QAbstractSocket / QSslSocket: add API to pause and resume

pause and resume is currently only supported upon emitting the QSslSocket::sslErrors() signal. The API was added in QAbstractSocket to also support QAbstractSocket::proxyAuthenticationRequired() in the future. This is the first patch to support that feature on the socket level, another patch will follow to support sslErrors() and authenticationRequired() in QNetworkAccessManager / QNetworkReply. Task-number: QTBUG-19032 Change-Id: Ide2918268590ab9a01454ab26cb7fdca3dc840ab Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
author: Peter Hartmann <peter.hartmann@nokia.com> 2012-01-20 13:55:15 +0100
committer: Qt by Nokia <qt-info@nokia.com> 2012-01-25 19:35:05 +0100
commit: 07662f93ac700d18bf2c7f5e3df1fa310327130d (patch)
tree: 8a1a81ab5d9e905b3e09f83673777fb8b4b1e978 /src/network/ssl
parent: 0da4451b783b02d6df464fba9f0c34828df1ac06 (diff)
5 files changed, 111 insertions, 32 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index 77eab192df..7240444572 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -356,6 +356,24 @@ QSslSocket::~QSslSocket()
 }
 
 /*!
+    \reimp
+
+    \since 5.0
+
+    Continues data transfer on the socket after it has been paused. If
+    "setPauseMode(QAbstractSocket::PauseOnNotify);" has been called on
+    this socket and a sslErrors() signal is received, calling this method
+    is necessary for the socket to continue.
+
+    \sa QAbstractSocket::pauseMode(), QAbstractSocket::setPauseMode()
+*/
+void QSslSocket::resume()
+{
+    // continuing might emit signals, rather do this through the event loop
+    QMetaObject::invokeMethod(this, "_q_resumeImplementation", Qt::QueuedConnection);
+}
+
+/*!
     Starts an encrypted connection to the device \a hostName on \a
     port, using \a mode as the \l OpenMode. This is equivalent to
     calling connectToHost() to establish the connection, followed by a
@@ -1860,6 +1878,7 @@ QSslSocketPrivate::QSslSocketPrivate()
     , readyReadEmittedPointer(0)
     , allowRootCertOnDemandLoading(true)
     , plainSocket(0)
+    , paused(false)
 {
     QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);
 }
@@ -2114,6 +2133,11 @@ void QSslSocketPrivate::resumeSocketNotifiers(QSslSocket *socket)
     QAbstractSocketPrivate::resumeSocketNotifiers(socket->d_func()->plainSocket);
 }
 
+bool QSslSocketPrivate::isPaused() const
+{
+    return paused;
+}
+
 /*!
     \internal
 */
@@ -2260,6 +2284,55 @@ void QSslSocketPrivate::_q_flushReadBuffer()
 /*!
     \internal
 */
+void QSslSocketPrivate::_q_resumeImplementation()
+{
+    Q_Q(QSslSocket);
+    if (plainSocket)
+        plainSocket->resume();
+    paused = false;
+    if (!connectionEncrypted) {
+        if (verifyErrorsHaveBeenIgnored()) {
+            continueHandshake();
+        } else {
+            q->setErrorString(sslErrors.first().errorString());
+            q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
+            emit q->error(QAbstractSocket::SslHandshakeFailedError);
+            plainSocket->disconnectFromHost();
+            return;
+        }
+    }
+    transmit();
+}
+
+/*!
+    \internal
+*/
+bool QSslSocketPrivate::verifyErrorsHaveBeenIgnored()
+{
+    bool doEmitSslError;
+    if (!ignoreErrorsList.empty()) {
+        // check whether the errors we got are all in the list of expected errors
+        // (applies only if the method QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
+        // was called)
+        doEmitSslError = false;
+        for (int a = 0; a < sslErrors.count(); a++) {
+            if (!ignoreErrorsList.contains(sslErrors.at(a))) {
+                doEmitSslError = true;
+                break;
+            }
+        }
+    } else {
+        // if QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) was not called and
+        // we get an SSL error, emit a signal unless we ignored all errors (by calling
+        // QSslSocket::ignoreSslErrors() )
+        doEmitSslError = !ignoreAllSslErrors;
+    }
+    return !doEmitSslError;
+}
+
+/*!
+    \internal
+*/
 QList<QByteArray> QSslSocketPrivate::unixRootCertDirectories()
 {
     return QList<QByteArray>() <<  "/etc/ssl/certs/" // (K)ubuntu, OpenSUSE, Mandriva, MeeGo ...
diff --git a/src/network/ssl/qsslsocket.h b/src/network/ssl/qsslsocket.h
index cdd1e10217..27cdbdeb5a 100644
--- a/src/network/ssl/qsslsocket.h
+++ b/src/network/ssl/qsslsocket.h
@@ -82,6 +82,7 @@ public:
 
     QSslSocket(QObject *parent = 0);
     ~QSslSocket();
+    void resume(); // to continue after proxy authentication required, SSL errors etc.
 
     // Autostarting the SSL client handshake.
     void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol);
@@ -211,6 +212,7 @@ private:
     Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64))
     Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer())
     Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer())
+    Q_PRIVATE_SLOT(d_func(), void _q_resumeImplementation())
     friend class QSslSocketBackendPrivate;
 };
 
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 48b59057ab..f262c0179f 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -295,6 +295,7 @@ bool QSslSocketBackendPrivate::initSslContext()
     bool client = (mode == QSslSocket::SslClientMode);
 
     bool reinitialized = false;
+
 init_context:
     switch (configuration.protocol) {
     case QSsl::SslV2:
@@ -950,6 +951,9 @@ void QSslSocketBackendPrivate::transmit()
                 qDebug() << "QSslSocketBackendPrivate::transmit: connection lost";
 #endif
                 break;
+            } else if (paused) {
+                // just wait until the user continues
+                return;
             } else {
 #ifdef QSSLSOCKET_DEBUG
                 qDebug() << "QSslSocketBackendPrivate::transmit: encryption not done yet";
@@ -1188,46 +1192,25 @@ bool QSslSocketBackendPrivate::startHandshake()
         sslErrors = errors;
         emit q->sslErrors(errors);
 
-        bool doEmitSslError;
-        if (!ignoreErrorsList.empty()) {
-            // check whether the errors we got are all in the list of expected errors
-            // (applies only if the method QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
-            // was called)
-            doEmitSslError = false;
-            for (int a = 0; a < errors.count(); a++) {
-                if (!ignoreErrorsList.contains(errors.at(a))) {
-                    doEmitSslError = true;
-                    break;
-                }
-            }
-        } else {
-            // if QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) was not called and
-            // we get an SSL error, emit a signal unless we ignored all errors (by calling
-            // QSslSocket::ignoreSslErrors() )
-            doEmitSslError = !ignoreAllSslErrors;
-        }
+        bool doEmitSslError = !verifyErrorsHaveBeenIgnored();
         // check whether we need to emit an SSL handshake error
         if (doVerifyPeer && doEmitSslError) {
-            q->setErrorString(sslErrors.first().errorString());
-            q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
-            emit q->error(QAbstractSocket::SslHandshakeFailedError);
-            plainSocket->disconnectFromHost();
+            if (q->pauseMode() == QAbstractSocket::PauseOnNotify) {
+                pauseSocketNotifiers(q);
+                paused = true;
+            } else {
+                q->setErrorString(sslErrors.first().errorString());
+                q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
+                emit q->error(QAbstractSocket::SslHandshakeFailedError);
+                plainSocket->disconnectFromHost();
+            }
             return false;
         }
     } else {
         sslErrors.clear();
     }
 
-    // if we have a max read buffer size, reset the plain socket's to 1k
-    if (readBufferMaxSize)
-        plainSocket->setReadBufferSize(1024);
-
-    connectionEncrypted = true;
-    emit q->encrypted();
-    if (autoStartHandshake && pendingClose) {
-        pendingClose = false;
-        q->disconnectFromHost();
-    }
+    continueHandshake();
     return true;
 }
 
@@ -1271,6 +1254,21 @@ QSslCipher QSslSocketBackendPrivate::sessionCipher() const
     return sessionCipher ? QSslCipher_from_SSL_CIPHER(sessionCipher) : QSslCipher();
 }
 
+void QSslSocketBackendPrivate::continueHandshake()
+{
+    Q_Q(QSslSocket);
+    // if we have a max read buffer size, reset the plain socket's to match
+    if (readBufferMaxSize)
+        plainSocket->setReadBufferSize(readBufferMaxSize);
+
+    connectionEncrypted = true;
+    emit q->encrypted();
+    if (autoStartHandshake && pendingClose) {
+        pendingClose = false;
+        q->disconnectFromHost();
+    }
+}
+
 QList<QSslCertificate> QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(STACK_OF(X509) *x509)
 {
     ensureInitialized();
diff --git a/src/network/ssl/qsslsocket_openssl_p.h b/src/network/ssl/qsslsocket_openssl_p.h
index 78d385a244..f44ff82209 100644
--- a/src/network/ssl/qsslsocket_openssl_p.h
+++ b/src/network/ssl/qsslsocket_openssl_p.h
@@ -115,6 +115,7 @@ public:
     void disconnectFromHost();
     void disconnected();
     QSslCipher sessionCipher() const;
+    void continueHandshake();
 
     Q_AUTOTEST_EXPORT static long setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions);
     static QSslCipher QSslCipher_from_SSL_CIPHER(SSL_CIPHER *cipher);
diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h
index c9be2cdd97..f424f29dba 100644
--- a/src/network/ssl/qsslsocket_p.h
+++ b/src/network/ssl/qsslsocket_p.h
@@ -149,6 +149,7 @@ public:
     void createPlainSocket(QIODevice::OpenMode openMode);
     static void pauseSocketNotifiers(QSslSocket*);
     static void resumeSocketNotifiers(QSslSocket*);
+    bool isPaused() const;
     void _q_connectedSlot();
     void _q_hostFoundSlot();
     void _q_disconnectedSlot();
@@ -158,6 +159,7 @@ public:
     void _q_bytesWrittenSlot(qint64);
     void _q_flushWriteBuffer();
     void _q_flushReadBuffer();
+    void _q_resumeImplementation();
 
     // Platform specific functions
     virtual void startClientEncryption() = 0;
@@ -166,6 +168,7 @@ public:
     virtual void disconnectFromHost() = 0;
     virtual void disconnected() = 0;
     virtual QSslCipher sessionCipher() const = 0;
+    virtual void continueHandshake() = 0;
 
 private:
     static bool ensureLibraryLoaded();
@@ -174,8 +177,10 @@ private:
     static bool s_libraryLoaded;
     static bool s_loadedCiphersAndCerts;
 protected:
+    bool verifyErrorsHaveBeenIgnored();
     static bool s_loadRootCertsOnDemand;
     static QList<QByteArray> unixRootCertDirectories();
+    bool paused;
 };
 
 QT_END_NAMESPACE
author	Peter Hartmann <peter.hartmann@nokia.com>	2012-01-20 13:55:15 +0100
committer	Qt by Nokia <qt-info@nokia.com>	2012-01-25 19:35:05 +0100
commit	07662f93ac700d18bf2c7f5e3df1fa310327130d (patch)
tree	8a1a81ab5d9e905b3e09f83673777fb8b4b1e978 /src/network/ssl
parent	0da4451b783b02d6df464fba9f0c34828df1ac06 (diff)