void ConnectDialog::connectToServer(void) { delete m_client; m_client = 0; m_ui->m_labelStatus->setText("Verbindungsaufbau ..."); /* SelfSignedCertificate akzeptieren */ QList<QSslError> expectedSslErrors; QSslCertificate cert = QSslCertificate::fromPath("cacert.pem").value(0); expectedSslErrors.append(QSslError(QSslError::SelfSignedCertificate, cert)); /* Neue Verbindung aufbauen */ QSslSocket* socket = new QSslSocket; socket->addCaCertificate(cert); socket->ignoreSslErrors(expectedSslErrors); socket->connectToHostEncrypted(m_ui->m_lineAddress->text(), m_ui->m_spinPort->value()); /* Warte bis Verbindung steht */ if (!socket->waitForEncrypted(10000)) { qDebug() << socket->errorString(); m_ui->m_labelStatus->setText(QString("Fehler: ").append(socket->errorString())); delete socket; return; } m_ui->m_labelStatus->setText("Verbindung erfolgreich aufgebaut."); m_client = new Client(socket); this->disconnect(m_ui->m_buttonClose, SIGNAL(clicked()), this, SLOT(reject())); this->connect(m_ui->m_buttonClose, SIGNAL(clicked()), this, SLOT(accept())); }
void SshServer::slot_newIncommingConnection( int socketDescriptor ) { QSslSocket* sslSocket = new QSslSocket(); // before the handshake, we need to adjust some security parameters for SSL QSsl::SslProtocol sslProtocol; if( "SSL-v3" == _sshServerSettings._version ) sslProtocol = QSsl::SslV3; else if( "TLS-v1" == _sshServerSettings._version ) sslProtocol = QSsl::TlsV1; else { logError( this, "no valid SSL version to use" ); delete sslSocket; return; } QSsl::EncodingFormat ecodingFormat = ("PER"==_sshServerSettings._format) ? QSsl::Pem : QSsl::Der; QSsl::KeyAlgorithm algorithm = ("RSA"==_sshServerSettings._cipher) ? QSsl::Rsa : QSsl::Dsa; QByteArray password; // setting the SSL version to use sslSocket->setProtocol( sslProtocol ); // ensure that the peer's certificate will be verified sslSocket->setPeerVerifyMode( QSslSocket::VerifyPeer ); // ensure that the peer's cerficiate and its issuer's certificate will be verified sslSocket->setPeerVerifyDepth( 2 ); // setting server's certificate sslSocket->setLocalCertificate( _sshServerSettings._certificate, ecodingFormat ); // setting server's private key sslSocket->setPrivateKey( _sshServerSettings._privateKey, algorithm, ecodingFormat, password ); // setting the CA ceritificate QList<QSslCertificate> caCertificates = QSslCertificate::fromPath( _sshServerSettings._certificate, ecodingFormat ); sslSocket->setDefaultCaCertificates( caCertificates ); // setup some traps for the socket events connect( sslSocket, SIGNAL(disconnected()), sslSocket, SLOT(deleteLater()) ); connect( sslSocket, SIGNAL(encrypted()), SLOT(slot_SuccessfulConnected()) ); connect( sslSocket, SIGNAL(sslErrors(const QList<QSslError>&)), this, SLOT(slot_UnSuccessfulConnected(const QList<QSslError>&)) ); connect( sslSocket, SIGNAL(readyRead()), this, SLOT(slot_IncommingData()) ); // start the handshake bool result = sslSocket->setSocketDescriptor( socketDescriptor ); if( false == result ) { logError( this, QString("failed to set socket descriptor: %1").arg(sslSocket->errorString()) ); delete sslSocket; return; } sslSocket->startServerEncryption(); }
void Server::connectionFailure() { QSslSocket *socket = dynamic_cast<QSslSocket *>(sender()); assert(socket); std::cout << "connection error " << socket->errorString().toStdString() << std::endl; sockets.removeOne(socket); socket->disconnect(); socket->deleteLater(); }
int main(int argc, char **argv) { QCoreApplication app(argc, argv); if (argc < 3) { QTextStream out(stdout); out << "Usage: " << argv[0] << " host port [options]" << endl; out << "The options can be one or more of the following:" << endl; out << "enable_empty_fragments" << endl; out << "disable_session_tickets" << endl; out << "disable_compression" << endl; out << "disable_sni" << endl; out << "enable_unsafe_reneg" << endl; return 1; } QString host = QString::fromLocal8Bit(argv[1]); int port = QString::fromLocal8Bit(argv[2]).toInt(); QSslConfiguration config = QSslConfiguration::defaultConfiguration(); for (int i=3; i < argc; i++) { QString option = QString::fromLocal8Bit(argv[i]); if (option == QStringLiteral("enable_empty_fragments")) config.setSslOption(QSsl::SslOptionDisableEmptyFragments, false); else if (option == QStringLiteral("disable_session_tickets")) config.setSslOption(QSsl::SslOptionDisableSessionTickets, true); else if (option == QStringLiteral("disable_compression")) config.setSslOption(QSsl::SslOptionDisableCompression, true); else if (option == QStringLiteral("disable_sni")) config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true); else if (option == QStringLiteral("enable_unsafe_reneg")) config.setSslOption(QSsl::SslOptionDisableLegacyRenegotiation, false); } QSslConfiguration::setDefaultConfiguration(config); QSslSocket socket; //socket.setSslConfiguration(config); socket.connectToHostEncrypted(host, port); if ( !socket.waitForEncrypted() ) { qDebug() << socket.errorString(); return 1; } return 0; }
void QwwSmtpClientPrivate::onError(QAbstractSocket::SocketError e) { emit q->socketError(e, socket->errorString()); onDisconnected(); }
void LanLinkProvider::connectError() { QSslSocket* socket = qobject_cast<QSslSocket*>(sender()); if (!socket) return; disconnect(socket, SIGNAL(connected()), this, SLOT(connected())); disconnect(socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(connectError())); qCDebug(KDECONNECT_CORE) << "Fallback (1), try reverse connection (send udp packet)" << socket->errorString(); NetworkPackage np(""); NetworkPackage::createIdentityPackage(&np); np.set("tcpPort", mTcpPort); mUdpSocket.writeDatagram(np.serialize(), receivedIdentityPackages[socket].sender, port); //The socket we created didn't work, and we didn't manage //to create a LanDeviceLink from it, deleting everything. delete receivedIdentityPackages.take(socket).np; delete socket; }
bool SenderPrivate::connectToHost() { Q_Q(Sender); QSslSocket *sslSock = nullptr; switch (connectionType) { case Sender::TlsConnection: case Sender::TcpConnection: qCDebug(SIMPLEMAIL_SENDER) << "Connecting to host" << host << port; socket->connectToHost(host, port); break; case Sender::SslConnection: { sslSock = qobject_cast<QSslSocket*>(socket); if (sslSock) { qCDebug(SIMPLEMAIL_SENDER) << "Connecting to host encrypted" << host << port; sslSock->connectToHostEncrypted(host, port); } else { return false; } } break; } // Tries to connect to server if (!socket->waitForConnected(connectionTimeout)) { lastError = socket->errorString(); qCDebug(SIMPLEMAIL_SENDER) << "Connection failed" << socket->errorString(); Q_EMIT q->smtpError(Sender::ConnectionTimeoutError); return false; } // If the response code is not 220 (Service ready) // means that is something wrong with the server if (!waitForResponse(220)) { Q_EMIT q->smtpError(Sender::ServerError); return false; } qCDebug(SIMPLEMAIL_SENDER) << "Sending EHLO" << name; // Send a EHLO/HELO message to the server // The client's first command must be EHLO/HELO sendMessage("EHLO " + name.toLatin1()); // The response code needs to be 250. if (!waitForResponse(250)) { Q_EMIT q->smtpError(Sender::ServerError); return false; } qCDebug(SIMPLEMAIL_SENDER) << "Sent hello"; if (connectionType == Sender::TlsConnection) { qCDebug(SIMPLEMAIL_SENDER) << "Sending STARTTLS"; // send a request to start TLS handshake sendMessage(QByteArrayLiteral("STARTTLS")); // The response code needs to be 220. if (!waitForResponse(220)) { Q_EMIT q->smtpError(Sender::ServerError); return false; }; if (sslSock) { qCDebug(SIMPLEMAIL_SENDER) << "Starting client encryption"; sslSock->startClientEncryption(); if (!sslSock->waitForEncrypted(connectionTimeout)) { qCDebug(SIMPLEMAIL_SENDER) << "Failed to encrypt connection" << sslSock->errorString(); Q_EMIT q->smtpError(Sender::ConnectionTimeoutError); return false; } } qCDebug(SIMPLEMAIL_SENDER) << "Sending second EHLO" << name; // Send ELHO one more time sendMessage(QByteArrayLiteral("EHLO ") + name.toLatin1()); // The response code needs to be 250. if (!waitForResponse(250)) { Q_EMIT q->smtpError(Sender::ServerError); return false; } } state = SenderPrivate::Connected; // If no errors occured the function returns true. return true; }