diff options
Diffstat (limited to 'src/network/access')
| -rw-r--r-- | src/network/access/qhttpmultipart.cpp | 21 | ||||
| -rw-r--r-- | src/network/access/qhttpnetworkconnection.cpp | 8 | ||||
| -rw-r--r-- | src/network/access/qhttpnetworkconnectionchannel.cpp | 23 | ||||
| -rw-r--r-- | src/network/access/qhttpnetworkconnectionchannel_p.h | 4 | ||||
| -rw-r--r-- | src/network/access/qhttpthreaddelegate.cpp | 16 | ||||
| -rw-r--r-- | src/network/access/qhttpthreaddelegate_p.h | 4 | ||||
| -rw-r--r-- | src/network/access/qnetworkaccessbackend.cpp | 22 | ||||
| -rw-r--r-- | src/network/access/qnetworkaccessmanager.cpp | 2 | ||||
| -rw-r--r-- | src/network/access/qnetworkreply.cpp | 6 | ||||
| -rw-r--r-- | src/network/access/qnetworkreplyhttpimpl.cpp | 17 | ||||
| -rw-r--r-- | src/network/access/qnetworkreplyhttpimpl_p.h | 5 |
11 files changed, 67 insertions, 61 deletions
diff --git a/src/network/access/qhttpmultipart.cpp b/src/network/access/qhttpmultipart.cpp index 5c704efeef..303c145394 100644 --- a/src/network/access/qhttpmultipart.cpp +++ b/src/network/access/qhttpmultipart.cpp @@ -41,7 +41,7 @@ #include "qhttpmultipart_p.h" #include "QtCore/qdatetime.h" // for initializing the random number generator with QTime #include "QtCore/qmutex.h" -#include "QtCore/qthreadstorage.h" +#include "QtCore/qrandom.h" QT_BEGIN_NAMESPACE @@ -431,23 +431,16 @@ void QHttpPartPrivate::checkHeaderCreated() const } } -Q_GLOBAL_STATIC(QThreadStorage<bool *>, seedCreatedStorage); - QHttpMultiPartPrivate::QHttpMultiPartPrivate() : contentType(QHttpMultiPart::MixedType), device(new QHttpMultiPartIODevice(this)) { - if (!seedCreatedStorage()->hasLocalData()) { - qsrand(QTime(0,0,0).msecsTo(QTime::currentTime()) ^ reinterpret_cast<quintptr>(this)); - seedCreatedStorage()->setLocalData(new bool(true)); - } - - boundary = QByteArray("boundary_.oOo._") - + QByteArray::number(qrand()).toBase64() - + QByteArray::number(qrand()).toBase64() - + QByteArray::number(qrand()).toBase64(); + // 24 random bytes, becomes 32 characters when encoded to Base64 + quint32 random[6]; + QRandomGenerator::fillRange(random); + boundary = "boundary_.oOo._" + + QByteArray::fromRawData(reinterpret_cast<char *>(random), sizeof(random)).toBase64(); // boundary must not be longer than 70 characters, see RFC 2046, section 5.1.1 - if (boundary.count() > 70) - boundary = boundary.left(70); + Q_ASSERT(boundary.count() <= 70); } qint64 QHttpMultiPartIODevice::size() const diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index da055de2da..ae30d3a8cf 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -644,6 +644,7 @@ QHttpNetworkReply* QHttpNetworkConnectionPrivate::queueRequest(const QHttpNetwor channels[0].spdyRequestsToSend.insertMulti(request.priority(), pair); } +#ifndef Q_OS_WINRT // For Happy Eyeballs the networkLayerState is set to Unknown // untill we have started the first connection attempt. So no // request will be started untill we know if IPv4 or IPv6 @@ -651,6 +652,13 @@ QHttpNetworkReply* QHttpNetworkConnectionPrivate::queueRequest(const QHttpNetwor if (networkLayerState == Unknown || networkLayerState == HostLookupPending) { startHostInfoLookup(); } else if ( networkLayerState == IPv4 || networkLayerState == IPv6 ) { +#else // !Q_OS_WINRT + { + // Skip the host lookup part for winrt. Host lookup and proxy handling are done by Windows + // internally and networkLayerPreference is ignored on this platform. Instead of refactoring + // the whole approach we just pretend that everything important is known here. + networkLayerState = IPv4; +#endif // this used to be called via invokeMethod and a QueuedConnection // It is the only place _q_startNextRequest is called directly without going // through the event loop using a QueuedConnection. diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp index c86cc9d8c9..84681561f2 100644 --- a/src/network/access/qhttpnetworkconnectionchannel.cpp +++ b/src/network/access/qhttpnetworkconnectionchannel.cpp @@ -55,7 +55,6 @@ # include <private/qsslsocket_p.h> # include <QtNetwork/qsslkey.h> # include <QtNetwork/qsslcipher.h> -# include <QtNetwork/qsslconfiguration.h> #endif #ifndef QT_NO_BEARERMANAGEMENT @@ -176,8 +175,8 @@ void QHttpNetworkConnectionChannel::init() if (!ignoreSslErrorsList.isEmpty()) sslSocket->ignoreSslErrors(ignoreSslErrorsList); - if (!sslConfiguration.isNull()) - sslSocket->setSslConfiguration(sslConfiguration); + if (sslConfiguration.data() && !sslConfiguration->isNull()) + sslSocket->setSslConfiguration(*sslConfiguration); } else { #endif // !QT_NO_SSL if (connection->connectionType() != QHttpNetworkConnection::ConnectionTypeHTTP2) @@ -656,7 +655,10 @@ void QHttpNetworkConnectionChannel::setSslConfiguration(const QSslConfiguration if (socket) static_cast<QSslSocket *>(socket)->setSslConfiguration(config); - sslConfiguration = config; + if (sslConfiguration.data()) + *sslConfiguration = config; + else + sslConfiguration.reset(new QSslConfiguration(config)); } #endif @@ -1085,8 +1087,15 @@ void QHttpNetworkConnectionChannel::_q_encrypted() Q_FALLTHROUGH(); case QSslConfiguration::NextProtocolNegotiationNone: { protocolHandler.reset(new QHttpProtocolHandler(this)); + if (!sslConfiguration.data()) { + // Our own auto-tests bypass the normal initialization (done by + // QHttpThreadDelegate), this means in the past we'd have here + // the default constructed QSslConfiguration without any protocols + // to negotiate. Let's create it now: + sslConfiguration.reset(new QSslConfiguration); + } - QList<QByteArray> protocols = sslConfiguration.allowedNextProtocols(); + QList<QByteArray> protocols = sslConfiguration->allowedNextProtocols(); const int nProtocols = protocols.size(); // Clear the protocol that we failed to negotiate, so we do not try // it again on other channels that our connection can create/open. @@ -1096,10 +1105,10 @@ void QHttpNetworkConnectionChannel::_q_encrypted() protocols.removeAll(QSslConfiguration::NextProtocolSpdy3_0); if (nProtocols > protocols.size()) { - sslConfiguration.setAllowedNextProtocols(protocols); + sslConfiguration->setAllowedNextProtocols(protocols); const int channelCount = connection->d_func()->channelCount; for (int i = 0; i < channelCount; ++i) - connection->d_func()->channels[i].setSslConfiguration(sslConfiguration); + connection->d_func()->channels[i].setSslConfiguration(*sslConfiguration); } connection->setConnectionType(QHttpNetworkConnection::ConnectionTypeHTTP); diff --git a/src/network/access/qhttpnetworkconnectionchannel_p.h b/src/network/access/qhttpnetworkconnectionchannel_p.h index 61aea9d35d..584d52ddb7 100644 --- a/src/network/access/qhttpnetworkconnectionchannel_p.h +++ b/src/network/access/qhttpnetworkconnectionchannel_p.h @@ -78,6 +78,8 @@ # include <QtNetwork/qtcpsocket.h> #endif +#include <QtCore/qscopedpointer.h> + QT_BEGIN_NAMESPACE class QHttpNetworkRequest; @@ -128,7 +130,7 @@ public: #ifndef QT_NO_SSL bool ignoreAllSslErrors; QList<QSslError> ignoreSslErrorsList; - QSslConfiguration sslConfiguration; + QScopedPointer<QSslConfiguration> sslConfiguration; void ignoreSslErrors(); void ignoreSslErrors(const QList<QSslError> &errors); void setSslConfiguration(const QSslConfiguration &config); diff --git a/src/network/access/qhttpthreaddelegate.cpp b/src/network/access/qhttpthreaddelegate.cpp index 9d874b4d94..3d17664ed4 100644 --- a/src/network/access/qhttpthreaddelegate.cpp +++ b/src/network/access/qhttpthreaddelegate.cpp @@ -44,6 +44,7 @@ #include <QTimer> #include <QAuthenticator> #include <QEventLoop> +#include <QCryptographicHash> #include "private/qhttpnetworkreply_p.h" #include "private/qnetworkaccesscache_p.h" @@ -158,7 +159,10 @@ static QByteArray makeCacheKey(QUrl &url, QNetworkProxy *proxy) } if (!key.scheme().isEmpty()) { + const QByteArray obfuscatedPassword = QCryptographicHash::hash(proxy->password().toUtf8(), + QCryptographicHash::Sha1).toHex(); key.setUserName(proxy->user()); + key.setPassword(QString::fromUtf8(obfuscatedPassword)); key.setHost(proxy->hostName()); key.setPort(proxy->port()); key.setQuery(result); @@ -290,18 +294,21 @@ void QHttpThreadDelegate::startRequest() : QHttpNetworkConnection::ConnectionTypeHTTP; #ifndef QT_NO_SSL + if (ssl && !incomingSslConfiguration.data()) + incomingSslConfiguration.reset(new QSslConfiguration); + if (httpRequest.isHTTP2Allowed() && ssl) { QList<QByteArray> protocols; protocols << QSslConfiguration::ALPNProtocolHTTP2 << QSslConfiguration::NextProtocolHttp1_1; - incomingSslConfiguration.setAllowedNextProtocols(protocols); + incomingSslConfiguration->setAllowedNextProtocols(protocols); } else if (httpRequest.isSPDYAllowed() && ssl) { connectionType = QHttpNetworkConnection::ConnectionTypeSPDY; urlCopy.setScheme(QStringLiteral("spdy")); // to differentiate SPDY requests from HTTPS requests QList<QByteArray> nextProtocols; nextProtocols << QSslConfiguration::NextProtocolSpdy3_0 << QSslConfiguration::NextProtocolHttp1_1; - incomingSslConfiguration.setAllowedNextProtocols(nextProtocols); + incomingSslConfiguration->setAllowedNextProtocols(nextProtocols); } #endif // QT_NO_SSL @@ -330,9 +337,8 @@ void QHttpThreadDelegate::startRequest() #endif #ifndef QT_NO_SSL // Set the QSslConfiguration from this QNetworkRequest. - if (ssl && incomingSslConfiguration != QSslConfiguration::defaultConfiguration()) { - httpConnection->setSslConfiguration(incomingSslConfiguration); - } + if (ssl) + httpConnection->setSslConfiguration(*incomingSslConfiguration); #endif #ifndef QT_NO_NETWORKPROXY diff --git a/src/network/access/qhttpthreaddelegate_p.h b/src/network/access/qhttpthreaddelegate_p.h index 6d1ea11f29..2f6954aa3b 100644 --- a/src/network/access/qhttpthreaddelegate_p.h +++ b/src/network/access/qhttpthreaddelegate_p.h @@ -63,7 +63,7 @@ #include "qhttpnetworkrequest_p.h" #include "qhttpnetworkconnection_p.h" #include <QSharedPointer> -#include "qsslconfiguration.h" +#include <QScopedPointer> #include "private/qnoncontiguousbytedevice_p.h" #include "qnetworkaccessauthenticationmanager_p.h" @@ -88,7 +88,7 @@ public: // incoming bool ssl; #ifndef QT_NO_SSL - QSslConfiguration incomingSslConfiguration; + QScopedPointer<QSslConfiguration> incomingSslConfiguration; #endif QHttpNetworkRequest httpRequest; qint64 downloadBufferMaximumSize; diff --git a/src/network/access/qnetworkaccessbackend.cpp b/src/network/access/qnetworkaccessbackend.cpp index 9c223dd32f..272dd22097 100644 --- a/src/network/access/qnetworkaccessbackend.cpp +++ b/src/network/access/qnetworkaccessbackend.cpp @@ -396,30 +396,8 @@ bool QNetworkAccessBackend::start() #endif #ifndef QT_NO_NETWORKPROXY -#ifndef QT_NO_BEARERMANAGEMENT - // Get the proxy settings from the network session (in the case of service networks, - // the proxy settings change depending which AP was activated) - QNetworkSession *session = networkSession.data(); - QNetworkConfiguration config; - if (session) { - QNetworkConfigurationManager configManager; - // The active configuration tells us what IAP is in use - QVariant v = session->sessionProperty(QLatin1String("ActiveConfiguration")); - if (v.isValid()) - config = configManager.configurationFromIdentifier(qvariant_cast<QString>(v)); - // Fallback to using the configuration if no active configuration - if (!config.isValid()) - config = session->configuration(); - // or unspecified configuration if that is no good either - if (!config.isValid()) - config = QNetworkConfiguration(); - } - reply->proxyList = manager->queryProxy(QNetworkProxyQuery(config, url())); -#else // QT_NO_BEARERMANAGEMENT - // Without bearer management, the proxy depends only on the url reply->proxyList = manager->queryProxy(QNetworkProxyQuery(url())); #endif -#endif // now start the request open(); diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp index d57acc2f6b..79f0aa8038 100644 --- a/src/network/access/qnetworkaccessmanager.cpp +++ b/src/network/access/qnetworkaccessmanager.cpp @@ -732,7 +732,7 @@ bool QNetworkAccessManager::isStrictTransportSecurityEnabled() const /*! \since 5.9 - Adds HTTP Strict Transport Security policies into HSTS cache. + Adds HTTP Strict Transport Security policies contained in \a knownHosts into HSTS cache. \note An expired policy will remove a known host from the cache, if previously present. diff --git a/src/network/access/qnetworkreply.cpp b/src/network/access/qnetworkreply.cpp index 8e7059de0f..cabea86521 100644 --- a/src/network/access/qnetworkreply.cpp +++ b/src/network/access/qnetworkreply.cpp @@ -311,9 +311,11 @@ QNetworkReplyPrivate::QNetworkReplyPrivate() When client code handling the redirected() signal has verified the new URL, it emits this signal to allow the redirect to go ahead. This protocol applies to network requests whose redirects policy is set to - QNetworkRequest::UserVerifiedRedirectsPolicy. + QNetworkRequest::UserVerifiedRedirectPolicy - \sa QNetworkRequest::UserVerifiedRedirectPolicy, QNetworkAccessManager::setRedirectPolicy(), QNetworkRequest::RedirectPolicyAttribute + \sa QNetworkRequest::UserVerifiedRedirectPolicy, + QNetworkAccessManager::setRedirectPolicy(), + QNetworkRequest::RedirectPolicyAttribute */ /*! diff --git a/src/network/access/qnetworkreplyhttpimpl.cpp b/src/network/access/qnetworkreplyhttpimpl.cpp index fec3b0a100..84b1ddf5ac 100644 --- a/src/network/access/qnetworkreplyhttpimpl.cpp +++ b/src/network/access/qnetworkreplyhttpimpl.cpp @@ -180,7 +180,8 @@ QNetworkReplyHttpImpl::QNetworkReplyHttpImpl(QNetworkAccessManager* const manage d->outgoingData = outgoingData; d->url = request.url(); #ifndef QT_NO_SSL - d->sslConfiguration = request.sslConfiguration(); + if (request.url().scheme() == QLatin1String("https")) + d->sslConfiguration.reset(new QSslConfiguration(request.sslConfiguration())); #endif // FIXME Later maybe set to Unbuffered, especially if it is zerocopy or from cache? @@ -419,7 +420,10 @@ void QNetworkReplyHttpImpl::setSslConfigurationImplementation(const QSslConfigur void QNetworkReplyHttpImpl::sslConfigurationImplementation(QSslConfiguration &configuration) const { Q_D(const QNetworkReplyHttpImpl); - configuration = d->sslConfiguration; + if (d->sslConfiguration.data()) + configuration = *d->sslConfiguration; + else + configuration = request().sslConfiguration(); } #endif @@ -786,7 +790,7 @@ void QNetworkReplyHttpImplPrivate::postRequest(const QNetworkRequest &newHttpReq delegate->ssl = ssl; #ifndef QT_NO_SSL if (ssl) - delegate->incomingSslConfiguration = newHttpRequest.sslConfiguration(); + delegate->incomingSslConfiguration.reset(new QSslConfiguration(newHttpRequest.sslConfiguration())); #endif // Do we use synchronous HTTP? @@ -1411,10 +1415,13 @@ void QNetworkReplyHttpImplPrivate::replySslErrors( *toBeIgnored = pendingIgnoreSslErrorsList; } -void QNetworkReplyHttpImplPrivate::replySslConfigurationChanged(const QSslConfiguration &sslConfiguration) +void QNetworkReplyHttpImplPrivate::replySslConfigurationChanged(const QSslConfiguration &newSslConfiguration) { // Receiving the used SSL configuration from the HTTP thread - this->sslConfiguration = sslConfiguration; + if (sslConfiguration.data()) + *sslConfiguration = newSslConfiguration; + else + sslConfiguration.reset(new QSslConfiguration(newSslConfiguration)); } void QNetworkReplyHttpImplPrivate::replyPreSharedKeyAuthenticationRequiredSlot(QSslPreSharedKeyAuthenticator *authenticator) diff --git a/src/network/access/qnetworkreplyhttpimpl_p.h b/src/network/access/qnetworkreplyhttpimpl_p.h index 9383149124..26b16e8386 100644 --- a/src/network/access/qnetworkreplyhttpimpl_p.h +++ b/src/network/access/qnetworkreplyhttpimpl_p.h @@ -58,6 +58,7 @@ #include "QtCore/qpointer.h" #include "QtCore/qdatetime.h" #include "QtCore/qsharedpointer.h" +#include "QtCore/qscopedpointer.h" #include "qatomic.h" #include <QtNetwork/QNetworkCacheMetaData> @@ -260,7 +261,7 @@ public: #ifndef QT_NO_SSL - QSslConfiguration sslConfiguration; + QScopedPointer<QSslConfiguration> sslConfiguration; bool pendingIgnoreAllSslErrors; QList<QSslError> pendingIgnoreSslErrorsList; #endif @@ -290,7 +291,7 @@ public: #ifndef QT_NO_SSL void replyEncrypted(); void replySslErrors(const QList<QSslError> &, bool *, QList<QSslError> *); - void replySslConfigurationChanged(const QSslConfiguration&); + void replySslConfigurationChanged(const QSslConfiguration &newSslConfiguration); void replyPreSharedKeyAuthenticationRequiredSlot(QSslPreSharedKeyAuthenticator *); #endif #ifndef QT_NO_NETWORKPROXY |