summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/network/ssl/qsslsocket.cpp')
-rw-r--r--src/network/ssl/qsslsocket.cpp84
1 files changed, 83 insertions, 1 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index 4273904c12..11b7e08a36 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -336,12 +336,18 @@ QT_BEGIN_NAMESPACE
class QSslSocketGlobalData
{
public:
- QSslSocketGlobalData() : config(new QSslConfigurationPrivate) {}
+ QSslSocketGlobalData()
+ : config(new QSslConfigurationPrivate),
+ dtlsConfig(new QSslConfigurationPrivate)
+ {
+ dtlsConfig->protocol = QSsl::DtlsV1_2OrLater;
+ }
QMutex mutex;
QList<QSslCipher> supportedCiphers;
QVector<QSslEllipticCurve> supportedEllipticCurves;
QExplicitlySharedDataPointer<QSslConfigurationPrivate> config;
+ QExplicitlySharedDataPointer<QSslConfigurationPrivate> dtlsConfig;
};
Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData)
@@ -442,6 +448,12 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, O
return;
}
+ if (!supportsSsl()) {
+ qCWarning(lcSsl, "QSslSocket::connectToHostEncrypted: TLS initialization failed");
+ d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed"));
+ return;
+ }
+
d->init();
d->autoStartHandshake = true;
d->initialized = true;
@@ -473,6 +485,12 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,
return;
}
+ if (!supportsSsl()) {
+ qCWarning(lcSsl, "QSslSocket::connectToHostEncrypted: TLS initialization failed");
+ d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed"));
+ return;
+ }
+
d->init();
d->autoStartHandshake = true;
d->initialized = true;
@@ -1817,6 +1835,12 @@ void QSslSocket::startClientEncryption()
"QSslSocket::startClientEncryption: cannot start handshake when not connected");
return;
}
+
+ if (!supportsSsl()) {
+ qCWarning(lcSsl, "QSslSocket::startClientEncryption: TLS initialization failed");
+ d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed"));
+ return;
+ }
#ifdef QSSLSOCKET_DEBUG
qCDebug(lcSsl) << "QSslSocket::startClientEncryption()";
#endif
@@ -1855,6 +1879,11 @@ void QSslSocket::startServerEncryption()
#ifdef QSSLSOCKET_DEBUG
qCDebug(lcSsl) << "QSslSocket::startServerEncryption()";
#endif
+ if (!supportsSsl()) {
+ qCWarning(lcSsl, "QSslSocket::startServerEncryption: TLS initialization failed");
+ d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed"));
+ return;
+ }
d->mode = SslServerMode;
emit modeChanged(d->mode);
d->startServerEncryption();
@@ -2128,6 +2157,26 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph
/*!
\internal
*/
+void q_setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers)
+{
+ QMutexLocker locker(&globalData()->mutex);
+ globalData()->dtlsConfig.detach();
+ globalData()->dtlsConfig->ciphers = ciphers;
+}
+
+/*!
+ \internal
+*/
+QList<QSslCipher> q_getDefaultDtlsCiphers()
+{
+ QSslSocketPrivate::ensureInitialized();
+ QMutexLocker locker(&globalData()->mutex);
+ return globalData()->dtlsConfig->ciphers;
+}
+
+/*!
+ \internal
+*/
QVector<QSslEllipticCurve> QSslSocketPrivate::supportedEllipticCurves()
{
QSslSocketPrivate::ensureInitialized();
@@ -2142,6 +2191,7 @@ void QSslSocketPrivate::setDefaultSupportedEllipticCurves(const QVector<QSslElli
{
const QMutexLocker locker(&globalData()->mutex);
globalData()->config.detach();
+ globalData()->dtlsConfig.detach();
globalData()->supportedEllipticCurves = curves;
}
@@ -2164,6 +2214,8 @@ void QSslSocketPrivate::setDefaultCaCertificates(const QList<QSslCertificate> &c
QMutexLocker locker(&globalData()->mutex);
globalData()->config.detach();
globalData()->config->caCertificates = certs;
+ globalData()->dtlsConfig.detach();
+ globalData()->dtlsConfig->caCertificates = certs;
// when the certificates are set explicitly, we do not want to
// load the system certificates on demand
s_loadRootCertsOnDemand = false;
@@ -2183,6 +2235,8 @@ bool QSslSocketPrivate::addDefaultCaCertificates(const QString &path, QSsl::Enco
QMutexLocker locker(&globalData()->mutex);
globalData()->config.detach();
globalData()->config->caCertificates += certs;
+ globalData()->dtlsConfig.detach();
+ globalData()->dtlsConfig->caCertificates += certs;
return true;
}
@@ -2195,6 +2249,8 @@ void QSslSocketPrivate::addDefaultCaCertificate(const QSslCertificate &cert)
QMutexLocker locker(&globalData()->mutex);
globalData()->config.detach();
globalData()->config->caCertificates += cert;
+ globalData()->dtlsConfig.detach();
+ globalData()->dtlsConfig->caCertificates += cert;
}
/*!
@@ -2206,6 +2262,8 @@ void QSslSocketPrivate::addDefaultCaCertificates(const QList<QSslCertificate> &c
QMutexLocker locker(&globalData()->mutex);
globalData()->config.detach();
globalData()->config->caCertificates += certs;
+ globalData()->dtlsConfig.detach();
+ globalData()->dtlsConfig->caCertificates += certs;
}
/*!
@@ -2263,6 +2321,30 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri
/*!
\internal
*/
+QSslConfiguration QSslConfigurationPrivate::defaultDtlsConfiguration()
+{
+ QSslSocketPrivate::ensureInitialized();
+ QMutexLocker locker(&globalData()->mutex);
+
+ return QSslConfiguration(globalData()->dtlsConfig.data());
+}
+
+/*!
+ \internal
+*/
+void QSslConfigurationPrivate::setDefaultDtlsConfiguration(const QSslConfiguration &configuration)
+{
+ QSslSocketPrivate::ensureInitialized();
+ QMutexLocker locker(&globalData()->mutex);
+ if (globalData()->dtlsConfig == configuration.d)
+ return; // nothing to do
+
+ globalData()->dtlsConfig = const_cast<QSslConfigurationPrivate*>(configuration.d.constData());
+}
+
+/*!
+ \internal
+*/
void QSslSocketPrivate::createPlainSocket(QIODevice::OpenMode openMode)
{
Q_Q(QSslSocket);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-15 08:52:54 +0000