writeBuffer.clear(); -
1914 configuration.peerCertificate.clear(); -
1915 configuration.peerCertificateChain.clear(); -
1916} -
1917 -
1918/*! -
1919 \internal -
1920*/ -
1921QList<QSslCipher> QSslSocketPrivate::defaultCiphers() -
1922{ -
1923 QMutexLocker locker(&globalData()->mutex); -
1924 return globalData()->config->ciphers; -
1925} -
1926 -
1927/*! -
1928 \internal -
1929*/ -
1930QList<QSslCipher> QSslSocketPrivate::supportedCiphers() -
1931{ -
1932 QSslSocketPrivate::ensureInitialized(); -
1933 QMutexLocker locker(&globalData()->mutex); -
1934 return globalData()->supportedCiphers; -
1935} -
1936 -
1937/*! -
1938 \internal -
1939*/ -
1940void QSslSocketPrivate::setDefaultCiphers(const QList<QSslCipher> &ciphers) -
1941{ -
1942 QMutexLocker locker(&globalData()->mutex); -
1943 globalData()->config.detach(); -
1944 globalData()->config->ciphers = ciphers; -
1945} -
1946 -
1947/*! -
1948 \internal -
1949*/ -
1950void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers) -
1951{ -
1952 QMutexLocker locker(&globalData()->mutex); -
1953 globalData()->config.detach(); -
1954 globalData()->supportedCiphers = ciphers; -
1955} -
1956 -
1957/*! -
1958 \internal -
1959*/ -
1960QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates() -
1961{ -
1962 QSslSocketPrivate::ensureInitialized(); -
1963 QMutexLocker locker(&globalData()->mutex); -
1964 return globalData()->config->caCertificates; -
1965} -
1966 -
1967/*! -
1968 \internal -
1969*/ -
1970void QSslSocketPrivate::setDefaultCaCertificates(const QList<QSslCertificate> &certs) -
1971{ -
1972 QSslSocketPrivate::ensureInitialized(); -
1973 QMutexLocker locker(&globalData()->mutex); -
1974 globalData()->config.detach(); -
1975 globalData()->config->caCertificates = certs; -
1976 // when the certificates are set explicitly, we do not want to -
1977 // load the system certificates on demand -
1978 s_loadRootCertsOnDemand = false; -
1979} -
1980 -
1981/*! -
1982 \internal -
1983*/ -
1984bool QSslSocketPrivate::addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format, -
1985 QRegExp::PatternSyntax syntax) -
1986{ -
1987 QSslSocketPrivate::ensureInitialized(); -
1988 QList<QSslCertificate> certs = QSslCertificate::fromPath(path, format, syntax); -
1989 if (certs.isEmpty()) -
1990 return false; -
1991 -
1992 QMutexLocker locker(&globalData()->mutex); -
1993 globalData()->config.detach(); -
1994 globalData()->config->caCertificates += certs; -
1995 return true; -
1996} -
1997 -
1998/*! -
1999 \internal -
2000*/ -
2001void QSslSocketPrivate::addDefaultCaCertificate(const QSslCertificate &cert) -
2002{ -
2003 QSslSocketPrivate::ensureInitialized(); -
2004 QMutexLocker locker(&globalData()->mutex); -
2005 globalData()->config.detach(); -
2006 globalData()->config->caCertificates += cert; -
2007} -
2008 -
2009/*! -
2010 \internal -
2011*/ -
2012void QSslSocketPrivate::addDefaultCaCertificates(const QList<QSslCertificate> &certs) -
2013{ -
2014 QSslSocketPrivate::ensureInitialized(); -
2015 QMutexLocker locker(&globalData()->mutex); -
2016 globalData()->config.detach(); -
2017 globalData()->config->caCertificates += certs; -
2018} -
2019 -
2020/*! -
2021 \internal -
2022*/ -
2023QSslConfiguration QSslConfigurationPrivate::defaultConfiguration() -
2024{ -
2025 QSslSocketPrivate::ensureInitialized(); -
2026 QMutexLocker locker(&globalData()->mutex); -
2027 return QSslConfiguration(globalData()->config.data()); -
2028} -
2029 -
2030/*! -
2031 \internal -
2032*/ -
2033void QSslConfigurationPrivate::setDefaultConfiguration(const QSslConfiguration &configuration) -
2034{ -
2035 QSslSocketPrivate::ensureInitialized(); -
2036 QMutexLocker locker(&globalData()->mutex); -
2037 if (globalData()->config == configuration.d) -
2038 return; // nothing to do -
2039 -
2040 globalData()->config = const_cast<QSslConfigurationPrivate*>(configuration.d.constData()); -
2041} -
2042 -
2043/*! -
2044 \internal -
2045*/ -
2046void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPrivate *ptr) -
2047{ -
2048 QSslSocketPrivate::ensureInitialized(); -
2049 QMutexLocker locker(&globalData()->mutex); -
2050 const QSslConfigurationPrivate *global = globalData()->config.constData(); -
2051 -
2052 if (!global) { -
2053 ptr = 0; -
2054 return; -
2055 } -
2056 -
2057 ptr->ref.store(1); -
2058 ptr->peerCertificate = global->peerCertificate; -
2059 ptr->peerCertificateChain = global->peerCertificateChain; -
2060 ptr->localCertificate = global->localCertificate; -
2061 ptr->privateKey = global->privateKey; -
2062 ptr->sessionCipher = global->sessionCipher; -
2063 ptr->ciphers = global->ciphers; -
2064 ptr->caCertificates = global->caCertificates; -
2065 ptr->protocol = global->protocol; -
2066 ptr->peerVerifyMode = global->peerVerifyMode; -
2067 ptr->peerVerifyDepth = global->peerVerifyDepth; -
2068 ptr->sslOptions = global->sslOptions; -
2069} -
2070 -
2071/*! -
2072 \internal -
2073*/ -
2074void QSslSocketPrivate::createPlainSocket(QIODevice::OpenMode openMode) -
2075{ -
2076 Q_Q(QSslSocket); -
2077 q->setOpenMode(openMode); // <- from QIODevice -
2078 q->setSocketState(QAbstractSocket::UnconnectedState); -
2079 q->setSocketError(QAbstractSocket::UnknownSocketError); -
2080 q->setLocalPort(0); -
2081 q->setLocalAddress(QHostAddress()); -
2082 q->setPeerPort(0); -
2083 q->setPeerAddress(QHostAddress()); -
2084 q->setPeerName(QString()); -
2085 -
2086 plainSocket = new QTcpSocket(q); -
2087#ifndef QT_NO_BEARERMANAGEMENT -
2088 //copy network session down to the plain socket (if it has been set) -
2089 plainSocket->setProperty("_q_networksession", q->property("_q_networksession")); -
2090#endif -
2091 q->connect(plainSocket, SIGNAL(connected()), -
2092 q, SLOT(_q_connectedSlot()), -
2093 Qt::DirectConnection); -
2094 q->connect(plainSocket, SIGNAL(hostFound()), -
2095 q, SLOT(_q_hostFoundSlot()), -
2096 Qt::DirectConnection); -
2097 q->connect(plainSocket, SIGNAL(disconnected()), -
2098 q, SLOT(_q_disconnectedSlot()), -
2099 Qt::DirectConnection); -
2100 q->connect(plainSocket, SIGNAL(stateChanged(QAbstractSocket::SocketState)), -
2101 q, SLOT(_q_stateChangedSlot(QAbstractSocket::SocketState)), -
2102 Qt::DirectConnection); -
2103 q->connect(plainSocket, SIGNAL(error(QAbstractSocket::SocketError)), -
2104 q, SLOT(_q_errorSlot(QAbstractSocket::SocketError)), -
2105 Qt::DirectConnection); -
2106 q->connect(plainSocket, SIGNAL(readyRead()), -
2107 q, SLOT(_q_readyReadSlot()), -
2108 Qt::DirectConnection); -
2109 q->connect(plainSocket, SIGNAL(bytesWritten(qint64)), -
2110 q, SLOT(_q_bytesWrittenSlot(qint64)), -
2111 Qt::DirectConnection); -
2112#ifndef QT_NO_NETWORKPROXY -
2113 q->connect(plainSocket, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)), -
2114 q, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*))); -
2115#endif -
2116 -
2117 buffer.clear(); -
2118 writeBuffer.clear(); -
2119 connectionEncrypted = false; -
2120 configuration.peerCertificate.clear(); -
2121 configuration.peerCertificateChain.clear(); -
2122 mode = QSslSocket::UnencryptedMode; -
2123 q->setReadBufferSize(readBufferMaxSize); -
2124} -
2125 -
2126void QSslSocketPrivate::pauseSocketNotifiers(QSslSocket *socket) -
2127{ -
2128 if (!socket->d_func()->plainSocket) -
2129 return; -
2130 QAbstractSocketPrivate::pauseSocketNotifiers(socket->d_func()->plainSocket); -
2131} -
2132 -
2133void QSslSocketPrivate::resumeSocketNotifiers(QSslSocket *socket) -
2134{ -
2135 if (!socket->d_func()->plainSocket) -
2136 return; -
2137 QAbstractSocketPrivate::resumeSocketNotifiers(socket->d_func()->plainSocket); -
2138} -
2139 -
2140bool QSslSocketPrivate::isPaused() const -
2141{ -
2142 return paused; -
2143} -
2144 -
2145/*! -
2146 \internal -
2147*/ -
2148void QSslSocketPrivate::_q_connectedSlot() -
2149{ -
2150 Q_Q(QSslSocket); -
2151 q->setLocalPort(plainSocket->localPort()); -
2152 q->setLocalAddress(plainSocket->localAddress()); -
2153 q->setPeerPort(plainSocket->peerPort()); -
2154 q->setPeerAddress(plainSocket->peerAddress()); -
2155 q->setPeerName(plainSocket->peerName()); -
2156 cachedSocketDescriptor = plainSocket->socketDescriptor(); -
2157 -
2158#ifdef QSSLSOCKET_DEBUG -
2159 qDebug() << "QSslSocket::_q_connectedSlot()"; -
2160 qDebug() << "\tstate =" << q->state(); -
2161 qDebug() << "\tpeer =" << q->peerName() << q->peerAddress() << q->peerPort(); -
2162 qDebug() << "\tlocal =" << QHostInfo::fromName(q->localAddress().toString()).hostName() -
2163 << q->localAddress() << q->localPort(); -
2164#endif -
2165 -
2166 if (autoStartHandshake) -
2167 q->startClientEncryption(); -
2168 -
2169 emit q->connected(); -
2170 -
2171 if (pendingClose && !autoStartHandshake) { -
2172 pendingClose = false; -
2173 q->disconnectFromHost(); -
2174 } -
2175} -
2176 -
2177/*! -
2178 \internal -
2179*/ -
2180void QSslSocketPrivate::_q_hostFoundSlot() -
2181{ -
2182 Q_Q(QSslSocket); -
2183#ifdef QSSLSOCKET_DEBUG -
2184 qDebug() << "QSslSocket::_q_hostFoundSlot()"; -
2185 qDebug() << "\tstate =" << q->state(); -
2186#endif -
2187 emit q->hostFound(); -
2188} -
2189 -
2190/*! -
2191 \internal -
2192*/ -
2193void QSslSocketPrivate::_q_disconnectedSlot() -
2194{ -
2195 Q_Q(QSslSocket); -
2196#ifdef QSSLSOCKET_DEBUG -
2197 qDebug() << "QSslSocket::_q_disconnectedSlot()"; -
2198 qDebug() << "\tstate =" << q->state(); -
2199#endif -
2200 disconnected(); -
2201 emit q->disconnected(); -
2202} -
2203 -
2204/*! -
2205 \internal -
2206*/ -
2207void QSslSocketPrivate::_q_stateChangedSlot(QAbstractSocket::SocketState state) -
2208{ -
2209 Q_Q(QSslSocket); -
2210#ifdef QSSLSOCKET_DEBUG -
2211 qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ')'; -
2212#endif -
2213 q->setSocketState(state); -
2214 emit q->stateChanged(state); -
2215} -
2216 -
2217/*! -
2218 \internal -
2219*/ -
2220void QSslSocketPrivate::_q_errorSlot(QAbstractSocket::SocketError error) -
2221{ -
2222 Q_Q(QSslSocket); -
2223#ifdef QSSLSOCKET_DEBUG -
2224 qDebug() << "QSslSocket::_q_errorSlot(" << error << ')'; -
2225 qDebug() << "\tstate =" << q->state(); -
2226 qDebug() << "\terrorString =" << q->errorString(); -
2227#endif -
2228 q->setSocketError(plainSocket->error()); -
2229 q->setErrorString(plainSocket->errorString()); -
2230 emit q->error(error); -
2231} -
2232 -
2233/*! -
2234 \internal -
2235*/ -
2236void QSslSocketPrivate::_q_readyReadSlot() -
2237{ -
2238 Q_Q(QSslSocket); -
2239#ifdef QSSLSOCKET_DEBUG -
2240 qDebug() << "QSslSocket::_q_readyReadSlot() -" << plainSocket->bytesAvailable() << "bytes available"; -
2241#endif -
2242 if (mode == QSslSocket::UnencryptedMode) { -
2243 if (readyReadEmittedPointer) -
2244 *readyReadEmittedPointer = true; -
2245 emit q->readyRead(); -
2246 return; -
2247 } -
2248 -
2249 transmit(); -
2250} -
2251 -
2252/*! -
2253 \internal -
2254*/ -
2255void QSslSocketPrivate::_q_bytesWrittenSlot(qint64 written) -
2256{ -
2257 Q_Q(QSslSocket); -
2258#ifdef QSSLSOCKET_DEBUG -
2259 qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ')'; -
2260#endif -
2261 -
2262 if (mode == QSslSocket::UnencryptedMode) -
2263 emit q->bytesWritten(written); -
2264 else -
2265 emit q->encryptedBytesWritten(written); -
2266 if (state == QAbstractSocket::ClosingState && writeBuffer.isEmpty()) -
2267 q->disconnectFromHost(); -
2268} -
2269 -
2270/*! -
2271 \internal -
2272*/ -
2273void QSslSocketPrivate::_q_flushWriteBuffer() -
2274{ -
2275 Q_Q(QSslSocket); -
2276 if (!writeBuffer.isEmpty()) -
2277 q->flush(); -
2278} -
2279 -
2280/*! -
2281 \internal -
2282*/ -
2283void QSslSocketPrivate::_q_flushReadBuffer() -
2284{ -
2285 // trigger a read from the plainSocket into SSL -
2286 if (mode != QSslSocket::UnencryptedMode) -
2287 transmit(); -
2288} -
2289 -
2290/*! -
2291 \internal -
2292*/ -
2293void QSslSocketPrivate::_q_resumeImplementation() -
2294{ -
2295 Q_Q(QSslSocket); -
2296 if (plainSocket) -
2297 plainSocket->resume(); -
2298 paused = false; -
2299 if (!connectionEncrypted) { -
2300 if (verifyErrorsHaveBeenIgnored()) { -
2301 continueHandshake(); -
2302 } else { -
2303 q->setErrorString(sslErrors.first().errorString()); -
2304 q->setSocketError(QAbstractSocket::SslHandshakeFailedError); -
2305 emit q->error(QAbstractSocket::SslHandshakeFailedError); -
2306 plainSocket->disconnectFromHost(); -
2307 return; -
2308 } -
2309 } -
2310 transmit(); -
2311} -
2312 -
2313/*! -
2314 \internal -
2315*/ -
2316bool QSslSocketPrivate::verifyErrorsHaveBeenIgnored() -
2317{ -
2318 bool doEmitSslError; -
2319 if (!ignoreErrorsList.empty()) { -
2320 // check whether the errors we got are all in the list of expected errors -
2321 // (applies only if the method QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) -
2322 // was called) -
2323 doEmitSslError = false; -
2324 for (int a = 0; a < sslErrors.count(); a++) { -
2325 if (!ignoreErrorsList.contains(sslErrors.at(a))) { -
2326 doEmitSslError = true; -
2327 break; -
2328 } -
2329 } -
2330 } else { -
2331 // if QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) was not called and -
2332 // we get an SSL error, emit a signal unless we ignored all errors (by calling -
2333 // QSslSocket::ignoreSslErrors() ) -
2334 doEmitSslError = !ignoreAllSslErrors; -
2335 } -
2336 return !doEmitSslError; -
2337} -
2338 -
2339/*! -
2340 \internal -
2341*/ -
2342qint64 QSslSocketPrivate::peek(char *data, qint64 maxSize) -
2343{ -
2344 if (mode == QSslSocket::UnencryptedMode && !autoStartHandshake) { -
2345 //unencrypted mode - do not use QIODevice::peek, as it reads ahead data from the plain socket -
2346 //peek at data already in the QIODevice buffer (from a previous read) -
2347 qint64 r = buffer.peek(data, maxSize); -
2348 if (r == maxSize) -
2349 return r; -
2350 data += r; -
2351 //peek at data in the plain socket -
2352 if (plainSocket) { -
2353 qint64 r2 = plainSocket->peek(data, maxSize - r); -
2354 if (r2 < 0) -
2355 return (r > 0 ? r : r2); -
2356 return r + r2; -
2357 } else { -
2358 return -1; -
2359 } -
2360 } else { -
2361 //encrypted mode - the socket engine will read and decrypt data into the QIODevice buffer -
2362 return QTcpSocketPrivate::peek(data, maxSize); -
2363 } -
2364} -
2365 -
2366/*! -
2367 \internal -
2368*/ -
2369QByteArray QSslSocketPrivate::peek(qint64 maxSize) -
2370{ -
2371 if (mode == QSslSocket::UnencryptedMode && !autoStartHandshake) { -
2372 //unencrypted mode - do not use QIODevice::peek, as it reads ahead data from the plain socket -
2373 //peek at data already in the QIODevice buffer (from a previous read) -
2374 QByteArray ret; -
2375 ret.reserve(maxSize); -
2376 ret.resize(buffer.peek(ret.data(), maxSize)); -
2377 if (ret.length() == maxSize) -
2378 return ret; -
2379 //peek at data in the plain socket -
2380 if (plainSocket) -
2381 return ret + plainSocket->peek(maxSize - ret.length()); -
2382 else -
2383 return QByteArray(); -
2384 } else { -
2385 //encrypted mode - the socket engine will read and decrypt data into the QIODevice buffer -
2386 return QTcpSocketPrivate::peek(maxSize); -
2387 } -
2388} -
2389 -
2390/*! -
2391 \internal -
2392*/ -
2393bool QSslSocketPrivate::rootCertOnDemandLoadingSupported() -
2394{ -
2395 return s_loadRootCertsOnDemand;
never executed: return s_loadRootCertsOnDemand;
0
2396} -
2397 -
2398/*! -
2399 \internal -
2400*/ -
2401QList<QByteArray> QSslSocketPrivate::unixRootCertDirectories() -
2402{ -
2403 return QList<QByteArray>() << "/etc/ssl/certs/" // (K)ubuntu, OpenSUSE, Mandriva, MeeGo ...
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2404 << "/usr/lib/ssl/certs/" // Gentoo, Mandrake
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2405 << "/usr/share/ssl/" // Centos, Redhat, SuSE
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2406 << "/usr/local/ssl/" // Normal OpenSSL Tarball
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2407 << "/var/ssl/certs/" // AIX
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2408 << "/usr/local/ssl/certs/" // Solaris
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2409 << "/var/certmgretc/webopenssl/user_trustedcerts/" // BlackBerry
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2410 << "/opt/openssl/certs/"; // HP-UX
executed: return QList<QByteArray>() << "/etc/ssl/certs/" << "/usr/lib/ssl/certs/" << "/usr/share/ssl/" << "/usr/local/ssl/" << "/var/ssl/certs/" << "/usr/local/ssl/certs/" << "/etc/openssl/certs/" << "/opt/openssl/certs/";
Execution Count:55
55
2411} -
2412 -
2413QT_END_NAMESPACE -
2414 -
2415#include "moc_qsslsocket.cpp" -
2416 -
Source codeSwitch to Preprocessed file
Generated by Squish Coco Non-Commercial