kio Library API Documentation

ksslcertificatecache.h

00001 /* This file is part of the KDE project
00002  *
00003  * Copyright (C) 2000, 2001 George Staikos <staikos@kde.org>
00004  *
00005  * This library is free software; you can redistribute it and/or
00006  * modify it under the terms of the GNU Library General Public
00007  * License as published by the Free Software Foundation; either
00008  * version 2 of the License, or (at your option) any later version.
00009  *
00010  * This library is distributed in the hope that it will be useful,
00011  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00013  * Library General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Library General Public License
00016  * along with this library; see the file COPYING.LIB.  If not, write to
00017  * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
00018  * Boston, MA 02111-1307, USA.
00019  */
00020 
00021 #ifndef _INCLUDE_KSSLCCACHE_H
00022 #define _INCLUDE_KSSLCCACHE_H
00023 
00024 class KSSLCertificate;
00025 #include <qstring.h>
00026 #include <qstringlist.h>
00027 #include <qdatetime.h>
00028 
00029 
00030 class KSSLCertificateCache {
00031 public:
00032 
00033 enum KSSLCertificatePolicy { Unknown, Reject, Accept, Prompt, Ambiguous };
00034 // Unknown: no policy has been set for this record
00035 // Reject: user has requested to not accept data from this site
00036 // Accept: user has requested to always accept data from this site
00037 // Prompt: user wishes to be prompted before accepting this certificate
00038 //         You may need to set a [non-]permanent policy on this record after
00039 //         the user is prompted.
00040 // Ambiguous: The state cannot be uniquely determined.  Hopefully this
00041 //            doesn't happen.
00042 
00043   KSSLCertificateCache();
00044   ~KSSLCertificateCache();
00045 
00046   void addCertificate(KSSLCertificate& cert, KSSLCertificatePolicy policy, 
00047                                                      bool permanent = true);
00048 
00049   // WARNING!  This is not a "secure" method.  You need to actually
00050   //           do a getPolicyByCertificate to be cryptographically sure
00051   //           that this is an accepted certificate/site pair.
00052   //           (note that the site (CN) is encoded in the certificate
00053   //            so you should only accept certificates whose CN matches
00054   //            the exact FQDN of the site presenting it)
00055   //           If you're just doing an OpenSSL connection, I believe it
00056   //           tests this for you, but don't take my word for it.
00057   KSSLCertificatePolicy getPolicyByCN(QString& cn);
00058 
00059   KSSLCertificatePolicy getPolicyByCertificate(KSSLCertificate& cert);
00060 
00061   bool seenCN(QString& cn);
00062   bool seenCertificate(KSSLCertificate& cert);
00063 
00064   bool removeByCN(QString& cn);
00065   bool removeByCertificate(KSSLCertificate& cert);
00066 
00067   bool isPermanent(KSSLCertificate& cert);
00068 
00069   bool modifyByCN(QString& cn,
00070                   KSSLCertificateCache::KSSLCertificatePolicy policy,
00071                   bool permanent,
00072                   QDateTime& expires);
00073 
00074   bool modifyByCertificate(KSSLCertificate& cert,
00075                            KSSLCertificateCache::KSSLCertificatePolicy policy,
00076                            bool permanent,
00077                            QDateTime& expires);
00078 
00079   QStringList getHostList(KSSLCertificate& cert);
00080   bool addHost(KSSLCertificate& cert, QString& host);
00081   bool removeHost(KSSLCertificate& cert, QString& host);
00082 
00083   void reload();
00084 
00085   // You shouldn't need to call this but in some weird circumstances
00086   // it might be necessary.
00087   void saveToDisk();
00088 
00089 private:
00090   class KSSLCertificateCachePrivate;
00091   KSSLCertificateCachePrivate *d;
00092 
00093   void loadDefaultPolicies();
00094   void clearList();
00095 
00096 };
00097 
00098 
00099 QDataStream& operator<<(QDataStream& s, const KSSLCertificateCache::KSSLCertificatePolicy& p);
00100 QDataStream& operator>>(QDataStream& s, KSSLCertificateCache::KSSLCertificatePolicy& p);
00101 
00102 #endif
KDE Logo
This file is part of the documentation for kdelibs Version 3.1.0.
Documentation copyright © 1996-2002 the KDE developers.
Generated on Wed Oct 8 12:21:32 2003 by doxygen 1.2.18 written by Dimitri van Heesch, © 1997-2001