Mercurial > trustbridge
view ui/sslconnection.h @ 633:6c090638b2b4
Use static buffer for module file name.
According to the msdn examle the return value of getmodulefilename
should be used to indicate success and not the size. And according
to comments on that function on Windows 8.1 it does not return
the needed size. So better be more robust and just use max_path
as a limit.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 23 Jun 2014 15:29:48 +0200 |
parents | 17e1c8f37d72 |
children | d1c951b3012d |
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik * Software engineering by Intevation GmbH * * This file is Free Software under the GNU GPL (v>=2) * and comes with ABSOLUTELY NO WARRANTY! * See LICENSE.txt for details. */ #ifndef SSLCONNECTION_H #define SSLCONNECTION_H /** * @file sslconnection.h * @brief Qt wrapper around polarssl ssl api */ #include <QDebug> #include <QUrl> #include <QString> #include <QByteArray> #include <polarssl/entropy.h> #include <polarssl/net.h> #include <polarssl/ssl.h> #include <polarssl/ctr_drbg.h> #include <polarssl/error.h> #include <polarssl/certs.h> class SSLConnection { public: enum ErrorCode { NoError, NoConnection, SSLHandshakeFailed, InvalidCertificate, InvalidPinnedCertificate, InvalidResponse, ConnectionLost, Timeout, ErrUnknown }; /** * @brief Construct a pinned SSL Connection * * @param[in] url the Url to connect to * @param[in] certificate optional certificate to validate https connection */ SSLConnection(const QString& url, const QByteArray& certificate = QByteArray()); ~SSLConnection(); /** @brief write */ int write(const QByteArray& request); /** * @brief read at most len bytes and reset the connection * * @param [in] len Amount of bytes to read. * * @returns a byte array containing the data or * a NULL byte array on error*/ QByteArray read(size_t len); bool initialized() { return mInitialized; } bool connected() { return mConnected; } ErrorCode getLastError() { return mErrorState; } /** @brief: Establish the connection * * @returns 0 on success otherwise a polarssl error or -1 is returned */ int connect(); private: QUrl mUrl; QByteArray mPinnedCert; x509_crt mX509PinnedCert; entropy_context mEntropy; ctr_drbg_context mCtr_drbg; ssl_context mSSL; ssl_session mSavedSession; bool mInitialized; bool mConnected; /* A connection was established */ bool mNeedsReset; /* The connection needs to be reset before the next write */ int mServerFD; SSLConnection::ErrorCode mErrorState; /* @brief: Initialize polarssl structures * * This wraps polarssl initialization functions * that can return an error. * Sets the error state accordingly. * * @returns: 0 on success a polarssl error otherwise. */ int init(); /* @brief Reset the connection. * * Resets the https connection and does another handshake. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int reset(); /* @brief validates that the certificate matches the pinned one. * * Checks the peer certificate of mSSL and validates that the * certificate matches mPinnedCertificate. * * @returns: 0 on success a polarssl error or -1 otherwise. */ int validateCertificate(); /* @brief disconnects the connection */ void disconnect(); }; #endif