annotate ui/sslconnection_bare.cpp @ 1306:845048d4a69f

(issue159) Use user specific appdata directory for nss list with simple rights. Using the ProgramData folder with resticted access rights failed in case the process was not elevated.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 13 Oct 2014 12:31:37 +0200
parents 2efdf2faf4e5
children
rev   line source
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
2 * Software engineering by Intevation GmbH
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
3 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
6 * See LICENSE.txt for details.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
7 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 /* TODO: Wrap ssl_session in a class for reuse.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9 * see programs/ssl/ssl_client2.c for example of session reuse */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
10 #include "sslconnection_bare.h"
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
11 #include "sslhelp.h"
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
12
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
13 #include <QFile>
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
14 #include <QSaveFile>
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #include <QUuid>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 #include <QApplication>
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 #define MAX_IO_TRIES 10
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 #define MAX_RESETS 10
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
21 #ifdef CONNECTION_DEBUG
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
22 static void my_debug(void *ctx, int level, const char *str)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
23 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24 fprintf((FILE *) ctx, "%s", str);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 fflush((FILE *) ctx);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
27 #endif
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
28
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
29 SSLConnectionBare::SSLConnectionBare(const QString& url,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
30 const QByteArray& certificate):
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
31 SSLConnection (url, certificate)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
32 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
33 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
34
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
35 memset(&mSSL, 0, sizeof(ssl_context));
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
36 memset(&mSavedSession, 0, sizeof( ssl_session ) );
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
37
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
38 ret = init();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
39 if (ret == 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
40 mInitialized = true;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
41 } else {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
42 qDebug() << "Initialization error: " + getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
43 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
44 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
45
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
46 int SSLConnectionBare::init()
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
47 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
48 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
49 QUuid uuid = QUuid::createUuid();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
50 QString personalString = QApplication::applicationName() + uuid.toString();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
51 QByteArray personalBa = personalString.toLocal8Bit();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
52
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
53 x509_crt_init(&mX509PinnedCert);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
54 entropy_init(&mEntropy);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
55
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
56 ret = ssl_init(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
57 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
58 /* The only documented error is malloc failed */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
59 mErrorState = ErrUnknown;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
60 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
61 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
62
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
63 /*
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
64 * Initialize random generator.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
65 * Personalisation string, does not need to be random but
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
66 * should be unique according to documentation.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
67 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
68 * the ctr_drbg structure does not need to be freed explicitly.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
69 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
70 ret = ctr_drbg_init(&mCtr_drbg, entropy_func, &mEntropy,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
71 (const unsigned char*) personalBa.constData(),
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
72 personalBa.size());
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
73 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
74 ssl_free(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
75 mErrorState = ErrUnknown;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
76 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
77 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
78
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
79 ret = x509_crt_parse(&mX509PinnedCert,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
80 (const unsigned char*) mPinnedCert.constData(),
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
81 mPinnedCert.size());
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
82 if (ret != 0){
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
83 ssl_free(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
84 mErrorState = InvalidPinnedCertificate;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
85 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
86 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
87
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
88 ssl_set_endpoint(&mSSL, SSL_IS_CLIENT);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
89 ssl_set_authmode(&mSSL, SSL_VERIFY_OPTIONAL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
90 ssl_set_ca_chain(&mSSL, &mX509PinnedCert, NULL, NULL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
91 ssl_set_renegotiation(&mSSL, SSL_RENEGOTIATION_DISABLED);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
92 ssl_set_rng(&mSSL, ctr_drbg_random, &mCtr_drbg);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
93 #ifdef RELEASE_BUILD
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
94 ssl_set_min_version(&mSSL, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
95 #endif
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
96
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
97 #ifdef CONNECTION_DEBUG
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
98 ssl_set_dbg(&mSSL, my_debug, stdout);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
99 #endif
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
100
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
101 return 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
102 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
103
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
104 SSLConnectionBare::~SSLConnectionBare() {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
105 disconnect();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
106 x509_crt_free(&mX509PinnedCert);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
107 entropy_free(&mEntropy);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
108 if (mInitialized) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
109 ssl_free(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
110 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
111 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
112
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
113 void SSLConnectionBare::disconnect() {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
114 if (mConnected) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
115 ssl_close_notify(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
116 if (mServerFD != -1) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
117 net_close(mServerFD);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
118 mServerFD = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
119 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
120 ssl_session_free(&mSavedSession);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
121 mConnected = false;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
122 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
123 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
124
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
125 int SSLConnectionBare::connect() {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
126 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
127
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
128 if (!mInitialized) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
129 mErrorState = ErrUnknown;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
130 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
131 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
132
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
133 ret = net_connect(&mServerFD, mUrl.host().toLatin1().constData(),
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
134 mUrl.port(443));
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
135
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
136 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
137 qDebug() << "Connect failed: " << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
138 mErrorState = NoConnection;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
139 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
140 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
141
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
142 ssl_set_bio(&mSSL, net_recv, &mServerFD,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
143 net_send, &mServerFD);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
144
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
145 while ((ret = ssl_handshake(&mSSL)) != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
146 if (ret != POLARSSL_ERR_NET_WANT_READ &&
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
147 ret != POLARSSL_ERR_NET_WANT_WRITE) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
148 qDebug() << "SSL Handshake failed: " << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
149 mErrorState = SSLHandshakeFailed;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
150 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
151 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
152 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
153
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
154 ret = ssl_get_session(&mSSL, &mSavedSession);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
155 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
156 qDebug() << "SSL get session failed: " << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
157
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
158 mErrorState = NoConnection;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
159 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
160 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
161 printf( " ok\n [ Ciphersuite is %s ]\n",
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
162 ssl_get_ciphersuite( &mSSL) );
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
163 ret = validateCertificate();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
164
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
165 if (ret == 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
166 mConnected = true;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
167 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
168 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
169 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
170
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
171 int SSLConnectionBare::validateCertificate()
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
172 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
173 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
174 const x509_crt *peerCert = NULL;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
175
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
176 /* we might want to set the verify function
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
177 * with ssl_set_verify before to archive the
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
178 * certificate pinning. */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
179
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
180 ret = ssl_get_verify_result(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
181
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
182 if (ret != 0 ) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
183 if((ret & BADCERT_EXPIRED) != 0)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
184 qDebug() << "server certificate has expired";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
185 if((ret & BADCERT_REVOKED) != 0)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
186 qDebug() << "server certificate has been revoked";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
187 if((ret & BADCERT_CN_MISMATCH) != 0)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
188 qDebug() << "CN mismatch";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
189 if((ret & BADCERT_NOT_TRUSTED) != 0)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
190 qDebug() << "self-signed or not signed by a trusted CA";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
191 #ifdef RELEASE_BUILD
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
192 mErrorState = InvalidCertificate;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
193 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
194 #endif
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
195 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
196
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
197 peerCert = ssl_get_peer_cert(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
198
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
199 if (!peerCert) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
200 mErrorState = InvalidCertificate;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
201 qDebug() << "Failed to get peer cert";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
202 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
203 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
204
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
205 if (peerCert->raw.len == 0 ||
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
206 peerCert->raw.len != mX509PinnedCert.raw.len) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
207 mErrorState = InvalidCertificate;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
208 qDebug() << "Certificate length mismatch";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
209 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
210 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
211
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
212 /* You can never be sure what those c++ operators do..
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
213 if (mPinnedCert != QByteArray::fromRawData(
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
214 (const char*) peerCert->raw.p,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
215 peerCert->raw.len)) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
216 qDebug() << "Certificate content mismatch";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
217 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
218 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
219
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
220 for (unsigned int i = 0; i < peerCert->raw.len; i++) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
221 if (peerCert->raw.p[i] != mX509PinnedCert.raw.p[i]) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
222 qDebug() << "Certificate content mismatch";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
223 mErrorState = InvalidCertificate;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
224 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
225 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
226 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
227 return 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
228 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
229
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
230 int SSLConnectionBare::write (const QByteArray& request)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
231 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
232 unsigned int tries = 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
233 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
234
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
235 const unsigned char *buf = (const unsigned char *) request.constData();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
236 size_t len = (size_t) request.size();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
237
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
238 if (mNeedsReset) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
239 ret = reset();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
240 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
241 qDebug() << "Reset failed: " << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
242 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
243 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
244 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
245
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
246 qDebug() << "Sending request: " << request;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
247 /* According to doc for ssl_write:
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
248 *
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
249 * When this function returns POLARSSL_ERR_NET_WANT_WRITE,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
250 * it must be called later with the same arguments,
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
251 * until it returns a positive value.
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
252 */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
253 do {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
254 ret = ssl_write(&mSSL, buf, len);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
255 if (ret >= 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
256 if ((unsigned int) ret == len) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
257 return 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
258 } else {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
259 qDebug() << "Write failed to write everything";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
260 return -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
261 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
262 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
263 if (ret != POLARSSL_ERR_NET_WANT_WRITE &&
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
264 ret != POLARSSL_ERR_NET_WANT_READ) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
265 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
266 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
267 tries++;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
268 net_usleep(100000); /* sleep 100ms to give the socket a chance
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
269 to clean up. */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
270 } while (tries < MAX_IO_TRIES);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
271
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
272 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
273 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
274
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
275
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
276 int SSLConnectionBare::reset()
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
277 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
278 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
279 ssl_close_notify(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
280
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
281 ret = ssl_session_reset(&mSSL);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
282 if (ret != 0)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
283 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
284 qDebug() << "SSL Connection reset failed: "
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
285 << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
286 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
287 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
288
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
289 ssl_set_session(&mSSL, &mSavedSession);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
290
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
291 ret = net_connect(&mServerFD, mUrl.host().toLatin1().constData(),
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
292 mUrl.port(443));
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
293
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
294 if (ret != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
295 mErrorState = NoConnection;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
296 qDebug() << "Connection failed." << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
297 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
298 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
299
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
300 while ((ret = ssl_handshake(&mSSL)) != 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
301 if (ret != POLARSSL_ERR_NET_WANT_READ &&
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
302 ret != POLARSSL_ERR_NET_WANT_WRITE) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
303 qDebug() << "SSL Handshake failed: "
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
304 << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
305 mErrorState = SSLHandshakeFailed;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
306 return ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
307 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
308 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
309
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
310 qDebug() << "Reset connection. ";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
311 /* Validation should not be necessary as we reused a saved
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
312 * session. But just to be sure. */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
313 return validateCertificate();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
314 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
315
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
316 QByteArray SSLConnectionBare::read(size_t len)
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
317 {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
318 unsigned char buf[len];
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
319 QByteArray retval("");
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
320 int ret = -1;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
321 unsigned int tries = 0;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
322
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
323 mNeedsReset = true;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
324 do {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
325 memset (buf, 0, sizeof(buf));
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
326 ret = ssl_read(&mSSL, buf, len);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
327 if (ret == 0 ||
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
328 ret == POLARSSL_ERR_SSL_CONN_EOF ||
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
329 ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
330 /* EOF */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
331 return retval;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
332 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
333 if (ret == POLARSSL_ERR_NET_WANT_WRITE ||
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
334 ret == POLARSSL_ERR_NET_WANT_READ) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
335 net_usleep(100000); /* sleep 100ms to give the socket a chance
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
336 to recover */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
337 tries++;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
338 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
339 if (ret <= 0) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
340 qDebug() << "Read failed: " << getPolarSSLErrorMsg(ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
341 return QByteArray();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
342 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
343 if (len < (len - (unsigned int) ret)) {
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
344 /* Should never happen if ssl_read behaves */
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
345 qDebug() << "integer overflow in polarSSLRead";
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
346 return QByteArray();
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
347 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
348 len -= (unsigned int) ret;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
349 retval.append((const char *)buf, ret);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
350 } while (len > 0 && tries < MAX_IO_TRIES);
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
351
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
352 return retval;
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
353 }
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
354
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
355 QMap<QString, QString> SSLConnectionBare::parseHeaders(QByteArray *data)
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
356 {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
357 int bodyStart = data->indexOf("\r\n\r\n");
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
358 QMap<QString, QString> retval;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
359 QByteArray headers;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
360 QString response(*data);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
361 if (bodyStart == -1) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
362 qDebug() << "Could not find header end.";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
363 return retval;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
364 }
908
d1c951b3012d Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
365
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
366 /* Take the headers with one additional line break */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
367 headers = data->left(bodyStart + 2);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
368 /* Chop off the head */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
369
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
370 foreach (const QString& line, response.split("\r\n")) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
371 int sepPos = -1;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
372 sepPos = line.indexOf(": ");
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
373 if (sepPos == -1) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
374 continue;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
375 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
376 QString key = line.left(sepPos);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
377 QString value = line.right(line.size() - sepPos - 2);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
378
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
379 retval.insert(key, value);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
380 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
381
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
382 *data = data->right(data->size() - bodyStart - 4);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
383 return retval;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
384 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
385
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
386 QDateTime SSLConnectionBare::getLastModifiedHeader(const QString &resource) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
387 int ret = -1;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
388 QByteArray response;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
389 QLocale cLocale = QLocale::c();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
390 QMap<QString, QString> headers;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
391 QString headRequest =
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
392 QString::fromLatin1("HEAD %1 HTTP/1.0\r\n\r\n").arg(resource);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
393
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
394 ret = write(headRequest.toUtf8());
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
395 if (ret != 0) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
396 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
397 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
398
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
399 response = read(1024);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
400
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
401 qDebug() << "Response from server was: " << response;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
402
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
403 if (response.isNull()) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
404 qDebug() << "No response";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
405 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
406 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
407
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
408 headers = parseHeaders(&response);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
409 const QString lastModified = headers.value("Last-Modified");
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
410 if (!lastModified.isEmpty()) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
411 QDateTime candidate = cLocale.toDateTime(lastModified,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
412 "ddd, dd MMM yyyy HH:mm:ss' GMT'");
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
413 if (candidate.isValid()) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
414 return candidate;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
415 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
416 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
417 return QDateTime();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
418 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
419
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
420 bool SSLConnectionBare::downloadFile(const QString &resource,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
421 const QString &fileName,
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
422 size_t maxSize)
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
423 {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
424 int ret = -1;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
425 size_t bytesRead = 0;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
426 QString getRequest =
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
427 QString::fromLatin1("GET %1 HTTP/1.0\r\n\r\n").arg(resource);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
428
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
429 QSaveFile outputFile(fileName);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
430
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
431 ret = write(getRequest.toUtf8());
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
432
913
9bcd8ed36f4b Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
433 if (ret != 0) {
9bcd8ed36f4b Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
434 qDebug() << "Failed to send request.";
9bcd8ed36f4b Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
435 return false;
9bcd8ed36f4b Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
436 }
9bcd8ed36f4b Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents: 910
diff changeset
437
910
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
438 // Open / Create the file to write to.
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
439 if (!outputFile.open(QIODevice::WriteOnly)) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
440 qDebug() << "Failed to open file";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
441 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
442 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
443
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
444 bool inBody = false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
445 QMap <QString, QString> headers;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
446 do {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
447 /* Read the response in 8KiB chunks */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
448 int responseSize = 0;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
449 QByteArray response = read(8192);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
450 if (response.isNull()) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
451 qDebug() << "Error reading response";
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
452 return false;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
453 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
454 responseSize = response.size();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
455 if (!inBody) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
456 headers = parseHeaders(&response);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
457 inBody = true;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
458 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
459 outputFile.write(response);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
460 bytesRead += responseSize;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
461 if (responseSize < 8192) {
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
462 /* Nothing more to read */
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
463 break;
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
464 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
465 } while (bytesRead < maxSize);
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
466
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
467 return outputFile.commit();
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
468 }
eaed02defe6a More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents: 908
diff changeset
469
990
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 913
diff changeset
470 void SSLConnectionBare::setCiphersuites(int ciphers[]) {
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 913
diff changeset
471 if (mInitialized) {
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 913
diff changeset
472 ssl_set_ciphersuites(&mSSL, ciphers);
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 913
diff changeset
473 }
2949f1842955 (issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents: 913
diff changeset
474 }

http://wald.intevation.org/projects/trustbridge/