From 7cf8e5ada9eac00b200141fdc80a2e76c0422411 Mon Sep 17 00:00:00 2001
From: Timur Pocheptsov <timur.pocheptsov@qt.io>
Date: Mon, 18 Jan 2021 14:29:10 +0100
Subject: QSsl: add a new private API

This is an abstraction for TLS backend and its factory, preparing to transition
to plugin-based design.

Task-number: QTBUG-65922
Change-Id: Ibe810e77fd1b715a6bea66cd3f44312b015ac274
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
---
 src/network/ssl/qsslsocket_openssl.cpp | 192 +++++++++++++++------------------
 1 file changed, 88 insertions(+), 104 deletions(-)

(limited to 'src/network/ssl/qsslsocket_openssl.cpp')

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index cab18d3147..2f39b68002 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -101,6 +101,89 @@ QT_BEGIN_NAMESPACE
 
 namespace {
 
+// These two classes are ad-hoc temporary solution, to be replaced
+// by the real things soon.
+class OpenSSLBackend : public QTlsBackend
+{
+private:
+    QString backendName() const override
+    {
+        return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexOpenSSL];
+    }
+};
+
+class OpenSSLBackendFactory : public QTlsBackendFactory
+{
+private:
+    QString backendName() const override
+    {
+        return QTlsBackendFactory::builtinBackendNames[QTlsBackendFactory::nameIndexOpenSSL];
+    }
+    QTlsBackend *create() const override
+    {
+        return new OpenSSLBackend;
+    }
+
+    QList<QSsl::SslProtocol> supportedProtocols() const override
+    {
+        QList<QSsl::SslProtocol> protocols;
+
+        protocols << QSsl::AnyProtocol;
+        protocols << QSsl::SecureProtocols;
+        protocols << QSsl::TlsV1_0;
+        protocols << QSsl::TlsV1_0OrLater;
+        protocols << QSsl::TlsV1_1;
+        protocols << QSsl::TlsV1_1OrLater;
+        protocols << QSsl::TlsV1_2;
+        protocols << QSsl::TlsV1_2OrLater;
+
+#ifdef TLS1_3_VERSION
+        protocols << QSsl::TlsV1_3;
+        protocols << QSsl::TlsV1_3OrLater;
+#endif // TLS1_3_VERSION
+
+#if QT_CONFIG(dtls)
+        protocols << QSsl::DtlsV1_0;
+        protocols << QSsl::DtlsV1_0OrLater;
+        protocols << QSsl::DtlsV1_2;
+        protocols << QSsl::DtlsV1_2OrLater;
+#endif // dtls
+
+        return protocols;
+    }
+
+    QList<QSsl::SupportedFeature> supportedFeatures() const override
+    {
+        QList<QSsl::SupportedFeature> features;
+
+        features << QSsl::SupportedFeature::CertificateVerification;
+        features << QSsl::SupportedFeature::ClientSideAlpn;
+        features << QSsl::SupportedFeature::ServerSideAlpn;
+        features << QSsl::SupportedFeature::Ocsp;
+        features << QSsl::SupportedFeature::Psk;
+        features << QSsl::SupportedFeature::SessionTicket;
+        features << QSsl::SupportedFeature::Alerts;
+
+        return features;
+    }
+
+    QList<QSsl::ImplementedClass> implementedClasses() const override
+    {
+        QList<QSsl::ImplementedClass> classes;
+
+        classes << QSsl::ImplementedClass::Key;
+        classes << QSsl::ImplementedClass::Certificate;
+        classes << QSsl::ImplementedClass::Socket;
+        classes << QSsl::ImplementedClass::Dtls;
+        classes << QSsl::ImplementedClass::EllipticCurve;
+        classes << QSsl::ImplementedClass::DiffieHellman;
+
+        return classes;
+    }
+};
+
+Q_GLOBAL_STATIC(OpenSSLBackendFactory, factory)
+
 QSsl::AlertLevel tlsAlertLevel(int value)
 {
     using QSsl::AlertLevel;
@@ -2510,111 +2593,12 @@ bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device,
     return true;
 }
 
-QList<QString> QSslSocketPrivate::availableBackends()
-{
-    return {QStringLiteral("openssl")};
-}
-
-QString QSslSocketPrivate::activeBackend()
+void QSslSocketPrivate::registerAdHocFactory()
 {
-    return availableBackends().first();
-}
-
-bool QSslSocketPrivate::loadBackend(const QString &backendName)
-{
-    if (backendName.size() && backendName != activeBackend()) {
-        qCWarning(lcSsl) << "A TLS backend with name" << backendName << "is not available";
-        return false;
-    }
-
-    static bool loaded = false;
-    static QBasicMutex mutex;
-    const QMutexLocker locker(&mutex);
-    if (loaded) {
-        qCWarning(lcSsl) << "You have already loaded the backend named:" << activeBackend();
-        if (backendName.size())
-            qCWarning(lcSsl) << "Cannot load:" << backendName;
-        else
-            qCWarning(lcSsl) << "Cannot load the default backend (openssl)";
-        return true;
-    }
-    // This code to be placed in qsslsocket.cpp and there
-    // the actual plugin to be loaded (so the result can be
-    // false if we, for example, failed to resolve OpenSSL
-    // symbols).
-    return loaded = true;
-}
-
-QList<QSsl::SslProtocol> QSslSocketPrivate::supportedProtocols(const QString &backendName)
-{
-    QList<QSsl::SslProtocol> protocols;
-    if (backendName.size() && backendName != activeBackend()) {
-        qCWarning(lcSsl) << "Unexpected backend name" << backendName
-                         << "no information about protocols supported can be found";
-        return protocols;
-    }
-
-    protocols << QSsl::AnyProtocol;
-    protocols << QSsl::SecureProtocols;
-    protocols << QSsl::TlsV1_0;
-    protocols << QSsl::TlsV1_0OrLater;
-    protocols << QSsl::TlsV1_1;
-    protocols << QSsl::TlsV1_1OrLater;
-    protocols << QSsl::TlsV1_2;
-    protocols << QSsl::TlsV1_2OrLater;
-
-#ifdef TLS1_3_VERSION
-    protocols << QSsl::TlsV1_3;
-    protocols << QSsl::TlsV1_3OrLater;
-#endif // TLS1_3_VERSION
-
-#if QT_CONFIG(dtls)
-    protocols << QSsl::DtlsV1_0;
-    protocols << QSsl::DtlsV1_0OrLater;
-    protocols << QSsl::DtlsV1_2;
-    protocols << QSsl::DtlsV1_2OrLater;
-#endif // dtls
-
-    return protocols;
-}
-
-QList<QSsl::ImplementedClass> QSslSocketPrivate::implementedClasses(const QString &backendName)
-{
-    QList<QSsl::ImplementedClass> classes;
-    if (backendName.size() && backendName != activeBackend()) {
-        qCWarning(lcSsl) << "Unexpected backend name" << backendName
-                         << "no information about classes implemented can be found";
-        return classes;
-    }
-
-    classes << QSsl::ImplementedClass::Key;
-    classes << QSsl::ImplementedClass::Certificate;
-    classes << QSsl::ImplementedClass::Socket;
-    classes << QSsl::ImplementedClass::Dtls;
-    classes << QSsl::ImplementedClass::EllipticCurve;
-    classes << QSsl::ImplementedClass::DiffieHellman;
-
-    return classes;
-}
-
-QList<QSsl::SupportedFeature> QSslSocketPrivate::supportedFeatures(const QString &backendName)
-{
-    QList<QSsl::SupportedFeature> features;
-    if (backendName.size() && backendName != activeBackend()) {
-        qCWarning(lcSsl) << "Unexpected backend name" << backendName
-                         << "no information about classes implemented can be found";
-        return features;
-    }
-
-    features << QSsl::SupportedFeature::CertificateVerification;
-    features << QSsl::SupportedFeature::ClientSideAlpn;
-    features << QSsl::SupportedFeature::ServerSideAlpn;
-    features << QSsl::SupportedFeature::Ocsp;
-    features << QSsl::SupportedFeature::Psk;
-    features << QSsl::SupportedFeature::SessionTicket;
-    features << QSsl::SupportedFeature::Alerts;
-
-    return features;
+    // TLSTODO: this is a temporary solution, waiting for
+    // backends to move to ... plugins.
+    if (!factory())
+        qCWarning(lcSsl, "Failed to create backend factory");
 }
 
 QT_END_NAMESPACE
-- 
cgit v1.2.3