TDE core libraries
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

108 lines
3.8KB

  1. /* This file is part of the KDE project
  2. *
  3. * Copyright (C) 2000, 2001 George Staikos <staikos@kde.org>
  4. *
  5. * This library is free software; you can redistribute it and/or
  6. * modify it under the terms of the GNU Library General Public
  7. * License as published by the Free Software Foundation; either
  8. * version 2 of the License, or (at your option) any later version.
  9. *
  10. * This library is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  13. * Library General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU Library General Public License
  16. * along with this library; see the file COPYING.LIB. If not, write to
  17. * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
  18. * Boston, MA 02110-1301, USA.
  19. */
  20. #ifndef _INCLUDE_KSSLCCACHE_H
  21. #define _INCLUDE_KSSLCCACHE_H
  22. class KSSLCertificate;
  23. #include <tqstring.h>
  24. #include <tqstringlist.h>
  25. #include <tqdatetime.h>
  26. #include <tdelibs_export.h>
  27. class TDEIO_EXPORT KSSLCertificateCache {
  28. public:
  29. enum KSSLCertificatePolicy { Unknown, Reject, Accept, Prompt, Ambiguous };
  30. // Unknown: no policy has been set for this record
  31. // Reject: user has requested to not accept data from this site
  32. // Accept: user has requested to always accept data from this site
  33. // Prompt: user wishes to be prompted before accepting this certificate
  34. // You may need to set a [non-]permanent policy on this record after
  35. // the user is prompted.
  36. // Ambiguous: The state cannot be uniquely determined. Hopefully this
  37. // doesn't happen.
  38. KSSLCertificateCache();
  39. ~KSSLCertificateCache();
  40. void addCertificate(KSSLCertificate& cert, KSSLCertificatePolicy policy,
  41. bool permanent = true);
  42. // WARNING! This is not a "secure" method. You need to actually
  43. // do a getPolicyByCertificate to be cryptographically sure
  44. // that this is an accepted certificate/site pair.
  45. // (note that the site (CN) is encoded in the certificate
  46. // so you should only accept certificates whose CN matches
  47. // the exact FQDN of the site presenting it)
  48. // If you're just doing an OpenSSL connection, I believe it
  49. // tests this for you, but don't take my word for it.
  50. KSSLCertificatePolicy getPolicyByCN(TQString& cn);
  51. KSSLCertificatePolicy getPolicyByCertificate(KSSLCertificate& cert);
  52. bool seenCN(TQString& cn);
  53. bool seenCertificate(KSSLCertificate& cert);
  54. bool removeByCN(TQString& cn);
  55. bool removeByCertificate(KSSLCertificate& cert);
  56. bool isPermanent(KSSLCertificate& cert);
  57. bool modifyByCN(TQString& cn,
  58. KSSLCertificateCache::KSSLCertificatePolicy policy,
  59. bool permanent,
  60. TQDateTime& expires);
  61. bool modifyByCertificate(KSSLCertificate& cert,
  62. KSSLCertificateCache::KSSLCertificatePolicy policy,
  63. bool permanent,
  64. TQDateTime& expires);
  65. TQStringList getHostList(KSSLCertificate& cert);
  66. bool addHost(KSSLCertificate& cert, TQString& host);
  67. bool removeHost(KSSLCertificate& cert, TQString& host);
  68. // SMIME
  69. TQStringList getKDEKeyByEmail(const TQString &email);
  70. KSSLCertificate *getCertByMD5Digest(const TQString &key);
  71. void reload();
  72. // You shouldn't need to call this but in some weird circumstances
  73. // it might be necessary.
  74. void saveToDisk();
  75. private:
  76. class KSSLCertificateCachePrivate;
  77. KSSLCertificateCachePrivate *d;
  78. void loadDefaultPolicies();
  79. void clearList();
  80. };
  81. TDEIO_EXPORT TQDataStream& operator<<(TQDataStream& s, const KSSLCertificateCache::KSSLCertificatePolicy& p);
  82. TDEIO_EXPORT TQDataStream& operator>>(TQDataStream& s, KSSLCertificateCache::KSSLCertificatePolicy& p);
  83. #endif