KDE 4.6 API Reference KIO
kssl.cpp
Go to the documentation of this file.
00001 /* This file is part of the KDE project 00002 * 00003 * Copyright (C) 2000-2003 George Staikos <staikos@kde.org> 00004 * 00005 * This library is free software; you can redistribute it and/or 00006 * modify it under the terms of the GNU Library General Public 00007 * License as published by the Free Software Foundation; either 00008 * version 2 of the License, or (at your option) any later version. 00009 * 00010 * This library is distributed in the hope that it will be useful, 00011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00013 * Library General Public License for more details. 00014 * 00015 * You should have received a copy of the GNU Library General Public License 00016 * along with this library; see the file COPYING.LIB. If not, write to 00017 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 00018 * Boston, MA 02110-1301, USA. 00019 */ 00020 00021 #include "kssl.h" 00022 00023 #include <config.h> 00024 #include <ksslconfig.h> 00025 00026 // this hack provided by Malte Starostik to avoid glibc/openssl bug 00027 // on some systems 00028 #ifdef KSSL_HAVE_SSL 00029 #include <unistd.h> 00030 #include <netinet/in.h> 00031 #include <sys/socket.h> 00032 #define crypt _openssl_crypt 00033 #include <openssl/ssl.h> 00034 #include <openssl/x509.h> 00035 #include <openssl/x509v3.h> 00036 #include <openssl/pem.h> 00037 #include <openssl/rand.h> 00038 #undef crypt 00039 #endif 00040 00041 #include <kdebug.h> 00042 #include <kstandarddirs.h> 00043 00044 #include <kopenssl.h> 00045 #include <ksslx509v3.h> 00046 #include <ksslcertificate.h> 00047 #include <klocale.h> 00048 00049 #include <QtNetwork/QAbstractSocket> 00050 #include <k3clientsocketbase.h> 00051 #include <k3socketdevice.h> 00052 00053 #ifdef __GNUC__ 00054 #warning "kssl.cc contains temporary functions! Clean up" 00055 #warning "kssl.cc needs to be ported to QSslSocket" 00056 #endif 00057 00058 #define sk_dup d->kossl->sk_dup 00059 00060 class KSSLPrivate { 00061 public: 00062 KSSLPrivate() { 00063 kossl = KOpenSSLProxy::self(); 00064 } 00065 00066 ~KSSLPrivate() {} 00067 00068 KSSLCertificate::KSSLValidation m_cert_vfy_res; 00069 00070 #ifdef KSSL_HAVE_SSL 00071 SSL *m_ssl; 00072 SSL_CTX *m_ctx; 00073 SSL_METHOD *m_meth; 00074 #endif 00075 KOSSL *kossl; 00076 }; 00077 00078 00079 KSSL::KSSL(bool init) { 00080 d = new KSSLPrivate; 00081 m_bInit = false; 00082 m_bAutoReconfig = true; 00083 m_cfg = new KSSLSettings(); 00084 #ifdef KSSL_HAVE_SSL 00085 d->m_ssl = 0L; 00086 #endif 00087 00088 if (init) 00089 initialize(); 00090 } 00091 00092 00093 KSSL::~KSSL() { 00094 close(); 00095 delete m_cfg; 00096 delete d; 00097 } 00098 00099 00100 int KSSL::seedWithEGD() { 00101 int rc = 0; 00102 #ifdef KSSL_HAVE_SSL 00103 if (m_cfg->useEGD() && !m_cfg->getEGDPath().isEmpty()) { 00104 rc = d->kossl->RAND_egd(m_cfg->getEGDPath().toLatin1().constData()); 00105 if (rc < 0) 00106 kDebug(7029) << "KSSL: Error seeding PRNG with the EGD."; 00107 else kDebug(7029) << "KSSL: PRNG was seeded with " << rc 00108 << " bytes from the EGD." << endl; 00109 } else if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) { 00110 rc = d->kossl->RAND_load_file(m_cfg->getEGDPath().toLatin1().constData(), -1); 00111 if (rc < 0) 00112 kDebug(7029) << "KSSL: Error seeding PRNG with the entropy file."; 00113 else kDebug(7029) << "KSSL: PRNG was seeded with " << rc 00114 << " bytes from the entropy file." << endl; 00115 } 00116 #endif 00117 return rc; 00118 } 00119 00120 00121 bool KSSL::initialize() { 00122 #ifdef KSSL_HAVE_SSL 00123 kDebug(7029) << "KSSL initialize"; 00124 if (m_bInit) 00125 return false; 00126 00127 if (m_bAutoReconfig) 00128 m_cfg->load(); 00129 00130 seedWithEGD(); 00131 00132 d->m_meth = d->kossl->SSLv23_client_method(); 00133 d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth); 00134 if (d->m_ctx == 0L) { 00135 return false; 00136 } 00137 00138 // set cipher list 00139 QString clist = m_cfg->getCipherList(); 00140 kDebug(7029) << "Cipher list: " << clist; 00141 if (!clist.isEmpty()) 00142 d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.toAscii().constData())); 00143 00144 m_bInit = true; 00145 return true; 00146 #else 00147 return false; 00148 #endif 00149 } 00150 00151 00152 void KSSL::close() { 00153 #ifdef KSSL_HAVE_SSL 00154 //kDebug(7029) << "KSSL close"; 00155 if (!m_bInit) 00156 return; 00157 00158 if (d->m_ssl) { 00159 d->kossl->SSL_shutdown(d->m_ssl); 00160 d->kossl->SSL_free(d->m_ssl); 00161 d->m_ssl = 0L; 00162 } 00163 00164 d->kossl->SSL_CTX_free(d->m_ctx); 00165 if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) { 00166 d->kossl->RAND_write_file(m_cfg->getEGDPath().toLatin1().constData()); 00167 } 00168 00169 m_bInit = false; 00170 #endif 00171 } 00172 00173 00174 bool KSSL::reInitialize() { 00175 close(); 00176 return initialize(); 00177 } 00178 00179 // get the callback file - it's hidden away in here 00180 //#include "ksslcallback.c" 00181 00182 00183 bool KSSL::reconfig() { 00184 return reInitialize(); 00185 } 00186 00187 00188 void KSSL::setAutoReconfig(bool ar) { 00189 m_bAutoReconfig = ar; 00190 } 00191 00192 00193 bool KSSL::setSettings(KSSLSettings *settings) { 00194 delete m_cfg; 00195 m_cfg = settings; 00196 return reconfig(); 00197 } 00198 00199 KSSLSettings * KSSL::settings() 00200 { 00201 return m_cfg; 00202 } 00203 00204 00205 #ifdef KSSL_HAVE_SSL 00206 bool KSSL::m_bSSLWorks = true; 00207 #else 00208 bool KSSL::m_bSSLWorks = false; 00209 #endif 00210 00211 bool KSSL::doesSSLWork() { 00212 return m_bSSLWorks; 00213 } 00214 00215 #undef sk_dup 00216
