Mercurial > trustbridge
annotate ui/sslconnection.h @ 285:f23e0ccd5d14
Fix call to windows process.
This now uses the correct parameters, emits the signals
correctly as errors and waits for the process to finish instead
of relying on NOASYNC which did not work for runas and also
made it impossible to get the return code
| author | Andre Heinecke <aheinecke@intevation.de> |
|---|---|
| date | Wed, 02 Apr 2014 13:45:57 +0000 |
| parents | d28e2624c1d5 |
| children | 17e1c8f37d72 |
| rev | line source |
|---|---|
|
45
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
1 #ifndef SSLCONNECTION_H |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
2 #define SSLCONNECTION_H |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
3 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
4 /** |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
5 * @file sslconnection.h |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
6 * @brief Qt wrapper around polarssl ssl api |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 #include <QDebug> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 #include <QUrl> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 #include <QString> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 #include <QByteArray> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
14 #include <polarssl/entropy.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
15 #include <polarssl/net.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
16 #include <polarssl/ssl.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
17 #include <polarssl/ctr_drbg.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
18 #include <polarssl/error.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
19 #include <polarssl/certs.h> |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
20 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
21 class SSLConnection |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
22 { |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
23 public: |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
24 enum ErrorCode { |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
25 NoError, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
26 NoConnection, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
27 SSLHandshakeFailed, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
28 InvalidCertificate, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
29 InvalidPinnedCertificate, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
30 InvalidResponse, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
31 ConnectionLost, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
32 Timeout, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
33 ErrUnknown |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
34 }; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
35 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
36 /** |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
37 * @brief Construct a pinned SSL Connection |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
38 * |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
39 * @param[in] url the Url to connect to |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
40 * @param[in] certificate optional certificate to validate https connection |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
41 */ |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
42 SSLConnection(const QString& url, |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
43 const QByteArray& certificate = QByteArray()); |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
44 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
45 ~SSLConnection(); |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
46 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
47 /** @brief write */ |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
48 int write(const QByteArray& request); |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
49 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
50 /** |
|
46
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
51 * @brief read at most len bytes and reset the connection |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
52 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
53 * @param [in] len Amount of bytes to read. |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
54 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
55 * @returns a byte array containing the data or |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
56 * a NULL byte array on error*/ |
|
45
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
57 QByteArray read(size_t len); |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
58 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
59 bool initialized() { return mInitialized; } |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
60 bool connected() { return mConnected; } |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
61 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
62 ErrorCode getLastError() { return mErrorState; } |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
63 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
64 /** @brief: Establish the connection |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
65 * |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
66 * @returns 0 on success otherwise a polarssl error or -1 is returned |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
67 */ |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
68 int connect(); |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
69 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
70 private: |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
71 QUrl mUrl; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
72 QByteArray mPinnedCert; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
73 x509_crt mX509PinnedCert; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
74 entropy_context mEntropy; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
75 ctr_drbg_context mCtr_drbg; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
76 ssl_context mSSL; |
|
46
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
77 ssl_session mSavedSession; |
|
45
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
78 bool mInitialized; |
|
46
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
79 bool mConnected; /* A connection was established */ |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
80 bool mNeedsReset; /* The connection needs to be reset before the next |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
81 write */ |
|
45
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
82 int mServerFD; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
83 SSLConnection::ErrorCode mErrorState; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
84 /* @brief: Initialize polarssl structures |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
85 * |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
86 * This wraps polarssl initialization functions |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
87 * that can return an error. |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
88 * Sets the error state accordingly. |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
89 * |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
90 * @returns: 0 on success a polarssl error otherwise. |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
91 */ |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
92 int init(); |
|
46
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
93 |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
94 /* @brief Reset the connection. |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
95 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
96 * Resets the https connection and does another handshake. |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
97 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
98 * @returns: 0 on success a polarssl error or -1 otherwise. */ |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
99 int reset(); |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
100 |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
101 /* @brief validates that the certificate matches the pinned one. |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
102 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
103 * Checks the peer certificate of mSSL and validates that the |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
104 * certificate matches mPinnedCertificate. |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
105 * |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
106 * @returns: 0 on success a polarssl error or -1 otherwise. */ |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
107 int validateCertificate(); |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
108 |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
109 /* @brief disconnects the connection */ |
|
d28e2624c1d5
Reset connection before the next request.
Andre Heinecke <aheinecke@intevation.de>
parents:
45
diff
changeset
|
110 void disconnect(); |
|
45
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
111 }; |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
112 |
|
c6125d73faf4
Move SSLConnection into it's own class
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
113 #endif |