Mercurial > trustbridge

view ui/sslconnection.h @ 1070:f110a3f6e387

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue114) Fine tune ACL propagation using mkdir_p the ACL of the parent directories would propagate to all subdirectories and objects in the directory. Now we only use ACL propagation in the last directory to make sure that files we might create in that directory inherit the correct (resitricted) ACL
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 10 Sep 2014 16:41:36 +0200
parents 78798d3af8f0
children 2a1aa9df8f11
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#ifndef SSLCONNECTION_H
#define SSLCONNECTION_H

/**
 * @file sslconnection.h
 * @brief Qt wrapper around polarssl ssl api
 */

#include <QDebug>
#include <QUrl>
#include <QString>
#include <QByteArray>

class SSLConnection
{
public:
    enum ErrorCode {
        NoError,
        NoConnection,
        SSLHandshakeFailed,
        InvalidCertificate,
        InvalidPinnedCertificate,
        InvalidResponse,
        ConnectionLost,
        Timeout,
        ErrUnknown
    };

    /**
     * @brief Construct a pinned SSL Connection
     *
     * @param[in] url the Url to connect to
     * @param[in] certificate optional certificate to validate https connection
     */
    SSLConnection(const QString& url,
                  const QByteArray& certificate = QByteArray());

    virtual ~SSLConnection() {};

    bool initialized() { return mInitialized; }
    bool connected() { return mConnected; }

    ErrorCode getLastError() { return mErrorState; }

    /** @brief: Establish the connection
     *
     * @returns 0 on success otherwise an error or -1 is returned
     */
    virtual int connect() = 0;

    /** @brief get the last modified header of a resource.
     *
     * Connection should be established beforehand.
     * Modifies the error state.
     *
     * @param[in] resource The resource to check
     *
     * @returns the last modified date or a null datetime in case of errors
     */
    virtual QDateTime getLastModifiedHeader(const QString &resource) = 0;

    /** @brief Download resource
     *
     * Download a resource with the established connection.
     * Modifies the error state.
     *
     * @param[in] resource the resource to download
     * @param[in] filename where the file should be saved.
     * @param[in] maxSize maximum amount of bytes to download
     *
     * @returns True if the download was successful.
     */
    virtual bool downloadFile(const QString &resource, const QString &filename,
                              size_t maxSize) = 0;

    /** @brief Set a proxy server to use.
     *
     * @param [in] proxyUrl theo URL of the proxy to use.
     */
    virtual void setProxy(const QUrl &proxyUrl);

    /** @brief Set acceptable ciphersuites.
     *
     * @param [in] ciphers a zero terminated list of ciphers as defined in 
     * polarssl/ssl_ciphersuites.h
     */
    virtual void setCiphersuites(int ciphers[]) = 0;

protected:
    QUrl mUrl;
    QByteArray mPinnedCert;
    bool mInitialized;
    bool mConnected; /* A connection was established */
    bool mNeedsReset; /* The connection needs to be reset before the next
                         write */
    int mServerFD;
    SSLConnection::ErrorCode mErrorState;
};

#endif
http://wald.intevation.org/projects/trustbridge/