diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-01-18 14:29:10 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-01-22 09:09:46 +0100 |
commit | 7cf8e5ada9eac00b200141fdc80a2e76c0422411 (patch) | |
tree | 1e832df0dbdad5f7fb38aab6fbfa2a93b2ffa081 /src/network/ssl/qsslsocket_mac.cpp | |
parent | 946facb1ae5ed1cf54bb5141bc5ca20ddbb26755 (diff) |
QSsl: add a new private API
This is an abstraction for TLS backend and its factory, preparing to transition
to plugin-based design.
Task-number: QTBUG-65922
Change-Id: Ibe810e77fd1b715a6bea66cd3f44312b015ac274
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket_mac.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 150 |
1 files changed, 67 insertions, 83 deletions
diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index 9f1d8d1e54..abbcf8a6ac 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -44,6 +44,7 @@ #include "qsslsocket_mac_p.h" #include "qasn1element_p.h" #include "qsslcertificate_p.h" +#include "qtlsbackend_p.h" #include "qsslcipher_p.h" #include "qsslkey_p.h" @@ -75,6 +76,67 @@ QT_BEGIN_NAMESPACE namespace { + +// These two classes are ad-hoc temporary solution, to be replaced +// by the real things soon. +class SecureTransportBackend : public QTlsBackend +{ +private: + QString backendName() const override + { + return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexSecureTransport]; + } +}; + +class SecureTransportBackendFactory : public QTlsBackendFactory +{ +private: + QString backendName() const override + { + return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexSecureTransport]; + } + QTlsBackend *create() const override + { + return new SecureTransportBackend; + } + + QList<QSsl::SslProtocol> supportedProtocols() const override + { + QList<QSsl::SslProtocol> protocols; + + protocols << QSsl::AnyProtocol; + protocols << QSsl::SecureProtocols; + protocols << QSsl::TlsV1_0; + protocols << QSsl::TlsV1_0OrLater; + protocols << QSsl::TlsV1_1; + protocols << QSsl::TlsV1_1OrLater; + protocols << QSsl::TlsV1_2; + protocols << QSsl::TlsV1_2OrLater; + + return protocols; + } + + QList<QSsl::SupportedFeature> supportedFeatures() const override + { + QList<QSsl::SupportedFeature> features; + features << QSsl::SupportedFeature::ClientSideAlpn; + + return features; + } + + QList<QSsl::ImplementedClass> implementedClasses() const override + { + QList<QSsl::ImplementedClass> classes; + classes << QSsl::ImplementedClass::Socket; + classes << QSsl::ImplementedClass::Certificate; + classes << QSsl::ImplementedClass::Key; + + return classes; + } +}; + +Q_GLOBAL_STATIC(SecureTransportBackendFactory, factory) + #ifdef Q_OS_MACOS /* @@ -1552,90 +1614,12 @@ bool QSslSocketBackendPrivate::startHandshake() } } -QList<QString> QSslSocketPrivate::availableBackends() +void QSslSocketPrivate::registerAdHocFactory() { - return {QStringLiteral("securetransport")}; -} - -QString QSslSocketPrivate::activeBackend() -{ - return availableBackends().first(); -} - -bool QSslSocketPrivate::loadBackend(const QString &backendName) -{ - if (backendName.size() && !availableBackends().contains(backendName)) { - qCWarning(lcSsl) << "A TLS backend with name" << backendName << "is not available"; - return false; - } - - static bool loaded = false; - static QBasicMutex mutex; - const QMutexLocker locker(&mutex); - if (loaded) { - qCWarning(lcSsl) << "You have already loaded the backend named:" << activeBackend(); - if (backendName.size()) - qCWarning(lcSsl) << "Cannot load:" << backendName; - else - qCWarning(lcSsl) << "Cannot load the default backend (securetransport)"; - return true; - } - // This code to be placed in qsslsocket.cpp and there - // the actual plugin to be loaded (so the result can be - // false if we, for example, failed to resolve OpenSSL - // symbols). - return loaded = true; -} - -QList<QSsl::SslProtocol> QSslSocketPrivate::supportedProtocols(const QString &backendName) -{ - QList<QSsl::SslProtocol> protocols; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about protocols supported can be found"; - return protocols; - } - - protocols << QSsl::AnyProtocol; - protocols << QSsl::SecureProtocols; - protocols << QSsl::TlsV1_0; - protocols << QSsl::TlsV1_0OrLater; - protocols << QSsl::TlsV1_1; - protocols << QSsl::TlsV1_1OrLater; - protocols << QSsl::TlsV1_2; - protocols << QSsl::TlsV1_2OrLater; - - return protocols; -} - -QList<QSsl::ImplementedClass> QSslSocketPrivate::implementedClasses(const QString &backendName) -{ - QList<QSsl::ImplementedClass> classes; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about classes implemented can be found"; - return classes; - } - - classes << QSsl::ImplementedClass::Key; - classes << QSsl::ImplementedClass::Certificate; - classes << QSsl::ImplementedClass::Socket; - - return classes; -} - -QList<QSsl::SupportedFeature> QSslSocketPrivate::supportedFeatures(const QString &backendName) -{ - QList<QSsl::SupportedFeature> features; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about classes implemented can be found"; - return features; - } - - features << QSsl::SupportedFeature::ClientSideAlpn; - - return features; + // TLSTODO: this is a temporary solution, waiting for + // backends to move to ... plugins. + if (!factory()) + qCWarning(lcSsl, "Failed to create backend factory"); } QT_END_NAMESPACE |