Mercurial > trustbridge
annotate ui/sslconnection_bare.cpp @ 1395:a2574a029322
Fix Base 64 signature size calculation.
If the signature byte size is not equally dividable
by three the base 64 encoding needs three additional bytes.
The value is now fixed to avoid such errors in the future.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 26 Jan 2015 13:17:32 +0100 |
parents | 2efdf2faf4e5 |
children |
rev | line source |
---|---|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 * |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 /* TODO: Wrap ssl_session in a class for reuse. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 * see programs/ssl/ssl_client2.c for example of session reuse */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
10 #include "sslconnection_bare.h" |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
11 #include "sslhelp.h" |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
12 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
13 #include <QFile> |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
14 #include <QSaveFile> |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 #include <QUuid> |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 #include <QApplication> |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #define MAX_IO_TRIES 10 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 #define MAX_RESETS 10 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 #ifdef CONNECTION_DEBUG |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 static void my_debug(void *ctx, int level, const char *str) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 fprintf((FILE *) ctx, "%s", str); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 fflush((FILE *) ctx); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
27 #endif |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
28 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
29 SSLConnectionBare::SSLConnectionBare(const QString& url, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
30 const QByteArray& certificate): |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
31 SSLConnection (url, certificate) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
32 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
33 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
34 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
35 memset(&mSSL, 0, sizeof(ssl_context)); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
36 memset(&mSavedSession, 0, sizeof( ssl_session ) ); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
37 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
38 ret = init(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
39 if (ret == 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
40 mInitialized = true; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
41 } else { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
42 qDebug() << "Initialization error: " + getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
43 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
44 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
45 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
46 int SSLConnectionBare::init() |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
47 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
48 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
49 QUuid uuid = QUuid::createUuid(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
50 QString personalString = QApplication::applicationName() + uuid.toString(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
51 QByteArray personalBa = personalString.toLocal8Bit(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
52 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
53 x509_crt_init(&mX509PinnedCert); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
54 entropy_init(&mEntropy); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
55 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
56 ret = ssl_init(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
57 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
58 /* The only documented error is malloc failed */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
59 mErrorState = ErrUnknown; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
60 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
61 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
62 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
63 /* |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
64 * Initialize random generator. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
65 * Personalisation string, does not need to be random but |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
66 * should be unique according to documentation. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
67 * |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
68 * the ctr_drbg structure does not need to be freed explicitly. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
69 */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
70 ret = ctr_drbg_init(&mCtr_drbg, entropy_func, &mEntropy, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
71 (const unsigned char*) personalBa.constData(), |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
72 personalBa.size()); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
73 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
74 ssl_free(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
75 mErrorState = ErrUnknown; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
76 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
77 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
78 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
79 ret = x509_crt_parse(&mX509PinnedCert, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
80 (const unsigned char*) mPinnedCert.constData(), |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
81 mPinnedCert.size()); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
82 if (ret != 0){ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
83 ssl_free(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
84 mErrorState = InvalidPinnedCertificate; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
85 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
86 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
87 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
88 ssl_set_endpoint(&mSSL, SSL_IS_CLIENT); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
89 ssl_set_authmode(&mSSL, SSL_VERIFY_OPTIONAL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
90 ssl_set_ca_chain(&mSSL, &mX509PinnedCert, NULL, NULL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
91 ssl_set_renegotiation(&mSSL, SSL_RENEGOTIATION_DISABLED); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
92 ssl_set_rng(&mSSL, ctr_drbg_random, &mCtr_drbg); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
93 #ifdef RELEASE_BUILD |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
94 ssl_set_min_version(&mSSL, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
95 #endif |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
96 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
97 #ifdef CONNECTION_DEBUG |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
98 ssl_set_dbg(&mSSL, my_debug, stdout); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
99 #endif |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
100 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
101 return 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
102 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
103 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
104 SSLConnectionBare::~SSLConnectionBare() { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
105 disconnect(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
106 x509_crt_free(&mX509PinnedCert); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
107 entropy_free(&mEntropy); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
108 if (mInitialized) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
109 ssl_free(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
110 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
111 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
112 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
113 void SSLConnectionBare::disconnect() { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
114 if (mConnected) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
115 ssl_close_notify(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
116 if (mServerFD != -1) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
117 net_close(mServerFD); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
118 mServerFD = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
119 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
120 ssl_session_free(&mSavedSession); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
121 mConnected = false; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
122 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
123 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
124 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
125 int SSLConnectionBare::connect() { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
126 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
127 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
128 if (!mInitialized) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
129 mErrorState = ErrUnknown; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
130 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
131 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
132 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
133 ret = net_connect(&mServerFD, mUrl.host().toLatin1().constData(), |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
134 mUrl.port(443)); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
135 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
136 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
137 qDebug() << "Connect failed: " << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
138 mErrorState = NoConnection; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
139 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
140 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
141 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
142 ssl_set_bio(&mSSL, net_recv, &mServerFD, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
143 net_send, &mServerFD); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
144 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
145 while ((ret = ssl_handshake(&mSSL)) != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
146 if (ret != POLARSSL_ERR_NET_WANT_READ && |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
147 ret != POLARSSL_ERR_NET_WANT_WRITE) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
148 qDebug() << "SSL Handshake failed: " << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
149 mErrorState = SSLHandshakeFailed; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
150 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
151 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
152 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
153 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
154 ret = ssl_get_session(&mSSL, &mSavedSession); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
155 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
156 qDebug() << "SSL get session failed: " << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
157 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
158 mErrorState = NoConnection; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
159 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
160 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
161 printf( " ok\n [ Ciphersuite is %s ]\n", |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
162 ssl_get_ciphersuite( &mSSL) ); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
163 ret = validateCertificate(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
164 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
165 if (ret == 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
166 mConnected = true; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
167 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
168 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
169 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
170 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
171 int SSLConnectionBare::validateCertificate() |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
172 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
173 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
174 const x509_crt *peerCert = NULL; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
175 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
176 /* we might want to set the verify function |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
177 * with ssl_set_verify before to archive the |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
178 * certificate pinning. */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
179 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
180 ret = ssl_get_verify_result(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
181 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
182 if (ret != 0 ) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
183 if((ret & BADCERT_EXPIRED) != 0) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
184 qDebug() << "server certificate has expired"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
185 if((ret & BADCERT_REVOKED) != 0) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
186 qDebug() << "server certificate has been revoked"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
187 if((ret & BADCERT_CN_MISMATCH) != 0) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
188 qDebug() << "CN mismatch"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
189 if((ret & BADCERT_NOT_TRUSTED) != 0) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
190 qDebug() << "self-signed or not signed by a trusted CA"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
191 #ifdef RELEASE_BUILD |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
192 mErrorState = InvalidCertificate; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
193 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
194 #endif |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
195 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
196 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
197 peerCert = ssl_get_peer_cert(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
198 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
199 if (!peerCert) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
200 mErrorState = InvalidCertificate; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
201 qDebug() << "Failed to get peer cert"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
202 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
203 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
204 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
205 if (peerCert->raw.len == 0 || |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
206 peerCert->raw.len != mX509PinnedCert.raw.len) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
207 mErrorState = InvalidCertificate; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
208 qDebug() << "Certificate length mismatch"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
209 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
210 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
211 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
212 /* You can never be sure what those c++ operators do.. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
213 if (mPinnedCert != QByteArray::fromRawData( |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
214 (const char*) peerCert->raw.p, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
215 peerCert->raw.len)) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
216 qDebug() << "Certificate content mismatch"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
217 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
218 */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
219 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
220 for (unsigned int i = 0; i < peerCert->raw.len; i++) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
221 if (peerCert->raw.p[i] != mX509PinnedCert.raw.p[i]) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
222 qDebug() << "Certificate content mismatch"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
223 mErrorState = InvalidCertificate; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
224 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
225 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
226 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
227 return 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
228 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
229 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
230 int SSLConnectionBare::write (const QByteArray& request) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
231 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
232 unsigned int tries = 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
233 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
234 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
235 const unsigned char *buf = (const unsigned char *) request.constData(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
236 size_t len = (size_t) request.size(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
237 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
238 if (mNeedsReset) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
239 ret = reset(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
240 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
241 qDebug() << "Reset failed: " << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
242 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
243 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
244 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
245 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
246 qDebug() << "Sending request: " << request; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
247 /* According to doc for ssl_write: |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
248 * |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
249 * When this function returns POLARSSL_ERR_NET_WANT_WRITE, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
250 * it must be called later with the same arguments, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
251 * until it returns a positive value. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
252 */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
253 do { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
254 ret = ssl_write(&mSSL, buf, len); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
255 if (ret >= 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
256 if ((unsigned int) ret == len) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
257 return 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
258 } else { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
259 qDebug() << "Write failed to write everything"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
260 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
261 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
262 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
263 if (ret != POLARSSL_ERR_NET_WANT_WRITE && |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
264 ret != POLARSSL_ERR_NET_WANT_READ) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
265 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
266 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
267 tries++; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
268 net_usleep(100000); /* sleep 100ms to give the socket a chance |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
269 to clean up. */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
270 } while (tries < MAX_IO_TRIES); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
271 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
272 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
273 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
274 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
275 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
276 int SSLConnectionBare::reset() |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
277 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
278 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
279 ssl_close_notify(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
280 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
281 ret = ssl_session_reset(&mSSL); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
282 if (ret != 0) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
283 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
284 qDebug() << "SSL Connection reset failed: " |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
285 << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
286 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
287 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
288 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
289 ssl_set_session(&mSSL, &mSavedSession); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
290 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
291 ret = net_connect(&mServerFD, mUrl.host().toLatin1().constData(), |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
292 mUrl.port(443)); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
293 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
294 if (ret != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
295 mErrorState = NoConnection; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
296 qDebug() << "Connection failed." << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
297 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
298 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
299 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
300 while ((ret = ssl_handshake(&mSSL)) != 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
301 if (ret != POLARSSL_ERR_NET_WANT_READ && |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
302 ret != POLARSSL_ERR_NET_WANT_WRITE) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
303 qDebug() << "SSL Handshake failed: " |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
304 << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
305 mErrorState = SSLHandshakeFailed; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
306 return ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
307 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
308 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
309 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
310 qDebug() << "Reset connection. "; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
311 /* Validation should not be necessary as we reused a saved |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
312 * session. But just to be sure. */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
313 return validateCertificate(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
314 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
315 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
316 QByteArray SSLConnectionBare::read(size_t len) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
317 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
318 unsigned char buf[len]; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
319 QByteArray retval(""); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
320 int ret = -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
321 unsigned int tries = 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
322 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
323 mNeedsReset = true; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
324 do { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
325 memset (buf, 0, sizeof(buf)); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
326 ret = ssl_read(&mSSL, buf, len); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
327 if (ret == 0 || |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
328 ret == POLARSSL_ERR_SSL_CONN_EOF || |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
329 ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
330 /* EOF */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
331 return retval; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
332 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
333 if (ret == POLARSSL_ERR_NET_WANT_WRITE || |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
334 ret == POLARSSL_ERR_NET_WANT_READ) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
335 net_usleep(100000); /* sleep 100ms to give the socket a chance |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
336 to recover */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
337 tries++; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
338 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
339 if (ret <= 0) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
340 qDebug() << "Read failed: " << getPolarSSLErrorMsg(ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
341 return QByteArray(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
342 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
343 if (len < (len - (unsigned int) ret)) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
344 /* Should never happen if ssl_read behaves */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
345 qDebug() << "integer overflow in polarSSLRead"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
346 return QByteArray(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
347 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
348 len -= (unsigned int) ret; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
349 retval.append((const char *)buf, ret); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
350 } while (len > 0 && tries < MAX_IO_TRIES); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
351 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
352 return retval; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
353 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
354 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
355 QMap<QString, QString> SSLConnectionBare::parseHeaders(QByteArray *data) |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
356 { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
357 int bodyStart = data->indexOf("\r\n\r\n"); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
358 QMap<QString, QString> retval; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
359 QByteArray headers; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
360 QString response(*data); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
361 if (bodyStart == -1) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
362 qDebug() << "Could not find header end."; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
363 return retval; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
364 } |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
365 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
366 /* Take the headers with one additional line break */ |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
367 headers = data->left(bodyStart + 2); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
368 /* Chop off the head */ |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
369 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
370 foreach (const QString& line, response.split("\r\n")) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
371 int sepPos = -1; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
372 sepPos = line.indexOf(": "); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
373 if (sepPos == -1) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
374 continue; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
375 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
376 QString key = line.left(sepPos); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
377 QString value = line.right(line.size() - sepPos - 2); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
378 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
379 retval.insert(key, value); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
380 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
381 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
382 *data = data->right(data->size() - bodyStart - 4); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
383 return retval; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
384 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
385 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
386 QDateTime SSLConnectionBare::getLastModifiedHeader(const QString &resource) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
387 int ret = -1; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
388 QByteArray response; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
389 QLocale cLocale = QLocale::c(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
390 QMap<QString, QString> headers; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
391 QString headRequest = |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
392 QString::fromLatin1("HEAD %1 HTTP/1.0\r\n\r\n").arg(resource); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
393 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
394 ret = write(headRequest.toUtf8()); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
395 if (ret != 0) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
396 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
397 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
398 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
399 response = read(1024); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
400 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
401 qDebug() << "Response from server was: " << response; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
402 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
403 if (response.isNull()) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
404 qDebug() << "No response"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
405 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
406 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
407 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
408 headers = parseHeaders(&response); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
409 const QString lastModified = headers.value("Last-Modified"); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
410 if (!lastModified.isEmpty()) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
411 QDateTime candidate = cLocale.toDateTime(lastModified, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
412 "ddd, dd MMM yyyy HH:mm:ss' GMT'"); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
413 if (candidate.isValid()) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
414 return candidate; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
415 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
416 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
417 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
418 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
419 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
420 bool SSLConnectionBare::downloadFile(const QString &resource, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
421 const QString &fileName, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
422 size_t maxSize) |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
423 { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
424 int ret = -1; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
425 size_t bytesRead = 0; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
426 QString getRequest = |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
427 QString::fromLatin1("GET %1 HTTP/1.0\r\n\r\n").arg(resource); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
428 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
429 QSaveFile outputFile(fileName); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
430 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
431 ret = write(getRequest.toUtf8()); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
432 |
913
9bcd8ed36f4b
Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
433 if (ret != 0) { |
9bcd8ed36f4b
Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
434 qDebug() << "Failed to send request."; |
9bcd8ed36f4b
Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
435 return false; |
9bcd8ed36f4b
Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
436 } |
9bcd8ed36f4b
Fix build of sslconnection_bare
Andre Heinecke <andre.heinecke@intevation.de>
parents:
910
diff
changeset
|
437 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
438 // Open / Create the file to write to. |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
439 if (!outputFile.open(QIODevice::WriteOnly)) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
440 qDebug() << "Failed to open file"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
441 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
442 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
443 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
444 bool inBody = false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
445 QMap <QString, QString> headers; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
446 do { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
447 /* Read the response in 8KiB chunks */ |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
448 int responseSize = 0; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
449 QByteArray response = read(8192); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
450 if (response.isNull()) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
451 qDebug() << "Error reading response"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
452 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
453 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
454 responseSize = response.size(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
455 if (!inBody) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
456 headers = parseHeaders(&response); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
457 inBody = true; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
458 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
459 outputFile.write(response); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
460 bytesRead += responseSize; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
461 if (responseSize < 8192) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
462 /* Nothing more to read */ |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
463 break; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
464 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
465 } while (bytesRead < maxSize); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
466 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
467 return outputFile.commit(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
468 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
469 |
990
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
913
diff
changeset
|
470 void SSLConnectionBare::setCiphersuites(int ciphers[]) { |
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
913
diff
changeset
|
471 if (mInitialized) { |
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
913
diff
changeset
|
472 ssl_set_ciphersuites(&mSSL, ciphers); |
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
913
diff
changeset
|
473 } |
2949f1842955
(issue90) Add possibility to force cipher suites in bare connection and test for this
Andre Heinecke <andre.heinecke@intevation.de>
parents:
913
diff
changeset
|
474 } |