diff options
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/access/qhttpmultipart.cpp | 3 | ||||
-rw-r--r-- | src/network/access/qhttpnetworkconnectionchannel.cpp | 3 | ||||
-rw-r--r-- | src/network/kernel/qnetworkinterface_unix.cpp | 20 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 67 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_android.cpp | 179 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_p.h | 3 | ||||
-rw-r--r-- | src/network/ssl/ssl.pri | 2 |
7 files changed, 236 insertions, 41 deletions
diff --git a/src/network/access/qhttpmultipart.cpp b/src/network/access/qhttpmultipart.cpp index 4397ef8205..5985ed94e0 100644 --- a/src/network/access/qhttpmultipart.cpp +++ b/src/network/access/qhttpmultipart.cpp @@ -497,7 +497,8 @@ qint64 QHttpMultiPartIODevice::readData(char *data, qint64 maxSize) // skip the parts we have already read while (index < multiPart->parts.count() && - readPointer >= partOffsets.at(index) + multiPart->parts.at(index).d->size()) + readPointer >= partOffsets.at(index) + multiPart->parts.at(index).d->size() + + multiPart->boundary.count() + 6) // 6 == 2 boundary dashes, \r\n after boundary, \r\n after multipart index++; // read the data diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp index 7aee9aa38a..6e61eea5a4 100644 --- a/src/network/access/qhttpnetworkconnectionchannel.cpp +++ b/src/network/access/qhttpnetworkconnectionchannel.cpp @@ -1130,6 +1130,9 @@ void QHttpNetworkConnectionChannel::_q_error(QAbstractSocket::SocketError socket errorCode = QNetworkReply::RemoteHostClosedError; } } else if (state == QHttpNetworkConnectionChannel::ReadingState) { + if (!reply) + break; + if (!reply->d_func()->expectContent()) { // No content expected, this is a valid way to have the connection closed by the server return; diff --git a/src/network/kernel/qnetworkinterface_unix.cpp b/src/network/kernel/qnetworkinterface_unix.cpp index 0ec9554c82..b090213861 100644 --- a/src/network/kernel/qnetworkinterface_unix.cpp +++ b/src/network/kernel/qnetworkinterface_unix.cpp @@ -81,7 +81,7 @@ QT_BEGIN_NAMESPACE -static QHostAddress addressFromSockaddr(sockaddr *sa) +static QHostAddress addressFromSockaddr(sockaddr *sa, int ifindex = 0, const QString &ifname = QString()) { QHostAddress address; if (!sa) @@ -92,7 +92,11 @@ static QHostAddress addressFromSockaddr(sockaddr *sa) else if (sa->sa_family == AF_INET6) { address.setAddress(((sockaddr_in6 *)sa)->sin6_addr.s6_addr); int scope = ((sockaddr_in6 *)sa)->sin6_scope_id; - if (scope) { + if (scope && scope == ifindex) { + // this is the most likely scenario: + // a scope ID in a socket is that of the interface this address came from + address.setScopeId(ifname); + } else if (scope) { #ifndef QT_NO_IPV6IFNAME char scopeid[IFNAMSIZ]; if (::if_indextoname(scope, scopeid)) { @@ -410,14 +414,9 @@ static QList<QNetworkInterfacePrivate *> interfaceListing() { QList<QNetworkInterfacePrivate *> interfaces; - int socket; - if ((socket = qt_safe_socket(AF_INET, SOCK_STREAM, IPPROTO_IP)) == -1) - return interfaces; // error - ifaddrs *interfaceListing; if (getifaddrs(&interfaceListing) == -1) { // error - ::close(socket); return interfaces; } @@ -439,20 +438,19 @@ static QList<QNetworkInterfacePrivate *> interfaceListing() } QNetworkAddressEntry entry; - entry.setIp(addressFromSockaddr(ptr->ifa_addr)); + entry.setIp(addressFromSockaddr(ptr->ifa_addr, iface->index, iface->name)); if (entry.ip().isNull()) // could not parse the address continue; - entry.setNetmask(addressFromSockaddr(ptr->ifa_netmask)); + entry.setNetmask(addressFromSockaddr(ptr->ifa_netmask, iface->index, iface->name)); if (iface->flags & QNetworkInterface::CanBroadcast) - entry.setBroadcast(addressFromSockaddr(ptr->ifa_broadaddr)); + entry.setBroadcast(addressFromSockaddr(ptr->ifa_broadaddr, iface->index, iface->name)); iface->addressEntries << entry; } freeifaddrs(interfaceListing); - ::close(socket); return interfaces; } #endif diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 69181f40b4..e94df10fed 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -522,6 +522,8 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() } else { qWarning("could not load crypt32 library"); // should never happen } +#elif defined(Q_OS_QNX) + s_loadRootCertsOnDemand = true; #elif defined(Q_OS_UNIX) && !defined(Q_OS_MAC) // check whether we can enable on-demand root-cert loading (i.e. check whether the sym links are there) QList<QByteArray> dirs = unixRootCertDirectories(); @@ -686,41 +688,48 @@ QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() } #elif defined(Q_OS_UNIX) QSet<QString> certFiles; -# ifdef Q_OS_ANDROID - QList<QByteArray> directories; - directories << qgetenv("MINISTRO_SSL_CERTS_PATH"); // Set by Ministro -# else - QList<QByteArray> directories = unixRootCertDirectories(); -# endif QDir currentDir; QStringList nameFilters; -# ifdef Q_OS_ANDROID - nameFilters << QLatin1String("*.der"); -#else + QList<QByteArray> directories; + QSsl::EncodingFormat platformEncodingFormat; +# ifndef Q_OS_ANDROID + directories = unixRootCertDirectories(); nameFilters << QLatin1String("*.pem") << QLatin1String("*.crt"); -# endif - currentDir.setNameFilters(nameFilters); - for (int a = 0; a < directories.count(); a++) { - currentDir.setPath(QLatin1String(directories.at(a))); - QDirIterator it(currentDir); - while(it.hasNext()) { - it.next(); - // use canonical path here to not load the same certificate twice if symlinked - certFiles.insert(it.fileInfo().canonicalFilePath()); - } - } - QSetIterator<QString> it(certFiles); - while(it.hasNext()) { -# ifdef Q_OS_ANDROID - systemCerts.append(QSslCertificate::fromPath(it.next(), QSsl::Der)); + platformEncodingFormat = QSsl::Pem; # else - systemCerts.append(QSslCertificate::fromPath(it.next(), QSsl::Pem)); -# endif - } + // Q_OS_ANDROID + QByteArray ministroPath = qgetenv("MINISTRO_SSL_CERTS_PATH"); // Set by Ministro + directories << ministroPath; + nameFilters << QLatin1String("*.der"); + platformEncodingFormat = QSsl::Der; +# ifndef Q_OS_ANDROID_NO_SDK + if (ministroPath.isEmpty()) { + QList<QByteArray> certificateData = fetchSslCertificateData(); + for (int i = 0; i < certificateData.size(); ++i) { + systemCerts.append(QSslCertificate::fromData(certificateData.at(i), QSsl::Der)); + } + } else +# endif //Q_OS_ANDROID_NO_SDK +# endif //Q_OS_ANDROID + { + currentDir.setNameFilters(nameFilters); + for (int a = 0; a < directories.count(); a++) { + currentDir.setPath(QLatin1String(directories.at(a))); + QDirIterator it(currentDir); + while (it.hasNext()) { + it.next(); + // use canonical path here to not load the same certificate twice if symlinked + certFiles.insert(it.fileInfo().canonicalFilePath()); + } + } + QSetIterator<QString> it(certFiles); + while (it.hasNext()) + systemCerts.append(QSslCertificate::fromPath(it.next(), platformEncodingFormat)); # ifndef Q_OS_ANDROID - systemCerts.append(QSslCertificate::fromPath(QLatin1String("/etc/pki/tls/certs/ca-bundle.crt"), QSsl::Pem)); // Fedora, Mandriva - systemCerts.append(QSslCertificate::fromPath(QLatin1String("/usr/local/share/certs/ca-root-nss.crt"), QSsl::Pem)); // FreeBSD's ca_root_nss + systemCerts.append(QSslCertificate::fromPath(QLatin1String("/etc/pki/tls/certs/ca-bundle.crt"), QSsl::Pem)); // Fedora, Mandriva + systemCerts.append(QSslCertificate::fromPath(QLatin1String("/usr/local/share/certs/ca-root-nss.crt"), QSsl::Pem)); // FreeBSD's ca_root_nss # endif + } #endif #ifdef QSSLSOCKET_DEBUG qDebug() << "systemCaCertificates retrieval time " << timer.elapsed() << "ms"; diff --git a/src/network/ssl/qsslsocket_openssl_android.cpp b/src/network/ssl/qsslsocket_openssl_android.cpp new file mode 100644 index 0000000000..fa612a75a6 --- /dev/null +++ b/src/network/ssl/qsslsocket_openssl_android.cpp @@ -0,0 +1,179 @@ +/**************************************************************************** +** +** Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +/**************************************************************************** +** +** In addition, as a special exception, the copyright holders listed above give +** permission to link the code of its release of Qt with the OpenSSL project's +** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the +** same license as the original version), and distribute the linked executables. +** +** You must comply with the GNU General Public License version 2 in all +** respects for all of the code used other than the "OpenSSL" code. If you +** modify this file, you may extend this exception to your version of the file, +** but you are not obligated to do so. If you do not wish to do so, delete +** this exception statement from your version of this file. +** +****************************************************************************/ + +#include "qsslsocket_openssl_p.h" + + + +#include <jni.h> +#include <android/log.h> + +static JavaVM *javaVM = 0; +static jclass appClass; + +static jmethodID getSslCertificatesMethodID; + +struct AttachedJNIEnv +{ + AttachedJNIEnv() + { + attached = false; + if (javaVM->GetEnv((void**)&jniEnv, JNI_VERSION_1_6) < 0) { + if (javaVM->AttachCurrentThread(&jniEnv, NULL) < 0) { + __android_log_print(ANDROID_LOG_ERROR, "Qt", "AttachCurrentThread failed"); + jniEnv = 0; + return; + } + attached = true; + } + } + + ~AttachedJNIEnv() + { + if (attached) + javaVM->DetachCurrentThread(); + } + bool attached; + JNIEnv *jniEnv; +}; + +static const char logTag[] = "Qt"; +static const char classErrorMsg[] = "Can't find class \"%s\""; +static const char methodErrorMsg[] = "Can't find method \"%s%s\""; + + +#define FIND_AND_CHECK_CLASS(CLASS_NAME) \ +clazz = env->FindClass(CLASS_NAME); \ +if (!clazz) { \ + __android_log_print(ANDROID_LOG_FATAL, logTag, classErrorMsg, CLASS_NAME); \ + return JNI_FALSE; \ +} + +#define GET_AND_CHECK_STATIC_METHOD(VAR, CLASS, METHOD_NAME, METHOD_SIGNATURE) \ +VAR = env->GetStaticMethodID(CLASS, METHOD_NAME, METHOD_SIGNATURE); \ +if (!VAR) { \ + __android_log_print(ANDROID_LOG_FATAL, logTag, methodErrorMsg, METHOD_NAME, METHOD_SIGNATURE); \ + return JNI_FALSE; \ +} + +static bool registerNatives(JNIEnv *env) +{ + jclass clazz; + FIND_AND_CHECK_CLASS("org/qtproject/qt5/android/QtNative"); + appClass = static_cast<jclass>(env->NewGlobalRef(clazz)); + +#if 0 //we don't call C++ functions from Java at this time + if (env->RegisterNatives(appClass, methods, sizeof(methods) / sizeof(methods[0])) < 0) { + __android_log_print(ANDROID_LOG_FATAL, logTag, "RegisterNatives failed"); + return JNI_FALSE; + } +#endif + + GET_AND_CHECK_STATIC_METHOD(getSslCertificatesMethodID, appClass, "getSSLCertificates", "()[[B"); + + return true; +} + +Q_DECL_EXPORT jint JNICALL JNI_OnLoad(JavaVM *vm, void * /*reserved*/) +{ + typedef union { + JNIEnv *nativeEnvironment; + void *venv; + } UnionJNIEnvToVoid; + + __android_log_print(ANDROID_LOG_INFO, logTag, "Network start"); + UnionJNIEnvToVoid uenv; + uenv.venv = NULL; + javaVM = 0; + + if (vm->GetEnv(&uenv.venv, JNI_VERSION_1_4) != JNI_OK) { + __android_log_print(ANDROID_LOG_FATAL, logTag, "GetEnv failed"); + return -1; + } + JNIEnv *env = uenv.nativeEnvironment; + if (!registerNatives(env)) { + __android_log_print(ANDROID_LOG_FATAL, logTag, "registerNatives failed"); + return -1; + } + + javaVM = vm; + return JNI_VERSION_1_4; +} + +QList<QByteArray> QSslSocketPrivate::fetchSslCertificateData() +{ + QList<QByteArray> certificateData; + AttachedJNIEnv env; + + if (env.jniEnv) { + jobjectArray jcertificates = + static_cast<jobjectArray>(env.jniEnv->CallStaticObjectMethod(appClass, getSslCertificatesMethodID)); + jint nCertificates = env.jniEnv->GetArrayLength(jcertificates); + + for (int i = 0; i < nCertificates; ++i) { + jbyteArray jCert = static_cast<jbyteArray>(env.jniEnv->GetObjectArrayElement(jcertificates, i)); + + const uint sz = env.jniEnv->GetArrayLength(jCert); + jbyte *buffer = env.jniEnv->GetByteArrayElements(jCert, 0); + certificateData.append(QByteArray(reinterpret_cast<char*>(buffer), sz)); + + env.jniEnv->ReleaseByteArrayElements(jCert, buffer, JNI_ABORT); // don't copy back the elements + env.jniEnv->DeleteLocalRef(jCert); + } + } + + return certificateData; +} diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index 4fed101a80..6281753225 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -197,6 +197,9 @@ public: private: static bool ensureLibraryLoaded(); static void ensureCiphersAndCertsLoaded(); +#if defined(Q_OS_ANDROID) && !defined(Q_OS_ANDROID_NO_SDK) + static QList<QByteArray> fetchSslCertificateData(); +#endif static bool s_libraryLoaded; static bool s_loadedCiphersAndCerts; diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri index 1d8c8e1ab7..0fe231357b 100644 --- a/src/network/ssl/ssl.pri +++ b/src/network/ssl/ssl.pri @@ -28,6 +28,8 @@ contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) { ssl/qsslcertificateextension.cpp \ ssl/qsslcontext.cpp +android:!android-no-sdk: SOURCES += ssl/qsslsocket_openssl_android.cpp + # Add optional SSL libs # Static linking of OpenSSL with msvc: # - Binaries http://slproweb.com/products/Win32OpenSSL.html |