1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
/* This file is part of the KDE project
*
* Copyright (C) 2000-2003 George Staikos <staikos@kde.org>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public License
* along with this library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301, USA.
*/
#ifndef _KSSLSETTINGS_H
#define _KSSLSETTINGS_H
#include <tqstring.h>
#include <tqvaluelist.h>
#include <kconfig.h>
class KSSLSettingsPrivate;
/**
* KDE SSL Settings
*
* This class contains some of the SSL settings for easy use.
*
* @author George Staikos <staikos@kde.org>
* @see KSSL
* @short KDE SSL Settings
*/
class TDEIO_EXPORT KSSLSettings {
public:
/**
* Construct a KSSL Settings object
*
* @param readConfig read in the configuration immediately if true
*/
KSSLSettings(bool readConfig = true);
/**
* Destroy this KSSL Settings object
*/
~KSSLSettings();
/**
* Does the user allow SSLv2
* @return true if the user allows SSLv2
*/
bool sslv2() const;
/**
* Does the user allow SSLv3
* @return true if the user allows SSLv3
*/
bool sslv3() const;
/**
* Does the user allow TLSv1
* @return true if the user allows TLSv1
*/
bool tlsv1() const;
/**
* Does the user want to be warned on entering SSL mode
* @return true if the user wants to be warned
*/
bool warnOnEnter() const;
/**
* Change the user's warnOnEnter() setting
* @since 3.3
* @param x true if the user is to be warned
* @see warnOnEnter
*/
void setWarnOnEnter(bool x);
/**
* Does the user want to be warned on sending unencrypted data
* @return true if the user wants to be warned
* @see setWarnOnUnencrypted
*/
bool warnOnUnencrypted() const;
/**
* Change the user's warnOnUnencrypted() setting
* @param x true if the user is to be warned
* @see warnOnUnencrypted
*/
void setWarnOnUnencrypted(bool x);
/**
* Does the user want to be warned on leaving SSL mode
* @return true if the user wants to be warned
*/
bool warnOnLeave() const;
/**
* Change the user's warnOnLeave() setting
* @since 3.3
* @param x true if the user is to be warned
* @see warnOnLeave
*/
void setWarnOnLeave(bool x);
/**
* Does the user want to be warned during mixed SSL/non-SSL mode
* @return true if the user wants to be warned
*/
bool warnOnMixed() const;
/**
* Do not use this
* @deprecated
*/
bool warnOnSelfSigned() const KDE_DEPRECATED;
/**
* Do not use this
* @deprecated
*/
bool warnOnRevoked() const KDE_DEPRECATED;
/**
* Do not use this
* @deprecated
*/
bool warnOnExpired() const KDE_DEPRECATED;
/**
* Does the user want to use the Entropy Gathering Daemon?
* @return true if the user wants to use EGD
*/
bool useEGD() const;
/**
* Does the user want to use an entropy file?
* @return true if the user wants to use an entropy file
*/
bool useEFile() const;
/**
* Change the user's TLSv1 preference
* @param enabled true if TLSv1 is enabled
*/
void setTLSv1(bool enabled);
/**
* Change the user's SSLv2 preference
* @param enabled true if SSLv2 is enabled
*/
void setSSLv2(bool enabled);
/**
* Change the user's SSLv3 preference
* @param enabled true if SSLv3 is enabled
*/
void setSSLv3(bool enabled);
/**
* Does the user want X.509 client certificates to always be sent when
* possible?
* @return true if the user always wants a certificate sent
*/
bool autoSendX509() const;
/**
* Does the user want to be prompted to send X.509 client certificates
* when possible?
* @return true if the user wants to be prompted
*/
bool promptSendX509() const;
/**
* Get the OpenSSL cipher list for selecting the list of ciphers to
* use in a connection.
* @return the cipher list
*/
TQString getCipherList();
/**
* Get the configured path to the entropy gathering daemon or entropy
* file.
* @return the path
*/
TQString& getEGDPath();
/**
* Load the user's settings.
*/
void load();
/**
* Revert to default settings.
*/
void defaults();
/**
* Save the current settings.
*/
void save();
private:
TDEConfig *m_cfg;
bool m_bUseSSLv2, m_bUseSSLv3, m_bUseTLSv1;
bool m_bWarnOnEnter, m_bWarnOnUnencrypted, m_bWarnOnLeave, m_bWarnOnMixed;
bool m_bWarnSelfSigned, m_bWarnRevoked, m_bWarnExpired;
TQValueList<TQString> v2ciphers, v2selectedciphers, v3ciphers, v3selectedciphers;
TQValueList<int> v2bits, v3bits;
KSSLSettingsPrivate *d;
};
#endif
|
