ssl/qsslconfiguration.cpp

Source codeSwitch to Preprocessed file
LineSource CodeCoverage
1/**************************************************************************** -
2** -
3** Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies). -
4** Contact: http://www.qt-project.org/legal -
5** -
6** This file is part of the QtNetwork module of the Qt Toolkit. -
7** -
8** $QT_BEGIN_LICENSE:LGPL$ -
9** Commercial License Usage -
10** Licensees holding valid commercial Qt licenses may use this file in -
11** accordance with the commercial license agreement provided with the -
12** Software or, alternatively, in accordance with the terms contained in -
13** a written agreement between you and Digia. For licensing terms and -
14** conditions see http://qt.digia.com/licensing. For further information -
15** use the contact form at http://qt.digia.com/contact-us. -
16** -
17** GNU Lesser General Public License Usage -
18** Alternatively, this file may be used under the terms of the GNU Lesser -
19** General Public License version 2.1 as published by the Free Software -
20** Foundation and appearing in the file LICENSE.LGPL included in the -
21** packaging of this file. Please review the following information to -
22** ensure the GNU Lesser General Public License version 2.1 requirements -
23** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. -
24** -
25** In addition, as a special exception, Digia gives you certain additional -
26** rights. These rights are described in the Digia Qt LGPL Exception -
27** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. -
28** -
29** GNU General Public License Usage -
30** Alternatively, this file may be used under the terms of the GNU -
31** General Public License version 3.0 as published by the Free Software -
32** Foundation and appearing in the file LICENSE.GPL included in the -
33** packaging of this file. Please review the following information to -
34** ensure the GNU General Public License version 3.0 requirements will be -
35** met: http://www.gnu.org/copyleft/gpl.html. -
36** -
37** -
38** $QT_END_LICENSE$ -
39** -
40****************************************************************************/ -
41 -
42#include "qsslconfiguration.h" -
43#include "qsslconfiguration_p.h" -
44#include "qsslsocket.h" -
45#include "qmutex.h" -
46#include "qdebug.h" -
47 -
48QT_BEGIN_NAMESPACE -
49 -
50const QSsl::SslOptions QSslConfigurationPrivate::defaultSslOptions = QSsl::SslOptionDisableEmptyFragments -
51 |QSsl::SslOptionDisableLegacyRenegotiation -
52 |QSsl::SslOptionDisableCompression; -
53 -
54/*! -
55 \class QSslConfiguration -
56 \brief The QSslConfiguration class holds the configuration and state of an SSL connection -
57 \since 4.4 -
58 -
59 \reentrant -
60 \inmodule QtNetwork -
61 \ingroup network -
62 \ingroup ssl -
63 \ingroup shared -
64 -
65 QSslConfiguration is used by Qt networking classes to relay -
66 information about an open SSL connection and to allow the -
67 application to control certain features of that connection. -
68 -
69 The settings that QSslConfiguration currently supports are: -
70 -
71 \list -
72 \li The SSL/TLS protocol to be used -
73 \li The certificate to be presented to the peer during connection -
74 and its associated private key -
75 \li The ciphers allowed to be used for encrypting the connection -
76 \li The list of Certificate Authorities certificates that are -
77 used to validate the peer's certificate -
78 \endlist -
79 -
80 These settings are applied only during the connection -
81 handshake. Setting them after the connection has been established -
82 has no effect. -
83 -
84 The state that QSslConfiguration supports are: -
85 \list -
86 \li The certificate the peer presented during handshake, along -
87 with the chain leading to a CA certificate -
88 \li The cipher used to encrypt this session -
89 \endlist -
90 -
91 The state can only be obtained once the SSL connection starts, but -
92 not necessarily before it's done. Some settings may change during -
93 the course of the SSL connection without need to restart it (for -
94 instance, the cipher can be changed over time). -
95 -
96 State in QSslConfiguration objects cannot be changed. -
97 -
98 QSslConfiguration can be used with QSslSocket and the Network -
99 Access API. -
100 -
101 Note that changing settings in QSslConfiguration is not enough to -
102 change the settings in the related SSL connection. You must call -
103 setSslConfiguration on a modified QSslConfiguration object to -
104 achieve that. The following example illustrates how to change the -
105 protocol to TLSv1_0 in a QSslSocket object: -
106 -
107 \snippet code/src_network_ssl_qsslconfiguration.cpp 0 -
108 -
109 \sa QSsl::SslProtocol, QSslCertificate, QSslCipher, QSslKey, -
110 QSslSocket, QNetworkAccessManager, -
111 QSslSocket::sslConfiguration(), QSslSocket::setSslConfiguration() -
112*/ -
113 -
114/*! -
115 Constructs an empty SSL configuration. This configuration contains -
116 no valid settings and the state will be empty. isNull() will -
117 return true after this constructor is called. -
118 -
119 Once any setter methods are called, isNull() will return false. -
120*/ -
121QSslConfiguration::QSslConfiguration() -
122 : d(new QSslConfigurationPrivate) -
123{ -
124}
executed: }
Execution Count:4164
4164
125 -
126/*! -
127 Copies the configuration and state of \a other. If \a other is -
128 null, this object will be null too. -
129*/ -
130QSslConfiguration::QSslConfiguration(const QSslConfiguration &other) -
131 : d(other.d) -
132{ -
133}
executed: }
Execution Count:978
978
134 -
135/*! -
136 Releases any resources held by QSslConfiguration. -
137*/ -
138QSslConfiguration::~QSslConfiguration() -
139{ -
140 // QSharedDataPointer deletes d for us if necessary -
141} -
142 -
143/*! -
144 Copies the configuration and state of \a other. If \a other is -
145 null, this object will be null too. -
146*/ -
147QSslConfiguration &QSslConfiguration::operator=(const QSslConfiguration &other) -
148{ -
149 d = other.d;
executed (the execution status of this line is deduced): d = other.d;
-
150 return *this;
executed: return *this;
Execution Count:880
880
151} -
152 -
153/*! -
154 \fn void QSslConfiguration::swap(QSslConfiguration &other) -
155 \since 5.0 -
156 -
157 Swaps this SSL configuration instance with \a other. This function -
158 is very fast and never fails. -
159*/ -
160 -
161/*! -
162 Returns true if this QSslConfiguration object is equal to \a -
163 other. -
164 -
165 Two QSslConfiguration objects are considered equal if they have -
166 the exact same settings and state. -
167 -
168 \sa operator!=() -
169*/ -
170bool QSslConfiguration::operator==(const QSslConfiguration &other) const -
171{ -
172 if (d == other.d)
evaluated: d == other.d
TRUEFALSE
yes
Evaluation Count:29
yes
Evaluation Count:4
4-29
173 return true;
executed: return true;
Execution Count:29
29
174 return d->peerCertificate == other.d->peerCertificate &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
175 d->peerCertificateChain == other.d->peerCertificateChain &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
176 d->localCertificate == other.d->localCertificate &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
177 d->privateKey == other.d->privateKey &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
178 d->sessionCipher == other.d->sessionCipher &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
179 d->ciphers == other.d->ciphers &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
180 d->caCertificates == other.d->caCertificates &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
181 d->protocol == other.d->protocol &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
182 d->peerVerifyMode == other.d->peerVerifyMode &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
183 d->peerVerifyDepth == other.d->peerVerifyDepth &&
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
184 d->sslOptions == other.d->sslOptions;
executed: return d->peerCertificate == other.d->peerCertificate && d->peerCertificateChain == other.d->peerCertificateChain && d->localCertificate == other.d->localCertificate && d->privateKey == other.d->privateKey && d->sessionCipher == other.d->sessionCipher && d->ciphers == other.d->ciphers && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && d->peerVerifyDepth == other.d->peerVerifyDepth && d->sslOptions == other.d->sslOptions;
Execution Count:4
4
185} -
186 -
187/*! -
188 \fn QSslConfiguration::operator!=(const QSslConfiguration &other) const -
189 -
190 Returns true if this QSslConfiguration differs from \a other. Two -
191 QSslConfiguration objects are considered different if any state or -
192 setting is different. -
193 -
194 \sa operator==() -
195*/ -
196 -
197/*! -
198 Returns true if this is a null QSslConfiguration object. -
199 -
200 A QSslConfiguration object is null if it has been -
201 default-constructed and no setter methods have been called. -
202 -
203 \sa setProtocol(), setLocalCertificate(), setPrivateKey(), -
204 setCiphers(), setCaCertificates() -
205*/ -
206bool QSslConfiguration::isNull() const -
207{ -
208 return (d->protocol == QSsl::SecureProtocols &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
209 d->peerVerifyMode == QSslSocket::AutoVerifyPeer &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
210 d->peerVerifyDepth == 0 &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
211 d->caCertificates.count() == 0 &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
212 d->ciphers.count() == 0 &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
213 d->localCertificate.isNull() &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
214 d->privateKey.isNull() &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
215 d->peerCertificate.isNull() &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
216 d->peerCertificateChain.count() == 0 &&
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
217 d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
executed: return (d->protocol == QSsl::SecureProtocols && d->peerVerifyMode == QSslSocket::AutoVerifyPeer && d->peerVerifyDepth == 0 && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && d->localCertificate.isNull() && d->privateKey.isNull() && d->peerCertificate.isNull() && d->peerCertificateChain.count() == 0 && d->sslOptions == QSslConfigurationPrivate::defaultSslOptions);
Execution Count:139
139
218} -
219 -
220/*! -
221 Returns the protocol setting for this SSL configuration. -
222 -
223 \sa setProtocol() -
224*/ -
225QSsl::SslProtocol QSslConfiguration::protocol() const -
226{ -
227 return d->protocol;
executed: return d->protocol;
Execution Count:3
3
228} -
229 -
230/*! -
231 Sets the protocol setting for this configuration to be \a -
232 protocol. -
233 -
234 Setting the protocol once the connection has already been -
235 established has no effect. -
236 -
237 \sa protocol() -
238*/ -
239void QSslConfiguration::setProtocol(QSsl::SslProtocol protocol) -
240{ -
241 d->protocol = protocol;
executed (the execution status of this line is deduced): d->protocol = protocol;
-
242}
executed: }
Execution Count:1
1
243 -
244/*! -
245 Returns the verify mode. This mode decides whether QSslSocket should -
246 request a certificate from the peer (i.e., the client requests a -
247 certificate from the server, or a server requesting a certificate from the -
248 client), and whether it should require that this certificate is valid. -
249 -
250 The default mode is AutoVerifyPeer, which tells QSslSocket to use -
251 VerifyPeer for clients, QueryPeer for servers. -
252 -
253 \sa setPeerVerifyMode() -
254*/ -
255QSslSocket::PeerVerifyMode QSslConfiguration::peerVerifyMode() const -
256{ -
257 return d->peerVerifyMode;
executed: return d->peerVerifyMode;
Execution Count:3
3
258} -
259 -
260/*! -
261 Sets the verify mode to \a mode. This mode decides whether QSslSocket -
262 should request a certificate from the peer (i.e., the client requests a -
263 certificate from the server, or a server requesting a certificate from the -
264 client), and whether it should require that this certificate is valid. -
265 -
266 The default mode is AutoVerifyPeer, which tells QSslSocket to use -
267 VerifyPeer for clients, QueryPeer for servers. -
268 -
269 \sa peerVerifyMode() -
270*/ -
271void QSslConfiguration::setPeerVerifyMode(QSslSocket::PeerVerifyMode mode) -
272{ -
273 d->peerVerifyMode = mode;
never executed (the execution status of this line is deduced): d->peerVerifyMode = mode;
-
274}
never executed: }
0
275 -
276 -
277/*! -
278 Returns the maximum number of certificates in the peer's certificate chain -
279 to be checked during the SSL handshake phase, or 0 (the default) if no -
280 maximum depth has been set, indicating that the whole certificate chain -
281 should be checked. -
282 -
283 The certificates are checked in issuing order, starting with the peer's -
284 own certificate, then its issuer's certificate, and so on. -
285 -
286 \sa setPeerVerifyDepth(), peerVerifyMode() -
287*/ -
288int QSslConfiguration::peerVerifyDepth() const -
289{ -
290 return d->peerVerifyDepth;
executed: return d->peerVerifyDepth;
Execution Count:3
3
291} -
292 -
293/*! -
294 Sets the maximum number of certificates in the peer's certificate chain to -
295 be checked during the SSL handshake phase, to \a depth. Setting a depth of -
296 0 means that no maximum depth is set, indicating that the whole -
297 certificate chain should be checked. -
298 -
299 The certificates are checked in issuing order, starting with the peer's -
300 own certificate, then its issuer's certificate, and so on. -
301 -
302 \sa peerVerifyDepth(), setPeerVerifyMode() -
303*/ -
304void QSslConfiguration::setPeerVerifyDepth(int depth) -
305{ -
306 if (depth < 0) {
never evaluated: depth < 0
0
307 qWarning("QSslConfiguration::setPeerVerifyDepth: cannot set negative depth of %d", depth);
never executed (the execution status of this line is deduced): QMessageLogger("ssl/qsslconfiguration.cpp", 307, __PRETTY_FUNCTION__).warning("QSslConfiguration::setPeerVerifyDepth: cannot set negative depth of %d", depth);
-
308 return;
never executed: return;
0
309 } -
310 d->peerVerifyDepth = depth;
never executed (the execution status of this line is deduced): d->peerVerifyDepth = depth;
-
311}
never executed: }
0
312 -
313/*! -
314 Returns the certificate to be presented to the peer during the SSL -
315 handshake process. -
316 -
317 \sa setLocalCertificate() -
318*/ -
319QSslCertificate QSslConfiguration::localCertificate() const -
320{ -
321 return d->localCertificate;
executed: return d->localCertificate;
Execution Count:3
3
322} -
323 -
324/*! -
325 Sets the certificate to be presented to the peer during SSL -
326 handshake to be \a certificate. -
327 -
328 Setting the certificate once the connection has been established -
329 has no effect. -
330 -
331 A certificate is the means of identification used in the SSL -
332 process. The local certificate is used by the remote end to verify -
333 the local user's identity against its list of Certification -
334 Authorities. In most cases, such as in HTTP web browsing, only -
335 servers identify to the clients, so the client does not send a -
336 certificate. -
337 -
338 \sa localCertificate() -
339*/ -
340void QSslConfiguration::setLocalCertificate(const QSslCertificate &certificate) -
341{ -
342 d->localCertificate = certificate;
never executed (the execution status of this line is deduced): d->localCertificate = certificate;
-
343}
never executed: }
0
344 -
345/*! -
346 Returns the peer's digital certificate (i.e., the immediate -
347 certificate of the host you are connected to), or a null -
348 certificate, if the peer has not assigned a certificate. -
349 -
350 The peer certificate is checked automatically during the -
351 handshake phase, so this function is normally used to fetch -
352 the certificate for display or for connection diagnostic -
353 purposes. It contains information about the peer, including -
354 its host name, the certificate issuer, and the peer's public -
355 key. -
356 -
357 Because the peer certificate is set during the handshake phase, it -
358 is safe to access the peer certificate from a slot connected to -
359 the QSslSocket::sslErrors() signal, QNetworkReply::sslErrors() -
360 signal, or the QSslSocket::encrypted() signal. -
361 -
362 If a null certificate is returned, it can mean the SSL handshake -
363 failed, or it can mean the host you are connected to doesn't have -
364 a certificate, or it can mean there is no connection. -
365 -
366 If you want to check the peer's complete chain of certificates, -
367 use peerCertificateChain() to get them all at once. -
368 -
369 \sa peerCertificateChain(), -
370 QSslSocket::sslErrors(), QSslSocket::ignoreSslErrors(), -
371 QNetworkReply::sslErrors(), QNetworkReply::ignoreSslErrors() -
372*/ -
373QSslCertificate QSslConfiguration::peerCertificate() const -
374{ -
375 return d->peerCertificate;
never executed: return d->peerCertificate;
0
376} -
377 -
378/*! -
379 Returns the peer's chain of digital certificates, starting with -
380 the peer's immediate certificate and ending with the CA's -
381 certificate. -
382 -
383 Peer certificates are checked automatically during the handshake -
384 phase. This function is normally used to fetch certificates for -
385 display, or for performing connection diagnostics. Certificates -
386 contain information about the peer and the certificate issuers, -
387 including host name, issuer names, and issuer public keys. -
388 -
389 Because the peer certificate is set during the handshake phase, it -
390 is safe to access the peer certificate from a slot connected to -
391 the QSslSocket::sslErrors() signal, QNetworkReply::sslErrors() -
392 signal, or the QSslSocket::encrypted() signal. -
393 -
394 If an empty list is returned, it can mean the SSL handshake -
395 failed, or it can mean the host you are connected to doesn't have -
396 a certificate, or it can mean there is no connection. -
397 -
398 If you want to get only the peer's immediate certificate, use -
399 peerCertificate(). -
400 -
401 \sa peerCertificate(), -
402 QSslSocket::sslErrors(), QSslSocket::ignoreSslErrors(), -
403 QNetworkReply::sslErrors(), QNetworkReply::ignoreSslErrors() -
404*/ -
405QList<QSslCertificate> QSslConfiguration::peerCertificateChain() const -
406{ -
407 return d->peerCertificateChain;
never executed: return d->peerCertificateChain;
0
408} -
409 -
410/*! -
411 Returns the socket's cryptographic \l {QSslCipher} {cipher}, or a -
412 null cipher if the connection isn't encrypted. The socket's cipher -
413 for the session is set during the handshake phase. The cipher is -
414 used to encrypt and decrypt data transmitted through the socket. -
415 -
416 The SSL infrastructure also provides functions for setting the -
417 ordered list of ciphers from which the handshake phase will -
418 eventually select the session cipher. This ordered list must be in -
419 place before the handshake phase begins. -
420 -
421 \sa ciphers(), setCiphers(), QSslSocket::supportedCiphers() -
422*/ -
423QSslCipher QSslConfiguration::sessionCipher() const -
424{ -
425 return d->sessionCipher;
never executed: return d->sessionCipher;
0
426} -
427 -
428/*! -
429 Returns the \l {QSslKey} {SSL key} assigned to this connection or -
430 a null key if none has been assigned yet. -
431 -
432 \sa setPrivateKey(), localCertificate() -
433*/ -
434QSslKey QSslConfiguration::privateKey() const -
435{ -
436 return d->privateKey;
executed: return d->privateKey;
Execution Count:3
3
437} -
438 -
439/*! -
440 Sets the connection's private \l {QSslKey} {key} to \a key. The -
441 private key and the local \l {QSslCertificate} {certificate} are -
442 used by clients and servers that must prove their identity to -
443 SSL peers. -
444 -
445 Both the key and the local certificate are required if you are -
446 creating an SSL server socket. If you are creating an SSL client -
447 socket, the key and local certificate are required if your client -
448 must identify itself to an SSL server. -
449 -
450 \sa privateKey(), setLocalCertificate() -
451*/ -
452void QSslConfiguration::setPrivateKey(const QSslKey &key) -
453{ -
454 d->privateKey = key;
never executed (the execution status of this line is deduced): d->privateKey = key;
-
455}
never executed: }
0
456 -
457/*! -
458 Returns this connection's current cryptographic cipher suite. This -
459 list is used during the handshake phase for choosing a -
460 session cipher. The returned list of ciphers is ordered by -
461 descending preference. (i.e., the first cipher in the list is the -
462 most preferred cipher). The session cipher will be the first one -
463 in the list that is also supported by the peer. -
464 -
465 By default, the handshake phase can choose any of the ciphers -
466 supported by this system's SSL libraries, which may vary from -
467 system to system. The list of ciphers supported by this system's -
468 SSL libraries is returned by QSslSocket::supportedCiphers(). You can restrict -
469 the list of ciphers used for choosing the session cipher for this -
470 socket by calling setCiphers() with a subset of the supported -
471 ciphers. You can revert to using the entire set by calling -
472 setCiphers() with the list returned by QSslSocket::supportedCiphers(). -
473 -
474 \sa setCiphers(), QSslSocket::supportedCiphers() -
475*/ -
476QList<QSslCipher> QSslConfiguration::ciphers() const -
477{ -
478 return d->ciphers;
executed: return d->ciphers;
Execution Count:3
3
479} -
480 -
481/*! -
482 Sets the cryptographic cipher suite for this socket to \a ciphers, -
483 which must contain a subset of the ciphers in the list returned by -
484 supportedCiphers(). -
485 -
486 Restricting the cipher suite must be done before the handshake -
487 phase, where the session cipher is chosen. -
488 -
489 \sa ciphers(), QSslSocket::supportedCiphers() -
490*/ -
491void QSslConfiguration::setCiphers(const QList<QSslCipher> &ciphers) -
492{ -
493 d->ciphers = ciphers;
never executed (the execution status of this line is deduced): d->ciphers = ciphers;
-
494}
never executed: }
0
495 -
496/*! -
497 Returns this connection's CA certificate database. The CA certificate -
498 database is used by the socket during the handshake phase to -
499 validate the peer's certificate. It can be modified prior to the -
500 handshake with setCaCertificates(), or with \l{QSslSocket}'s -
501 \l{QSslSocket::}{addCaCertificate()} and -
502 \l{QSslSocket::}{addCaCertificates()}. -
503 -
504 \sa setCaCertificates() -
505*/ -
506QList<QSslCertificate> QSslConfiguration::caCertificates() const -
507{ -
508 return d->caCertificates;
executed: return d->caCertificates;
Execution Count:3
3
509} -
510 -
511/*! -
512 Sets this socket's CA certificate database to be \a certificates. -
513 The certificate database must be set prior to the SSL handshake. -
514 The CA certificate database is used by the socket during the -
515 handshake phase to validate the peer's certificate. -
516 -
517 \sa caCertificates() -
518*/ -
519void QSslConfiguration::setCaCertificates(const QList<QSslCertificate> &certificates) -
520{ -
521 d->caCertificates = certificates;
executed (the execution status of this line is deduced): d->caCertificates = certificates;
-
522}
executed: }
Execution Count:2
2
523 -
524/*! -
525 Enables or disables an SSL compatibility \a option. If \a on -
526 is true, the \a option is enabled. If \a on is false, the -
527 \a option is disabled. -
528 -
529 \sa testSslOption() -
530*/ -
531void QSslConfiguration::setSslOption(QSsl::SslOption option, bool on) -
532{ -
533 if (on)
never evaluated: on
0
534 d->sslOptions |= option;
never executed: d->sslOptions |= option;
0
535 else -
536 d->sslOptions &= ~option;
never executed: d->sslOptions &= ~option;
0
537} -
538 -
539/*! -
540 \since 4.8 -
541 -
542 Returns true if the specified SSL compatibility \a option is enabled. -
543 -
544 \sa setSslOption() -
545*/ -
546bool QSslConfiguration::testSslOption(QSsl::SslOption option) const -
547{ -
548 return d->sslOptions & option;
never executed: return d->sslOptions & option;
0
549} -
550 -
551/*! -
552 Returns the default SSL configuration to be used in new SSL -
553 connections. -
554 -
555 The default SSL configuration consists of: -
556 -
557 \list -
558 \li no local certificate and no private key -
559 \li protocol SecureProtocols (meaning either TLS 1.0 or SSL 3 will be used) -
560 \li the system's default CA certificate list -
561 \li the cipher list equal to the list of the SSL libraries' -
562 supported SSL ciphers -
563 \endlist -
564 -
565 \sa QSslSocket::supportedCiphers(), setDefaultConfiguration() -
566*/ -
567QSslConfiguration QSslConfiguration::defaultConfiguration() -
568{ -
569 return QSslConfigurationPrivate::defaultConfiguration();
executed: return QSslConfigurationPrivate::defaultConfiguration();
Execution Count:679
679
570} -
571 -
572/*! -
573 Sets the default SSL configuration to be used in new SSL -
574 connections to be \a configuration. Existing connections are not -
575 affected by this call. -
576 -
577 \sa QSslSocket::supportedCiphers(), defaultConfiguration() -
578*/ -
579void QSslConfiguration::setDefaultConfiguration(const QSslConfiguration &configuration) -
580{ -
581 QSslConfigurationPrivate::setDefaultConfiguration(configuration);
never executed (the execution status of this line is deduced): QSslConfigurationPrivate::setDefaultConfiguration(configuration);
-
582}
never executed: }
0
583 -
584QT_END_NAMESPACE -
585 -
Source codeSwitch to Preprocessed file
Generated by Squish Coco Non-Commercial