aheinecke@404: /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik aheinecke@404: * Software engineering by Intevation GmbH aheinecke@404: * aheinecke@404: * This file is Free Software under the GNU GPL (v>=2) aheinecke@404: * and comes with ABSOLUTELY NO WARRANTY! aheinecke@404: * See LICENSE.txt for details. aheinecke@404: */ aheinecke@45: #ifndef SSLCONNECTION_H aheinecke@45: #define SSLCONNECTION_H aheinecke@45: aheinecke@45: /** aheinecke@45: * @file sslconnection.h andre@1255: * @brief Controller of the downloader network connection aheinecke@45: */ aheinecke@45: aheinecke@45: #include aheinecke@45: #include aheinecke@45: #include aheinecke@45: #include aheinecke@45: andre@1255: /** @brief Controller of the downloader network connection andre@1255: * andre@1255: * Base class of the SSL connection used. Offers a high andre@1255: * level API that the downloader can use regardless of the andre@1255: * concrete SSL implementation. andre@1255: * andre@1255: */ aheinecke@45: class SSLConnection aheinecke@45: { aheinecke@45: public: andre@1255: /** andre@1255: * @enum ErrorCode andre@1255: * @brief Possible Errors of the SSL connection. andre@1255: */ aheinecke@45: enum ErrorCode { andre@1255: /*! Everything OK */ aheinecke@45: NoError, andre@1255: /*! Failure before the SSL Handshake. Connection failure.*/ aheinecke@45: NoConnection, andre@1255: /*! SSL Handshake failed. Probably unsupported ciphersuites.*/ aheinecke@45: SSLHandshakeFailed, andre@1255: /*! The pinned certificate did not match with the server cert.*/ aheinecke@45: InvalidCertificate, andre@1255: /*! The pinned certificate could not be parsed. Coding error!.*/ aheinecke@45: InvalidPinnedCertificate, andre@1255: /*! The response from the server could not be parsed.*/ aheinecke@45: InvalidResponse, andre@1255: /*! The connection was established but lost at one point.*/ aheinecke@45: ConnectionLost, andre@1255: /*! A connection timeout was hit.*/ aheinecke@45: Timeout, andre@1255: /*! The unexpected.*/ aheinecke@45: ErrUnknown aheinecke@45: }; aheinecke@45: aheinecke@45: /** aheinecke@45: * @brief Construct a pinned SSL Connection aheinecke@45: * aheinecke@45: * @param[in] url the Url to connect to aheinecke@45: * @param[in] certificate optional certificate to validate https connection aheinecke@45: */ aheinecke@45: SSLConnection(const QString& url, andre@990: const QByteArray& certificate = QByteArray()); aheinecke@45: andre@908: virtual ~SSLConnection() {}; aheinecke@45: andre@1255: /**@brief wether or not everything could be parsed and all options could be set. andre@1255: * andre@1255: * This should usually be true. Otherwise it is likely something wrong andre@1255: * with the internal data or the used library versions. andre@1255: * andre@1255: * @returns false when some error occured during initalization. andre@1255: **/ aheinecke@45: bool initialized() { return mInitialized; } andre@1255: andre@1255: /** @brief wether or not the connection has been established */ aheinecke@45: bool connected() { return mConnected; } aheinecke@45: aheinecke@45: ErrorCode getLastError() { return mErrorState; } aheinecke@45: aheinecke@45: /** @brief: Establish the connection aheinecke@45: * andre@908: * @returns 0 on success otherwise an error or -1 is returned aheinecke@45: */ andre@908: virtual int connect() = 0; aheinecke@45: andre@910: /** @brief get the last modified header of a resource. andre@910: * andre@910: * Connection should be established beforehand. andre@910: * Modifies the error state. andre@910: * andre@910: * @param[in] resource The resource to check andre@910: * andre@910: * @returns the last modified date or a null datetime in case of errors andre@910: */ andre@910: virtual QDateTime getLastModifiedHeader(const QString &resource) = 0; andre@910: andre@910: /** @brief Download resource andre@910: * andre@910: * Download a resource with the established connection. andre@910: * Modifies the error state. andre@910: * andre@910: * @param[in] resource the resource to download andre@910: * @param[in] filename where the file should be saved. andre@910: * @param[in] maxSize maximum amount of bytes to download andre@910: * andre@910: * @returns True if the download was successful. andre@910: */ andre@910: virtual bool downloadFile(const QString &resource, const QString &filename, andre@910: size_t maxSize) = 0; andre@956: andre@956: /** @brief Set a proxy server to use. andre@956: * andre@956: * @param [in] proxyUrl theo URL of the proxy to use. andre@956: */ andre@990: virtual void setProxy(const QUrl &proxyUrl); andre@990: andre@990: /** @brief Set acceptable ciphersuites. andre@990: * emanuel@1053: * @param [in] ciphers a zero terminated list of ciphers as defined in andre@990: * polarssl/ssl_ciphersuites.h andre@990: */ andre@990: virtual void setCiphersuites(int ciphers[]) = 0; andre@956: andre@908: protected: aheinecke@45: QUrl mUrl; aheinecke@45: QByteArray mPinnedCert; aheinecke@45: bool mInitialized; aheinecke@46: bool mConnected; /* A connection was established */ aheinecke@46: bool mNeedsReset; /* The connection needs to be reset before the next aheinecke@46: write */ aheinecke@45: int mServerFD; aheinecke@45: SSLConnection::ErrorCode mErrorState; aheinecke@45: }; aheinecke@45: aheinecke@45: #endif