diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-06-22 11:49:27 +0200 |
---|---|---|
committer | Edward Welbourne <edward.welbourne@qt.io> | 2018-07-05 13:39:46 +0000 |
commit | 5bd9f983421cdf21f0abb47f957adf9cfd30d966 (patch) | |
tree | ae74525e680577913d2a299300c7c41a0e6bb475 | |
parent | 2afa6e5f947e2d497e9c46bbe23c062b622cee64 (diff) |
QDtls - handle server-side timeouts
According to RFC 6347 a DTLS server also must retransmit buffered message(s)
if timeouts happen during the handshake phase (so it's not a client only as
I initially understood it).
Conveniently so an auto-test is already in place and needs just a tiny
adjustment - handshakeWithRetransmission covers both sides.
Change-Id: If914ec3052e28ef5bf12a40e5eede45bbc53e8e0
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
-rw-r--r-- | src/network/ssl/qdtls.cpp | 6 | ||||
-rw-r--r-- | src/network/ssl/qdtls_openssl.cpp | 19 | ||||
-rw-r--r-- | tests/auto/network/ssl/qdtls/tst_qdtls.cpp | 7 |
3 files changed, 15 insertions, 17 deletions
diff --git a/src/network/ssl/qdtls.cpp b/src/network/ssl/qdtls.cpp index 0f46f7f73e..0b31da3d74 100644 --- a/src/network/ssl/qdtls.cpp +++ b/src/network/ssl/qdtls.cpp @@ -398,12 +398,6 @@ bool QDtls::handleTimeout(QUdpSocket *socket) return false; } - if (sslMode() == QSslSocket::SslServerMode) { - d->setDtlsError(QDtlsError::InvalidOperation, - tr("DTLS server connection does not have/handle timeouts")); - return false; - } - return d->handleTimeout(socket); } diff --git a/src/network/ssl/qdtls_openssl.cpp b/src/network/ssl/qdtls_openssl.cpp index cba8e210cc..90457c3724 100644 --- a/src/network/ssl/qdtls_openssl.cpp +++ b/src/network/ssl/qdtls_openssl.cpp @@ -1020,17 +1020,16 @@ bool QDtlsPrivateOpenSSL::continueHandshake(QUdpSocket *socket, const QByteArray // SSL_get_state can provide more information about state // machine and we can switch to NotStarted (since we have not // replied with our hello ...) - if (mode == QSslSocket::SslClientMode) { - if (!timeoutHandler.data()) { - timeoutHandler.reset(new TimeoutHandler); - timeoutHandler->dtlsConnection = this; - } else { - // Back to 1s. - timeoutHandler->resetTimeout(); - } - - timeoutHandler->start(); + if (!timeoutHandler.data()) { + timeoutHandler.reset(new TimeoutHandler); + timeoutHandler->dtlsConnection = this; + } else { + // Back to 1s. + timeoutHandler->resetTimeout(); } + + timeoutHandler->start(); + return true; // The handshake is not yet complete. default: storePeerCertificates(); diff --git a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp index de575e0bf0..7df7ed91dc 100644 --- a/tests/auto/network/ssl/qdtls/tst_qdtls.cpp +++ b/tests/auto/network/ssl/qdtls/tst_qdtls.cpp @@ -217,6 +217,8 @@ void tst_QDtls::init() connect(clientCrypto.data(), &QDtls::handshakeTimeout, this, &tst_QDtls::handleHandshakeTimeout); + connect(serverCrypto.data(), &QDtls::handshakeTimeout, + this, &tst_QDtls::handleHandshakeTimeout); } void tst_QDtls::construction_data() @@ -1209,7 +1211,10 @@ void tst_QDtls::pskRequested(QSslPreSharedKeyAuthenticator *auth) void tst_QDtls::handleHandshakeTimeout() { - if (!clientCrypto->handleTimeout(&clientSocket)) + auto crypto = qobject_cast<QDtls *>(sender()); + Q_ASSERT(crypto); + + if (!crypto->handleTimeout(&clientSocket)) testLoop.exitLoop(); } |