diff options
| -rw-r--r-- | src/network/access/access.pri | 14 | ||||
| -rw-r--r-- | src/network/access/qhsts.cpp | 19 | ||||
| -rw-r--r-- | src/network/access/qhsts_p.h | 8 | ||||
| -rw-r--r-- | src/network/access/qhstsstore_p.h | 2 | ||||
| -rw-r--r-- | src/network/access/qnetworkaccessmanager.cpp | 13 | ||||
| -rw-r--r-- | src/network/access/qnetworkaccessmanager_p.h | 7 |
6 files changed, 54 insertions, 9 deletions
diff --git a/src/network/access/access.pri b/src/network/access/access.pri index a129beda15..ec0273377f 100644 --- a/src/network/access/access.pri +++ b/src/network/access/access.pri @@ -24,8 +24,7 @@ HEADERS += \ access/qabstractnetworkcache.h \ access/qnetworkfile_p.h \ access/qhsts_p.h \ - access/qhstspolicy.h \ - access/qhstsstore_p.h + access/qhstspolicy.h SOURCES += \ access/qnetworkaccessauthenticationmanager.cpp \ @@ -45,8 +44,7 @@ SOURCES += \ access/qabstractnetworkcache.cpp \ access/qnetworkfile.cpp \ access/qhsts.cpp \ - access/qhstspolicy.cpp \ - access/qhstsstore.cpp + access/qhstspolicy.cpp qtConfig(ftp) { HEADERS += \ @@ -66,6 +64,14 @@ qtConfig(networkdiskcache) { SOURCES += access/qnetworkdiskcache.cpp } +qtConfig(settings) { + HEADERS += \ + access/qhstsstore_p.h + + SOURCES += \ + access/qhstsstore.cpp +} + mac: LIBS_PRIVATE += -framework Security include($$PWD/../../3rdparty/zlib_dependency.pri) diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp index 43a8a3663e..af913ca015 100644 --- a/src/network/access/qhsts.cpp +++ b/src/network/access/qhsts.cpp @@ -37,13 +37,16 @@ ** ****************************************************************************/ -#include "qhstsstore_p.h" #include "qhsts_p.h" #include "QtCore/private/qipaddress_p.h" #include "QtCore/qvector.h" #include "QtCore/qlist.h" +#if QT_CONFIG(settings) +#include "qhstsstore_p.h" +#endif // QT_CONFIG(settings) + QT_BEGIN_NAMESPACE static bool is_valid_domain_name(const QString &host) @@ -83,8 +86,10 @@ void QHstsCache::updateFromHeaders(const QList<QPair<QByteArray, QByteArray>> &h QHstsHeaderParser parser; if (parser.parse(headers)) { updateKnownHost(url.host(), parser.expirationDate(), parser.includeSubDomains()); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->synchronize(); +#endif // QT_CONFIG(settings) } } @@ -93,12 +98,14 @@ void QHstsCache::updateFromPolicies(const QVector<QHstsPolicy> &policies) for (const auto &policy : policies) updateKnownHost(policy.host(), policy.expiry(), policy.includesSubDomains()); +#if QT_CONFIG(settings) if (hstsStore && policies.size()) { // These policies are coming either from store or from QNAM's setter // function. As a result we can notice expired or new policies, time // to sync ... hstsStore->synchronize(); } +#endif // QT_CONFIG(settings) } void QHstsCache::updateKnownHost(const QUrl &url, const QDateTime &expires, @@ -108,8 +115,10 @@ void QHstsCache::updateKnownHost(const QUrl &url, const QDateTime &expires, return; updateKnownHost(url.host(), expires, includeSubDomains); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->synchronize(); +#endif // QT_CONFIG(settings) } void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, @@ -137,8 +146,10 @@ void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, } knownHosts.insert(pos, {hostName, newPolicy}); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->addToObserved(newPolicy); +#endif // QT_CONFIG(settings) return; } @@ -149,8 +160,10 @@ void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, else return; +#if QT_CONFIG(settings) if (hstsStore) hstsStore->addToObserved(newPolicy); +#endif // QT_CONFIG(settings) } bool QHstsCache::isKnownHost(const QUrl &url) const @@ -187,10 +200,12 @@ bool QHstsCache::isKnownHost(const QUrl &url) const if (pos != knownHosts.end()) { if (pos->second.isExpired()) { knownHosts.erase(pos); +#if QT_CONFIG(settings) if (hstsStore) { // Inform our store that this policy has expired. hstsStore->addToObserved(pos->second); } +#endif // QT_CONFIG(settings) } else if (!superDomainMatch || pos->second.includesSubDomains()) { return true; } @@ -221,6 +236,7 @@ QVector<QHstsPolicy> QHstsCache::policies() const return values; } +#if QT_CONFIG(settings) void QHstsCache::setStore(QHstsStore *store) { // Caller retains ownership of store, which must outlive this cache. @@ -248,6 +264,7 @@ void QHstsCache::setStore(QHstsStore *store) updateFromPolicies(restored); } } +#endif // QT_CONFIG(settings) // The parser is quite simple: 'nextToken' knowns exactly what kind of tokens // are valid and it will return false if something else was found; then diff --git a/src/network/access/qhsts_p.h b/src/network/access/qhsts_p.h index bc8708341d..c219d9eab5 100644 --- a/src/network/access/qhsts_p.h +++ b/src/network/access/qhsts_p.h @@ -69,8 +69,6 @@ QT_BEGIN_NAMESPACE template<typename T> class QList; template <typename T> class QVector; -class QHstsStore; - class Q_AUTOTEST_EXPORT QHstsCache { public: @@ -85,7 +83,9 @@ public: QVector<QHstsPolicy> policies() const; - void setStore(QHstsStore *store); +#if QT_CONFIG(settings) + void setStore(class QHstsStore *store); +#endif // QT_CONFIG(settings) private: @@ -119,7 +119,9 @@ private: }; mutable std::map<HostName, QHstsPolicy> knownHosts; +#if QT_CONFIG(settings) QHstsStore *hstsStore = nullptr; +#endif // QT_CONFIG(settings) }; class Q_AUTOTEST_EXPORT QHstsHeaderParser diff --git a/src/network/access/qhstsstore_p.h b/src/network/access/qhstsstore_p.h index 13042839c4..e82596b250 100644 --- a/src/network/access/qhstsstore_p.h +++ b/src/network/access/qhstsstore_p.h @@ -53,6 +53,8 @@ #include <QtNetwork/private/qtnetworkglobal_p.h> +QT_REQUIRE_CONFIG(settings); + #include <QtCore/qsettings.h> #include <QtCore/qvector.h> diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp index 96e3f92db1..a2649fe77c 100644 --- a/src/network/access/qnetworkaccessmanager.cpp +++ b/src/network/access/qnetworkaccessmanager.cpp @@ -48,6 +48,10 @@ #include "qhstspolicy.h" #include "qhsts_p.h" +#if QT_CONFIG(settings) +#include "qhstsstore_p.h" +#endif // QT_CONFIG(settings) + #include "QtNetwork/qnetworksession.h" #include "QtNetwork/private/qsharednetworksession_p.h" @@ -760,9 +764,14 @@ bool QNetworkAccessManager::isStrictTransportSecurityEnabled() const void QNetworkAccessManager::enableStrictTransportSecurityStore(bool enabled, const QString &storeDir) { +#if QT_CONFIG(settings) Q_D(QNetworkAccessManager); d->stsStore.reset(enabled ? new QHstsStore(storeDir) : nullptr); d->stsCache.setStore(d->stsStore.data()); +#else + Q_UNUSED(enabled) Q_UNUSED(storeDir) + qWarning("HSTS permanent store requires the feature 'settings' enabled"); +#endif // QT_CONFIG(settings) } /*! @@ -776,8 +785,12 @@ void QNetworkAccessManager::enableStrictTransportSecurityStore(bool enabled, con bool QNetworkAccessManager::isStrictTransportSecurityStoreEnabled() const { +#if QT_CONFIG(settings) Q_D(const QNetworkAccessManager); return bool(d->stsStore.data()); +#else + return false; +#endif // QT_CONFIG(settings) } /*! diff --git a/src/network/access/qnetworkaccessmanager_p.h b/src/network/access/qnetworkaccessmanager_p.h index ffed24a314..5cab4928e4 100644 --- a/src/network/access/qnetworkaccessmanager_p.h +++ b/src/network/access/qnetworkaccessmanager_p.h @@ -56,7 +56,6 @@ #include "qnetworkaccesscache_p.h" #include "qnetworkaccessbackend_p.h" #include "qnetworkrequest.h" -#include "qhstsstore_p.h" #include "qhsts_p.h" #include "private/qobject_p.h" #include "QtNetwork/qnetworkproxy.h" @@ -66,6 +65,10 @@ #include "QtNetwork/qnetworkconfigmanager.h" #endif +#if QT_CONFIG(settings) +#include "qhstsstore_p.h" +#endif // QT_CONFIG(settings) + QT_BEGIN_NAMESPACE class QAuthenticator; @@ -215,7 +218,9 @@ public: Q_AUTOTEST_EXPORT static void clearConnectionCache(QNetworkAccessManager *manager); QHstsCache stsCache; +#if QT_CONFIG(settings) QScopedPointer<QHstsStore> stsStore; +#endif // QT_CONFIG(settings) bool stsEnabled = false; #ifndef QT_NO_BEARERMANAGEMENT |