From 528e791a5fa0032f335c6410d3e961851e29b325 Mon Sep 17 00:00:00 2001 From: Fabio Alessandrelli Date: Wed, 7 Sep 2022 00:46:12 +0200 Subject: [Net] Rename StreamPeerSSL to StreamPeerTLS. SSL has been deprectated almost 10 years ago. --- core/io/http_client_tcp.cpp | 22 +++---- core/io/stream_peer_ssl.cpp | 75 ------------------------ core/io/stream_peer_ssl.h | 77 ------------------------ core/io/stream_peer_tls.cpp | 75 ++++++++++++++++++++++++ core/io/stream_peer_tls.h | 77 ++++++++++++++++++++++++ core/register_core_types.cpp | 4 +- doc/classes/Crypto.xml | 2 +- doc/classes/CryptoKey.xml | 2 +- doc/classes/StreamPeerSSL.xml | 81 -------------------------- doc/classes/StreamPeerTLS.xml | 81 ++++++++++++++++++++++++++ doc/classes/X509Certificate.xml | 2 +- editor/editor_node.cpp | 2 +- editor/plugins/asset_library_editor_plugin.cpp | 4 +- editor/project_converter_3_to_4.cpp | 1 + editor/project_manager.cpp | 2 +- modules/mbedtls/packet_peer_mbed_dtls.cpp | 2 +- modules/mbedtls/stream_peer_mbedtls.cpp | 2 +- modules/mbedtls/stream_peer_mbedtls.h | 6 +- modules/websocket/wsl_client.cpp | 10 ++-- modules/websocket/wsl_client.h | 2 +- modules/websocket/wsl_server.cpp | 12 ++-- modules/websocket/wsl_server.h | 2 +- platform/web/export/editor_http_server.h | 12 ++-- platform/web/export/export_plugin.h | 2 +- 24 files changed, 279 insertions(+), 278 deletions(-) delete mode 100644 core/io/stream_peer_ssl.cpp delete mode 100644 core/io/stream_peer_ssl.h create mode 100644 core/io/stream_peer_tls.cpp create mode 100644 core/io/stream_peer_tls.h delete mode 100644 doc/classes/StreamPeerSSL.xml create mode 100644 doc/classes/StreamPeerTLS.xml diff --git a/core/io/http_client_tcp.cpp b/core/io/http_client_tcp.cpp index 9499a6f8e3..e898db4204 100644 --- a/core/io/http_client_tcp.cpp +++ b/core/io/http_client_tcp.cpp @@ -32,7 +32,7 @@ #include "http_client_tcp.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/version.h" HTTPClient *HTTPClientTCP::_create_func() { @@ -104,8 +104,8 @@ void HTTPClientTCP::set_connection(const Ref &p_connection) { ERR_FAIL_COND_MSG(p_connection.is_null(), "Connection is not a reference to a valid StreamPeer object."); if (ssl) { - ERR_FAIL_NULL_MSG(Object::cast_to(p_connection.ptr()), - "Connection is not a reference to a valid StreamPeerSSL object."); + ERR_FAIL_NULL_MSG(Object::cast_to(p_connection.ptr()), + "Connection is not a reference to a valid StreamPeerTLS object."); } if (connection == p_connection) { @@ -354,10 +354,10 @@ Error HTTPClientTCP::poll() { } break; } } else if (ssl) { - Ref ssl; + Ref ssl; if (!handshaking) { - // Connect the StreamPeerSSL and start handshaking. - ssl = Ref(StreamPeerSSL::create()); + // Connect the StreamPeerTLS and start handshaking. + ssl = Ref(StreamPeerTLS::create()); ssl->set_blocking_handshake_enabled(false); Error err = ssl->connect_to_stream(tcp_connection, ssl_verify_host, conn_host); if (err != OK) { @@ -369,7 +369,7 @@ Error HTTPClientTCP::poll() { handshaking = true; } else { // We are already handshaking, which means we can use your already active SSL connection. - ssl = static_cast>(connection); + ssl = static_cast>(connection); if (ssl.is_null()) { close(); status = STATUS_SSL_HANDSHAKE_ERROR; @@ -379,13 +379,13 @@ Error HTTPClientTCP::poll() { ssl->poll(); // Try to finish the handshake. } - if (ssl->get_status() == StreamPeerSSL::STATUS_CONNECTED) { + if (ssl->get_status() == StreamPeerTLS::STATUS_CONNECTED) { // Handshake has been successful. handshaking = false; ip_candidates.clear(); status = STATUS_CONNECTED; return OK; - } else if (ssl->get_status() != StreamPeerSSL::STATUS_HANDSHAKING) { + } else if (ssl->get_status() != StreamPeerTLS::STATUS_HANDSHAKING) { // Handshake has failed. close(); status = STATUS_SSL_HANDSHAKE_ERROR; @@ -418,9 +418,9 @@ Error HTTPClientTCP::poll() { case STATUS_CONNECTED: { // Check if we are still connected. if (ssl) { - Ref tmp = connection; + Ref tmp = connection; tmp->poll(); - if (tmp->get_status() != StreamPeerSSL::STATUS_CONNECTED) { + if (tmp->get_status() != StreamPeerTLS::STATUS_CONNECTED) { status = STATUS_CONNECTION_ERROR; return ERR_CONNECTION_ERROR; } diff --git a/core/io/stream_peer_ssl.cpp b/core/io/stream_peer_ssl.cpp deleted file mode 100644 index 5b90fb52a6..0000000000 --- a/core/io/stream_peer_ssl.cpp +++ /dev/null @@ -1,75 +0,0 @@ -/*************************************************************************/ -/* stream_peer_ssl.cpp */ -/*************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/*************************************************************************/ -/* Copyright (c) 2007-2022 Juan Linietsky, Ariel Manzur. */ -/* Copyright (c) 2014-2022 Godot Engine contributors (cf. AUTHORS.md). */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/*************************************************************************/ - -#include "stream_peer_ssl.h" - -#include "core/config/engine.h" - -StreamPeerSSL *(*StreamPeerSSL::_create)() = nullptr; - -StreamPeerSSL *StreamPeerSSL::create() { - if (_create) { - return _create(); - } - return nullptr; -} - -bool StreamPeerSSL::available = false; - -bool StreamPeerSSL::is_available() { - return available; -} - -void StreamPeerSSL::set_blocking_handshake_enabled(bool p_enabled) { - blocking_handshake = p_enabled; -} - -bool StreamPeerSSL::is_blocking_handshake_enabled() const { - return blocking_handshake; -} - -void StreamPeerSSL::_bind_methods() { - ClassDB::bind_method(D_METHOD("poll"), &StreamPeerSSL::poll); - ClassDB::bind_method(D_METHOD("accept_stream", "stream", "private_key", "certificate", "chain"), &StreamPeerSSL::accept_stream, DEFVAL(Ref())); - ClassDB::bind_method(D_METHOD("connect_to_stream", "stream", "validate_certs", "for_hostname", "valid_certificate"), &StreamPeerSSL::connect_to_stream, DEFVAL(false), DEFVAL(String()), DEFVAL(Ref())); - ClassDB::bind_method(D_METHOD("get_status"), &StreamPeerSSL::get_status); - ClassDB::bind_method(D_METHOD("get_stream"), &StreamPeerSSL::get_stream); - ClassDB::bind_method(D_METHOD("disconnect_from_stream"), &StreamPeerSSL::disconnect_from_stream); - ClassDB::bind_method(D_METHOD("set_blocking_handshake_enabled", "enabled"), &StreamPeerSSL::set_blocking_handshake_enabled); - ClassDB::bind_method(D_METHOD("is_blocking_handshake_enabled"), &StreamPeerSSL::is_blocking_handshake_enabled); - - ADD_PROPERTY(PropertyInfo(Variant::BOOL, "blocking_handshake"), "set_blocking_handshake_enabled", "is_blocking_handshake_enabled"); - - BIND_ENUM_CONSTANT(STATUS_DISCONNECTED); - BIND_ENUM_CONSTANT(STATUS_HANDSHAKING); - BIND_ENUM_CONSTANT(STATUS_CONNECTED); - BIND_ENUM_CONSTANT(STATUS_ERROR); - BIND_ENUM_CONSTANT(STATUS_ERROR_HOSTNAME_MISMATCH); -} diff --git a/core/io/stream_peer_ssl.h b/core/io/stream_peer_ssl.h deleted file mode 100644 index fe68667adc..0000000000 --- a/core/io/stream_peer_ssl.h +++ /dev/null @@ -1,77 +0,0 @@ -/*************************************************************************/ -/* stream_peer_ssl.h */ -/*************************************************************************/ -/* This file is part of: */ -/* GODOT ENGINE */ -/* https://godotengine.org */ -/*************************************************************************/ -/* Copyright (c) 2007-2022 Juan Linietsky, Ariel Manzur. */ -/* Copyright (c) 2014-2022 Godot Engine contributors (cf. AUTHORS.md). */ -/* */ -/* Permission is hereby granted, free of charge, to any person obtaining */ -/* a copy of this software and associated documentation files (the */ -/* "Software"), to deal in the Software without restriction, including */ -/* without limitation the rights to use, copy, modify, merge, publish, */ -/* distribute, sublicense, and/or sell copies of the Software, and to */ -/* permit persons to whom the Software is furnished to do so, subject to */ -/* the following conditions: */ -/* */ -/* The above copyright notice and this permission notice shall be */ -/* included in all copies or substantial portions of the Software. */ -/* */ -/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ -/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ -/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ -/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ -/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ -/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ -/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ -/*************************************************************************/ - -#ifndef STREAM_PEER_SSL_H -#define STREAM_PEER_SSL_H - -#include "core/crypto/crypto.h" -#include "core/io/stream_peer.h" - -class StreamPeerSSL : public StreamPeer { - GDCLASS(StreamPeerSSL, StreamPeer); - -protected: - static StreamPeerSSL *(*_create)(); - static void _bind_methods(); - - static bool available; - - bool blocking_handshake = true; - -public: - enum Status { - STATUS_DISCONNECTED, - STATUS_HANDSHAKING, - STATUS_CONNECTED, - STATUS_ERROR, - STATUS_ERROR_HOSTNAME_MISMATCH - }; - - void set_blocking_handshake_enabled(bool p_enabled); - bool is_blocking_handshake_enabled() const; - - virtual void poll() = 0; - virtual Error accept_stream(Ref p_base, Ref p_key, Ref p_cert, Ref p_ca_chain = Ref()) = 0; - virtual Error connect_to_stream(Ref p_base, bool p_validate_certs = false, const String &p_for_hostname = String(), Ref p_valid_cert = Ref()) = 0; - virtual Status get_status() const = 0; - virtual Ref get_stream() const = 0; - - virtual void disconnect_from_stream() = 0; - - static StreamPeerSSL *create(); - - static bool is_available(); - - StreamPeerSSL() {} -}; - -VARIANT_ENUM_CAST(StreamPeerSSL::Status); - -#endif // STREAM_PEER_SSL_H diff --git a/core/io/stream_peer_tls.cpp b/core/io/stream_peer_tls.cpp new file mode 100644 index 0000000000..b1adde018a --- /dev/null +++ b/core/io/stream_peer_tls.cpp @@ -0,0 +1,75 @@ +/*************************************************************************/ +/* stream_peer_tls.cpp */ +/*************************************************************************/ +/* This file is part of: */ +/* GODOT ENGINE */ +/* https://godotengine.org */ +/*************************************************************************/ +/* Copyright (c) 2007-2022 Juan Linietsky, Ariel Manzur. */ +/* Copyright (c) 2014-2022 Godot Engine contributors (cf. AUTHORS.md). */ +/* */ +/* Permission is hereby granted, free of charge, to any person obtaining */ +/* a copy of this software and associated documentation files (the */ +/* "Software"), to deal in the Software without restriction, including */ +/* without limitation the rights to use, copy, modify, merge, publish, */ +/* distribute, sublicense, and/or sell copies of the Software, and to */ +/* permit persons to whom the Software is furnished to do so, subject to */ +/* the following conditions: */ +/* */ +/* The above copyright notice and this permission notice shall be */ +/* included in all copies or substantial portions of the Software. */ +/* */ +/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ +/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ +/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ +/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ +/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ +/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ +/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ +/*************************************************************************/ + +#include "stream_peer_tls.h" + +#include "core/config/engine.h" + +StreamPeerTLS *(*StreamPeerTLS::_create)() = nullptr; + +StreamPeerTLS *StreamPeerTLS::create() { + if (_create) { + return _create(); + } + return nullptr; +} + +bool StreamPeerTLS::available = false; + +bool StreamPeerTLS::is_available() { + return available; +} + +void StreamPeerTLS::set_blocking_handshake_enabled(bool p_enabled) { + blocking_handshake = p_enabled; +} + +bool StreamPeerTLS::is_blocking_handshake_enabled() const { + return blocking_handshake; +} + +void StreamPeerTLS::_bind_methods() { + ClassDB::bind_method(D_METHOD("poll"), &StreamPeerTLS::poll); + ClassDB::bind_method(D_METHOD("accept_stream", "stream", "private_key", "certificate", "chain"), &StreamPeerTLS::accept_stream, DEFVAL(Ref())); + ClassDB::bind_method(D_METHOD("connect_to_stream", "stream", "validate_certs", "for_hostname", "valid_certificate"), &StreamPeerTLS::connect_to_stream, DEFVAL(false), DEFVAL(String()), DEFVAL(Ref())); + ClassDB::bind_method(D_METHOD("get_status"), &StreamPeerTLS::get_status); + ClassDB::bind_method(D_METHOD("get_stream"), &StreamPeerTLS::get_stream); + ClassDB::bind_method(D_METHOD("disconnect_from_stream"), &StreamPeerTLS::disconnect_from_stream); + ClassDB::bind_method(D_METHOD("set_blocking_handshake_enabled", "enabled"), &StreamPeerTLS::set_blocking_handshake_enabled); + ClassDB::bind_method(D_METHOD("is_blocking_handshake_enabled"), &StreamPeerTLS::is_blocking_handshake_enabled); + + ADD_PROPERTY(PropertyInfo(Variant::BOOL, "blocking_handshake"), "set_blocking_handshake_enabled", "is_blocking_handshake_enabled"); + + BIND_ENUM_CONSTANT(STATUS_DISCONNECTED); + BIND_ENUM_CONSTANT(STATUS_HANDSHAKING); + BIND_ENUM_CONSTANT(STATUS_CONNECTED); + BIND_ENUM_CONSTANT(STATUS_ERROR); + BIND_ENUM_CONSTANT(STATUS_ERROR_HOSTNAME_MISMATCH); +} diff --git a/core/io/stream_peer_tls.h b/core/io/stream_peer_tls.h new file mode 100644 index 0000000000..ed7334fab3 --- /dev/null +++ b/core/io/stream_peer_tls.h @@ -0,0 +1,77 @@ +/*************************************************************************/ +/* stream_peer_tls.h */ +/*************************************************************************/ +/* This file is part of: */ +/* GODOT ENGINE */ +/* https://godotengine.org */ +/*************************************************************************/ +/* Copyright (c) 2007-2022 Juan Linietsky, Ariel Manzur. */ +/* Copyright (c) 2014-2022 Godot Engine contributors (cf. AUTHORS.md). */ +/* */ +/* Permission is hereby granted, free of charge, to any person obtaining */ +/* a copy of this software and associated documentation files (the */ +/* "Software"), to deal in the Software without restriction, including */ +/* without limitation the rights to use, copy, modify, merge, publish, */ +/* distribute, sublicense, and/or sell copies of the Software, and to */ +/* permit persons to whom the Software is furnished to do so, subject to */ +/* the following conditions: */ +/* */ +/* The above copyright notice and this permission notice shall be */ +/* included in all copies or substantial portions of the Software. */ +/* */ +/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */ +/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */ +/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/ +/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */ +/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */ +/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */ +/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ +/*************************************************************************/ + +#ifndef STREAM_PEER_TLS_H +#define STREAM_PEER_TLS_H + +#include "core/crypto/crypto.h" +#include "core/io/stream_peer.h" + +class StreamPeerTLS : public StreamPeer { + GDCLASS(StreamPeerTLS, StreamPeer); + +protected: + static StreamPeerTLS *(*_create)(); + static void _bind_methods(); + + static bool available; + + bool blocking_handshake = true; + +public: + enum Status { + STATUS_DISCONNECTED, + STATUS_HANDSHAKING, + STATUS_CONNECTED, + STATUS_ERROR, + STATUS_ERROR_HOSTNAME_MISMATCH + }; + + void set_blocking_handshake_enabled(bool p_enabled); + bool is_blocking_handshake_enabled() const; + + virtual void poll() = 0; + virtual Error accept_stream(Ref p_base, Ref p_key, Ref p_cert, Ref p_ca_chain = Ref()) = 0; + virtual Error connect_to_stream(Ref p_base, bool p_validate_certs = false, const String &p_for_hostname = String(), Ref p_valid_cert = Ref()) = 0; + virtual Status get_status() const = 0; + virtual Ref get_stream() const = 0; + + virtual void disconnect_from_stream() = 0; + + static StreamPeerTLS *create(); + + static bool is_available(); + + StreamPeerTLS() {} +}; + +VARIANT_ENUM_CAST(StreamPeerTLS::Status); + +#endif // STREAM_PEER_TLS_H diff --git a/core/register_core_types.cpp b/core/register_core_types.cpp index 7f734201e7..1b3f11ffab 100644 --- a/core/register_core_types.cpp +++ b/core/register_core_types.cpp @@ -58,7 +58,7 @@ #include "core/io/resource_format_binary.h" #include "core/io/resource_importer.h" #include "core/io/resource_uid.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/io/tcp_server.h" #include "core/io/translation_loader_po.h" #include "core/io/udp_server.h" @@ -202,7 +202,7 @@ void register_core_types() { ClassDB::register_custom_instance_class(); ClassDB::register_custom_instance_class(); ClassDB::register_custom_instance_class(); - ClassDB::register_custom_instance_class(); + ClassDB::register_custom_instance_class(); ClassDB::register_custom_instance_class(); ClassDB::register_custom_instance_class(); diff --git a/doc/classes/Crypto.xml b/doc/classes/Crypto.xml index dab2a77584..ade63225dc 100644 --- a/doc/classes/Crypto.xml +++ b/doc/classes/Crypto.xml @@ -110,7 +110,7 @@ - Generates an RSA [CryptoKey] that can be used for creating self-signed certificates and passed to [method StreamPeerSSL.accept_stream]. + Generates an RSA [CryptoKey] that can be used for creating self-signed certificates and passed to [method StreamPeerTLS.accept_stream]. diff --git a/doc/classes/CryptoKey.xml b/doc/classes/CryptoKey.xml index 1f502846b4..7db810177f 100644 --- a/doc/classes/CryptoKey.xml +++ b/doc/classes/CryptoKey.xml @@ -5,7 +5,7 @@ The CryptoKey class represents a cryptographic key. Keys can be loaded and saved like any other [Resource]. - They can be used to generate a self-signed [X509Certificate] via [method Crypto.generate_self_signed_certificate] and as private key in [method StreamPeerSSL.accept_stream] along with the appropriate certificate. + They can be used to generate a self-signed [X509Certificate] via [method Crypto.generate_self_signed_certificate] and as private key in [method StreamPeerTLS.accept_stream] along with the appropriate certificate. diff --git a/doc/classes/StreamPeerSSL.xml b/doc/classes/StreamPeerSSL.xml deleted file mode 100644 index 9d21b91416..0000000000 --- a/doc/classes/StreamPeerSSL.xml +++ /dev/null @@ -1,81 +0,0 @@ - - - - SSL stream peer. - - - SSL stream peer. This object can be used to connect to an SSL server or accept a single SSL client connection. - [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. - - - $DOCS_URL/tutorials/networking/ssl_certificates.html - - - - - - - - - - Accepts a peer connection as a server using the given [param private_key] and providing the given [param certificate] to the client. You can pass the optional [param chain] parameter to provide additional CA chain information along with the certificate. - - - - - - - - - - Connects to a peer using an underlying [StreamPeer] [param stream]. If [param validate_certs] is [code]true[/code], [StreamPeerSSL] will validate that the certificate presented by the peer matches the [param for_hostname]. - [b]Note:[/b] Specifying a custom [param valid_certificate] is not supported in Web exports due to browsers restrictions. - - - - - - Disconnects from host. - - - - - - Returns the status of the connection. See [enum Status] for values. - - - - - - Returns the underlying [StreamPeer] connection, used in [method accept_stream] or [method connect_to_stream]. - - - - - - Poll the connection to check for incoming bytes. Call this right before [method StreamPeer.get_available_bytes] for it to work properly. - - - - - - - - - - A status representing a [StreamPeerSSL] that is disconnected. - - - A status representing a [StreamPeerSSL] during handshaking. - - - A status representing a [StreamPeerSSL] that is connected to a host. - - - A status representing a [StreamPeerSSL] in error state. - - - An error status that shows a mismatch in the SSL certificate domain presented by the host and the domain requested for validation. - - - diff --git a/doc/classes/StreamPeerTLS.xml b/doc/classes/StreamPeerTLS.xml new file mode 100644 index 0000000000..f26c635aaa --- /dev/null +++ b/doc/classes/StreamPeerTLS.xml @@ -0,0 +1,81 @@ + + + + SSL stream peer. + + + SSL stream peer. This object can be used to connect to an SSL server or accept a single SSL client connection. + [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. + + + $DOCS_URL/tutorials/networking/ssl_certificates.html + + + + + + + + + + Accepts a peer connection as a server using the given [param private_key] and providing the given [param certificate] to the client. You can pass the optional [param chain] parameter to provide additional CA chain information along with the certificate. + + + + + + + + + + Connects to a peer using an underlying [StreamPeer] [param stream]. If [param validate_certs] is [code]true[/code], [StreamPeerTLS] will validate that the certificate presented by the peer matches the [param for_hostname]. + [b]Note:[/b] Specifying a custom [param valid_certificate] is not supported in Web exports due to browsers restrictions. + + + + + + Disconnects from host. + + + + + + Returns the status of the connection. See [enum Status] for values. + + + + + + Returns the underlying [StreamPeer] connection, used in [method accept_stream] or [method connect_to_stream]. + + + + + + Poll the connection to check for incoming bytes. Call this right before [method StreamPeer.get_available_bytes] for it to work properly. + + + + + + + + + + A status representing a [StreamPeerTLS] that is disconnected. + + + A status representing a [StreamPeerTLS] during handshaking. + + + A status representing a [StreamPeerTLS] that is connected to a host. + + + A status representing a [StreamPeerTLS] in error state. + + + An error status that shows a mismatch in the SSL certificate domain presented by the host and the domain requested for validation. + + + diff --git a/doc/classes/X509Certificate.xml b/doc/classes/X509Certificate.xml index d8f54d0ec5..94784583ad 100644 --- a/doc/classes/X509Certificate.xml +++ b/doc/classes/X509Certificate.xml @@ -5,7 +5,7 @@ The X509Certificate class represents an X509 certificate. Certificates can be loaded and saved like any other [Resource]. - They can be used as the server certificate in [method StreamPeerSSL.accept_stream] (along with the proper [CryptoKey]), and to specify the only certificate that should be accepted when connecting to an SSL server via [method StreamPeerSSL.connect_to_stream]. + They can be used as the server certificate in [method StreamPeerTLS.accept_stream] (along with the proper [CryptoKey]), and to specify the only certificate that should be accepted when connecting to an SSL server via [method StreamPeerTLS.connect_to_stream]. diff --git a/editor/editor_node.cpp b/editor/editor_node.cpp index 7a7576b241..2c96b6209f 100644 --- a/editor/editor_node.cpp +++ b/editor/editor_node.cpp @@ -37,7 +37,7 @@ #include "core/io/image_loader.h" #include "core/io/resource_loader.h" #include "core/io/resource_saver.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/object/class_db.h" #include "core/object/message_queue.h" #include "core/os/keyboard.h" diff --git a/editor/plugins/asset_library_editor_plugin.cpp b/editor/plugins/asset_library_editor_plugin.cpp index 6bc443039f..f7e5d81e5d 100644 --- a/editor/plugins/asset_library_editor_plugin.cpp +++ b/editor/plugins/asset_library_editor_plugin.cpp @@ -32,7 +32,7 @@ #include "core/input/input.h" #include "core/io/json.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/os/keyboard.h" #include "core/version.h" #include "editor/editor_file_dialog.h" @@ -1602,7 +1602,7 @@ bool AssetLibraryEditorPlugin::is_available() { // directly from GitHub which does not set CORS. return false; #else - return StreamPeerSSL::is_available(); + return StreamPeerTLS::is_available(); #endif } diff --git a/editor/project_converter_3_to_4.cpp b/editor/project_converter_3_to_4.cpp index 367764120f..c6b13fc410 100644 --- a/editor/project_converter_3_to_4.cpp +++ b/editor/project_converter_3_to_4.cpp @@ -1466,6 +1466,7 @@ static const char *class_renames[][2] = { { "StreamCubemap", "CompressedCubemap" }, { "StreamCubemapArray", "CompressedCubemapArray" }, { "StreamPeerGDNative", "StreamPeerExtension" }, + { "StreamPeerSSL", "StreamPeerTLS" }, { "StreamTexture", "CompressedTexture2D" }, { "StreamTexture2D", "CompressedTexture2D" }, { "StreamTexture2DArray", "CompressedTexture2DArray" }, diff --git a/editor/project_manager.cpp b/editor/project_manager.cpp index a5f6d3f142..d75f01e60b 100644 --- a/editor/project_manager.cpp +++ b/editor/project_manager.cpp @@ -35,7 +35,7 @@ #include "core/io/dir_access.h" #include "core/io/file_access.h" #include "core/io/resource_saver.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/io/zip_io.h" #include "core/os/keyboard.h" #include "core/os/os.h" diff --git a/modules/mbedtls/packet_peer_mbed_dtls.cpp b/modules/mbedtls/packet_peer_mbed_dtls.cpp index 1296a4587c..78a06ff4a1 100644 --- a/modules/mbedtls/packet_peer_mbed_dtls.cpp +++ b/modules/mbedtls/packet_peer_mbed_dtls.cpp @@ -32,7 +32,7 @@ #include "mbedtls/platform_util.h" #include "core/io/file_access.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" int PacketPeerMbedDTLS::bio_send(void *ctx, const unsigned char *buf, size_t len) { if (buf == nullptr || len == 0) { diff --git a/modules/mbedtls/stream_peer_mbedtls.cpp b/modules/mbedtls/stream_peer_mbedtls.cpp index 92590fbcf6..0bf4ca7032 100644 --- a/modules/mbedtls/stream_peer_mbedtls.cpp +++ b/modules/mbedtls/stream_peer_mbedtls.cpp @@ -302,7 +302,7 @@ Ref StreamPeerMbedTLS::get_stream() const { return base; } -StreamPeerSSL *StreamPeerMbedTLS::_create_func() { +StreamPeerTLS *StreamPeerMbedTLS::_create_func() { return memnew(StreamPeerMbedTLS); } diff --git a/modules/mbedtls/stream_peer_mbedtls.h b/modules/mbedtls/stream_peer_mbedtls.h index 68b07feea9..12d06d05ed 100644 --- a/modules/mbedtls/stream_peer_mbedtls.h +++ b/modules/mbedtls/stream_peer_mbedtls.h @@ -31,17 +31,17 @@ #ifndef STREAM_PEER_MBEDTLS_H #define STREAM_PEER_MBEDTLS_H -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "ssl_context_mbedtls.h" -class StreamPeerMbedTLS : public StreamPeerSSL { +class StreamPeerMbedTLS : public StreamPeerTLS { private: Status status = STATUS_DISCONNECTED; String hostname; Ref base; - static StreamPeerSSL *_create_func(); + static StreamPeerTLS *_create_func(); static int bio_recv(void *ctx, unsigned char *buf, size_t len); static int bio_send(void *ctx, const unsigned char *buf, size_t len); diff --git a/modules/websocket/wsl_client.cpp b/modules/websocket/wsl_client.cpp index 2bb57226ea..290108706b 100644 --- a/modules/websocket/wsl_client.cpp +++ b/modules/websocket/wsl_client.cpp @@ -288,11 +288,11 @@ void WSLClient::poll() { break; case StreamPeerTCP::STATUS_CONNECTED: { _ip_candidates.clear(); - Ref ssl; + Ref ssl; if (_use_ssl) { if (_connection == _tcp) { // Start SSL handshake - ssl = Ref(StreamPeerSSL::create()); + ssl = Ref(StreamPeerTLS::create()); ERR_FAIL_COND_MSG(ssl.is_null(), "SSL is not available in this build."); ssl->set_blocking_handshake_enabled(false); if (ssl->connect_to_stream(_tcp, verify_ssl, _host, ssl_cert) != OK) { @@ -302,13 +302,13 @@ void WSLClient::poll() { } _connection = ssl; } else { - ssl = static_cast>(_connection); + ssl = static_cast>(_connection); ERR_FAIL_COND(ssl.is_null()); // Bug? ssl->poll(); } - if (ssl->get_status() == StreamPeerSSL::STATUS_HANDSHAKING) { + if (ssl->get_status() == StreamPeerTLS::STATUS_HANDSHAKING) { return; // Need more polling. - } else if (ssl->get_status() != StreamPeerSSL::STATUS_CONNECTED) { + } else if (ssl->get_status() != StreamPeerTLS::STATUS_CONNECTED) { disconnect_from_host(); _on_error(); return; // Error. diff --git a/modules/websocket/wsl_client.h b/modules/websocket/wsl_client.h index 5d90bc4034..dc4397f04a 100644 --- a/modules/websocket/wsl_client.h +++ b/modules/websocket/wsl_client.h @@ -34,8 +34,8 @@ #ifndef WEB_ENABLED #include "core/error/error_list.h" -#include "core/io/stream_peer_ssl.h" #include "core/io/stream_peer_tcp.h" +#include "core/io/stream_peer_tls.h" #include "websocket_client.h" #include "wsl_peer.h" #include "wslay/wslay.h" diff --git a/modules/websocket/wsl_server.cpp b/modules/websocket/wsl_server.cpp index 7457ac7087..ddef360cf5 100644 --- a/modules/websocket/wsl_server.cpp +++ b/modules/websocket/wsl_server.cpp @@ -103,15 +103,15 @@ Error WSLServer::PendingPeer::do_handshake(const Vector p_protocols, uin } if (use_ssl) { - Ref ssl = static_cast>(connection); + Ref ssl = static_cast>(connection); if (ssl.is_null()) { - ERR_FAIL_V_MSG(ERR_BUG, "Couldn't get StreamPeerSSL for WebSocket handshake."); + ERR_FAIL_V_MSG(ERR_BUG, "Couldn't get StreamPeerTLS for WebSocket handshake."); } ssl->poll(); - if (ssl->get_status() == StreamPeerSSL::STATUS_HANDSHAKING) { + if (ssl->get_status() == StreamPeerTLS::STATUS_HANDSHAKING) { return ERR_BUSY; - } else if (ssl->get_status() != StreamPeerSSL::STATUS_CONNECTED) { - print_verbose(vformat("WebSocket SSL connection error during handshake (StreamPeerSSL status code %d).", ssl->get_status())); + } else if (ssl->get_status() != StreamPeerTLS::STATUS_CONNECTED) { + print_verbose(vformat("WebSocket SSL connection error during handshake (StreamPeerTLS status code %d).", ssl->get_status())); return FAILED; } } @@ -248,7 +248,7 @@ void WSLServer::poll() { Ref peer = memnew(PendingPeer); if (private_key.is_valid() && ssl_cert.is_valid()) { - Ref ssl = Ref(StreamPeerSSL::create()); + Ref ssl = Ref(StreamPeerTLS::create()); ssl->set_blocking_handshake_enabled(false); ssl->accept_stream(conn, private_key, ssl_cert, ca_chain); peer->connection = ssl; diff --git a/modules/websocket/wsl_server.h b/modules/websocket/wsl_server.h index b0b7a6a5c9..ce91cfe888 100644 --- a/modules/websocket/wsl_server.h +++ b/modules/websocket/wsl_server.h @@ -36,8 +36,8 @@ #include "websocket_server.h" #include "wsl_peer.h" -#include "core/io/stream_peer_ssl.h" #include "core/io/stream_peer_tcp.h" +#include "core/io/stream_peer_tls.h" #include "core/io/tcp_server.h" class WSLServer : public WebSocketServer { diff --git a/platform/web/export/editor_http_server.h b/platform/web/export/editor_http_server.h index 38b9a66d7e..d0e23b1a77 100644 --- a/platform/web/export/editor_http_server.h +++ b/platform/web/export/editor_http_server.h @@ -32,7 +32,7 @@ #define WEB_EDITOR_HTTP_SERVER_H #include "core/io/image_loader.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/io/tcp_server.h" #include "core/io/zip_io.h" #include "editor/editor_paths.h" @@ -42,7 +42,7 @@ private: Ref server; HashMap mimes; Ref tcp; - Ref ssl; + Ref ssl; Ref peer; Ref key; Ref cert; @@ -53,7 +53,7 @@ private: void _clear_client() { peer = Ref(); - ssl = Ref(); + ssl = Ref(); tcp = Ref(); memset(req_buf, 0, sizeof(req_buf)); time = 0; @@ -203,7 +203,7 @@ public: if (use_ssl) { if (ssl.is_null()) { - ssl = Ref(StreamPeerSSL::create()); + ssl = Ref(StreamPeerTLS::create()); peer = ssl; ssl->set_blocking_handshake_enabled(false); if (ssl->accept_stream(tcp, key, cert) != OK) { @@ -212,11 +212,11 @@ public: } } ssl->poll(); - if (ssl->get_status() == StreamPeerSSL::STATUS_HANDSHAKING) { + if (ssl->get_status() == StreamPeerTLS::STATUS_HANDSHAKING) { // Still handshaking, keep waiting. return; } - if (ssl->get_status() != StreamPeerSSL::STATUS_CONNECTED) { + if (ssl->get_status() != StreamPeerTLS::STATUS_CONNECTED) { _clear_client(); return; } diff --git a/platform/web/export/export_plugin.h b/platform/web/export/export_plugin.h index 5b7ce5f708..f11e38df09 100644 --- a/platform/web/export/export_plugin.h +++ b/platform/web/export/export_plugin.h @@ -33,7 +33,7 @@ #include "core/config/project_settings.h" #include "core/io/image_loader.h" -#include "core/io/stream_peer_ssl.h" +#include "core/io/stream_peer_tls.h" #include "core/io/tcp_server.h" #include "core/io/zip_io.h" #include "editor/editor_node.h" -- cgit v1.2.3