diff options
Diffstat (limited to 'src/network')
53 files changed, 1140 insertions, 351 deletions
diff --git a/src/network/access/qhttpmultipart_p.h b/src/network/access/qhttpmultipart_p.h index f00883afd0..307843ea27 100644 --- a/src/network/access/qhttpmultipart_p.h +++ b/src/network/access/qhttpmultipart_p.h @@ -117,30 +117,30 @@ public: ~QHttpMultiPartIODevice() { } - virtual bool atEnd() const { + virtual bool atEnd() const Q_DECL_OVERRIDE { return readPointer == size(); } - virtual qint64 bytesAvailable() const { + virtual qint64 bytesAvailable() const Q_DECL_OVERRIDE { return size() - readPointer; } - virtual void close() { + virtual void close() Q_DECL_OVERRIDE { readPointer = 0; partOffsets.clear(); deviceSize = -1; QIODevice::close(); } - virtual qint64 bytesToWrite() const { + virtual qint64 bytesToWrite() const Q_DECL_OVERRIDE { return 0; } - virtual qint64 size() const; - virtual bool isSequential() const; - virtual bool reset(); - virtual qint64 readData(char *data, qint64 maxSize); - virtual qint64 writeData(const char *data, qint64 maxSize); + virtual qint64 size() const Q_DECL_OVERRIDE; + virtual bool isSequential() const Q_DECL_OVERRIDE; + virtual bool reset() Q_DECL_OVERRIDE; + virtual qint64 readData(char *data, qint64 maxSize) Q_DECL_OVERRIDE; + virtual qint64 writeData(const char *data, qint64 maxSize) Q_DECL_OVERRIDE; QHttpMultiPartPrivate *multiPart; qint64 readPointer; diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index 365ce55f2b..6caf118c59 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -385,11 +385,12 @@ void QHttpNetworkConnectionPrivate::copyCredentials(int fromChannel, QAuthentica Q_ASSERT(auth); // NTLM is a multi phase authentication. Copying credentials between authenticators would mess things up. - if (!isProxy && channels[fromChannel].authMethod == QAuthenticatorPrivate::Ntlm) - return; - if (isProxy && channels[fromChannel].proxyAuthMethod == QAuthenticatorPrivate::Ntlm) - return; - + if (fromChannel >= 0) { + if (!isProxy && channels[fromChannel].authMethod == QAuthenticatorPrivate::Ntlm) + return; + if (isProxy && channels[fromChannel].proxyAuthMethod == QAuthenticatorPrivate::Ntlm) + return; + } // select another channel QAuthenticator* otherAuth = 0; diff --git a/src/network/access/qhttpnetworkconnection_p.h b/src/network/access/qhttpnetworkconnection_p.h index e34c15d729..a65f9018fe 100644 --- a/src/network/access/qhttpnetworkconnection_p.h +++ b/src/network/access/qhttpnetworkconnection_p.h @@ -79,6 +79,7 @@ QT_BEGIN_NAMESPACE class QHttpNetworkRequest; class QHttpNetworkReply; +class QHttpThreadDelegate; class QByteArray; class QHostInfo; @@ -148,6 +149,7 @@ public: private: Q_DECLARE_PRIVATE(QHttpNetworkConnection) Q_DISABLE_COPY(QHttpNetworkConnection) + friend class QHttpThreadDelegate; friend class QHttpNetworkReply; friend class QHttpNetworkReplyPrivate; friend class QHttpNetworkConnectionChannel; diff --git a/src/network/access/qhttpnetworkreply_p.h b/src/network/access/qhttpnetworkreply_p.h index 6163f6c789..7a13358a4b 100644 --- a/src/network/access/qhttpnetworkreply_p.h +++ b/src/network/access/qhttpnetworkreply_p.h @@ -82,18 +82,18 @@ public: explicit QHttpNetworkReply(const QUrl &url = QUrl(), QObject *parent = 0); virtual ~QHttpNetworkReply(); - QUrl url() const; - void setUrl(const QUrl &url); + QUrl url() const Q_DECL_OVERRIDE; + void setUrl(const QUrl &url) Q_DECL_OVERRIDE; - int majorVersion() const; - int minorVersion() const; + int majorVersion() const Q_DECL_OVERRIDE; + int minorVersion() const Q_DECL_OVERRIDE; - qint64 contentLength() const; - void setContentLength(qint64 length); + qint64 contentLength() const Q_DECL_OVERRIDE; + void setContentLength(qint64 length) Q_DECL_OVERRIDE; - QList<QPair<QByteArray, QByteArray> > header() const; - QByteArray headerField(const QByteArray &name, const QByteArray &defaultValue = QByteArray()) const; - void setHeaderField(const QByteArray &name, const QByteArray &data); + QList<QPair<QByteArray, QByteArray> > header() const Q_DECL_OVERRIDE; + QByteArray headerField(const QByteArray &name, const QByteArray &defaultValue = QByteArray()) const Q_DECL_OVERRIDE; + void setHeaderField(const QByteArray &name, const QByteArray &data) Q_DECL_OVERRIDE; void parseHeader(const QByteArray &header); // mainly for testing QHttpNetworkRequest request() const; diff --git a/src/network/access/qhttpnetworkrequest_p.h b/src/network/access/qhttpnetworkrequest_p.h index d6683afa20..f39f3c7b6f 100644 --- a/src/network/access/qhttpnetworkrequest_p.h +++ b/src/network/access/qhttpnetworkrequest_p.h @@ -81,18 +81,18 @@ public: QHttpNetworkRequest &operator=(const QHttpNetworkRequest &other); bool operator==(const QHttpNetworkRequest &other) const; - QUrl url() const; - void setUrl(const QUrl &url); + QUrl url() const Q_DECL_OVERRIDE; + void setUrl(const QUrl &url) Q_DECL_OVERRIDE; - int majorVersion() const; - int minorVersion() const; + int majorVersion() const Q_DECL_OVERRIDE; + int minorVersion() const Q_DECL_OVERRIDE; - qint64 contentLength() const; - void setContentLength(qint64 length); + qint64 contentLength() const Q_DECL_OVERRIDE; + void setContentLength(qint64 length) Q_DECL_OVERRIDE; - QList<QPair<QByteArray, QByteArray> > header() const; - QByteArray headerField(const QByteArray &name, const QByteArray &defaultValue = QByteArray()) const; - void setHeaderField(const QByteArray &name, const QByteArray &data); + QList<QPair<QByteArray, QByteArray> > header() const Q_DECL_OVERRIDE; + QByteArray headerField(const QByteArray &name, const QByteArray &defaultValue = QByteArray()) const Q_DECL_OVERRIDE; + void setHeaderField(const QByteArray &name, const QByteArray &data) Q_DECL_OVERRIDE; Operation operation() const; void setOperation(Operation operation); diff --git a/src/network/access/qhttpthreaddelegate.cpp b/src/network/access/qhttpthreaddelegate.cpp index 06d62fbbcb..e31f23c18c 100644 --- a/src/network/access/qhttpthreaddelegate.cpp +++ b/src/network/access/qhttpthreaddelegate.cpp @@ -187,7 +187,7 @@ public: setShareable(true); } - virtual void dispose() + virtual void dispose() Q_DECL_OVERRIDE { #if 0 // sample code; do this right with the API Q_ASSERT(!isWorking()); @@ -328,6 +328,16 @@ void QHttpThreadDelegate::startRequest() // cache the QHttpNetworkConnection corresponding to this cache key connections.localData()->addEntry(cacheKey, httpConnection); + } else { + if (httpRequest.withCredentials()) { + QNetworkAuthenticationCredential credential = authenticationManager->fetchCachedCredentials(httpRequest.url(), 0); + if (!credential.user.isEmpty() && !credential.password.isEmpty()) { + QAuthenticator auth; + auth.setUser(credential.user); + auth.setPassword(credential.password); + httpConnection->d_func()->copyCredentials(-1, &auth, false); + } + } } diff --git a/src/network/access/qhttpthreaddelegate_p.h b/src/network/access/qhttpthreaddelegate_p.h index 16610828cb..b1367fec0c 100644 --- a/src/network/access/qhttpthreaddelegate_p.h +++ b/src/network/access/qhttpthreaddelegate_p.h @@ -202,7 +202,7 @@ public: { } - const char* readPointer(qint64 maximumLength, qint64 &len) + const char* readPointer(qint64 maximumLength, qint64 &len) Q_DECL_OVERRIDE { if (m_amount > 0) { len = m_amount; @@ -222,7 +222,7 @@ public: return 0; } - bool advanceReadPointer(qint64 a) + bool advanceReadPointer(qint64 a) Q_DECL_OVERRIDE { if (m_data == 0) return false; @@ -238,7 +238,7 @@ public: return true; } - bool atEnd() + bool atEnd() Q_DECL_OVERRIDE { if (m_amount > 0) return false; @@ -246,7 +246,7 @@ public: return m_atEnd; } - bool reset() + bool reset() Q_DECL_OVERRIDE { m_amount = 0; m_data = 0; @@ -257,7 +257,7 @@ public: return b; } - qint64 size() + qint64 size() Q_DECL_OVERRIDE { return m_size; } diff --git a/src/network/access/qnetworkaccessauthenticationmanager.cpp b/src/network/access/qnetworkaccessauthenticationmanager.cpp index c8ba8ae978..622ec6c082 100644 --- a/src/network/access/qnetworkaccessauthenticationmanager.cpp +++ b/src/network/access/qnetworkaccessauthenticationmanager.cpp @@ -89,7 +89,7 @@ public: } } - virtual void dispose() { delete this; } + virtual void dispose() Q_DECL_OVERRIDE { delete this; } }; #ifndef QT_NO_NETWORKPROXY diff --git a/src/network/access/qnetworkaccesscache_p.h b/src/network/access/qnetworkaccesscache_p.h index 171c2cda86..66b2e509bf 100644 --- a/src/network/access/qnetworkaccesscache_p.h +++ b/src/network/access/qnetworkaccesscache_p.h @@ -99,7 +99,7 @@ signals: void entryReady(QNetworkAccessCache::CacheableObject *); protected: - void timerEvent(QTimerEvent *); + void timerEvent(QTimerEvent *) Q_DECL_OVERRIDE; private: // idea copied from qcache.h diff --git a/src/network/access/qnetworkaccesscachebackend_p.h b/src/network/access/qnetworkaccesscachebackend_p.h index f298b84471..c91e5a9206 100644 --- a/src/network/access/qnetworkaccesscachebackend_p.h +++ b/src/network/access/qnetworkaccesscachebackend_p.h @@ -58,12 +58,12 @@ public: QNetworkAccessCacheBackend(); ~QNetworkAccessCacheBackend(); - void open(); - void closeDownstreamChannel(); + void open() Q_DECL_OVERRIDE; + void closeDownstreamChannel() Q_DECL_OVERRIDE; void closeUpstreamChannel(); void upstreamReadyRead(); - void downstreamReadyWrite(); + void downstreamReadyWrite() Q_DECL_OVERRIDE; private: bool sendCacheContents(); diff --git a/src/network/access/qnetworkaccessdebugpipebackend_p.h b/src/network/access/qnetworkaccessdebugpipebackend_p.h index da8cc9a8d2..cb5a12722f 100644 --- a/src/network/access/qnetworkaccessdebugpipebackend_p.h +++ b/src/network/access/qnetworkaccessdebugpipebackend_p.h @@ -61,10 +61,10 @@ public: QNetworkAccessDebugPipeBackend(); virtual ~QNetworkAccessDebugPipeBackend(); - virtual void open(); - virtual void closeDownstreamChannel(); + virtual void open() Q_DECL_OVERRIDE; + virtual void closeDownstreamChannel() Q_DECL_OVERRIDE; - virtual void downstreamReadyWrite(); + virtual void downstreamReadyWrite() Q_DECL_OVERRIDE; protected: void pushFromSocketToDownstream(); @@ -96,7 +96,7 @@ class QNetworkAccessDebugPipeBackendFactory: public QNetworkAccessBackendFactory public: virtual QStringList supportedSchemes() const Q_DECL_OVERRIDE; virtual QNetworkAccessBackend *create(QNetworkAccessManager::Operation op, - const QNetworkRequest &request) const; + const QNetworkRequest &request) const Q_DECL_OVERRIDE; }; #endif // QT_BUILD_INTERNAL diff --git a/src/network/access/qnetworkaccessfilebackend_p.h b/src/network/access/qnetworkaccessfilebackend_p.h index e0fe148aa0..3109bb55e7 100644 --- a/src/network/access/qnetworkaccessfilebackend_p.h +++ b/src/network/access/qnetworkaccessfilebackend_p.h @@ -59,10 +59,10 @@ public: QNetworkAccessFileBackend(); virtual ~QNetworkAccessFileBackend(); - virtual void open(); - virtual void closeDownstreamChannel(); + virtual void open() Q_DECL_OVERRIDE; + virtual void closeDownstreamChannel() Q_DECL_OVERRIDE; - virtual void downstreamReadyWrite(); + virtual void downstreamReadyWrite() Q_DECL_OVERRIDE; public slots: void uploadReadyReadSlot(); @@ -82,7 +82,7 @@ class QNetworkAccessFileBackendFactory: public QNetworkAccessBackendFactory public: virtual QStringList supportedSchemes() const Q_DECL_OVERRIDE; virtual QNetworkAccessBackend *create(QNetworkAccessManager::Operation op, - const QNetworkRequest &request) const; + const QNetworkRequest &request) const Q_DECL_OVERRIDE; }; QT_END_NAMESPACE diff --git a/src/network/access/qnetworkaccessftpbackend.cpp b/src/network/access/qnetworkaccessftpbackend.cpp index 317d9f90d5..60dcf0f49e 100644 --- a/src/network/access/qnetworkaccessftpbackend.cpp +++ b/src/network/access/qnetworkaccessftpbackend.cpp @@ -90,7 +90,7 @@ public: setShareable(false); } - void dispose() + void dispose() Q_DECL_OVERRIDE { connect(this, SIGNAL(done(bool)), this, SLOT(deleteLater())); close(); diff --git a/src/network/access/qnetworkaccessftpbackend_p.h b/src/network/access/qnetworkaccessftpbackend_p.h index 0371c456f3..d49ed2afdf 100644 --- a/src/network/access/qnetworkaccessftpbackend_p.h +++ b/src/network/access/qnetworkaccessftpbackend_p.h @@ -77,10 +77,10 @@ public: QNetworkAccessFtpBackend(); virtual ~QNetworkAccessFtpBackend(); - virtual void open(); - virtual void closeDownstreamChannel(); + virtual void open() Q_DECL_OVERRIDE; + virtual void closeDownstreamChannel() Q_DECL_OVERRIDE; - virtual void downstreamReadyWrite(); + virtual void downstreamReadyWrite() Q_DECL_OVERRIDE; enum CacheCleanupMode { ReleaseCachedConnection, @@ -110,7 +110,7 @@ class QNetworkAccessFtpBackendFactory: public QNetworkAccessBackendFactory public: virtual QStringList supportedSchemes() const Q_DECL_OVERRIDE; virtual QNetworkAccessBackend *create(QNetworkAccessManager::Operation op, - const QNetworkRequest &request) const; + const QNetworkRequest &request) const Q_DECL_OVERRIDE; }; QT_END_NAMESPACE diff --git a/src/network/access/qnetworkdiskcache.h b/src/network/access/qnetworkdiskcache.h index 8984c640e7..426c71b6d6 100644 --- a/src/network/access/qnetworkdiskcache.h +++ b/src/network/access/qnetworkdiskcache.h @@ -56,18 +56,18 @@ public: qint64 maximumCacheSize() const; void setMaximumCacheSize(qint64 size); - qint64 cacheSize() const; - QNetworkCacheMetaData metaData(const QUrl &url); - void updateMetaData(const QNetworkCacheMetaData &metaData); - QIODevice *data(const QUrl &url); - bool remove(const QUrl &url); - QIODevice *prepare(const QNetworkCacheMetaData &metaData); - void insert(QIODevice *device); + qint64 cacheSize() const Q_DECL_OVERRIDE; + QNetworkCacheMetaData metaData(const QUrl &url) Q_DECL_OVERRIDE; + void updateMetaData(const QNetworkCacheMetaData &metaData) Q_DECL_OVERRIDE; + QIODevice *data(const QUrl &url) Q_DECL_OVERRIDE; + bool remove(const QUrl &url) Q_DECL_OVERRIDE; + QIODevice *prepare(const QNetworkCacheMetaData &metaData) Q_DECL_OVERRIDE; + void insert(QIODevice *device) Q_DECL_OVERRIDE; QNetworkCacheMetaData fileMetaData(const QString &fileName) const; public Q_SLOTS: - void clear(); + void clear() Q_DECL_OVERRIDE; protected: virtual qint64 expire(); diff --git a/src/network/access/qnetworkreply.cpp b/src/network/access/qnetworkreply.cpp index 18ff05fcd7..d9b3acdd92 100644 --- a/src/network/access/qnetworkreply.cpp +++ b/src/network/access/qnetworkreply.cpp @@ -41,6 +41,7 @@ const int QNetworkReplyPrivate::progressSignalInterval = 100; QNetworkReplyPrivate::QNetworkReplyPrivate() : readBufferMaxSize(0), + emitAllUploadProgressSignals(false), operation(QNetworkAccessManager::UnknownOperation), errorCode(QNetworkReply::NoError) , isFinished(false) diff --git a/src/network/access/qnetworkreply.h b/src/network/access/qnetworkreply.h index 4a32131775..453116ea0e 100644 --- a/src/network/access/qnetworkreply.h +++ b/src/network/access/qnetworkreply.h @@ -104,8 +104,8 @@ public: ~QNetworkReply(); // reimplemented from QIODevice - virtual void close(); - virtual bool isSequential() const; + virtual void close() Q_DECL_OVERRIDE; + virtual bool isSequential() const Q_DECL_OVERRIDE; // like QAbstractSocket: qint64 readBufferSize() const; @@ -158,7 +158,7 @@ Q_SIGNALS: protected: explicit QNetworkReply(QObject *parent = 0); QNetworkReply(QNetworkReplyPrivate &dd, QObject *parent); - virtual qint64 writeData(const char *data, qint64 len); + virtual qint64 writeData(const char *data, qint64 len) Q_DECL_OVERRIDE; void setOperation(QNetworkAccessManager::Operation operation); void setRequest(const QNetworkRequest &request); diff --git a/src/network/access/qnetworkreply_p.h b/src/network/access/qnetworkreply_p.h index 6a68ecfea3..1d7d027954 100644 --- a/src/network/access/qnetworkreply_p.h +++ b/src/network/access/qnetworkreply_p.h @@ -74,6 +74,7 @@ public: qint64 readBufferMaxSize; QElapsedTimer downloadProgressSignalChoke; QElapsedTimer uploadProgressSignalChoke; + bool emitAllUploadProgressSignals; const static int progressSignalInterval; QNetworkAccessManager::Operation operation; QNetworkReply::NetworkError errorCode; diff --git a/src/network/access/qnetworkreplydataimpl_p.h b/src/network/access/qnetworkreplydataimpl_p.h index 469203019a..bae3e58faf 100644 --- a/src/network/access/qnetworkreplydataimpl_p.h +++ b/src/network/access/qnetworkreplydataimpl_p.h @@ -60,15 +60,15 @@ class QNetworkReplyDataImpl: public QNetworkReply public: QNetworkReplyDataImpl(QObject *parent, const QNetworkRequest &req, const QNetworkAccessManager::Operation op); ~QNetworkReplyDataImpl(); - virtual void abort(); + virtual void abort() Q_DECL_OVERRIDE; // reimplemented from QNetworkReply - virtual void close(); - virtual qint64 bytesAvailable() const; - virtual bool isSequential () const; - qint64 size() const; + virtual void close() Q_DECL_OVERRIDE; + virtual qint64 bytesAvailable() const Q_DECL_OVERRIDE; + virtual bool isSequential () const Q_DECL_OVERRIDE; + qint64 size() const Q_DECL_OVERRIDE; - virtual qint64 readData(char *data, qint64 maxlen); + virtual qint64 readData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; Q_DECLARE_PRIVATE(QNetworkReplyDataImpl) }; diff --git a/src/network/access/qnetworkreplyfileimpl_p.h b/src/network/access/qnetworkreplyfileimpl_p.h index 715a48d508..b4526d0bf5 100644 --- a/src/network/access/qnetworkreplyfileimpl_p.h +++ b/src/network/access/qnetworkreplyfileimpl_p.h @@ -61,15 +61,15 @@ class QNetworkReplyFileImpl: public QNetworkReply public: QNetworkReplyFileImpl(QObject *parent, const QNetworkRequest &req, const QNetworkAccessManager::Operation op); ~QNetworkReplyFileImpl(); - virtual void abort(); + virtual void abort() Q_DECL_OVERRIDE; // reimplemented from QNetworkReply - virtual void close(); - virtual qint64 bytesAvailable() const; - virtual bool isSequential () const; - qint64 size() const; + virtual void close() Q_DECL_OVERRIDE; + virtual qint64 bytesAvailable() const Q_DECL_OVERRIDE; + virtual bool isSequential () const Q_DECL_OVERRIDE; + qint64 size() const Q_DECL_OVERRIDE; - virtual qint64 readData(char *data, qint64 maxlen); + virtual qint64 readData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; Q_DECLARE_PRIVATE(QNetworkReplyFileImpl) }; diff --git a/src/network/access/qnetworkreplyhttpimpl.cpp b/src/network/access/qnetworkreplyhttpimpl.cpp index 836b3c3fa4..968342c7bd 100644 --- a/src/network/access/qnetworkreplyhttpimpl.cpp +++ b/src/network/access/qnetworkreplyhttpimpl.cpp @@ -754,6 +754,9 @@ void QNetworkReplyHttpImplPrivate::postRequest() QNetworkRequest::Automatic).toInt()) == QNetworkRequest::Manual) httpRequest.setWithCredentials(false); + if (request.attribute(QNetworkRequest::EmitAllUploadProgressSignalsAttribute).toBool() == true) + emitAllUploadProgressSignals = true; + // Create the HTTP thread delegate QHttpThreadDelegate *delegate = new QHttpThreadDelegate; @@ -1863,14 +1866,16 @@ void QNetworkReplyHttpImplPrivate::emitReplyUploadProgress(qint64 bytesSent, qin if (isFinished) return; - //choke signal emissions, except the first and last signals which are unconditional - if (uploadProgressSignalChoke.isValid()) { - if (bytesSent != bytesTotal && uploadProgressSignalChoke.elapsed() < progressSignalInterval) { - return; + if (!emitAllUploadProgressSignals) { + //choke signal emissions, except the first and last signals which are unconditional + if (uploadProgressSignalChoke.isValid()) { + if (bytesSent != bytesTotal && uploadProgressSignalChoke.elapsed() < progressSignalInterval) { + return; + } + uploadProgressSignalChoke.restart(); + } else { + uploadProgressSignalChoke.start(); } - uploadProgressSignalChoke.restart(); - } else { - uploadProgressSignalChoke.start(); } emit q->uploadProgress(bytesSent, bytesTotal); diff --git a/src/network/access/qnetworkreplyhttpimpl_p.h b/src/network/access/qnetworkreplyhttpimpl_p.h index 77d9c5a368..73349f4e7a 100644 --- a/src/network/access/qnetworkreplyhttpimpl_p.h +++ b/src/network/access/qnetworkreplyhttpimpl_p.h @@ -78,14 +78,14 @@ public: QNetworkReplyHttpImpl(QNetworkAccessManager* const, const QNetworkRequest&, QNetworkAccessManager::Operation&, QIODevice* outgoingData); virtual ~QNetworkReplyHttpImpl(); - void close(); - void abort(); - qint64 bytesAvailable() const; - bool isSequential () const; - qint64 size() const; - qint64 readData(char*, qint64); - void setReadBufferSize(qint64 size); - bool canReadLine () const; + void close() Q_DECL_OVERRIDE; + void abort() Q_DECL_OVERRIDE; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; + bool isSequential () const Q_DECL_OVERRIDE; + qint64 size() const Q_DECL_OVERRIDE; + qint64 readData(char*, qint64) Q_DECL_OVERRIDE; + void setReadBufferSize(qint64 size) Q_DECL_OVERRIDE; + bool canReadLine () const Q_DECL_OVERRIDE; Q_DECLARE_PRIVATE(QNetworkReplyHttpImpl) Q_PRIVATE_SLOT(d_func(), void _q_startOperation()) @@ -129,10 +129,10 @@ public: #ifndef QT_NO_SSL protected: - void ignoreSslErrors(); - void ignoreSslErrorsImplementation(const QList<QSslError> &errors); - void setSslConfigurationImplementation(const QSslConfiguration &configuration); - void sslConfigurationImplementation(QSslConfiguration &configuration) const; + void ignoreSslErrors() Q_DECL_OVERRIDE; + void ignoreSslErrorsImplementation(const QList<QSslError> &errors) Q_DECL_OVERRIDE; + void setSslConfigurationImplementation(const QSslConfiguration &configuration) Q_DECL_OVERRIDE; + void sslConfigurationImplementation(QSslConfiguration &configuration) const Q_DECL_OVERRIDE; #endif signals: diff --git a/src/network/access/qnetworkreplyimpl.cpp b/src/network/access/qnetworkreplyimpl.cpp index 5af3bb37be..3c7a911974 100644 --- a/src/network/access/qnetworkreplyimpl.cpp +++ b/src/network/access/qnetworkreplyimpl.cpp @@ -59,6 +59,8 @@ inline QNetworkReplyImplPrivate::QNetworkReplyImplPrivate() , downloadBufferMaximumSize(0) , downloadBuffer(0) { + if (request.attribute(QNetworkRequest::EmitAllUploadProgressSignalsAttribute).toBool() == true) + emitAllUploadProgressSignals = true; } void QNetworkReplyImplPrivate::_q_startOperation() @@ -542,14 +544,16 @@ void QNetworkReplyImplPrivate::emitUploadProgress(qint64 bytesSent, qint64 bytes Q_Q(QNetworkReplyImpl); bytesUploaded = bytesSent; - //choke signal emissions, except the first and last signals which are unconditional - if (uploadProgressSignalChoke.isValid()) { - if (bytesSent != bytesTotal && uploadProgressSignalChoke.elapsed() < progressSignalInterval) { - return; + if (!emitAllUploadProgressSignals) { + //choke signal emissions, except the first and last signals which are unconditional + if (uploadProgressSignalChoke.isValid()) { + if (bytesSent != bytesTotal && uploadProgressSignalChoke.elapsed() < progressSignalInterval) { + return; + } + uploadProgressSignalChoke.restart(); + } else { + uploadProgressSignalChoke.start(); } - uploadProgressSignalChoke.restart(); - } else { - uploadProgressSignalChoke.start(); } pauseNotificationHandling(); diff --git a/src/network/access/qnetworkreplyimpl_p.h b/src/network/access/qnetworkreplyimpl_p.h index 9bd7c88c84..aa1d04f3f8 100644 --- a/src/network/access/qnetworkreplyimpl_p.h +++ b/src/network/access/qnetworkreplyimpl_p.h @@ -69,16 +69,16 @@ class QNetworkReplyImpl: public QNetworkReply public: QNetworkReplyImpl(QObject *parent = 0); ~QNetworkReplyImpl(); - virtual void abort(); + virtual void abort() Q_DECL_OVERRIDE; // reimplemented from QNetworkReply / QIODevice - virtual void close(); - virtual qint64 bytesAvailable() const; - virtual void setReadBufferSize(qint64 size); - virtual bool canReadLine () const; + virtual void close() Q_DECL_OVERRIDE; + virtual qint64 bytesAvailable() const Q_DECL_OVERRIDE; + virtual void setReadBufferSize(qint64 size) Q_DECL_OVERRIDE; + virtual bool canReadLine () const Q_DECL_OVERRIDE; - virtual qint64 readData(char *data, qint64 maxlen); - virtual bool event(QEvent *); + virtual qint64 readData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + virtual bool event(QEvent *) Q_DECL_OVERRIDE; Q_DECLARE_PRIVATE(QNetworkReplyImpl) Q_PRIVATE_SLOT(d_func(), void _q_startOperation()) @@ -94,10 +94,10 @@ public: #ifndef QT_NO_SSL protected: - void sslConfigurationImplementation(QSslConfiguration &configuration) const; - void setSslConfigurationImplementation(const QSslConfiguration &configuration); - virtual void ignoreSslErrors(); - virtual void ignoreSslErrorsImplementation(const QList<QSslError> &errors); + void sslConfigurationImplementation(QSslConfiguration &configuration) const Q_DECL_OVERRIDE; + void setSslConfigurationImplementation(const QSslConfiguration &configuration) Q_DECL_OVERRIDE; + virtual void ignoreSslErrors() Q_DECL_OVERRIDE; + virtual void ignoreSslErrorsImplementation(const QList<QSslError> &errors) Q_DECL_OVERRIDE; #endif }; @@ -214,9 +214,9 @@ public: QNetworkAccessManager::Operation op); ~QDisabledNetworkReply(); - void abort() { } + void abort() Q_DECL_OVERRIDE { } protected: - qint64 readData(char *, qint64) { return -1; } + qint64 readData(char *, qint64) Q_DECL_OVERRIDE { return -1; } }; #endif diff --git a/src/network/access/qnetworkrequest.cpp b/src/network/access/qnetworkrequest.cpp index c51470e25a..2c0486d615 100644 --- a/src/network/access/qnetworkrequest.cpp +++ b/src/network/access/qnetworkrequest.cpp @@ -249,6 +249,13 @@ QT_BEGIN_NAMESPACE Indicates whether SPDY was used for receiving this reply. + \value EmitAllUploadProgressSignalsAttribute + Requests only, type: QMetaType::Bool (default: false) + Indicates whether all upload signals should be emitted. + By default, the uploadProgress signal is emitted only + in 100 millisecond intervals. + (This value was introduced in 5.5.) + \value User Special type. Additional information can be passed in QVariants with types ranging from User to UserMax. The default diff --git a/src/network/access/qnetworkrequest.h b/src/network/access/qnetworkrequest.h index 0239ae7f4b..3221438db4 100644 --- a/src/network/access/qnetworkrequest.h +++ b/src/network/access/qnetworkrequest.h @@ -80,6 +80,7 @@ public: BackgroundRequestAttribute, SpdyAllowedAttribute, SpdyWasUsedAttribute, + EmitAllUploadProgressSignalsAttribute, User = 1000, UserMax = 32767 diff --git a/src/network/bearer/qnetworksession.h b/src/network/bearer/qnetworksession.h index 281e868145..86559af94e 100644 --- a/src/network/bearer/qnetworksession.h +++ b/src/network/bearer/qnetworksession.h @@ -124,8 +124,8 @@ Q_SIGNALS: void usagePoliciesChanged(QNetworkSession::UsagePolicies usagePolicies); protected: - virtual void connectNotify(const QMetaMethod &signal); - virtual void disconnectNotify(const QMetaMethod &signal); + virtual void connectNotify(const QMetaMethod &signal) Q_DECL_OVERRIDE; + virtual void disconnectNotify(const QMetaMethod &signal) Q_DECL_OVERRIDE; private: Q_DISABLE_COPY(QNetworkSession) diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp index ecfdecc020..69bb55690e 100644 --- a/src/network/kernel/qauthenticator.cpp +++ b/src/network/kernel/qauthenticator.cpp @@ -53,14 +53,8 @@ #endif #endif -//#define NTLMV1_CLIENT - QT_BEGIN_NAMESPACE -#ifdef NTLMV1_CLIENT -#include "../../3rdparty/des/des.cpp" -#endif - static QByteArray qNtlmPhase1(); static QByteArray qNtlmPhase3(QAuthenticatorPrivate *ctx, const QByteArray& phase2data); #if defined(Q_OS_WIN) && !defined(Q_OS_WINRT) @@ -848,8 +842,6 @@ QByteArray QAuthenticatorPrivate::digestMd5Response(const QByteArray &challenge, */ #define AVTIMESTAMP 7 -//#define NTLMV1_CLIENT - //************************Global variables*************************** @@ -1096,49 +1088,6 @@ static QString qStringFromUcs2Le(const QByteArray& src) return QString((const QChar *)src.data(), src.size()/2); } -#ifdef NTLMV1_CLIENT -static QByteArray qEncodeNtlmResponse(const QAuthenticatorPrivate *ctx, const QNtlmPhase2Block& ch) -{ - QCryptographicHash md4(QCryptographicHash::Md4); - QByteArray asUcs2Le = qStringAsUcs2Le(ctx->password); - md4.addData(asUcs2Le.data(), asUcs2Le.size()); - - unsigned char md4hash[22]; - memset(md4hash, 0, sizeof(md4hash)); - QByteArray hash = md4.result(); - Q_ASSERT(hash.size() == 16); - memcpy(md4hash, hash.constData(), 16); - - QByteArray rc(24, 0); - deshash((unsigned char *)rc.data(), md4hash, (unsigned char *)ch.challenge); - deshash((unsigned char *)rc.data() + 8, md4hash + 7, (unsigned char *)ch.challenge); - deshash((unsigned char *)rc.data() + 16, md4hash + 14, (unsigned char *)ch.challenge); - - hash.fill(0); - return rc; -} - - -static QByteArray qEncodeLmResponse(const QAuthenticatorPrivate *ctx, const QNtlmPhase2Block& ch) -{ - QByteArray hash(21, 0); - QByteArray key(14, 0); - qstrncpy(key.data(), ctx->password.toUpper().toLatin1(), 14); - const char *block = "KGS!@#$%"; - - deshash((unsigned char *)hash.data(), (unsigned char *)key.data(), (unsigned char *)block); - deshash((unsigned char *)hash.data() + 8, (unsigned char *)key.data() + 7, (unsigned char *)block); - key.fill(0); - - QByteArray rc(24, 0); - deshash((unsigned char *)rc.data(), (unsigned char *)hash.data(), ch.challenge); - deshash((unsigned char *)rc.data() + 8, (unsigned char *)hash.data() + 7, ch.challenge); - deshash((unsigned char *)rc.data() + 16, (unsigned char *)hash.data() + 14, ch.challenge); - - hash.fill(0); - return rc; -} -#endif /********************************************************************* * Function Name: qEncodeHmacMd5 @@ -1457,23 +1406,15 @@ static QByteArray qNtlmPhase3(QAuthenticatorPrivate *ctx, const QByteArray& phas pb.workstationStr = ctx->workstation; // Get LM response -#ifdef NTLMV1_CLIENT - pb.lmResponseBuf = qEncodeLmResponse(ctx, ch); -#else if (ch.targetInfo.len > 0) { pb.lmResponseBuf = QByteArray(); } else { pb.lmResponseBuf = qEncodeLmv2Response(ctx, ch, &pb); } -#endif offset = qEncodeNtlmBuffer(pb.lmResponse, offset, pb.lmResponseBuf); // Get NTLM response -#ifdef NTLMV1_CLIENT - pb.ntlmResponseBuf = qEncodeNtlmResponse(ctx, ch); -#else pb.ntlmResponseBuf = qEncodeNtlmv2Response(ctx, ch, &pb); -#endif offset = qEncodeNtlmBuffer(pb.ntlmResponse, offset, pb.ntlmResponseBuf); diff --git a/src/network/kernel/qdnslookup_p.h b/src/network/kernel/qdnslookup_p.h index ded1e51313..d2e3f5fb02 100644 --- a/src/network/kernel/qdnslookup_p.h +++ b/src/network/kernel/qdnslookup_p.h @@ -109,7 +109,7 @@ public: , requestName(name) , nameserver(nameserver) { } - void run(); + void run() Q_DECL_OVERRIDE; signals: void finished(const QDnsLookupReply &reply); diff --git a/src/network/kernel/qhostinfo_p.h b/src/network/kernel/qhostinfo_p.h index b51773f803..e36c630b59 100644 --- a/src/network/kernel/qhostinfo_p.h +++ b/src/network/kernel/qhostinfo_p.h @@ -146,7 +146,7 @@ class QHostInfoRunnable : public QRunnable { public: QHostInfoRunnable (QString hn, int i); - void run(); + void run() Q_DECL_OVERRIDE; QString toBeLookedUp; int id; @@ -177,7 +177,7 @@ public: QHostInfoLookupManager(); ~QHostInfoLookupManager(); - void clear(); + void clear() Q_DECL_OVERRIDE; void work(); // called from QHostInfo diff --git a/src/network/socket/qabstractsocket.h b/src/network/socket/qabstractsocket.h index 35e9ea1aac..fa4e7c9a28 100644 --- a/src/network/socket/qabstractsocket.h +++ b/src/network/socket/qabstractsocket.h @@ -140,10 +140,10 @@ public: bool isValid() const; - qint64 bytesAvailable() const; - qint64 bytesToWrite() const; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; + qint64 bytesToWrite() const Q_DECL_OVERRIDE; - bool canReadLine() const; + bool canReadLine() const Q_DECL_OVERRIDE; quint16 localPort() const; QHostAddress localAddress() const; @@ -168,15 +168,15 @@ public: SocketError error() const; // from QIODevice - void close(); - bool isSequential() const; - bool atEnd() const; + void close() Q_DECL_OVERRIDE; + bool isSequential() const Q_DECL_OVERRIDE; + bool atEnd() const Q_DECL_OVERRIDE; bool flush(); // for synchronous access virtual bool waitForConnected(int msecs = 30000); - bool waitForReadyRead(int msecs = 30000); - bool waitForBytesWritten(int msecs = 30000); + bool waitForReadyRead(int msecs = 30000) Q_DECL_OVERRIDE; + bool waitForBytesWritten(int msecs = 30000) Q_DECL_OVERRIDE; virtual bool waitForDisconnected(int msecs = 30000); #ifndef QT_NO_NETWORKPROXY @@ -195,9 +195,9 @@ Q_SIGNALS: #endif protected: - qint64 readData(char *data, qint64 maxlen); - qint64 readLineData(char *data, qint64 maxlen); - qint64 writeData(const char *data, qint64 len); + qint64 readData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 readLineData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 writeData(const char *data, qint64 len) Q_DECL_OVERRIDE; void setSocketState(SocketState state); void setSocketError(SocketError socketError); diff --git a/src/network/socket/qhttpsocketengine_p.h b/src/network/socket/qhttpsocketengine_p.h index 0448293981..6b837c2c90 100644 --- a/src/network/socket/qhttpsocketengine_p.h +++ b/src/network/socket/qhttpsocketengine_p.h @@ -73,63 +73,63 @@ public: QHttpSocketEngine(QObject *parent = 0); ~QHttpSocketEngine(); - bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol); - bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState); + bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol) Q_DECL_OVERRIDE; + bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState) Q_DECL_OVERRIDE; void setProxy(const QNetworkProxy &networkProxy); - qintptr socketDescriptor() const; + qintptr socketDescriptor() const Q_DECL_OVERRIDE; - bool isValid() const; + bool isValid() const Q_DECL_OVERRIDE; bool connectInternal(); - bool connectToHost(const QHostAddress &address, quint16 port); - bool connectToHostByName(const QString &name, quint16 port); - bool bind(const QHostAddress &address, quint16 port); - bool listen(); - int accept(); - void close(); + bool connectToHost(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool connectToHostByName(const QString &name, quint16 port) Q_DECL_OVERRIDE; + bool bind(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool listen() Q_DECL_OVERRIDE; + int accept() Q_DECL_OVERRIDE; + void close() Q_DECL_OVERRIDE; - qint64 bytesAvailable() const; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; - qint64 read(char *data, qint64 maxlen); - qint64 write(const char *data, qint64 len); + qint64 read(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 write(const char *data, qint64 len) Q_DECL_OVERRIDE; #ifndef QT_NO_UDPSOCKET #ifndef QT_NO_NETWORKINTERFACE bool joinMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &interface); + const QNetworkInterface &interface) Q_DECL_OVERRIDE; bool leaveMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &interface); - QNetworkInterface multicastInterface() const; - bool setMulticastInterface(const QNetworkInterface &iface); + const QNetworkInterface &interface) Q_DECL_OVERRIDE; + QNetworkInterface multicastInterface() const Q_DECL_OVERRIDE; + bool setMulticastInterface(const QNetworkInterface &iface) Q_DECL_OVERRIDE; #endif // QT_NO_NETWORKINTERFACE qint64 readDatagram(char *data, qint64 maxlen, QHostAddress *addr = 0, - quint16 *port = 0); + quint16 *port = 0) Q_DECL_OVERRIDE; qint64 writeDatagram(const char *data, qint64 len, const QHostAddress &addr, - quint16 port); - bool hasPendingDatagrams() const; - qint64 pendingDatagramSize() const; + quint16 port) Q_DECL_OVERRIDE; + bool hasPendingDatagrams() const Q_DECL_OVERRIDE; + qint64 pendingDatagramSize() const Q_DECL_OVERRIDE; #endif // QT_NO_UDPSOCKET - qint64 bytesToWrite() const; + qint64 bytesToWrite() const Q_DECL_OVERRIDE; - int option(SocketOption option) const; - bool setOption(SocketOption option, int value); + int option(SocketOption option) const Q_DECL_OVERRIDE; + bool setOption(SocketOption option, int value) Q_DECL_OVERRIDE; - bool waitForRead(int msecs = 30000, bool *timedOut = 0); - bool waitForWrite(int msecs = 30000, bool *timedOut = 0); + bool waitForRead(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; + bool waitForWrite(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; bool waitForReadOrWrite(bool *readyToRead, bool *readyToWrite, bool checkRead, bool checkWrite, - int msecs = 30000, bool *timedOut = 0); + int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; - bool isReadNotificationEnabled() const; - void setReadNotificationEnabled(bool enable); - bool isWriteNotificationEnabled() const; - void setWriteNotificationEnabled(bool enable); - bool isExceptionNotificationEnabled() const; - void setExceptionNotificationEnabled(bool enable); + bool isReadNotificationEnabled() const Q_DECL_OVERRIDE; + void setReadNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isWriteNotificationEnabled() const Q_DECL_OVERRIDE; + void setWriteNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isExceptionNotificationEnabled() const Q_DECL_OVERRIDE; + void setExceptionNotificationEnabled(bool enable) Q_DECL_OVERRIDE; public slots: void slotSocketConnected(); @@ -186,8 +186,8 @@ class Q_AUTOTEST_EXPORT QHttpSocketEngineHandler : public QSocketEngineHandler { public: virtual QAbstractSocketEngine *createSocketEngine(QAbstractSocket::SocketType socketType, - const QNetworkProxy &, QObject *parent); - virtual QAbstractSocketEngine *createSocketEngine(qintptr socketDescripter, QObject *parent); + const QNetworkProxy &, QObject *parent) Q_DECL_OVERRIDE; + virtual QAbstractSocketEngine *createSocketEngine(qintptr socketDescripter, QObject *parent) Q_DECL_OVERRIDE; }; #endif diff --git a/src/network/socket/qlocalsocket.h b/src/network/socket/qlocalsocket.h index c0429d3a1f..c88f9d6ff8 100644 --- a/src/network/socket/qlocalsocket.h +++ b/src/network/socket/qlocalsocket.h @@ -85,12 +85,12 @@ public: QString fullServerName() const; void abort(); - virtual bool isSequential() const; - virtual qint64 bytesAvailable() const; - virtual qint64 bytesToWrite() const; - virtual bool canReadLine() const; + virtual bool isSequential() const Q_DECL_OVERRIDE; + virtual qint64 bytesAvailable() const Q_DECL_OVERRIDE; + virtual qint64 bytesToWrite() const Q_DECL_OVERRIDE; + virtual bool canReadLine() const Q_DECL_OVERRIDE; virtual bool open(OpenMode openMode = ReadWrite) Q_DECL_OVERRIDE; - virtual void close(); + virtual void close() Q_DECL_OVERRIDE; LocalSocketError error() const; bool flush(); bool isValid() const; @@ -103,10 +103,10 @@ public: qintptr socketDescriptor() const; LocalSocketState state() const; - bool waitForBytesWritten(int msecs = 30000); + bool waitForBytesWritten(int msecs = 30000) Q_DECL_OVERRIDE; bool waitForConnected(int msecs = 30000); bool waitForDisconnected(int msecs = 30000); - bool waitForReadyRead(int msecs = 30000); + bool waitForReadyRead(int msecs = 30000) Q_DECL_OVERRIDE; Q_SIGNALS: void connected(); @@ -115,8 +115,8 @@ Q_SIGNALS: void stateChanged(QLocalSocket::LocalSocketState socketState); protected: - virtual qint64 readData(char*, qint64); - virtual qint64 writeData(const char*, qint64); + virtual qint64 readData(char*, qint64) Q_DECL_OVERRIDE; + virtual qint64 writeData(const char*, qint64) Q_DECL_OVERRIDE; private: Q_DISABLE_COPY(QLocalSocket) diff --git a/src/network/socket/qnativesocketengine_p.h b/src/network/socket/qnativesocketengine_p.h index 67412ca326..de638e4e76 100644 --- a/src/network/socket/qnativesocketengine_p.h +++ b/src/network/socket/qnativesocketengine_p.h @@ -105,42 +105,42 @@ public: QNativeSocketEngine(QObject *parent = 0); ~QNativeSocketEngine(); - bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol); - bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState); + bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol) Q_DECL_OVERRIDE; + bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState) Q_DECL_OVERRIDE; - qintptr socketDescriptor() const; + qintptr socketDescriptor() const Q_DECL_OVERRIDE; - bool isValid() const; + bool isValid() const Q_DECL_OVERRIDE; - bool connectToHost(const QHostAddress &address, quint16 port); - bool connectToHostByName(const QString &name, quint16 port); - bool bind(const QHostAddress &address, quint16 port); - bool listen(); - int accept(); - void close(); + bool connectToHost(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool connectToHostByName(const QString &name, quint16 port) Q_DECL_OVERRIDE; + bool bind(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool listen() Q_DECL_OVERRIDE; + int accept() Q_DECL_OVERRIDE; + void close() Q_DECL_OVERRIDE; #ifndef QT_NO_NETWORKINTERFACE bool joinMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &iface); + const QNetworkInterface &iface) Q_DECL_OVERRIDE; bool leaveMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &iface); - QNetworkInterface multicastInterface() const; - bool setMulticastInterface(const QNetworkInterface &iface); + const QNetworkInterface &iface) Q_DECL_OVERRIDE; + QNetworkInterface multicastInterface() const Q_DECL_OVERRIDE; + bool setMulticastInterface(const QNetworkInterface &iface) Q_DECL_OVERRIDE; #endif - qint64 bytesAvailable() const; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; - qint64 read(char *data, qint64 maxlen); - qint64 write(const char *data, qint64 len); + qint64 read(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 write(const char *data, qint64 len) Q_DECL_OVERRIDE; qint64 readDatagram(char *data, qint64 maxlen, QHostAddress *addr = 0, - quint16 *port = 0); + quint16 *port = 0) Q_DECL_OVERRIDE; qint64 writeDatagram(const char *data, qint64 len, const QHostAddress &addr, - quint16 port); - bool hasPendingDatagrams() const; - qint64 pendingDatagramSize() const; + quint16 port) Q_DECL_OVERRIDE; + bool hasPendingDatagrams() const Q_DECL_OVERRIDE; + qint64 pendingDatagramSize() const Q_DECL_OVERRIDE; - qint64 bytesToWrite() const; + qint64 bytesToWrite() const Q_DECL_OVERRIDE; qint64 receiveBufferSize() const; void setReceiveBufferSize(qint64 bufferSize); @@ -148,21 +148,21 @@ public: qint64 sendBufferSize() const; void setSendBufferSize(qint64 bufferSize); - int option(SocketOption option) const; - bool setOption(SocketOption option, int value); + int option(SocketOption option) const Q_DECL_OVERRIDE; + bool setOption(SocketOption option, int value) Q_DECL_OVERRIDE; - bool waitForRead(int msecs = 30000, bool *timedOut = 0); - bool waitForWrite(int msecs = 30000, bool *timedOut = 0); + bool waitForRead(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; + bool waitForWrite(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; bool waitForReadOrWrite(bool *readyToRead, bool *readyToWrite, bool checkRead, bool checkWrite, - int msecs = 30000, bool *timedOut = 0); - - bool isReadNotificationEnabled() const; - void setReadNotificationEnabled(bool enable); - bool isWriteNotificationEnabled() const; - void setWriteNotificationEnabled(bool enable); - bool isExceptionNotificationEnabled() const; - void setExceptionNotificationEnabled(bool enable); + int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; + + bool isReadNotificationEnabled() const Q_DECL_OVERRIDE; + void setReadNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isWriteNotificationEnabled() const Q_DECL_OVERRIDE; + void setWriteNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isExceptionNotificationEnabled() const Q_DECL_OVERRIDE; + void setExceptionNotificationEnabled(bool enable) Q_DECL_OVERRIDE; public Q_SLOTS: // non-virtual override; diff --git a/src/network/socket/qsocks5socketengine.cpp b/src/network/socket/qsocks5socketengine.cpp index 1634352333..56652744fd 100644 --- a/src/network/socket/qsocks5socketengine.cpp +++ b/src/network/socket/qsocks5socketengine.cpp @@ -331,7 +331,7 @@ public: QSocks5BindData *retrieve(qintptr socketDescriptor); protected: - void timerEvent(QTimerEvent * event); + void timerEvent(QTimerEvent * event) Q_DECL_OVERRIDE; QMutex mutex; int sweepTimerId; diff --git a/src/network/socket/qsocks5socketengine_p.h b/src/network/socket/qsocks5socketengine_p.h index fd6e187b98..bc02cbda23 100644 --- a/src/network/socket/qsocks5socketengine_p.h +++ b/src/network/socket/qsocks5socketengine_p.h @@ -61,63 +61,63 @@ public: QSocks5SocketEngine(QObject *parent = 0); ~QSocks5SocketEngine(); - bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol); - bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState); + bool initialize(QAbstractSocket::SocketType type, QAbstractSocket::NetworkLayerProtocol protocol = QAbstractSocket::IPv4Protocol) Q_DECL_OVERRIDE; + bool initialize(qintptr socketDescriptor, QAbstractSocket::SocketState socketState = QAbstractSocket::ConnectedState) Q_DECL_OVERRIDE; void setProxy(const QNetworkProxy &networkProxy); - qintptr socketDescriptor() const; + qintptr socketDescriptor() const Q_DECL_OVERRIDE; - bool isValid() const; + bool isValid() const Q_DECL_OVERRIDE; bool connectInternal(); - bool connectToHost(const QHostAddress &address, quint16 port); - bool connectToHostByName(const QString &name, quint16 port); - bool bind(const QHostAddress &address, quint16 port); - bool listen(); - int accept(); - void close(); + bool connectToHost(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool connectToHostByName(const QString &name, quint16 port) Q_DECL_OVERRIDE; + bool bind(const QHostAddress &address, quint16 port) Q_DECL_OVERRIDE; + bool listen() Q_DECL_OVERRIDE; + int accept() Q_DECL_OVERRIDE; + void close() Q_DECL_OVERRIDE; - qint64 bytesAvailable() const; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; - qint64 read(char *data, qint64 maxlen); - qint64 write(const char *data, qint64 len); + qint64 read(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 write(const char *data, qint64 len) Q_DECL_OVERRIDE; #ifndef QT_NO_UDPSOCKET #ifndef QT_NO_NETWORKINTERFACE bool joinMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &interface); + const QNetworkInterface &interface) Q_DECL_OVERRIDE; bool leaveMulticastGroup(const QHostAddress &groupAddress, - const QNetworkInterface &interface); - QNetworkInterface multicastInterface() const; - bool setMulticastInterface(const QNetworkInterface &iface); + const QNetworkInterface &interface) Q_DECL_OVERRIDE; + QNetworkInterface multicastInterface() const Q_DECL_OVERRIDE; + bool setMulticastInterface(const QNetworkInterface &iface) Q_DECL_OVERRIDE; #endif // QT_NO_NETWORKINTERFACE qint64 readDatagram(char *data, qint64 maxlen, QHostAddress *addr = 0, - quint16 *port = 0); + quint16 *port = 0) Q_DECL_OVERRIDE; qint64 writeDatagram(const char *data, qint64 len, const QHostAddress &addr, - quint16 port); - bool hasPendingDatagrams() const; - qint64 pendingDatagramSize() const; + quint16 port) Q_DECL_OVERRIDE; + bool hasPendingDatagrams() const Q_DECL_OVERRIDE; + qint64 pendingDatagramSize() const Q_DECL_OVERRIDE; #endif // QT_NO_UDPSOCKET - qint64 bytesToWrite() const; + qint64 bytesToWrite() const Q_DECL_OVERRIDE; - int option(SocketOption option) const; - bool setOption(SocketOption option, int value); + int option(SocketOption option) const Q_DECL_OVERRIDE; + bool setOption(SocketOption option, int value) Q_DECL_OVERRIDE; - bool waitForRead(int msecs = 30000, bool *timedOut = 0); - bool waitForWrite(int msecs = 30000, bool *timedOut = 0); + bool waitForRead(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; + bool waitForWrite(int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; bool waitForReadOrWrite(bool *readyToRead, bool *readyToWrite, bool checkRead, bool checkWrite, - int msecs = 30000, bool *timedOut = 0); + int msecs = 30000, bool *timedOut = 0) Q_DECL_OVERRIDE; - bool isReadNotificationEnabled() const; - void setReadNotificationEnabled(bool enable); - bool isWriteNotificationEnabled() const; - void setWriteNotificationEnabled(bool enable); - bool isExceptionNotificationEnabled() const; - void setExceptionNotificationEnabled(bool enable); + bool isReadNotificationEnabled() const Q_DECL_OVERRIDE; + void setReadNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isWriteNotificationEnabled() const Q_DECL_OVERRIDE; + void setWriteNotificationEnabled(bool enable) Q_DECL_OVERRIDE; + bool isExceptionNotificationEnabled() const Q_DECL_OVERRIDE; + void setExceptionNotificationEnabled(bool enable) Q_DECL_OVERRIDE; private: Q_DECLARE_PRIVATE(QSocks5SocketEngine) @@ -160,11 +160,11 @@ class QSocks5PasswordAuthenticator : public QSocks5Authenticator { public: QSocks5PasswordAuthenticator(const QString &userName, const QString &password); - char methodId(); - bool beginAuthenticate(QTcpSocket *socket, bool *completed); - bool continueAuthenticate(QTcpSocket *socket, bool *completed); + char methodId() Q_DECL_OVERRIDE; + bool beginAuthenticate(QTcpSocket *socket, bool *completed) Q_DECL_OVERRIDE; + bool continueAuthenticate(QTcpSocket *socket, bool *completed) Q_DECL_OVERRIDE; - QString errorString(); + QString errorString() Q_DECL_OVERRIDE; private: QString userName; @@ -282,8 +282,8 @@ class Q_AUTOTEST_EXPORT QSocks5SocketEngineHandler : public QSocketEngineHandler { public: virtual QAbstractSocketEngine *createSocketEngine(QAbstractSocket::SocketType socketType, - const QNetworkProxy &, QObject *parent); - virtual QAbstractSocketEngine *createSocketEngine(qintptr socketDescriptor, QObject *parent); + const QNetworkProxy &, QObject *parent) Q_DECL_OVERRIDE; + virtual QAbstractSocketEngine *createSocketEngine(qintptr socketDescriptor, QObject *parent) Q_DECL_OVERRIDE; }; diff --git a/src/network/socket/qtcpserver.cpp b/src/network/socket/qtcpserver.cpp index ad3d529a3e..abb00ed9db 100644 --- a/src/network/socket/qtcpserver.cpp +++ b/src/network/socket/qtcpserver.cpp @@ -134,8 +134,8 @@ public: #endif // from QAbstractSocketEngineReceiver - void readNotification(); - void closeNotification() { readNotification(); } + void readNotification() Q_DECL_OVERRIDE; + void closeNotification() Q_DECL_OVERRIDE { readNotification(); } inline void writeNotification() {} inline void exceptionNotification() {} inline void connectionNotification() {} diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index 7bb6e02b7e..9054d412f7 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -203,6 +203,7 @@ bool QSslConfiguration::operator==(const QSslConfiguration &other) const d->sessionCipher == other.d->sessionCipher && d->sessionProtocol == other.d->sessionProtocol && d->ciphers == other.d->ciphers && + d->ellipticCurves == other.d->ellipticCurves && d->caCertificates == other.d->caCertificates && d->protocol == other.d->protocol && d->peerVerifyMode == other.d->peerVerifyMode && @@ -243,6 +244,7 @@ bool QSslConfiguration::isNull() const d->allowRootCertOnDemandLoading == true && d->caCertificates.count() == 0 && d->ciphers.count() == 0 && + d->ellipticCurves.isEmpty() && d->localCertificateChain.isEmpty() && d->privateKey.isNull() && d->peerCertificate.isNull() && @@ -697,6 +699,50 @@ int QSslConfiguration::sessionTicketLifeTimeHint() const } /*! + \since 5.5 + + Returns this connection's current list of elliptic curves. This + list is used during the handshake phase for choosing an + elliptic curve (when using an elliptic curve cipher). + The returned list of curves is ordered by descending preference + (i.e., the first curve in the list is the most preferred one). + + By default, the handshake phase can choose any of the curves + supported by this system's SSL libraries, which may vary from + system to system. The list of curves supported by this system's + SSL libraries is returned by QSslSocket::supportedEllipticCurves(). + + You can restrict the list of curves used for choosing the session cipher + for this socket by calling setEllipticCurves() with a subset of the + supported ciphers. You can revert to using the entire set by calling + setEllipticCurves() with the list returned by + QSslSocket::supportedEllipticCurves(). + + \sa setEllipticCurves + */ +QVector<QSslEllipticCurve> QSslConfiguration::ellipticCurves() const +{ + return d->ellipticCurves; +} + +/*! + \since 5.5 + + Sets the list of elliptic curves to be used by this socket to \a curves, + which must contain a subset of the curves in the list returned by + supportedEllipticCurves(). + + Restricting the elliptic curves must be done before the handshake + phase, where the session cipher is chosen. + + \sa ellipticCurves + */ +void QSslConfiguration::setEllipticCurves(const QVector<QSslEllipticCurve> &curves) +{ + d->ellipticCurves = curves; +} + +/*! \since 5.3 This function returns the protocol negotiated with the server diff --git a/src/network/ssl/qsslconfiguration.h b/src/network/ssl/qsslconfiguration.h index 0c4e122912..7bc7a32cb7 100644 --- a/src/network/ssl/qsslconfiguration.h +++ b/src/network/ssl/qsslconfiguration.h @@ -62,6 +62,7 @@ template<typename T> class QList; class QSslCertificate; class QSslCipher; class QSslKey; +class QSslEllipticCurve; class QSslConfigurationPrivate; class Q_NETWORK_EXPORT QSslConfiguration @@ -122,6 +123,10 @@ public: void setSessionTicket(const QByteArray &sessionTicket); int sessionTicketLifeTimeHint() const; + // EC settings + QVector<QSslEllipticCurve> ellipticCurves() const; + void setEllipticCurves(const QVector<QSslEllipticCurve> &curves); + static QSslConfiguration defaultConfiguration(); static void setDefaultConfiguration(const QSslConfiguration &configuration); diff --git a/src/network/ssl/qsslconfiguration_p.h b/src/network/ssl/qsslconfiguration_p.h index 6880f59c4b..54a4786d9f 100644 --- a/src/network/ssl/qsslconfiguration_p.h +++ b/src/network/ssl/qsslconfiguration_p.h @@ -66,6 +66,7 @@ #include "qsslcertificate.h" #include "qsslcipher.h" #include "qsslkey.h" +#include "qsslellipticcurve.h" QT_BEGIN_NAMESPACE @@ -107,6 +108,8 @@ public: Q_AUTOTEST_EXPORT static const QSsl::SslOptions defaultSslOptions; + QVector<QSslEllipticCurve> ellipticCurves; + QByteArray sslSession; int sslSessionTicketLifeTimeHint; diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index 92e726bc01..0a687082b7 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -2,6 +2,7 @@ ** ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). ** Copyright (C) 2014 BlackBerry Limited. All rights reserved. +** Copyright (C) 2014 Governikus GmbH & Co. KG. ** Contact: http://www.qt-project.org/legal ** ** This file is part of the QtNetwork module of the Qt Toolkit. @@ -200,7 +201,7 @@ init_context: // Initialize ciphers QByteArray cipherString; - int first = true; + bool first = true; QList<QSslCipher> ciphers = sslContext->sslConfiguration.ciphers(); if (ciphers.isEmpty()) ciphers = QSslSocketPrivate::defaultCiphers(); @@ -321,13 +322,45 @@ init_context: q_DH_free(dh); #ifndef OPENSSL_NO_EC - // Set temp ECDH params - EC_KEY *ecdh = 0; - ecdh = q_EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); - q_SSL_CTX_set_tmp_ecdh(sslContext->ctx, ecdh); - q_EC_KEY_free(ecdh); +#if OPENSSL_VERSION_NUMBER >= 0x10002000L + if (q_SSLeay() >= 0x10002000L) { + q_SSL_CTX_ctrl(sslContext->ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL); + } else +#endif + { + // Set temp ECDH params + EC_KEY *ecdh = 0; + ecdh = q_EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); + q_SSL_CTX_set_tmp_ecdh(sslContext->ctx, ecdh); + q_EC_KEY_free(ecdh); + } #endif // OPENSSL_NO_EC + const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves(); + if (!qcurves.isEmpty()) { +#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) + // Set the curves to be used + if (q_SSLeay() >= 0x10002000L) { + // SSL_CTX_ctrl wants a non-const pointer as last argument, + // but let's avoid a copy into a temporary array + if (!q_SSL_CTX_ctrl(sslContext->ctx, + SSL_CTRL_SET_CURVES, + qcurves.size(), + const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())))) { + sslContext->errorStr = QSslSocket::tr("Error when setting the elliptic curves (%1)").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); + sslContext->errorCode = QSslError::UnspecifiedError; + return sslContext; + } + } else +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) + { + // specific curves requested, but not possible to set -> error + sslContext->errorStr = QSslSocket::tr("Error when setting the elliptic curves (OpenSSL version too old, need at least v1.0.2)"); + sslContext->errorCode = QSslError::UnspecifiedError; + return sslContext; + } + } + return sslContext; } diff --git a/src/network/ssl/qsslellipticcurve.cpp b/src/network/ssl/qsslellipticcurve.cpp new file mode 100644 index 0000000000..7e122557df --- /dev/null +++ b/src/network/ssl/qsslellipticcurve.cpp @@ -0,0 +1,173 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Governikus GmbH & Co. KG. +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qsslellipticcurve.h" + +#ifndef QT_NO_DEBUG_STREAM +#include <QDebug> +#endif + +QT_BEGIN_NAMESPACE + +/*! + \class QSslEllipticCurve + \since 5.5 + + \brief Represents an elliptic curve for use by elliptic-curve cipher algorithms. + + \reentrant + \ingroup network + \ingroup ssl + \inmodule QtNetwork + + The class QSslEllipticCurve represents an elliptic curve for use by + elliptic-curve cipher algorithms. + + Elliptic curves can be constructed from a "short name" (SN) (fromShortName()), + and by a call to QSslSocket::supportedEllipticCurves(). + + QSslEllipticCurve instances can be compared for equality and can be used as keys + in QHash and QSet. They cannot be used as key in a QMap. +*/ + +/*! + \fn QSslEllipticCurve::QSslEllipticCurve() + + Constructs an invalid elliptic curve. + + \sa isValid(), QSslSocket::supportedEllipticCurves() +*/ + +/*! + \fn QSslEllipticCurve QSslEllipticCurve::fromShortName(const QString &name) + + Returns an QSslEllipticCurve instance representing the + named curve \a name. The \a name is the conventional short + name for the curve, as represented by RFC 4492 (for instance \c{secp521r1}), + or as NIST short names (for instance \c{P-256}). The actual set of + recognized names depends on the SSL implementation. + + If the given \a name is not supported, returns an invalid QSslEllipticCurve instance. + + \note The OpenSSL implementation of this function treats the name case-sensitively. + + \sa shortName() +*/ + + +/*! + \fn QString QSslEllipticCurve::shortName() const + + Returns the conventional short name for this curve. If this + curve is invalid, returns an empty string. + + \sa longName() +*/ + +/*! + \fn QString QSslEllipticCurve::longName() const + + Returns the conventional long name for this curve. If this + curve is invalid, returns an empty string. + + \sa shortName() +*/ + +/*! + \fn bool QSslEllipticCurve::isValid() const + + Returns true if this elliptic curve is a valid curve, false otherwise. +*/ + +/*! + \fn bool QSslEllipticCurve::isTlsNamedCurve() const + + Returns true if this elliptic curve is one of the named curves that can be + used in the key exchange when using an elliptic curve cipher with TLS; + false otherwise. +*/ + +/*! + \fn bool operator==(QSslEllipticCurve lhs, QSslEllipticCurve rhs) + \since 5.5 + \relates QSslEllipticCurve + + Returns true if the curve \a lhs represents the same curve of \a rhs; + false otherwise. +*/ + +/*! + \fn bool operator!=(QSslEllipticCurve lhs, QSslEllipticCurve rhs) + \since 5.5 + \relates QSslEllipticCurve + + Returns true if the curve \a lhs represents a different curve than \a rhs; + false otherwise. +*/ + +/*! + \fn uint qHash(QSslEllipticCurve curve, uint seed) + \since 5.5 + \relates QHash + + Returns an hash value for the curve \a curve, using \a seed to seed + the calculation. +*/ + +#ifndef QT_NO_DEBUG_STREAM +/*! + \relates QSslEllipticCurve + \since 5.5 + + Writes the elliptic curve \a curve into the debug object \a debug for + debugging purposes. + + \sa {Debugging Techniques} +*/ +QDebug operator<<(QDebug debug, QSslEllipticCurve curve) +{ + QDebugStateSaver saver(debug); + debug.nospace() << "QSslEllipticCurve(" << curve.shortName() << ")"; + return debug; +} +#endif + +QT_END_NAMESPACE diff --git a/src/network/ssl/qsslellipticcurve.h b/src/network/ssl/qsslellipticcurve.h new file mode 100644 index 0000000000..6d2a764d87 --- /dev/null +++ b/src/network/ssl/qsslellipticcurve.h @@ -0,0 +1,103 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Governikus GmbH & Co. KG. +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QSSLELLIPTICCURVE_H +#define QSSLELLIPTICCURVE_H + +#include <QtCore/QtGlobal> +#include <QtCore/QString> +#include <QtCore/QStringList> +#include <QtCore/QMetaType> +#include <QtCore/QVector> +#include <QtCore/QHash> + +QT_BEGIN_NAMESPACE + +class QSslEllipticCurve; +// qHash is a friend, but we can't use default arguments for friends (ยง8.3.6.4) +Q_DECL_CONSTEXPR uint qHash(QSslEllipticCurve curve, uint seed = 0) Q_DECL_NOTHROW; + +class QSslEllipticCurve { +public: + Q_DECL_CONSTEXPR QSslEllipticCurve() + : id(0) + { + } + + Q_NETWORK_EXPORT static QSslEllipticCurve fromShortName(const QString &name); + + Q_NETWORK_EXPORT QString shortName() const Q_REQUIRED_RESULT; + Q_NETWORK_EXPORT QString longName() const Q_REQUIRED_RESULT; + + Q_DECL_CONSTEXPR bool isValid() const + { + return id != 0; + } + + Q_NETWORK_EXPORT bool isTlsNamedCurve() const; + +private: + int id; + + friend Q_DECL_CONSTEXPR bool operator==(QSslEllipticCurve lhs, QSslEllipticCurve rhs) Q_DECL_NOTHROW + { return lhs.id == rhs.id; } + friend Q_DECL_CONSTEXPR uint qHash(QSslEllipticCurve curve, uint seed) Q_DECL_NOTHROW + { return qHash(curve.id, seed); } + + friend class QSslSocketPrivate; + friend class QSslSocketBackendPrivate; +}; + +Q_DECLARE_TYPEINFO(QSslEllipticCurve, Q_PRIMITIVE_TYPE); + +Q_DECL_CONSTEXPR inline bool operator!=(QSslEllipticCurve lhs, QSslEllipticCurve rhs) Q_DECL_NOTHROW +{ return !operator==(lhs, rhs); } + +#ifndef QT_NO_DEBUG_STREAM +class QDebug; +Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, QSslEllipticCurve curve); +#endif + +QT_END_NAMESPACE + +Q_DECLARE_METATYPE(QSslEllipticCurve) + +#endif // QSSLELLIPTICCURVE_H diff --git a/src/network/ssl/qsslellipticcurve_dummy.cpp b/src/network/ssl/qsslellipticcurve_dummy.cpp new file mode 100644 index 0000000000..64ac1514ab --- /dev/null +++ b/src/network/ssl/qsslellipticcurve_dummy.cpp @@ -0,0 +1,67 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Governikus GmbH & Co. KG. +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qsslellipticcurve.h" + +QT_BEGIN_NAMESPACE + +QString QSslEllipticCurve::shortName() const +{ + return QString(); +} + +QString QSslEllipticCurve::longName() const +{ + return QString(); +} + +QSslEllipticCurve QSslEllipticCurve::fromShortName(const QString &name) +{ + Q_UNUSED(name); + return QSslEllipticCurve(); +} + +bool QSslEllipticCurve::isTlsNamedCurve() const +{ + return false; +} + +QT_END_NAMESPACE diff --git a/src/network/ssl/qsslellipticcurve_openssl.cpp b/src/network/ssl/qsslellipticcurve_openssl.cpp new file mode 100644 index 0000000000..d8d1307b2e --- /dev/null +++ b/src/network/ssl/qsslellipticcurve_openssl.cpp @@ -0,0 +1,167 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Governikus GmbH & Co. KG. +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Digia gives you certain additional +** rights. These rights are described in the Digia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 3.0 as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU General Public License version 3.0 requirements will be +** met: http://www.gnu.org/copyleft/gpl.html. +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qsslellipticcurve.h" +#include "qsslsocket_p.h" +#include "qsslsocket_openssl_symbols_p.h" + +#include <openssl/ssl.h> +#include <openssl/obj_mac.h> + +#include <algorithm> + +QT_BEGIN_NAMESPACE + +QString QSslEllipticCurve::shortName() const +{ + if (id == 0) + return QString(); + + QSslSocketPrivate::ensureInitialized(); + + QString result; +#ifndef OPENSSL_NO_EC + result = QString::fromLatin1(q_OBJ_nid2sn(id)); +#endif + return result; +} + +QString QSslEllipticCurve::longName() const +{ + if (id == 0) + return QString(); + + QSslSocketPrivate::ensureInitialized(); + + QString result; +#ifndef OPENSSL_NO_EC + result = QString::fromLatin1(q_OBJ_nid2ln(id)); +#endif + return result; +} + +QSslEllipticCurve QSslEllipticCurve::fromShortName(const QString &name) +{ + if (name.isEmpty()) + return QSslEllipticCurve(); + + QSslSocketPrivate::ensureInitialized(); + + QSslEllipticCurve result; + +#ifndef OPENSSL_NO_EC + const QByteArray curveNameLatin1 = name.toLatin1(); + + int nid = q_OBJ_sn2nid(curveNameLatin1.data()); + +#if OPENSSL_VERSION_NUMBER >= 0x10002000L + if (nid == 0 && q_SSLeay() >= 0x10002000L) + nid = q_EC_curve_nist2nid(curveNameLatin1.data()); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L + + result.id = nid; +#endif + + return result; +} + +// The brainpool curve NIDs (RFC 7027) have been introduced in OpenSSL 1.0.2, +// redefine them here to make Qt compile with previous versions of OpenSSL +// (yet correctly recognize them as TLS named curves). +// See crypto/objects/obj_mac.h +#ifndef NID_brainpoolP256r1 +#define NID_brainpoolP256r1 927 +#endif + +#ifndef NID_brainpoolP384r1 +#define NID_brainpoolP384r1 931 +#endif + +#ifndef NID_brainpoolP512r1 +#define NID_brainpoolP512r1 933 +#endif + +// NIDs of named curves allowed in TLS as per RFCs 4492 and 7027, +// see also https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 +static const int tlsNamedCurveNIDs[] = { + // RFC 4492 + NID_sect163k1, + NID_sect163r1, + NID_sect163r2, + NID_sect193r1, + NID_sect193r2, + NID_sect233k1, + NID_sect233r1, + NID_sect239k1, + NID_sect283k1, + NID_sect283r1, + NID_sect409k1, + NID_sect409r1, + NID_sect571k1, + NID_sect571r1, + + NID_secp160k1, + NID_secp160r1, + NID_secp160r2, + NID_secp192k1, + NID_X9_62_prime192v1, // secp192r1 + NID_secp224k1, + NID_secp224r1, + NID_secp256k1, + NID_X9_62_prime256v1, // secp256r1 + NID_secp384r1, + NID_secp521r1, + + // RFC 7027 + NID_brainpoolP256r1, + NID_brainpoolP384r1, + NID_brainpoolP512r1 +}; + +static const size_t tlsNamedCurveNIDCount = sizeof(tlsNamedCurveNIDs) / sizeof(tlsNamedCurveNIDs[0]); + +bool QSslEllipticCurve::isTlsNamedCurve() const +{ + const int * const tlsNamedCurveNIDsEnd = tlsNamedCurveNIDs + tlsNamedCurveNIDCount; + return std::find(tlsNamedCurveNIDs, tlsNamedCurveNIDsEnd, id) != tlsNamedCurveNIDsEnd; +} + +QT_END_NAMESPACE diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 31c7b3087e..3838e70310 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -321,6 +321,7 @@ public: QMutex mutex; QList<QSslCipher> supportedCiphers; + QVector<QSslEllipticCurve> supportedEllipticCurves; QExplicitlySharedDataPointer<QSslConfigurationPrivate> config; }; Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData) @@ -902,6 +903,7 @@ void QSslSocket::setSslConfiguration(const QSslConfiguration &configuration) d->configuration.localCertificateChain = configuration.localCertificateChain(); d->configuration.privateKey = configuration.privateKey(); d->configuration.ciphers = configuration.ciphers(); + d->configuration.ellipticCurves = configuration.ellipticCurves(); d->configuration.caCertificates = configuration.caCertificates(); d->configuration.peerVerifyDepth = configuration.peerVerifyDepth(); d->configuration.peerVerifyMode = configuration.peerVerifyMode(); @@ -1270,6 +1272,120 @@ QList<QSslCipher> QSslSocket::supportedCiphers() } /*! + \since 5.5 + + Returns this socket's current list of elliptic curves. This + list is used during the socket's handshake phase for choosing an + elliptic curve (when using an elliptic curve cipher). + The returned list of curves is ordered by descending preference + (i.e., the first curve in the list is the most preferred one). + + By default, this list is empty. An empty default list means that the + handshake phase can choose any of the curves supported by this system's SSL + libraries (which may vary from system to system). The list of curves + supported by this system's SSL libraries is returned by + supportedEllipticCurves(). + + You can restrict the list of curves used for choosing the session cipher + for this socket by calling setEllipticCurves() with a subset of the + supported ciphers. You can revert to using the entire set by calling + setEllipticCurves() with the list returned by supportedEllipticCurves(). + + \sa setEllipticCurves(), defaultEllipticCurves(), setDefaultEllipticCurves(), supportedEllipticCurves() +*/ +QVector<QSslEllipticCurve> QSslSocket::ellipticCurves() const +{ + Q_D(const QSslSocket); + return d->configuration.ellipticCurves; +} + +/*! + \since 5.5 + + Sets the list of elliptic curves to be used by this socket to \a curves, + which must contain a subset of the curves in the list returned by + supportedEllipticCurves(). + + Restricting the elliptic curves must be done before the handshake + phase, where the session cipher is chosen. + + If an empty list is set, then the handshake phase can choose any of the + curves supported by this system's SSL libraries (which may vary from system + to system). The list of curves supported by this system's SSL libraries is + returned by supportedEllipticCurves(). + + Use setCipher() in order to disable the usage of elliptic curve ciphers. + + \sa ellipticCurves(), setDefaultEllipticCurves(), supportedEllipticCurves() +*/ +void QSslSocket::setEllipticCurves(const QVector<QSslEllipticCurve> &curves) +{ + Q_D(QSslSocket); + d->configuration.ellipticCurves = curves; +} + +/*! + \since 5.5 + + Sets the list of elliptic curves to be used by all sockets in this + application to \a curves, which must contain a subset of the curves in the + list returned by supportedEllipticCurves(). + + Restricting the default elliptic curves only affects SSL sockets + that perform their handshake phase after the default list has been changed. + + If an empty list is set, then the handshake phase can choose any of the + curves supported by this system's SSL libraries (which may vary from system + to system). The list of curves supported by this system's SSL libraries is + returned by supportedEllipticCurves(). + + Use setDefaultCiphers() in order to disable the usage of elliptic curve ciphers. + + \sa setEllipticCurves(), defaultEllipticCurves(), supportedEllipticCurves() +*/ +void QSslSocket::setDefaultEllipticCurves(const QVector<QSslEllipticCurve> &curves) +{ + QSslSocketPrivate::setDefaultEllipticCurves(curves); +} + + +/*! + \since 5.5 + + Returns the default elliptic curves list for all sockets in + this application. This list is used during the socket's handshake + phase when negotiating with the peer to choose a session cipher. + The list is ordered by preference (i.e., the first curve in the + list is the most preferred one). + + By default, this list is empty. An empty default list means that the + handshake phase can choose any of the curves supported by this system's SSL + libraries (which may vary from system to system). The list of curves + supported by this system's SSL libraries is returned by + supportedEllipticCurves(). + + \sa setDefaultEllipticCurves(), supportedEllipticCurves() +*/ +QVector<QSslEllipticCurve> QSslSocket::defaultEllipticCurves() +{ + return QSslSocketPrivate::defaultEllipticCurves(); +} + +/*! + \since 5.5 + + Returns the list of elliptic curves supported by this + system. This list is set by the system's SSL libraries and may + vary from system to system. + + \sa ellipticCurves(), setEllipticCurves(), defaultEllipticCurves() +*/ +QVector<QSslEllipticCurve> QSslSocket::supportedEllipticCurves() +{ + return QSslSocketPrivate::supportedEllipticCurves(); +} + +/*! Searches all files in the \a path for certificates encoded in the specified \a format and adds them to this socket's CA certificate database. \a path can be explicit, or it can contain wildcards in @@ -2036,6 +2152,46 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph /*! \internal */ +QVector<QSslEllipticCurve> QSslSocketPrivate::defaultEllipticCurves() +{ + QSslSocketPrivate::ensureInitialized(); + const QMutexLocker locker(&globalData()->mutex); + return globalData()->config->ellipticCurves; +} + +/*! + \internal +*/ +QVector<QSslEllipticCurve> QSslSocketPrivate::supportedEllipticCurves() +{ + QSslSocketPrivate::ensureInitialized(); + const QMutexLocker locker(&globalData()->mutex); + return globalData()->supportedEllipticCurves; +} + +/*! + \internal +*/ +void QSslSocketPrivate::setDefaultEllipticCurves(const QVector<QSslEllipticCurve> &curves) +{ + const QMutexLocker locker(&globalData()->mutex); + globalData()->config.detach(); + globalData()->config->ellipticCurves = curves; +} + +/*! + \internal +*/ +void QSslSocketPrivate::setDefaultSupportedEllipticCurves(const QVector<QSslEllipticCurve> &curves) +{ + const QMutexLocker locker(&globalData()->mutex); + globalData()->config.detach(); + globalData()->supportedEllipticCurves = curves; +} + +/*! + \internal +*/ QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates() { QSslSocketPrivate::ensureInitialized(); @@ -2128,10 +2284,8 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri QMutexLocker locker(&globalData()->mutex); const QSslConfigurationPrivate *global = globalData()->config.constData(); - if (!global) { - ptr = 0; + if (!global) return; - } ptr->ref.store(1); ptr->peerCertificate = global->peerCertificate; @@ -2146,6 +2300,7 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri ptr->peerVerifyMode = global->peerVerifyMode; ptr->peerVerifyDepth = global->peerVerifyDepth; ptr->sslOptions = global->sslOptions; + ptr->ellipticCurves = global->ellipticCurves; } /*! diff --git a/src/network/ssl/qsslsocket.h b/src/network/ssl/qsslsocket.h index 1fe12e5989..f5ab1527dc 100644 --- a/src/network/ssl/qsslsocket.h +++ b/src/network/ssl/qsslsocket.h @@ -51,6 +51,7 @@ class QDir; class QSslCipher; class QSslCertificate; class QSslConfiguration; +class QSslEllipticCurve; class QSslSocketPrivate; class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket @@ -72,20 +73,20 @@ public: explicit QSslSocket(QObject *parent = 0); ~QSslSocket(); - void resume(); // to continue after proxy authentication required, SSL errors etc. + void resume() Q_DECL_OVERRIDE; // to continue after proxy authentication required, SSL errors etc. // Autostarting the SSL client handshake. void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); bool setSocketDescriptor(qintptr socketDescriptor, SocketState state = ConnectedState, - OpenMode openMode = ReadWrite); + OpenMode openMode = ReadWrite) Q_DECL_OVERRIDE; using QAbstractSocket::connectToHost; - void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol); - void disconnectFromHost(); + void connectToHost(const QString &hostName, quint16 port, OpenMode openMode = ReadWrite, NetworkLayerProtocol protocol = AnyIPProtocol) Q_DECL_OVERRIDE; + void disconnectFromHost() Q_DECL_OVERRIDE; - virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value); - virtual QVariant socketOption(QAbstractSocket::SocketOption option); + virtual void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value) Q_DECL_OVERRIDE; + virtual QVariant socketOption(QAbstractSocket::SocketOption option) Q_DECL_OVERRIDE; SslMode mode() const; bool isEncrypted() const; @@ -103,16 +104,16 @@ public: void setPeerVerifyName(const QString &hostName); // From QIODevice - qint64 bytesAvailable() const; - qint64 bytesToWrite() const; - bool canReadLine() const; - void close(); - bool atEnd() const; + qint64 bytesAvailable() const Q_DECL_OVERRIDE; + qint64 bytesToWrite() const Q_DECL_OVERRIDE; + bool canReadLine() const Q_DECL_OVERRIDE; + void close() Q_DECL_OVERRIDE; + bool atEnd() const Q_DECL_OVERRIDE; bool flush(); void abort(); // From QAbstractSocket: - void setReadBufferSize(qint64 size); + void setReadBufferSize(qint64 size) Q_DECL_OVERRIDE; // Similar to QIODevice's: qint64 encryptedBytesAvailable() const; @@ -149,6 +150,13 @@ public: static QList<QSslCipher> defaultCiphers(); static QList<QSslCipher> supportedCiphers(); + // EC settings. + QVector<QSslEllipticCurve> ellipticCurves() const; + void setEllipticCurves(const QVector<QSslEllipticCurve> &curves); + static void setDefaultEllipticCurves(const QVector<QSslEllipticCurve> &curves); + static QVector<QSslEllipticCurve> defaultEllipticCurves(); + static QVector<QSslEllipticCurve> supportedEllipticCurves(); + // CA settings. bool addCaCertificates(const QString &path, QSsl::EncodingFormat format = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString); @@ -164,11 +172,11 @@ public: static QList<QSslCertificate> defaultCaCertificates(); static QList<QSslCertificate> systemCaCertificates(); - bool waitForConnected(int msecs = 30000); + bool waitForConnected(int msecs = 30000) Q_DECL_OVERRIDE; bool waitForEncrypted(int msecs = 30000); - bool waitForReadyRead(int msecs = 30000); - bool waitForBytesWritten(int msecs = 30000); - bool waitForDisconnected(int msecs = 30000); + bool waitForReadyRead(int msecs = 30000) Q_DECL_OVERRIDE; + bool waitForBytesWritten(int msecs = 30000) Q_DECL_OVERRIDE; + bool waitForDisconnected(int msecs = 30000) Q_DECL_OVERRIDE; QList<QSslError> sslErrors() const; @@ -193,8 +201,8 @@ Q_SIGNALS: void encryptedBytesWritten(qint64 totalBytes); protected: - qint64 readData(char *data, qint64 maxlen); - qint64 writeData(const char *data, qint64 len); + qint64 readData(char *data, qint64 maxlen) Q_DECL_OVERRIDE; + qint64 writeData(const char *data, qint64 len) Q_DECL_OVERRIDE; private: Q_DECLARE_PRIVATE(QSslSocket) diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 8833e3fdd8..bf348f6f9f 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1,6 +1,7 @@ /**************************************************************************** ** ** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Copyright (C) 2014 Governikus GmbH & Co. KG ** Contact: http://www.qt-project.org/legal ** ** This file is part of the QtNetwork module of the Qt Toolkit. @@ -56,6 +57,7 @@ #include "qsslcertificate_p.h" #include "qsslcipher_p.h" #include "qsslkey_p.h" +#include "qsslellipticcurve.h" #include <QtCore/qdatetime.h> #include <QtCore/qdebug.h> @@ -480,6 +482,7 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() s_loadedCiphersAndCerts = true; resetDefaultCiphers(); + resetDefaultEllipticCurves(); #ifndef QT_NO_LIBRARY //load symbols needed to receive certificates from system store @@ -628,6 +631,31 @@ void QSslSocketPrivate::resetDefaultCiphers() setDefaultCiphers(defaultCiphers); } +void QSslSocketPrivate::resetDefaultEllipticCurves() +{ + QVector<QSslEllipticCurve> curves; + +#ifndef OPENSSL_NO_EC + const size_t curveCount = q_EC_get_builtin_curves(NULL, 0); + + QVarLengthArray<EC_builtin_curve> builtinCurves(static_cast<int>(curveCount)); + + if (q_EC_get_builtin_curves(builtinCurves.data(), curveCount) == curveCount) { + for (size_t i = 0; i < curveCount; ++i) { + QSslEllipticCurve curve; + curve.id = builtinCurves[i].nid; + curves.append(curve); + } + } +#endif // OPENSSL_NO_EC + + // set the list of supported ECs, but not the list + // of *default* ECs. OpenSSL doesn't like forcing an EC for the wrong + // ciphersuite, so don't try it -- leave the empty list to mean + // "the implementation will choose the most suitable one". + setDefaultSupportedEllipticCurves(curves); +} + QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() { ensureInitialized(); diff --git a/src/network/ssl/qsslsocket_openssl_p.h b/src/network/ssl/qsslsocket_openssl_p.h index 29907e9ae7..69634ceab5 100644 --- a/src/network/ssl/qsslsocket_openssl_p.h +++ b/src/network/ssl/qsslsocket_openssl_p.h @@ -116,15 +116,15 @@ public: QList<QPair<int, int> > errorList; // Platform specific functions - void startClientEncryption(); - void startServerEncryption(); - void transmit(); + void startClientEncryption() Q_DECL_OVERRIDE; + void startServerEncryption() Q_DECL_OVERRIDE; + void transmit() Q_DECL_OVERRIDE; bool startHandshake(); - void disconnectFromHost(); - void disconnected(); - QSslCipher sessionCipher() const; - QSsl::SslProtocol sessionProtocol() const; - void continueHandshake(); + void disconnectFromHost() Q_DECL_OVERRIDE; + void disconnected() Q_DECL_OVERRIDE; + QSslCipher sessionCipher() const Q_DECL_OVERRIDE; + QSsl::SslProtocol sessionProtocol() const Q_DECL_OVERRIDE; + void continueHandshake() Q_DECL_OVERRIDE; bool checkSslErrors(); #ifdef Q_OS_WIN void fetchCaRootForCert(const QSslCertificate &cert); diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index ea6e84adef..91de3b2743 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -168,6 +168,7 @@ DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return) DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return) DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return 0, return) DEFINEFUNC(const char *, OBJ_nid2ln, int a, a, return 0, return) +DEFINEFUNC(int, OBJ_sn2nid, const char *s, s, return 0, return) DEFINEFUNC3(int, i2t_ASN1_OBJECT, char *a, a, int b, b, ASN1_OBJECT *c, c, return -1, return) DEFINEFUNC4(int, OBJ_obj2txt, char *a, a, int b, b, ASN1_OBJECT *c, c, int d, d, return -1, return) @@ -372,6 +373,10 @@ DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM #ifndef OPENSSL_NO_EC DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return 0, return) DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG) +DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return) +#if OPENSSL_VERSION_NUMBER >= 0x10002000L +DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return) +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC DEFINEFUNC5(int, PKCS12_parse, PKCS12 *p12, p12, const char *pass, pass, EVP_PKEY **pkey, pkey, \ @@ -729,6 +734,7 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(EVP_PKEY_type) RESOLVEFUNC(OBJ_nid2sn) RESOLVEFUNC(OBJ_nid2ln) + RESOLVEFUNC(OBJ_sn2nid) RESOLVEFUNC(i2t_ASN1_OBJECT) RESOLVEFUNC(OBJ_obj2txt) RESOLVEFUNC(OBJ_obj2nid) @@ -879,6 +885,11 @@ bool q_resolveOpenSslSymbols() #ifndef OPENSSL_NO_EC RESOLVEFUNC(EC_KEY_new_by_curve_name) RESOLVEFUNC(EC_KEY_free) + RESOLVEFUNC(EC_get_builtin_curves) +#if OPENSSL_VERSION_NUMBER >= 0x10002000L + if (q_SSLeay() >= 0x10002000L) + RESOLVEFUNC(EC_curve_nist2nid) +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC RESOLVEFUNC(PKCS12_parse) RESOLVEFUNC(d2i_PKCS12_bio) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index e2e09e4feb..ee19345e4a 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -248,6 +248,7 @@ Q_AUTOTEST_EXPORT EVP_PKEY *q_EVP_PKEY_new(); int q_i2d_X509(X509 *a, unsigned char **b); const char *q_OBJ_nid2sn(int a); const char *q_OBJ_nid2ln(int a); +int q_OBJ_sn2nid(const char *s); int q_i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *obj); int q_OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *obj, int no_name); int q_OBJ_obj2nid(const ASN1_OBJECT *a); @@ -435,6 +436,12 @@ BIGNUM *q_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); EC_KEY *q_EC_KEY_new_by_curve_name(int nid); void q_EC_KEY_free(EC_KEY *ecdh); #define q_SSL_CTX_set_tmp_ecdh(ctx, ecdh) q_SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TMP_ECDH, 0, (char *)ecdh) + +// EC curves management +size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); +#if OPENSSL_VERSION_NUMBER >= 0x10002000L +int q_EC_curve_nist2nid(const char *name); +#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC // PKCS#12 support diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index 6e7a2c5520..3262b41bbd 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -135,6 +135,12 @@ public: static void setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers); static void resetDefaultCiphers(); + static QVector<QSslEllipticCurve> defaultEllipticCurves(); + static QVector<QSslEllipticCurve> supportedEllipticCurves(); + static void setDefaultEllipticCurves(const QVector<QSslEllipticCurve> &curves); + static void setDefaultSupportedEllipticCurves(const QVector<QSslEllipticCurve> &curves); + static void resetDefaultEllipticCurves(); + static QList<QSslCertificate> defaultCaCertificates(); static QList<QSslCertificate> systemCaCertificates(); static void setDefaultCaCertificates(const QList<QSslCertificate> &certs); @@ -180,8 +186,8 @@ public: static QList<QByteArray> unixRootCertDirectories(); // used also by QSslContext - virtual qint64 peek(char *data, qint64 maxSize); - virtual QByteArray peek(qint64 maxSize); + virtual qint64 peek(char *data, qint64 maxSize) Q_DECL_OVERRIDE; + virtual QByteArray peek(qint64 maxSize) Q_DECL_OVERRIDE; // Platform specific functions virtual void startClientEncryption() = 0; diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri index d0ba93b53f..961e29c062 100644 --- a/src/network/ssl/ssl.pri +++ b/src/network/ssl/ssl.pri @@ -9,6 +9,7 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op ssl/qsslconfiguration_p.h \ ssl/qsslcipher.h \ ssl/qsslcipher_p.h \ + ssl/qsslellipticcurve.h \ ssl/qsslerror.h \ ssl/qsslkey.h \ ssl/qsslkey_p.h \ @@ -21,6 +22,7 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op ssl/qsslcertificate.cpp \ ssl/qsslconfiguration.cpp \ ssl/qsslcipher.cpp \ + ssl/qsslellipticcurve.cpp \ ssl/qsslkey_p.cpp \ ssl/qsslerror.cpp \ ssl/qsslsocket.cpp \ @@ -32,7 +34,8 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op ssl/qsslcertificate_winrt.cpp \ ssl/qsslkey_qt.cpp \ ssl/qsslkey_winrt.cpp \ - ssl/qsslsocket_winrt.cpp + ssl/qsslsocket_winrt.cpp \ + ssl/qsslellipticcurve_dummy.cpp } } @@ -42,6 +45,7 @@ contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) { ssl/qsslsocket_openssl_symbols_p.h SOURCES += ssl/qsslcertificate_openssl.cpp \ ssl/qsslcontext_openssl.cpp \ + ssl/qsslellipticcurve_openssl.cpp \ ssl/qsslkey_openssl.cpp \ ssl/qsslsocket_openssl.cpp \ ssl/qsslsocket_openssl_symbols.cpp |