b4tman
/
qtftp
mirror of https://github.com/b4tman/qtftp.git
1
0
Fork 0
Code Issues Releases Activity

waitForEncrypted fix + ignoreSslErrors 

added ignoreSslErrors() method
switching to encrypted mode after "AUTH TLS" fixed
This commit is contained in:
Dmitry Belyaev 2015-07-08 20:55:37 +03:00
parent 0e8721f302
commit d9712b37f4
2 changed files with 44 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
src/qftp/qftp.cpp
View File

@ -120,6 +120,7 @@ private slots:
void socketEncrypted(); void socketEncrypted();
void socketReadyRead(); void socketReadyRead();
void socketError(QAbstractSocket::SocketError); void socketError(QAbstractSocket::SocketError);
void sslErrors (const QList<QSslError> &) ;
void socketConnectionClosed(); void socketConnectionClosed();
void socketBytesWritten(qint64); void socketBytesWritten(qint64);
void setupSocket(); void setupSocket();
@ -176,6 +177,10 @@ public:
{ {
commandSocket.addCaCertificates(certs); commandSocket.addCaCertificates(certs);
} }
void ignoreSslErrors(const bool ignore)
{
_ignoreSslErrors = ignore;
}
QString currentCommand() const QString currentCommand() const
{ return currentCmd; } { return currentCmd; }
@ -196,6 +201,7 @@ private slots:
void hostFound(); void hostFound();
void connected(); void connected();
void connectionClosed(); void connectionClosed();
void connectionEncrypted();
void delayedCloseFinished(); void delayedCloseFinished();
void readyRead(); void readyRead();
void error(QAbstractSocket::SocketError); void error(QAbstractSocket::SocketError);
@ -235,6 +241,7 @@ private:
bool waitForDtpToConnect; bool waitForDtpToConnect;
bool waitForDtpToClose; bool waitForDtpToClose;
bool tls; bool tls;
bool _ignoreSslErrors;
QByteArray bytesFromSocket; QByteArray bytesFromSocket;
QTimer timer; QTimer timer;
@ -357,6 +364,8 @@ void QFtpDTP::connectToHost(const QString & host, quint16 port)
if (ssl_socket) // here we need to setup QSslSocket (0 if QTcpSocket) if (ssl_socket) // here we need to setup QSslSocket (0 if QTcpSocket)
{ {
connect(ssl_socket, SIGNAL(encrypted()), SLOT(socketEncrypted())); connect(ssl_socket, SIGNAL(encrypted()), SLOT(socketEncrypted()));
connect(ssl_socket, SIGNAL(sslErrors ( const QList<QSslError> & ) ),
SLOT(sslErrors ( const QList<QSslError> & ) ));
//TODO: implement TLS session resumption (err 450) //TODO: implement TLS session resumption (err 450)
ssl_socket->setSslConfiguration(pi->ssl_config); ssl_socket->setSslConfiguration(pi->ssl_config);
@ -780,6 +789,19 @@ void QFtpDTP::socketError(QAbstractSocket::SocketError e)
} }
} }
void QFtpDTP::sslErrors(const QList<QSslError> &)
{
if (pi->_ignoreSslErrors) {
QSslSocket *ssl_socket = qobject_cast<QSslSocket*>(socket);
if (ssl_socket){
ssl_socket->ignoreSslErrors();
}
return;
}
emit connectState(QFtpDTP::CsConnectionRefused); //TODO: add another connect state
}
void QFtpDTP::socketConnectionClosed() void QFtpDTP::socketConnectionClosed()
{ {
if (!is_ba && data.dev) { if (!is_ba && data.dev) {
@ -858,21 +880,28 @@ QFtpPI::QFtpPI(QObject *parent) :
connect(&commandSocket, SIGNAL(encrypted()), connect(&commandSocket, SIGNAL(encrypted()),
SIGNAL(encrypted())); SIGNAL(encrypted()));
connect(&commandSocket, SIGNAL(encrypted()),
SLOT(connectionEncrypted()));
connect(&commandSocket, SIGNAL(sslErrors ( const QList<QSslError> & ) ), connect(&commandSocket, SIGNAL(sslErrors ( const QList<QSslError> & ) ),
SLOT(sslErrors ( const QList<QSslError> & ) )); SLOT(sslErrors ( const QList<QSslError> & ) ));
// additional ssl settings // additional ssl settings
ssl_config.setProtocol(QSsl::TlsV1_2); ssl_config.setProtocol(QSsl::TlsV1_2);
ssl_config.setPeerVerifyMode(QSslSocket::VerifyPeer); //TODO: option to disable verification ssl_config.setPeerVerifyMode(QSslSocket::VerifyPeer);
commandSocket.setSslConfiguration(ssl_config); commandSocket.setSslConfiguration(ssl_config);
} }
void QFtpPI::sslErrors ( const QList<QSslError> & errors ) void QFtpPI::sslErrors ( const QList<QSslError> & errors )
{ {
if (_ignoreSslErrors) {
commandSocket.ignoreSslErrors();
return;
}
QString e; QString e;
for(int i=0; i< errors.size(); ++i) for(int i=0; i< errors.size(); ++i)
{ {
e.append((errors[i].errorString())+"\n"); e.append((errors[i].errorString())+".\n");
} }
emit error((int)QFtp::SslError, e); emit error((int)QFtp::SslError, e);
@ -966,6 +995,12 @@ void QFtpPI::connectionClosed()
emit connectState(QFtp::Unconnected); emit connectState(QFtp::Unconnected);
} }
void QFtpPI::connectionEncrypted()
{
waitForDtpToConnect = false;
startNextCmd();
}
void QFtpPI::delayedCloseFinished() void QFtpPI::delayedCloseFinished()
{ {
emit connectState(QFtp::Unconnected); emit connectState(QFtp::Unconnected);
@ -1148,9 +1183,6 @@ bool QFtpPI::processReply()
QString host = lst[1] + QLatin1Char('.') + lst[2] + QLatin1Char('.') + lst[3] + QLatin1Char('.') + lst[4]; QString host = lst[1] + QLatin1Char('.') + lst[2] + QLatin1Char('.') + lst[3] + QLatin1Char('.') + lst[4];
quint16 port = (lst[5].toUInt() << 8) + lst[6].toUInt(); quint16 port = (lst[5].toUInt() << 8) + lst[6].toUInt();
waitForDtpToConnect = true; waitForDtpToConnect = true;
//ssl_conf = commandSocket.sslConfiguration();
//dtp.setSsl_config(ssl_conf);
//dtp.setSessionTicket(ssl_conf.sessionTicket());
#ifndef QT_NO_BEARERMANAGEMENT #ifndef QT_NO_BEARERMANAGEMENT
//copy network session down to the socket //copy network session down to the socket
dtp.setProperty("_q_networksession", commandSocket.property("_q_networksession")); dtp.setProperty("_q_networksession", commandSocket.property("_q_networksession"));
@ -1193,7 +1225,7 @@ bool QFtpPI::processReply()
} else if (replyCodeInt == 234 && tls) //TLS OK } else if (replyCodeInt == 234 && tls) //TLS OK
{ {
commandSocket.startClientEncryption(); commandSocket.startClientEncryption();
commandSocket.waitForEncrypted(); //TODO: check for encrypted or remove wait waitForDtpToConnect = true; // TODO: use other variable or rename
} }
else if (replyCodeInt == 235 && tls) //TLS security data needed else if (replyCodeInt == 235 && tls) //TLS security data needed
{ {
@ -1752,6 +1784,11 @@ void QFtp::addCaCertificates(QList<QSslCertificate> certs)
d->pi.addCaCertificates(certs); d->pi.addCaCertificates(certs);
} }
void QFtp::ignoreSslErrors(const bool ignore)
{
d->pi.ignoreSslErrors(ignore);
}
void QFtp::setTls(bool tls) void QFtp::setTls(bool tls)
{ {
return d->pi.setTls(tls); return d->pi.setTls(tls);

1
src/qftp/qftp.h
View File

@ -105,6 +105,7 @@ public:
int setProxy(const QString &host, quint16 port); int setProxy(const QString &host, quint16 port);
int connectToHost(const QString &host, quint16 port=21); int connectToHost(const QString &host, quint16 port=21);
void addCaCertificates(QList<QSslCertificate> certs); void addCaCertificates(QList<QSslCertificate> certs);
void ignoreSslErrors(const bool ignore);
void setTls(bool tls); void setTls(bool tls);
int login(const QString &user = QString(), const QString &password = QString()); int login(const QString &user = QString(), const QString &password = QString());
int close(); int close();