diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-02-19 13:46:21 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-04-06 05:13:37 +0000 |
commit | 30978dc1a50368e45c3764d7efc283c4e660a9b9 (patch) | |
tree | de5385a867c326f574f33db6dc7a5262dbc6a52b /src/network/ssl/qsslconfiguration.cpp | |
parent | 061fbceb777c41b23bc2b8180b2af85d9b35b246 (diff) |
Add a new (D)TLS configuration
Namespace QSsl: introduce DtlsV1_0/DtlsV1_2/DtlsV1_2OrLater enumerators
into SslProtocol. Implement QSslConfiguration::defaultDtlsConfiguration.
Make some functions shared - now not only QSslSocket needs them,
but also DTLS-related code. This patch-set also enables
protocol-specific set of ciphers (so for DTLS we are using
the correct method - 'DTLS_method').
Change-Id: I828fc898674aa3c0a471e8e5b94575bb50538601
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/network/ssl/qsslconfiguration.cpp')
-rw-r--r-- | src/network/ssl/qsslconfiguration.cpp | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index 116a6693c4..8c9fa5d4f2 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -998,6 +998,27 @@ QSslConfiguration::NextProtocolNegotiationStatus QSslConfiguration::nextProtocol } /*! + This function returns true if DTLS cookie verification was enabled on a + server-side socket. + + \sa setDtlsCookieVerificationEnabled() + */ +bool QSslConfiguration::dtlsCookieVerificationEnabled() const +{ + return d->dtlsCookieEnabled; +} + +/*! + This function enables DTLS cookie verification when \a enable is true. + + \sa dtlsCookieVerificationEnabled() + */ +void QSslConfiguration::setDtlsCookieVerificationEnabled(bool enable) +{ + d->dtlsCookieEnabled = enable; +} + +/*! Returns the default SSL configuration to be used in new SSL connections. @@ -1030,6 +1051,41 @@ void QSslConfiguration::setDefaultConfiguration(const QSslConfiguration &configu QSslConfigurationPrivate::setDefaultConfiguration(configuration); } +/*! + Returns the default DTLS configuration to be used in new DTLS + connections. + + The default DTLS configuration consists of: + + \list + \li no local certificate and no private key + \li protocol DtlsV1_2OrLater + \li the system's default CA certificate list + \li the cipher list equal to the list of the SSL libraries' + supported TLS 1.2 ciphers that use 128 or more secret bits + for the cipher. + \endlist + + \sa setDefaultDtlsConfiguration() +*/ +QSslConfiguration QSslConfiguration::defaultDtlsConfiguration() +{ + return QSslConfigurationPrivate::defaultDtlsConfiguration(); +} + +/*! + Sets the default DTLS configuration to be used in new DTLS + connections to be \a configuration. Existing connections are not + affected by this call. + + \sa defaultDtlsConfiguration() +*/ +void QSslConfiguration::setDefaultDtlsConfiguration(const QSslConfiguration &configuration) +{ + QSslConfigurationPrivate::setDefaultDtlsConfiguration(configuration); +} + + /*! \internal */ bool QSslConfigurationPrivate::peerSessionWasShared(const QSslConfiguration &configuration) { |