diff options
author | Kai Koehne <kai.koehne@theqtcompany.com> | 2014-12-08 13:35:47 +0100 |
---|---|---|
committer | Kai Koehne <kai.koehne@theqtcompany.com> | 2014-12-10 11:07:46 +0100 |
commit | f17d7a124f0fa817a7e1a2dda6f48098432c0dc0 (patch) | |
tree | ac5b4e3713af87a82add0cebc5a6628997435ed2 /src | |
parent | 7d2357b0a8911191451fd89279ba30e5fd6ccb84 (diff) |
Use categorized logging for ssl code
Place all debug output into the 'qt.network.ssl' category.
This allows people to disable certain warnings at runtime.
Task-number: QTBUG-43173
Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1
Reviewed-by: Richard J. Moore <rich@kde.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/network/ssl/qssl.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qssl_p.h | 58 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate_openssl.cpp | 9 | ||||
-rw-r--r-- | src/network/ssl/qsslcertificate_qt.cpp | 7 | ||||
-rw-r--r-- | src/network/ssl/qsslconfiguration.cpp | 4 | ||||
-rw-r--r-- | src/network/ssl/qsslcontext_openssl.cpp | 11 | ||||
-rw-r--r-- | src/network/ssl/qsslkey_winrt.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 73 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 91 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols.cpp | 17 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_winrt.cpp | 11 | ||||
-rw-r--r-- | src/network/ssl/ssl.pri | 1 |
13 files changed, 185 insertions, 106 deletions
diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp index 740131797c..98be348e19 100644 --- a/src/network/ssl/qssl.cpp +++ b/src/network/ssl/qssl.cpp @@ -33,9 +33,12 @@ #include "qsslkey.h" +#include "qssl_p.h" QT_BEGIN_NAMESPACE +Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); + /*! \namespace QSsl \brief The QSsl namespace declares enums common to all SSL classes in Qt Network. diff --git a/src/network/ssl/qssl_p.h b/src/network/ssl/qssl_p.h new file mode 100644 index 0000000000..91bd8c8e6f --- /dev/null +++ b/src/network/ssl/qssl_p.h @@ -0,0 +1,58 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL21$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 or version 3 as published by the Free +** Software Foundation and appearing in the file LICENSE.LGPLv21 and +** LICENSE.LGPLv3 included in the packaging of this file. Please review the +** following information to ensure the GNU Lesser General Public License +** requirements will be met: https://www.gnu.org/licenses/lgpl.html and +** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + + +#ifndef QSSL_P_H +#define QSSL_P_H + + +// +// W A R N I N G +// ------------- +// +// This file is not part of the Qt API. It exists for the convenience +// of qsslcertificate.cpp. This header file may change from version to version +// without notice, or even be removed. +// +// We mean it. +// + +#include <QtCore/QLoggingCategory> + +QT_BEGIN_NAMESPACE + +Q_DECLARE_LOGGING_CATEGORY(lcSsl) + +QT_END_NAMESPACE + +#endif // QSSL_P_H diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 125a7a0250..c34d16a37a 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -112,6 +112,7 @@ #include "qsslsocket_winrt_p.h" #endif +#include "qssl_p.h" #include "qsslcertificate.h" #include "qsslcertificate_p.h" #include "qsslkey_p.h" @@ -524,7 +525,7 @@ QList<QSslCertificate> QSslCertificate::fromPath(const QString &path, QList<QSslCertificate> QSslCertificate::fromDevice(QIODevice *device, QSsl::EncodingFormat format) { if (!device) { - qWarning("QSslCertificate::fromDevice: cannot read from a null device"); + qCWarning(lcSsl, "QSslCertificate::fromDevice: cannot read from a null device"); return QList<QSslCertificate>(); } return fromData(device->readAll(), format); diff --git a/src/network/ssl/qsslcertificate_openssl.cpp b/src/network/ssl/qsslcertificate_openssl.cpp index 1906c72ff8..065f0bfd04 100644 --- a/src/network/ssl/qsslcertificate_openssl.cpp +++ b/src/network/ssl/qsslcertificate_openssl.cpp @@ -39,6 +39,7 @@ ** ****************************************************************************/ +#include "qssl_p.h" #include "qsslsocket_openssl_symbols_p.h" #include "qsslcertificate_p.h" #include "qsslkey_p.h" @@ -303,7 +304,7 @@ static QVariant x509UnknownExtensionToValue(X509_EXTENSION *ext) else return list; } else if (meth->i2s && ext_internal) { - //qDebug() << meth->i2s(meth, ext_internal); + //qCDebug(lcSsl) << meth->i2s(meth, ext_internal); QVariant result(QString::fromUtf8(meth->i2s(meth, ext_internal))); return result; } else if (meth->i2r && ext_internal) { @@ -371,7 +372,7 @@ static QVariant x509ExtensionToValue(X509_EXTENSION *ext) result[QString::fromUtf8(QSslCertificatePrivate::asn1ObjectName(ad->method))] = uri; } else { - qWarning() << "Strange location type" << name->type; + qCWarning(lcSsl) << "Strange location type" << name->type; } } @@ -516,7 +517,7 @@ void QSslCertificatePrivate::init(const QByteArray &data, QSsl::EncodingFormat f QByteArray QSslCertificatePrivate::QByteArray_from_X509(X509 *x509, QSsl::EncodingFormat format) { if (!x509) { - qWarning("QSslSocketBackendPrivate::X509_to_QByteArray: null X509"); + qCWarning(lcSsl, "QSslSocketBackendPrivate::X509_to_QByteArray: null X509"); return QByteArray(); } @@ -551,7 +552,7 @@ QByteArray QSslCertificatePrivate::QByteArray_from_X509(X509 *x509, QSsl::Encodi QString QSslCertificatePrivate::text_from_X509(X509 *x509) { if (!x509) { - qWarning("QSslSocketBackendPrivate::text_from_X509: null X509"); + qCWarning(lcSsl, "QSslSocketBackendPrivate::text_from_X509: null X509"); return QString(); } diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp index d74042a95f..cf99e77314 100644 --- a/src/network/ssl/qsslcertificate_qt.cpp +++ b/src/network/ssl/qsslcertificate_qt.cpp @@ -40,7 +40,7 @@ ****************************************************************************/ - +#include "qssl_p.h" #include "qsslcertificate.h" #include "qsslcertificate_p.h" #include "qsslkey.h" @@ -83,8 +83,9 @@ bool QSslCertificate::isSelfSigned() const if (d->null) return false; - qWarning("QSslCertificate::isSelfSigned: This function does not check, whether the certificate " - "is actually signed. It just checks whether issuer and subject are identical"); + qCWarning(lcSsl, + "QSslCertificate::isSelfSigned: This function does not check, whether the certificate " + "is actually signed. It just checks whether issuer and subject are identical"); return d->subjectMatchesIssuer; } diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index 2aa59e5d18..7bb6e02b7e 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -32,6 +32,7 @@ ** ****************************************************************************/ +#include "qssl_p.h" #include "qsslconfiguration.h" #include "qsslconfiguration_p.h" #include "qsslsocket.h" @@ -341,7 +342,8 @@ int QSslConfiguration::peerVerifyDepth() const void QSslConfiguration::setPeerVerifyDepth(int depth) { if (depth < 0) { - qWarning("QSslConfiguration::setPeerVerifyDepth: cannot set negative depth of %d", depth); + qCWarning(lcSsl, + "QSslConfiguration::setPeerVerifyDepth: cannot set negative depth of %d", depth); return; } d->peerVerifyDepth = depth; diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index c042d98056..92e726bc01 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -36,6 +36,7 @@ #include <QtNetwork/qsslsocket.h> #include <QtCore/qmutex.h> +#include "private/qssl_p.h" #include "private/qsslcontext_openssl_p.h" #include "private/qsslsocket_p.h" #include "private/qsslsocket_openssl_p.h" @@ -357,7 +358,7 @@ static int next_proto_cb(SSL *, unsigned char **out, unsigned char *outlen, ctx->status = QSslConfiguration::NextProtocolNegotiationUnsupported; break; default: - qWarning("OpenSSL sent unknown NPN status"); + qCWarning(lcSsl, "OpenSSL sent unknown NPN status"); } return SSL_TLSEXT_ERR_OK; @@ -384,7 +385,7 @@ SSL* QSslContext::createSsl() if (session) { // Try to resume the last session we cached if (!q_SSL_set_session(ssl, session)) { - qWarning("could not set SSL session"); + qCWarning(lcSsl, "could not set SSL session"); q_SSL_SESSION_free(session); session = 0; } @@ -396,8 +397,8 @@ SSL* QSslContext::createSsl() m_supportedNPNVersions.clear(); for (int a = 0; a < protocols.count(); ++a) { if (protocols.at(a).size() > 255) { - qWarning() << "TLS NPN extension" << protocols.at(a) - << "is too long and will be truncated to 255 characters."; + qCWarning(lcSsl) << "TLS NPN extension" << protocols.at(a) + << "is too long and will be truncated to 255 characters."; protocols[a] = protocols.at(a).left(255); } m_supportedNPNVersions.append(protocols.at(a).size()).append(protocols.at(a)); @@ -433,7 +434,7 @@ bool QSslContext::cacheSession(SSL* ssl) m_sessionASN1.resize(sessionSize); unsigned char *data = reinterpret_cast<unsigned char *>(m_sessionASN1.data()); if (!q_i2d_SSL_SESSION(session, &data)) - qWarning("could not store persistent version of SSL session"); + qCWarning(lcSsl, "could not store persistent version of SSL session"); m_sessionTicketLifeTimeHint = session->tlsext_tick_lifetime_hint; } } diff --git a/src/network/ssl/qsslkey_winrt.cpp b/src/network/ssl/qsslkey_winrt.cpp index c5b4146ee9..2ec75caefe 100644 --- a/src/network/ssl/qsslkey_winrt.cpp +++ b/src/network/ssl/qsslkey_winrt.cpp @@ -39,6 +39,7 @@ ** ****************************************************************************/ +#include "qssl_p.h" #include "qsslkey.h" #include "qsslkey_p.h" #include "qsslcertificate_p.h" @@ -144,7 +145,7 @@ static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, QByteArray data, const if (padding > 0 && padding <= blockLength) resultLength -= padding; else - qWarning("Invalid padding length of %u; decryption likely failed.", padding); + qCWarning(lcSsl, "Invalid padding length of %u; decryption likely failed.", padding); } return QByteArray(reinterpret_cast<const char *>(resultData), resultLength); diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 8887f478dd..31c7b3087e 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -281,6 +281,7 @@ \sa peerVerifyError() */ +#include "qssl_p.h" #include "qsslsocket.h" #include "qsslcipher.h" #ifndef QT_NO_OPENSSL @@ -334,7 +335,7 @@ QSslSocket::QSslSocket(QObject *parent) { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::QSslSocket(" << parent << "), this =" << (void *)this; + qCDebug(lcSsl) << "QSslSocket::QSslSocket(" << parent << "), this =" << (void *)this; #endif d->q_ptr = this; d->init(); @@ -347,7 +348,7 @@ QSslSocket::~QSslSocket() { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::~QSslSocket(), this =" << (void *)this; + qCDebug(lcSsl) << "QSslSocket::~QSslSocket(), this =" << (void *)this; #endif delete d->plainSocket; d->plainSocket = 0; @@ -416,7 +417,8 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, O { Q_D(QSslSocket); if (d->state == ConnectedState || d->state == ConnectingState) { - qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected"); + qCWarning(lcSsl, + "QSslSocket::connectToHostEncrypted() called when already connecting/connected"); return; } @@ -446,7 +448,8 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, { Q_D(QSslSocket); if (d->state == ConnectedState || d->state == ConnectingState) { - qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected"); + qCWarning(lcSsl, + "QSslSocket::connectToHostEncrypted() called when already connecting/connected"); return; } @@ -476,7 +479,7 @@ bool QSslSocket::setSocketDescriptor(qintptr socketDescriptor, SocketState state { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ',' + qCDebug(lcSsl) << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ',' << state << ',' << openMode << ')'; #endif if (!d->plainSocket) @@ -660,7 +663,7 @@ void QSslSocket::setPeerVerifyDepth(int depth) { Q_D(QSslSocket); if (depth < 0) { - qWarning("QSslSocket::setPeerVerifyDepth: cannot set negative depth of %d", depth); + qCWarning(lcSsl, "QSslSocket::setPeerVerifyDepth: cannot set negative depth of %d", depth); return; } d->configuration.peerVerifyDepth = depth; @@ -771,7 +774,7 @@ bool QSslSocket::canReadLine() const void QSslSocket::close() { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::close()"; + qCDebug(lcSsl) << "QSslSocket::close()"; #endif Q_D(QSslSocket); if (encryptedBytesToWrite()) @@ -815,7 +818,7 @@ bool QSslSocket::flush() { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::flush()"; + qCDebug(lcSsl) << "QSslSocket::flush()"; #endif if (d->mode != UnencryptedMode) // encrypt any unencrypted bytes in our buffer @@ -849,7 +852,7 @@ void QSslSocket::abort() { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::abort()"; + qCDebug(lcSsl) << "QSslSocket::abort()"; #endif if (d->plainSocket) d->plainSocket->abort(); @@ -1605,7 +1608,7 @@ bool QSslSocket::waitForDisconnected(int msecs) // require calling connectToHost() before waitForDisconnected() if (state() == UnconnectedState) { - qWarning("QSslSocket::waitForDisconnected() is not allowed in UnconnectedState"); + qCWarning(lcSsl, "QSslSocket::waitForDisconnected() is not allowed in UnconnectedState"); return false; } @@ -1721,15 +1724,17 @@ void QSslSocket::startClientEncryption() { Q_D(QSslSocket); if (d->mode != UnencryptedMode) { - qWarning("QSslSocket::startClientEncryption: cannot start handshake on non-plain connection"); + qCWarning(lcSsl, + "QSslSocket::startClientEncryption: cannot start handshake on non-plain connection"); return; } if (state() != ConnectedState) { - qWarning("QSslSocket::startClientEncryption: cannot start handshake when not connected"); + qCWarning(lcSsl, + "QSslSocket::startClientEncryption: cannot start handshake when not connected"); return; } #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::startClientEncryption()"; + qCDebug(lcSsl) << "QSslSocket::startClientEncryption()"; #endif d->mode = SslClientMode; emit modeChanged(d->mode); @@ -1760,11 +1765,11 @@ void QSslSocket::startServerEncryption() { Q_D(QSslSocket); if (d->mode != UnencryptedMode) { - qWarning("QSslSocket::startServerEncryption: cannot start handshake on non-plain connection"); + qCWarning(lcSsl, "QSslSocket::startServerEncryption: cannot start handshake on non-plain connection"); return; } #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::startServerEncryption()"; + qCDebug(lcSsl) << "QSslSocket::startServerEncryption()"; #endif d->mode = SslServerMode; emit modeChanged(d->mode); @@ -1841,12 +1846,12 @@ void QSslSocket::connectToHost(const QString &hostName, quint16 port, OpenMode o d->initialized = false; #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::connectToHost(" + qCDebug(lcSsl) << "QSslSocket::connectToHost(" << hostName << ',' << port << ',' << openMode << ')'; #endif if (!d->plainSocket) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "\tcreating internal plain socket"; + qCDebug(lcSsl) << "\tcreating internal plain socket"; #endif d->createPlainSocket(openMode); } @@ -1865,7 +1870,7 @@ void QSslSocket::disconnectFromHost() { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::disconnectFromHost()"; + qCDebug(lcSsl) << "QSslSocket::disconnectFromHost()"; #endif if (!d->plainSocket) return; @@ -1909,7 +1914,7 @@ qint64 QSslSocket::readData(char *data, qint64 maxlen) if (d->mode == UnencryptedMode && !d->autoStartHandshake) { readBytes = d->plainSocket->read(data, maxlen); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" + qCDebug(lcSsl) << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" << readBytes; #endif } else { @@ -1928,7 +1933,7 @@ qint64 QSslSocket::writeData(const char *data, qint64 len) { Q_D(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::writeData(" << (void *)data << ',' << len << ')'; + qCDebug(lcSsl) << "QSslSocket::writeData(" << (void *)data << ',' << len << ')'; #endif if (d->mode == UnencryptedMode && !d->autoStartHandshake) return d->plainSocket->write(data, len); @@ -2231,10 +2236,10 @@ void QSslSocketPrivate::_q_connectedSlot() cachedSocketDescriptor = plainSocket->socketDescriptor(); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_connectedSlot()"; - qDebug() << "\tstate =" << q->state(); - qDebug() << "\tpeer =" << q->peerName() << q->peerAddress() << q->peerPort(); - qDebug() << "\tlocal =" << QHostInfo::fromName(q->localAddress().toString()).hostName() + qCDebug(lcSsl) << "QSslSocket::_q_connectedSlot()"; + qCDebug(lcSsl) << "\tstate =" << q->state(); + qCDebug(lcSsl) << "\tpeer =" << q->peerName() << q->peerAddress() << q->peerPort(); + qCDebug(lcSsl) << "\tlocal =" << QHostInfo::fromName(q->localAddress().toString()).hostName() << q->localAddress() << q->localPort(); #endif @@ -2256,8 +2261,8 @@ void QSslSocketPrivate::_q_hostFoundSlot() { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_hostFoundSlot()"; - qDebug() << "\tstate =" << q->state(); + qCDebug(lcSsl) << "QSslSocket::_q_hostFoundSlot()"; + qCDebug(lcSsl) << "\tstate =" << q->state(); #endif emit q->hostFound(); } @@ -2269,8 +2274,8 @@ void QSslSocketPrivate::_q_disconnectedSlot() { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_disconnectedSlot()"; - qDebug() << "\tstate =" << q->state(); + qCDebug(lcSsl) << "QSslSocket::_q_disconnectedSlot()"; + qCDebug(lcSsl) << "\tstate =" << q->state(); #endif disconnected(); emit q->disconnected(); @@ -2283,7 +2288,7 @@ void QSslSocketPrivate::_q_stateChangedSlot(QAbstractSocket::SocketState state) { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ')'; + qCDebug(lcSsl) << "QSslSocket::_q_stateChangedSlot(" << state << ')'; #endif q->setSocketState(state); emit q->stateChanged(state); @@ -2296,9 +2301,9 @@ void QSslSocketPrivate::_q_errorSlot(QAbstractSocket::SocketError error) { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_errorSlot(" << error << ')'; - qDebug() << "\tstate =" << q->state(); - qDebug() << "\terrorString =" << q->errorString(); + qCDebug(lcSsl) << "QSslSocket::_q_errorSlot(" << error << ')'; + qCDebug(lcSsl) << "\tstate =" << q->state(); + qCDebug(lcSsl) << "\terrorString =" << q->errorString(); #endif q->setSocketError(plainSocket->error()); q->setErrorString(plainSocket->errorString()); @@ -2312,7 +2317,7 @@ void QSslSocketPrivate::_q_readyReadSlot() { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_readyReadSlot() -" << plainSocket->bytesAvailable() << "bytes available"; + qCDebug(lcSsl) << "QSslSocket::_q_readyReadSlot() -" << plainSocket->bytesAvailable() << "bytes available"; #endif if (mode == QSslSocket::UnencryptedMode) { if (readyReadEmittedPointer) @@ -2331,7 +2336,7 @@ void QSslSocketPrivate::_q_bytesWrittenSlot(qint64 written) { Q_Q(QSslSocket); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ')'; + qCDebug(lcSsl) << "QSslSocket::_q_bytesWrittenSlot(" << written << ')'; #endif if (mode == QSslSocket::UnencryptedMode) diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 13fc534259..8833e3fdd8 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -49,6 +49,7 @@ //#define QSSLSOCKET_DEBUG //#define QT_DECRYPT_SSL_TRAFFIC +#include "qssl_p.h" #include "qsslsocket_openssl_p.h" #include "qsslsocket_openssl_symbols_p.h" #include "qsslsocket.h" @@ -250,24 +251,24 @@ int q_X509Callback(int ok, X509_STORE_CTX *ctx) // Store the error and at which depth the error was detected. _q_sslErrorList()->errors << qMakePair<int, int>(q_X509_STORE_CTX_get_error(ctx), q_X509_STORE_CTX_get_error_depth(ctx)); #ifdef QSSLSOCKET_DEBUG - qDebug() << "verification error: dumping bad certificate"; - qDebug() << QSslCertificatePrivate::QSslCertificate_from_X509(q_X509_STORE_CTX_get_current_cert(ctx)).toPem(); - qDebug() << "dumping chain"; + qCDebug(lcSsl) << "verification error: dumping bad certificate"; + qCDebug(lcSsl) << QSslCertificatePrivate::QSslCertificate_from_X509(q_X509_STORE_CTX_get_current_cert(ctx)).toPem(); + qCDebug(lcSsl) << "dumping chain"; foreach (QSslCertificate cert, QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(q_X509_STORE_CTX_get_chain(ctx))) { QString certFormat(QStringLiteral("O=%1 CN=%2 L=%3 OU=%4 C=%5 ST=%6")); - qDebug() << "Issuer:" << "O=" << cert.issuerInfo(QSslCertificate::Organization) + qCDebug(lcSsl) << "Issuer:" << "O=" << cert.issuerInfo(QSslCertificate::Organization) << "CN=" << cert.issuerInfo(QSslCertificate::CommonName) << "L=" << cert.issuerInfo(QSslCertificate::LocalityName) << "OU=" << cert.issuerInfo(QSslCertificate::OrganizationalUnitName) << "C=" << cert.issuerInfo(QSslCertificate::CountryName) << "ST=" << cert.issuerInfo(QSslCertificate::StateOrProvinceName); - qDebug() << "Subject:" << "O=" << cert.subjectInfo(QSslCertificate::Organization) + qCDebug(lcSsl) << "Subject:" << "O=" << cert.subjectInfo(QSslCertificate::Organization) << "CN=" << cert.subjectInfo(QSslCertificate::CommonName) << "L=" << cert.subjectInfo(QSslCertificate::LocalityName) << "OU=" << cert.subjectInfo(QSslCertificate::OrganizationalUnitName) << "C=" << cert.subjectInfo(QSslCertificate::CountryName) << "ST=" << cert.subjectInfo(QSslCertificate::StateOrProvinceName); - qDebug() << "Valid:" << cert.effectiveDate() << "-" << cert.expiryDate(); + qCDebug(lcSsl) << "Valid:" << cert.effectiveDate() << "-" << cert.expiryDate(); } #endif } @@ -361,7 +362,7 @@ bool QSslSocketBackendPrivate::initSslContext() && !QHostAddress().setAddress(tlsHostName) && !(configuration.sslOptions & QSsl::SslOptionDisableServerNameIndication)) { if (!q_SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, ace.data())) - qWarning("could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled"); + qCWarning(lcSsl, "could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled"); } } #endif @@ -487,16 +488,16 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() if (securityLib.load()) { ptrSecCertificateCopyData = (PtrSecCertificateCopyData) securityLib.resolve("SecCertificateCopyData"); if (!ptrSecCertificateCopyData) - qWarning("could not resolve symbols in security library"); // should never happen + qCWarning(lcSsl, "could not resolve symbols in security library"); // should never happen ptrSecTrustSettingsCopyCertificates = (PtrSecTrustSettingsCopyCertificates) securityLib.resolve("SecTrustSettingsCopyCertificates"); if (!ptrSecTrustSettingsCopyCertificates) { // method was introduced in Leopard, use legacy method if it's not there ptrSecTrustCopyAnchorCertificates = (PtrSecTrustCopyAnchorCertificates) securityLib.resolve("SecTrustCopyAnchorCertificates"); if (!ptrSecTrustCopyAnchorCertificates) - qWarning("could not resolve symbols in security library"); // should never happen + qCWarning(lcSsl, "could not resolve symbols in security library"); // should never happen } } else { - qWarning("could not load security library"); + qCWarning(lcSsl, "could not load security library"); } #elif defined(Q_OS_WIN) HINSTANCE hLib = LoadLibraryW(L"Crypt32"); @@ -511,9 +512,9 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() ptrCertCloseStore = (PtrCertCloseStore)GetProcAddress(hLib, "CertCloseStore"); #endif if (!ptrCertOpenSystemStoreW || !ptrCertFindCertificateInStore || !ptrCertCloseStore) - qWarning("could not resolve symbols in crypt32 library"); // should never happen + qCWarning(lcSsl, "could not resolve symbols in crypt32 library"); // should never happen } else { - qWarning("could not load crypt32 library"); // should never happen + qCWarning(lcSsl, "could not load crypt32 library"); // should never happen } #elif defined(Q_OS_QNX) s_loadRootCertsOnDemand = true; @@ -657,7 +658,7 @@ QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() data = ptrSecCertificateCopyData(cfCert); if (data == NULL) { - qWarning("error retrieving a CA certificate from the system store"); + qCWarning(lcSsl, "error retrieving a CA certificate from the system store"); } else { QByteArray rawCert = QByteArray::fromRawData((const char *)CFDataGetBytePtr(data), CFDataGetLength(data)); systemCerts.append(QSslCertificate::fromData(rawCert, QSsl::Der)); @@ -668,7 +669,7 @@ QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() } else { // no detailed error handling here - qWarning("could not retrieve system CA certificates"); + qCWarning(lcSsl, "could not retrieve system CA certificates"); } } #elif defined(Q_OS_WIN) @@ -742,8 +743,8 @@ QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() } #endif #ifdef QSSLSOCKET_DEBUG - qDebug() << "systemCaCertificates retrieval time " << timer.elapsed() << "ms"; - qDebug() << "imported " << systemCerts.count() << " certificates"; + qCDebug(lcSsl) << "systemCaCertificates retrieval time " << timer.elapsed() << "ms"; + qCDebug(lcSsl) << "imported " << systemCerts.count() << " certificates"; #endif return systemCerts; @@ -824,7 +825,7 @@ void QSslSocketBackendPrivate::transmit() } } #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: encrypted" << writtenBytes << "bytes"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encrypted" << writtenBytes << "bytes"; #endif writeBuffer.free(writtenBytes); totalBytesWritten += writtenBytes; @@ -857,7 +858,7 @@ void QSslSocketBackendPrivate::transmit() // Write encrypted data from the buffer to the socket. qint64 actualWritten = plainSocket->write(data.constData(), encryptedBytesRead); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: wrote" << encryptedBytesRead << "encrypted bytes to the socket" << actualWritten << "actual."; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: wrote" << encryptedBytesRead << "encrypted bytes to the socket" << actualWritten << "actual."; #endif if (actualWritten < 0) { //plain socket write fails if it was in the pending close state. @@ -878,7 +879,7 @@ void QSslSocketBackendPrivate::transmit() int encryptedBytesRead = plainSocket->peek(data.data(), pendingBytes); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: read" << encryptedBytesRead << "encrypted bytes from the socket"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: read" << encryptedBytesRead << "encrypted bytes from the socket"; #endif // Write encrypted data from the buffer into the read BIO. int writtenToBio = q_BIO_write(readBio, data.constData(), encryptedBytesRead); @@ -902,17 +903,17 @@ void QSslSocketBackendPrivate::transmit() // connect / accept. if (!connectionEncrypted) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: testing encryption"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: testing encryption"; #endif if (startHandshake()) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: encryption established"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encryption established"; #endif connectionEncrypted = true; transmitting = true; } else if (plainSocket->state() != QAbstractSocket::ConnectedState) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: connection lost"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: connection lost"; #endif break; } else if (paused) { @@ -920,7 +921,7 @@ void QSslSocketBackendPrivate::transmit() return; } else { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: encryption not done yet"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encryption not done yet"; #endif } } @@ -941,7 +942,7 @@ void QSslSocketBackendPrivate::transmit() // Don't use SSL_pending(). It's very unreliable. if ((readBytes = q_SSL_read(ssl, data.data(), data.size())) > 0) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: decrypted" << readBytes << "bytes"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: decrypted" << readBytes << "bytes"; #endif char *ptr = buffer.reserve(readBytes); ::memcpy(ptr, data.data(), readBytes); @@ -962,7 +963,7 @@ void QSslSocketBackendPrivate::transmit() case SSL_ERROR_ZERO_RETURN: // The remote host closed the connection. #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::transmit: remote disconnect"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: remote disconnect"; #endif shutdown = true; // the other side shut down, make sure we do not send shutdown ourselves q->setErrorString(QSslSocket::tr("The TLS/SSL connection has been closed")); @@ -1081,7 +1082,7 @@ bool QSslSocketBackendPrivate::startHandshake() q->setErrorString(QSslSocket::tr("Error during SSL handshake: %1").arg(getErrorsFromOpenSsl())); q->setSocketError(QAbstractSocket::SslHandshakeFailedError); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QSslSocketBackendPrivate::startHandshake: error!" << q->errorString(); + qCDebug(lcSsl) << "QSslSocketBackendPrivate::startHandshake: error!" << q->errorString(); #endif emit q->error(QAbstractSocket::SslHandshakeFailedError); q->abort(); @@ -1184,7 +1185,7 @@ bool QSslSocketBackendPrivate::startHandshake() break; default: #ifdef QSSLSOCKET_DEBUG - qDebug() << sslErrors.at(i).errorString(); + qCDebug(lcSsl) << sslErrors.at(i).errorString(); #endif break; } @@ -1318,7 +1319,7 @@ void QWindowsCaRootFetcher::start() PCCERT_CONTEXT wincert = CertCreateCertificateContext(X509_ASN_ENCODING, (const BYTE *)der.constData(), der.length()); if (!wincert) { #ifdef QSSLSOCKET_DEBUG - qDebug("QWindowsCaRootFetcher failed to convert certificate to windows form"); + qCDebug(lcSsl, "QWindowsCaRootFetcher failed to convert certificate to windows form"); #endif emit finished(cert, QSslCertificate()); deleteLater(); @@ -1349,32 +1350,32 @@ void QWindowsCaRootFetcher::start() 0, //reserved &chain); #ifdef QSSLSOCKET_DEBUG - qDebug() << "QWindowsCaRootFetcher" << stopwatch.elapsed() << "ms to get chain"; + qCDebug(lcSsl) << "QWindowsCaRootFetcher" << stopwatch.elapsed() << "ms to get chain"; #endif QSslCertificate trustedRoot; if (result) { #ifdef QSSLSOCKET_DEBUG - qDebug() << "QWindowsCaRootFetcher - examining windows chains"; + qCDebug(lcSsl) << "QWindowsCaRootFetcher - examining windows chains"; if (chain->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR) - qDebug() << " - TRUSTED"; + qCDebug(lcSsl) << " - TRUSTED"; else - qDebug() << " - NOT TRUSTED" << chain->TrustStatus.dwErrorStatus; + qCDebug(lcSsl) << " - NOT TRUSTED" << chain->TrustStatus.dwErrorStatus; if (chain->TrustStatus.dwInfoStatus & CERT_TRUST_IS_SELF_SIGNED) - qDebug() << " - SELF SIGNED"; - qDebug() << "QSslSocketBackendPrivate::fetchCaRootForCert - dumping simple chains"; + qCDebug(lcSsl) << " - SELF SIGNED"; + qCDebug(lcSsl) << "QSslSocketBackendPrivate::fetchCaRootForCert - dumping simple chains"; for (unsigned int i = 0; i < chain->cChain; i++) { if (chain->rgpChain[i]->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR) - qDebug() << " - TRUSTED SIMPLE CHAIN" << i; + qCDebug(lcSsl) << " - TRUSTED SIMPLE CHAIN" << i; else - qDebug() << " - UNTRUSTED SIMPLE CHAIN" << i << "reason:" << chain->rgpChain[i]->TrustStatus.dwErrorStatus; + qCDebug(lcSsl) << " - UNTRUSTED SIMPLE CHAIN" << i << "reason:" << chain->rgpChain[i]->TrustStatus.dwErrorStatus; for (unsigned int j = 0; j < chain->rgpChain[i]->cElement; j++) { QSslCertificate foundCert(QByteArray((const char *)chain->rgpChain[i]->rgpElement[j]->pCertContext->pbCertEncoded , chain->rgpChain[i]->rgpElement[j]->pCertContext->cbCertEncoded), QSsl::Der); - qDebug() << " - " << foundCert; + qCDebug(lcSsl) << " - " << foundCert; } } - qDebug() << " - and" << chain->cLowerQualityChainContext << "low quality chains"; //expect 0, we haven't asked for them + qCDebug(lcSsl) << " - and" << chain->cLowerQualityChainContext << "low quality chains"; //expect 0, we haven't asked for them #endif //based on http://msdn.microsoft.com/en-us/library/windows/desktop/aa377182%28v=vs.85%29.aspx @@ -1493,12 +1494,12 @@ void QSslSocketBackendPrivate::continueHandshake() QString sslKeyFile = QDir::tempPath() + QLatin1String("/qt-ssl-keys"); QFile file(sslKeyFile); if (!file.open(QIODevice::Append)) - qWarning() << "could not open file" << sslKeyFile << "for appending"; + qCWarning(lcSsl) << "could not open file" << sslKeyFile << "for appending"; if (!file.write(debugLineClientRandom)) - qWarning() << "could not write to file" << sslKeyFile; + qCWarning(lcSsl) << "could not write to file" << sslKeyFile; file.close(); } else { - qWarning("could not decrypt SSL traffic"); + qCWarning(lcSsl, "could not decrypt SSL traffic"); } #endif @@ -1557,7 +1558,7 @@ QList<QSslError> QSslSocketBackendPrivate::verify(QList<QSslCertificate> certifi // Setup the store with the default CA certificates X509_STORE *certStore = q_X509_STORE_new(); if (!certStore) { - qWarning() << "Unable to create certificate store"; + qCWarning(lcSsl) << "Unable to create certificate store"; errors << QSslError(QSslError::UnspecifiedError); return errors; } @@ -1694,7 +1695,7 @@ bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device, // Create the PKCS#12 object PKCS12 *p12 = q_d2i_PKCS12_bio(bio, 0); if (!p12) { - qWarning("Unable to read PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); + qCWarning(lcSsl, "Unable to read PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); q_BIO_free(bio); return false; } @@ -1705,7 +1706,7 @@ bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device, STACK_OF(X509) *ca = 0; if (!q_PKCS12_parse(p12, passPhrase.constData(), &pkey, &x509, &ca)) { - qWarning("Unable to parse PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); + qCWarning(lcSsl, "Unable to parse PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); q_PKCS12_free(p12); q_BIO_free(bio); return false; @@ -1713,7 +1714,7 @@ bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device, // Convert to Qt types if (!key->d->fromEVP_PKEY(pkey)) { - qWarning("Unable to convert private key"); + qCWarning(lcSsl, "Unable to convert private key"); q_sk_pop_free(reinterpret_cast<STACK *>(ca), reinterpret_cast<void(*)(void*)>(q_sk_free)); q_X509_free(x509); q_EVP_PKEY_free(pkey); diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index 71b8237e03..ea6e84adef 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -47,6 +47,7 @@ ** ****************************************************************************/ +#include "qssl_p.h" #include "qsslsocket_openssl_symbols_p.h" #ifdef Q_OS_WIN @@ -115,12 +116,12 @@ QT_BEGIN_NAMESPACE namespace { void qsslSocketUnresolvedSymbolWarning(const char *functionName) { - qWarning("QSslSocket: cannot call unresolved function %s", functionName); + qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName); } void qsslSocketCannotResolveSymbolWarning(const char *functionName) { - qWarning("QSslSocket: cannot resolve %s", functionName); + qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName); } } @@ -388,11 +389,11 @@ DEFINEFUNC(void, PKCS12_free, PKCS12 *pkcs12, pkcs12, return, DUMMYARG) #ifdef QT_NO_LIBRARY bool q_resolveOpenSslSymbols() { - qWarning("QSslSocket: unable to resolve symbols. " - "QT_NO_LIBRARY is defined which means runtime resolving of " - "libraries won't work."); - qWarning("Either compile Qt statically or with support for runtime resolving " - "of libraries."); + qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. " + "QT_NO_LIBRARY is defined which means runtime resolving of " + "libraries won't work."); + qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving " + "of libraries."); return false; } #else @@ -992,7 +993,7 @@ QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime) return result; } else { - qWarning("unsupported date format detected"); + qCWarning(lcSsl, "unsupported date format detected"); return QDateTime(); } diff --git a/src/network/ssl/qsslsocket_winrt.cpp b/src/network/ssl/qsslsocket_winrt.cpp index 418a7416e4..7527422f75 100644 --- a/src/network/ssl/qsslsocket_winrt.cpp +++ b/src/network/ssl/qsslsocket_winrt.cpp @@ -39,6 +39,7 @@ ** ****************************************************************************/ +#include "qssl_p.h" #include "qsslsocket_winrt_p.h" #include "qsslsocket.h" #include "qsslcertificate_p.h" @@ -455,8 +456,9 @@ HRESULT QSslSocketBackendPrivate::onSslUpgrade(IAsyncAction *action, AsyncStatus Q_Q(QSslSocket); if (wasDeleted) { - qWarning("SSL upgrade callback received after the delegate was deleted. " - "This may be indicative of an internal bug in the WinRT SSL implementation."); + qCWarning(lcSsl, + "SSL upgrade callback received after the delegate was deleted. " + "This may be indicative of an internal bug in the WinRT SSL implementation."); return S_OK; } @@ -477,8 +479,9 @@ HRESULT QSslSocketBackendPrivate::onSslUpgrade(IAsyncAction *action, AsyncStatus IStreamSocket *socket = reinterpret_cast<IStreamSocket *>(plainSocket->socketDescriptor()); if (qintptr(socket) == -1) { - qWarning("The underlying TCP socket used by the SSL socket is invalid. " - "This may be indicative of an internal bug in the WinRT SSL implementation."); + qCWarning(lcSsl, + "The underlying TCP socket used by the SSL socket is invalid. " + "This may be indicative of an internal bug in the WinRT SSL implementation."); return S_OK; } diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri index 384e149241..d0ba93b53f 100644 --- a/src/network/ssl/ssl.pri +++ b/src/network/ssl/ssl.pri @@ -2,6 +2,7 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) { HEADERS += ssl/qasn1element_p.h \ ssl/qssl.h \ + ssl/qssl_p.h \ ssl/qsslcertificate.h \ ssl/qsslcertificate_p.h \ ssl/qsslconfiguration.h \ |