|
1 /**************************************************************************** |
|
2 ** |
|
3 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies). |
|
4 ** All rights reserved. |
|
5 ** Contact: Nokia Corporation (qt-info@nokia.com) |
|
6 ** |
|
7 ** This file is part of the QtNetwork module of the Qt Toolkit. |
|
8 ** |
|
9 ** $QT_BEGIN_LICENSE:LGPL$ |
|
10 ** No Commercial Usage |
|
11 ** This file contains pre-release code and may not be distributed. |
|
12 ** You may use this file in accordance with the terms and conditions |
|
13 ** contained in the Technology Preview License Agreement accompanying |
|
14 ** this package. |
|
15 ** |
|
16 ** GNU Lesser General Public License Usage |
|
17 ** Alternatively, this file may be used under the terms of the GNU Lesser |
|
18 ** General Public License version 2.1 as published by the Free Software |
|
19 ** Foundation and appearing in the file LICENSE.LGPL included in the |
|
20 ** packaging of this file. Please review the following information to |
|
21 ** ensure the GNU Lesser General Public License version 2.1 requirements |
|
22 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. |
|
23 ** |
|
24 ** In addition, as a special exception, Nokia gives you certain additional |
|
25 ** rights. These rights are described in the Nokia Qt LGPL Exception |
|
26 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. |
|
27 ** |
|
28 ** If you have questions regarding the use of this file, please contact |
|
29 ** Nokia at qt-info@nokia.com. |
|
30 ** |
|
31 ** |
|
32 ** |
|
33 ** |
|
34 ** |
|
35 ** |
|
36 ** |
|
37 ** |
|
38 ** $QT_END_LICENSE$ |
|
39 ** |
|
40 ****************************************************************************/ |
|
41 |
|
42 |
|
43 /*! |
|
44 \class QSslError |
|
45 \brief The QSslError class provides an SSL error. |
|
46 \since 4.3 |
|
47 |
|
48 \reentrant |
|
49 \ingroup network |
|
50 \ingroup ssl |
|
51 \inmodule QtNetwork |
|
52 |
|
53 QSslError provides a simple API for managing errors during QSslSocket's |
|
54 SSL handshake. |
|
55 |
|
56 \sa QSslSocket, QSslCertificate, QSslCipher |
|
57 */ |
|
58 |
|
59 /*! |
|
60 \enum QSslError::SslError |
|
61 |
|
62 Describes all recognized errors that can occur during an SSL handshake. |
|
63 |
|
64 \value NoError |
|
65 \value UnableToGetIssuerCertificate |
|
66 \value UnableToDecryptCertificateSignature |
|
67 \value UnableToDecodeIssuerPublicKey |
|
68 \value CertificateSignatureFailed |
|
69 \value CertificateNotYetValid |
|
70 \value CertificateExpired |
|
71 \value InvalidNotBeforeField |
|
72 \value InvalidNotAfterField |
|
73 \value SelfSignedCertificate |
|
74 \value SelfSignedCertificateInChain |
|
75 \value UnableToGetLocalIssuerCertificate |
|
76 \value UnableToVerifyFirstCertificate |
|
77 \value CertificateRevoked |
|
78 \value InvalidCaCertificate |
|
79 \value PathLengthExceeded |
|
80 \value InvalidPurpose |
|
81 \value CertificateUntrusted |
|
82 \value CertificateRejected |
|
83 \value SubjectIssuerMismatch |
|
84 \value AuthorityIssuerSerialNumberMismatch |
|
85 \value NoPeerCertificate |
|
86 \value HostNameMismatch |
|
87 \value UnspecifiedError |
|
88 \value NoSslSupport |
|
89 |
|
90 \sa QSslError::errorString() |
|
91 */ |
|
92 |
|
93 #include "qsslerror.h" |
|
94 #ifndef QT_NO_DEBUG_STREAM |
|
95 #include <QtCore/qdebug.h> |
|
96 |
|
97 QT_BEGIN_NAMESPACE |
|
98 #endif |
|
99 |
|
100 class QSslErrorPrivate |
|
101 { |
|
102 public: |
|
103 QSslError::SslError error; |
|
104 QSslCertificate certificate; |
|
105 }; |
|
106 |
|
107 /*! |
|
108 Constructs a QSslError object with no error and default certificate. |
|
109 |
|
110 */ |
|
111 |
|
112 // RVCT compiler in debug build does not like about default values in const- |
|
113 // So as an workaround we define all constructor overloads here explicitly |
|
114 QSslError::QSslError() |
|
115 : d(new QSslErrorPrivate) |
|
116 { |
|
117 d->error = QSslError::NoError; |
|
118 d->certificate = QSslCertificate(); |
|
119 } |
|
120 |
|
121 /*! |
|
122 Constructs a QSslError object. The argument specifies the \a |
|
123 error that occurred. |
|
124 |
|
125 */ |
|
126 QSslError::QSslError(SslError error) |
|
127 : d(new QSslErrorPrivate) |
|
128 { |
|
129 d->error = error; |
|
130 d->certificate = QSslCertificate(); |
|
131 } |
|
132 |
|
133 /*! |
|
134 Constructs a QSslError object. The two arguments specify the \a |
|
135 error that occurred, and which \a certificate the error relates to. |
|
136 |
|
137 \sa QSslCertificate |
|
138 */ |
|
139 QSslError::QSslError(SslError error, const QSslCertificate &certificate) |
|
140 : d(new QSslErrorPrivate) |
|
141 { |
|
142 d->error = error; |
|
143 d->certificate = certificate; |
|
144 } |
|
145 |
|
146 /*! |
|
147 Constructs an identical copy of \a other. |
|
148 */ |
|
149 QSslError::QSslError(const QSslError &other) |
|
150 : d(new QSslErrorPrivate) |
|
151 { |
|
152 *d.data() = *other.d.data(); |
|
153 } |
|
154 |
|
155 /*! |
|
156 Destroys the QSslError object. |
|
157 */ |
|
158 QSslError::~QSslError() |
|
159 { |
|
160 } |
|
161 |
|
162 /*! |
|
163 \since 4.4 |
|
164 |
|
165 Assigns the contents of \a other to this error. |
|
166 */ |
|
167 QSslError &QSslError::operator=(const QSslError &other) |
|
168 { |
|
169 *d.data() = *other.d.data(); |
|
170 return *this; |
|
171 } |
|
172 |
|
173 /*! |
|
174 \since 4.4 |
|
175 |
|
176 Returns true if this error is equal to \a other; otherwise returns false. |
|
177 */ |
|
178 bool QSslError::operator==(const QSslError &other) const |
|
179 { |
|
180 return d->error == other.d->error |
|
181 && d->certificate == other.d->certificate; |
|
182 } |
|
183 |
|
184 /*! |
|
185 \fn bool QSslError::operator!=(const QSslError &other) const |
|
186 \since 4.4 |
|
187 |
|
188 Returns true if this error is not equal to \a other; otherwise returns |
|
189 false. |
|
190 */ |
|
191 |
|
192 /*! |
|
193 Returns the type of the error. |
|
194 |
|
195 \sa errorString(), certificate() |
|
196 */ |
|
197 QSslError::SslError QSslError::error() const |
|
198 { |
|
199 return d->error; |
|
200 } |
|
201 |
|
202 /*! |
|
203 Returns a short localized human-readable description of the error. |
|
204 |
|
205 \sa error(), certificate() |
|
206 */ |
|
207 QString QSslError::errorString() const |
|
208 { |
|
209 QString errStr; |
|
210 switch (d->error) { |
|
211 case NoError: |
|
212 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "No error")); |
|
213 break; |
|
214 case UnableToGetIssuerCertificate: |
|
215 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The issuer certificate could not be found")); |
|
216 break; |
|
217 case UnableToDecryptCertificateSignature: |
|
218 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate signature could not be decrypted")); |
|
219 break; |
|
220 case UnableToDecodeIssuerPublicKey: |
|
221 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The public key in the certificate could not be read")); |
|
222 break; |
|
223 case CertificateSignatureFailed: |
|
224 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The signature of the certificate is invalid")); |
|
225 break; |
|
226 case CertificateNotYetValid: |
|
227 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate is not yet valid")); |
|
228 break; |
|
229 case CertificateExpired: |
|
230 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate has expired")); |
|
231 break; |
|
232 case InvalidNotBeforeField: |
|
233 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate's notBefore field contains an invalid time")); |
|
234 break; |
|
235 case InvalidNotAfterField: |
|
236 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate's notAfter field contains an invalid time")); |
|
237 break; |
|
238 case SelfSignedCertificate: |
|
239 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate is self-signed, and untrusted")); |
|
240 break; |
|
241 case SelfSignedCertificateInChain: |
|
242 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root certificate of the certificate chain is self-signed, and untrusted")); |
|
243 break; |
|
244 case UnableToGetLocalIssuerCertificate: |
|
245 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The issuer certificate of a locally looked up certificate could not be found")); |
|
246 break; |
|
247 case UnableToVerifyFirstCertificate: |
|
248 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "No certificates could be verified")); |
|
249 break; |
|
250 case InvalidCaCertificate: |
|
251 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "One of the CA certificates is invalid")); |
|
252 break; |
|
253 case PathLengthExceeded: |
|
254 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The basicConstraints pathlength parameter has been exceeded")); |
|
255 break; |
|
256 case InvalidPurpose: |
|
257 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The supplied certificate is unsuited for this purpose")); |
|
258 break; |
|
259 case CertificateUntrusted: |
|
260 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root CA certificate is not trusted for this purpose")); |
|
261 break; |
|
262 case CertificateRejected: |
|
263 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root CA certificate is marked to reject the specified purpose")); |
|
264 break; |
|
265 case SubjectIssuerMismatch: // hostname mismatch |
|
266 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, |
|
267 "The current candidate issuer certificate was rejected because its" |
|
268 " subject name did not match the issuer name of the current certificate")); |
|
269 break; |
|
270 case AuthorityIssuerSerialNumberMismatch: |
|
271 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The current candidate issuer certificate was rejected because" |
|
272 " its issuer name and serial number was present and did not match the" |
|
273 " authority key identifier of the current certificate")); |
|
274 break; |
|
275 case NoPeerCertificate: |
|
276 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The peer did not present any certificate")); |
|
277 break; |
|
278 case HostNameMismatch: |
|
279 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, |
|
280 "The host name did not match any of the valid hosts" |
|
281 " for this certificate")); |
|
282 break; |
|
283 case NoSslSupport: |
|
284 break; |
|
285 default: |
|
286 errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "Unknown error")); |
|
287 break; |
|
288 } |
|
289 |
|
290 return errStr; |
|
291 } |
|
292 |
|
293 /*! |
|
294 Returns the certificate associated with this error, or a null certificate |
|
295 if the error does not relate to any certificate. |
|
296 |
|
297 \sa error(), errorString() |
|
298 */ |
|
299 QSslCertificate QSslError::certificate() const |
|
300 { |
|
301 return d->certificate; |
|
302 } |
|
303 |
|
304 #ifndef QT_NO_DEBUG_STREAM |
|
305 //class QDebug; |
|
306 QDebug operator<<(QDebug debug, const QSslError &error) |
|
307 { |
|
308 debug << error.errorString(); |
|
309 return debug; |
|
310 } |
|
311 QDebug operator<<(QDebug debug, const QSslError::SslError &error) |
|
312 { |
|
313 debug << QSslError(error).errorString(); |
|
314 return debug; |
|
315 } |
|
316 #endif |
|
317 |
|
318 QT_END_NAMESPACE |