diff options
author | Liang Qi <liang.qi@qt.io> | 2017-06-07 12:05:33 +0200 |
---|---|---|
committer | Liang Qi <liang.qi@qt.io> | 2017-06-07 14:02:43 +0200 |
commit | 7cbee5629604aa49c618829c8e3e55fc64e94df7 (patch) | |
tree | d12041105160c1cb21226b365edb9653d87b5853 /src/network | |
parent | e400b7e326c554ccd819448866265953d2a0f24d (diff) | |
parent | 5f0ce2333f7e11a3ffb5d16a27cd9303efa712d5 (diff) |
Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
src/widgets/widgets/qmenu.cpp
Change-Id: I6d3baf56eb24501cddb129a3cb6b958ccc25a308
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/socket/qnativesocketengine_winrt.cpp | 37 | ||||
-rw-r--r-- | src/network/socket/qnativesocketengine_winrt_p.h | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 5 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 27 |
4 files changed, 38 insertions, 34 deletions
diff --git a/src/network/socket/qnativesocketengine_winrt.cpp b/src/network/socket/qnativesocketengine_winrt.cpp index 0625ea65da..38c2b6e8c0 100644 --- a/src/network/socket/qnativesocketengine_winrt.cpp +++ b/src/network/socket/qnativesocketengine_winrt.cpp @@ -1250,20 +1250,22 @@ void QNativeSocketEngine::handleConnectOpFinished(bool success, QAbstractSocket: void QNativeSocketEngine::handleNewDatagrams(const QList<WinRtDatagram> &datagrams) { Q_D(QNativeSocketEngine); - // Defer putting the datagrams into the list until the next event loop iteration - // (where the readyRead signal is emitted as well) - QMetaObject::invokeMethod(this, "putIntoPendingDatagramsList", Qt::QueuedConnection, - Q_ARG(QList<WinRtDatagram>, datagrams)); + QMutexLocker locker(&d->readMutex); + d->pendingDatagrams.append(datagrams); if (d->notifyOnRead) emit readReady(); } void QNativeSocketEngine::handleNewData(const QVector<QByteArray> &data) { - // Defer putting the data into the list until the next event loop iteration - // (where the readyRead signal is emitted as well) - QMetaObject::invokeMethod(this, "putIntoPendingData", Qt::QueuedConnection, - Q_ARG(QVector<QByteArray>, data)); + Q_D(QNativeSocketEngine); + QMutexLocker locker(&d->readMutex); + d->pendingData.append(data); + for (const QByteArray &newData : data) + d->bytesAvailable += newData.length(); + locker.unlock(); + if (d->notifyOnRead) + readNotification(); } void QNativeSocketEngine::handleTcpError(QAbstractSocket::SocketError error) @@ -1284,25 +1286,6 @@ void QNativeSocketEngine::handleTcpError(QAbstractSocket::SocketError error) emit readReady(); } -void QNativeSocketEngine::putIntoPendingDatagramsList(const QList<WinRtDatagram> &datagrams) -{ - Q_D(QNativeSocketEngine); - QMutexLocker locker(&d->readMutex); - d->pendingDatagrams.append(datagrams); -} - -void QNativeSocketEngine::putIntoPendingData(const QVector<QByteArray> &data) -{ - Q_D(QNativeSocketEngine); - QMutexLocker locker(&d->readMutex); - d->pendingData.append(data); - for (const QByteArray &newData : data) - d->bytesAvailable += newData.length(); - locker.unlock(); - if (d->notifyOnRead) - readNotification(); -} - bool QNativeSocketEnginePrivate::createNewSocket(QAbstractSocket::SocketType socketType, QAbstractSocket::NetworkLayerProtocol &socketProtocol) { Q_UNUSED(socketProtocol); diff --git a/src/network/socket/qnativesocketengine_winrt_p.h b/src/network/socket/qnativesocketengine_winrt_p.h index 6528c6d627..13922cb397 100644 --- a/src/network/socket/qnativesocketengine_winrt_p.h +++ b/src/network/socket/qnativesocketengine_winrt_p.h @@ -183,9 +183,6 @@ private slots: void handleTcpError(QAbstractSocket::SocketError error); private: - Q_INVOKABLE void putIntoPendingDatagramsList(const QList<WinRtDatagram> &datagrams); - Q_INVOKABLE void putIntoPendingData(const QVector<QByteArray> &data); - Q_DECLARE_PRIVATE(QNativeSocketEngine) Q_DISABLE_COPY(QNativeSocketEngine) }; diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index ce78399e01..6433b84e80 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -143,7 +143,7 @@ QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) : d(new QSslCertificatePrivate) { QSslSocketPrivate::ensureInitialized(); - if (device) + if (device && QSslSocket::supportsSsl()) d->init(device->readAll(), format); } @@ -157,7 +157,8 @@ QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat fo : d(new QSslCertificatePrivate) { QSslSocketPrivate::ensureInitialized(); - d->init(data, format); + if (QSslSocket::supportsSsl()) + d->init(data, format); } /*! diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index 0456b7cdc7..0a9588deea 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -1226,9 +1226,32 @@ bool QSslSocketBackendPrivate::verifyPeerTrust() QCFType<SecCertificateRef> certRef = SecCertificateCreateWithData(NULL, certData); CFArrayAppendValue(certArray, certRef); } + SecTrustSetAnchorCertificates(trust, certArray); - // Secure Transport should use anchors only from our QSslConfiguration: - SecTrustSetAnchorCertificatesOnly(trust, true); + + // By default SecTrustEvaluate uses both CA certificates provided in + // QSslConfiguration and the ones from the system database. This behavior can + // be unexpected if a user's code tries to limit the trusted CAs to those + // explicitly set in QSslConfiguration. + // Since on macOS we initialize the default QSslConfiguration copying the + // system CA certificates (using SecTrustSettingsCopyCertificates) we can + // call SecTrustSetAnchorCertificatesOnly(trust, true) to force SecTrustEvaluate + // to use anchors only from our QSslConfiguration. + // Unfortunately, SecTrustSettingsCopyCertificates is not available on iOS + // and the default QSslConfiguration always has an empty list of system CA + // certificates. This leaves no way to provide client code with access to the + // actual system CA certificate list (which most use-cases need) other than + // by letting SecTrustEvaluate fall through to the system list; so, in this case + // (even though the client code may have provided its own certs), we retain + // the default behavior. + +#ifdef Q_OS_MACOS + const bool anchorsFromConfigurationOnly = true; +#else + const bool anchorsFromConfigurationOnly = false; +#endif + + SecTrustSetAnchorCertificatesOnly(trust, anchorsFromConfigurationOnly); SecTrustResultType trustResult = kSecTrustResultInvalid; SecTrustEvaluate(trust, &trustResult); |