diff --git a/include/QtCrypto/qca_securelayer.h b/include/QtCrypto/qca_securelayer.h index 27ef9675..43e5f856 100644 --- a/include/QtCrypto/qca_securelayer.h +++ b/include/QtCrypto/qca_securelayer.h @@ -452,6 +452,12 @@ foreach(const CertificateInfoOrdered &info, tls->issuerList()) */ void setCompressionEnabled(bool b); + /** + Returns the host name specified or an empty string if no host + name is specified. + */ + QString hostName() const; + /** Start the TLS/SSL connection as a client @@ -635,10 +641,24 @@ foreach(const CertificateInfoOrdered &info, tls->issuerList()) Q_SIGNALS: /** - Emitted when the server has completed the first part - of the TLS negotiation. At this time, the client can + Emitted if a host name is set by the client. At + this time, the server can inspect the hostName(). + + You must call continueAfterStep() in order for TLS + processing to resume after this signal is emitted. + + This signal is only emitted in server mode. + + \sa continueAfterStep + */ + void hostNameReceived(); + + /** + Emitted when the first part of the TLS negotiation + has completed. At this time, the client can inspect the version(), peerCertificateChain() - and issuerList(). + and issuerList(), and the server can inspect the + version(). You must call continueAfterStep() in order for TLS processing to resume after this signal is emitted. diff --git a/include/QtCrypto/qcaprovider.h b/include/QtCrypto/qcaprovider.h index 22cfa217..3a525765 100644 --- a/include/QtCrypto/qcaprovider.h +++ b/include/QtCrypto/qcaprovider.h @@ -478,10 +478,9 @@ public: virtual void setConstraints(int minSSF, int maxSSF) = 0; virtual void setConstraints(const QStringList &cipherSuiteList) = 0; - virtual void setup(const CertificateCollection &trusted, - bool serverMode, - const QList &issuerList, - const QString &hostName, bool compress) = 0; + virtual void setup(bool serverMode, const QString &hostName, bool compress) = 0; + virtual void setTrustedCertificates(const CertificateCollection &trusted) = 0; + virtual void setIssuerList(const QList &issuerList) = 0; virtual void setCertificate(const CertificateChain &cert, const PrivateKey &key) = 0; virtual void shutdown() = 0; // flag for shutdown, call update next @@ -519,7 +518,9 @@ public: virtual bool eof() const = 0; // call after handshake continue, but before success + virtual bool clientHelloReceived() const = 0; virtual bool serverHelloReceived() const = 0; + virtual QString hostName() const = 0; virtual QList issuerList() const = 0; // call after successful handshake diff --git a/plugins/qca-openssl/qca-openssl.cpp b/plugins/qca-openssl/qca-openssl.cpp index 69ee2852..728296bf 100644 --- a/plugins/qca-openssl/qca-openssl.cpp +++ b/plugins/qca-openssl/qca-openssl.cpp @@ -4987,18 +4987,23 @@ public: Q_UNUSED(cipherSuiteList); } - virtual void setup(const CertificateCollection &_trusted, - bool serverMode, - const QList &issuerList, - const QString &hostName, bool compress) + virtual void setup(bool serverMode, const QString &hostName, bool compress) { - trusted = _trusted; serv = serverMode; if ( false == serverMode ) { // client targetHostName = hostName; } Q_UNUSED(compress); // TODO + } + + virtual void setTrustedCertificates(const CertificateCollection &_trusted) + { + trusted = _trusted; + } + + virtual void setIssuerList(const QList &issuerList) + { Q_UNUSED(issuerList); // TODO } @@ -5276,12 +5281,24 @@ public: return v_eof; } + virtual bool clientHelloReceived() const + { + // TODO + return false; + } + virtual bool serverHelloReceived() const { // TODO return false; } + virtual QString hostName() const + { + // TODO + return QString(); + } + virtual QList issuerList() const { // TODO diff --git a/src/qca_securelayer.cpp b/src/qca_securelayer.cpp index 9d4274a7..91c5645f 100644 --- a/src/qca_securelayer.cpp +++ b/src/qca_securelayer.cpp @@ -143,7 +143,9 @@ public: else c->setConstraints(con_cipherSuites); - c->setup(trusted, serverMode, QList(), host, tryCompress); + c->setup(serverMode, host, tryCompress); + c->setTrustedCertificates(trusted); + //c->setIssuerList(QList()); c->setCertificate(localCert, localKey); bool ok;