diff options
Diffstat (limited to 'src/network/ssl/qsslsocket.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 84 |
1 files changed, 83 insertions, 1 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 4273904c12..11b7e08a36 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -336,12 +336,18 @@ QT_BEGIN_NAMESPACE class QSslSocketGlobalData { public: - QSslSocketGlobalData() : config(new QSslConfigurationPrivate) {} + QSslSocketGlobalData() + : config(new QSslConfigurationPrivate), + dtlsConfig(new QSslConfigurationPrivate) + { + dtlsConfig->protocol = QSsl::DtlsV1_2OrLater; + } QMutex mutex; QList<QSslCipher> supportedCiphers; QVector<QSslEllipticCurve> supportedEllipticCurves; QExplicitlySharedDataPointer<QSslConfigurationPrivate> config; + QExplicitlySharedDataPointer<QSslConfigurationPrivate> dtlsConfig; }; Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData) @@ -442,6 +448,12 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, O return; } + if (!supportsSsl()) { + qCWarning(lcSsl, "QSslSocket::connectToHostEncrypted: TLS initialization failed"); + d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed")); + return; + } + d->init(); d->autoStartHandshake = true; d->initialized = true; @@ -473,6 +485,12 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, return; } + if (!supportsSsl()) { + qCWarning(lcSsl, "QSslSocket::connectToHostEncrypted: TLS initialization failed"); + d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed")); + return; + } + d->init(); d->autoStartHandshake = true; d->initialized = true; @@ -1817,6 +1835,12 @@ void QSslSocket::startClientEncryption() "QSslSocket::startClientEncryption: cannot start handshake when not connected"); return; } + + if (!supportsSsl()) { + qCWarning(lcSsl, "QSslSocket::startClientEncryption: TLS initialization failed"); + d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed")); + return; + } #ifdef QSSLSOCKET_DEBUG qCDebug(lcSsl) << "QSslSocket::startClientEncryption()"; #endif @@ -1855,6 +1879,11 @@ void QSslSocket::startServerEncryption() #ifdef QSSLSOCKET_DEBUG qCDebug(lcSsl) << "QSslSocket::startServerEncryption()"; #endif + if (!supportsSsl()) { + qCWarning(lcSsl, "QSslSocket::startServerEncryption: TLS initialization failed"); + d->setErrorAndEmit(QAbstractSocket::SslInternalError, tr("TLS initialization failed")); + return; + } d->mode = SslServerMode; emit modeChanged(d->mode); d->startServerEncryption(); @@ -2128,6 +2157,26 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph /*! \internal */ +void q_setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers) +{ + QMutexLocker locker(&globalData()->mutex); + globalData()->dtlsConfig.detach(); + globalData()->dtlsConfig->ciphers = ciphers; +} + +/*! + \internal +*/ +QList<QSslCipher> q_getDefaultDtlsCiphers() +{ + QSslSocketPrivate::ensureInitialized(); + QMutexLocker locker(&globalData()->mutex); + return globalData()->dtlsConfig->ciphers; +} + +/*! + \internal +*/ QVector<QSslEllipticCurve> QSslSocketPrivate::supportedEllipticCurves() { QSslSocketPrivate::ensureInitialized(); @@ -2142,6 +2191,7 @@ void QSslSocketPrivate::setDefaultSupportedEllipticCurves(const QVector<QSslElli { const QMutexLocker locker(&globalData()->mutex); globalData()->config.detach(); + globalData()->dtlsConfig.detach(); globalData()->supportedEllipticCurves = curves; } @@ -2164,6 +2214,8 @@ void QSslSocketPrivate::setDefaultCaCertificates(const QList<QSslCertificate> &c QMutexLocker locker(&globalData()->mutex); globalData()->config.detach(); globalData()->config->caCertificates = certs; + globalData()->dtlsConfig.detach(); + globalData()->dtlsConfig->caCertificates = certs; // when the certificates are set explicitly, we do not want to // load the system certificates on demand s_loadRootCertsOnDemand = false; @@ -2183,6 +2235,8 @@ bool QSslSocketPrivate::addDefaultCaCertificates(const QString &path, QSsl::Enco QMutexLocker locker(&globalData()->mutex); globalData()->config.detach(); globalData()->config->caCertificates += certs; + globalData()->dtlsConfig.detach(); + globalData()->dtlsConfig->caCertificates += certs; return true; } @@ -2195,6 +2249,8 @@ void QSslSocketPrivate::addDefaultCaCertificate(const QSslCertificate &cert) QMutexLocker locker(&globalData()->mutex); globalData()->config.detach(); globalData()->config->caCertificates += cert; + globalData()->dtlsConfig.detach(); + globalData()->dtlsConfig->caCertificates += cert; } /*! @@ -2206,6 +2262,8 @@ void QSslSocketPrivate::addDefaultCaCertificates(const QList<QSslCertificate> &c QMutexLocker locker(&globalData()->mutex); globalData()->config.detach(); globalData()->config->caCertificates += certs; + globalData()->dtlsConfig.detach(); + globalData()->dtlsConfig->caCertificates += certs; } /*! @@ -2263,6 +2321,30 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri /*! \internal */ +QSslConfiguration QSslConfigurationPrivate::defaultDtlsConfiguration() +{ + QSslSocketPrivate::ensureInitialized(); + QMutexLocker locker(&globalData()->mutex); + + return QSslConfiguration(globalData()->dtlsConfig.data()); +} + +/*! + \internal +*/ +void QSslConfigurationPrivate::setDefaultDtlsConfiguration(const QSslConfiguration &configuration) +{ + QSslSocketPrivate::ensureInitialized(); + QMutexLocker locker(&globalData()->mutex); + if (globalData()->dtlsConfig == configuration.d) + return; // nothing to do + + globalData()->dtlsConfig = const_cast<QSslConfigurationPrivate*>(configuration.d.constData()); +} + +/*! + \internal +*/ void QSslSocketPrivate::createPlainSocket(QIODevice::OpenMode openMode) { Q_Q(QSslSocket); |