/****************************************************************************

**

** Copyright (C) 2010 Nokia Corporation and/or its subsidiary(-ies).

** All rights reserved.

** Contact: Nokia Corporation (qt-info@nokia.com)

**

** This file is part of the QtNetwork module of the Qt Toolkit.

**

** $QT_BEGIN_LICENSE:LGPL$

** No Commercial Usage

** This file contains pre-release code and may not be distributed.

** You may use this file in accordance with the terms and conditions

** contained in the Technology Preview License Agreement accompanying

** this package.

**

** GNU Lesser General Public License Usage

** Alternatively, this file may be used under the terms of the GNU Lesser

** General Public License version 2.1 as published by the Free Software

** Foundation and appearing in the file LICENSE.LGPL included in the

** packaging of this file.  Please review the following information to

** ensure the GNU Lesser General Public License version 2.1 requirements

** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.

**

** In addition, as a special exception, Nokia gives you certain additional

** rights.  These rights are described in the Nokia Qt LGPL Exception

** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.

**

** If you have questions regarding the use of this file, please contact

** Nokia at qt-info@nokia.com.

**

**

**

**

**

**

**

**

** $QT_END_LICENSE$

**

****************************************************************************/

//#define QSSLSOCKET_DEBUG

/*!

    \class QSslSocket

    \brief The QSslSocket class provides an SSL encrypted socket for both

    clients and servers.

    \since 4.3

    \reentrant

    \ingroup network

    \ingroup ssl

    \inmodule QtNetwork

    QSslSocket establishes a secure, encrypted TCP connection you can

    use for transmitting encrypted data. It can operate in both client

    and server mode, and it supports modern SSL protocols, including

    SSLv3 and TLSv1. By default, QSslSocket uses SSLv3, but you can

    change the SSL protocol by calling setProtocol() as long as you do

    it before the handshake has started.

    SSL encryption operates on top of the existing TCP stream after

    the socket enters the ConnectedState. There are two simple ways to

    establish a secure connection using QSslSocket: With an immediate

    SSL handshake, or with a delayed SSL handshake occurring after the

    connection has been established in unencrypted mode.

    The most common way to use QSslSocket is to construct an object

    and start a secure connection by calling connectToHostEncrypted().

    This method starts an immediate SSL handshake once the connection

    has been established.

    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 0

    As with a plain QTcpSocket, QSslSocket enters the HostLookupState,

    ConnectingState, and finally the ConnectedState, if the connection

    is successful. The handshake then starts automatically, and if it

    succeeds, the encrypted() signal is emitted to indicate the socket

    has entered the encrypted state and is ready for use.

    Note that data can be written to the socket immediately after the

    return from connectToHostEncrypted() (i.e., before the encrypted()

    signal is emitted). The data is queued in QSslSocket until after

    the encrypted() signal is emitted.

    An example of using the delayed SSL handshake to secure an

    existing connection is the case where an SSL server secures an

    incoming connection. Suppose you create an SSL server class as a

    subclass of QTcpServer. You would override

    QTcpServer::incomingConnection() with something like the example

    below, which first constructs an instance of QSslSocket and then

    calls setSocketDescriptor() to set the new socket's descriptor to

    the existing one passed in. It then initiates the SSL handshake

    by calling startServerEncryption().

    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 1

    If an error occurs, QSslSocket emits the sslErrors() signal. In this

    case, if no action is taken to ignore the error(s), the connection

    is dropped. To continue, despite the occurrence of an error, you

    can call ignoreSslErrors(), either from within this slot after the

    error occurs, or any time after construction of the QSslSocket and

    before the connection is attempted. This will allow QSslSocket to

    ignore the errors it encounters when establishing the identity of

    the peer. Ignoring errors during an SSL handshake should be used

    with caution, since a fundamental characteristic of secure

    connections is that they should be established with a successful

    handshake.

    Once encrypted, you use QSslSocket as a regular QTcpSocket. When

    readyRead() is emitted, you can call read(), canReadLine() and

    readLine(), or getChar() to read decrypted data from QSslSocket's

    internal buffer, and you can call write() or putChar() to write

    data back to the peer. QSslSocket will automatically encrypt the

    written data for you, and emit encryptedBytesWritten() once

    the data has been written to the peer.

    As a convenience, QSslSocket supports QTcpSocket's blocking

    functions waitForConnected(), waitForReadyRead(),

    waitForBytesWritten(), and waitForDisconnected(). It also provides

    waitForEncrypted(), which will block the calling thread until an

    encrypted connection has been established.

    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 2

    QSslSocket provides an extensive, easy-to-use API for handling

    cryptographic ciphers, private keys, and local, peer, and

    Certification Authority (CA) certificates. It also provides an API

    for handling errors that occur during the handshake phase.

    The following features can also be customized:

    \list

    \o The socket's cryptographic cipher suite can be customized before

    the handshake phase with setCiphers() and setDefaultCiphers().

    \o The socket's local certificate and private key can be customized

    before the handshake phase with setLocalCertificate() and

    setPrivateKey().

    \o The CA certificate database can be extended and customized with

    addCaCertificate(), addCaCertificates(), setCaCertificates(),

    addDefaultCaCertificate(), addDefaultCaCertificates(), and

    setDefaultCaCertificates().

    \endlist

    For more information about ciphers and certificates, refer to QSslCipher and

    QSslCertificate.

    This product includes software developed by the OpenSSL Project

    for use in the OpenSSL Toolkit (\l{http://www.openssl.org/}).

    \note Be aware of the difference between the bytesWritten() signal and

    the encryptedBytesWritten() signal. For a QTcpSocket, bytesWritten()

    will get emitted as soon as data has been written to the TCP socket.

    For a QSslSocket, bytesWritten() will get emitted when the data

    is being encrypted and encryptedBytesWritten()

    will get emitted as soon as data has been written to the TCP socket.

    \sa QSslCertificate, QSslCipher, QSslError

*/

/*!

    \enum QSslSocket::SslMode

    Describes the connection modes available for QSslSocket.

    \value UnencryptedMode The socket is unencrypted. Its

    behavior is identical to QTcpSocket.

    \value SslClientMode The socket is a client-side SSL socket.

    It is either alreayd encrypted, or it is in the SSL handshake

    phase (see QSslSocket::isEncrypted()).

    \value SslServerMode The socket is a server-side SSL socket.

    It is either already encrypted, or it is in the SSL handshake

    phase (see QSslSocket::isEncrypted()).

*/

/*!

    \enum QSslSocket::PeerVerifyMode

    \since 4.4

    Describes the peer verification modes for QSslSocket. The default mode is

    AutoVerifyPeer, which selects an appropriate mode depending on the

    socket's QSocket::SslMode.

    \value VerifyNone QSslSocket will not request a certificate from the

    peer. You can set this mode if you are not interested in the identity of

    the other side of the connection. The connection will still be encrypted,

    and your socket will still send its local certificate to the peer if it's

    requested.

    \value QueryPeer QSslSocket will request a certificate from the peer, but

    does not require this certificate to be valid. This is useful when you

    want to display peer certificate details to the user without affecting the

    actual SSL handshake. This mode is the default for servers.

    \value VerifyPeer QSslSocket will request a certificate from the peer

    during the SSL handshake phase, and requires that this certificate is

    valid. On failure, QSslSocket will emit the QSslSocket::sslErrors()

    signal. This mode is the default for clients.

    \value AutoVerifyPeer QSslSocket will automaticaly use QueryPeer for

    server sockets and VerifyPeer for client sockets.

    \sa QSslSocket::peerVerifyMode()

*/

/*!

    \fn QSslSocket::encrypted()

    This signal is emitted when QSslSocket enters encrypted mode. After this

    signal has been emitted, QSslSocket::isEncrypted() will return true, and

    all further transmissions on the socket will be encrypted.

    \sa QSslSocket::connectToHostEncrypted(), QSslSocket::isEncrypted()

*/

/*!

    \fn QSslSocket::modeChanged(QSslSocket::SslMode mode)

    This signal is emitted when QSslSocket changes from \l

    QSslSocket::UnencryptedMode to either \l QSslSocket::SslClientMode or \l

    QSslSocket::SslServerMode. \a mode is the new mode.

    \sa QSslSocket::mode()

*/

/*!

    \fn QSslSocket::encryptedBytesWritten(qint64 written)

    \since 4.4

    This signal is emitted when QSslSocket writes its encrypted data to the

    network. The \a written parameter contains the number of bytes that were

    successfully written.

    \sa QIODevice::bytesWritten()

*/

/*!

    \fn void QSslSocket::peerVerifyError(const QSslError &error)

    \since 4.4

    QSslSocket can emit this signal several times during the SSL handshake,

    before encryption has been established, to indicate that an error has

    occurred while establishing the identity of the peer. The \a error is

    usually an indication that QSslSocket is unable to securely identify the

    peer.

    This signal provides you with an early indication when something's wrong.

    By connecting to this signal, you can manually choose to tear down the

    connection from inside the connected slot before the handshake has

    completed. If no action is taken, QSslSocket will proceed to emitting

    QSslSocket::sslErrors().

    \sa sslErrors()

*/

/*!

    \fn void QSslSocket::sslErrors(const QList<QSslError> &errors);

    QSslSocket emits this signal after the SSL handshake to indicate that one

    or more errors have occurred while establishing the identity of the

    peer. The errors are usually an indication that QSslSocket is unable to

    securely identify the peer. Unless any action is taken, the connection

    will be dropped after this signal has been emitted.

    If you want to continue connecting despite the errors that have occurred,

    you must call QSslSocket::ignoreSslErrors() from inside a slot connected to

    this signal. If you need to access the error list at a later point, you

    can call sslErrors() (without arguments).

    \a errors contains one or more errors that prevent QSslSocket from

    verifying the identity of the peer.

    Note: You cannot use Qt::QueuedConnection when connecting to this signal,

    or calling QSslSocket::ignoreSslErrors() will have no effect.

    \sa peerVerifyError()

*/

#include "qsslcipher.h"

#include "qsslsocket.h"

#include "qsslsocket_openssl_p.h"

#include "qsslconfiguration_p.h"

#include <QtCore/qdebug.h>

#include <QtCore/qdir.h>

#include <QtCore/qdatetime.h>

#include <QtCore/qmutex.h>

#include <QtNetwork/qhostaddress.h>

#include <QtNetwork/qhostinfo.h>

QT_BEGIN_NAMESPACE

/*

   Returns the difference between msecs and elapsed. If msecs is -1,

   however, -1 is returned.

*/

static int qt_timeout_value(int msecs, int elapsed)

{

    if (msecs == -1)

        return -1;

    int timeout = msecs - elapsed;

    return timeout < 0 ? 0 : timeout;

}

class QSslSocketGlobalData

{

public:

    QSslSocketGlobalData() : config(new QSslConfigurationPrivate) {}

    QMutex mutex;

    QList<QSslCipher> supportedCiphers;

    QExplicitlySharedDataPointer<QSslConfigurationPrivate> config;

};

Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData)

/*!

    Constructs a QSslSocket object. \a parent is passed to QObject's

    constructor. The new socket's \l {QSslCipher} {cipher} suite is

    set to the one returned by the static method defaultCiphers().

*/

QSslSocket::QSslSocket(QObject *parent)

    : QTcpSocket(*new QSslSocketBackendPrivate, parent)

{

    Q_D(QSslSocket);

#ifdef QSSLSOCKET_DEBUG

    qDebug() << "QSslSocket::QSslSocket(" << parent << "), this =" << (void *)this;

#endif

    d->q_ptr = this;

    d->init();

}

/*!

    Destroys the QSslSocket.

*/

QSslSocket::~QSslSocket()

{

    Q_D(QSslSocket);

#ifdef QSSLSOCKET_DEBUG

    qDebug() << "QSslSocket::~QSslSocket(), this =" << (void *)this;

#endif

    delete d->plainSocket;

    d->plainSocket = 0;

}

/*!

    Starts an encrypted connection to the device \a hostName on \a

    port, using \a mode as the \l OpenMode. This is equivalent to

    calling connectToHost() to establish the connection, followed by a

    call to startClientEncryption().

    QSslSocket first enters the HostLookupState. Then, after entering

    either the event loop or one of the waitFor...() functions, it

    enters the ConnectingState, emits connected(), and then initiates

    the SSL client handshake. At each state change, QSslSocket emits

    signal stateChanged().

    After initiating the SSL client handshake, if the identity of the

    peer can't be established, signal sslErrors() is emitted. If you

    want to ignore the errors and continue connecting, you must call

    ignoreSslErrors(), either from inside a slot function connected to

    the sslErrors() signal, or prior to entering encrypted mode. If

    ignoreSslErrors() is not called, the connection is dropped, signal

    disconnected() is emitted, and QSslSocket returns to the

    UnconnectedState.

    If the SSL handshake is successful, QSslSocket emits encrypted().

    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 3

    \bold{Note:} The example above shows that text can be written to

    the socket immediately after requesting the encrypted connection,

    before the encrypted() signal has been emitted. In such cases, the

    text is queued in the object and written to the socket \e after

    the connection is established and the encrypted() signal has been

    emitted.

    The default for \a mode is \l ReadWrite.

    If you want to create a QSslSocket on the server side of a connection, you

    should instead call startServerEncryption() upon receiving the incoming

    connection through QTcpServer.

    \sa connectToHost(), startClientEncryption(), waitForConnected(), waitForEncrypted()

*/

void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode)

{

    Q_D(QSslSocket);

    if (d->state == ConnectedState || d->state == ConnectingState) {

        qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected");

        return;

    }

    d->init();

    d->autoStartHandshake = true;

    d->initialized = true;

    // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)

    // establish the connection immediately (i.e., first attempt).

    connectToHost(hostName, port, mode);

}

/*!

    \since 4.6

    \overload

    In addition to the original behaviour of connectToHostEncrypted,

    this overloaded method enables the usage of a different hostname 

    (\a sslPeerName) for the certificate validation instead of

    the one used for the TCP connection (\a hostName).

    \sa connectToHostEncrypted()

*/

void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,

                                        const QString &sslPeerName, OpenMode mode)

{

    Q_D(QSslSocket);

    if (d->state == ConnectedState || d->state == ConnectingState) {

        qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected");

        return;

    }

    d->init();

    d->autoStartHandshake = true;

    d->initialized = true;

    d->verificationPeerName = sslPeerName;

    // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)

    // establish the connection immediately (i.e., first attempt).

    connectToHost(hostName, port, mode);

}

/*!

    Initializes QSslSocket with the native socket descriptor \a

    socketDescriptor. Returns true if \a socketDescriptor is accepted

    as a valid socket descriptor; otherwise returns false.

    The socket is opened in the mode specified by \a openMode, and

    enters the socket state specified by \a state.

    \bold{Note:} It is not possible to initialize two sockets with the same

    native socket descriptor.

    \sa socketDescriptor()

*/

bool QSslSocket::setSocketDescriptor(int socketDescriptor, SocketState state, OpenMode openMode)

{

    Q_D(QSslSocket);

#ifdef QSSLSOCKET_DEBUG

    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ','

             << state << ',' << openMode << ')';

#endif

    if (!d->plainSocket)

        d->createPlainSocket(openMode);

    bool retVal = d->plainSocket->setSocketDescriptor(socketDescriptor, state, openMode);

    d->cachedSocketDescriptor = d->plainSocket->socketDescriptor();

    setSocketError(d->plainSocket->error());

    setSocketState(state);

    setOpenMode(openMode);

    setLocalPort(d->plainSocket->localPort());

    setLocalAddress(d->plainSocket->localAddress());

    setPeerPort(d->plainSocket->peerPort());

    setPeerAddress(d->plainSocket->peerAddress());

    setPeerName(d->plainSocket->peerName());

    return retVal;

}

/*!

    \since 4.6

    Sets the given \a option to the value described by \a value.

    \sa socketOption()

*/

void QSslSocket::setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value)

{

    Q_D(QSslSocket);

    if (d->plainSocket)

        d->plainSocket->setSocketOption(option, value);

}

/*!

    \since 4.6

    Returns the value of the \a option option.

    \sa setSocketOption()

*/

QVariant QSslSocket::socketOption(QAbstractSocket::SocketOption option)

{

    Q_D(QSslSocket);

    if (d->plainSocket)

        return d->plainSocket->socketOption(option);

    else

        return QVariant();

}

/*!

    Returns the current mode for the socket; either UnencryptedMode, where

    QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or

    SslServerMode, where the client is either negotiating or in encrypted

    mode.

    When the mode changes, QSslSocket emits modeChanged()

    \sa SslMode

*/

QSslSocket::SslMode QSslSocket::mode() const

{

    Q_D(const QSslSocket);

    return d->mode;

}

/*!

    Returns true if the socket is encrypted; otherwise, false is returned.

    An encrypted socket encrypts all data that is written by calling write()

    or putChar() before the data is written to the network, and decrypts all

    incoming data as the data is received from the network, before you call

    read(), readLine() or getChar().

    QSslSocket emits encrypted() when it enters encrypted mode.

    You can call sessionCipher() to find which cryptographic cipher is used to

    encrypt and decrypt your data.

    \sa mode()