View previous topic :: View next topic |
Author |
Message |
Mitu
Joined: 22 Sep 2009 Posts: 59 Location: Poland
|
Posted: Fri Jun 04, 2010 7:10 am Post subject: How to do a STARTTLS? |
|
|
I've got QSslSocket, which is connected do server without encryption. How to do a STARTTLS operation? |
|
Back to top |
|
|
maxter
Joined: 17 May 2006 Posts: 34
|
|
Back to top |
|
|
Mitu
Joined: 22 Sep 2009 Posts: 59 Location: Poland
|
Posted: Tue Jun 08, 2010 3:22 pm Post subject: |
|
|
Actually, it didn't work. I'm writing a Jabber/XMPP. I've tried this method with teen servers, and nowhere worked as it should. I'm sure that at least some of them supports STARTTLS. When tried startClientEncryption(), one server disconnected me instantly (waitForEncrypted() method returned false) and some other just stopped responding for any data sent to them (waitForEncrypted() method returned nothing - i don't know, how it's possible). |
|
Back to top |
|
|
maxter
Joined: 17 May 2006 Posts: 34
|
Posted: Wed Jun 09, 2010 1:34 am Post subject: |
|
|
Could you test in C++ that the encrypted connection works with those servers? If it works there then the problem is caused by the wrap and we'll have to fix it.
Quote: |
waitForEncrypted() method returned nothing - i don't know, how it's possible
|
Do you mean the program terminated silently during the call to waitForEncrypted()? |
|
Back to top |
|
|
Mitu
Joined: 22 Sep 2009 Posts: 59 Location: Poland
|
Posted: Wed Jun 09, 2010 12:47 pm Post subject: |
|
|
I've corrected code a bit. Most servers just gave slightly different response and startClientEncryption wasn't even started. But it doesn't work still. Now waitForEncrypted() always returna false.
I'm afraid I've found out why:
http://bugreports.qt.nokia.com/browse/QTBUG-1995?page=com.googlecode.jira-suite-utilities:transitions-summary-tabpanel
So it's calling startClientEncryption() from readyRead(). Workaround needed. I'm going to try to work it out, but I would be pleased if someone passed me any idea.
EDIT: Did a test and tried to startClientEncryption() and waitForEncrypted() from a slot bound to QButton.clicked signal. The same, waitForEncrypted() returns false.
The bug may appear in every slot, I don't know. I know only basic C/C++ (too little for QT) and can't test it in this language. But it should be a short code, so wolud you test it?
There are only some simple things to do:
- create QSSLSocket and connect to ex. jabber.org
- send "<?xml version='1.0'?><stream:stream to='jabber.org ' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>"
- wait for sth starting with "<?xml version"
- send "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"
- wait for "<proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"
- when received, try to estabilish an encryption.
I will be really greatful |
|
Back to top |
|
|
maxter
Joined: 17 May 2006 Posts: 34
|
Posted: Thu Jun 10, 2010 6:29 am Post subject: |
|
|
I'll try it at the weekend if you can wait. |
|
Back to top |
|
|
Mitu
Joined: 22 Sep 2009 Posts: 59 Location: Poland
|
Posted: Thu Jun 10, 2010 7:55 am Post subject: |
|
|
No problem, I don't have to hurry with it. |
|
Back to top |
|
|
maxter
Joined: 17 May 2006 Posts: 34
|
Posted: Mon Jun 14, 2010 3:15 am Post subject: |
|
|
I've tried to connect to jabber.org from C++. It goes well until the call to startClientEncryption(), which fails giving no details about the error. No idea what's going wrong. I think you'd better ask on a Qt forum. |
|
Back to top |
|
|
Mitu
Joined: 22 Sep 2009 Posts: 59 Location: Poland
|
Posted: Wed Jun 16, 2010 9:27 am Post subject: |
|
|
Would you mind to paste the code here so that i could copy it? |
|
Back to top |
|
|
maxter
Joined: 17 May 2006 Posts: 34
|
Posted: Wed Jun 23, 2010 5:43 am Post subject: |
|
|
I am back from vacation and here is the code:
Code: |
QByteArray read(QSslSocket &s)
{
QByteArray result;
for(;;) {
if(!s.waitForReadyRead(3000)) {
return result;
}
result.append(s.readAll());
}
}
void write(QSslSocket &s, QByteArray data)
{
s.write(data);
if (!s.waitForBytesWritten()) {
std::cout << "Failed to wait for written " << s.state() << ": " << qPrintable(s.errorString()) << std::endl;
}
}
int main(int argc, char *argv[])
{
QSslSocket s;
s.setProtocol(QSsl::TlsV1);
s.connectToHost("jabber.org", 5222);
if (!s.waitForConnected()) {
std::cout << "Couldn't connect " << s.state() << ": " << qPrintable(s.errorString()) << std::endl;
return -1;
}
std::cout << "Connected " << s.state() << std::endl;
write(s, "<?xml version='1.0'?><stream:stream xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xmlns='jabber:client' to='jabber.org' xml:lang='en' xmlns:xml='http://www.w3.org/XML/1998/namespace'>");
std::cout << read(s).data() << std::endl;
std::cout << "Requesting TLS" << std::endl;
write(s, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
std::cout << read(s).data() << std::endl;
std::cout << "TLS request ok " << s.state() << std::endl;
s.startClientEncryption();
if (!s.waitForEncrypted()) {
std::cout << "Encryption failed " << s.state() << ": " << qPrintable(s.errorString()) << std::endl;
return -1;
}
std::cout << "Encrypted " << s.state() << std::endl;
return 0;
}
|
The code was quickly hacked up. It doesn't use any kind of XML reader or anything. <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> succeeds but waitForEncrypted() fails. I have no idea why. |
|
Back to top |
|
|
|