27 #include "ksslpeerinfo.h"
30 #include <ksockaddr.h>
33 #ifndef Q_WS_WIN //TODO kresolver not ported
34 #include "kresolver.h"
37 #include "ksslx509map.h"
39 class KSSLPeerInfoPrivate {
41 KSSLPeerInfoPrivate() {}
42 ~KSSLPeerInfoPrivate() { }
48 KSSLPeerInfo::KSSLPeerInfo() {
49 d =
new KSSLPeerInfoPrivate;
61 d->peerHost = realHost.stripWhiteSpace();
62 while(d->peerHost.endsWith(
"."))
63 d->peerHost.truncate(d->peerHost.length()-1);
65 #ifdef Q_WS_WIN //TODO kresolver not ported
66 d->peerHost = d->peerHost.lower();
68 d->peerHost = TQString::fromLatin1(KNetwork::KResolver::domainToAscii(d->peerHost));
75 TQStringList cns = TQStringList::split(TQRegExp(
"[ \n\r]"), certinfo.getValue(
"CN"));
78 for (TQStringList::Iterator cn = cns.begin(); cn != cns.end(); ++cn) {
93 kdDebug(7029) <<
"Matching CN=[" << cn <<
"] to ["
94 << d->peerHost <<
"]" << endl;
97 if (TQRegExp(
"[^a-zA-Z0-9\\.\\*\\-]").search(cn) >= 0) {
98 kdDebug(7029) <<
"CN contains invalid characters! Failing." << endl;
103 while(cn.endsWith(
"."))
104 cn.truncate(cn.length()-1);
111 rx.setPattern(
"[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}");
112 if (rx.exactMatch(d->peerHost))
113 return d->peerHost == cn;
116 rx.setPattern(
"^\\[.*\\]$");
117 if (rx.exactMatch(d->peerHost))
118 return d->peerHost == cn;
120 if (cn.contains(
'*')) {
123 TQStringList parts = TQStringList::split(
'.', cn,
false);
125 while (parts.count() > 2)
126 parts.remove(parts.begin());
128 if (parts.count() != 2) {
132 if (parts[0].contains(
'*') || parts[1].contains(
'*')) {
139 if (TQRegExp(cn,
false,
true).exactMatch(d->peerHost) &&
140 TQStringList::split(
'.', cn,
false).count() ==
141 TQStringList::split(
'.', d->peerHost,
false).count())
145 if (cn.startsWith(
"*.")) {
146 TQString chopped = cn.mid(2);
147 if (chopped == d->peerHost) {
156 if (cn == d->peerHost)
164 d->peerHost = TQString::null;
void reset()
Clear out the host name.
TQStringList subjAltNames() const
The alternate subject name.
bool certMatchesAddress()
Determine if the peer's certificate matches the address set with setPeerHost().
void setPeerHost(TQString host=TQString::null)
Set the host that we are connected to.
bool cnMatchesAddress(TQString cn)
Determine if the given "common name" matches the address set with setPeerHost().
TQString getSubject() const
Get the subject of the certificate (X.509 map).
KSSLCertificate & getPeerCertificate()
Get a reference to the peer's certificate.
~KSSLPeerInfo()
Destroy this instance.
const TQString & peerHost() const
Returns the host we are connected to.