<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en_US" xml:lang="en_US"> <head> <title>kio/kssl: kssl.cc Source File (kio/kssl)</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="pics-label" content='(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline DE v2.0" l gen true for "http://www.kde.org" r (nz 1 vz 1 lz 1 oz 1 cb 1) "http://www.rsac.org/ratingsv01.html" l gen true for "http://www.kde.org" r (n 0 s 0 v 0 l 0))' /> <meta name="trademark" content="KDE e.V." /> <meta name="description" content="K Desktop Environment Homepage, KDE.org" /> <meta name="MSSmartTagsPreventParsing" content="true" /> <meta name="robots" content="all" /> <link rel="shortcut icon" href="../../../favicon.ico" /> <link rel="stylesheet" media="screen" type="text/css" title="APIDOX" href="doxygen.css" /> </head> <body> <div id="nav_header_top" align="right"> <a href="#content" class="doNotDisplay" accesskey="2">Skip to main content ::</a> <a href="../../.."><img id="nav_header_logo" alt="Home" align="left" src="../../../kde_gear_64.png" border="0" /></a> <span class="doNotDisplay">::</span> <div id="nav_header_title" align="left">KDE API Reference</div> </div> <div id="nav_header_bottom" align="right"> <span class="doNotDisplay">:: <a href="#navigation" accesskey="5">Skip to Link Menu</a><br/></span> <div id="nav_header_bottom_right" style="text-align: left;"> / <a href="../../..">API Reference</a> / <a href="../../html/index.html">kio</a> / <a href=".">kssl</a> </div> </div> <table id="main" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td valign="top" class="menuheader" height="0"></td> <td id="contentcolumn" valign="top" rowspan="2" > <div id="content" style="padding-top: 0px;"><div style="width:100%; margin: 0px; padding: 0px;"> <a name="content"></a> <!-- Generated by Doxygen 1.7.4 --> <div class="header"> <div class="headertitle"> <div class="title">kssl.cc</div> </div> </div> <div class="contents"> <div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/* This file is part of the KDE project</span> <a name="l00002"></a>00002 <span class="comment"> *</span> <a name="l00003"></a>00003 <span class="comment"> * Copyright (C) 2000-2003 George Staikos <staikos@kde.org></span> <a name="l00004"></a>00004 <span class="comment"> *</span> <a name="l00005"></a>00005 <span class="comment"> * This library is free software; you can redistribute it and/or</span> <a name="l00006"></a>00006 <span class="comment"> * modify it under the terms of the GNU Library General Public</span> <a name="l00007"></a>00007 <span class="comment"> * License as published by the Free Software Foundation; either</span> <a name="l00008"></a>00008 <span class="comment"> * version 2 of the License, or (at your option) any later version.</span> <a name="l00009"></a>00009 <span class="comment"> *</span> <a name="l00010"></a>00010 <span class="comment"> * This library is distributed in the hope that it will be useful,</span> <a name="l00011"></a>00011 <span class="comment"> * but WITHOUT ANY WARRANTY; without even the implied warranty of</span> <a name="l00012"></a>00012 <span class="comment"> * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU</span> <a name="l00013"></a>00013 <span class="comment"> * Library General Public License for more details.</span> <a name="l00014"></a>00014 <span class="comment"> *</span> <a name="l00015"></a>00015 <span class="comment"> * You should have received a copy of the GNU Library General Public License</span> <a name="l00016"></a>00016 <span class="comment"> * along with this library; see the file COPYING.LIB. If not, write to</span> <a name="l00017"></a>00017 <span class="comment"> * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,</span> <a name="l00018"></a>00018 <span class="comment"> * Boston, MA 02110-1301, USA.</span> <a name="l00019"></a>00019 <span class="comment"> */</span> <a name="l00020"></a>00020 <a name="l00021"></a>00021 <span class="preprocessor">#ifdef HAVE_CONFIG_H</span> <a name="l00022"></a>00022 <span class="preprocessor"></span><span class="preprocessor">#include <config.h></span> <a name="l00023"></a>00023 <span class="preprocessor">#endif</span> <a name="l00024"></a>00024 <span class="preprocessor"></span> <a name="l00025"></a>00025 <span class="comment">// this hack provided by Malte Starostik to avoid glibc/openssl bug</span> <a name="l00026"></a>00026 <span class="comment">// on some systems</span> <a name="l00027"></a>00027 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00028"></a>00028 <span class="preprocessor"></span><span class="preprocessor">#include <unistd.h></span> <a name="l00029"></a>00029 <span class="preprocessor">#include <netinet/in.h></span> <a name="l00030"></a>00030 <span class="preprocessor">#include <sys/socket.h></span> <a name="l00031"></a>00031 <span class="preprocessor">#define crypt _openssl_crypt</span> <a name="l00032"></a>00032 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/ssl.h></span> <a name="l00033"></a>00033 <span class="preprocessor">#include <openssl/x509.h></span> <a name="l00034"></a>00034 <span class="preprocessor">#include <openssl/x509v3.h></span> <a name="l00035"></a>00035 <span class="preprocessor">#include <openssl/pem.h></span> <a name="l00036"></a>00036 <span class="preprocessor">#include <openssl/rand.h></span> <a name="l00037"></a>00037 <span class="preprocessor">#undef crypt</span> <a name="l00038"></a>00038 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00039"></a>00039 <span class="preprocessor"></span> <a name="l00040"></a>00040 <span class="preprocessor">#include "kssl.h"</span> <a name="l00041"></a>00041 <a name="l00042"></a>00042 <span class="preprocessor">#include <kdebug.h></span> <a name="l00043"></a>00043 <span class="preprocessor">#include <kstandarddirs.h></span> <a name="l00044"></a>00044 <span class="preprocessor">#include <ksock.h></span> <a name="l00045"></a>00045 <span class="preprocessor">#include <ksockaddr.h></span> <a name="l00046"></a>00046 <a name="l00047"></a>00047 <span class="preprocessor">#include <kopenssl.h></span> <a name="l00048"></a>00048 <span class="preprocessor">#include <ksslx509v3.h></span> <a name="l00049"></a>00049 <span class="preprocessor">#include <ksslpkcs12.h></span> <a name="l00050"></a>00050 <span class="preprocessor">#include <ksslsession.h></span> <a name="l00051"></a>00051 <span class="preprocessor">#include <klocale.h></span> <a name="l00052"></a>00052 <span class="preprocessor">#include <ksocks.h></span> <a name="l00053"></a>00053 <a name="l00054"></a>00054 <span class="preprocessor">#define sk_dup d->kossl->sk_dup</span> <a name="l00055"></a>00055 <span class="preprocessor"></span> <a name="l00056"></a>00056 <span class="keyword">class </span>KSSLPrivate { <a name="l00057"></a>00057 <span class="keyword">public</span>: <a name="l00058"></a>00058 KSSLPrivate() { <a name="l00059"></a>00059 lastInitTLS = <span class="keyword">false</span>; <a name="l00060"></a>00060 kossl = <a class="code" href="classKOpenSSLProxy.html#ae52c060e4d98c84316078b1e2c8a8527" title="Return an instance of class KOpenSSLProxy * You cannot delete this object.">KOpenSSLProxy::self</a>(); <a name="l00061"></a>00061 session = 0L; <a name="l00062"></a>00062 } <a name="l00063"></a>00063 <a name="l00064"></a>00064 ~KSSLPrivate() { <a name="l00065"></a>00065 <span class="keyword">delete</span> session; <a name="l00066"></a>00066 session = 0L; <a name="l00067"></a>00067 } <a name="l00068"></a>00068 <a name="l00069"></a>00069 <span class="keywordtype">bool</span> lastInitTLS; <a name="l00070"></a>00070 <a class="code" href="classKSSLCertificate.html#a2e4a36dd232c6a88307875ad7853a9c5" title="A CA certificate can be validated as Irrelevant when it was not used to sign any other relevant certi...">KSSLCertificate::KSSLValidation</a> m_cert_vfy_res; <a name="l00071"></a>00071 <a class="codeRef" href="qstring.html">QString</a> proxyPeer; <a name="l00072"></a>00072 <a name="l00073"></a>00073 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00074"></a>00074 <span class="preprocessor"></span> SSL *m_ssl; <a name="l00075"></a>00075 SSL_CTX *m_ctx; <a name="l00076"></a>00076 SSL_METHOD *m_meth; <a name="l00077"></a>00077 <span class="preprocessor">#endif</span> <a name="l00078"></a>00078 <span class="preprocessor"></span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a> *session; <a name="l00079"></a>00079 KOSSL *kossl; <a name="l00080"></a>00080 }; <a name="l00081"></a>00081 <a name="l00082"></a>00082 <a name="l00083"></a><a class="code" href="classKSSL.html#a2be59147b83aa6e8ed03ea5af4c047ff">00083</a> <a class="code" href="classKSSL.html#a2be59147b83aa6e8ed03ea5af4c047ff" title="Construct a KSSL object.">KSSL::KSSL</a>(<span class="keywordtype">bool</span> init) { <a name="l00084"></a>00084 d = <span class="keyword">new</span> KSSLPrivate; <a name="l00085"></a>00085 m_bInit = <span class="keyword">false</span>; <a name="l00086"></a>00086 m_bAutoReconfig = <span class="keyword">true</span>; <a name="l00087"></a>00087 m_cfg = <span class="keyword">new</span> <a class="code" href="classKSSLSettings.html" title="KDE SSL Settings.">KSSLSettings</a>(); <a name="l00088"></a>00088 <span class="preprocessor">#ifdef KSSL_HAVE_SSL </span> <a name="l00089"></a>00089 <span class="preprocessor"></span> d->m_ssl = 0L; <a name="l00090"></a>00090 <span class="preprocessor">#endif </span> <a name="l00091"></a>00091 <span class="preprocessor"></span> <a name="l00092"></a>00092 <span class="keywordflow">if</span> (init) <a name="l00093"></a>00093 <a class="code" href="classKSSL.html#affdde4e60307ba2de41bd7a678db5970" title="Initialize OpenSSL.">initialize</a>(); <a name="l00094"></a>00094 } <a name="l00095"></a>00095 <a name="l00096"></a>00096 <a name="l00097"></a><a class="code" href="classKSSL.html#acf3c2d40a80e09fc74cc1e6c813fee19">00097</a> <a class="code" href="classKSSL.html#acf3c2d40a80e09fc74cc1e6c813fee19" title="Destroy this KSSL object.">KSSL::~KSSL</a>() { <a name="l00098"></a>00098 <a class="code" href="classKSSL.html#a139ce67948e3e90c52df03745207091e" title="Close the SSL session.">close</a>(); <a name="l00099"></a>00099 <span class="keyword">delete</span> m_cfg; <a name="l00100"></a>00100 <span class="keyword">delete</span> d; <a name="l00101"></a>00101 } <a name="l00102"></a>00102 <a name="l00103"></a>00103 <a name="l00104"></a><a class="code" href="classKSSL.html#ab0259ce081f4b6b2d7928120bf926e4e">00104</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#ab0259ce081f4b6b2d7928120bf926e4e" title="This will reseed the pseudo-random number generator with the EGD (entropy gathering daemon) if the EG...">KSSL::seedWithEGD</a>() { <a name="l00105"></a>00105 <span class="keywordtype">int</span> rc = 0; <a name="l00106"></a>00106 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00107"></a>00107 <span class="preprocessor"></span> <span class="keywordflow">if</span> (m_cfg-><a class="code" href="classKSSLSettings.html#adadd2474c10ebf9d5fc64f386e46e21d" title="Does the user want to use the Entropy Gathering Daemon?">useEGD</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>()) { <a name="l00108"></a>00108 rc = d->kossl->RAND_egd(m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#latin1">latin1</a>()); <a name="l00109"></a>00109 <span class="keywordflow">if</span> (rc < 0) <a name="l00110"></a>00110 kdDebug(7029) << <span class="stringliteral">"KSSL: Error seeding PRNG with the EGD."</span> << endl; <a name="l00111"></a>00111 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"KSSL: PRNG was seeded with "</span> << rc <a name="l00112"></a>00112 << <span class="stringliteral">" bytes from the EGD."</span> << endl; <a name="l00113"></a>00113 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (m_cfg-><a class="code" href="classKSSLSettings.html#a7d547c47d68842bd15034e091b21a970" title="Does the user want to use an entropy file?">useEFile</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>()) { <a name="l00114"></a>00114 rc = d->kossl->RAND_load_file(m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#latin1">latin1</a>(), -1); <a name="l00115"></a>00115 <span class="keywordflow">if</span> (rc < 0) <a name="l00116"></a>00116 kdDebug(7029) << <span class="stringliteral">"KSSL: Error seeding PRNG with the entropy file."</span> << endl; <a name="l00117"></a>00117 <span class="keywordflow">else</span> kdDebug(7029) << <span class="stringliteral">"KSSL: PRNG was seeded with "</span> << rc <a name="l00118"></a>00118 << <span class="stringliteral">" bytes from the entropy file."</span> << endl; <a name="l00119"></a>00119 } <a name="l00120"></a>00120 <span class="preprocessor">#endif</span> <a name="l00121"></a>00121 <span class="preprocessor"></span><span class="keywordflow">return</span> rc; <a name="l00122"></a>00122 } <a name="l00123"></a>00123 <a name="l00124"></a>00124 <a name="l00125"></a><a class="code" href="classKSSL.html#ae369b2b9c136b4fc1d7ff5171bdd8ee3">00125</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#ae369b2b9c136b4fc1d7ff5171bdd8ee3" title="This is used for applicationss which do STARTTLS or something similar.">KSSL::TLSInit</a>() { <a name="l00126"></a>00126 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00127"></a>00127 <span class="preprocessor"></span><span class="comment">// kdDebug(7029) << "KSSL TLS initialize" << endl;</span> <a name="l00128"></a>00128 <span class="keywordflow">if</span> (m_bInit) <a name="l00129"></a>00129 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00130"></a>00130 <a name="l00131"></a>00131 <span class="keywordflow">if</span> (m_bAutoReconfig) <a name="l00132"></a>00132 m_cfg-><a class="code" href="classKSSLSettings.html#a4cbefbf3bd5019889b31d54c361b5d92" title="Load the user's settings.">load</a>(); <a name="l00133"></a>00133 <a name="l00134"></a>00134 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>()) <a name="l00135"></a>00135 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00136"></a>00136 <a name="l00137"></a>00137 <a class="code" href="classKSSL.html#ab0259ce081f4b6b2d7928120bf926e4e" title="This will reseed the pseudo-random number generator with the EGD (entropy gathering daemon) if the EG...">seedWithEGD</a>(); <a name="l00138"></a>00138 d->m_meth = d->kossl->TLSv1_client_method(); <a name="l00139"></a>00139 d->lastInitTLS = <span class="keyword">true</span>; <a name="l00140"></a>00140 <a name="l00141"></a>00141 m_pi.<a class="code" href="classKSSLPeerInfo.html#a4cd4fd12bf95a9c76205e0ffabf97594" title="Clear out the host name.">reset</a>(); <a name="l00142"></a>00142 <a name="l00143"></a>00143 d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth); <a name="l00144"></a>00144 <span class="keywordflow">if</span> (d->m_ctx == 0L) { <a name="l00145"></a>00145 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00146"></a>00146 } <a name="l00147"></a>00147 <a name="l00148"></a>00148 <span class="comment">// set cipher list</span> <a name="l00149"></a>00149 <a class="codeRef" href="qstring.html">QString</a> clist = m_cfg-><a class="code" href="classKSSLSettings.html#a179c7916531f7088363614576460b256" title="Get the OpenSSL cipher list for selecting the list of ciphers to use in a connection.">getCipherList</a>(); <a name="l00150"></a>00150 <span class="comment">//kdDebug(7029) << "Cipher list: " << clist << endl;</span> <a name="l00151"></a>00151 <span class="keywordflow">if</span> (!clist.<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>()) <a name="l00152"></a>00152 d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.<a class="codeRef" href="qstring.html#ascii">ascii</a>())); <a name="l00153"></a>00153 <a name="l00154"></a>00154 m_bInit = <span class="keyword">true</span>; <a name="l00155"></a>00155 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00156"></a>00156 <span class="preprocessor">#else</span> <a name="l00157"></a>00157 <span class="preprocessor"></span><span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00158"></a>00158 <span class="preprocessor">#endif</span> <a name="l00159"></a>00159 <span class="preprocessor"></span>} <a name="l00160"></a>00160 <a name="l00161"></a>00161 <a name="l00162"></a><a class="code" href="classKSSL.html#affdde4e60307ba2de41bd7a678db5970">00162</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#affdde4e60307ba2de41bd7a678db5970" title="Initialize OpenSSL.">KSSL::initialize</a>() { <a name="l00163"></a>00163 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00164"></a>00164 <span class="preprocessor"></span> kdDebug(7029) << <span class="stringliteral">"KSSL initialize"</span> << endl; <a name="l00165"></a>00165 <span class="keywordflow">if</span> (m_bInit) <a name="l00166"></a>00166 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00167"></a>00167 <a name="l00168"></a>00168 <span class="keywordflow">if</span> (m_bAutoReconfig) <a name="l00169"></a>00169 m_cfg-><a class="code" href="classKSSLSettings.html#a4cbefbf3bd5019889b31d54c361b5d92" title="Load the user's settings.">load</a>(); <a name="l00170"></a>00170 <a name="l00171"></a>00171 <a class="code" href="classKSSL.html#ab0259ce081f4b6b2d7928120bf926e4e" title="This will reseed the pseudo-random number generator with the EGD (entropy gathering daemon) if the EG...">seedWithEGD</a>(); <a name="l00172"></a>00172 <span class="comment">// FIXME: we should be able to force SSL off entirely.</span> <a name="l00173"></a>00173 d->lastInitTLS = <span class="keyword">false</span>; <a name="l00174"></a>00174 <a name="l00175"></a>00175 m_pi.<a class="code" href="classKSSLPeerInfo.html#a4cd4fd12bf95a9c76205e0ffabf97594" title="Clear out the host name.">reset</a>(); <a name="l00176"></a>00176 <a name="l00177"></a>00177 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#a0897b6fe386ea2de29e87b45888a0a83" title="Does the user allow SSLv3.">sslv3</a>() && m_cfg-><a class="code" href="classKSSLSettings.html#a23034983387ae7bdc6fb0f739c1c00ab" title="Does the user allow SSLv2.">sslv2</a>()) <a name="l00178"></a>00178 d->m_meth = d->kossl->SSLv2_client_method(); <a name="l00179"></a>00179 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#a0897b6fe386ea2de29e87b45888a0a83" title="Does the user allow SSLv3.">sslv3</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#a23034983387ae7bdc6fb0f739c1c00ab" title="Does the user allow SSLv2.">sslv2</a>()) <a name="l00180"></a>00180 d->m_meth = d->kossl->TLSv1_client_method(); <a name="l00181"></a>00181 <span class="keywordflow">else</span> <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>() && m_cfg-><a class="code" href="classKSSLSettings.html#a0897b6fe386ea2de29e87b45888a0a83" title="Does the user allow SSLv3.">sslv3</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#a23034983387ae7bdc6fb0f739c1c00ab" title="Does the user allow SSLv2.">sslv2</a>()) <a name="l00182"></a>00182 d->m_meth = d->kossl->SSLv3_client_method(); <a name="l00183"></a>00183 <span class="keywordflow">else</span> d->m_meth = d->kossl->SSLv23_client_method(); <a name="l00184"></a>00184 <a name="l00185"></a>00185 <span class="comment">/*</span> <a name="l00186"></a>00186 <span class="comment">if (m_cfg->sslv2() && m_cfg->sslv3()) kdDebug(7029) << "Double method" << endl;</span> <a name="l00187"></a>00187 <span class="comment">else if (m_cfg->sslv2()) kdDebug(7029) << "SSL2 method" << endl;</span> <a name="l00188"></a>00188 <span class="comment">else if (m_cfg->sslv3()) kdDebug(7029) << "SSL3 method" << endl;</span> <a name="l00189"></a>00189 <span class="comment">*/</span> <a name="l00190"></a>00190 <a name="l00191"></a>00191 d->m_ctx = d->kossl->SSL_CTX_new(d->m_meth); <a name="l00192"></a>00192 <span class="keywordflow">if</span> (d->m_ctx == 0L) { <a name="l00193"></a>00193 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00194"></a>00194 } <a name="l00195"></a>00195 <a name="l00196"></a>00196 <span class="comment">// set cipher list</span> <a name="l00197"></a>00197 <a class="codeRef" href="qstring.html">QString</a> clist = m_cfg-><a class="code" href="classKSSLSettings.html#a179c7916531f7088363614576460b256" title="Get the OpenSSL cipher list for selecting the list of ciphers to use in a connection.">getCipherList</a>(); <a name="l00198"></a>00198 kdDebug(7029) << <span class="stringliteral">"Cipher list: "</span> << clist << endl; <a name="l00199"></a>00199 <span class="keywordflow">if</span> (!clist.<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>()) <a name="l00200"></a>00200 d->kossl->SSL_CTX_set_cipher_list(d->m_ctx, const_cast<char *>(clist.<a class="codeRef" href="qstring.html#ascii">ascii</a>())); <a name="l00201"></a>00201 <a name="l00202"></a>00202 m_bInit = <span class="keyword">true</span>; <a name="l00203"></a>00203 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00204"></a>00204 <span class="preprocessor">#else</span> <a name="l00205"></a>00205 <span class="preprocessor"></span><span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00206"></a>00206 <span class="preprocessor">#endif</span> <a name="l00207"></a>00207 <span class="preprocessor"></span>} <a name="l00208"></a>00208 <a name="l00209"></a>00209 <a name="l00210"></a><a class="code" href="classKSSL.html#a231d567c65be69a85c5be58a8cd9d6c3">00210</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#a231d567c65be69a85c5be58a8cd9d6c3" title="Set an SSL session to use.">KSSL::setSession</a>(<span class="keyword">const</span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a> *session) { <a name="l00211"></a>00211 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00212"></a>00212 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!session) { <a name="l00213"></a>00213 <span class="keyword">delete</span> d->session; <a name="l00214"></a>00214 d->session = 0L; <a name="l00215"></a>00215 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00216"></a>00216 } <a name="l00217"></a>00217 <a name="l00218"></a>00218 <span class="comment">// Obtain a reference by incrementing the reference count. Yuck.</span> <a name="l00219"></a>00219 <span class="keyword">static_cast<</span>SSL_SESSION*<span class="keyword">></span>(session->_session)->references++; <a name="l00220"></a>00220 <a name="l00221"></a>00221 d->session = <span class="keyword">new</span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a>; <a name="l00222"></a>00222 d->session->_session = session->_session; <a name="l00223"></a>00223 <a name="l00224"></a>00224 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00225"></a>00225 <span class="preprocessor">#else</span> <a name="l00226"></a>00226 <span class="preprocessor"></span> <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00227"></a>00227 <span class="preprocessor">#endif</span> <a name="l00228"></a>00228 <span class="preprocessor"></span>} <a name="l00229"></a>00229 <a name="l00230"></a>00230 <a name="l00231"></a><a class="code" href="classKSSL.html#a139ce67948e3e90c52df03745207091e">00231</a> <span class="keywordtype">void</span> <a class="code" href="classKSSL.html#a139ce67948e3e90c52df03745207091e" title="Close the SSL session.">KSSL::close</a>() { <a name="l00232"></a>00232 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00233"></a>00233 <span class="preprocessor"></span><span class="comment">//kdDebug(7029) << "KSSL close" << endl;</span> <a name="l00234"></a>00234 <span class="keywordflow">if</span> (!m_bInit) <a name="l00235"></a>00235 <span class="keywordflow">return</span>; <a name="l00236"></a>00236 <a name="l00237"></a>00237 <span class="keyword">delete</span> d->session; <a name="l00238"></a>00238 d->session = 0L; <a name="l00239"></a>00239 <a name="l00240"></a>00240 <span class="keywordflow">if</span> (d->m_ssl) { <a name="l00241"></a>00241 d->kossl->SSL_shutdown(d->m_ssl); <a name="l00242"></a>00242 d->kossl->SSL_free(d->m_ssl); <a name="l00243"></a>00243 d->m_ssl = 0L; <a name="l00244"></a>00244 } <a name="l00245"></a>00245 <a name="l00246"></a>00246 d->kossl->SSL_CTX_free(d->m_ctx); <a name="l00247"></a>00247 <span class="keywordflow">if</span> (m_cfg-><a class="code" href="classKSSLSettings.html#a7d547c47d68842bd15034e091b21a970" title="Does the user want to use an entropy file?">useEFile</a>() && !m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#isEmpty">isEmpty</a>()) { <a name="l00248"></a>00248 d->kossl->RAND_write_file(m_cfg-><a class="code" href="classKSSLSettings.html#af30d82d62abed24cd1ce1bdf92ad9e40" title="Get the configured path to the entropy gathering daemon or entropy file.">getEGDPath</a>().<a class="codeRef" href="qstring.html#latin1">latin1</a>()); <a name="l00249"></a>00249 } <a name="l00250"></a>00250 <a name="l00251"></a>00251 m_bInit = <span class="keyword">false</span>; <a name="l00252"></a>00252 <span class="preprocessor">#endif</span> <a name="l00253"></a>00253 <span class="preprocessor"></span>} <a name="l00254"></a>00254 <a name="l00255"></a>00255 <a name="l00256"></a><a class="code" href="classKSSL.html#a1eacb2b55d699ce158af8c0b09322e8c">00256</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#a1eacb2b55d699ce158af8c0b09322e8c" title="Reinitialize OpenSSL.">KSSL::reInitialize</a>() { <a name="l00257"></a>00257 <a class="code" href="classKSSL.html#a139ce67948e3e90c52df03745207091e" title="Close the SSL session.">close</a>(); <a name="l00258"></a>00258 <span class="keywordflow">return</span> <a class="code" href="classKSSL.html#affdde4e60307ba2de41bd7a678db5970" title="Initialize OpenSSL.">initialize</a>(); <a name="l00259"></a>00259 } <a name="l00260"></a>00260 <a name="l00261"></a>00261 <span class="comment">// get the callback file - it's hidden away in here</span> <a name="l00262"></a>00262 <span class="comment">//#include "ksslcallback.c"</span> <a name="l00263"></a>00263 <a name="l00264"></a>00264 <a name="l00265"></a>00265 <span class="keywordtype">bool</span> KSSL::setVerificationLogic() { <a name="l00266"></a>00266 <span class="preprocessor">#if 0</span> <a name="l00267"></a>00267 <span class="preprocessor"></span><span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00268"></a>00268 <span class="preprocessor"></span> <span class="comment">// SSL_set_verify_result(d->m_ssl, X509_V_OK);</span> <a name="l00269"></a>00269 <span class="comment">// SSL_CTX_set_verify(d->m_ctx, SSL_VERIFY_PEER, X509Callback);</span> <a name="l00270"></a>00270 <span class="preprocessor">#endif</span> <a name="l00271"></a>00271 <span class="preprocessor"></span><span class="preprocessor">#endif</span> <a name="l00272"></a>00272 <span class="preprocessor"></span><span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00273"></a>00273 } <a name="l00274"></a>00274 <a name="l00275"></a>00275 <a name="l00276"></a><a class="code" href="classKSSL.html#a5137a886ecb0b4880cadaffb668c7506">00276</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#a5137a886ecb0b4880cadaffb668c7506" title="Connect the SSL session to the remote host using the provided socket descriptor.">KSSL::accept</a>(<span class="keywordtype">int</span> sock) { <a name="l00277"></a>00277 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00278"></a>00278 <span class="preprocessor"></span><span class="comment">// kdDebug(7029) << "KSSL accept" << endl;</span> <a name="l00279"></a>00279 <span class="keywordtype">int</span> rc; <a name="l00280"></a>00280 <span class="keywordflow">if</span> (!m_bInit) <a name="l00281"></a>00281 <span class="keywordflow">return</span> -1; <a name="l00282"></a>00282 d->m_ssl = d->kossl->SSL_new(d->m_ctx); <a name="l00283"></a>00283 <span class="keywordflow">if</span> (!d->m_ssl) <a name="l00284"></a>00284 <span class="keywordflow">return</span> -1; <a name="l00285"></a>00285 <a name="l00286"></a>00286 <span class="keywordflow">if</span> (d->session) { <a name="l00287"></a>00287 <span class="keywordflow">if</span> (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) <a name="l00288"></a>00288 { <a name="l00289"></a>00289 kdDebug(7029) << <span class="stringliteral">"Can't reuse session, no certificate."</span> << endl; <a name="l00290"></a>00290 <span class="keyword">delete</span> d->session; <a name="l00291"></a>00291 d->session = 0; <a name="l00292"></a>00292 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (1 == d->kossl->SSL_set_session(d->m_ssl, <a name="l00293"></a>00293 static_cast<SSL_SESSION*>(d->session->_session))) { <a name="l00294"></a>00294 kdDebug(7029) << <span class="stringliteral">"Session ID is being reused."</span> << endl; <a name="l00295"></a>00295 } <span class="keywordflow">else</span> { <a name="l00296"></a>00296 kdDebug(7029) << <span class="stringliteral">"Error attempting to reuse session."</span> << endl; <a name="l00297"></a>00297 <span class="keyword">delete</span> d->session; <a name="l00298"></a>00298 d->session = 0; <a name="l00299"></a>00299 } <a name="l00300"></a>00300 } <a name="l00301"></a>00301 <a name="l00302"></a>00302 <span class="comment">/*</span> <a name="l00303"></a>00303 <span class="comment"> if (!setVerificationLogic()) {</span> <a name="l00304"></a>00304 <span class="comment"> d->kossl->SSL_shutdown(d->m_ssl);</span> <a name="l00305"></a>00305 <span class="comment"> d->kossl->SSL_free(d->m_ssl);</span> <a name="l00306"></a>00306 <span class="comment"> d->m_ssl = 0;</span> <a name="l00307"></a>00307 <span class="comment"> return -1;</span> <a name="l00308"></a>00308 <span class="comment"> }</span> <a name="l00309"></a>00309 <span class="comment">*/</span> <a name="l00310"></a>00310 <a name="l00311"></a>00311 <span class="keywordtype">int</span> off = SSL_OP_ALL; <a name="l00312"></a>00312 <span class="keywordflow">if</span> (!d->lastInitTLS && !m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>()) <a name="l00313"></a>00313 off |= SSL_OP_NO_TLSv1; <a name="l00314"></a>00314 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a0897b6fe386ea2de29e87b45888a0a83" title="Does the user allow SSLv3.">sslv3</a>()) <a name="l00315"></a>00315 off |= SSL_OP_NO_SSLv3; <a name="l00316"></a>00316 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a23034983387ae7bdc6fb0f739c1c00ab" title="Does the user allow SSLv2.">sslv2</a>()) <a name="l00317"></a>00317 off |= SSL_OP_NO_SSLv2; <a name="l00318"></a>00318 <a name="l00319"></a>00319 d->kossl->SSL_set_options(d->m_ssl, off); <a name="l00320"></a>00320 <a name="l00321"></a>00321 rc = d->kossl->SSL_set_fd(d->m_ssl, sock); <a name="l00322"></a>00322 <span class="keywordflow">if</span> (rc == 0) { <a name="l00323"></a>00323 d->kossl->SSL_shutdown(d->m_ssl); <a name="l00324"></a>00324 d->kossl->SSL_free(d->m_ssl); <a name="l00325"></a>00325 d->m_ssl = 0; <a name="l00326"></a>00326 <span class="keywordflow">return</span> rc; <a name="l00327"></a>00327 } <a name="l00328"></a>00328 <a name="l00329"></a>00329 rc = d->kossl->SSL_accept(d->m_ssl); <a name="l00330"></a>00330 <span class="keywordflow">if</span> (rc == 1) { <a name="l00331"></a>00331 setConnectionInfo(); <a name="l00332"></a>00332 setPeerInfo(); <a name="l00333"></a>00333 kdDebug(7029) << <span class="stringliteral">"KSSL connected OK"</span> << endl; <a name="l00334"></a>00334 } <span class="keywordflow">else</span> { <a name="l00335"></a>00335 kdDebug(7029) << <span class="stringliteral">"KSSL accept failed - rc = "</span> << rc << endl; <a name="l00336"></a>00336 kdDebug(7029) << <span class="stringliteral">" ERROR = "</span> <a name="l00337"></a>00337 << d->kossl->SSL_get_error(d->m_ssl, rc) << endl; <a name="l00338"></a>00338 d->kossl->SSL_shutdown(d->m_ssl); <a name="l00339"></a>00339 d->kossl->SSL_free(d->m_ssl); <a name="l00340"></a>00340 d->m_ssl = 0; <a name="l00341"></a>00341 <span class="keywordflow">return</span> -1; <a name="l00342"></a>00342 } <a name="l00343"></a>00343 <a name="l00344"></a>00344 <span class="keywordflow">if</span> (!d->kossl->SSL_session_reused(d->m_ssl)) { <a name="l00345"></a>00345 <span class="keywordflow">if</span> (d->session) { <a name="l00346"></a>00346 kdDebug(7029) << <span class="stringliteral">"Session reuse failed. New session used instead."</span> << endl; <a name="l00347"></a>00347 <span class="keyword">delete</span> d->session; <a name="l00348"></a>00348 d->session = 0L; <a name="l00349"></a>00349 } <a name="l00350"></a>00350 } <a name="l00351"></a>00351 <a name="l00352"></a>00352 <span class="keywordflow">if</span> (!d->session) { <a name="l00353"></a>00353 SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl); <a name="l00354"></a>00354 <span class="keywordflow">if</span> (sess) { <a name="l00355"></a>00355 d->session = <span class="keyword">new</span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a>; <a name="l00356"></a>00356 d->session->_session = sess; <a name="l00357"></a>00357 } <a name="l00358"></a>00358 } <a name="l00359"></a>00359 <a name="l00360"></a>00360 <span class="keywordflow">return</span> rc; <a name="l00361"></a>00361 <span class="preprocessor">#else</span> <a name="l00362"></a>00362 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00363"></a>00363 <span class="preprocessor">#endif</span> <a name="l00364"></a>00364 <span class="preprocessor"></span>} <a name="l00365"></a>00365 <a name="l00366"></a>00366 <a name="l00367"></a><a class="code" href="classKSSL.html#abbc73f2a1ea948fed8adf951de7e3b4b">00367</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#abbc73f2a1ea948fed8adf951de7e3b4b" title="Connect the SSL session to the remote host using the provided socket descriptor.">KSSL::connect</a>(<span class="keywordtype">int</span> sock) { <a name="l00368"></a>00368 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00369"></a>00369 <span class="preprocessor"></span><span class="comment">// kdDebug(7029) << "KSSL connect" << endl;</span> <a name="l00370"></a>00370 <span class="keywordtype">int</span> rc; <a name="l00371"></a>00371 <span class="keywordflow">if</span> (!m_bInit) <a name="l00372"></a>00372 <span class="keywordflow">return</span> -1; <a name="l00373"></a>00373 d->m_ssl = d->kossl->SSL_new(d->m_ctx); <a name="l00374"></a>00374 <span class="keywordflow">if</span> (!d->m_ssl) <a name="l00375"></a>00375 <span class="keywordflow">return</span> -1; <a name="l00376"></a>00376 <a name="l00377"></a>00377 <span class="keywordflow">if</span> (d->session) { <a name="l00378"></a>00378 <span class="keywordflow">if</span> (static_cast<SSL_SESSION*>(d->session->_session)->sess_cert == 0) <a name="l00379"></a>00379 { <a name="l00380"></a>00380 kdDebug(7029) << <span class="stringliteral">"Can't reuse session, no certificate."</span> << endl; <a name="l00381"></a>00381 <span class="keyword">delete</span> d->session; <a name="l00382"></a>00382 d->session = 0; <a name="l00383"></a>00383 } <span class="keywordflow">else</span> <span class="keywordflow">if</span> (1 == d->kossl->SSL_set_session(d->m_ssl, <a name="l00384"></a>00384 static_cast<SSL_SESSION*>(d->session->_session))) { <a name="l00385"></a>00385 kdDebug(7029) << <span class="stringliteral">"Session ID is being reused."</span> << endl; <a name="l00386"></a>00386 } <span class="keywordflow">else</span> { <a name="l00387"></a>00387 kdDebug(7029) << <span class="stringliteral">"Error attempting to reuse session."</span> << endl; <a name="l00388"></a>00388 <span class="keyword">delete</span> d->session; <a name="l00389"></a>00389 d->session = 0; <a name="l00390"></a>00390 } <a name="l00391"></a>00391 } <a name="l00392"></a>00392 <a name="l00393"></a>00393 <span class="comment">/*</span> <a name="l00394"></a>00394 <span class="comment"> if (!setVerificationLogic()) {</span> <a name="l00395"></a>00395 <span class="comment"> d->kossl->SSL_shutdown(d->m_ssl);</span> <a name="l00396"></a>00396 <span class="comment"> d->kossl->SSL_free(d->m_ssl);</span> <a name="l00397"></a>00397 <span class="comment"> d->m_ssl = 0;</span> <a name="l00398"></a>00398 <span class="comment"> return -1;</span> <a name="l00399"></a>00399 <span class="comment"> }</span> <a name="l00400"></a>00400 <span class="comment">*/</span> <a name="l00401"></a>00401 <a name="l00402"></a>00402 <span class="keywordtype">int</span> off = SSL_OP_ALL; <a name="l00403"></a>00403 <span class="keywordflow">if</span> (!d->lastInitTLS && !m_cfg-><a class="code" href="classKSSLSettings.html#a0e95bad5abc2e96977d3f1b854f6c92a" title="Does the user allow TLSv1.">tlsv1</a>()) <a name="l00404"></a>00404 off |= SSL_OP_NO_TLSv1; <a name="l00405"></a>00405 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a0897b6fe386ea2de29e87b45888a0a83" title="Does the user allow SSLv3.">sslv3</a>()) <a name="l00406"></a>00406 off |= SSL_OP_NO_SSLv3; <a name="l00407"></a>00407 <span class="keywordflow">if</span> (!m_cfg-><a class="code" href="classKSSLSettings.html#a23034983387ae7bdc6fb0f739c1c00ab" title="Does the user allow SSLv2.">sslv2</a>()) <a name="l00408"></a>00408 off |= SSL_OP_NO_SSLv2; <a name="l00409"></a>00409 <a name="l00410"></a>00410 d->kossl->SSL_set_options(d->m_ssl, off); <a name="l00411"></a>00411 <a name="l00412"></a>00412 rc = d->kossl->SSL_set_fd(d->m_ssl, sock); <a name="l00413"></a>00413 <span class="keywordflow">if</span> (rc == 0) { <a name="l00414"></a>00414 d->kossl->SSL_shutdown(d->m_ssl); <a name="l00415"></a>00415 d->kossl->SSL_free(d->m_ssl); <a name="l00416"></a>00416 d->m_ssl = 0; <a name="l00417"></a>00417 <span class="keywordflow">return</span> rc; <a name="l00418"></a>00418 } <a name="l00419"></a>00419 <a name="l00420"></a>00420 connect_again: <a name="l00421"></a>00421 rc = d->kossl->SSL_connect(d->m_ssl); <a name="l00422"></a>00422 <span class="keywordflow">if</span> (rc == 1) { <a name="l00423"></a>00423 setConnectionInfo(); <a name="l00424"></a>00424 setPeerInfo(); <a name="l00425"></a>00425 kdDebug(7029) << <span class="stringliteral">"KSSL connected OK"</span> << endl; <a name="l00426"></a>00426 } <span class="keywordflow">else</span> { <a name="l00427"></a>00427 <span class="keywordtype">int</span> err = d->kossl->SSL_get_error(d->m_ssl, rc); <a name="l00428"></a>00428 <span class="keywordflow">if</span> (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) { <a name="l00429"></a>00429 <span class="comment">// nonblocking - but we block anyways in connect() :)</span> <a name="l00430"></a>00430 <span class="keywordflow">goto</span> connect_again; <a name="l00431"></a>00431 } <span class="keywordflow">else</span> { <a name="l00432"></a>00432 kdDebug(7029) << <span class="stringliteral">"KSSL connect failed - rc = "</span> <a name="l00433"></a>00433 << rc << endl; <a name="l00434"></a>00434 kdDebug(7029) << <span class="stringliteral">" ERROR = "</span> <a name="l00435"></a>00435 << err << endl; <a name="l00436"></a>00436 d->kossl->ERR_print_errors_fp(stderr); <a name="l00437"></a>00437 d->kossl->SSL_shutdown(d->m_ssl); <a name="l00438"></a>00438 d->kossl->SSL_free(d->m_ssl); <a name="l00439"></a>00439 d->m_ssl = 0; <a name="l00440"></a>00440 <span class="keywordflow">return</span> -1; <a name="l00441"></a>00441 } <a name="l00442"></a>00442 } <a name="l00443"></a>00443 <a name="l00444"></a>00444 <span class="keywordflow">if</span> (!d->kossl->SSL_session_reused(d->m_ssl)) { <a name="l00445"></a>00445 <span class="keywordflow">if</span> (d->session) { <a name="l00446"></a>00446 kdDebug(7029) << <span class="stringliteral">"Session reuse failed. New session used instead."</span> << endl; <a name="l00447"></a>00447 <span class="keyword">delete</span> d->session; <a name="l00448"></a>00448 d->session = 0L; <a name="l00449"></a>00449 } <a name="l00450"></a>00450 } <a name="l00451"></a>00451 <a name="l00452"></a>00452 <span class="keywordflow">if</span> (!d->session) { <a name="l00453"></a>00453 SSL_SESSION *sess = d->kossl->SSL_get1_session(d->m_ssl); <a name="l00454"></a>00454 <span class="keywordflow">if</span> (sess) { <a name="l00455"></a>00455 d->session = <span class="keyword">new</span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a>; <a name="l00456"></a>00456 d->session->_session = sess; <a name="l00457"></a>00457 } <a name="l00458"></a>00458 } <a name="l00459"></a>00459 <a name="l00460"></a>00460 <span class="keywordflow">return</span> rc; <a name="l00461"></a>00461 <span class="preprocessor">#else</span> <a name="l00462"></a>00462 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00463"></a>00463 <span class="preprocessor">#endif</span> <a name="l00464"></a>00464 <span class="preprocessor"></span>} <a name="l00465"></a>00465 <a name="l00466"></a>00466 <a name="l00467"></a><a class="code" href="classKSSL.html#a7ab6b430029e629bd97fad4832d806d5">00467</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#a7ab6b430029e629bd97fad4832d806d5" title="Determine if data is waiting to be read.">KSSL::pending</a>() { <a name="l00468"></a>00468 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00469"></a>00469 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!m_bInit) <a name="l00470"></a>00470 <span class="keywordflow">return</span> -1; <a name="l00471"></a>00471 <span class="keywordflow">return</span> d->kossl->SSL_pending(d->m_ssl); <a name="l00472"></a>00472 <span class="preprocessor">#else</span> <a name="l00473"></a>00473 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00474"></a>00474 <span class="preprocessor">#endif</span> <a name="l00475"></a>00475 <span class="preprocessor"></span>} <a name="l00476"></a>00476 <a name="l00477"></a>00477 <a name="l00478"></a><a class="code" href="classKSSL.html#acf3b01cdd797e67f1b6e8c1f36e44251">00478</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#acf3b01cdd797e67f1b6e8c1f36e44251" title="Peek at available data from the remote host via SSL.">KSSL::peek</a>(<span class="keywordtype">void</span> *buf, <span class="keywordtype">int</span> len) { <a name="l00479"></a>00479 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00480"></a>00480 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!m_bInit) <a name="l00481"></a>00481 <span class="keywordflow">return</span> -1; <a name="l00482"></a>00482 <span class="comment">// FIXME: enhance to work the way read() does below, handling errors</span> <a name="l00483"></a>00483 <span class="keywordflow">return</span> d->kossl->SSL_peek(d->m_ssl, buf, len); <a name="l00484"></a>00484 <span class="preprocessor">#else</span> <a name="l00485"></a>00485 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00486"></a>00486 <span class="preprocessor">#endif</span> <a name="l00487"></a>00487 <span class="preprocessor"></span>} <a name="l00488"></a>00488 <a name="l00489"></a>00489 <a name="l00490"></a><a class="code" href="classKSSL.html#af965115c5e352f8691e67b48be9e3128">00490</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#af965115c5e352f8691e67b48be9e3128" title="Read data from the remote host via SSL.">KSSL::read</a>(<span class="keywordtype">void</span> *buf, <span class="keywordtype">int</span> len) { <a name="l00491"></a>00491 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00492"></a>00492 <span class="preprocessor"></span> <span class="keywordtype">int</span> rc = 0; <a name="l00493"></a>00493 <span class="keywordtype">int</span> maxIters = 10; <a name="l00494"></a>00494 <a name="l00495"></a>00495 <span class="keywordflow">if</span> (!m_bInit) <a name="l00496"></a>00496 <span class="keywordflow">return</span> -1; <a name="l00497"></a>00497 <a name="l00498"></a>00498 read_again: <a name="l00499"></a>00499 rc = d->kossl->SSL_read(d->m_ssl, (<span class="keywordtype">char</span> *)buf, len); <a name="l00500"></a>00500 <span class="keywordflow">if</span> (rc <= 0) { <a name="l00501"></a>00501 <span class="keywordtype">int</span> err = d->kossl->SSL_get_error(d->m_ssl, rc); <a name="l00502"></a>00502 <a name="l00503"></a>00503 <span class="keywordflow">if</span> (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) { <a name="l00504"></a>00504 kdDebug(7029) << <span class="stringliteral">"SSL read() returning 0: "</span> << err << endl; <a name="l00505"></a>00505 <span class="keywordflow">if</span> (maxIters-- > 0) { <a name="l00506"></a>00506 ::usleep(20000); <span class="comment">// 20ms sleep</span> <a name="l00507"></a>00507 <span class="keywordflow">goto</span> read_again; <a name="l00508"></a>00508 } <a name="l00509"></a>00509 <span class="keywordflow">return</span> 0; <a name="l00510"></a>00510 } <a name="l00511"></a>00511 <a name="l00512"></a>00512 kdDebug(7029) << <span class="stringliteral">"SSL READ ERROR: "</span> << err << endl; <a name="l00513"></a>00513 <span class="keywordflow">if</span> (err != SSL_ERROR_NONE && <a name="l00514"></a>00514 err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL) { <a name="l00515"></a>00515 rc = -1; <span class="comment">// OpenSSL returns 0 on error too</span> <a name="l00516"></a>00516 d->kossl->ERR_print_errors_fp(stderr); <a name="l00517"></a>00517 } <a name="l00518"></a>00518 <a name="l00519"></a>00519 <span class="comment">// else if (err == SSL_ERROR_ZERO_RETURN)</span> <a name="l00520"></a>00520 <span class="comment">// rc = 0;</span> <a name="l00521"></a>00521 } <a name="l00522"></a>00522 <span class="keywordflow">return</span> rc; <a name="l00523"></a>00523 <span class="preprocessor">#else</span> <a name="l00524"></a>00524 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00525"></a>00525 <span class="preprocessor">#endif</span> <a name="l00526"></a>00526 <span class="preprocessor"></span>} <a name="l00527"></a>00527 <a name="l00528"></a>00528 <a name="l00529"></a><a class="code" href="classKSSL.html#a67be598a77dbe4695aa7a4a36aa3d44f">00529</a> <span class="keywordtype">int</span> <a class="code" href="classKSSL.html#a67be598a77dbe4695aa7a4a36aa3d44f" title="Write data to the remote host via SSL.">KSSL::write</a>(<span class="keyword">const</span> <span class="keywordtype">void</span> *buf, <span class="keywordtype">int</span> len) { <a name="l00530"></a>00530 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00531"></a>00531 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!m_bInit) <a name="l00532"></a>00532 <span class="keywordflow">return</span> -1; <a name="l00533"></a>00533 <a name="l00534"></a>00534 write_again: <a name="l00535"></a>00535 <span class="keywordtype">int</span> rc = d->kossl->SSL_write(d->m_ssl, (<span class="keyword">const</span> <span class="keywordtype">char</span> *)buf, len); <a name="l00536"></a>00536 <span class="keywordflow">if</span> (rc <= 0) { <span class="comment">// OpenSSL returns 0 on error too</span> <a name="l00537"></a>00537 <span class="keywordtype">int</span> err = d->kossl->SSL_get_error(d->m_ssl, rc); <a name="l00538"></a>00538 <a name="l00539"></a>00539 <span class="keywordflow">if</span> (err == SSL_ERROR_WANT_WRITE) { <a name="l00540"></a>00540 ::usleep(20000); <span class="comment">// 20ms sleep</span> <a name="l00541"></a>00541 <span class="keywordflow">goto</span> write_again; <a name="l00542"></a>00542 } <a name="l00543"></a>00543 <a name="l00544"></a>00544 kdDebug(7029) << <span class="stringliteral">"SSL WRITE ERROR: "</span> << err << endl; <a name="l00545"></a>00545 <span class="keywordflow">if</span> (err != SSL_ERROR_NONE && <a name="l00546"></a>00546 err != SSL_ERROR_ZERO_RETURN && err != SSL_ERROR_SYSCALL) <a name="l00547"></a>00547 rc = -1; <a name="l00548"></a>00548 } <a name="l00549"></a>00549 <a name="l00550"></a>00550 <span class="keywordflow">return</span> rc; <a name="l00551"></a>00551 <span class="preprocessor">#else</span> <a name="l00552"></a>00552 <span class="preprocessor"></span><span class="keywordflow">return</span> -1; <a name="l00553"></a>00553 <span class="preprocessor">#endif</span> <a name="l00554"></a>00554 <span class="preprocessor"></span>} <a name="l00555"></a>00555 <a name="l00556"></a>00556 <a name="l00557"></a><a class="code" href="classKSSL.html#a03ca504bc77b712e27be5ed6e18a1f14">00557</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#a03ca504bc77b712e27be5ed6e18a1f14" title="Trigger a reread of KSSL configuration and reInitialize() KSSL.">KSSL::reconfig</a>() { <a name="l00558"></a>00558 <span class="keywordflow">return</span> <a class="code" href="classKSSL.html#a1eacb2b55d699ce158af8c0b09322e8c" title="Reinitialize OpenSSL.">reInitialize</a>(); <a name="l00559"></a>00559 } <a name="l00560"></a>00560 <a name="l00561"></a>00561 <a name="l00562"></a><a class="code" href="classKSSL.html#a019c925a4fc9a98ffd699d34b6565fe4">00562</a> <span class="keywordtype">void</span> <a class="code" href="classKSSL.html#a019c925a4fc9a98ffd699d34b6565fe4" title="Enable or disable automatic reconfiguration on initialize().">KSSL::setAutoReconfig</a>(<span class="keywordtype">bool</span> ar) { <a name="l00563"></a>00563 m_bAutoReconfig = ar; <a name="l00564"></a>00564 } <a name="l00565"></a>00565 <a name="l00566"></a>00566 <a name="l00567"></a><a class="code" href="classKSSL.html#a07d13083665723ac4934eed2e84d0859">00567</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#a07d13083665723ac4934eed2e84d0859" title="Set a new KSSLSettings instance as the settings.">KSSL::setSettings</a>(<a class="code" href="classKSSLSettings.html" title="KDE SSL Settings.">KSSLSettings</a> *settings) { <a name="l00568"></a>00568 <span class="keyword">delete</span> m_cfg; <a name="l00569"></a>00569 m_cfg = <a class="code" href="classKSSL.html#ab9608b92111ea44512ffbb0531cd83e5" title="One is built by the constructor, so this will only return a NULL pointer if you set one with setSetti...">settings</a>; <a name="l00570"></a>00570 <span class="keywordflow">return</span> <a class="code" href="classKSSL.html#a03ca504bc77b712e27be5ed6e18a1f14" title="Trigger a reread of KSSL configuration and reInitialize() KSSL.">reconfig</a>(); <a name="l00571"></a>00571 } <a name="l00572"></a>00572 <a name="l00573"></a>00573 <a name="l00574"></a>00574 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00575"></a>00575 <span class="preprocessor"></span><span class="keywordtype">bool</span> KSSL::m_bSSLWorks = <span class="keyword">true</span>; <a name="l00576"></a>00576 <span class="preprocessor">#else</span> <a name="l00577"></a>00577 <span class="preprocessor"></span><span class="keywordtype">bool</span> KSSL::m_bSSLWorks = <span class="keyword">false</span>; <a name="l00578"></a>00578 <span class="preprocessor">#endif</span> <a name="l00579"></a>00579 <span class="preprocessor"></span> <a name="l00580"></a><a class="code" href="classKSSL.html#a0d25088d256aa6dcfbfd050087a74ae1">00580</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#a0d25088d256aa6dcfbfd050087a74ae1" title="Determine if SSL is available and works.">KSSL::doesSSLWork</a>() { <a name="l00581"></a>00581 <span class="keywordflow">return</span> m_bSSLWorks; <a name="l00582"></a>00582 } <a name="l00583"></a>00583 <a name="l00584"></a>00584 <a name="l00585"></a>00585 <span class="keywordtype">void</span> KSSL::setConnectionInfo() { <a name="l00586"></a>00586 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00587"></a>00587 <span class="preprocessor"></span>SSL_CIPHER *sc; <a name="l00588"></a>00588 <span class="keywordtype">char</span> buf[1024]; <a name="l00589"></a>00589 <a name="l00590"></a>00590 buf[0] = 0; <span class="comment">// for safety.</span> <a name="l00591"></a>00591 sc = d->kossl->SSL_get_current_cipher(d->m_ssl); <a name="l00592"></a>00592 <span class="keywordflow">if</span> (!sc) { <a name="l00593"></a>00593 kdDebug(7029) << <span class="stringliteral">"KSSL get current cipher failed - we're probably gonna crash!"</span> << endl; <a name="l00594"></a>00594 <span class="keywordflow">return</span>; <a name="l00595"></a>00595 } <a name="l00596"></a>00596 <a name="l00597"></a>00597 <span class="comment">// set the number of bits, bits used</span> <a name="l00598"></a>00598 m_ci.m_iCipherUsedBits = d->kossl->SSL_CIPHER_get_bits(sc, &(m_ci.m_iCipherBits)); <a name="l00599"></a>00599 <span class="comment">// set the cipher version</span> <a name="l00600"></a>00600 m_ci.m_cipherVersion = d->kossl->SSL_CIPHER_get_version(sc); <a name="l00601"></a>00601 <span class="comment">// set the cipher name</span> <a name="l00602"></a>00602 m_ci.m_cipherName = d->kossl->SSL_CIPHER_get_name(sc); <a name="l00603"></a>00603 <span class="comment">// set the cipher description</span> <a name="l00604"></a>00604 m_ci.m_cipherDescription = d->kossl->SSL_CIPHER_description(sc, buf, 1023); <a name="l00605"></a>00605 <a name="l00606"></a>00606 <span class="preprocessor">#endif</span> <a name="l00607"></a>00607 <span class="preprocessor"></span>} <a name="l00608"></a>00608 <a name="l00609"></a>00609 <a name="l00610"></a>00610 <span class="keywordtype">void</span> KSSL::setPeerInfo() { <a name="l00611"></a>00611 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00612"></a>00612 <span class="preprocessor"></span> m_pi.<a class="code" href="classKSSLPeerInfo.html#a723ea8fe1d7a551286741c1e07c45893" title="Set the host that we are connected to.">setPeerHost</a>(d->proxyPeer); <a name="l00613"></a>00613 m_pi.m_cert.<a class="code" href="classKSSLCertificate.html#af8609d00c4b29f2faa69dd7edc2566ba" title="Re-set the certificate from a base64 string.">setCert</a>(d->kossl->SSL_get_peer_certificate(d->m_ssl)); <a name="l00614"></a>00614 STACK_OF(X509) *xs = d->kossl->SSL_get_peer_cert_chain(d->m_ssl); <a name="l00615"></a>00615 <span class="keywordflow">if</span> (xs) <a name="l00616"></a>00616 xs = sk_X509_dup(xs); <span class="comment">// Leak? </span> <a name="l00617"></a>00617 m_pi.m_cert.setChain((<span class="keywordtype">void</span> *)xs); <a name="l00618"></a>00618 <span class="preprocessor">#endif</span> <a name="l00619"></a>00619 <span class="preprocessor"></span>} <a name="l00620"></a>00620 <a name="l00621"></a>00621 <a name="l00622"></a><a class="code" href="classKSSL.html#aa5814d35d0094035c5882e34aa6e0f34">00622</a> <a class="code" href="classKSSLConnectionInfo.html" title="KDE SSL Connection Information.">KSSLConnectionInfo</a>& <a class="code" href="classKSSL.html#aa5814d35d0094035c5882e34aa6e0f34" title="Obtain a reference to the connection information.">KSSL::connectionInfo</a>() { <a name="l00623"></a>00623 <span class="keywordflow">return</span> m_ci; <a name="l00624"></a>00624 } <a name="l00625"></a>00625 <a name="l00626"></a>00626 <a name="l00627"></a>00627 <span class="comment">// KDE 4: Make it const QString &</span> <a name="l00628"></a><a class="code" href="classKSSL.html#a4e8a3fab92cc86d22be2588d6d8e0063">00628</a> <span class="keywordtype">void</span> <a class="code" href="classKSSL.html#a4e8a3fab92cc86d22be2588d6d8e0063" title="Set the peer hostname to be used for certificate verification.">KSSL::setPeerHost</a>(<a class="codeRef" href="qstring.html">QString</a> realHost) { <a name="l00629"></a>00629 d->proxyPeer = realHost; <a name="l00630"></a>00630 } <a name="l00631"></a>00631 <a name="l00632"></a>00632 <span class="comment">// deprecated</span> <a name="l00633"></a><a class="code" href="classKSSL.html#a934c0c2998f0a06e63f3711bbf31ea2a">00633</a> <span class="keywordtype">void</span> <a class="code" href="classKSSL.html#a934c0c2998f0a06e63f3711bbf31ea2a" title="Set the status of the connection with respect to proxies.">KSSL::setProxyUse</a>(<span class="keywordtype">bool</span>, <a class="codeRef" href="qstring.html">QString</a>, <span class="keywordtype">int</span>, <a class="codeRef" href="qstring.html">QString</a>) { <a name="l00634"></a>00634 } <a name="l00635"></a>00635 <a name="l00636"></a>00636 <a name="l00637"></a><a class="code" href="classKSSL.html#a8b9d0102c7c555782385a7b4cfd68102">00637</a> <a class="code" href="classKSSLPeerInfo.html" title="KDE SSL Peer Data.">KSSLPeerInfo</a>& <a class="code" href="classKSSL.html#a8b9d0102c7c555782385a7b4cfd68102" title="Obtain a reference to the information about the peer.">KSSL::peerInfo</a>() { <a name="l00638"></a>00638 <span class="keywordflow">return</span> m_pi; <a name="l00639"></a>00639 } <a name="l00640"></a>00640 <a name="l00641"></a>00641 <a name="l00642"></a><a class="code" href="classKSSL.html#abccc0e454e09a3511766a4bcb188b5c4">00642</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#abccc0e454e09a3511766a4bcb188b5c4" title="Use this to set the certificate to send to the server.">KSSL::setClientCertificate</a>(<a class="code" href="classKSSLPKCS12.html" title="KDE PKCS#12 Certificate.">KSSLPKCS12</a> *pkcs) { <a name="l00643"></a>00643 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00644"></a>00644 <span class="preprocessor"></span> <span class="keywordflow">if</span> (!pkcs || !pkcs-><a class="code" href="classKSSLPKCS12.html#a8629012ce0527d8da360268019fa8716" title="Get the X.509 certificate.">getCertificate</a>()) <a name="l00645"></a>00645 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00646"></a>00646 <a name="l00647"></a>00647 <span class="keywordtype">int</span> rc; <a name="l00648"></a>00648 X509 *x = pkcs-><a class="code" href="classKSSLPKCS12.html#a8629012ce0527d8da360268019fa8716" title="Get the X.509 certificate.">getCertificate</a>()->getCert(); <a name="l00649"></a>00649 EVP_PKEY *k = pkcs-><a class="code" href="classKSSLPKCS12.html#a2a65acfa2725f8d20c1fc518341a42d9" title="Get the private key.">getPrivateKey</a>(); <a name="l00650"></a>00650 <a name="l00651"></a>00651 <span class="keywordflow">if</span> (!x || !k) <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00652"></a>00652 <a name="l00653"></a>00653 <span class="keywordflow">if</span> (!pkcs-><a class="code" href="classKSSLPKCS12.html#a8629012ce0527d8da360268019fa8716" title="Get the X.509 certificate.">getCertificate</a>()-><a class="code" href="classKSSLCertificate.html#a100edb1c7cf92fee486f84d288c14f93" title="Access the X.509v3 parameters.">x509V3Extensions</a>().<a class="code" href="classKSSLX509V3.html#a20ec4776a1964bb455580ae5bbf3c976" title="Determine if this certificate can be used by an SSL client.">certTypeSSLClient</a>()) <a name="l00654"></a>00654 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00655"></a>00655 <a name="l00656"></a>00656 rc = d->kossl->SSL_CTX_use_certificate(d->m_ctx, x); <a name="l00657"></a>00657 <span class="keywordflow">if</span> (rc <= 0) { <a name="l00658"></a>00658 kdDebug(7029) << <span class="stringliteral">"KSSL - SSL_CTX_use_certificate failed. rc = "</span> << rc << endl; <a name="l00659"></a>00659 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00660"></a>00660 } <a name="l00661"></a>00661 <a name="l00662"></a>00662 rc = d->kossl->SSL_CTX_use_PrivateKey(d->m_ctx, k); <a name="l00663"></a>00663 <span class="keywordflow">if</span> (rc <= 0) { <a name="l00664"></a>00664 kdDebug(7029) << <span class="stringliteral">"KSSL - SSL_CTX_use_PrivateKey failed. rc = "</span> << rc << endl; <a name="l00665"></a>00665 <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00666"></a>00666 } <a name="l00667"></a>00667 <a name="l00668"></a>00668 <span class="keywordflow">return</span> <span class="keyword">true</span>; <a name="l00669"></a>00669 <span class="preprocessor">#else</span> <a name="l00670"></a>00670 <span class="preprocessor"></span> <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00671"></a>00671 <span class="preprocessor">#endif</span> <a name="l00672"></a>00672 <span class="preprocessor"></span>} <a name="l00673"></a>00673 <a name="l00674"></a>00674 <span class="preprocessor">#undef sk_dup</span> <a name="l00675"></a>00675 <span class="preprocessor"></span> <a name="l00676"></a><a class="code" href="classKSSL.html#a9f28fb5abee9f1f8e1c9c615eed40fa4">00676</a> <span class="keyword">const</span> <a class="code" href="classKSSLSession.html" title="KDE SSL Session Information.">KSSLSession</a>* <a class="code" href="classKSSL.html#a9f28fb5abee9f1f8e1c9c615eed40fa4" title="Obtain a pointer to the session information.">KSSL::session</a>()<span class="keyword"> const </span>{ <a name="l00677"></a>00677 <span class="keywordflow">return</span> d->session; <a name="l00678"></a>00678 } <a name="l00679"></a>00679 <a name="l00680"></a><a class="code" href="classKSSL.html#af520c0c2520d995d1ed8e8a5cab4bf3e">00680</a> <span class="keywordtype">bool</span> <a class="code" href="classKSSL.html#af520c0c2520d995d1ed8e8a5cab4bf3e" title="Determine if we are currently reusing an SSL session ID.">KSSL::reusingSession</a>()<span class="keyword"> const </span>{ <a name="l00681"></a>00681 <span class="preprocessor">#ifdef KSSL_HAVE_SSL</span> <a name="l00682"></a>00682 <span class="preprocessor"></span> <span class="keywordflow">return</span> (d->m_ssl && d->kossl->SSL_session_reused(d->m_ssl)); <a name="l00683"></a>00683 <span class="preprocessor">#else</span> <a name="l00684"></a>00684 <span class="preprocessor"></span> <span class="keywordflow">return</span> <span class="keyword">false</span>; <a name="l00685"></a>00685 <span class="preprocessor">#endif</span> <a name="l00686"></a>00686 <span class="preprocessor"></span>} <a name="l00687"></a>00687 <a name="l00688"></a>00688 </pre></div></div> </div> </div></div> </td> </tr> <tr> <td valign="top" id="leftmenu" width="25%"> <a name="navigation"></a> <div class="menu_box"><h2>kio/kssl</h2> <div class="nav_list"> <ul><li><a href="index.html">Main Page</a></li><li><a href="hierarchy.html">Class Hierarchy</a></li><li><a href="classes.html">Alphabetical List</a></li><li><a href="annotated.html">Class List</a></li><li><a href="files.html">File List</a></li><li><a href="functions.html">Class Members</a></li><li><a href="pages.html">Related Pages</a></li></ul> <!-- <h2>Class Picker</h2> <div style="text-align: center;"> <form name="guideform"> <select name="guidelinks" style="width:100%;" onChange="window.location=document.guideform.guidelinks.options[document.guideform.guidelinks.selectedIndex].value"> <option value="annotated.html">-- Choose --</option> <option value="classKOpenSSLProxy.html">kopensslproxy</option>, <option value="classKSSL.html">kssl</option>, <option value="classKSSLCertBox.html">ksslcertbox</option>, <option value="classKSSLCertChain.html">ksslcertchain</option>, <option value="classKSSLCertDlg.html">ksslcertdlg</option>, <option value="classKSSLCertificate.html">ksslcertificate</option>, <option value="classKSSLConnectionInfo.html">ksslconnectioninfo</option>, <option value="classKSSLInfoDlg.html">ksslinfodlg</option>, <option value="classKSSLKeyGen.html">ksslkeygen</option>, <option value="classKSSLPeerInfo.html">ksslpeerinfo</option>, <option value="classKSSLPKCS12.html">ksslpkcs12</option>, <option value="classKSSLPKCS7.html">ksslpkcs7</option>, <option value="classKSSLSession.html">ksslsession</option>, <option value="classKSSLSettings.html">ksslsettings</option>, <option value="classKSSLSigners.html">ksslsigners</option>, <option value="classKSSLX509Map.html">ksslx509map</option>, <option value="classKSSLX509V3.html">ksslx509v3</option>, </select> </form> </div> --> </div></div> <div class="menu_box"><h2>API Dox</h2> <div class="nav_list"> <ul> <li><a href="../../../arts/html/index.html">arts</a></li><li><a href="../../../dcop/html/index.html">dcop</a></li><li><a href="../../../dnssd/html/index.html">dnssd</a></li><li><a href="../../../interfaces/html/index.html">interfaces</a></li><li> <a href="../../../interfaces/kimproxy/interface/html/index.html">interface</a></li><li> <a href="../../../interfaces/kimproxy/library/html/index.html">library</a></li><li> <a href="../../../interfaces/kspeech/html/index.html">kspeech</a></li><li> <a href="../../../interfaces/ktexteditor/html/index.html">ktexteditor</a></li><li><a href="../../../kabc/html/index.html">kabc</a></li><li><a href="../../../kate/html/index.html">kate</a></li><li><a href="../../../kcmshell/html/index.html">kcmshell</a></li><li><a href="../../../kdecore/html/index.html">kdecore</a></li><li><a href="../../../kded/html/index.html">kded</a></li><li><a href="../../../kdefx/html/index.html">kdefx</a></li><li><a href="../../../kdeprint/html/index.html">kdeprint</a></li><li><a href="../../../kdesu/html/index.html">kdesu</a></li><li><a href="../../../kdeui/html/index.html">kdeui</a></li><li><a href="../../../kdoctools/html/index.html">kdoctools</a></li><li><a href="../../../khtml/html/index.html">khtml</a></li><li><a href="../../../kimgio/html/index.html">kimgio</a></li><li><a href="../../../kinit/html/index.html">kinit</a></li><li><a href="../../../kio/html/index.html">kio</a></li><li> <a href="../../../kio/bookmarks/html/index.html">bookmarks</a></li><li> <a href="../../../kio/httpfilter/html/index.html">httpfilter</a></li><li> <a href="../../../kio/kfile/html/index.html">kfile</a></li><li> <a href="../../../kio/kio/html/index.html">kio</a></li><li> <a href="../../../kio/kioexec/html/index.html">kioexec</a></li><li> <a href="../../../kio/kpasswdserver/html/index.html">kpasswdserver</a></li><li> <a href="../../../kio/kssl/html/index.html">kssl</a></li><li><a href="../../../kioslave/html/index.html">kioslave</a></li><li> <a href="../../../kioslave/http/html/index.html">http</a></li><li><a href="../../../kjs/html/index.html">kjs</a></li><li><a href="../../../kmdi/html/index.html">kmdi</a></li><li> <a href="../../../kmdi/kmdi/html/index.html">kmdi</a></li><li><a href="../../../knewstuff/html/index.html">knewstuff</a></li><li><a href="../../../kparts/html/index.html">kparts</a></li><li><a href="../../../kresources/html/index.html">kresources</a></li><li><a href="../../../kspell2/html/index.html">kspell2</a></li><li><a href="../../../kunittest/html/index.html">kunittest</a></li><li><a href="../../../kutils/html/index.html">kutils</a></li><li><a href="../../../kwallet/html/index.html">kwallet</a></li><li><a href="../../../libkmid/html/index.html">libkmid</a></li><li><a href="../../../libkscreensaver/html/index.html">libkscreensaver</a></li> </ul></div></div> </td> </tr> </table> <span class="doNotDisplay"> <a href="http://www.kde.org/" accesskey="8">KDE Home</a> | <a href="http://accessibility.kde.org/" accesskey="9">KDE Accessibility Home</a> | <a href="http://www.kde.org/media/accesskeys.php" accesskey="0">Description of Access Keys</a> </span> <div style="height: 8px"></div> <div id="footer"> <div id="footer_left"> Maintained by <a href="mailto:groot@kde.org">Adriaan de Groot</a> and <a href="mailto:winter@kde.org">Allen Winter</a>. <br/> KDE and K Desktop Environment are trademarks of <a href="http://www.kde.org/areas/kde-ev/" title="Homepage of the KDE non-profit Organization">KDE e.V.</a> | <a href="http://www.kde.org/contact/impressum.php">Legal</a> </div> <div id="footer_right"><img src="/media/images/footer_right.png" style="margin: 0px" alt="" /></div> </div> <!-- WARNING: DO NOT SEND MAIL TO THE FOLLOWING EMAIL ADDRESS! YOU WILL BE BLOCKED INSTANTLY AND PERMANENTLY! <a href="mailto:aaaatrap-425acc3b5374943f@kde.org">Block me</a> WARNING END --> </body> </html>