bool ImapPrivate::connectToHost (const QString& host, quint16 port, bool useSsl)
{
#ifndef QT_NO_OPENSSL
if (useSsl)
socket = new QSslSocket;
else
socket = new QTcpSocket;
#else
Q_UNUSED(useSsl)
socket = new QTcpSocket;
#endif
#ifndef QT_NO_OPENSSL
if (useSsl) {
QSslSocket *sslSocket = static_cast<QSslSocket *>(socket);
sslSocket->connectToHostEncrypted(host, port);
return(sslSocket->waitForEncrypted());
} else {
socket->connectToHost(host, port);
return(socket->waitForConnected());
}
#else
socket->connectToHost(host, port);
return(socket->waitForConnected());
#endif
}
void ConnectDialog::connectToServer(void)
{
delete m_client;
m_client = 0;
m_ui->m_labelStatus->setText("Verbindungsaufbau ...");
/* SelfSignedCertificate akzeptieren */
QList<QSslError> expectedSslErrors;
QSslCertificate cert = QSslCertificate::fromPath("cacert.pem").value(0);
expectedSslErrors.append(QSslError(QSslError::SelfSignedCertificate, cert));
/* Neue Verbindung aufbauen */
QSslSocket* socket = new QSslSocket;
socket->addCaCertificate(cert);
socket->ignoreSslErrors(expectedSslErrors);
socket->connectToHostEncrypted(m_ui->m_lineAddress->text(), m_ui->m_spinPort->value());
/* Warte bis Verbindung steht */
if (!socket->waitForEncrypted(10000))
{
qDebug() << socket->errorString();
m_ui->m_labelStatus->setText(QString("Fehler: ").append(socket->errorString()));
delete socket;
return;
}
m_ui->m_labelStatus->setText("Verbindung erfolgreich aufgebaut.");
m_client = new Client(socket);
this->disconnect(m_ui->m_buttonClose, SIGNAL(clicked()), this, SLOT(reject()));
this->connect(m_ui->m_buttonClose, SIGNAL(clicked()), this, SLOT(accept()));
}
bool FvUpdater::checkSslFingerPrint(QUrl urltoCheck)
{
if(urltoCheck.scheme()!="https")
{
qWarning()<<tr("SSL fingerprint check: The url %1 is not a ssl connection!").arg(urltoCheck.toString());
return false;
}
QSslSocket *socket = new QSslSocket(this);
socket->connectToHostEncrypted(urltoCheck.host(), 443);
if( !socket->waitForEncrypted(1000)) // waits until ssl emits encrypted(), max 1000msecs
{
qWarning()<<"SSL fingerprint check: Unable to connect SSL server: "<<socket->sslErrors();
return false;
}
QSslCertificate cert = socket->peerCertificate();
if(cert.isNull())
{
qWarning()<<"SSL fingerprint check: Unable to retrieve SSL server certificate.";
return false;
}
// COmpare digests
if(cert.digest().toHex() != m_requiredSslFingerprint)
{
qWarning()<<"SSL fingerprint check: FINGERPRINT MISMATCH! Server digest="<<cert.digest().toHex()<<", requiered ssl digest="<<m_requiredSslFingerprint;
return false;
}
return true;
}
void SslTlsSocket::delayedStart()
{
QSslSocket *sock = qobject_cast<QSslSocket *>(d);
Q_ASSERT(sock);
switch (m_proxySettings) {
case Streams::ProxySettings::RespectSystemProxy:
{
QNetworkProxy setting;
QNetworkProxyQuery query = QNetworkProxyQuery(host, port, m_protocolTag, QNetworkProxyQuery::TcpSocket);
// set to true if a capable setting is found
bool capableSettingFound = false;
// set to true if at least one valid setting is found
bool settingFound = false;
// FIXME: this static function works particularly slow in Windows
QList<QNetworkProxy> proxySettingsList = QNetworkProxyFactory::systemProxyForQuery(query);
/* Proxy Settings are read from the user's environment variables by the above static method.
* A peculiar case is with *nix systems, where an undefined environment variable is returned as
* an empty string. Such entries *might* exist in our proxySettingsList, and shouldn't be processed.
* One good check is to use hostName() of the QNetworkProxy object, and treat the Proxy Setting as invalid if
* the host name is empty. */
Q_FOREACH (setting, proxySettingsList) {
if (!setting.hostName().isEmpty()) {
settingFound = true;
// now check whether setting has capabilities
if (setting.capabilities().testFlag(QNetworkProxy::TunnelingCapability)) {
sock->setProxy(setting);
capableSettingFound = true;
break;
}
}
}
if (!settingFound || proxySettingsList.isEmpty()) {
sock->setProxy(QNetworkProxy::NoProxy);
} else if (!capableSettingFound) {
emit disconnected(tr("The underlying socket is having troubles when processing connection to %1:%2: %3")
.arg(host, QString::number(port), QStringLiteral("Cannot find proxy setting capable of tunneling")));
}
break;
}
case Streams::ProxySettings::DirectConnect:
sock->setProxy(QNetworkProxy::NoProxy);
break;
}
if (startEncrypted)
sock->connectToHostEncrypted(host, port);
else
sock->connectToHost(host, port);
}
int main(int argc, char **argv)
{
QCoreApplication app(argc, argv);
if (argc < 3) {
QTextStream out(stdout);
out << "Usage: " << argv[0] << " host port [options]" << endl;
out << "The options can be one or more of the following:" << endl;
out << "enable_empty_fragments" << endl;
out << "disable_session_tickets" << endl;
out << "disable_compression" << endl;
out << "disable_sni" << endl;
out << "enable_unsafe_reneg" << endl;
return 1;
}
QString host = QString::fromLocal8Bit(argv[1]);
int port = QString::fromLocal8Bit(argv[2]).toInt();
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
for (int i=3; i < argc; i++) {
QString option = QString::fromLocal8Bit(argv[i]);
if (option == QStringLiteral("enable_empty_fragments"))
config.setSslOption(QSsl::SslOptionDisableEmptyFragments, false);
else if (option == QStringLiteral("disable_session_tickets"))
config.setSslOption(QSsl::SslOptionDisableSessionTickets, true);
else if (option == QStringLiteral("disable_compression"))
config.setSslOption(QSsl::SslOptionDisableCompression, true);
else if (option == QStringLiteral("disable_sni"))
config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
else if (option == QStringLiteral("enable_unsafe_reneg"))
config.setSslOption(QSsl::SslOptionDisableLegacyRenegotiation, false);
}
QSslConfiguration::setDefaultConfiguration(config);
QSslSocket socket;
//socket.setSslConfiguration(config);
socket.connectToHostEncrypted(host, port);
if ( !socket.waitForEncrypted() ) {
qDebug() << socket.errorString();
return 1;
}
return 0;
}
/*!
\internal
*/
void QWebSocketPrivate::open(const QUrl &url, bool mask)
{
//just delete the old socket for the moment;
//later, we can add more 'intelligent' handling by looking at the URL
//m_pSocket.reset();
Q_Q(QWebSocket);
if (!url.isValid() || url.toString().contains(QStringLiteral("\r\n"))) {
setErrorString(QWebSocket::tr("Invalid URL."));
Q_EMIT q->error(QAbstractSocket::ConnectionRefusedError);
return;
}
QTcpSocket *pTcpSocket = m_pSocket.take();
if (pTcpSocket) {
releaseConnections(pTcpSocket);
pTcpSocket->deleteLater();
}
//if (m_url != url)
if (Q_LIKELY(!m_pSocket)) {
m_dataProcessor.clear();
m_isClosingHandshakeReceived = false;
m_isClosingHandshakeSent = false;
setRequestUrl(url);
QString resourceName = url.path();
if (resourceName.contains(QStringLiteral("\r\n"))) {
setRequestUrl(QUrl()); //clear requestUrl
setErrorString(QWebSocket::tr("Invalid resource name."));
Q_EMIT q->error(QAbstractSocket::ConnectionRefusedError);
return;
}
if (!url.query().isEmpty()) {
if (!resourceName.endsWith(QChar::fromLatin1('?'))) {
resourceName.append(QChar::fromLatin1('?'));
}
resourceName.append(url.query());
}
if (resourceName.isEmpty())
resourceName = QStringLiteral("/");
setResourceName(resourceName);
enableMasking(mask);
#ifndef QT_NO_SSL
if (url.scheme() == QStringLiteral("wss")) {
if (!QSslSocket::supportsSsl()) {
const QString message =
QWebSocket::tr("SSL Sockets are not supported on this platform.");
setErrorString(message);
Q_EMIT q->error(QAbstractSocket::UnsupportedSocketOperationError);
} else {
QSslSocket *sslSocket = new QSslSocket;
m_pSocket.reset(sslSocket);
if (Q_LIKELY(m_pSocket)) {
m_pSocket->setSocketOption(QAbstractSocket::LowDelayOption, 1);
m_pSocket->setSocketOption(QAbstractSocket::KeepAliveOption, 1);
m_pSocket->setReadBufferSize(m_readBufferSize);
m_pSocket->setPauseMode(m_pauseMode);
makeConnections(m_pSocket.data());
QObject::connect(sslSocket, &QSslSocket::encryptedBytesWritten, q,
&QWebSocket::bytesWritten);
typedef void (QSslSocket:: *sslErrorSignalType)(const QList<QSslError> &);
QObject::connect(sslSocket,
static_cast<sslErrorSignalType>(&QSslSocket::sslErrors),
q, &QWebSocket::sslErrors);
setSocketState(QAbstractSocket::ConnectingState);
sslSocket->setSslConfiguration(m_configuration.m_sslConfiguration);
if (Q_UNLIKELY(m_configuration.m_ignoreSslErrors))
sslSocket->ignoreSslErrors();
else
sslSocket->ignoreSslErrors(m_configuration.m_ignoredSslErrors);
#ifndef QT_NO_NETWORKPROXY
sslSocket->setProxy(m_configuration.m_proxy);
#endif
sslSocket->connectToHostEncrypted(url.host(), url.port(443));
} else {
const QString message = QWebSocket::tr("Out of memory.");
setErrorString(message);
Q_EMIT q->error(QAbstractSocket::SocketResourceError);
}
}
} else
#endif
if (url.scheme() == QStringLiteral("ws")) {
m_pSocket.reset(new QTcpSocket);
if (Q_LIKELY(m_pSocket)) {
m_pSocket->setSocketOption(QAbstractSocket::LowDelayOption, 1);
m_pSocket->setSocketOption(QAbstractSocket::KeepAliveOption, 1);
m_pSocket->setReadBufferSize(m_readBufferSize);
m_pSocket->setPauseMode(m_pauseMode);
makeConnections(m_pSocket.data());
QObject::connect(m_pSocket.data(), &QAbstractSocket::bytesWritten, q,
&QWebSocket::bytesWritten);
setSocketState(QAbstractSocket::ConnectingState);
#ifndef QT_NO_NETWORKPROXY
m_pSocket->setProxy(m_configuration.m_proxy);
#endif
m_pSocket->connectToHost(url.host(), url.port(80));
} else {
const QString message = QWebSocket::tr("Out of memory.");
setErrorString(message);
Q_EMIT q->error(QAbstractSocket::SocketResourceError);
}
} else {
const QString message =
QWebSocket::tr("Unsupported WebSocket scheme: %1").arg(url.scheme());
setErrorString(message);
Q_EMIT q->error(QAbstractSocket::UnsupportedSocketOperationError);
}
}
}
bool QHttpNetworkConnectionChannel::ensureConnection()
{
QAbstractSocket::SocketState socketState = socket->state();
// resend this request after we receive the disconnected signal
if (socketState == QAbstractSocket::ClosingState) {
if (reply)
resendCurrent = true;
return false;
}
// already trying to connect?
if (socketState == QAbstractSocket::HostLookupState ||
socketState == QAbstractSocket::ConnectingState) {
return false;
}
// make sure that this socket is in a connected state, if not initiate
// connection to the host.
if (socketState != QAbstractSocket::ConnectedState) {
// connect to the host if not already connected.
state = QHttpNetworkConnectionChannel::ConnectingState;
pendingEncrypt = ssl;
// reset state
pipeliningSupported = PipeliningSupportUnknown;
authenticationCredentialsSent = false;
proxyCredentialsSent = false;
authenticator.detach();
QAuthenticatorPrivate *priv = QAuthenticatorPrivate::getPrivate(authenticator);
priv->hasFailed = false;
proxyAuthenticator.detach();
priv = QAuthenticatorPrivate::getPrivate(proxyAuthenticator);
priv->hasFailed = false;
// This workaround is needed since we use QAuthenticator for NTLM authentication. The "phase == Done"
// is the usual criteria for emitting authentication signals. The "phase" is set to "Done" when the
// last header for Authorization is generated by the QAuthenticator. Basic & Digest logic does not
// check the "phase" for generating the Authorization header. NTLM authentication is a two stage
// process & needs the "phase". To make sure the QAuthenticator uses the current username/password
// the phase is reset to Start.
priv = QAuthenticatorPrivate::getPrivate(authenticator);
if (priv && priv->phase == QAuthenticatorPrivate::Done)
priv->phase = QAuthenticatorPrivate::Start;
priv = QAuthenticatorPrivate::getPrivate(proxyAuthenticator);
if (priv && priv->phase == QAuthenticatorPrivate::Done)
priv->phase = QAuthenticatorPrivate::Start;
QString connectHost = connection->d_func()->hostName;
qint16 connectPort = connection->d_func()->port;
#ifndef QT_NO_NETWORKPROXY
// HTTPS always use transparent proxy.
if (connection->d_func()->networkProxy.type() != QNetworkProxy::NoProxy && !ssl) {
connectHost = connection->d_func()->networkProxy.hostName();
connectPort = connection->d_func()->networkProxy.port();
}
if (socket->proxy().type() == QNetworkProxy::HttpProxy) {
// Make user-agent field available to HTTP proxy socket engine (QTBUG-17223)
QByteArray value;
// ensureConnection is called before any request has been assigned, but can also be called again if reconnecting
if (request.url().isEmpty())
value = connection->d_func()->predictNextRequest().headerField("user-agent");
else
value = request.headerField("user-agent");
if (!value.isEmpty()) {
QNetworkProxy proxy(socket->proxy());
proxy.setRawHeader("User-Agent", value); //detaches
socket->setProxy(proxy);
}
}
#endif
if (ssl) {
#ifndef QT_NO_OPENSSL
QSslSocket *sslSocket = qobject_cast<QSslSocket*>(socket);
sslSocket->connectToHostEncrypted(connectHost, connectPort, QIODevice::ReadWrite, networkLayerPreference);
if (ignoreAllSslErrors)
sslSocket->ignoreSslErrors();
sslSocket->ignoreSslErrors(ignoreSslErrorsList);
// limit the socket read buffer size. we will read everything into
// the QHttpNetworkReply anyway, so let's grow only that and not
// here and there.
socket->setReadBufferSize(64*1024);
#else
connection->d_func()->emitReplyError(socket, reply, QNetworkReply::ProtocolUnknownError);
#endif
} else {
// In case of no proxy we can use the Unbuffered QTcpSocket
#ifndef QT_NO_NETWORKPROXY
if (connection->d_func()->networkProxy.type() == QNetworkProxy::NoProxy
&& connection->cacheProxy().type() == QNetworkProxy::NoProxy
&& connection->transparentProxy().type() == QNetworkProxy::NoProxy) {
#endif
socket->connectToHost(connectHost, connectPort, QIODevice::ReadWrite | QIODevice::Unbuffered, networkLayerPreference);
// For an Unbuffered QTcpSocket, the read buffer size has a special meaning.
socket->setReadBufferSize(1*1024);
#ifndef QT_NO_NETWORKPROXY
} else {
socket->connectToHost(connectHost, connectPort, QIODevice::ReadWrite, networkLayerPreference);
// limit the socket read buffer size. we will read everything into
// the QHttpNetworkReply anyway, so let's grow only that and not
// here and there.
socket->setReadBufferSize(64*1024);
}
#endif
}
return false;
}
return true;
}
bool QHttpNetworkConnectionChannel::ensureConnection()
{
QAbstractSocket::SocketState socketState = socket->state();
// resend this request after we receive the disconnected signal
if (socketState == QAbstractSocket::ClosingState) {
resendCurrent = true;
return false;
}
// already trying to connect?
if (socketState == QAbstractSocket::HostLookupState ||
socketState == QAbstractSocket::ConnectingState) {
return false;
}
// make sure that this socket is in a connected state, if not initiate
// connection to the host.
if (socketState != QAbstractSocket::ConnectedState) {
// connect to the host if not already connected.
state = QHttpNetworkConnectionChannel::ConnectingState;
pendingEncrypt = connection->d_func()->encrypt;
// reset state
pipeliningSupported = PipeliningSupportUnknown;
// This workaround is needed since we use QAuthenticator for NTLM authentication. The "phase == Done"
// is the usual criteria for emitting authentication signals. The "phase" is set to "Done" when the
// last header for Authorization is generated by the QAuthenticator. Basic & Digest logic does not
// check the "phase" for generating the Authorization header. NTLM authentication is a two stage
// process & needs the "phase". To make sure the QAuthenticator uses the current username/password
// the phase is reset to Start.
QAuthenticatorPrivate *priv = QAuthenticatorPrivate::getPrivate(authenticator);
if (priv && priv->phase == QAuthenticatorPrivate::Done)
priv->phase = QAuthenticatorPrivate::Start;
priv = QAuthenticatorPrivate::getPrivate(proxyAuthenticator);
if (priv && priv->phase == QAuthenticatorPrivate::Done)
priv->phase = QAuthenticatorPrivate::Start;
QString connectHost = connection->d_func()->hostName;
qint16 connectPort = connection->d_func()->port;
#ifndef QT_NO_NETWORKPROXY
// HTTPS always use transparent proxy.
if (connection->d_func()->networkProxy.type() != QNetworkProxy::NoProxy && !connection->d_func()->encrypt) {
connectHost = connection->d_func()->networkProxy.hostName();
connectPort = connection->d_func()->networkProxy.port();
}
#endif
if (connection->d_func()->encrypt) {
#ifndef QT_NO_OPENSSL
QSslSocket *sslSocket = qobject_cast<QSslSocket*>(socket);
sslSocket->connectToHostEncrypted(connectHost, connectPort);
if (ignoreAllSslErrors)
sslSocket->ignoreSslErrors();
sslSocket->ignoreSslErrors(ignoreSslErrorsList);
#else
connection->d_func()->emitReplyError(socket, reply, QNetworkReply::ProtocolUnknownError);
#endif
} else {
socket->connectToHost(connectHost, connectPort);
}
return false;
}
return true;
}
void QwwSmtpClientPrivate::processNextCommand(bool ok) {
if (inProgress && !commandqueue.isEmpty()) {
emit q->commandFinished(commandqueue.head().id, !ok);
commandqueue.dequeue();
}
if (commandqueue.isEmpty()) {
inProgress = false;
emit q->done(false);
return;
}
const SMTPCommand &cmd = commandqueue.head();
switch (cmd.type) {
case SMTPCommand::Connect: {
QString hostName = cmd.data.toList().at(0).toString();
uint port = cmd.data.toList().at(1).toUInt();
bool ssl = cmd.data.toList().at(2).toBool();
if(ssl){
qDebug() << "SMTP ** connectToHostEncrypted";
socket->connectToHostEncrypted(hostName, port);
} else {
qDebug() << "SMTP ** connectToHost";
socket->connectToHost(hostName, port);
}
setState(QwwSmtpClient::Connecting);
}
break;
case SMTPCommand::Disconnect: {
sendQuit();
}
break;
case SMTPCommand::StartTLS: {
qDebug() << "SMTP >>> STARTTLS";
socket->write("STARTTLS\r\n");
setState(QwwSmtpClient::TLSRequested);
}
break;
case SMTPCommand::Authenticate: {
QwwSmtpClient::AuthMode authmode = (QwwSmtpClient::AuthMode)cmd.data.toList().at(0).toInt();
switch (authmode) {
case QwwSmtpClient::AuthPlain:
qDebug() << "SMTP >>> AUTH PLAIN";
socket->write("AUTH PLAIN\r\n");
setState(QwwSmtpClient::Authenticating);
break;
case QwwSmtpClient::AuthLogin:
qDebug() << "SMTP >>> AUTH LOGIN";
socket->write("AUTH LOGIN\r\n");
setState(QwwSmtpClient::Authenticating);
break;
default:
qWarning("Unsupported or unknown authentication scheme");
//processNextCommand(false);
}
}
break;
case SMTPCommand::Mail:
case SMTPCommand::MailBurl:
{
setState(QwwSmtpClient::Sending);
QByteArray buf = QByteArray("MAIL FROM:<").append(cmd.data.toList().at(0).toByteArray()).append(">\r\n");
qDebug() << "SMTP >>>" << buf;
socket->write(buf);
break;
}
case SMTPCommand::RawCommand: {
QString cont = cmd.data.toString();
if(!cont.endsWith("\r\n")) cont.append("\r\n");
setState(QwwSmtpClient::Sending);
qDebug() << "SMTP >>>" << cont;
socket->write(cont.toUtf8());
} break;
}
inProgress = true;
emit q->commandStarted(cmd.id);
}
bool SenderPrivate::connectToHost()
{
Q_Q(Sender);
QSslSocket *sslSock = nullptr;
switch (connectionType) {
case Sender::TlsConnection:
case Sender::TcpConnection:
qCDebug(SIMPLEMAIL_SENDER) << "Connecting to host" << host << port;
socket->connectToHost(host, port);
break;
case Sender::SslConnection:
{
sslSock = qobject_cast<QSslSocket*>(socket);
if (sslSock) {
qCDebug(SIMPLEMAIL_SENDER) << "Connecting to host encrypted" << host << port;
sslSock->connectToHostEncrypted(host, port);
} else {
return false;
}
}
break;
}
// Tries to connect to server
if (!socket->waitForConnected(connectionTimeout)) {
lastError = socket->errorString();
qCDebug(SIMPLEMAIL_SENDER) << "Connection failed" << socket->errorString();
Q_EMIT q->smtpError(Sender::ConnectionTimeoutError);
return false;
}
// If the response code is not 220 (Service ready)
// means that is something wrong with the server
if (!waitForResponse(220)) {
Q_EMIT q->smtpError(Sender::ServerError);
return false;
}
qCDebug(SIMPLEMAIL_SENDER) << "Sending EHLO" << name;
// Send a EHLO/HELO message to the server
// The client's first command must be EHLO/HELO
sendMessage("EHLO " + name.toLatin1());
// The response code needs to be 250.
if (!waitForResponse(250)) {
Q_EMIT q->smtpError(Sender::ServerError);
return false;
}
qCDebug(SIMPLEMAIL_SENDER) << "Sent hello";
if (connectionType == Sender::TlsConnection) {
qCDebug(SIMPLEMAIL_SENDER) << "Sending STARTTLS";
// send a request to start TLS handshake
sendMessage(QByteArrayLiteral("STARTTLS"));
// The response code needs to be 220.
if (!waitForResponse(220)) {
Q_EMIT q->smtpError(Sender::ServerError);
return false;
};
if (sslSock) {
qCDebug(SIMPLEMAIL_SENDER) << "Starting client encryption";
sslSock->startClientEncryption();
if (!sslSock->waitForEncrypted(connectionTimeout)) {
qCDebug(SIMPLEMAIL_SENDER) << "Failed to encrypt connection" << sslSock->errorString();
Q_EMIT q->smtpError(Sender::ConnectionTimeoutError);
return false;
}
}
qCDebug(SIMPLEMAIL_SENDER) << "Sending second EHLO" << name;
// Send ELHO one more time
sendMessage(QByteArrayLiteral("EHLO ") + name.toLatin1());
// The response code needs to be 250.
if (!waitForResponse(250)) {
Q_EMIT q->smtpError(Sender::ServerError);
return false;
}
}
state = SenderPrivate::Connected;
// If no errors occured the function returns true.
return true;
}
bool ssh::dossh()
{
#ifdef USE_QSSH
{
if(m_connection && m_connection->state() != QSsh::SshConnection::Unconnected)
{
helpers::log("ssh: already connecting...", LOG_INF, qApp, 0);
return true;
}
m_connection = new QSsh::SshConnection(params, this);
connect(m_connection, SIGNAL(connected()), SLOT(onQsshConnected()));
connect(m_connection, SIGNAL(error(QSsh::SshError)), SLOT(onQsshConnectionError(QSsh::SshError)));
helpers::log("ssh: connecting START...", LOG_INF, qApp, 0);
m_connection->connectToHost();
return false;
}
#else
helpers::log("ssh: START: " + QString::number(QSslSocket::supportsSsl()), QSslSocket::supportsSsl() ? LOG_INF : LOG_ERR, qApp, 0);
//http://stackoverflow.com/questions/15213139/simple-qssl-client-server-cannot-start-handshake-on-non-plain-connection
QSslSocket *socket = new QSslSocket(this);
socket->ignoreSslErrors();
socket->setPeerVerifyMode(QSslSocket::VerifyNone);
socket->setProtocol(QSsl::SslV3);
connect(socket, SIGNAL(encrypted()), this, SLOT(ready()));
connect(socket, SIGNAL(encryptedBytesWritten(qint64)), this, SLOT(encryptedBytesWritten(qint64)));
connect(socket, SIGNAL(modeChanged(QSslSocket::SslMode)), this, SLOT(modeChanged(QSslSocket::SslMode)));
connect(socket, SIGNAL(peerVerifyError(const QSslError &)), this, SLOT(peerVerifyError(const QSslError &)));
connect(socket, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(sslErrors(const QList<QSslError> &)));
connect(socket, SIGNAL(connected()), this, SLOT(connected()));
connect(socket, SIGNAL(disconnected()), this, SLOT(disconnected()));
connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(error(QAbstractSocket::SocketError)));
connect(socket, SIGNAL(hostFound()), this, SLOT(hostFound()));
connect(socket, SIGNAL(proxyAuthenticationRequired(const QNetworkProxy &, QAuthenticator *)), this, SLOT(proxyAuthenticationRequired(const QNetworkProxy &, QAuthenticator *)));
connect(socket, SIGNAL(stateChanged(QAbstractSocket::SocketState)), this, SLOT(stateChanged(QAbstractSocket::SocketState)));
connect(socket, SIGNAL(readyRead()), this, SLOT(readyRead()));
{
{
QFile file( "c:/Users/gherczeg/.ssh/id_boot2docker" );
if( ! file.open( QIODevice::ReadOnly ) )
{
QMessageBox::question(0, "Erreur", "Impossible de charger id_boot2docker");
return;
}
QSslKey key(&file);
file.close();
helpers::log("ssh:keyok: "+QString::number(!key.isNull()), !key.isNull() ? LOG_INF : LOG_ERR, qApp, 0);
socket->setPrivateKey( key );
}
foreach (const QSslCertificate &cert, QSslCertificate::fromPath("c:/Users/gherczeg/.boot2docker/certs/boot2docker-vm/*.pem", QSsl::Pem, QRegExp::Wildcard))
{
helpers::log("ssh:certok1: "+QString::number(!cert.isNull()), !cert.isNull() ? LOG_INF : LOG_ERR, qApp, 0);
socket->setLocalCertificate( cert );
socket->sslConfiguration().caCertificates().append(cert);
socket->addCaCertificate( cert );
socket->addDefaultCaCertificate(cert);
}
}
socket->connectToHostEncrypted("127.0.0.1", 2022);
//socket->connectToHost("127.0.0.1", 2022);
bool bok = socket->waitForEncrypted(100000);
//bool bok = socket->waitForConnected(100000);
if(!bok)
{
helpers::log("ssh:!waited:"+QString::number(bok),LOG_ERR, qApp, 0);
return;
}
helpers::log("ssh:waited4ecnrypt/connect:"+QString::number(bok),LOG_INF, qApp, 0);
socket->startClientEncryption();
bool wait4Read1 = socket->waitForReadyRead(100000);
helpers::log("ssh:wait4Read1:"+QString::number(wait4Read1),wait4Read1 ? LOG_INF : LOG_ERR, qApp, 0);
QString s = "docker: do!";
qint64 written = socket->write(s.toStdString().c_str());
helpers::log("ssh:written:"+QString::number(written),written > 0 ? LOG_INF : LOG_ERR, qApp, 0);
bool flushed = socket->flush();
helpers::log("ssh:flush:"+QString::number(flushed),flushed ? LOG_INF : LOG_ERR, qApp, 0);
bool wait4Write = socket->waitForBytesWritten(100000);
helpers::log("ssh:wait4Write:"+QString::number(wait4Write),wait4Write ? LOG_INF : LOG_ERR, qApp, 0);
bool wait4Read2 = socket->waitForReadyRead(100000);
helpers::log("ssh:wait4Read2:"+QString::number(wait4Read2),wait4Read2 ? LOG_INF : LOG_ERR, qApp, 0);
socket->disconnectFromHost();
#endif
}