KIO

ktcpsocket.h
1 /*
2  This file is part of the KDE libraries
3  SPDX-FileCopyrightText: 2007 Thiago Macieira <[email protected]>
4  SPDX-FileCopyrightText: 2007 Andreas Hartmetz <[email protected]>
5 
6  SPDX-License-Identifier: LGPL-2.0-or-later
7 */
8 
9 #ifndef KTCPSOCKET_H
10 #define KTCPSOCKET_H
11 
12 #include "kiocore_export.h"
13 
14 #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 65)
15 #include "ksslerroruidata.h"
16 
17 #include <QSslConfiguration>
18 #include <QSslSocket>
19 
20 #include <memory>
21 
22 // All classes here are deprecated, no need for clazy to bother
23 // clazy:excludeall=overloaded-signal,fully-qualified-moc-types
24 
25 /*
26  Notes on QCA::TLS compatibility
27  In order to check for all validation problems as far as possible we need to use:
28  Validity QCA::TLS::peerCertificateValidity()
29  TLS::IdentityResult QCA::TLS::peerIdentityResult()
30  CertificateChain QCA::TLS::peerCertificateChain().validate() - to find the failing cert!
31  TLS::Error QCA::TLS::errorCode() - for more generic (but still SSL) errors
32  */
33 
34 class KSslKeyPrivate;
35 
36 /** SSL Key
37  * @deprecated since 5.65, use QSslKey instead.
38  */
39 class KIOCORE_EXPORT KIOCORE_DEPRECATED_VERSION(5, 65, "Use QSslKey") KSslKey
40 {
41 public:
42  enum Algorithm {
43  Rsa = 0,
44  Dsa,
45  Dh,
46  };
47  enum KeySecrecy {
48  PublicKey,
49  PrivateKey,
50  };
51 
52  KSslKey();
53  KSslKey(const KSslKey &other);
54  KSslKey(const QSslKey &sslKey);
55  ~KSslKey();
56  KSslKey &operator=(const KSslKey &other);
57 
58  Algorithm algorithm() const;
59  bool isExportable() const;
60  KeySecrecy secrecy() const;
61  QByteArray toDer() const;
62 
63 private:
64  std::unique_ptr<KSslKeyPrivate> const d;
65 };
66 
67 class KSslCipherPrivate;
68 
69 /** SSL Cipher
70  * @deprecated since 5.65, use QSslCipher instead.
71  */
72 class KIOCORE_EXPORT KIOCORE_DEPRECATED_VERSION(5, 65, "Use QSslCipher") KSslCipher
73 {
74 public:
75  KSslCipher();
76  KSslCipher(const KSslCipher &other);
77  KSslCipher(const QSslCipher &);
78  ~KSslCipher();
79  KSslCipher &operator=(const KSslCipher &other);
80 
81  bool isNull() const;
82  QString authenticationMethod() const;
83  QString encryptionMethod() const;
84  QString keyExchangeMethod() const;
85  QString digestMethod() const;
86  /* mainly for internal use */
87  QString name() const;
88  int supportedBits() const;
89  int usedBits() const;
90 
91  static QList<KSslCipher> supportedCiphers();
92 
93 private:
94  std::unique_ptr<KSslCipherPrivate> const d;
95 };
96 
97 class KSslErrorPrivate;
98 class KTcpSocket;
99 
100 /** To be replaced by QSslError.
101  * @deprecated since 5.65
102  */
103 class KIOCORE_EXPORT KIOCORE_DEPRECATED_VERSION(5, 65, "Use QSslError") KSslError
104 {
105 public:
106  enum Error {
107  NoError = 0,
108  UnknownError,
109  InvalidCertificateAuthorityCertificate,
110  InvalidCertificate,
111  CertificateSignatureFailed,
112  SelfSignedCertificate,
113  ExpiredCertificate,
114  RevokedCertificate,
115  InvalidCertificatePurpose,
116  RejectedCertificate,
117  UntrustedCertificate,
118  NoPeerCertificate,
119  HostNameMismatch,
120  PathLengthExceeded,
121  };
122 
123 #if KIOCORE_ENABLE_DEPRECATED_SINCE(5, 63)
124  /** @deprecated since 5.63, use the QSslError ctor instead. */
125  KIOCORE_DEPRECATED_VERSION(5, 63, "Use KSslError(const QSslError &)")
126  KSslError(KSslError::Error error = NoError, const QSslCertificate &cert = QSslCertificate());
127 #endif
128  KSslError(const QSslError &error);
129  KSslError(const KSslError &other);
130  ~KSslError();
131  KSslError &operator=(const KSslError &other);
132 
133  Error error() const;
134  QString errorString() const;
135  QSslCertificate certificate() const;
136  /**
137  * Returns the QSslError wrapped by this KSslError.
138  * @since 5.63
139  */
140  QSslError sslError() const;
141 
142 private:
143  std::unique_ptr<KSslErrorPrivate> const d;
144 };
145 
146 // consider killing more convenience functions with huge signatures
147 // ### do we need setSession() / session() ?
148 
149 // BIG FAT TODO: do we keep openMode() up to date everywhere it can change?
150 
151 // other TODO: limit possible error strings?, SSL key stuff
152 
153 // TODO protocol (or maybe even application?) dependent automatic proxy choice
154 
155 class KTcpSocketPrivate;
156 class QHostAddress;
157 
158 /** TCP socket.
159  * @deprecated since 5.65, use QSslSocket instead.
160  */
161 class KIOCORE_EXPORT KIOCORE_DEPRECATED_VERSION(5, 65, "Use QSslSocket") KTcpSocket : public QIODevice
162 {
163  Q_OBJECT
164 public:
165  enum State {
166  UnconnectedState = 0,
167  HostLookupState,
168  ConnectingState,
169  ConnectedState,
170  BoundState,
171  ListeningState,
172  ClosingState,
173  // hmmm, do we need an SslNegotiatingState?
174  };
175  enum SslVersion {
176  UnknownSslVersion = 0x01,
177  SslV2 = 0x02, ///< Note: no-op in Qt for a long time
178  SslV3 = 0x04, ///< Note: no-op in Qt for a long time
179  TlsV1 = 0x08,
180  SslV3_1 = 0x08,
181  TlsV1SslV3 = 0x10, ///< Note: same as TlsV1_0
182  SecureProtocols = 0x20,
183  TlsV1_0 = TlsV1,
184  TlsV1_1 = 0x40,
185  TlsV1_2 = 0x80,
186  TlsV1_3 = 0x100,
187  AnySslVersion = SslV2 | SslV3 | TlsV1,
188  };
189  Q_DECLARE_FLAGS(SslVersions, SslVersion)
190 
191  enum Error {
192  UnknownError = 0,
193  ConnectionRefusedError,
194  RemoteHostClosedError,
195  HostNotFoundError,
196  SocketAccessError,
197  SocketResourceError,
198  SocketTimeoutError,
199  NetworkError,
200  UnsupportedSocketOperationError,
201  SslHandshakeFailedError, ///< @since 4.10.5
202  };
203  /*
204  The following is based on reading the OpenSSL interface code of both QSslSocket
205  and QCA::TLS. Barring oversights it should be accurate. The two cases with the
206  question marks apparently will never be emitted by QSslSocket so there is nothing
207  to compare.
208 
209  QSslError::NoError KTcpSocket::NoError
210  QSslError::UnableToGetIssuerCertificate QCA::ErrorSignatureFailed
211  QSslError::UnableToDecryptCertificateSignature QCA::ErrorSignatureFailed
212  QSslError::UnableToDecodeIssuerPublicKey QCA::ErrorInvalidCA
213  QSslError::CertificateSignatureFailed QCA::ErrorSignatureFailed
214  QSslError::CertificateNotYetValid QCA::ErrorExpired
215  QSslError::CertificateExpired QCA::ErrorExpired
216  QSslError::InvalidNotBeforeField QCA::ErrorExpired
217  QSslError::InvalidNotAfterField QCA::ErrorExpired
218  QSslError::SelfSignedCertificate QCA::ErrorSelfSigned
219  QSslError::SelfSignedCertificateInChain QCA::ErrorSelfSigned
220  QSslError::UnableToGetLocalIssuerCertificate QCA::ErrorInvalidCA
221  QSslError::UnableToVerifyFirstCertificate QCA::ErrorSignatureFailed
222  QSslError::CertificateRevoked QCA::ErrorRevoked
223  QSslError::InvalidCaCertificate QCA::ErrorInvalidCA
224  QSslError::PathLengthExceeded QCA::ErrorPathLengthExceeded
225  QSslError::InvalidPurpose QCA::ErrorInvalidPurpose
226  QSslError::CertificateUntrusted QCA::ErrorUntrusted
227  QSslError::CertificateRejected QCA::ErrorRejected
228  QSslError::SubjectIssuerMismatch QCA::TLS::InvalidCertificate ?
229  QSslError::AuthorityIssuerSerialNumberMismatch QCA::TLS::InvalidCertificate ?
230  QSslError::NoPeerCertificate QCA::TLS::NoCertificate
231  QSslError::HostNameMismatch QCA::TLS::HostMismatch
232  QSslError::UnspecifiedError KTcpSocket::UnknownError
233  QSslError::NoSslSupport Never happens :)
234  */
235  enum EncryptionMode {
236  UnencryptedMode = 0,
237  SslClientMode,
238  SslServerMode, // ### not implemented
239  };
240  enum ProxyPolicy {
241  /// Use the proxy that KProtocolManager suggests for the connection parameters given.
242  AutoProxy = 0,
243  /// Use the proxy set by setProxy(), if any; otherwise use no proxy.
244  ManualProxy,
245  };
246 
247  KTcpSocket(QObject *parent = nullptr);
248  ~KTcpSocket() override;
249 
250  // from QIODevice
251  // reimplemented virtuals - the ones not reimplemented are OK for us
252  bool atEnd() const override;
253  qint64 bytesAvailable() const override;
254  qint64 bytesToWrite() const override;
255  bool canReadLine() const override;
256  void close() override;
257  bool isSequential() const override;
258  bool open(QIODevice::OpenMode open) override;
259  bool waitForBytesWritten(int msecs) override;
260  // ### Document that this actually tries to read *more* data
261  bool waitForReadyRead(int msecs = 30000) override;
262 
263 protected:
264  qint64 readData(char *data, qint64 maxSize) override;
265  qint64 writeData(const char *data, qint64 maxSize) override;
266 Q_SIGNALS:
267  /// @since 4.8.1
268  /// Forwarded from QSslSocket
269  void encryptedBytesWritten(qint64 written);
270 
271 public:
272  // from QAbstractSocket
273  void abort();
274  void connectToHost(const QString &hostName, quint16 port, ProxyPolicy policy = AutoProxy);
275  void connectToHost(const QHostAddress &hostAddress, quint16 port, ProxyPolicy policy = AutoProxy);
276 
277  /**
278  * Take the hostname and port from @p url and connect to them. The information from a
279  * full URL enables the most accurate choice of proxy in case of proxy rules that
280  * depend on high-level information like protocol or username.
281  * @see KProtocolManager::proxyForUrl()
282  */
283  void connectToHost(const QUrl &url, ProxyPolicy policy = AutoProxy);
284  void disconnectFromHost();
285  Error error() const; // ### QAbstractSocket's model is strange. error() should be related to the
286  // current state and *NOT* just report the last error if there was one.
287  QList<KSslError> sslErrors() const; // ### the errors returned can only have a subset of all
288  // possible QSslError::SslError enum values depending on backend
289  bool flush();
290  bool isValid() const;
291  QHostAddress localAddress() const;
292  QHostAddress peerAddress() const;
293  QString peerName() const;
294  quint16 peerPort() const;
295  void setVerificationPeerName(const QString &hostName);
296 
297 #ifndef QT_NO_NETWORKPROXY
298  /**
299  * @see: connectToHost()
300  */
301  QNetworkProxy proxy() const;
302 #endif
303  qint64 readBufferSize() const; // probably hard to implement correctly
304 
305 #ifndef QT_NO_NETWORKPROXY
306  /**
307  * @see: connectToHost()
308  */
309  void setProxy(const QNetworkProxy &proxy); // people actually seem to need it
310 #endif
311  void setReadBufferSize(qint64 size);
312  State state() const;
313  bool waitForConnected(int msecs = 30000);
314  bool waitForDisconnected(int msecs = 30000);
315 
316  // from QSslSocket
317  void addCaCertificate(const QSslCertificate &certificate);
318  // bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem,
319  // QRegExp::PatternSyntax syntax = QRegExp::FixedString);
320  void addCaCertificates(const QList<QSslCertificate> &certificates);
321  QList<QSslCertificate> caCertificates() const;
322  QList<KSslCipher> ciphers() const;
323  void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite);
324  // bool isEncrypted() const { return encryptionMode() != UnencryptedMode }
325  QSslCertificate localCertificate() const;
326  QList<QSslCertificate> peerCertificateChain() const;
327  KSslKey privateKey() const;
328  KSslCipher sessionCipher() const;
329  void setCaCertificates(const QList<QSslCertificate> &certificates);
330  void setCiphers(const QList<KSslCipher> &ciphers);
331  // ### void setCiphers(const QString &ciphers); //what about i18n?
332  void setLocalCertificate(const QSslCertificate &certificate);
333  void setLocalCertificate(const QString &fileName, QSsl::EncodingFormat format = QSsl::Pem);
334  void setPrivateKey(const KSslKey &key);
335  void setPrivateKey(const QString &fileName,
336  KSslKey::Algorithm algorithm = KSslKey::Rsa,
337  QSsl::EncodingFormat format = QSsl::Pem,
338  const QByteArray &passPhrase = QByteArray());
339  void setAdvertisedSslVersion(SslVersion version);
340  SslVersion advertisedSslVersion() const; // always equal to last setSslAdvertisedVersion
341  SslVersion negotiatedSslVersion() const; // negotiated version; downgrades are possible.
342  QString negotiatedSslVersionName() const;
343  bool waitForEncrypted(int msecs = 30000);
344 
345  EncryptionMode encryptionMode() const;
346 
347  /**
348  * Returns the state of the socket @p option.
349  *
350  * @see QAbstractSocket::socketOption
351  *
352  * @since 4.5.0
353  */
354  QVariant socketOption(QAbstractSocket::SocketOption options) const;
355 
356  /**
357  * Sets the socket @p option to @p value.
358  *
359  * @see QAbstractSocket::setSocketOption
360  *
361  * @since 4.5.0
362  */
363  void setSocketOption(QAbstractSocket::SocketOption options, const QVariant &value);
364 
365  /**
366  * Returns the socket's SSL configuration.
367  *
368  * @since 4.8.4
369  */
370  QSslConfiguration sslConfiguration() const;
371 
372  /**
373  * Sets the socket's SSL configuration.
374  *
375  * @since 4.8.4
376  */
377  void setSslConfiguration(const QSslConfiguration &configuration);
378 
379 Q_SIGNALS:
380  // from QAbstractSocket
381  void connected();
382  void disconnected();
383  void error(KTcpSocket::Error);
384  void hostFound();
385 #ifndef QT_NO_NETWORKPROXY
386  void proxyAuthenticationRequired(const QNetworkProxy &proxy, QAuthenticator *authenticator);
387 #endif
388  // only for raw socket state, SSL is separate
389  void stateChanged(KTcpSocket::State);
390 
391  // from QSslSocket
392  void encrypted();
393  void encryptionModeChanged(EncryptionMode);
394  void sslErrors(const QList<KSslError> &errors);
395 
396 public Q_SLOTS:
397  void ignoreSslErrors();
398  void startClientEncryption();
399  // void startServerEncryption(); //not implemented
400 private:
401  Q_PRIVATE_SLOT(d, void reemitReadyRead())
402  Q_PRIVATE_SLOT(d, void reemitSocketError(QAbstractSocket::SocketError))
403  Q_PRIVATE_SLOT(d, void reemitSslErrors(const QList<QSslError> &))
404  Q_PRIVATE_SLOT(d, void reemitStateChanged(QAbstractSocket::SocketState))
405  Q_PRIVATE_SLOT(d, void reemitModeChanged(QSslSocket::SslMode))
406 
407  // debugging H4X
408  void showSslErrors();
409 
410  friend class KTcpSocketPrivate;
411  std::unique_ptr<KTcpSocketPrivate> const d;
412 };
413 
414 #endif // deprecated since 5.65
415 
416 #endif // KTCPSOCKET_H
KTcpSocket::SslHandshakeFailedError
@ SslHandshakeFailedError
Definition: ktcpsocket.h:201
QSsl::EncodingFormat
EncodingFormat
KTcpSocket
TCP socket.
Definition: ktcpsocket.h:161
QIODevice::OpenMode
typedef OpenMode
QObject::Q_SLOTS
Q_SLOTSQ_SLOTS
QIODevice::canReadLine
virtual bool canReadLine() const const
QIODevice::open
virtual bool open(QIODevice::OpenMode mode)
QIODevice::waitForReadyRead
virtual bool waitForReadyRead(int msecs)
QIODevice::bytesToWrite
virtual qint64 bytesToWrite() const const
QIODevice::isSequential
virtual bool isSequential() const const
KTcpSocket::ManualProxy
@ ManualProxy
Use the proxy set by setProxy(), if any; otherwise use no proxy.
Definition: ktcpsocket.h:244
KSslKey
SSL Key.
Definition: ktcpsocket.h:39
QObject::Q_SIGNALS
Q_SIGNALSQ_SIGNALS
KSslError
To be replaced by QSslError.
Definition: ktcpsocket.h:103
KSslCipher
SSL Cipher.
Definition: ktcpsocket.h:72
QIODevice::atEnd
virtual bool atEnd() const const
abort
Q_SCRIPTABLE Q_NOREPLY void abort()
QIODevice::bytesAvailable
virtual qint64 bytesAvailable() const const
QIODevice::close
virtual void close()
QIODevice::writeData
virtual qint64 writeData(const char *data, qint64 maxSize)=0
QIODevice::readData
virtual qint64 readData(char *data, qint64 maxSize)=0
QIODevice::waitForBytesWritten
virtual bool waitForBytesWritten(int msecs)
This file is part of the KDE documentation.
Documentation copyright © 1996-2023 The KDE developers.
Generated on Sun Mar 26 2023 04:00:06 by doxygen 1.8.17 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.