KDE 4.6 API Reference KIO
ksslsettings.cpp
Go to the documentation of this file.
00001 /* This file is part of the KDE project 00002 * 00003 * Copyright (C) 2000 George Staikos <staikos@kde.org> 00004 * 00005 * This library is free software; you can redistribute it and/or 00006 * modify it under the terms of the GNU Library General Public 00007 * License as published by the Free Software Foundation; either 00008 * version 2 of the License, or (at your option) any later version. 00009 * 00010 * This library is distributed in the hope that it will be useful, 00011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00013 * Library General Public License for more details. 00014 * 00015 * You should have received a copy of the GNU Library General Public License 00016 * along with this library; see the file COPYING.LIB. If not, write to 00017 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, 00018 * Boston, MA 02110-1301, USA. 00019 */ 00020 00021 #include "ksslsettings.h" 00022 00023 #include <config.h> 00024 #include <ksslconfig.h> 00025 00026 #include <sys/types.h> 00027 #include <sys/stat.h> 00028 00029 #include <stdlib.h> 00030 #include <pwd.h> 00031 #include <unistd.h> 00032 00033 #include <QtCore/QFile> 00034 00035 #include <kglobal.h> 00036 #include <kstandarddirs.h> 00037 #include <kdebug.h> 00038 #include <kconfiggroup.h> 00039 00040 // this hack provided by Malte Starostik to avoid glibc/openssl bug 00041 // on some systems 00042 #ifdef KSSL_HAVE_SSL 00043 #define crypt _openssl_crypt 00044 #include <openssl/ssl.h> 00045 #undef crypt 00046 #endif 00047 00048 #include <kopenssl.h> 00049 00050 #ifdef KSSL_HAVE_SSL 00051 #define sk_new d->kossl->sk_new 00052 #define sk_push d->kossl->sk_push 00053 #define sk_free d->kossl->sk_free 00054 #define sk_value d->kossl->sk_value 00055 #define sk_num d->kossl->sk_num 00056 #define sk_dup d->kossl->sk_dup 00057 #define sk_pop d->kossl->sk_pop 00058 #endif 00059 00060 class CipherNode { 00061 public: 00062 CipherNode(const char *_name, int _keylen) : 00063 name(_name), keylen(_keylen) {} 00064 QString name; 00065 int keylen; 00066 inline int operator==(CipherNode &x) 00067 { return ((x.keylen == keylen) && (x.name == name)); } 00068 inline int operator< (CipherNode &x) { return keylen < x.keylen; } 00069 inline int operator<=(CipherNode &x) { return keylen <= x.keylen; } 00070 inline int operator> (CipherNode &x) { return keylen > x.keylen; } 00071 inline int operator>=(CipherNode &x) { return keylen >= x.keylen; } 00072 }; 00073 00074 00075 class KSSLSettingsPrivate { 00076 public: 00077 KSSLSettingsPrivate() { 00078 kossl = 0L; // try to delay this as long as possible 00079 } 00080 ~KSSLSettingsPrivate() { 00081 00082 } 00083 00084 KOSSL *kossl; 00085 bool m_bUseEGD; 00086 bool m_bUseEFile; 00087 QString m_EGDPath; 00088 bool m_bSendX509; 00089 bool m_bPromptX509; 00090 }; 00091 00092 // 00093 // FIXME 00094 // Implementation note: for now, we only read cipher settings from disk, 00095 // and do not store them in memory. This should change. 00096 // 00097 00098 KSSLSettings::KSSLSettings(bool readConfig) 00099 :d(new KSSLSettingsPrivate) 00100 { 00101 m_cfg = new KConfig("cryptodefaults", KConfig::NoGlobals); 00102 00103 if (!KGlobal::dirs()->addResourceType("kssl", "data", "kssl")) { 00104 //kDebug(7029) << "Error adding (kssl, share/apps/kssl)"; 00105 } 00106 00107 if (readConfig) load(); 00108 } 00109 00110 00111 // we don't save settings incase it was a temporary object 00112 KSSLSettings::~KSSLSettings() { 00113 delete m_cfg; 00114 delete d; 00115 } 00116 00117 00118 QString KSSLSettings::getCipherList() { 00119 QString clist; 00120 // TODO fill in list here (or just remove this method!) 00121 return clist; 00122 } 00123 00124 // FIXME - sync these up so that we can use them with the control module!! 00125 void KSSLSettings::load() { 00126 m_cfg->reparseConfiguration(); 00127 00128 KConfigGroup cfg(m_cfg, "Warnings"); 00129 m_bWarnOnEnter = cfg.readEntry("OnEnter", false); 00130 m_bWarnOnLeave = cfg.readEntry("OnLeave", true); 00131 m_bWarnOnUnencrypted = cfg.readEntry("OnUnencrypted", false); 00132 m_bWarnOnMixed = cfg.readEntry("OnMixed", true); 00133 00134 cfg = KConfigGroup(m_cfg, "Validation"); 00135 m_bWarnSelfSigned = cfg.readEntry("WarnSelfSigned", true); 00136 m_bWarnExpired = cfg.readEntry("WarnExpired", true); 00137 m_bWarnRevoked = cfg.readEntry("WarnRevoked", true); 00138 00139 cfg = KConfigGroup(m_cfg, "EGD"); 00140 d->m_bUseEGD = cfg.readEntry("UseEGD", false); 00141 d->m_bUseEFile = cfg.readEntry("UseEFile", false); 00142 d->m_EGDPath = cfg.readPathEntry("EGDPath", QString()); 00143 00144 cfg = KConfigGroup(m_cfg, "Auth"); 00145 d->m_bSendX509 = ("send" == cfg.readEntry("AuthMethod", "")); 00146 d->m_bPromptX509 = ("prompt" == cfg.readEntry("AuthMethod", "")); 00147 00148 #ifdef KSSL_HAVE_SSL 00149 00150 00151 00152 #endif 00153 } 00154 00155 00156 void KSSLSettings::defaults() { 00157 m_bWarnOnEnter = false; 00158 m_bWarnOnLeave = true; 00159 m_bWarnOnUnencrypted = true; 00160 m_bWarnOnMixed = true; 00161 m_bWarnSelfSigned = true; 00162 m_bWarnExpired = true; 00163 m_bWarnRevoked = true; 00164 d->m_bUseEGD = false; 00165 d->m_bUseEFile = false; 00166 d->m_EGDPath = ""; 00167 } 00168 00169 00170 void KSSLSettings::save() { 00171 KConfigGroup cfg(m_cfg, "Warnings"); 00172 cfg.writeEntry("OnEnter", m_bWarnOnEnter); 00173 cfg.writeEntry("OnLeave", m_bWarnOnLeave); 00174 cfg.writeEntry("OnUnencrypted", m_bWarnOnUnencrypted); 00175 cfg.writeEntry("OnMixed", m_bWarnOnMixed); 00176 00177 cfg = KConfigGroup(m_cfg, "Validation"); 00178 cfg.writeEntry("WarnSelfSigned", m_bWarnSelfSigned); 00179 cfg.writeEntry("WarnExpired", m_bWarnExpired); 00180 cfg.writeEntry("WarnRevoked", m_bWarnRevoked); 00181 00182 cfg = KConfigGroup(m_cfg, "EGD"); 00183 cfg.writeEntry("UseEGD", d->m_bUseEGD); 00184 cfg.writeEntry("UseEFile", d->m_bUseEFile); 00185 cfg.writePathEntry("EGDPath", d->m_EGDPath); 00186 00187 m_cfg->sync(); 00188 // FIXME - ciphers 00189 #if 0 00190 #ifdef KSSL_HAVE_SSL 00191 cfg.setGroup("SSLv3"); 00192 for (unsigned int i = 0; i < v3ciphers.count(); i++) { 00193 QString ciphername; 00194 ciphername.sprintf("cipher_%s", v3ciphers[i].ascii()); 00195 if (v3selectedciphers.contains(v3ciphers[i])) { 00196 cfg.writeEntry(ciphername, true); 00197 } else cfg.writeEntry(ciphername, false); 00198 } 00199 m_cfg->sync(); 00200 #endif 00201 00202 // insure proper permissions -- contains sensitive data 00203 QString cfgName(KGlobal::dirs()->findResource("config", "cryptodefaults")); 00204 if (!cfgName.isEmpty()) 00205 KDE::chmod(cfgName, 0600); 00206 #endif 00207 } 00208 00209 00210 bool KSSLSettings::warnOnEnter() const { return m_bWarnOnEnter; } 00211 void KSSLSettings::setWarnOnEnter(bool x) { m_bWarnOnEnter = x; } 00212 bool KSSLSettings::warnOnUnencrypted() const { return m_bWarnOnUnencrypted; } 00213 void KSSLSettings::setWarnOnUnencrypted(bool x) { m_bWarnOnUnencrypted = x; } 00214 bool KSSLSettings::warnOnLeave() const { return m_bWarnOnLeave; } 00215 void KSSLSettings::setWarnOnLeave(bool x) { m_bWarnOnLeave = x; } 00216 bool KSSLSettings::warnOnMixed() const { return m_bWarnOnMixed; } 00217 bool KSSLSettings::useEGD() const { return d->m_bUseEGD; } 00218 bool KSSLSettings::useEFile() const { return d->m_bUseEFile; } 00219 bool KSSLSettings::autoSendX509() const { return d->m_bSendX509; } 00220 bool KSSLSettings::promptSendX509() const { return d->m_bPromptX509; } 00221 QString& KSSLSettings::getEGDPath() { return d->m_EGDPath; } 00222 00223 #ifdef KSSL_HAVE_SSL 00224 #undef sk_new 00225 #undef sk_push 00226 #undef sk_free 00227 #undef sk_value 00228 #undef sk_num 00229 #undef sk_pop 00230 #undef sk_dup 00231 #endif
