view ui/sslconnection.h @ 1288:265583011f24

(issue123) Add possibility to open native certificate dialog This is currently only implemented for windows.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 29 Sep 2014 13:12:58 +0200
parents 2a1aa9df8f11
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef SSLCONNECTION_H
#define SSLCONNECTION_H

/**
 * @file sslconnection.h
 * @brief Controller of the downloader network connection
 */

#include <QDebug>
#include <QUrl>
#include <QString>
#include <QByteArray>

/** @brief Controller of the downloader network connection 
 *
 * Base class of the SSL connection used. Offers a high
 * level API that the downloader can use regardless of the
 * concrete SSL implementation.
 *
 */
class SSLConnection
{
public:
    /**
     * @enum ErrorCode
     * @brief Possible Errors of the SSL connection.
     */
    enum ErrorCode {
        /*! Everything OK */
        NoError,
        /*! Failure before the SSL Handshake. Connection failure.*/
        NoConnection,
        /*! SSL Handshake failed. Probably unsupported ciphersuites.*/
        SSLHandshakeFailed,
        /*! The pinned certificate did not match with the server cert.*/
        InvalidCertificate,
        /*! The pinned certificate could not be parsed. Coding error!.*/
        InvalidPinnedCertificate,
        /*! The response from the server could not be parsed.*/
        InvalidResponse,
        /*! The connection was established but lost at one point.*/
        ConnectionLost,
        /*! A connection timeout was hit.*/
        Timeout,
        /*! The unexpected.*/
        ErrUnknown
    };

    /**
     * @brief Construct a pinned SSL Connection
     *
     * @param[in] url the Url to connect to
     * @param[in] certificate optional certificate to validate https connection
     */
    SSLConnection(const QString& url,
                  const QByteArray& certificate = QByteArray());

    virtual ~SSLConnection() {};

    /**@brief wether or not everything could be parsed and all options could be set.
     *
     * This should usually be true. Otherwise it is likely something wrong
     * with the internal data or the used library versions.
     *
     * @returns false when some error occured during initalization.
     **/
    bool initialized() { return mInitialized; }

    /** @brief wether or not the connection has been established */
    bool connected() { return mConnected; }

    ErrorCode getLastError() { return mErrorState; }

    /** @brief: Establish the connection
     *
     * @returns 0 on success otherwise an error or -1 is returned
     */
    virtual int connect() = 0;

    /** @brief get the last modified header of a resource.
     *
     * Connection should be established beforehand.
     * Modifies the error state.
     *
     * @param[in] resource The resource to check
     *
     * @returns the last modified date or a null datetime in case of errors
     */
    virtual QDateTime getLastModifiedHeader(const QString &resource) = 0;

    /** @brief Download resource
     *
     * Download a resource with the established connection.
     * Modifies the error state.
     *
     * @param[in] resource the resource to download
     * @param[in] filename where the file should be saved.
     * @param[in] maxSize maximum amount of bytes to download
     *
     * @returns True if the download was successful.
     */
    virtual bool downloadFile(const QString &resource, const QString &filename,
                              size_t maxSize) = 0;

    /** @brief Set a proxy server to use.
     *
     * @param [in] proxyUrl theo URL of the proxy to use.
     */
    virtual void setProxy(const QUrl &proxyUrl);

    /** @brief Set acceptable ciphersuites.
     *
     * @param [in] ciphers a zero terminated list of ciphers as defined in 
     * polarssl/ssl_ciphersuites.h
     */
    virtual void setCiphersuites(int ciphers[]) = 0;

protected:
    QUrl mUrl;
    QByteArray mPinnedCert;
    bool mInitialized;
    bool mConnected; /* A connection was established */
    bool mNeedsReset; /* The connection needs to be reset before the next
                         write */
    int mServerFD;
    SSLConnection::ErrorCode mErrorState;
};

#endif

http://wald.intevation.org/projects/trustbridge/