• Skip to content
  • Skip to link menu
Trinity API Reference
  • Trinity API Reference
  • tdeio/kssl
 

tdeio/kssl

  • tdeio
  • kssl
kssl.cpp
1 /* This file is part of the KDE project
2  *
3  * Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
4  *
5  * This library is free software; you can redistribute it and/or
6  * modify it under the terms of the GNU Library General Public
7  * License as published by the Free Software Foundation; either
8  * version 2 of the License, or (at your option) any later version.
9  *
10  * This library is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  * Library General Public License for more details.
14  *
15  * You should have received a copy of the GNU Library General Public License
16  * along with this library; see the file COPYING.LIB. If not, write to
17  * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18  * Boston, MA 02110-1301, USA.
19  */
20 
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24 
25 // this hack provided by Malte Starostik to avoid glibc/openssl bug
26 // on some systems
27 #ifdef KSSL_HAVE_SSL
28 #include <unistd.h>
29 #include <netinet/in.h>
30 #include <sys/socket.h>
31 #define crypt _openssl_crypt
32 #include <openssl/ssl.h>
33 #include <openssl/x509.h>
34 #include <openssl/x509v3.h>
35 #include <openssl/pem.h>
36 #include <openssl/rand.h>
37 #undef crypt
38 #endif
39 
40 #include "kssl.h"
41 
42 #include <kdebug.h>
43 #include <kstandarddirs.h>
44 #include <ksock.h>
45 #include <ksockaddr.h>
46 
47 #include <kopenssl.h>
48 #include <ksslx509v3.h>
49 #include <ksslpkcs12.h>
50 #include <ksslsession.h>
51 #include <tdelocale.h>
52 #include <ksocks.h>
53 
54 
55 class KSSLPrivate {
56 public:
57  KSSLPrivate() {
58  lastInitTLS = false;
59  kossl = KOpenSSLProxy::self();
60  session = 0L;
61  }
62 
63  ~KSSLPrivate() {
64  delete session;
65  session = 0L;
66  }
67 
68  bool lastInitTLS;
69  KSSLCertificate::KSSLValidation m_cert_vfy_res;
70  TQString proxyPeer;
71 
72 #ifdef KSSL_HAVE_SSL
73  SSL *m_ssl;
74  SSL_CTX *m_ctx;
75  SSL_METHOD *m_meth;
76 #endif
77  KSSLSession *session;
78  KOSSL *kossl;
79 };
80 
81 
82 KSSL::KSSL(bool init) {
83  d = new KSSLPrivate;
84  m_bInit = false;
85  m_bAutoReconfig = true;
86  m_cfg = new KSSLSettings();
87 #ifdef KSSL_HAVE_SSL
88  d->m_ssl = 0L;
89 #endif
90 
91  if (init)
92  initialize();
93 }
94 
95 
96 KSSL::~KSSL() {
97  close();
98  delete m_cfg;
99  delete d;
100 }
101 
102 
103 int KSSL::seedWithEGD() {
104 int rc = 0;
105 #ifdef KSSL_HAVE_SSL
106  if (m_cfg->useEGD() && !m_cfg->getEGDPath().isEmpty()) {
107  rc = d->kossl->RAND_egd(m_cfg->getEGDPath().latin1());
108  if (rc < 0)
109  kdDebug(7029) << "KSSL: Error seeding PRNG with the EGD." << endl;
110  else kdDebug(7029) << "KSSL: PRNG was seeded with " << rc
111  << " bytes from the EGD." << endl;
112  } else if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) {
113  rc = d->kossl->RAND_load_file(m_cfg->getEGDPath().latin1(), -1);
114  if (rc < 0)
115  kdDebug(7029) << "KSSL: Error seeding PRNG with the entropy file." << endl;
116  else kdDebug(7029) << "KSSL: PRNG was seeded with " << rc
117  << " bytes from the entropy file." << endl;
118  }
119 #endif
120 return rc;
121 }
122 
123 
124 bool KSSL::TLSInit() {
125 #ifdef KSSL_HAVE_SSL
126 // kdDebug(7029) << "KSSL TLS initialize" << endl;
127  if (m_bInit)
128  return false;
129 
130  if (m_bAutoReconfig)
131  m_cfg->load();
132 
133  if (!m_cfg->tlsv1())
134  return false;
135 
136  seedWithEGD();
137  d->m_meth = d->kossl->TLS_client_method();
138  d->lastInitTLS = true;
139 
140  m_pi.reset();
141 
142  d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth);
143  if (d->m_ctx == 0L) {
144  return false;
145  }
146 
147  // set cipher list
148  TQString clist = m_cfg->getCipherList();
149  //kdDebug(7029) << "Cipher list: " << clist << endl;
150  if (!clist.isEmpty())
151  d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.ascii()));
152 
153  m_bInit = true;
154 return true;
155 #else
156 return false;
157 #endif
158 }
159 
160 
161 bool KSSL::initialize() {
162 #ifdef KSSL_HAVE_SSL
163  kdDebug(7029) << "KSSL initialize" << endl;
164  if (m_bInit)
165  return false;
166 
167  if (m_bAutoReconfig)
168  m_cfg->load();
169 
170  seedWithEGD();
171  // FIXME: we should be able to force SSL off entirely.
172  d->lastInitTLS = false;
173 
174  m_pi.reset();
175 
176  if (m_cfg->tlsv1() || (m_cfg->sslv3() && m_cfg->sslv2())) {
177  d->m_meth = d->kossl->TLS_client_method();
178  }
179  else if (m_cfg->sslv3()) {
180  d->m_meth = d->kossl->SSLv3_client_method();
181  }
182  else if (m_cfg->sslv2()) {
183  d->m_meth = d->kossl->SSLv2_client_method();
184  }
185 
186 /*
187 if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl;
188 else if (m_cfg->sslv2()) kdDebug(7029) << "SSL2 method" << endl;
189 else if (m_cfg->sslv3()) kdDebug(7029) << "SSL3 method" << endl;
190 */
191 
192  d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth);
193  if (d->m_ctx == 0L) {
194  return false;
195  }
196 
197  // set cipher list
198  TQString clist = m_cfg->getCipherList();
199  kdDebug(7029) << "Cipher list: " << clist << endl;
200  if (!clist.isEmpty())
201  d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.ascii()));
202 
203  m_bInit = true;
204 return true;
205 #else
206 return false;
207 #endif
208 }
209 
210 
211 bool KSSL::takeSession(KSSLSession *session) {
212 #ifdef KSSL_HAVE_SSL
213  if (!session) {
214  delete d->session;
215  d->session = 0L;
216  return true;
217  }
218 
219  // Take session reference
220  d->session = new KSSLSession;
221  d->session->_session = session->_session;
222  session->_session = 0L;
223 
224  return true;
225 #else
226  return false;
227 #endif
228 }
229 
230 
231 void KSSL::close() {
232 #ifdef KSSL_HAVE_SSL
233 //kdDebug(7029) << "KSSL close" << endl;
234  if (!m_bInit)
235  return;
236 
237  delete d->session;
238  d->session = 0L;
239 
240  if (d->m_ssl) {
241  d->kossl->SSL_shutdown(d->m_ssl);
242  d->kossl->SSL_free(d->m_ssl);
243  d->m_ssl = 0L;
244  }
245 
246  d->kossl->SSL_CTX_free(d->m_ctx);
247  if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) {
248  d->kossl->RAND_write_file(m_cfg->getEGDPath().latin1());
249  }
250 
251  m_bInit = false;
252 #endif
253 }
254 
255 
256 bool KSSL::reInitialize() {
257  close();
258 return initialize();
259 }
260 
261 // get the callback file - it's hidden away in here
262 //#include "ksslcallback.c"
263 
264 
265 bool KSSL::setVerificationLogic() {
266 #if 0
267 #ifdef KSSL_HAVE_SSL
268  // SSL_set_verify_result(d->m_ssl, X509_V_OK);
269  // SSL_CTX_set_verify(d->m_ctx, SSL_VERIFY_PEER, X509Callback);
270 #endif
271 #endif
272 return true;
273 }
274 
275 
276 int KSSL::accept(int sock) {
277 #ifdef KSSL_HAVE_SSL
278 // kdDebug(7029) << "KSSL accept" << endl;
279 int rc;
280  if (!m_bInit)
281  return -1;
282  d->m_ssl = d->kossl->SSL_new(d->m_ctx);
283  if (!d->m_ssl)
284  return -1;
285 
286  if (d->session) {
287 #if OPENSSL_VERSION_NUMBER < 0x10100000L
288  if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
289  {
290  kdDebug(7029) << "Can't reuse session, no certificate." << endl;
291  delete d->session;
292  d->session = 0;
293  }
294  else
295 #endif
296  if (1 == d->kossl->SSL_set_session(d->m_ssl,
297  static_cast<SSL_SESSION*>(d->session->_session))) {
298  kdDebug(7029) << "Session ID is being reused." << endl;
299  } else {
300  kdDebug(7029) << "Error attempting to reuse session." << endl;
301  delete d->session;
302  d->session = 0;
303  }
304  }
305 
306 /*
307  if (!setVerificationLogic()) {
308  d->kossl->SSL_shutdown(d->m_ssl);
309  d->kossl->SSL_free(d->m_ssl);
310  d->m_ssl = 0;
311  return -1;
312  }
313 */
314 
315  int off = SSL_OP_ALL;
316  if (!d->lastInitTLS && !m_cfg->tlsv1())
317  off |= SSL_OP_NO_TLSv1;
318  if (!m_cfg->sslv3())
319  off |= SSL_OP_NO_SSLv3;
320  if (!m_cfg->sslv2())
321  off |= SSL_OP_NO_SSLv2;
322 
323  d->kossl->_SSL_set_options(d->m_ssl, off);
324 
325  rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
326  if (rc == 0) {
327  d->kossl->SSL_shutdown(d->m_ssl);
328  d->kossl->SSL_free(d->m_ssl);
329  d->m_ssl = 0;
330  return rc;
331  }
332 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
333  d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
334 #endif
335 
336  rc = d->kossl->SSL_accept(d->m_ssl);
337  if (rc == 1) {
338  setConnectionInfo();
339  setPeerInfo();
340  kdDebug(7029) << "KSSL connected OK" << endl;
341  } else {
342  kdDebug(7029) << "KSSL accept failed - rc = " << rc << endl;
343  kdDebug(7029) << " ERROR = "
344  << d->kossl->SSL_get_error(d->m_ssl, rc) << endl;
345  d->kossl->SSL_shutdown(d->m_ssl);
346  d->kossl->SSL_free(d->m_ssl);
347  d->m_ssl = 0;
348  return -1;
349  }
350 
351  if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
352  if (d->session) {
353  kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
354  delete d->session;
355  d->session = 0L;
356  }
357  }
358 
359  if (!d->session) {
360  SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl);
361  if (sess) {
362  d->session = new KSSLSession;
363  d->session->_session = sess;
364  }
365  }
366 
367 return rc;
368 #else
369 return -1;
370 #endif
371 }
372 
373 
374 int KSSL::connect(int sock) {
375 #ifdef KSSL_HAVE_SSL
376 // kdDebug(7029) << "KSSL connect" << endl;
377 int rc;
378  if (!m_bInit)
379  return -1;
380  d->m_ssl = d->kossl->SSL_new(d->m_ctx);
381  if (!d->m_ssl)
382  return -1;
383 
384  if (d->session) {
385 #if OPENSSL_VERSION_NUMBER < 0x10100000L
386  if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
387  {
388  kdDebug(7029) << "Can't reuse session, no certificate." << endl;
389  delete d->session;
390  d->session = 0;
391  }
392  else
393 #endif
394  if (1 == d->kossl->SSL_set_session(d->m_ssl,
395  static_cast<SSL_SESSION*>(d->session->_session))) {
396  kdDebug(7029) << "Session ID is being reused." << endl;
397  } else {
398  kdDebug(7029) << "Error attempting to reuse session." << endl;
399  delete d->session;
400  d->session = 0;
401  }
402  }
403 
404 /*
405  if (!setVerificationLogic()) {
406  d->kossl->SSL_shutdown(d->m_ssl);
407  d->kossl->SSL_free(d->m_ssl);
408  d->m_ssl = 0;
409  return -1;
410  }
411 */
412 
413  int off = SSL_OP_ALL;
414  if (!d->lastInitTLS && !m_cfg->tlsv1())
415  off |= SSL_OP_NO_TLSv1;
416  if (!m_cfg->sslv3())
417  off |= SSL_OP_NO_SSLv3;
418  if (!m_cfg->sslv2())
419  off |= SSL_OP_NO_SSLv2;
420 
421  d->kossl->_SSL_set_options(d->m_ssl, off);
422 
423  rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
424  if (rc == 0) {
425  d->kossl->SSL_shutdown(d->m_ssl);
426  d->kossl->SSL_free(d->m_ssl);
427  d->m_ssl = 0;
428  return rc;
429  }
430 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
431  d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
432 #endif
433 
434 connect_again:
435  rc = d->kossl->SSL_connect(d->m_ssl);
436  if (rc == 1) {
437  setConnectionInfo();
438  setPeerInfo();
439  kdDebug(7029) << "KSSL connected OK" << endl;
440  } else {
441  int err = d->kossl->SSL_get_error(d->m_ssl, rc);
442  if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
443  // nonblocking - but we block anyways in connect() :)
444  goto connect_again;
445  } else {
446  kdDebug(7029) << "KSSL connect failed - rc = "
447  << rc << endl;
448  kdDebug(7029) << " ERROR = "
449  << err << endl;
450  d->kossl->ERR_print_errors_fp(stderr);
451  d->kossl->SSL_shutdown(d->m_ssl);
452  d->kossl->SSL_free(d->m_ssl);
453  d->m_ssl = 0;
454  return -1;
455  }
456  }
457 
458  if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
459  if (d->session) {
460  kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
461  delete d->session;
462  d->session = 0L;
463  }
464  }
465 
466  if (!d->session) {
467  SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl);
468  if (sess) {
469  d->session = new KSSLSession;
470  d->session->_session = sess;
471  }
472  }
473 
474 return rc;
475 #else
476 return -1;
477 #endif
478 }
479 
480 
481 int KSSL::pending() {
482 #ifdef KSSL_HAVE_SSL
483  if (!m_bInit)
484  return -1;
485 return d->kossl->SSL_pending(d->m_ssl);
486 #else
487 return -1;
488 #endif
489 }
490 
491 
492 int KSSL::peek(void *buf, int len) {
493 #ifdef KSSL_HAVE_SSL
494  if (!m_bInit)
495  return -1;
496  // FIXME: enhance to work the way read() does below, handling errors
497 return d->kossl->SSL_peek(d->m_ssl, buf, len);
498 #else
499 return -1;
500 #endif
501 }
502 
503 
504 int KSSL::read(void *buf, int len) {
505 #ifdef KSSL_HAVE_SSL
506  int rc = 0;
507  int maxIters = 10;
508 
509  if (!m_bInit)
510  return -1;
511 
512 read_again:
513  rc = d->kossl->SSL_read(d->m_ssl, (char *)buf, len);
514  if (rc <= 0) {
515  int err = d->kossl->SSL_get_error(d->m_ssl, rc);
516 
517  if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
518  kdDebug(7029) << "SSL read() returning 0: " << err << endl;
519  if (maxIters-- > 0) {
520  ::usleep(20000); // 20ms sleep
521  goto read_again;
522  }
523  return 0;
524  }
525 
526  kdDebug(7029) << "SSL READ ERROR: " << err << endl;
527  if (err != SSL_ERROR_NONE &&
528  err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL) {
529  rc = -1; // OpenSSL returns 0 on error too
530  d->kossl->ERR_print_errors_fp(stderr);
531  }
532 
533 // else if (err == SSL_ERROR_ZERO_RETURN)
534 // rc = 0;
535  }
536 return rc;
537 #else
538 return -1;
539 #endif
540 }
541 
542 
543 int KSSL::write(const void *buf, int len) {
544 #ifdef KSSL_HAVE_SSL
545  if (!m_bInit)
546  return -1;
547 
548 write_again:
549  int rc = d->kossl->SSL_write(d->m_ssl, (const char *)buf, len);
550  if (rc <= 0) { // OpenSSL returns 0 on error too
551  int err = d->kossl->SSL_get_error(d->m_ssl, rc);
552 
553  if (err == SSL_ERROR_WANT_WRITE) {
554  ::usleep(20000); // 20ms sleep
555  goto write_again;
556  }
557 
558  kdDebug(7029) << "SSL WRITE ERROR: " << err << endl;
559  if (err != SSL_ERROR_NONE &&
560  err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL)
561  rc = -1;
562  }
563 
564 return rc;
565 #else
566 return -1;
567 #endif
568 }
569 
570 
571 bool KSSL::reconfig() {
572  return reInitialize();
573 }
574 
575 
576 void KSSL::setAutoReconfig(bool ar) {
577  m_bAutoReconfig = ar;
578 }
579 
580 
581 bool KSSL::setSettings(KSSLSettings *settings) {
582  delete m_cfg;
583  m_cfg = settings;
584  return reconfig();
585 }
586 
587 
588 #ifdef KSSL_HAVE_SSL
589 bool KSSL::m_bSSLWorks = true;
590 #else
591 bool KSSL::m_bSSLWorks = false;
592 #endif
593 
594 bool KSSL::doesSSLWork() {
595  return m_bSSLWorks;
596 }
597 
598 
599 void KSSL::setConnectionInfo() {
600 #ifdef KSSL_HAVE_SSL
601 SSL_CIPHER *sc;
602 char buf[1024];
603 
604  buf[0] = 0; // for safety.
605  sc = d->kossl->SSL_get_current_cipher(d->m_ssl);
606  if (!sc) {
607  kdDebug(7029) << "KSSL get current cipher failed - we're probably gonna crash!" << endl;
608  return;
609  }
610 
611  // set the number of bits, bits used
612  m_ci.m_iCipherUsedBits = d->kossl->SSL_CIPHER_get_bits(sc, &(m_ci.m_iCipherBits));
613  // set the cipher version
614  m_ci.m_cipherVersion = d->kossl->SSL_CIPHER_get_version(sc);
615  // set the cipher name
616  m_ci.m_cipherName = d->kossl->SSL_CIPHER_get_name(sc);
617  // set the cipher description
618  m_ci.m_cipherDescription = d->kossl->SSL_CIPHER_description(sc, buf, 1023);
619 
620 #endif
621 }
622 
623 
624 void KSSL::setPeerInfo() {
625 #ifdef KSSL_HAVE_SSL
626  m_pi.setPeerHost(d->proxyPeer);
627  m_pi.m_cert.setCert(d->kossl->SSL_get_peer_certificate(d->m_ssl));
628  STACK_OF(X509) *xs = d->kossl->SSL_get_peer_cert_chain(d->m_ssl);
629  if (xs)
630  xs = reinterpret_cast<STACK_OF(X509)*>(d->kossl->OPENSSL_sk_dup(xs)); // Leak?
631  m_pi.m_cert.setChain((void *)xs);
632 #endif
633 }
634 
635 
636 KSSLConnectionInfo& KSSL::connectionInfo() {
637  return m_ci;
638 }
639 
640 
641 // KDE 4: Make it const TQString &
642 void KSSL::setPeerHost(TQString realHost) {
643  d->proxyPeer = realHost;
644 }
645 
646 // deprecated
647 void KSSL::setProxyUse(bool, TQString, int, TQString) {
648 }
649 
650 
651 KSSLPeerInfo& KSSL::peerInfo() {
652  return m_pi;
653 }
654 
655 
656 bool KSSL::setClientCertificate(KSSLPKCS12 *pkcs) {
657 #ifdef KSSL_HAVE_SSL
658  if (!pkcs || !pkcs->getCertificate())
659  return false;
660 
661 int rc;
662 X509 *x = pkcs->getCertificate()->getCert();
663 EVP_PKEY *k = pkcs->getPrivateKey();
664 
665  if (!x || !k) return false;
666 
667  if (!pkcs->getCertificate()->x509V3Extensions().certTypeSSLClient())
668  return false;
669 
670  rc = d->kossl->SSL_CTX_use_certificate(d->m_ctx, x);
671  if (rc <= 0) {
672  kdDebug(7029) << "KSSL - SSL_CTX_use_certificate failed. rc = " << rc << endl;
673  return false;
674  }
675 
676  rc = d->kossl->SSL_CTX_use_PrivateKey(d->m_ctx, k);
677  if (rc <= 0) {
678  kdDebug(7029) << "KSSL - SSL_CTX_use_PrivateKey failed. rc = " << rc << endl;
679  return false;
680  }
681 
682  return true;
683 #else
684  return false;
685 #endif
686 }
687 
688 const KSSLSession* KSSL::session() const {
689  return d->session;
690 }
691 
692 bool KSSL::reusingSession() const {
693 #ifdef KSSL_HAVE_SSL
694  return (d->m_ssl && d->kossl->_SSL_session_reused(d->m_ssl));
695 #else
696  return false;
697 #endif
698 }
699 
KSSL::reconfig
bool reconfig()
Trigger a reread of KSSL configuration and reInitialize() KSSL.
Definition: kssl.cpp:571
KSSL::seedWithEGD
int seedWithEGD()
This will reseed the pseudo-random number generator with the EGD (entropy gathering daemon) if the EG...
Definition: kssl.cpp:103
KSSL::session
const KSSLSession * session() const
Obtain a pointer to the session information.
Definition: kssl.cpp:688
KSSLSettings::useEFile
bool useEFile() const
Does the user want to use an entropy file?
Definition: ksslsettings.cpp:336
KSSL::initialize
bool initialize()
Initialize OpenSSL.
Definition: kssl.cpp:161
KSSL::read
int read(void *buf, int len)
Read data from the remote host via SSL.
Definition: kssl.cpp:504
KSSLCertificate::x509V3Extensions
KSSLX509V3 & x509V3Extensions()
Access the X.509v3 parameters.
Definition: ksslcertificate.cpp:1166
KSSLPeerInfo::reset
void reset()
Clear out the host name.
Definition: ksslpeerinfo.cpp:163
KSSLCertificate::setCert
bool setCert(TQString &cert)
Re-set the certificate from a base64 string.
Definition: ksslcertificate.cpp:1151
KSSL::TLSInit
bool TLSInit()
This is used for applicationss which do STARTTLS or something similar.
Definition: kssl.cpp:124
KSSL::KSSL
KSSL(bool init=true)
Construct a KSSL object.
Definition: kssl.cpp:82
KSSLSettings::sslv3
bool sslv3() const
Does the user allow SSLv3.
Definition: ksslsettings.cpp:112
KSSL::~KSSL
~KSSL()
Destroy this KSSL object.
Definition: kssl.cpp:96
KSSLPKCS12
KDE PKCS#12 Certificate.
Definition: ksslpkcs12.h:61
KSSLPeerInfo::setPeerHost
void setPeerHost(TQString host=TQString::null)
Set the host that we are connected to.
Definition: ksslpeerinfo.cpp:60
KSSLSettings::useEGD
bool useEGD() const
Does the user want to use the Entropy Gathering Daemon?
Definition: ksslsettings.cpp:335
KSSL::takeSession
bool takeSession(KSSLSession *session)
Set an SSL session to use.
Definition: kssl.cpp:211
KSSL::setProxyUse
void setProxyUse(bool active, TQString realIP=TQString::null, int realPort=0, TQString proxy=TQString::null) KDE_DEPRECATED
Set the status of the connection with respect to proxies.
Definition: kssl.cpp:647
KSSL::write
int write(const void *buf, int len)
Write data to the remote host via SSL.
Definition: kssl.cpp:543
KSSLCertificate::KSSLValidation
KSSLValidation
A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...
Definition: ksslcertificate.h:122
KSSL::setClientCertificate
bool setClientCertificate(KSSLPKCS12 *pkcs)
Use this to set the certificate to send to the server.
Definition: kssl.cpp:656
KSSL::peek
int peek(void *buf, int len)
Peek at available data from the remote host via SSL.
Definition: kssl.cpp:492
KSSLSettings::load
void load()
Load the user's settings.
Definition: ksslsettings.cpp:201
KSSLSettings::getEGDPath
TQString & getEGDPath()
Get the configured path to the entropy gathering daemon or entropy file.
Definition: ksslsettings.cpp:344
KSSLX509V3::certTypeSSLClient
bool certTypeSSLClient()
Determine if this certificate can be used by an SSL client.
Definition: ksslx509v3.cpp:85
KSSLPeerInfo
KDE SSL Peer Data.
Definition: ksslpeerinfo.h:42
KSSL::setPeerHost
void setPeerHost(TQString realHost=TQString::null)
Set the peer hostname to be used for certificate verification.
Definition: kssl.cpp:642
KSSL::pending
int pending()
Determine if data is waiting to be read.
Definition: kssl.cpp:481
KSSLSettings
KDE SSL Settings.
Definition: ksslsettings.h:39
KSSLSettings::tlsv1
bool tlsv1() const
Does the user allow TLSv1.
Definition: ksslsettings.cpp:117
KSSLSettings::getCipherList
TQString getCipherList()
Get the OpenSSL cipher list for selecting the list of ciphers to use in a connection.
Definition: ksslsettings.cpp:125
KSSL::settings
KSSLSettings * settings()
One is built by the constructor, so this will only return a NULL pointer if you set one with setSetti...
Definition: kssl.h:158
KSSL::accept
int accept(int sock)
Connect the SSL session to the remote host using the provided socket descriptor.
Definition: kssl.cpp:276
KSSLPKCS12::getPrivateKey
EVP_PKEY * getPrivateKey()
Get the private key.
Definition: ksslpkcs12.cpp:176
KSSL::connect
int connect(int sock)
Connect the SSL session to the remote host using the provided socket descriptor.
Definition: kssl.cpp:374
KSSL::peerInfo
KSSLPeerInfo & peerInfo()
Obtain a reference to the information about the peer.
Definition: kssl.cpp:651
KSSLSession
KDE SSL Session Information.
Definition: ksslsession.h:42
KSSL::doesSSLWork
static bool doesSSLWork()
Determine if SSL is available and works.
Definition: kssl.cpp:594
KSSL::reusingSession
bool reusingSession() const
Determine if we are currently reusing an SSL session ID.
Definition: kssl.cpp:692
KSSL::setAutoReconfig
void setAutoReconfig(bool ar)
Enable or disable automatic reconfiguration on initialize().
Definition: kssl.cpp:576
KSSL::connectionInfo
KSSLConnectionInfo & connectionInfo()
Obtain a reference to the connection information.
Definition: kssl.cpp:636
KSSL::setSettings
bool setSettings(KSSLSettings *settings)
Set a new KSSLSettings instance as the settings.
Definition: kssl.cpp:581
KSSLPKCS12::getCertificate
KSSLCertificate * getCertificate()
Get the X.509 certificate.
Definition: ksslpkcs12.cpp:181
KSSLSettings::sslv2
bool sslv2() const
Does the user allow SSLv2.
Definition: ksslsettings.cpp:107
KSSL::close
void close()
Close the SSL session.
Definition: kssl.cpp:231
KOpenSSLProxy::self
static KOpenSSLProxy * self()
Return an instance of class KOpenSSLProxy * You cannot delete this object.
Definition: kopenssl.cpp:729
KSSL::reInitialize
bool reInitialize()
Reinitialize OpenSSL.
Definition: kssl.cpp:256
KSSLConnectionInfo
KDE SSL Connection Information.
Definition: ksslconnectioninfo.h:40

tdeio/kssl

Skip menu "tdeio/kssl"
  • Main Page
  • Alphabetical List
  • Class List
  • File List
  • Class Members
  • Related Pages

tdeio/kssl

Skip menu "tdeio/kssl"
  • arts
  • dcop
  • dnssd
  • interfaces
  •   kspeech
  •     interface
  •     library
  •   tdetexteditor
  • kate
  • kded
  • kdoctools
  • kimgio
  • kjs
  • libtdemid
  • libtdescreensaver
  •     tdecore
  • tdeabc
  • tdecmshell
  • tdecore
  • tdefx
  • tdehtml
  • tdeinit
  • tdeio
  •   bookmarks
  •   httpfilter
  •   kpasswdserver
  •   kssl
  • tdeioslave
  •   http
  •   tdefile
  •   tdeio
  •   tdeioexec
  • tdemdi
  •   tdemdi
  • tdenewstuff
  • tdeparts
  • tdeprint
  • tderandr
  • tderesources
  • tdespell2
  • tdesu
  • tdeui
  • tdeunittest
  • tdeutils
  • tdewallet
Generated for tdeio/kssl by doxygen 1.8.8
This website is maintained by Timothy Pearson.