diff options
Diffstat (limited to 'tdeio/kssl/kssl.h')
-rw-r--r-- | tdeio/kssl/kssl.h | 301 |
1 files changed, 301 insertions, 0 deletions
diff --git a/tdeio/kssl/kssl.h b/tdeio/kssl/kssl.h new file mode 100644 index 000000000..e10b10eaf --- /dev/null +++ b/tdeio/kssl/kssl.h @@ -0,0 +1,301 @@ +/* This file is part of the KDE project + * + * Copyright (C) 2000-2003 George Staikos <staikos@kde.org> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public License + * along with this library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + * Boston, MA 02110-1301, USA. + */ + +#ifndef _KSSL_H +#define _KSSL_H + +#include <ksslsettings.h> +#include <ksslpeerinfo.h> +#include <ksslconnectioninfo.h> + +class KSSLPrivate; +class KSSLCertificate; +class KSSLPKCS12; +class KSSLSession; + +/** + * KDE SSL Wrapper Class + * + * This class implements KDE's SSL support by wrapping OpenSSL. + * + * @author George Staikos <staikos@kde.org> + * @see KExtendedSocket, TCPSlaveBase + * @short KDE SSL Class + */ +class TDEIO_EXPORT KSSL { +public: + /** + * Construct a KSSL object + * + * @param init Set this to false if you do not want this class to + * immediately initialize OpenSSL. + */ + KSSL(bool init = true); + + /** + * Destroy this KSSL object + * + * Does not close any socket. + */ + ~KSSL(); + + /** + * Determine if SSL is available and works. + * + * @return true is SSL is available and usable + */ + static bool doesSSLWork(); + + /** + * Initialize OpenSSL. + * + * @return true on success + * + * This will do nothing if it is already initialized. + * @see reInitialize + */ + bool initialize(); + + /** + * This is used for applicationss which do STARTTLS or something + * similar. It creates a TLS method regardless of the user's settings. + * + * @return true if TLS is successfully initialized + */ + bool TLSInit(); + + /** + * Set an SSL session to use. This deep copies the session so it + * doesn't have to remain valid. You need to call it after calling + * initialize or reInitialize. The ID is cleared in close(). + * + * @param session A valid session to reuse. If 0L, it will clear the + * session ID in memory. + * + * @return true on success + */ + bool setSession(const KSSLSession *session); + + /** + * Close the SSL session. + */ + void close(); + + /** + * Reinitialize OpenSSL. + * + * @return true on success + * + * This is not generally needed unless you are reusing the KSSL object + * for a new session. + * @see initialize + */ + bool reInitialize(); + + /** + * Trigger a reread of KSSL configuration and reInitialize() KSSL. + * + * @return true on successful reinitalizations + * + * If you setAutoReconfig() to false, then this will simply + * reInitialize() and not read in the new configuration. + * @see setAutoReconfig + */ + bool reconfig(); + + /** + * Enable or disable automatic reconfiguration on initialize(). + * + * @param ar Set to false in order to disable auto-reloading of the + * KSSL configuration during initialize(). + * + * By default, KSSL will read its configuration on initialize(). You + * might want to disable this for performance reasons. + */ + void setAutoReconfig(bool ar); + + /** + * This will reseed the pseudo-random number generator with the EGD + * (entropy gathering daemon) if the EGD is configured and enabled. + * You don't need to call this yourself normally. + * + * @return 0 on success + */ + int seedWithEGD(); + + /** + * Set a new KSSLSettings instance as the settings. This deletes the + * current instance of KSSLSettings. + * + * @param settings A new, valid settings object. + * + * @return true on success + */ + bool setSettings(KSSLSettings *settings); + + /** + * One is built by the constructor, so this will only return a NULL + * pointer if you set one with setSettings(). + * + * @return the current settings instance + */ + KSSLSettings * settings() { return m_cfg; } + + /** + * Use this to set the certificate to send to the server. + * Do NOT delete the KSSLPKCS12 object until you are done with the + * session. It is not defined when KSSL will be done with this. + * + * @param pkcs the valid PKCS#12 object to send. + * + * @return true if the certificate was properly set to the session. + */ + bool setClientCertificate(KSSLPKCS12 *pkcs); + + /** + * Set the status of the connection with respect to proxies. + * + * @param active is not used + * @param realIP is the IP address of the host you're connecting to + * @param realPort is the port of the host you're connecting to + * @param proxy is the IP or hostname of the proxy server + * @deprecated + */ + void setProxyUse(bool active, TQString realIP = TQString::null, int realPort = 0, TQString proxy = TQString::null) KDE_DEPRECATED; + + /** + * Set the peer hostname to be used for certificate verification. + * + * @param realHost the remote hostname as the user believes to be + * connecting to + */ + void setPeerHost(TQString realHost = TQString::null); + + /** + * Connect the SSL session to the remote host using the provided + * socket descriptor. + * + * @param sock the socket descriptor to connect with. This must be + * an already connected socket. + * @return 1 on success, 0 on error setting the file descriptor, + * -1 on other error. + */ + int connect(int sock); + + /** + * Connect the SSL session to the remote host using the provided + * socket descriptor. This is for use with an SSL server application. + * + * @param sock the socket descriptor to connect with. This must be + * an already connected socket. + * @return 1 on success, 0 on error setting the file descriptor, + * -1 on other error. + */ + int accept(int sock); + + /** + * Read data from the remote host via SSL. + * + * @param buf the buffer to read the data into. + * @param len the maximum length of data to read. + * @return the number of bytes read, 0 on an exception, or -1 on error. + */ + int read(void *buf, int len); + + /** + * Peek at available data from the remote host via SSL. + * + * @param buf the buffer to read the data into. + * @param len the maximum length of data to read. + * @return the number of bytes read, 0 on an exception, or -1 on error. + */ + int peek(void *buf, int len); + + /** + * Write data to the remote host via SSL. + * + * @param buf the buffer to read the data from. + * @param len the length of data to send from the buffer. + * @return the number of bytes written, 0 on an exception, + * or -1 on error. + */ + int write(const void *buf, int len); + + /** + * Determine if data is waiting to be read. + * + * @return -1 on error, 0 if no data is waiting, > 0 if data is waiting. + */ + int pending(); + + /** + * Obtain a reference to the connection information. + * + * @return a reference to the connection information, + * valid after connected + * @see KSSLConnectionInfo + */ + KSSLConnectionInfo& connectionInfo(); + + /** + * Obtain a reference to the information about the peer. + * + * @return a reference to the peer information, + * valid after connected + * @see KSSLPeerInfo + */ + KSSLPeerInfo& peerInfo(); + + /** + * Obtain a pointer to the session information. + * + * @return a pointer to the session information. + * This is valid after connected, while connected. + * It is deleted by the KSSL object which returns it. + * May return 0L if no valid session exists. + * @see KSSLSession + */ + const KSSLSession* session() const; + + /** + * Determine if we are currently reusing an SSL session ID. + * + * @return true if we are reusing a session ID. + */ + bool reusingSession() const; + +private: + static bool m_bSSLWorks; + bool m_bInit; + bool m_bAutoReconfig; + KSSLSettings *m_cfg; + KSSLConnectionInfo m_ci; + KSSLPeerInfo m_pi; + + KSSLPrivate *d; + + void setConnectionInfo(); + void setPeerInfo(); + bool setVerificationLogic(); +}; + + +#endif + |