de/dbd/qsslserver_8cpp_source.html

// Copyright (C) 2022 The Qt Company Ltd.

// Copyright (C) 2016 Kurt Pattyn <pattyn.kurt@gmail.com>.

// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only


#include "qsslserver.h"

#include "qsslserver_p.h"


#include <QtNetwork/QSslSocket>

#include <QtNetwork/QSslCipher>


QT_BEGIN_NAMESPACE


QSslServerPrivate::QSslServerPrivate() :

    sslConfiguration(QSslConfiguration::defaultConfiguration())

{

}


QSslServer::QSslServer(QObject *parent) :

    QTcpServer(QAbstractSocket::TcpSocket, *new QSslServerPrivate, parent)

{

}


QSslServer::~QSslServer()

{

}


void QSslServer::setSslConfiguration(const QSslConfiguration &sslConfiguration)

{

    Q_D(QSslServer);

    d->sslConfiguration = sslConfiguration;

}


QSslConfiguration QSslServer::sslConfiguration() const

{

    const Q_D(QSslServer);

    return d->sslConfiguration;

}


void QSslServer::setHandshakeTimeout(int timeout)

{

    Q_D(QSslServer);

    d->handshakeTimeout = timeout;

}


int QSslServer::handshakeTimeout() const

{

    const Q_D(QSslServer);

    return d->handshakeTimeout;

}


void QSslServer::incomingConnection(qintptr socket)

{

    QSslSocket *pSslSocket = new QSslSocket(this);


    pSslSocket->setSslConfiguration(sslConfiguration());


    if (Q_LIKELY(pSslSocket->setSocketDescriptor(socket))) {

        connect(pSslSocket, &QSslSocket::peerVerifyError, this,

                [this, pSslSocket](const QSslError &error) {

                    Q_EMIT peerVerifyError(pSslSocket, error);

                });

        connect(pSslSocket, &QSslSocket::sslErrors, this,

                [this, pSslSocket](const QList<QSslError> &errors) {

                    Q_EMIT sslErrors(pSslSocket, errors);

                });

        connect(pSslSocket, &QAbstractSocket::errorOccurred, this,

                [this, pSslSocket](QAbstractSocket::SocketError error) {

                    Q_EMIT errorOccurred(pSslSocket, error);

                    if (!pSslSocket->isEncrypted())

                        pSslSocket->deleteLater();

                });

        connect(pSslSocket, &QSslSocket::encrypted, this, [this, pSslSocket]() {

            Q_D(QSslServer);

            d->removeSocketData(quintptr(pSslSocket));

            pSslSocket->disconnect(this);

            addPendingConnection(pSslSocket);

        });

        connect(pSslSocket, &QSslSocket::preSharedKeyAuthenticationRequired, this,

                [this, pSslSocket](QSslPreSharedKeyAuthenticator *authenticator) {

                    Q_EMIT preSharedKeyAuthenticationRequired(pSslSocket, authenticator);

                });

        connect(pSslSocket, &QSslSocket::alertSent, this,

                [this, pSslSocket](QSsl::AlertLevel level, QSsl::AlertType type,

                                   const QString &description) {

                    Q_EMIT alertSent(pSslSocket, level, type, description);

                });

        connect(pSslSocket, &QSslSocket::alertReceived, this,

                [this, pSslSocket](QSsl::AlertLevel level, QSsl::AlertType type,

                                   const QString &description) {

                    Q_EMIT alertReceived(pSslSocket, level, type, description);

                });

        connect(pSslSocket, &QSslSocket::handshakeInterruptedOnError, this,

                [this, pSslSocket](const QSslError &error) {

                    Q_EMIT handshakeInterruptedOnError(pSslSocket, error);

                });


        d_func()->initializeHandshakeProcess(pSslSocket);

    }

}


void QSslServerPrivate::initializeHandshakeProcess(QSslSocket *socket)

{

    Q_Q(QSslServer);

    QMetaObject::Connection readyRead = QObject::connect(

            socket, &QSslSocket::readyRead, q, [this]() { checkClientHelloAndContinue(); });


    QMetaObject::Connection destroyed =

            QObject::connect(socket, &QSslSocket::destroyed, q, [this](QObject *obj) {

                // This cast is not safe to use since the socket is inside the

                // QObject dtor, but we only use the pointer value!

                removeSocketData(quintptr(obj));

            });

    auto it = socketData.emplace(quintptr(socket), readyRead, destroyed, std::make_shared<QTimer>());

    it->timeoutTimer->setSingleShot(true);

    it->timeoutTimer->callOnTimeout(q, [this, socket]() { handleHandshakeTimedOut(socket); });

    it->timeoutTimer->setInterval(handshakeTimeout);

    it->timeoutTimer->start();

}


// This function may be called while in the socket's QObject dtor, __never__ use

// the socket for anything other than a lookup!


void QSslServerPrivate::removeSocketData(quintptr socket)

{

    auto it = socketData.find(socket);

    if (it != socketData.end()) {

        it->disconnectSignals();

        socketData.erase(it);

    }

}


int QSslServerPrivate::totalPendingConnections() const

{

    // max pending connections is int, so this cannot exceed that

    return QTcpServerPrivate::totalPendingConnections() + int(socketData.size());

}


void QSslServerPrivate::checkClientHelloAndContinue()

{

    Q_Q(QSslServer);

    QSslSocket *socket = qobject_cast<QSslSocket *>(q->sender());

    if (Q_UNLIKELY(!socket) || socket->bytesAvailable() <= 0)

        return;


    char byte = '\0';

    if (socket->peek(&byte, 1) != 1) {

        socket->deleteLater();

        return;

    }


    auto it = socketData.find(quintptr(socket));

    const bool foundData = it != socketData.end();

    if (foundData && it->readyReadConnection)

        QObject::disconnect(std::exchange(it->readyReadConnection, {}));


    constexpr char CLIENT_HELLO = 0x16;

    if (byte != CLIENT_HELLO) {

        socket->disconnectFromHost();

        socket->deleteLater();

        return;

    }


    // Be nice and restart the timeout timer since some progress was made

    if (foundData)

        it->timeoutTimer->start();


    socket->startServerEncryption();

    Q_EMIT q->startedEncryptionHandshake(socket);

}


void QSslServerPrivate::handleHandshakeTimedOut(QSslSocket *socket)

{

    Q_Q(QSslServer);

    removeSocketData(quintptr(socket));

    socket->disconnectFromHost();

    Q_EMIT q->errorOccurred(socket, QAbstractSocket::SocketTimeoutError);

    socket->deleteLater();

    if (!socketEngine->isReadNotificationEnabled() && totalPendingConnections() < maxConnections)

        q->resumeAccepting();

}


QT_END_NAMESPACE


#include "moc_qsslserver.cpp"

QAbstractSocketEngine::isReadNotificationEnabled
virtual bool isReadNotificationEnabled() const =0

QAbstractSocket
The QAbstractSocket class provides the base functionality common to all socket types.
Definition qabstractsocket.h:31

QAbstractSocket::errorOccurred
void errorOccurred(QAbstractSocket::SocketError)

QAbstractSocket::bytesAvailable
qint64 bytesAvailable() const override
Returns the number of incoming bytes that are waiting to be read.
Definition qabstractsocket.cpp:1755

QAbstractSocket::disconnectFromHost
virtual void disconnectFromHost()
Attempts to close the socket.
Definition qabstractsocket.cpp:2612

QAbstractSocket::SocketError
SocketError
This enum describes the socket errors that can occur.
Definition qabstractsocket.h:61

QAbstractSocket::SocketTimeoutError
@ SocketTimeoutError
Definition qabstractsocket.h:67

QIODevice::readyRead
void readyRead()
This signal is emitted once every time new data is available for reading from the device's current re...

QIODevice::peek
qint64 peek(char *data, qint64 maxlen)
Definition qiodevice.cpp:1880

Connection
\inmodule QtCore Represents a handle to a signal-slot (or signal-functor) connection.

QObject
\inmodule QtCore
Definition qobject.h:103

QObject::connect
static QMetaObject::Connection connect(const QObject *sender, const char *signal, const QObject *receiver, const char *member, Qt::ConnectionType=Qt::AutoConnection)
\threadsafe
Definition qobject.cpp:2960

QObject::disconnect
static bool disconnect(const QObject *sender, const char *signal, const QObject *receiver, const char *member)
\threadsafe
Definition qobject.cpp:3236

QObject::destroyed
void destroyed(QObject *=nullptr)
This signal is emitted immediately before the object obj is destroyed, after any instances of QPointe...

QObject::deleteLater
void deleteLater()
\threadsafe
Definition qobject.cpp:2435

QSslConfiguration
The QSslConfiguration class holds the configuration and state of an SSL connection.
Definition qsslconfiguration.h:41

QSslError
The QSslError class provides an SSL error.
Definition qsslerror.h:21

QSslPreSharedKeyAuthenticator
The QSslPreSharedKeyAuthenticator class provides authentication data for pre shared keys (PSK) cipher...
Definition qsslpresharedkeyauthenticator.h:18

QSslServerPrivate
Definition qsslserver_p.h:31

QSslServerPrivate::initializeHandshakeProcess
void initializeHandshakeProcess(QSslSocket *socket)
Definition qsslserver.cpp:330

QSslServerPrivate::QSslServerPrivate
QSslServerPrivate()
Definition qsslserver.cpp:192

QSslServerPrivate::removeSocketData
void removeSocketData(quintptr socket)
Definition qsslserver.cpp:351

QSslServerPrivate::checkClientHelloAndContinue
void checkClientHelloAndContinue()
Definition qsslserver.cpp:366

QSslServerPrivate::totalPendingConnections
int totalPendingConnections() const override
Definition qsslserver.cpp:360

QSslServerPrivate::socketData
QHash< quintptr, SocketData > socketData
Definition qsslserver_p.h:62

QSslServerPrivate::handleHandshakeTimedOut
void handleHandshakeTimedOut(QSslSocket *socket)
Definition qsslserver.cpp:399

QSslServerPrivate::handshakeTimeout
int handshakeTimeout
Definition qsslserver_p.h:65

QSslServer
\inmodule QtNetwork
Definition qsslserver.h:25

QSslServer::setSslConfiguration
void setSslConfiguration(const QSslConfiguration &sslConfiguration)
Sets the sslConfiguration to use for all following incoming connections.
Definition qsslserver.cpp:222

QSslServer::peerVerifyError
void peerVerifyError(QSslSocket *socket, const QSslError &error)
QSslServer can emit this signal several times during the SSL handshake, before encryption has been es...

QSslServer::errorOccurred
void errorOccurred(QSslSocket *socket, QAbstractSocket::SocketError error)
This signal is emitted after an error occurred during handshake.

QSslServer::handshakeInterruptedOnError
void handshakeInterruptedOnError(QSslSocket *socket, const QSslError &error)
QSslServer emits this signal if a certificate verification error was found by socket and if early err...

QSslServer::sslConfiguration
QSslConfiguration sslConfiguration() const
Returns the current ssl configuration.
Definition qsslserver.cpp:231

QSslServer::incomingConnection
void incomingConnection(qintptr socket) override
Called when a new connection is established.
Definition qsslserver.cpp:280

QSslServer::setHandshakeTimeout
void setHandshakeTimeout(int timeout)
Sets the timeout to use for all incoming handshakes, in milliseconds.
Definition qsslserver.cpp:256

QSslServer::alertSent
void alertSent(QSslSocket *socket, QSsl::AlertLevel level, QSsl::AlertType type, const QString &description)
QSslServer emits this signal if an alert message was sent from socket to a peer.

QSslServer::alertReceived
void alertReceived(QSslSocket *socket, QSsl::AlertLevel level, QSsl::AlertType type, const QString &description)
QSslServer emits this signal if an alert message was received by the socket from a peer.

QSslServer::sslErrors
void sslErrors(QSslSocket *socket, const QList< QSslError > &errors)
QSslServer emits this signal after the SSL handshake to indicate that one or more errors have occurre...

QSslServer::~QSslServer
~QSslServer() override
Destroys the QSslServer.
Definition qsslserver.cpp:210

QSslServer::handshakeTimeout
int handshakeTimeout() const
Returns the currently configured handshake timeout.
Definition qsslserver.cpp:267

QSslServer::QSslServer
QSslServer(QObject *parent=nullptr)
Constructs a new QSslServer with the given parent.
Definition qsslserver.cpp:200

QSslServer::preSharedKeyAuthenticationRequired
void preSharedKeyAuthenticationRequired(QSslSocket *socket, QSslPreSharedKeyAuthenticator *authenticator)
QSslServer emits this signal when socket negotiates a PSK ciphersuite, and therefore PSK authenticati...

QSslSocket
The QSslSocket class provides an SSL encrypted socket for both clients and servers.
Definition qsslsocket.h:29

QSslSocket::sslErrors
void sslErrors(const QList< QSslError > &errors)
QSslSocket emits this signal after the SSL handshake to indicate that one or more errors have occurre...

QSslSocket::alertSent
void alertSent(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description)
QSslSocket emits this signal if an alert message was sent to a peer.

QSslSocket::peerVerifyError
void peerVerifyError(const QSslError &error)

QSslSocket::preSharedKeyAuthenticationRequired
void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator)

QSslSocket::encrypted
void encrypted()
This signal is emitted when QSslSocket enters encrypted mode.

QSslSocket::alertReceived
void alertReceived(QSsl::AlertLevel level, QSsl::AlertType type, const QString &description)
QSslSocket emits this signal if an alert message was received from a peer.

QSslSocket::handshakeInterruptedOnError
void handshakeInterruptedOnError(const QSslError &error)
QSslSocket emits this signal if a certificate verification error was found and if early error reporti...

QString
\macro QT_RESTRICTED_CAST_FROM_ASCII
Definition qstring.h:129

QTcpServerPrivate::socketEngine
QAbstractSocketEngine * socketEngine
Definition qtcpserver_p.h:45

QTcpServerPrivate::maxConnections
int maxConnections
Definition qtcpserver_p.h:51

QTcpServerPrivate::totalPendingConnections
virtual int totalPendingConnections() const
Definition qtcpserver.cpp:217

QTcpServer
The QTcpServer class provides a TCP-based server.
Definition qtcpserver.h:22

QTcpServer::addPendingConnection
void addPendingConnection(QTcpSocket *socket)
This function is called by QTcpServer::incomingConnection() to add the socket to the list of pending ...
Definition qtcpserver.cpp:610

it
QSet< QString >::iterator it
Definition doc_src_qset.cpp:85

QSsl::AlertLevel
AlertLevel
Describes the level of an alert message.
Definition qssl.h:86

QSsl::AlertType
AlertType
Enumerates possible codes that an alert message can have.
Definition qssl.h:93

QT_BEGIN_NAMESPACE
Combined button and popup list for selecting options.
Definition qstandardpaths_haiku.cpp:21

QT_END_NAMESPACE
Definition qsharedpointer.cpp:1590

Q_UNLIKELY
#define Q_UNLIKELY(x)
Definition qcompilerdetection.h:1017

Q_LIKELY
#define Q_LIKELY(x)
Definition qcompilerdetection.h:1014

error
DBusConnection const char DBusError * error
Definition qdbus_symbols_p.h:165

level
GLenum GLuint GLint level
Definition qopengles2ext.h:416

timeout
GLbitfield GLuint64 timeout
[4]
Definition qopengles2ext.h:1029

type
GLenum type
Definition qopengles2ext.h:150

obj
GLhandleARB obj
[2]
Definition qopenglext.h:4164

q
GLdouble GLdouble GLdouble GLdouble q
Definition qopenglext.h:259

qsslserver.h

qsslserver_p.h

Q_EMIT
#define Q_EMIT
Definition qtmetamacros.h:47

quintptr
size_t quintptr
Definition qtypes.h:167

qintptr
ptrdiff_t qintptr
Definition qtypes.h:166

socket
QTcpSocket * socket
[1]
Definition src_corelib_kernel_qobject.cpp:392

d
double d
Definition src_corelib_text_qlocale.cpp:9