diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-01-18 14:29:10 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-01-22 09:09:46 +0100 |
commit | 7cf8e5ada9eac00b200141fdc80a2e76c0422411 (patch) | |
tree | 1e832df0dbdad5f7fb38aab6fbfa2a93b2ffa081 /src/network/ssl/qsslsocket_schannel.cpp | |
parent | 946facb1ae5ed1cf54bb5141bc5ca20ddbb26755 (diff) |
QSsl: add a new private API
This is an abstraction for TLS backend and its factory, preparing to transition
to plugin-based design.
Task-number: QTBUG-65922
Change-Id: Ibe810e77fd1b715a6bea66cd3f44312b015ac274
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket_schannel.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket_schannel.cpp | 160 |
1 files changed, 74 insertions, 86 deletions
diff --git a/src/network/ssl/qsslsocket_schannel.cpp b/src/network/ssl/qsslsocket_schannel.cpp index f0e9e9c9d2..7ac032bd52 100644 --- a/src/network/ssl/qsslsocket_schannel.cpp +++ b/src/network/ssl/qsslsocket_schannel.cpp @@ -157,6 +157,75 @@ QT_BEGIN_NAMESPACE namespace { + +class SchannelBackend : public QTlsBackend +{ +private: + QString backendName() const override + { + return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexSchannel]; + } +}; + +class SchannelBackendBackendFactory : public QTlsBackendFactory +{ +private: + QString backendName() const override + { + return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexSchannel]; + } + QTlsBackend *create() const override + { + return new SchannelBackend; + } + + QList<QSsl::SslProtocol> supportedProtocols() const override + { + QList<QSsl::SslProtocol> protocols; + + protocols << QSsl::AnyProtocol; + protocols << QSsl::SecureProtocols; + protocols << QSsl::TlsV1_0; + protocols << QSsl::TlsV1_0OrLater; + protocols << QSsl::TlsV1_1; + protocols << QSsl::TlsV1_1OrLater; + protocols << QSsl::TlsV1_2; + protocols << QSsl::TlsV1_2OrLater; + + bool supportsTls13(); + if (supportsTls13()) { + protocols << QSsl::TlsV1_3; + protocols << QSsl::TlsV1_3OrLater; + } + + return protocols; + } + + QList<QSsl::SupportedFeature> supportedFeatures() const override + { + QList<QSsl::SupportedFeature> features; + + features << QSsl::SupportedFeature::ClientSideAlpn; + features << QSsl::SupportedFeature::ServerSideAlpn; + + return features; + } + + QList<QSsl::ImplementedClass> implementedClasses() const override + { + QList<QSsl::ImplementedClass> classes; + + classes << QSsl::ImplementedClass::Socket; + classes << QSsl::ImplementedClass::Certificate; + classes << QSsl::ImplementedClass::Key; + + return classes; + } +}; + +Q_GLOBAL_STATIC(SchannelBackendFactory, factory) + + SecBuffer createSecBuffer(void *ptr, unsigned long length, unsigned long bufferType) { return SecBuffer{ length, bufferType, ptr }; @@ -2144,93 +2213,12 @@ bool QSslSocketBackendPrivate::rootCertOnDemandLoadingAllowed() return allowRootCertOnDemandLoading && s_loadRootCertsOnDemand; } -QList<QString> QSslSocketPrivate::availableBackends() -{ - return {QStringLiteral("schannel")}; -} - -QString QSslSocketPrivate::activeBackend() +void QSslSocketPrivate::registerAdHocFactory() { - return availableBackends().first(); -} - -bool QSslSocketPrivate::loadBackend(const QString &backendName) -{ - if (backendName.size() && !availableBackends().contains(backendName)) { - qCWarning(lcSsl) << "A TLS backend with name" << backendName << "is not available"; - return false; - } - - static bool loaded = false; - static QBasicMutex mutex; - const QMutexLocker locker(&mutex); - if (loaded) { - qCWarning(lcSsl) << "You have already loaded the backend named:" << activeBackend(); - qCWarning(lcSsl) << "Cannot load:" << backendName; - return true; - } - // This code to be placed in qsslsocket.cpp and there - // the actual plugin to be loaded (so the result can be - // false if we, for example, failed to resolve OpenSSL - // symbols). - return loaded = true; -} - -QList<QSsl::SslProtocol> QSslSocketPrivate::supportedProtocols(const QString &backendName) -{ - QList<QSsl::SslProtocol> protocols; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about protocols supported can be found"; - return protocols; - } - - protocols << QSsl::AnyProtocol; - protocols << QSsl::SecureProtocols; - protocols << QSsl::TlsV1_0; - protocols << QSsl::TlsV1_0OrLater; - protocols << QSsl::TlsV1_1; - protocols << QSsl::TlsV1_1OrLater; - protocols << QSsl::TlsV1_2; - protocols << QSsl::TlsV1_2OrLater; - - if (supportsTls13()) { - protocols << QSsl::TlsV1_3; - protocols << QSsl::TlsV1_3OrLater; - } - - return protocols; -} - -QList<QSsl::ImplementedClass> QSslSocketPrivate::implementedClasses(const QString &backendName) -{ - QList<QSsl::ImplementedClass> classes; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about classes implemented can be found"; - return classes; - } - - classes << QSsl::ImplementedClass::Key; - classes << QSsl::ImplementedClass::Certificate; - classes << QSsl::ImplementedClass::Socket; - - return classes; -} - -QList<QSsl::SupportedFeature> QSslSocketPrivate::supportedFeatures(const QString &backendName) -{ - QList<QSsl::SupportedFeature> features; - if (backendName.size() && backendName != activeBackend()) { - qCWarning(lcSsl) << "Unexpected backend name" << backendName - << "no information about classes implemented can be found"; - return features; - } - - features << QSsl::SupportedFeature::ClientSideAlpn; - features << QSsl::SupportedFeature::ServerSideAlpn; - - return features; + // TLSTODO: this is a temporary solution, waiting for + // backends to move to ... plugins. + if (!factory()) + qCWarning(lcSsl, "Failed to create backend factory"); } QT_END_NAMESPACE |