From c0c86b6cab64186e97285e1b5b1ef13062926d87 Mon Sep 17 00:00:00 2001 From: Alex Date: Thu, 3 Nov 2011 03:03:34 +0200 Subject: Initial SslClient implementation --- client/SslClient.cpp | 148 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 148 insertions(+) create mode 100644 client/SslClient.cpp (limited to 'client/SslClient.cpp') diff --git a/client/SslClient.cpp b/client/SslClient.cpp new file mode 100644 index 0000000..25a3839 --- /dev/null +++ b/client/SslClient.cpp @@ -0,0 +1,148 @@ + +#include +#include +#include "client.h" +#include "SslClient.h" + +SslClient::SslClient(): port(13666) +{ + SslClient("127.0.0.1"); +} + +SslClient::SslClient(char* addr): port(13666) +{ + server = addr; + + /* read certificates */ + QFile ca_cert_file(":/ca.crt"); + ca_cert_file.open(QIODevice::ReadOnly); + QByteArray ca_cert_arr = ca_cert_file.readAll(); + ca_cert_file.close(); + QSslCertificate ca_cert(ca_cert_arr); + QList ca_certs; + ca_certs.push_back(ca_cert); + + QFile key_file(":/client.key"); + key_file.open(QIODevice::ReadOnly); + QByteArray key_arr = key_file.readAll(); + key_file.close(); + QSslKey key(key_arr, QSsl::Rsa); + + QFile cert_file(":/client.crt"); + cert_file.open(QIODevice::ReadOnly); + QByteArray cert_arr = cert_file.readAll(); + cert_file.close(); + QSslCertificate cert(cert_arr); + + /* create ssl socket */ + sslSocket = new QSslSocket; + sslSocket->setLocalCertificate(cert); + sslSocket->setPrivateKey(key); + sslSocket->setCaCertificates(ca_certs); + sslSocket->setPeerVerifyMode(QSslSocket::VerifyPeer); + sslSocket->setProtocol(QSsl::SslV3); + + /* setup signal handlers */ + connect(sslSocket, SIGNAL(encrypted()), + this, SLOT(Connected())); + connect(sslSocket, SIGNAL(disconnected()), + this, SLOT(Disconnected())); + connect(sslSocket, SIGNAL(readyRead()), + this, SLOT(DataRecieved())); + connect(sslSocket, SIGNAL(error(QAbstractSocket::SocketError)), + this, SLOT(Error(QAbstractSocket::SocketError))); + connect(sslSocket, SIGNAL(peerVerifyError(const QSslError &)), + this, SLOT(PeerVerifyError(const QsslError))); + connect(sslSocket, SIGNAL(sslErrors(const QList &)), + this, SLOT(SslErrors(const QList &))); +} + +void SslClient::SetServerAddr(char* addr) +{ + server = addr; +} + +void SslClient::SendRequest(RequestType type) +{ + if (sslSocket->state() == QAbstractSocket::ConnectedState) + sslSocket->connectToHostEncrypted(server, port); + + unsigned char rcode = 0x00; + switch (type) + { + case Config: + rcode = 0x01; + break; + case GenericProxyList: + rcode = 0x02; + break; + case StaticProxyList: + rcode = 0x03; + break; + case FirewallList: + rcode = 0x04; + break; + default: + Logger::Error("Invalid server request type"); + break; + } + + char data[5] = {0x13, 0x13, rcode, 0x14, 0x14}; + QByteArray pkt(data); + sslSocket->write(pkt); +} + +/* + * Signal handlers + */ +void SslClient::Connected() +{ + Logger::Info("Connected to server\n"); +} + +void SslClient::Disconnected() +{ + Logger::Info("Disconnected from server\n"); +} + +void SslClient::DataRecieved() +{ + Logger::Trace("Reply recieved\n"); + QByteArray data = sslSocket->readAll(); + qDebug() << data; +} + +void SslClient::Error(QAbstractSocket::SocketError socketError) +{ + Logger::Fatal("Socket error!"); +} + +void SslClient::PeerVerifyError(const QSslError &error) +{ + switch(error.error()) + { + case QSslError::InvalidCaCertificate: + case QSslError::NoPeerCertificate: + case QSslError::UnspecifiedError: + case QSslError::AuthorityIssuerSerialNumberMismatch: + Logger::Fatal("Critical peer verify error!, Aborting connection\n" + "Error description: %s", + error.errorString().toStdString().c_str()); + sslSocket->abort(); + break; + default: + Logger::Fatal("Can't verify peer: %s", error.errorString().toStdString().c_str()); + break; + } +} + +void SslClient::SslErrors(const QList &errors) +{ + if (!errors.empty()) + { + for (int i = 0; i < errors.size(); i++) + { + Logger::Fatal("%s", errors[i].errorString().toStdString().c_str()); + } + } +} \ No newline at end of file -- cgit v1.2.3