• Skip to content
  • Skip to link menu
Trinity API Reference
  • Trinity API Reference
  • tdeio/kssl
 

tdeio/kssl

  • tdeio
  • kssl
kssl.cpp
1/* This file is part of the KDE project
2 *
3 * Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Library General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Library General Public License for more details.
14 *
15 * You should have received a copy of the GNU Library General Public License
16 * along with this library; see the file COPYING.LIB. If not, write to
17 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 * Boston, MA 02110-1301, USA.
19 */
20
21#ifdef HAVE_CONFIG_H
22#include <config.h>
23#endif
24
25// this hack provided by Malte Starostik to avoid glibc/openssl bug
26// on some systems
27#ifdef KSSL_HAVE_SSL
28#include <unistd.h>
29#include <netinet/in.h>
30#include <sys/socket.h>
31#define crypt _openssl_crypt
32#include <openssl/ssl.h>
33#include <openssl/x509.h>
34#include <openssl/x509v3.h>
35#include <openssl/pem.h>
36#include <openssl/rand.h>
37#undef crypt
38#endif
39
40#include "kssl.h"
41
42#include <kdebug.h>
43#include <tdestandarddirs.h>
44#include <ksock.h>
45#include <ksockaddr.h>
46
47#include <kopenssl.h>
48#include <ksslx509v3.h>
49#include <ksslpkcs12.h>
50#include <ksslsession.h>
51#include <tdelocale.h>
52#include <ksocks.h>
53
54
55class KSSLPrivate {
56public:
57 KSSLPrivate() {
58 lastInitTLS = false;
59 kossl = KOpenSSLProxy::self();
60 session = 0L;
61 }
62
63 ~KSSLPrivate() {
64 delete session;
65 session = 0L;
66 }
67
68 bool lastInitTLS;
69 KSSLCertificate::KSSLValidation m_cert_vfy_res;
70 TQString proxyPeer;
71
72#ifdef KSSL_HAVE_SSL
73 SSL *m_ssl;
74 SSL_CTX *m_ctx;
75 SSL_METHOD *m_meth;
76#endif
77 KSSLSession *session;
78 KOSSL *kossl;
79};
80
81
82KSSL::KSSL(bool init) {
83 d = new KSSLPrivate;
84 m_bInit = false;
85 m_bAutoReconfig = true;
86 m_cfg = new KSSLSettings();
87#ifdef KSSL_HAVE_SSL
88 d->m_ssl = 0L;
89#endif
90
91 if (init)
92 initialize();
93}
94
95
96KSSL::~KSSL() {
97 close();
98 delete m_cfg;
99 delete d;
100}
101
102
103int KSSL::seedWithEGD() {
104int rc = 0;
105#ifdef KSSL_HAVE_SSL
106 if (m_cfg->useEGD() && !m_cfg->getEGDPath().isEmpty()) {
107 rc = d->kossl->RAND_egd(m_cfg->getEGDPath().latin1());
108 if (rc < 0)
109 kdDebug(7029) << "KSSL: Error seeding PRNG with the EGD." << endl;
110 else kdDebug(7029) << "KSSL: PRNG was seeded with " << rc
111 << " bytes from the EGD." << endl;
112 } else if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) {
113 rc = d->kossl->RAND_load_file(m_cfg->getEGDPath().latin1(), -1);
114 if (rc < 0)
115 kdDebug(7029) << "KSSL: Error seeding PRNG with the entropy file." << endl;
116 else kdDebug(7029) << "KSSL: PRNG was seeded with " << rc
117 << " bytes from the entropy file." << endl;
118 }
119#endif
120return rc;
121}
122
123
124bool KSSL::TLSInit() {
125#ifdef KSSL_HAVE_SSL
126// kdDebug(7029) << "KSSL TLS initialize" << endl;
127 if (m_bInit)
128 return false;
129
130 if (m_bAutoReconfig)
131 m_cfg->load();
132
133 if (!m_cfg->tlsv1())
134 return false;
135
136 seedWithEGD();
137 d->m_meth = d->kossl->TLS_client_method();
138 d->lastInitTLS = true;
139
140 m_pi.reset();
141
142 d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth);
143 if (d->m_ctx == 0L) {
144 return false;
145 }
146
147 // set cipher list
148 TQString clist = m_cfg->getCipherList();
149 //kdDebug(7029) << "Cipher list: " << clist << endl;
150 if (!clist.isEmpty())
151 d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.ascii()));
152
153 m_bInit = true;
154return true;
155#else
156return false;
157#endif
158}
159
160
161bool KSSL::initialize() {
162#ifdef KSSL_HAVE_SSL
163 kdDebug(7029) << "KSSL initialize" << endl;
164 if (m_bInit)
165 return false;
166
167 if (m_bAutoReconfig)
168 m_cfg->load();
169
170 seedWithEGD();
171 // FIXME: we should be able to force SSL off entirely.
172 d->lastInitTLS = false;
173
174 m_pi.reset();
175
176 if (m_cfg->tlsv1() || (m_cfg->sslv3() && m_cfg->sslv2())) {
177 d->m_meth = d->kossl->TLS_client_method();
178 }
179 else if (m_cfg->sslv3()) {
180 d->m_meth = d->kossl->SSLv3_client_method();
181 }
182 else if (m_cfg->sslv2()) {
183 d->m_meth = d->kossl->SSLv2_client_method();
184 }
185
186/*
187if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl;
188else if (m_cfg->sslv2()) kdDebug(7029) << "SSL2 method" << endl;
189else if (m_cfg->sslv3()) kdDebug(7029) << "SSL3 method" << endl;
190*/
191
192 d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth);
193 if (d->m_ctx == 0L) {
194 return false;
195 }
196
197 // set cipher list
198 TQString clist = m_cfg->getCipherList();
199 kdDebug(7029) << "Cipher list: " << clist << endl;
200 if (!clist.isEmpty())
201 d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.ascii()));
202
203 m_bInit = true;
204return true;
205#else
206return false;
207#endif
208}
209
210
211bool KSSL::takeSession(KSSLSession *session) {
212#ifdef KSSL_HAVE_SSL
213 if (!session) {
214 delete d->session;
215 d->session = 0L;
216 return true;
217 }
218
219 // Take session reference
220 d->session = new KSSLSession;
221 d->session->_session = session->_session;
222 session->_session = 0L;
223
224 return true;
225#else
226 return false;
227#endif
228}
229
230
231void KSSL::close() {
232#ifdef KSSL_HAVE_SSL
233//kdDebug(7029) << "KSSL close" << endl;
234 if (!m_bInit)
235 return;
236
237 delete d->session;
238 d->session = 0L;
239
240 if (d->m_ssl) {
241 d->kossl->SSL_shutdown(d->m_ssl);
242 d->kossl->SSL_free(d->m_ssl);
243 d->m_ssl = 0L;
244 }
245
246 d->kossl->SSL_CTX_free(d->m_ctx);
247 if (m_cfg->useEFile() && !m_cfg->getEGDPath().isEmpty()) {
248 d->kossl->RAND_write_file(m_cfg->getEGDPath().latin1());
249 }
250
251 m_bInit = false;
252#endif
253}
254
255
256bool KSSL::reInitialize() {
257 close();
258return initialize();
259}
260
261// get the callback file - it's hidden away in here
262//#include "ksslcallback.c"
263
264
265bool KSSL::setVerificationLogic() {
266#if 0
267#ifdef KSSL_HAVE_SSL
268 // SSL_set_verify_result(d->m_ssl, X509_V_OK);
269 // SSL_CTX_set_verify(d->m_ctx, SSL_VERIFY_PEER, X509Callback);
270#endif
271#endif
272return true;
273}
274
275
276int KSSL::accept(int sock) {
277#ifdef KSSL_HAVE_SSL
278// kdDebug(7029) << "KSSL accept" << endl;
279int rc;
280 if (!m_bInit)
281 return -1;
282 d->m_ssl = d->kossl->SSL_new(d->m_ctx);
283 if (!d->m_ssl)
284 return -1;
285
286 if (d->session) {
287#if OPENSSL_VERSION_NUMBER < 0x10100000L
288 if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
289 {
290 kdDebug(7029) << "Can't reuse session, no certificate." << endl;
291 delete d->session;
292 d->session = 0;
293 }
294 else
295#endif
296 if (1 == d->kossl->SSL_set_session(d->m_ssl,
297 static_cast<SSL_SESSION*>(d->session->_session))) {
298 kdDebug(7029) << "Session ID is being reused." << endl;
299 } else {
300 kdDebug(7029) << "Error attempting to reuse session." << endl;
301 delete d->session;
302 d->session = 0;
303 }
304 }
305
306/*
307 if (!setVerificationLogic()) {
308 d->kossl->SSL_shutdown(d->m_ssl);
309 d->kossl->SSL_free(d->m_ssl);
310 d->m_ssl = 0;
311 return -1;
312 }
313*/
314
315 int off = SSL_OP_ALL;
316 if (!d->lastInitTLS && !m_cfg->tlsv1())
317 off |= SSL_OP_NO_TLSv1;
318 if (!m_cfg->sslv3())
319 off |= SSL_OP_NO_SSLv3;
320 if (!m_cfg->sslv2())
321 off |= SSL_OP_NO_SSLv2;
322
323 d->kossl->_SSL_set_options(d->m_ssl, off);
324
325 rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
326 if (rc == 0) {
327 d->kossl->SSL_shutdown(d->m_ssl);
328 d->kossl->SSL_free(d->m_ssl);
329 d->m_ssl = 0;
330 return rc;
331 }
332#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
333 d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
334#endif
335
336 rc = d->kossl->SSL_accept(d->m_ssl);
337 if (rc == 1) {
338 setConnectionInfo();
339 setPeerInfo();
340 kdDebug(7029) << "KSSL connected OK" << endl;
341 } else {
342 kdDebug(7029) << "KSSL accept failed - rc = " << rc << endl;
343 kdDebug(7029) << " ERROR = "
344 << d->kossl->SSL_get_error(d->m_ssl, rc) << endl;
345 d->kossl->SSL_shutdown(d->m_ssl);
346 d->kossl->SSL_free(d->m_ssl);
347 d->m_ssl = 0;
348 return -1;
349 }
350
351 if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
352 if (d->session) {
353 kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
354 delete d->session;
355 d->session = 0L;
356 }
357 }
358
359 if (!d->session) {
360 SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl);
361 if (sess) {
362 d->session = new KSSLSession;
363 d->session->_session = sess;
364 }
365 }
366
367return rc;
368#else
369return -1;
370#endif
371}
372
373
374int KSSL::connect(int sock) {
375#ifdef KSSL_HAVE_SSL
376// kdDebug(7029) << "KSSL connect" << endl;
377int rc;
378 if (!m_bInit)
379 return -1;
380 d->m_ssl = d->kossl->SSL_new(d->m_ctx);
381 if (!d->m_ssl)
382 return -1;
383
384 if (d->session) {
385#if OPENSSL_VERSION_NUMBER < 0x10100000L
386 if (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0)
387 {
388 kdDebug(7029) << "Can't reuse session, no certificate." << endl;
389 delete d->session;
390 d->session = 0;
391 }
392 else
393#endif
394 if (1 == d->kossl->SSL_set_session(d->m_ssl,
395 static_cast<SSL_SESSION*>(d->session->_session))) {
396 kdDebug(7029) << "Session ID is being reused." << endl;
397 } else {
398 kdDebug(7029) << "Error attempting to reuse session." << endl;
399 delete d->session;
400 d->session = 0;
401 }
402 }
403
404/*
405 if (!setVerificationLogic()) {
406 d->kossl->SSL_shutdown(d->m_ssl);
407 d->kossl->SSL_free(d->m_ssl);
408 d->m_ssl = 0;
409 return -1;
410 }
411*/
412
413 int off = SSL_OP_ALL;
414 if (!d->lastInitTLS && !m_cfg->tlsv1())
415 off |= SSL_OP_NO_TLSv1;
416 if (!m_cfg->sslv3())
417 off |= SSL_OP_NO_SSLv3;
418 if (!m_cfg->sslv2())
419 off |= SSL_OP_NO_SSLv2;
420
421 d->kossl->_SSL_set_options(d->m_ssl, off);
422
423 rc = d->kossl->SSL_set_fd(d->m_ssl, sock);
424 if (rc == 0) {
425 d->kossl->SSL_shutdown(d->m_ssl);
426 d->kossl->SSL_free(d->m_ssl);
427 d->m_ssl = 0;
428 return rc;
429 }
430#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
431 d->kossl->SSL_set_tlsext_host_name(d->m_ssl, d->proxyPeer.ascii());
432#endif
433
434connect_again:
435 rc = d->kossl->SSL_connect(d->m_ssl);
436 if (rc == 1) {
437 setConnectionInfo();
438 setPeerInfo();
439 kdDebug(7029) << "KSSL connected OK" << endl;
440 } else {
441 int err = d->kossl->SSL_get_error(d->m_ssl, rc);
442 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
443 // nonblocking - but we block anyways in connect() :)
444 goto connect_again;
445 } else {
446 kdDebug(7029) << "KSSL connect failed - rc = "
447 << rc << endl;
448 kdDebug(7029) << " ERROR = "
449 << err << endl;
450 d->kossl->ERR_print_errors_fp(stderr);
451 d->kossl->SSL_shutdown(d->m_ssl);
452 d->kossl->SSL_free(d->m_ssl);
453 d->m_ssl = 0;
454 return -1;
455 }
456 }
457
458 if (!d->kossl->_SSL_session_reused(d->m_ssl)) {
459 if (d->session) {
460 kdDebug(7029) << "Session reuse failed. New session used instead." << endl;
461 delete d->session;
462 d->session = 0L;
463 }
464 }
465
466 if (!d->session) {
467 SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl);
468 if (sess) {
469 d->session = new KSSLSession;
470 d->session->_session = sess;
471 }
472 }
473
474return rc;
475#else
476return -1;
477#endif
478}
479
480
481int KSSL::pending() {
482#ifdef KSSL_HAVE_SSL
483 if (!m_bInit)
484 return -1;
485return d->kossl->SSL_pending(d->m_ssl);
486#else
487return -1;
488#endif
489}
490
491
492int KSSL::peek(void *buf, int len) {
493#ifdef KSSL_HAVE_SSL
494 if (!m_bInit)
495 return -1;
496 // FIXME: enhance to work the way read() does below, handling errors
497return d->kossl->SSL_peek(d->m_ssl, buf, len);
498#else
499return -1;
500#endif
501}
502
503
504int KSSL::read(void *buf, int len) {
505#ifdef KSSL_HAVE_SSL
506 int rc = 0;
507 int maxIters = 10;
508
509 if (!m_bInit)
510 return -1;
511
512read_again:
513 rc = d->kossl->SSL_read(d->m_ssl, (char *)buf, len);
514 if (rc <= 0) {
515 int err = d->kossl->SSL_get_error(d->m_ssl, rc);
516
517 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
518 kdDebug(7029) << "SSL read() returning 0: " << err << endl;
519 if (maxIters-- > 0) {
520 ::usleep(20000); // 20ms sleep
521 goto read_again;
522 }
523 return 0;
524 }
525
526 kdDebug(7029) << "SSL READ ERROR: " << err << endl;
527 if (err != SSL_ERROR_NONE &&
528 err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL) {
529 rc = -1; // OpenSSL returns 0 on error too
530 d->kossl->ERR_print_errors_fp(stderr);
531 }
532
533// else if (err == SSL_ERROR_ZERO_RETURN)
534// rc = 0;
535 }
536return rc;
537#else
538return -1;
539#endif
540}
541
542
543int KSSL::write(const void *buf, int len) {
544#ifdef KSSL_HAVE_SSL
545 if (!m_bInit)
546 return -1;
547
548write_again:
549 int rc = d->kossl->SSL_write(d->m_ssl, (const char *)buf, len);
550 if (rc <= 0) { // OpenSSL returns 0 on error too
551 int err = d->kossl->SSL_get_error(d->m_ssl, rc);
552
553 if (err == SSL_ERROR_WANT_WRITE) {
554 ::usleep(20000); // 20ms sleep
555 goto write_again;
556 }
557
558 kdDebug(7029) << "SSL WRITE ERROR: " << err << endl;
559 if (err != SSL_ERROR_NONE &&
560 err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL)
561 rc = -1;
562 }
563
564return rc;
565#else
566return -1;
567#endif
568}
569
570
571bool KSSL::reconfig() {
572 return reInitialize();
573}
574
575
576void KSSL::setAutoReconfig(bool ar) {
577 m_bAutoReconfig = ar;
578}
579
580
581bool KSSL::setSettings(KSSLSettings *settings) {
582 delete m_cfg;
583 m_cfg = settings;
584 return reconfig();
585}
586
587
588#ifdef KSSL_HAVE_SSL
589bool KSSL::m_bSSLWorks = true;
590#else
591bool KSSL::m_bSSLWorks = false;
592#endif
593
594bool KSSL::doesSSLWork() {
595 return m_bSSLWorks;
596}
597
598
599void KSSL::setConnectionInfo() {
600#ifdef KSSL_HAVE_SSL
601SSL_CIPHER *sc;
602char buf[1024];
603
604 buf[0] = 0; // for safety.
605 sc = d->kossl->SSL_get_current_cipher(d->m_ssl);
606 if (!sc) {
607 kdDebug(7029) << "KSSL get current cipher failed - we're probably gonna crash!" << endl;
608 return;
609 }
610
611 // set the number of bits, bits used
612 m_ci.m_iCipherUsedBits = d->kossl->SSL_CIPHER_get_bits(sc, &(m_ci.m_iCipherBits));
613 // set the cipher version
614 m_ci.m_cipherVersion = d->kossl->SSL_CIPHER_get_version(sc);
615 // set the cipher name
616 m_ci.m_cipherName = d->kossl->SSL_CIPHER_get_name(sc);
617 // set the cipher description
618 m_ci.m_cipherDescription = d->kossl->SSL_CIPHER_description(sc, buf, 1023);
619
620#endif
621}
622
623
624void KSSL::setPeerInfo() {
625#ifdef KSSL_HAVE_SSL
626 m_pi.setPeerHost(d->proxyPeer);
627 m_pi.m_cert.setCert(d->kossl->SSL_get_peer_certificate(d->m_ssl));
628 STACK_OF(X509) *xs = d->kossl->SSL_get_peer_cert_chain(d->m_ssl);
629 if (xs)
630 xs = reinterpret_cast<STACK_OF(X509)*>(d->kossl->OPENSSL_sk_dup(xs)); // Leak?
631 m_pi.m_cert.setChain((void *)xs);
632#endif
633}
634
635
636KSSLConnectionInfo& KSSL::connectionInfo() {
637 return m_ci;
638}
639
640
641// KDE 4: Make it const TQString &
642void KSSL::setPeerHost(TQString realHost) {
643 d->proxyPeer = realHost;
644}
645
646// deprecated
647void KSSL::setProxyUse(bool, TQString, int, TQString) {
648}
649
650
651KSSLPeerInfo& KSSL::peerInfo() {
652 return m_pi;
653}
654
655
656bool KSSL::setClientCertificate(KSSLPKCS12 *pkcs) {
657#ifdef KSSL_HAVE_SSL
658 if (!pkcs || !pkcs->getCertificate())
659 return false;
660
661int rc;
662X509 *x = pkcs->getCertificate()->getCert();
663EVP_PKEY *k = pkcs->getPrivateKey();
664
665 if (!x || !k) return false;
666
667 if (!pkcs->getCertificate()->x509V3Extensions().certTypeSSLClient())
668 return false;
669
670 rc = d->kossl->SSL_CTX_use_certificate(d->m_ctx, x);
671 if (rc <= 0) {
672 kdDebug(7029) << "KSSL - SSL_CTX_use_certificate failed. rc = " << rc << endl;
673 return false;
674 }
675
676 rc = d->kossl->SSL_CTX_use_PrivateKey(d->m_ctx, k);
677 if (rc <= 0) {
678 kdDebug(7029) << "KSSL - SSL_CTX_use_PrivateKey failed. rc = " << rc << endl;
679 return false;
680 }
681
682 return true;
683#else
684 return false;
685#endif
686}
687
688const KSSLSession* KSSL::session() const {
689 return d->session;
690}
691
692bool KSSL::reusingSession() const {
693#ifdef KSSL_HAVE_SSL
694 return (d->m_ssl && d->kossl->_SSL_session_reused(d->m_ssl));
695#else
696 return false;
697#endif
698}
699
KOpenSSLProxy::self
static KOpenSSLProxy * self()
Return an instance of class KOpenSSLProxy * You cannot delete this object.
Definition: kopenssl.cpp:749
KSSLCertificate::x509V3Extensions
KSSLX509V3 & x509V3Extensions()
Access the X.509v3 parameters.
Definition: ksslcertificate.cpp:1166
KSSLCertificate::KSSLValidation
KSSLValidation
A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...
Definition: ksslcertificate.h:122
KSSLCertificate::setCert
bool setCert(TQString &cert)
Re-set the certificate from a base64 string.
Definition: ksslcertificate.cpp:1151
KSSLConnectionInfo
KDE SSL Connection Information.
Definition: ksslconnectioninfo.h:40
KSSLPKCS12
KDE PKCS#12 Certificate.
Definition: ksslpkcs12.h:61
KSSLPKCS12::getPrivateKey
EVP_PKEY * getPrivateKey()
Get the private key.
Definition: ksslpkcs12.cpp:176
KSSLPKCS12::getCertificate
KSSLCertificate * getCertificate()
Get the X.509 certificate.
Definition: ksslpkcs12.cpp:181
KSSLPeerInfo
KDE SSL Peer Data.
Definition: ksslpeerinfo.h:42
KSSLPeerInfo::reset
void reset()
Clear out the host name.
Definition: ksslpeerinfo.cpp:163
KSSLPeerInfo::setPeerHost
void setPeerHost(TQString host=TQString::null)
Set the host that we are connected to.
Definition: ksslpeerinfo.cpp:60
KSSLSession
KDE SSL Session Information.
Definition: ksslsession.h:42
KSSLSettings
KDE SSL Settings.
Definition: ksslsettings.h:39
KSSLSettings::getCipherList
TQString getCipherList()
Get the OpenSSL cipher list for selecting the list of ciphers to use in a connection.
Definition: ksslsettings.cpp:124
KSSLSettings::sslv2
bool sslv2() const
Does the user allow SSLv2.
Definition: ksslsettings.cpp:106
KSSLSettings::sslv3
bool sslv3() const
Does the user allow SSLv3.
Definition: ksslsettings.cpp:111
KSSLSettings::tlsv1
bool tlsv1() const
Does the user allow TLSv1.
Definition: ksslsettings.cpp:116
KSSLSettings::load
void load()
Load the user's settings.
Definition: ksslsettings.cpp:200
KSSLSettings::useEFile
bool useEFile() const
Does the user want to use an entropy file?
Definition: ksslsettings.cpp:335
KSSLSettings::getEGDPath
TQString & getEGDPath()
Get the configured path to the entropy gathering daemon or entropy file.
Definition: ksslsettings.cpp:343
KSSLSettings::useEGD
bool useEGD() const
Does the user want to use the Entropy Gathering Daemon?
Definition: ksslsettings.cpp:334
KSSLX509V3::certTypeSSLClient
bool certTypeSSLClient()
Determine if this certificate can be used by an SSL client.
Definition: ksslx509v3.cpp:85
KSSL::setProxyUse
void setProxyUse(bool active, TQString realIP=TQString::null, int realPort=0, TQString proxy=TQString::null) TDE_DEPRECATED
Set the status of the connection with respect to proxies.
Definition: kssl.cpp:647
KSSL::setAutoReconfig
void setAutoReconfig(bool ar)
Enable or disable automatic reconfiguration on initialize().
Definition: kssl.cpp:576
KSSL::reconfig
bool reconfig()
Trigger a reread of KSSL configuration and reInitialize() KSSL.
Definition: kssl.cpp:571
KSSL::setSettings
bool setSettings(KSSLSettings *settings)
Set a new KSSLSettings instance as the settings.
Definition: kssl.cpp:581
KSSL::doesSSLWork
static bool doesSSLWork()
Determine if SSL is available and works.
Definition: kssl.cpp:594
KSSL::close
void close()
Close the SSL session.
Definition: kssl.cpp:231
KSSL::reInitialize
bool reInitialize()
Reinitialize OpenSSL.
Definition: kssl.cpp:256
KSSL::takeSession
bool takeSession(KSSLSession *session)
Set an SSL session to use.
Definition: kssl.cpp:211
KSSL::KSSL
KSSL(bool init=true)
Construct a KSSL object.
Definition: kssl.cpp:82
KSSL::reusingSession
bool reusingSession() const
Determine if we are currently reusing an SSL session ID.
Definition: kssl.cpp:692
KSSL::accept
int accept(int sock)
Connect the SSL session to the remote host using the provided socket descriptor.
Definition: kssl.cpp:276
KSSL::write
int write(const void *buf, int len)
Write data to the remote host via SSL.
Definition: kssl.cpp:543
KSSL::pending
int pending()
Determine if data is waiting to be read.
Definition: kssl.cpp:481
KSSL::settings
KSSLSettings * settings()
One is built by the constructor, so this will only return a NULL pointer if you set one with setSetti...
Definition: kssl.h:158
KSSL::peerInfo
KSSLPeerInfo & peerInfo()
Obtain a reference to the information about the peer.
Definition: kssl.cpp:651
KSSL::connectionInfo
KSSLConnectionInfo & connectionInfo()
Obtain a reference to the connection information.
Definition: kssl.cpp:636
KSSL::seedWithEGD
int seedWithEGD()
This will reseed the pseudo-random number generator with the EGD (entropy gathering daemon) if the EG...
Definition: kssl.cpp:103
KSSL::connect
int connect(int sock)
Connect the SSL session to the remote host using the provided socket descriptor.
Definition: kssl.cpp:374
KSSL::setClientCertificate
bool setClientCertificate(KSSLPKCS12 *pkcs)
Use this to set the certificate to send to the server.
Definition: kssl.cpp:656
KSSL::peek
int peek(void *buf, int len)
Peek at available data from the remote host via SSL.
Definition: kssl.cpp:492
KSSL::~KSSL
~KSSL()
Destroy this KSSL object.
Definition: kssl.cpp:96
KSSL::TLSInit
bool TLSInit()
This is used for applicationss which do STARTTLS or something similar.
Definition: kssl.cpp:124
KSSL::setPeerHost
void setPeerHost(TQString realHost=TQString::null)
Set the peer hostname to be used for certificate verification.
Definition: kssl.cpp:642
KSSL::session
const KSSLSession * session() const
Obtain a pointer to the session information.
Definition: kssl.cpp:688
KSSL::read
int read(void *buf, int len)
Read data from the remote host via SSL.
Definition: kssl.cpp:504
KSSL::initialize
bool initialize()
Initialize OpenSSL.
Definition: kssl.cpp:161

tdeio/kssl

Skip menu "tdeio/kssl"
  • Main Page
  • Alphabetical List
  • Class List
  • File List
  • Class Members
  • Related Pages

tdeio/kssl

Skip menu "tdeio/kssl"
  • arts
  • dcop
  • dnssd
  • interfaces
  •   kspeech
  •     interface
  •     library
  •   tdetexteditor
  • kate
  • kded
  • kdoctools
  • kimgio
  • kjs
  • libtdemid
  • libtdescreensaver
  • tdeabc
  • tdecmshell
  • tdecore
  • tdefx
  • tdehtml
  • tdeinit
  • tdeio
  •   bookmarks
  •   httpfilter
  •   kpasswdserver
  •   kssl
  •   tdefile
  •   tdeio
  •   tdeioexec
  • tdeioslave
  •   http
  • tdemdi
  •   tdemdi
  • tdenewstuff
  • tdeparts
  • tdeprint
  • tderandr
  • tderesources
  • tdespell2
  • tdesu
  • tdeui
  • tdeunittest
  • tdeutils
  • tdewallet
Generated for tdeio/kssl by doxygen 1.9.4
This website is maintained by Timothy Pearson.