diff options
Diffstat (limited to 'src/network')
44 files changed, 1382 insertions, 1938 deletions
diff --git a/src/network/access/access.pri b/src/network/access/access.pri index cfb20dcd71..083fbbf5fd 100644 --- a/src/network/access/access.pri +++ b/src/network/access/access.pri @@ -114,11 +114,4 @@ qtConfig(http) { access/qhttpthreaddelegate_p.h \ access/qnetworkreplyhttpimpl_p.h \ access/qhttp2configuration.h - - qtConfig(ssl) { - SOURCES += \ - access/qspdyprotocolhandler.cpp - HEADERS += \ - access/qspdyprotocolhandler_p.h - } } diff --git a/src/network/access/qabstractnetworkcache.h b/src/network/access/qabstractnetworkcache.h index e357dfe58f..a4048c5b8f 100644 --- a/src/network/access/qabstractnetworkcache.h +++ b/src/network/access/qabstractnetworkcache.h @@ -52,7 +52,6 @@ QT_BEGIN_NAMESPACE class QIODevice; class QDateTime; class QUrl; -template<class T> class QList; class QNetworkCacheMetaDataPrivate; class Q_NETWORK_EXPORT QNetworkCacheMetaData diff --git a/src/network/access/qhsts_p.h b/src/network/access/qhsts_p.h index c219d9eab5..b5be4ff455 100644 --- a/src/network/access/qhsts_p.h +++ b/src/network/access/qhsts_p.h @@ -66,7 +66,6 @@ QT_BEGIN_NAMESPACE -template<typename T> class QList; template <typename T> class QVector; class Q_AUTOTEST_EXPORT QHstsCache diff --git a/src/network/access/qhttp2protocolhandler.cpp b/src/network/access/qhttp2protocolhandler.cpp index dce51d4fd5..efbeb17d39 100644 --- a/src/network/access/qhttp2protocolhandler.cpp +++ b/src/network/access/qhttp2protocolhandler.cpp @@ -332,13 +332,13 @@ bool QHttp2ProtocolHandler::sendRequest() // so we cannot create new streams. m_channel->emitFinishedWithError(QNetworkReply::ProtocolUnknownError, "GOAWAY received, cannot start a request"); - m_channel->spdyRequestsToSend.clear(); + m_channel->h2RequestsToSend.clear(); return false; } // Process 'fake' (created by QNetworkAccessManager::connectToHostEncrypted()) // requests first: - auto &requests = m_channel->spdyRequestsToSend; + auto &requests = m_channel->h2RequestsToSend; for (auto it = requests.begin(), endIt = requests.end(); it != endIt;) { const auto &pair = *it; const QString scheme(pair.first.url().scheme()); @@ -862,7 +862,7 @@ void QHttp2ProtocolHandler::handleGOAWAY() m_channel->emitFinishedWithError(QNetworkReply::ProtocolUnknownError, "GOAWAY received, cannot start a request"); // Also, prevent further calls to sendRequest: - m_channel->spdyRequestsToSend.clear(); + m_channel->h2RequestsToSend.clear(); QNetworkReply::NetworkError error = QNetworkReply::NoError; QString message; @@ -1281,7 +1281,7 @@ quint32 QHttp2ProtocolHandler::createNewStream(const HttpMessagePair &message, b const auto replyPrivate = reply->d_func(); replyPrivate->connection = m_connection; replyPrivate->connectionChannel = m_channel; - reply->setSpdyWasUsed(true); + reply->setHttp2WasUsed(true); streamIDs.insert(reply, newStreamID); connect(reply, SIGNAL(destroyed(QObject*)), this, SLOT(_q_replyDestroyed(QObject*))); @@ -1387,7 +1387,7 @@ void QHttp2ProtocolHandler::deleteActiveStream(quint32 streamID) } removeFromSuspended(streamID); - if (m_channel->spdyRequestsToSend.size()) + if (m_channel->h2RequestsToSend.size()) QMetaObject::invokeMethod(this, "sendRequest", Qt::QueuedConnection); } @@ -1506,7 +1506,7 @@ void QHttp2ProtocolHandler::initReplyFromPushPromise(const HttpMessagePair &mess Q_ASSERT(promisedData.contains(cacheKey)); auto promise = promisedData.take(cacheKey); Q_ASSERT(message.second); - message.second->setSpdyWasUsed(true); + message.second->setHttp2WasUsed(true); qCDebug(QT_HTTP2) << "found cached/promised response on stream" << promise.reservedID; diff --git a/src/network/access/qhttpnetworkconnection.cpp b/src/network/access/qhttpnetworkconnection.cpp index 21c6359807..795efc91d7 100644 --- a/src/network/access/qhttpnetworkconnection.cpp +++ b/src/network/access/qhttpnetworkconnection.cpp @@ -82,9 +82,6 @@ QHttpNetworkConnectionPrivate::QHttpNetworkConnectionPrivate(const QString &host hostName(hostName), port(port), encrypt(encrypt), delayIpv4(true) , activeChannelCount(type == QHttpNetworkConnection::ConnectionTypeHTTP2 || type == QHttpNetworkConnection::ConnectionTypeHTTP2Direct -#ifndef QT_NO_SSL - || type == QHttpNetworkConnection::ConnectionTypeSPDY -#endif ? 1 : defaultHttpChannelCount) , channelCount(defaultHttpChannelCount) #ifndef QT_NO_NETWORKPROXY @@ -93,9 +90,9 @@ QHttpNetworkConnectionPrivate::QHttpNetworkConnectionPrivate(const QString &host , preConnectRequests(0) , connectionType(type) { - // We allocate all 6 channels even if it's SPDY or HTTP/2 enabled - // connection: in case the protocol negotiation via NPN/ALPN fails, - // we will have normally working HTTP/1.1. + // We allocate all 6 channels even if it's HTTP/2 enabled connection: + // in case the protocol negotiation via NPN/ALPN fails, we will have + // normally working HTTP/1.1. Q_ASSERT(channelCount >= activeChannelCount); channels = new QHttpNetworkConnectionChannel[channelCount]; } @@ -641,10 +638,10 @@ QHttpNetworkReply* QHttpNetworkConnectionPrivate::queueRequest(const QHttpNetwor break; } } - else { // SPDY, HTTP/2 ('h2' mode) + else { // HTTP/2 ('h2' mode) if (!pair.second->d_func()->requestIsPrepared) prepareRequest(pair); - channels[0].spdyRequestsToSend.insert(request.priority(), pair); + channels[0].h2RequestsToSend.insert(request.priority(), pair); } #ifndef Q_OS_WINRT @@ -680,7 +677,7 @@ void QHttpNetworkConnectionPrivate::fillHttp2Queue() for (auto &pair : highPriorityQueue) { if (!pair.second->d_func()->requestIsPrepared) prepareRequest(pair); - channels[0].spdyRequestsToSend.insert(QHttpNetworkRequest::HighPriority, pair); + channels[0].h2RequestsToSend.insert(QHttpNetworkRequest::HighPriority, pair); } highPriorityQueue.clear(); @@ -688,7 +685,7 @@ void QHttpNetworkConnectionPrivate::fillHttp2Queue() for (auto &pair : lowPriorityQueue) { if (!pair.second->d_func()->requestIsPrepared) prepareRequest(pair); - channels[0].spdyRequestsToSend.insert(pair.first.priority(), pair); + channels[0].h2RequestsToSend.insert(pair.first.priority(), pair); } lowPriorityQueue.clear(); @@ -984,12 +981,12 @@ void QHttpNetworkConnectionPrivate::removeReply(QHttpNetworkReply *reply) } } #ifndef QT_NO_SSL - // is the reply inside the SPDY pipeline of this channel already? - QMultiMap<int, HttpMessagePair>::iterator it = channels[i].spdyRequestsToSend.begin(); - QMultiMap<int, HttpMessagePair>::iterator end = channels[i].spdyRequestsToSend.end(); + // is the reply inside the H2 pipeline of this channel already? + QMultiMap<int, HttpMessagePair>::iterator it = channels[i].h2RequestsToSend.begin(); + QMultiMap<int, HttpMessagePair>::iterator end = channels[i].h2RequestsToSend.end(); for (; it != end; ++it) { if (it.value().second == reply) { - channels[i].spdyRequestsToSend.remove(it.key()); + channels[i].h2RequestsToSend.remove(it.key()); QMetaObject::invokeMethod(q, "_q_startNextRequest", Qt::QueuedConnection); return; @@ -1068,9 +1065,8 @@ void QHttpNetworkConnectionPrivate::_q_startNextRequest() break; } case QHttpNetworkConnection::ConnectionTypeHTTP2Direct: - case QHttpNetworkConnection::ConnectionTypeHTTP2: - case QHttpNetworkConnection::ConnectionTypeSPDY: { - if (channels[0].spdyRequestsToSend.isEmpty() && channels[0].switchedToHttp2) + case QHttpNetworkConnection::ConnectionTypeHTTP2: { + if (channels[0].h2RequestsToSend.isEmpty() && channels[0].switchedToHttp2) return; if (networkLayerState == IPv4) @@ -1079,7 +1075,7 @@ void QHttpNetworkConnectionPrivate::_q_startNextRequest() channels[0].networkLayerPreference = QAbstractSocket::IPv6Protocol; channels[0].ensureConnection(); if (channels[0].socket && channels[0].socket->state() == QAbstractSocket::ConnectedState - && !channels[0].pendingEncrypt && channels[0].spdyRequestsToSend.size()) + && !channels[0].pendingEncrypt && channels[0].h2RequestsToSend.size()) channels[0].sendRequest(); break; } @@ -1234,19 +1230,18 @@ void QHttpNetworkConnectionPrivate::_q_hostLookupFinished(const QHostInfo &info) if (dequeueRequest(channels[0].socket)) { emitReplyError(channels[0].socket, channels[0].reply, QNetworkReply::HostNotFoundError); networkLayerState = QHttpNetworkConnectionPrivate::Unknown; - } else if (connectionType == QHttpNetworkConnection::ConnectionTypeSPDY - || connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2 + } else if (connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2 || connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { - for (const HttpMessagePair &spdyPair : qAsConst(channels[0].spdyRequestsToSend)) { + for (const HttpMessagePair &h2Pair : qAsConst(channels[0].h2RequestsToSend)) { // emit error for all replies - QHttpNetworkReply *currentReply = spdyPair.second; + QHttpNetworkReply *currentReply = h2Pair.second; Q_ASSERT(currentReply); emitReplyError(channels[0].socket, currentReply, QNetworkReply::HostNotFoundError); } } else { // Should not happen: we start a host lookup before sending a request, - // so it's natural to have requests either in SPDY/HTTP/2 queue, - // or in low/high priority queues. + // so it's natural to have requests either in HTTP/2 queue, or in low/high + // priority queues. qWarning("QHttpNetworkConnectionPrivate::_q_hostLookupFinished" " could not de-queue request, failed to report HostNotFoundError"); networkLayerState = QHttpNetworkConnectionPrivate::Unknown; @@ -1576,17 +1571,12 @@ void QHttpNetworkConnectionPrivate::emitProxyAuthenticationRequired(const QHttpN pauseConnection(); QHttpNetworkReply *reply; if (connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2 - || connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2Direct -#if QT_CONFIG(ssl) - || connectionType == QHttpNetworkConnection::ConnectionTypeSPDY -#endif - ) { - + || connectionType == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { // we choose the reply to emit the proxyAuth signal from somewhat arbitrarily, // but that does not matter because the signal will ultimately be emitted // by the QNetworkAccessManager. - Q_ASSERT(chan->spdyRequestsToSend.count() > 0); - reply = chan->spdyRequestsToSend.cbegin().value().second; + Q_ASSERT(chan->h2RequestsToSend.count() > 0); + reply = chan->h2RequestsToSend.cbegin().value().second; } else { // HTTP reply = chan->reply; } diff --git a/src/network/access/qhttpnetworkconnection_p.h b/src/network/access/qhttpnetworkconnection_p.h index 6808a0c0ac..fee84bb6c0 100644 --- a/src/network/access/qhttpnetworkconnection_p.h +++ b/src/network/access/qhttpnetworkconnection_p.h @@ -96,7 +96,6 @@ public: enum ConnectionType { ConnectionTypeHTTP, - ConnectionTypeSPDY, ConnectionTypeHTTP2, ConnectionTypeHTTP2Direct }; @@ -172,7 +171,6 @@ private: friend class QHttpNetworkConnectionChannel; friend class QHttp2ProtocolHandler; friend class QHttpProtocolHandler; - friend class QSpdyProtocolHandler; Q_PRIVATE_SLOT(d_func(), void _q_startNextRequest()) Q_PRIVATE_SLOT(d_func(), void _q_hostLookupFinished(QHostInfo)) diff --git a/src/network/access/qhttpnetworkconnectionchannel.cpp b/src/network/access/qhttpnetworkconnectionchannel.cpp index 39f392a79b..c6470622ab 100644 --- a/src/network/access/qhttpnetworkconnectionchannel.cpp +++ b/src/network/access/qhttpnetworkconnectionchannel.cpp @@ -48,7 +48,6 @@ #include <private/qhttp2protocolhandler_p.h> #include <private/qhttpprotocolhandler_p.h> -#include <private/qspdyprotocolhandler_p.h> #include <private/http2protocol_p.h> #ifndef QT_NO_SSL @@ -931,7 +930,7 @@ void QHttpNetworkConnectionChannel::_q_connected() } else if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { state = QHttpNetworkConnectionChannel::IdleState; protocolHandler.reset(new QHttp2ProtocolHandler(this)); - if (spdyRequestsToSend.count() > 0) { + if (h2RequestsToSend.count() > 0) { // In case our peer has sent us its settings (window size, max concurrent streams etc.) // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection). QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection); @@ -1108,15 +1107,11 @@ void QHttpNetworkConnectionChannel::_q_error(QAbstractSocket::SocketError socket || !connection->d_func()->lowPriorityQueue.isEmpty()); if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2 - || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct -#ifndef QT_NO_SSL - || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeSPDY -#endif - ) { - QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values(); - for (int a = 0; a < spdyPairs.count(); ++a) { + || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { + QList<HttpMessagePair> h2Pairs = h2RequestsToSend.values(); + for (int a = 0; a < h2Pairs.count(); ++a) { // emit error for all replies - QHttpNetworkReply *currentReply = spdyPairs.at(a).second; + QHttpNetworkReply *currentReply = h2Pairs.at(a).second; Q_ASSERT(currentReply); emit currentReply->finishedWithError(errorCode, errorString); } @@ -1143,12 +1138,8 @@ void QHttpNetworkConnectionChannel::_q_error(QAbstractSocket::SocketError socket void QHttpNetworkConnectionChannel::_q_proxyAuthenticationRequired(const QNetworkProxy &proxy, QAuthenticator* auth) { if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2 - || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct -#ifndef QT_NO_SSL - || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeSPDY -#endif - ) { - if (spdyRequestsToSend.count() > 0) + || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { + if (h2RequestsToSend.count() > 0) connection->d_func()->emitProxyAuthenticationRequired(this, proxy, auth); } else { // HTTP // Need to dequeue the request before we can emit the error. @@ -1171,9 +1162,9 @@ void QHttpNetworkConnectionChannel::emitFinishedWithError(QNetworkReply::Network { if (reply) emit reply->finishedWithError(error, QHttpNetworkConnectionChannel::tr(message)); - QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values(); - for (int a = 0; a < spdyPairs.count(); ++a) { - QHttpNetworkReply *currentReply = spdyPairs.at(a).second; + QList<HttpMessagePair> h2Pairs = h2RequestsToSend.values(); + for (int a = 0; a < h2Pairs.count(); ++a) { + QHttpNetworkReply *currentReply = h2Pairs.at(a).second; Q_ASSERT(currentReply); emit currentReply->finishedWithError(error, QHttpNetworkConnectionChannel::tr(message)); } @@ -1195,12 +1186,6 @@ void QHttpNetworkConnectionChannel::_q_encrypted() QByteArray nextProtocol = sslSocket->sslConfiguration().nextNegotiatedProtocol(); if (nextProtocol == QSslConfiguration::NextProtocolHttp1_1) { // fall through to create a QHttpProtocolHandler - } else if (nextProtocol == QSslConfiguration::NextProtocolSpdy3_0) { - protocolHandler.reset(new QSpdyProtocolHandler(this)); - connection->setConnectionType(QHttpNetworkConnection::ConnectionTypeSPDY); - // no need to re-queue requests, if SPDY was enabled on the request it - // has gone to the SPDY queue already - break; } else if (nextProtocol == QSslConfiguration::ALPNProtocolHTTP2) { switchedToHttp2 = true; protocolHandler.reset(new QHttp2ProtocolHandler(this)); @@ -1229,8 +1214,6 @@ void QHttpNetworkConnectionChannel::_q_encrypted() // it again on other channels that our connection can create/open. if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2) protocols.removeAll(QSslConfiguration::ALPNProtocolHTTP2); - else if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeSPDY) - protocols.removeAll(QSslConfiguration::NextProtocolSpdy3_0); if (nProtocols > protocols.size()) { sslConfiguration->setAllowedNextProtocols(protocols); @@ -1240,13 +1223,13 @@ void QHttpNetworkConnectionChannel::_q_encrypted() } connection->setConnectionType(QHttpNetworkConnection::ConnectionTypeHTTP); - // We use only one channel for SPDY or HTTP/2, but normally six for + // We use only one channel for HTTP/2, but normally six for // HTTP/1.1 - let's restore this number to the reserved number of // channels: if (connection->d_func()->activeChannelCount < connection->d_func()->channelCount) { connection->d_func()->activeChannelCount = connection->d_func()->channelCount; - // re-queue requests from SPDY queue to HTTP queue, if any - requeueSpdyRequests(); + // re-queue requests from HTTP/2 queue to HTTP queue, if any + requeueHttp2Requests(); } break; } @@ -1266,11 +1249,9 @@ void QHttpNetworkConnectionChannel::_q_encrypted() state = QHttpNetworkConnectionChannel::IdleState; pendingEncrypt = false; - if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeSPDY || - connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2 || + if (connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2 || connection->connectionType() == QHttpNetworkConnection::ConnectionTypeHTTP2Direct) { - // we call setSpdyWasUsed(true) on the replies in the SPDY handler when the request is sent - if (spdyRequestsToSend.count() > 0) { + if (h2RequestsToSend.count() > 0) { // In case our peer has sent us its settings (window size, max concurrent streams etc.) // let's give _q_receiveReply a chance to read them first ('invokeMethod', QueuedConnection). QMetaObject::invokeMethod(connection, "_q_startNextRequest", Qt::QueuedConnection); @@ -1279,7 +1260,7 @@ void QHttpNetworkConnectionChannel::_q_encrypted() if (!reply) connection->d_func()->dequeueRequest(socket); if (reply) { - reply->setSpdyWasUsed(false); + reply->setHttp2WasUsed(false); Q_ASSERT(reply->d_func()->connectionChannel == this); emit reply->encrypted(); } @@ -1288,13 +1269,12 @@ void QHttpNetworkConnectionChannel::_q_encrypted() } } -void QHttpNetworkConnectionChannel::requeueSpdyRequests() +void QHttpNetworkConnectionChannel::requeueHttp2Requests() { - QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values(); - for (int a = 0; a < spdyPairs.count(); ++a) { - connection->d_func()->requeueRequest(spdyPairs.at(a)); - } - spdyRequestsToSend.clear(); + QList<HttpMessagePair> h2Pairs = h2RequestsToSend.values(); + for (int a = 0; a < h2Pairs.count(); ++a) + connection->d_func()->requeueRequest(h2Pairs.at(a)); + h2RequestsToSend.clear(); } void QHttpNetworkConnectionChannel::_q_sslErrors(const QList<QSslError> &errors) @@ -1312,11 +1292,11 @@ void QHttpNetworkConnectionChannel::_q_sslErrors(const QList<QSslError> &errors) emit reply->sslErrors(errors); } #ifndef QT_NO_SSL - else { // SPDY - QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values(); - for (int a = 0; a < spdyPairs.count(); ++a) { + else { // HTTP/2 + QList<HttpMessagePair> h2Pairs = h2RequestsToSend.values(); + for (int a = 0; a < h2Pairs.count(); ++a) { // emit SSL errors for all replies - QHttpNetworkReply *currentReply = spdyPairs.at(a).second; + QHttpNetworkReply *currentReply = h2Pairs.at(a).second; Q_ASSERT(currentReply); emit currentReply->sslErrors(errors); } @@ -1336,10 +1316,10 @@ void QHttpNetworkConnectionChannel::_q_preSharedKeyAuthenticationRequired(QSslPr if (reply) emit reply->preSharedKeyAuthenticationRequired(authenticator); } else { - QList<HttpMessagePair> spdyPairs = spdyRequestsToSend.values(); - for (int a = 0; a < spdyPairs.count(); ++a) { + QList<HttpMessagePair> h2Pairs = h2RequestsToSend.values(); + for (int a = 0; a < h2Pairs.count(); ++a) { // emit SSL errors for all replies - QHttpNetworkReply *currentReply = spdyPairs.at(a).second; + QHttpNetworkReply *currentReply = h2Pairs.at(a).second; Q_ASSERT(currentReply); emit currentReply->preSharedKeyAuthenticationRequired(authenticator); } diff --git a/src/network/access/qhttpnetworkconnectionchannel_p.h b/src/network/access/qhttpnetworkconnectionchannel_p.h index 270b3eb9ba..44ad2d7959 100644 --- a/src/network/access/qhttpnetworkconnectionchannel_p.h +++ b/src/network/access/qhttpnetworkconnectionchannel_p.h @@ -123,10 +123,7 @@ public: bool authenticationCredentialsSent; bool proxyCredentialsSent; QScopedPointer<QAbstractProtocolHandler> protocolHandler; - // SPDY or HTTP/2 requests; SPDY is TLS-only, but - // HTTP/2 can be cleartext also, that's why it's - // outside of QT_NO_SSL section. Sorted by priority: - QMultiMap<int, HttpMessagePair> spdyRequestsToSend; + QMultiMap<int, HttpMessagePair> h2RequestsToSend; bool switchedToHttp2 = false; #ifndef QT_NO_SSL bool ignoreAllSslErrors; @@ -135,7 +132,7 @@ public: void ignoreSslErrors(); void ignoreSslErrors(const QList<QSslError> &errors); void setSslConfiguration(const QSslConfiguration &config); - void requeueSpdyRequests(); // when we wanted SPDY but got HTTP + void requeueHttp2Requests(); // when we wanted HTTP/2 but got HTTP/1.1 #endif // to emit the signal for all in-flight replies: void emitFinishedWithError(QNetworkReply::NetworkError error, const char *message); diff --git a/src/network/access/qhttpnetworkreply.cpp b/src/network/access/qhttpnetworkreply.cpp index a8b635c45a..8982b7c745 100644 --- a/src/network/access/qhttpnetworkreply.cpp +++ b/src/network/access/qhttpnetworkreply.cpp @@ -287,14 +287,14 @@ bool QHttpNetworkReply::isPipeliningUsed() const return d_func()->pipeliningUsed; } -bool QHttpNetworkReply::isSpdyUsed() const +bool QHttpNetworkReply::isHttp2Used() const { - return d_func()->spdyUsed; + return d_func()->h2Used; } -void QHttpNetworkReply::setSpdyWasUsed(bool spdy) +void QHttpNetworkReply::setHttp2WasUsed(bool h2) { - d_func()->spdyUsed = spdy; + d_func()->h2Used = h2; } qint64 QHttpNetworkReply::removedContentLength() const @@ -324,15 +324,11 @@ QHttpNetworkReplyPrivate::QHttpNetworkReplyPrivate(const QUrl &newUrl) forceConnectionCloseEnabled(false), lastChunkRead(false), currentChunkSize(0), currentChunkRead(0), readBufferMaxSize(0), - windowSizeDownload(65536), // 64K initial window size according to SPDY standard - windowSizeUpload(65536), // 64K initial window size according to SPDY standard - currentlyReceivedDataInWindow(0), - currentlyUploadedDataInWindow(0), totallyUploadedData(0), removedContentLength(-1), connection(0), autoDecompress(false), responseData(), requestIsPrepared(false) - ,pipeliningUsed(false), spdyUsed(false), downstreamLimited(false) + ,pipeliningUsed(false), h2Used(false), downstreamLimited(false) ,userProvidedDownloadBuffer(0) #ifndef QT_NO_COMPRESS ,inflateStrm(0) diff --git a/src/network/access/qhttpnetworkreply_p.h b/src/network/access/qhttpnetworkreply_p.h index 12cfe359aa..82128f656e 100644 --- a/src/network/access/qhttpnetworkreply_p.h +++ b/src/network/access/qhttpnetworkreply_p.h @@ -137,8 +137,8 @@ public: bool isFinished() const; bool isPipeliningUsed() const; - bool isSpdyUsed() const; - void setSpdyWasUsed(bool spdy); + bool isHttp2Used() const; + void setHttp2WasUsed(bool h2Used); qint64 removedContentLength() const; bool isRedirecting() const; @@ -251,11 +251,7 @@ public: qint64 currentChunkSize; qint64 currentChunkRead; qint64 readBufferMaxSize; - qint32 windowSizeDownload; // only for SPDY - qint32 windowSizeUpload; // only for SPDY - qint32 currentlyReceivedDataInWindow; // only for SPDY - qint32 currentlyUploadedDataInWindow; // only for SPDY - qint64 totallyUploadedData; // only for SPDY + qint64 totallyUploadedData; // HTTP/2 qint64 removedContentLength; QPointer<QHttpNetworkConnection> connection; QPointer<QHttpNetworkConnectionChannel> connectionChannel; @@ -267,7 +263,7 @@ public: bool requestIsPrepared; bool pipeliningUsed; - bool spdyUsed; + bool h2Used; bool downstreamLimited; char* userProvidedDownloadBuffer; diff --git a/src/network/access/qhttpnetworkrequest.cpp b/src/network/access/qhttpnetworkrequest.cpp index a3f71b8d2f..f81924d5d3 100644 --- a/src/network/access/qhttpnetworkrequest.cpp +++ b/src/network/access/qhttpnetworkrequest.cpp @@ -45,7 +45,7 @@ QT_BEGIN_NAMESPACE QHttpNetworkRequestPrivate::QHttpNetworkRequestPrivate(QHttpNetworkRequest::Operation op, QHttpNetworkRequest::Priority pri, const QUrl &newUrl) : QHttpNetworkHeaderPrivate(newUrl), operation(op), priority(pri), uploadByteDevice(0), - autoDecompress(false), pipeliningAllowed(false), spdyAllowed(false), http2Allowed(false), + autoDecompress(false), pipeliningAllowed(false), http2Allowed(false), http2Direct(false), withCredentials(true), preConnect(false), redirectCount(0), redirectPolicy(QNetworkRequest::ManualRedirectPolicy) { @@ -59,7 +59,6 @@ QHttpNetworkRequestPrivate::QHttpNetworkRequestPrivate(const QHttpNetworkRequest uploadByteDevice(other.uploadByteDevice), autoDecompress(other.autoDecompress), pipeliningAllowed(other.pipeliningAllowed), - spdyAllowed(other.spdyAllowed), http2Allowed(other.http2Allowed), http2Direct(other.http2Direct), withCredentials(other.withCredentials), @@ -83,7 +82,6 @@ bool QHttpNetworkRequestPrivate::operator==(const QHttpNetworkRequestPrivate &ot && (uploadByteDevice == other.uploadByteDevice) && (autoDecompress == other.autoDecompress) && (pipeliningAllowed == other.pipeliningAllowed) - && (spdyAllowed == other.spdyAllowed) && (http2Allowed == other.http2Allowed) && (http2Direct == other.http2Direct) // we do not clear the customVerb in setOperation @@ -339,16 +337,6 @@ void QHttpNetworkRequest::setPipeliningAllowed(bool b) d->pipeliningAllowed = b; } -bool QHttpNetworkRequest::isSPDYAllowed() const -{ - return d->spdyAllowed; -} - -void QHttpNetworkRequest::setSPDYAllowed(bool b) -{ - d->spdyAllowed = b; -} - bool QHttpNetworkRequest::isHTTP2Allowed() const { return d->http2Allowed; diff --git a/src/network/access/qhttpnetworkrequest_p.h b/src/network/access/qhttpnetworkrequest_p.h index fb4896195b..f263e348ef 100644 --- a/src/network/access/qhttpnetworkrequest_p.h +++ b/src/network/access/qhttpnetworkrequest_p.h @@ -116,9 +116,6 @@ public: bool isPipeliningAllowed() const; void setPipeliningAllowed(bool b); - bool isSPDYAllowed() const; - void setSPDYAllowed(bool b); - bool isHTTP2Allowed() const; void setHTTP2Allowed(bool b); @@ -176,7 +173,6 @@ public: mutable QNonContiguousByteDevice* uploadByteDevice; bool autoDecompress; bool pipeliningAllowed; - bool spdyAllowed; bool http2Allowed; bool http2Direct; bool withCredentials; diff --git a/src/network/access/qhttpthreaddelegate.cpp b/src/network/access/qhttpthreaddelegate.cpp index 63a3c4f204..2933d75d2c 100644 --- a/src/network/access/qhttpthreaddelegate.cpp +++ b/src/network/access/qhttpthreaddelegate.cpp @@ -236,7 +236,7 @@ QHttpThreadDelegate::QHttpThreadDelegate(QObject *parent) : , synchronous(false) , incomingStatusCode(0) , isPipeliningUsed(false) - , isSpdyUsed(false) + , isHttp2Used(false) , incomingContentLength(-1) , removedContentLength(-1) , incomingErrorCode(QNetworkReply::NoError) @@ -320,17 +320,6 @@ void QHttpThreadDelegate::startRequest() } } -#ifndef QT_NO_SSL - if (!isH2 && httpRequest.isSPDYAllowed() && ssl) { - connectionType = QHttpNetworkConnection::ConnectionTypeSPDY; - urlCopy.setScheme(QStringLiteral("spdy")); // to differentiate SPDY requests from HTTPS requests - QList<QByteArray> nextProtocols; - nextProtocols << QSslConfiguration::NextProtocolSpdy3_0 - << QSslConfiguration::NextProtocolHttp1_1; - incomingSslConfiguration->setAllowedNextProtocols(nextProtocols); - } -#endif // QT_NO_SSL - #ifndef QT_NO_NETWORKPROXY if (transparentProxy.type() != QNetworkProxy::NoProxy) cacheKey = makeCacheKey(urlCopy, &transparentProxy, httpRequest.peerVerifyName()); @@ -652,7 +641,7 @@ void QHttpThreadDelegate::headerChangedSlot() isPipeliningUsed = httpReply->isPipeliningUsed(); incomingContentLength = httpReply->contentLength(); removedContentLength = httpReply->removedContentLength(); - isSpdyUsed = httpReply->isSpdyUsed(); + isHttp2Used = httpReply->isHttp2Used(); emit downloadMetaData(incomingHeaders, incomingStatusCode, @@ -661,7 +650,7 @@ void QHttpThreadDelegate::headerChangedSlot() downloadBuffer, incomingContentLength, removedContentLength, - isSpdyUsed); + isHttp2Used); } void QHttpThreadDelegate::synchronousHeaderChangedSlot() @@ -677,7 +666,7 @@ void QHttpThreadDelegate::synchronousHeaderChangedSlot() incomingStatusCode = httpReply->statusCode(); incomingReasonPhrase = httpReply->reasonPhrase(); isPipeliningUsed = httpReply->isPipeliningUsed(); - isSpdyUsed = httpReply->isSpdyUsed(); + isHttp2Used = httpReply->isHttp2Used(); incomingContentLength = httpReply->contentLength(); } diff --git a/src/network/access/qhttpthreaddelegate_p.h b/src/network/access/qhttpthreaddelegate_p.h index 355d1afc30..208b2cb149 100644 --- a/src/network/access/qhttpthreaddelegate_p.h +++ b/src/network/access/qhttpthreaddelegate_p.h @@ -112,7 +112,7 @@ public: int incomingStatusCode; QString incomingReasonPhrase; bool isPipeliningUsed; - bool isSpdyUsed; + bool isHttp2Used; qint64 incomingContentLength; qint64 removedContentLength; QNetworkReply::NetworkError incomingErrorCode; diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp index ff916ff283..68bd107a83 100644 --- a/src/network/access/qnetworkaccessmanager.cpp +++ b/src/network/access/qnetworkaccessmanager.cpp @@ -1237,12 +1237,10 @@ void QNetworkAccessManager::connectToHostEncrypted(const QString &hostName, quin if (sslConfiguration != QSslConfiguration::defaultConfiguration()) request.setSslConfiguration(sslConfiguration); - // There is no way to enable SPDY/HTTP2 via a request, so we need to check - // the ssl configuration whether SPDY/HTTP2 is allowed here. + // There is no way to enable HTTP2 via a request, so we need to check + // the ssl configuration whether HTTP2 is allowed here. if (sslConfiguration.allowedNextProtocols().contains(QSslConfiguration::ALPNProtocolHTTP2)) request.setAttribute(QNetworkRequest::Http2AllowedAttribute, true); - else if (sslConfiguration.allowedNextProtocols().contains(QSslConfiguration::NextProtocolSpdy3_0)) - request.setAttribute(QNetworkRequest::SpdyAllowedAttribute, true); request.setPeerVerifyName(peerName); get(request); diff --git a/src/network/access/qnetworkaccessmanager.h b/src/network/access/qnetworkaccessmanager.h index aa4765a043..a883bf93fb 100644 --- a/src/network/access/qnetworkaccessmanager.h +++ b/src/network/access/qnetworkaccessmanager.h @@ -56,7 +56,6 @@ class QIODevice; class QAbstractNetworkCache; class QAuthenticator; class QByteArray; -template<typename T> class QList; class QNetworkCookie; class QNetworkCookieJar; class QNetworkReply; diff --git a/src/network/access/qnetworkreplyhttpimpl.cpp b/src/network/access/qnetworkreplyhttpimpl.cpp index ba9d0a76d5..c51cd83bcf 100644 --- a/src/network/access/qnetworkreplyhttpimpl.cpp +++ b/src/network/access/qnetworkreplyhttpimpl.cpp @@ -775,9 +775,6 @@ void QNetworkReplyHttpImplPrivate::postRequest(const QNetworkRequest &newHttpReq if (newHttpRequest.attribute(QNetworkRequest::HttpPipeliningAllowedAttribute).toBool()) httpRequest.setPipeliningAllowed(true); - if (request.attribute(QNetworkRequest::SpdyAllowedAttribute).toBool()) - httpRequest.setSPDYAllowed(true); - if (request.attribute(QNetworkRequest::Http2AllowedAttribute).toBool()) httpRequest.setHTTP2Allowed(true); @@ -969,7 +966,7 @@ void QNetworkReplyHttpImplPrivate::postRequest(const QNetworkRequest &newHttpReq QSharedPointer<char>(), delegate->incomingContentLength, delegate->removedContentLength, - delegate->isSpdyUsed); + delegate->isHttp2Used); replyDownloadData(delegate->synchronousDownloadData); httpError(delegate->incomingErrorCode, delegate->incomingErrorDetail); } else { @@ -981,7 +978,7 @@ void QNetworkReplyHttpImplPrivate::postRequest(const QNetworkRequest &newHttpReq QSharedPointer<char>(), delegate->incomingContentLength, delegate->removedContentLength, - delegate->isSpdyUsed); + delegate->isHttp2Used); replyDownloadData(delegate->synchronousDownloadData); } @@ -1256,7 +1253,7 @@ void QNetworkReplyHttpImplPrivate::replyDownloadMetaData(const QList<QPair<QByte QSharedPointer<char> db, qint64 contentLength, qint64 removedContentLength, - bool spdyWasUsed) + bool h2Used) { Q_Q(QNetworkReplyHttpImpl); Q_UNUSED(contentLength); @@ -1282,16 +1279,7 @@ void QNetworkReplyHttpImplPrivate::replyDownloadMetaData(const QList<QPair<QByte } q->setAttribute(QNetworkRequest::HttpPipeliningWasUsedAttribute, pu); - const QVariant http2Allowed = request.attribute(QNetworkRequest::Http2AllowedAttribute); - const QVariant http2Direct = request.attribute(QNetworkRequest::Http2DirectAttribute); - if ((http2Allowed.isValid() && http2Allowed.toBool()) - || (http2Direct.isValid() && http2Direct.toBool())) { - q->setAttribute(QNetworkRequest::Http2WasUsedAttribute, spdyWasUsed); - q->setAttribute(QNetworkRequest::SpdyWasUsedAttribute, false); - } else { - q->setAttribute(QNetworkRequest::SpdyWasUsedAttribute, spdyWasUsed); - q->setAttribute(QNetworkRequest::Http2WasUsedAttribute, false); - } + q->setAttribute(QNetworkRequest::Http2WasUsedAttribute, h2Used); // reconstruct the HTTP header QList<QPair<QByteArray, QByteArray> > headerMap = hm; diff --git a/src/network/access/qnetworkrequest.cpp b/src/network/access/qnetworkrequest.cpp index 92e5aed38c..c5bbba8216 100644 --- a/src/network/access/qnetworkrequest.cpp +++ b/src/network/access/qnetworkrequest.cpp @@ -272,18 +272,6 @@ QT_BEGIN_NAMESPACE The QNetworkSession ConnectInBackground property will be set according to this attribute. - \value SpdyAllowedAttribute - Requests only, type: QMetaType::Bool (default: false) - Indicates whether the QNetworkAccessManager code is - allowed to use SPDY with this request. This applies only - to SSL requests, and depends on the server supporting SPDY. - Obsolete, use Http2 instead of Spdy. - - \value SpdyWasUsedAttribute - Replies only, type: QMetaType::Bool - Indicates whether SPDY was used for receiving - this reply. Obsolete, use Http2 instead of Spdy. - \value Http2AllowedAttribute Requests only, type: QMetaType::Bool (default: false) Indicates whether the QNetworkAccessManager code is @@ -295,12 +283,6 @@ QT_BEGIN_NAMESPACE Indicates whether HTTP/2 was used for receiving this reply. (This value was introduced in 5.9.) - \value HTTP2AllowedAttribute - Obsolete alias for Http2AllowedAttribute. - - \value HTTP2WasUsedAttribute - Obsolete alias for Http2WasUsedAttribute. - \value EmitAllUploadProgressSignalsAttribute Requests only, type: QMetaType::Bool (default: false) Indicates whether all upload signals should be emitted. diff --git a/src/network/access/qnetworkrequest.h b/src/network/access/qnetworkrequest.h index dcd2c6b61f..cb15ca5aa5 100644 --- a/src/network/access/qnetworkrequest.h +++ b/src/network/access/qnetworkrequest.h @@ -89,18 +89,10 @@ public: DownloadBufferAttribute, // internal SynchronousRequestAttribute, // internal BackgroundRequestAttribute, -#if QT_DEPRECATED_SINCE(5, 15) - SpdyAllowedAttribute, - SpdyWasUsedAttribute, -#endif // QT_DEPRECATED_SINCE(5, 15) EmitAllUploadProgressSignalsAttribute = BackgroundRequestAttribute + 3, FollowRedirectsAttribute, Http2AllowedAttribute, Http2WasUsedAttribute, -#if QT_DEPRECATED_SINCE(5, 15) - HTTP2AllowedAttribute Q_DECL_ENUMERATOR_DEPRECATED_X("Use Http2AllowedAttribute") = Http2AllowedAttribute, - HTTP2WasUsedAttribute Q_DECL_ENUMERATOR_DEPRECATED_X("Use Http2WasUsedAttribute"), -#endif // QT_DEPRECATED_SINCE(5, 15) OriginalContentLengthAttribute, RedirectPolicyAttribute, Http2DirectAttribute, diff --git a/src/network/access/qspdyprotocolhandler.cpp b/src/network/access/qspdyprotocolhandler.cpp deleted file mode 100644 index cc913ce760..0000000000 --- a/src/network/access/qspdyprotocolhandler.cpp +++ /dev/null @@ -1,1304 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2014 BlackBerry Limited. All rights reserved. -** Copyright (C) 2016 The Qt Company Ltd. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#include <private/qspdyprotocolhandler_p.h> -#include <private/qnoncontiguousbytedevice_p.h> -#include <private/qhttpnetworkconnectionchannel_p.h> -#include <QtCore/QtEndian> - -#if !defined(QT_NO_SSL) - -QT_BEGIN_NAMESPACE - -static const char spdyDictionary[] = { - 0x00, 0x00, 0x00, 0x07, 0x6f, 0x70, 0x74, 0x69, // ....opti - 0x6f, 0x6e, 0x73, 0x00, 0x00, 0x00, 0x04, 0x68, // ons....h - 0x65, 0x61, 0x64, 0x00, 0x00, 0x00, 0x04, 0x70, // ead....p - 0x6f, 0x73, 0x74, 0x00, 0x00, 0x00, 0x03, 0x70, // ost....p - 0x75, 0x74, 0x00, 0x00, 0x00, 0x06, 0x64, 0x65, // ut....de - 0x6c, 0x65, 0x74, 0x65, 0x00, 0x00, 0x00, 0x05, // lete.... - 0x74, 0x72, 0x61, 0x63, 0x65, 0x00, 0x00, 0x00, // trace... - 0x06, 0x61, 0x63, 0x63, 0x65, 0x70, 0x74, 0x00, // .accept. - 0x00, 0x00, 0x0e, 0x61, 0x63, 0x63, 0x65, 0x70, // ...accep - 0x74, 0x2d, 0x63, 0x68, 0x61, 0x72, 0x73, 0x65, // t-charse - 0x74, 0x00, 0x00, 0x00, 0x0f, 0x61, 0x63, 0x63, // t....acc - 0x65, 0x70, 0x74, 0x2d, 0x65, 0x6e, 0x63, 0x6f, // ept-enco - 0x64, 0x69, 0x6e, 0x67, 0x00, 0x00, 0x00, 0x0f, // ding.... - 0x61, 0x63, 0x63, 0x65, 0x70, 0x74, 0x2d, 0x6c, // accept-l - 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x00, // anguage. - 0x00, 0x00, 0x0d, 0x61, 0x63, 0x63, 0x65, 0x70, // ...accep - 0x74, 0x2d, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x73, // t-ranges - 0x00, 0x00, 0x00, 0x03, 0x61, 0x67, 0x65, 0x00, // ....age. - 0x00, 0x00, 0x05, 0x61, 0x6c, 0x6c, 0x6f, 0x77, // ...allow - 0x00, 0x00, 0x00, 0x0d, 0x61, 0x75, 0x74, 0x68, // ....auth - 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, // orizatio - 0x6e, 0x00, 0x00, 0x00, 0x0d, 0x63, 0x61, 0x63, // n....cac - 0x68, 0x65, 0x2d, 0x63, 0x6f, 0x6e, 0x74, 0x72, // he-contr - 0x6f, 0x6c, 0x00, 0x00, 0x00, 0x0a, 0x63, 0x6f, // ol....co - 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, // nnection - 0x00, 0x00, 0x00, 0x0c, 0x63, 0x6f, 0x6e, 0x74, // ....cont - 0x65, 0x6e, 0x74, 0x2d, 0x62, 0x61, 0x73, 0x65, // ent-base - 0x00, 0x00, 0x00, 0x10, 0x63, 0x6f, 0x6e, 0x74, // ....cont - 0x65, 0x6e, 0x74, 0x2d, 0x65, 0x6e, 0x63, 0x6f, // ent-enco - 0x64, 0x69, 0x6e, 0x67, 0x00, 0x00, 0x00, 0x10, // ding.... - 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, // content- - 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, // language - 0x00, 0x00, 0x00, 0x0e, 0x63, 0x6f, 0x6e, 0x74, // ....cont - 0x65, 0x6e, 0x74, 0x2d, 0x6c, 0x65, 0x6e, 0x67, // ent-leng - 0x74, 0x68, 0x00, 0x00, 0x00, 0x10, 0x63, 0x6f, // th....co - 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, 0x6c, 0x6f, // ntent-lo - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00, 0x00, // cation.. - 0x00, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, // ..conten - 0x74, 0x2d, 0x6d, 0x64, 0x35, 0x00, 0x00, 0x00, // t-md5... - 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, // .content - 0x2d, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x00, 0x00, // -range.. - 0x00, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, // ..conten - 0x74, 0x2d, 0x74, 0x79, 0x70, 0x65, 0x00, 0x00, // t-type.. - 0x00, 0x04, 0x64, 0x61, 0x74, 0x65, 0x00, 0x00, // ..date.. - 0x00, 0x04, 0x65, 0x74, 0x61, 0x67, 0x00, 0x00, // ..etag.. - 0x00, 0x06, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, // ..expect - 0x00, 0x00, 0x00, 0x07, 0x65, 0x78, 0x70, 0x69, // ....expi - 0x72, 0x65, 0x73, 0x00, 0x00, 0x00, 0x04, 0x66, // res....f - 0x72, 0x6f, 0x6d, 0x00, 0x00, 0x00, 0x04, 0x68, // rom....h - 0x6f, 0x73, 0x74, 0x00, 0x00, 0x00, 0x08, 0x69, // ost....i - 0x66, 0x2d, 0x6d, 0x61, 0x74, 0x63, 0x68, 0x00, // f-match. - 0x00, 0x00, 0x11, 0x69, 0x66, 0x2d, 0x6d, 0x6f, // ...if-mo - 0x64, 0x69, 0x66, 0x69, 0x65, 0x64, 0x2d, 0x73, // dified-s - 0x69, 0x6e, 0x63, 0x65, 0x00, 0x00, 0x00, 0x0d, // ince.... - 0x69, 0x66, 0x2d, 0x6e, 0x6f, 0x6e, 0x65, 0x2d, // if-none- - 0x6d, 0x61, 0x74, 0x63, 0x68, 0x00, 0x00, 0x00, // match... - 0x08, 0x69, 0x66, 0x2d, 0x72, 0x61, 0x6e, 0x67, // .if-rang - 0x65, 0x00, 0x00, 0x00, 0x13, 0x69, 0x66, 0x2d, // e....if- - 0x75, 0x6e, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, // unmodifi - 0x65, 0x64, 0x2d, 0x73, 0x69, 0x6e, 0x63, 0x65, // ed-since - 0x00, 0x00, 0x00, 0x0d, 0x6c, 0x61, 0x73, 0x74, // ....last - 0x2d, 0x6d, 0x6f, 0x64, 0x69, 0x66, 0x69, 0x65, // -modifie - 0x64, 0x00, 0x00, 0x00, 0x08, 0x6c, 0x6f, 0x63, // d....loc - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00, 0x00, 0x00, // ation... - 0x0c, 0x6d, 0x61, 0x78, 0x2d, 0x66, 0x6f, 0x72, // .max-for - 0x77, 0x61, 0x72, 0x64, 0x73, 0x00, 0x00, 0x00, // wards... - 0x06, 0x70, 0x72, 0x61, 0x67, 0x6d, 0x61, 0x00, // .pragma. - 0x00, 0x00, 0x12, 0x70, 0x72, 0x6f, 0x78, 0x79, // ...proxy - 0x2d, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, // -authent - 0x69, 0x63, 0x61, 0x74, 0x65, 0x00, 0x00, 0x00, // icate... - 0x13, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2d, 0x61, // .proxy-a - 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, // uthoriza - 0x74, 0x69, 0x6f, 0x6e, 0x00, 0x00, 0x00, 0x05, // tion.... - 0x72, 0x61, 0x6e, 0x67, 0x65, 0x00, 0x00, 0x00, // range... - 0x07, 0x72, 0x65, 0x66, 0x65, 0x72, 0x65, 0x72, // .referer - 0x00, 0x00, 0x00, 0x0b, 0x72, 0x65, 0x74, 0x72, // ....retr - 0x79, 0x2d, 0x61, 0x66, 0x74, 0x65, 0x72, 0x00, // y-after. - 0x00, 0x00, 0x06, 0x73, 0x65, 0x72, 0x76, 0x65, // ...serve - 0x72, 0x00, 0x00, 0x00, 0x02, 0x74, 0x65, 0x00, // r....te. - 0x00, 0x00, 0x07, 0x74, 0x72, 0x61, 0x69, 0x6c, // ...trail - 0x65, 0x72, 0x00, 0x00, 0x00, 0x11, 0x74, 0x72, // er....tr - 0x61, 0x6e, 0x73, 0x66, 0x65, 0x72, 0x2d, 0x65, // ansfer-e - 0x6e, 0x63, 0x6f, 0x64, 0x69, 0x6e, 0x67, 0x00, // ncoding. - 0x00, 0x00, 0x07, 0x75, 0x70, 0x67, 0x72, 0x61, // ...upgra - 0x64, 0x65, 0x00, 0x00, 0x00, 0x0a, 0x75, 0x73, // de....us - 0x65, 0x72, 0x2d, 0x61, 0x67, 0x65, 0x6e, 0x74, // er-agent - 0x00, 0x00, 0x00, 0x04, 0x76, 0x61, 0x72, 0x79, // ....vary - 0x00, 0x00, 0x00, 0x03, 0x76, 0x69, 0x61, 0x00, // ....via. - 0x00, 0x00, 0x07, 0x77, 0x61, 0x72, 0x6e, 0x69, // ...warni - 0x6e, 0x67, 0x00, 0x00, 0x00, 0x10, 0x77, 0x77, // ng....ww - 0x77, 0x2d, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, // w-authen - 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x00, 0x00, // ticate.. - 0x00, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, // ..method - 0x00, 0x00, 0x00, 0x03, 0x67, 0x65, 0x74, 0x00, // ....get. - 0x00, 0x00, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, // ...statu - 0x73, 0x00, 0x00, 0x00, 0x06, 0x32, 0x30, 0x30, // s....200 - 0x20, 0x4f, 0x4b, 0x00, 0x00, 0x00, 0x07, 0x76, // .OK....v - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x00, 0x00, // ersion.. - 0x00, 0x08, 0x48, 0x54, 0x54, 0x50, 0x2f, 0x31, // ..HTTP.1 - 0x2e, 0x31, 0x00, 0x00, 0x00, 0x03, 0x75, 0x72, // .1....ur - 0x6c, 0x00, 0x00, 0x00, 0x06, 0x70, 0x75, 0x62, // l....pub - 0x6c, 0x69, 0x63, 0x00, 0x00, 0x00, 0x0a, 0x73, // lic....s - 0x65, 0x74, 0x2d, 0x63, 0x6f, 0x6f, 0x6b, 0x69, // et-cooki - 0x65, 0x00, 0x00, 0x00, 0x0a, 0x6b, 0x65, 0x65, // e....kee - 0x70, 0x2d, 0x61, 0x6c, 0x69, 0x76, 0x65, 0x00, // p-alive. - 0x00, 0x00, 0x06, 0x6f, 0x72, 0x69, 0x67, 0x69, // ...origi - 0x6e, 0x31, 0x30, 0x30, 0x31, 0x30, 0x31, 0x32, // n1001012 - 0x30, 0x31, 0x32, 0x30, 0x32, 0x32, 0x30, 0x35, // 01202205 - 0x32, 0x30, 0x36, 0x33, 0x30, 0x30, 0x33, 0x30, // 20630030 - 0x32, 0x33, 0x30, 0x33, 0x33, 0x30, 0x34, 0x33, // 23033043 - 0x30, 0x35, 0x33, 0x30, 0x36, 0x33, 0x30, 0x37, // 05306307 - 0x34, 0x30, 0x32, 0x34, 0x30, 0x35, 0x34, 0x30, // 40240540 - 0x36, 0x34, 0x30, 0x37, 0x34, 0x30, 0x38, 0x34, // 64074084 - 0x30, 0x39, 0x34, 0x31, 0x30, 0x34, 0x31, 0x31, // 09410411 - 0x34, 0x31, 0x32, 0x34, 0x31, 0x33, 0x34, 0x31, // 41241341 - 0x34, 0x34, 0x31, 0x35, 0x34, 0x31, 0x36, 0x34, // 44154164 - 0x31, 0x37, 0x35, 0x30, 0x32, 0x35, 0x30, 0x34, // 17502504 - 0x35, 0x30, 0x35, 0x32, 0x30, 0x33, 0x20, 0x4e, // 505203.N - 0x6f, 0x6e, 0x2d, 0x41, 0x75, 0x74, 0x68, 0x6f, // on-Autho - 0x72, 0x69, 0x74, 0x61, 0x74, 0x69, 0x76, 0x65, // ritative - 0x20, 0x49, 0x6e, 0x66, 0x6f, 0x72, 0x6d, 0x61, // .Informa - 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x30, 0x34, 0x20, // tion204. - 0x4e, 0x6f, 0x20, 0x43, 0x6f, 0x6e, 0x74, 0x65, // No.Conte - 0x6e, 0x74, 0x33, 0x30, 0x31, 0x20, 0x4d, 0x6f, // nt301.Mo - 0x76, 0x65, 0x64, 0x20, 0x50, 0x65, 0x72, 0x6d, // ved.Perm - 0x61, 0x6e, 0x65, 0x6e, 0x74, 0x6c, 0x79, 0x34, // anently4 - 0x30, 0x30, 0x20, 0x42, 0x61, 0x64, 0x20, 0x52, // 00.Bad.R - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x34, 0x30, // equest40 - 0x31, 0x20, 0x55, 0x6e, 0x61, 0x75, 0x74, 0x68, // 1.Unauth - 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x34, 0x30, // orized40 - 0x33, 0x20, 0x46, 0x6f, 0x72, 0x62, 0x69, 0x64, // 3.Forbid - 0x64, 0x65, 0x6e, 0x34, 0x30, 0x34, 0x20, 0x4e, // den404.N - 0x6f, 0x74, 0x20, 0x46, 0x6f, 0x75, 0x6e, 0x64, // ot.Found - 0x35, 0x30, 0x30, 0x20, 0x49, 0x6e, 0x74, 0x65, // 500.Inte - 0x72, 0x6e, 0x61, 0x6c, 0x20, 0x53, 0x65, 0x72, // rnal.Ser - 0x76, 0x65, 0x72, 0x20, 0x45, 0x72, 0x72, 0x6f, // ver.Erro - 0x72, 0x35, 0x30, 0x31, 0x20, 0x4e, 0x6f, 0x74, // r501.Not - 0x20, 0x49, 0x6d, 0x70, 0x6c, 0x65, 0x6d, 0x65, // .Impleme - 0x6e, 0x74, 0x65, 0x64, 0x35, 0x30, 0x33, 0x20, // nted503. - 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, // Service. - 0x55, 0x6e, 0x61, 0x76, 0x61, 0x69, 0x6c, 0x61, // Unavaila - 0x62, 0x6c, 0x65, 0x4a, 0x61, 0x6e, 0x20, 0x46, // bleJan.F - 0x65, 0x62, 0x20, 0x4d, 0x61, 0x72, 0x20, 0x41, // eb.Mar.A - 0x70, 0x72, 0x20, 0x4d, 0x61, 0x79, 0x20, 0x4a, // pr.May.J - 0x75, 0x6e, 0x20, 0x4a, 0x75, 0x6c, 0x20, 0x41, // un.Jul.A - 0x75, 0x67, 0x20, 0x53, 0x65, 0x70, 0x74, 0x20, // ug.Sept. - 0x4f, 0x63, 0x74, 0x20, 0x4e, 0x6f, 0x76, 0x20, // Oct.Nov. - 0x44, 0x65, 0x63, 0x20, 0x30, 0x30, 0x3a, 0x30, // Dec.00.0 - 0x30, 0x3a, 0x30, 0x30, 0x20, 0x4d, 0x6f, 0x6e, // 0.00.Mon - 0x2c, 0x20, 0x54, 0x75, 0x65, 0x2c, 0x20, 0x57, // ..Tue..W - 0x65, 0x64, 0x2c, 0x20, 0x54, 0x68, 0x75, 0x2c, // ed..Thu. - 0x20, 0x46, 0x72, 0x69, 0x2c, 0x20, 0x53, 0x61, // .Fri..Sa - 0x74, 0x2c, 0x20, 0x53, 0x75, 0x6e, 0x2c, 0x20, // t..Sun.. - 0x47, 0x4d, 0x54, 0x63, 0x68, 0x75, 0x6e, 0x6b, // GMTchunk - 0x65, 0x64, 0x2c, 0x74, 0x65, 0x78, 0x74, 0x2f, // ed.text. - 0x68, 0x74, 0x6d, 0x6c, 0x2c, 0x69, 0x6d, 0x61, // html.ima - 0x67, 0x65, 0x2f, 0x70, 0x6e, 0x67, 0x2c, 0x69, // ge.png.i - 0x6d, 0x61, 0x67, 0x65, 0x2f, 0x6a, 0x70, 0x67, // mage.jpg - 0x2c, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x2f, 0x67, // .image.g - 0x69, 0x66, 0x2c, 0x61, 0x70, 0x70, 0x6c, 0x69, // if.appli - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x78, // cation.x - 0x6d, 0x6c, 0x2c, 0x61, 0x70, 0x70, 0x6c, 0x69, // ml.appli - 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x78, // cation.x - 0x68, 0x74, 0x6d, 0x6c, 0x2b, 0x78, 0x6d, 0x6c, // html.xml - 0x2c, 0x74, 0x65, 0x78, 0x74, 0x2f, 0x70, 0x6c, // .text.pl - 0x61, 0x69, 0x6e, 0x2c, 0x74, 0x65, 0x78, 0x74, // ain.text - 0x2f, 0x6a, 0x61, 0x76, 0x61, 0x73, 0x63, 0x72, // .javascr - 0x69, 0x70, 0x74, 0x2c, 0x70, 0x75, 0x62, 0x6c, // ipt.publ - 0x69, 0x63, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, // icprivat - 0x65, 0x6d, 0x61, 0x78, 0x2d, 0x61, 0x67, 0x65, // emax-age - 0x3d, 0x67, 0x7a, 0x69, 0x70, 0x2c, 0x64, 0x65, // .gzip.de - 0x66, 0x6c, 0x61, 0x74, 0x65, 0x2c, 0x73, 0x64, // flate.sd - 0x63, 0x68, 0x63, 0x68, 0x61, 0x72, 0x73, 0x65, // chcharse - 0x74, 0x3d, 0x75, 0x74, 0x66, 0x2d, 0x38, 0x63, // t.utf-8c - 0x68, 0x61, 0x72, 0x73, 0x65, 0x74, 0x3d, 0x69, // harset.i - 0x73, 0x6f, 0x2d, 0x38, 0x38, 0x35, 0x39, 0x2d, // so-8859- - 0x31, 0x2c, 0x75, 0x74, 0x66, 0x2d, 0x2c, 0x2a, // 1.utf-.. - 0x2c, 0x65, 0x6e, 0x71, 0x3d, 0x30, 0x2e // .enq.0. -}; - -// uncomment to debug -//static void printHex(const QByteArray &ba) -//{ -// QByteArray hex; -// QByteArray clearText; -// for (int a = 0; a < ba.count(); ++a) { -// QByteArray currentHexChar = QByteArray(1, ba.at(a)).toHex().rightJustified(2, ' '); -// QByteArray currentChar; -// if (ba.at(a) >= 32 && ba.at(a) < 126) { // if ASCII, print the letter -// currentChar = QByteArray(1, ba.at(a)); -// } else { -// currentChar = " "; -// } -// clearText.append(currentChar.rightJustified(2, ' ')); -// hex.append(currentHexChar); -// hex.append(' '); -// clearText.append(' '); -// } -// int chunkSize = 102; // 12 == 4 bytes per line -// for (int a = 0; a < hex.count(); a += chunkSize) { -// qDebug() << hex.mid(a, chunkSize); -// qDebug() << clearText.mid(a, chunkSize); -// } -//} - -QSpdyProtocolHandler::QSpdyProtocolHandler(QHttpNetworkConnectionChannel *channel) - : QObject(0), QAbstractProtocolHandler(channel), - m_nextStreamID(-1), - m_maxConcurrentStreams(100), // 100 is recommended in the SPDY RFC - m_initialWindowSize(0), - m_waitingForCompleteStream(false) -{ - m_inflateStream.zalloc = Z_NULL; - m_inflateStream.zfree = Z_NULL; - m_inflateStream.opaque = Z_NULL; - int zlibRet = inflateInit(&m_inflateStream); - Q_ASSERT(zlibRet == Z_OK); - - m_deflateStream.zalloc = Z_NULL; - m_deflateStream.zfree = Z_NULL; - m_deflateStream.opaque = Z_NULL; - - // Do actually not compress (i.e. compression level = 0) - // when sending the headers because of the CRIME attack - zlibRet = deflateInit(&m_deflateStream, /* compression level = */ 0); - Q_ASSERT(zlibRet == Z_OK); - Q_UNUSED(zlibRet); // silence -Wunused-variable -} - -QSpdyProtocolHandler::~QSpdyProtocolHandler() -{ - deflateEnd(&m_deflateStream); - deflateEnd(&m_inflateStream); -} - -bool QSpdyProtocolHandler::sendRequest() -{ - Q_ASSERT(!m_reply); - - int maxPossibleRequests = m_maxConcurrentStreams - m_inFlightStreams.count(); - Q_ASSERT(maxPossibleRequests >= 0); - if (maxPossibleRequests == 0) - return true; // return early if max concurrent requests are exceeded - - m_channel->state = QHttpNetworkConnectionChannel::WritingState; - - int requestsToSend = qMin(m_channel->spdyRequestsToSend.size(), maxPossibleRequests); - - QMultiMap<int, HttpMessagePair>::iterator it = m_channel->spdyRequestsToSend.begin(); - // requests will be ordered by priority (see QMultiMap doc) - for (int a = 0; a < requestsToSend; ++a) { - HttpMessagePair currentPair = *it; - QHttpNetworkRequest currentRequest = currentPair.first; - QHttpNetworkReply *currentReply = currentPair.second; - - currentReply->setSpdyWasUsed(true); - qint32 streamID = generateNextStreamID(); - m_streamIDs.insert(currentReply, streamID); - - currentReply->setRequest(currentRequest); - currentReply->d_func()->connection = m_connection; - currentReply->d_func()->connectionChannel = m_channel; - m_inFlightStreams.insert(streamID, currentPair); - connect(currentReply, SIGNAL(destroyed(QObject*)), this, SLOT(_q_replyDestroyed(QObject*))); - - sendSYN_STREAM(currentPair, streamID, /* associatedToStreamID = */ 0); - m_channel->spdyRequestsToSend.erase(it++); - } - m_channel->state = QHttpNetworkConnectionChannel::IdleState; - return true; -} - -void QSpdyProtocolHandler::_q_replyDestroyed(QObject* reply) -{ - qint32 streamID = m_streamIDs.take(reply); - if (m_inFlightStreams.remove(streamID)) - sendRST_STREAM(streamID, RST_STREAM_CANCEL); -} - -void QSpdyProtocolHandler::_q_receiveReply() -{ - Q_ASSERT(m_socket); - - // only run when the QHttpNetworkConnection is not currently being destructed, e.g. - // this function is called from _q_disconnected which is called because - // of ~QHttpNetworkConnectionPrivate - if (!qobject_cast<QHttpNetworkConnection*>(m_connection)) { - return; - } - - if (bytesAvailable() < 8) - return; // cannot read frame headers, wait for more data - - char frameHeadersRaw[8]; - if (!readNextChunk(8, frameHeadersRaw)) - return; // this should not happen, we just checked - - const QByteArray frameHeaders(frameHeadersRaw, 8); // ### try without memcpy - if (frameHeadersRaw[0] & 0x80) { - handleControlFrame(frameHeaders); - } else { - handleDataFrame(frameHeaders); - } - - // after handling the current frame, check whether there is more data waiting - if (m_socket->bytesAvailable() > 0) - QMetaObject::invokeMethod(m_channel, "_q_receiveReply", Qt::QueuedConnection); -} - -void QSpdyProtocolHandler::_q_readyRead() -{ - _q_receiveReply(); -} - -static qint16 twoBytesToInt(const char *bytes) -{ - return qFromBigEndian<qint16>(bytes); -} - -static qint32 threeBytesToInt(const char *bytes) -{ - return qFromBigEndian<qint32>(bytes) >> 8; -} - -static qint32 fourBytesToInt(const char *bytes) -{ - return qFromBigEndian<qint32>(bytes); -} - -static void appendIntToThreeBytes(char *output, qint32 number) -{ - qToBigEndian<qint16>(number, output + 1); - qToBigEndian<qint8>(number >> 16, output); -} - -static void appendIntToFourBytes(char *output, qint32 number) -{ - qToBigEndian<qint32>(number, output); -} - -static QByteArray intToFourBytes(qint32 number) // ### try to use appendIntToFourBytes where possible -{ - char data[4]; - qToBigEndian<qint32>(number, data); - QByteArray ret(data, 4); - return ret; -} - -static QByteArray intToThreeBytes(qint32 number) -{ - char data[4]; - qToBigEndian<qint32>(number << 8, data); - QByteArray ret(data, 3); - return ret; -} - -static qint32 getStreamID(const char *bytes) -{ - // eliminate most significant bit; it might be 0 or 1 depending on whether - // we are dealing with a control or data frame - return fourBytesToInt(bytes) & 0x3fffffff; -} - -static QByteArray headerField(const QByteArray &name, const QByteArray &value) -{ - QByteArray ret; - ret.reserve(name.count() + value.count() + 8); // 4 byte for length each - ret.append(intToFourBytes(name.count())); - ret.append(name); - ret.append(intToFourBytes(value.count())); - ret.append(value); - return ret; -} - -bool QSpdyProtocolHandler::uncompressHeader(const QByteArray &input, QByteArray *output) -{ - const size_t chunkSize = 1024; - char outputRaw[chunkSize]; - // input bytes will not be changed by zlib, so it is safe to const_cast here - m_inflateStream.next_in = const_cast<Bytef *>(reinterpret_cast<const Bytef *>(input.constData())); - m_inflateStream.avail_in = input.count(); - m_inflateStream.total_in = input.count(); - int zlibRet; - - do { - m_inflateStream.next_out = reinterpret_cast<Bytef *>(outputRaw); - m_inflateStream.avail_out = chunkSize; - zlibRet = inflate(&m_inflateStream, Z_SYNC_FLUSH); - if (zlibRet == Z_NEED_DICT) { - zlibRet = inflateSetDictionary(&m_inflateStream, - reinterpret_cast<const Bytef*>(spdyDictionary), - /* dictionaryLength = */ 1423); - Q_ASSERT(zlibRet == Z_OK); - continue; - } - switch (zlibRet) { - case Z_BUF_ERROR: { - if (m_inflateStream.avail_in == 0) { - int outputSize = chunkSize - m_inflateStream.avail_out; - output->append(outputRaw, outputSize); - m_inflateStream.avail_out = chunkSize; - } - break; - } - case Z_OK: { - int outputSize = chunkSize - m_inflateStream.avail_out; - output->append(outputRaw, outputSize); - break; - } - default: { - qWarning("got unexpected zlib return value: %d", zlibRet); - return false; - } - } - } while (m_inflateStream.avail_in > 0 && zlibRet != Z_STREAM_END); - - Q_ASSERT(m_inflateStream.avail_in == 0); - return true; -} - -QByteArray QSpdyProtocolHandler::composeHeader(const QHttpNetworkRequest &request) -{ - QByteArray uncompressedHeader; - uncompressedHeader.reserve(300); // rough estimate - - // calculate additional headers first, because we need to know the size - // ### do not partially copy the list, but restrict the set header fields - // in QHttpNetworkConnection - QVector<QPair<QByteArray, QByteArray> > additionalHeaders; - for (int a = 0; a < request.header().count(); ++a) { - QByteArray key = request.header().at(a).first; - if (key == "Connection" || key == "Host" || key == "Keep-Alive" - || key == "Proxy-Connection" || key == "Transfer-Encoding") - continue; // those headers are not valid (section 3.2.1) - additionalHeaders.append(request.header().at(a)); - } - - qint32 numberOfHeaderPairs = 5 + additionalHeaders.count(); // 5 mandatory below + the additional ones - uncompressedHeader.append(intToFourBytes(numberOfHeaderPairs)); - - // mandatory header fields: - - uncompressedHeader.append(headerField(":method", request.methodName())); -#ifndef QT_NO_NETWORKPROXY - bool useProxy = m_connection->d_func()->networkProxy.type() != QNetworkProxy::NoProxy; - uncompressedHeader.append(headerField(":path", request.uri(useProxy))); -#else - uncompressedHeader.append(headerField(":path", request.uri(false))); -#endif - uncompressedHeader.append(headerField(":version", "HTTP/1.1")); - - uncompressedHeader.append(headerField(":host", request.url().authority(QUrl::FullyEncoded | QUrl::RemoveUserInfo).toLatin1())); - - uncompressedHeader.append(headerField(":scheme", request.url().scheme().toLatin1())); - - // end of mandatory header fields - - // now add the additional headers - for (int a = 0; a < additionalHeaders.count(); ++a) { - uncompressedHeader.append(headerField(additionalHeaders.at(a).first.toLower(), - additionalHeaders.at(a).second)); - } - - m_deflateStream.total_in = uncompressedHeader.count(); - m_deflateStream.avail_in = uncompressedHeader.count(); - m_deflateStream.next_in = reinterpret_cast<unsigned char *>(uncompressedHeader.data()); - int outputBytes = uncompressedHeader.count() + 30; // 30 bytes of compression header overhead - m_deflateStream.avail_out = outputBytes; - unsigned char *out = new unsigned char[outputBytes]; - m_deflateStream.next_out = out; - int availOutBefore = m_deflateStream.avail_out; - int zlibRet = deflate(&m_deflateStream, Z_SYNC_FLUSH); // do everything in one go since we use no compression - int compressedHeaderSize = availOutBefore - m_deflateStream.avail_out; - Q_ASSERT(zlibRet == Z_OK); // otherwise, we need to allocate more outputBytes - Q_UNUSED(zlibRet); // silence -Wunused-variable - Q_ASSERT(m_deflateStream.avail_in == 0); - QByteArray compressedHeader(reinterpret_cast<char *>(out), compressedHeaderSize); - delete[] out; - - return compressedHeader; -} - -quint64 QSpdyProtocolHandler::bytesAvailable() const -{ - Q_ASSERT(m_socket); - return m_spdyBuffer.byteAmount() + m_socket->bytesAvailable(); -} - -bool QSpdyProtocolHandler::readNextChunk(qint64 length, char *sink) -{ - qint64 expectedReadBytes = length; - qint64 requiredBytesFromBuffer = 0; - - if (m_waitingForCompleteStream) { - requiredBytesFromBuffer = qMin(length, m_spdyBuffer.byteAmount()); - // ### if next chunk from buffer bigger than what we want to read, - // we have to call read() (which memcpy's). Otherwise, we can just - // read the next chunk without memcpy'ing. - qint64 bytesReadFromBuffer = m_spdyBuffer.read(sink, requiredBytesFromBuffer); - Q_ASSERT(bytesReadFromBuffer == requiredBytesFromBuffer); - if (length <= bytesReadFromBuffer) { - return true; // buffer > required size -> no need to read from socket - } - expectedReadBytes -= requiredBytesFromBuffer; - } - qint64 readBytes = m_socket->read(sink + requiredBytesFromBuffer, expectedReadBytes); - - if (readBytes < expectedReadBytes) { - m_waitingForCompleteStream = true; - // ### this is inefficient, we should not put back so much data into the buffer - QByteArray temp(sink, requiredBytesFromBuffer + readBytes); - m_spdyBuffer.append(temp); - return false; - } else { - return true; // buffer must be cleared by calling function - } -} - -void QSpdyProtocolHandler::sendControlFrame(FrameType type, - ControlFrameFlags flags, - const char *data, - quint32 length) -{ - // frame type and stream ID - char header[8]; - header[0] = 0x80u; // leftmost bit == 1 -> is a control frame - header[1] = 0x03; // 3 bit == version 3 - header[2] = 0; - switch (type) { - case FrameType_CREDENTIAL: { - qWarning("sending SPDY CREDENTIAL frame is not yet implemented"); // QTBUG-36188 - return; - } - default: - header[3] = type; - } - - // flags - header[4] = 0; - if (flags & ControlFrame_FLAG_FIN || length == 0) { - Q_ASSERT(type == FrameType_SYN_STREAM || type == FrameType_SYN_REPLY - || type == FrameType_HEADERS || length == 0); - header[4] |= ControlFrame_FLAG_FIN; - } - if (flags & ControlFrame_FLAG_UNIDIRECTIONAL) { - Q_ASSERT(type == FrameType_SYN_STREAM); - header[4] |= ControlFrame_FLAG_UNIDIRECTIONAL; - } - - // length - appendIntToThreeBytes(header + 5, length); - - qint64 written = m_socket->write(header, 8); - Q_ASSERT(written == 8); - written = m_socket->write(data, length); - Q_ASSERT(written == length); - Q_UNUSED(written); // silence -Wunused-variable -} - -void QSpdyProtocolHandler::sendSYN_STREAM(const HttpMessagePair &messagePair, - qint32 streamID, qint32 associatedToStreamID) -{ - QHttpNetworkRequest request = messagePair.first; - QHttpNetworkReply *reply = messagePair.second; - - ControlFrameFlags flags; - - if (!request.uploadByteDevice()) { - // no upload -> this is the last frame, send the FIN flag - flags |= ControlFrame_FLAG_FIN; - reply->d_func()->state = QHttpNetworkReplyPrivate::SPDYHalfClosed; - } else { - reply->d_func()->state = QHttpNetworkReplyPrivate::SPDYUploading; - - // hack: set the stream ID on the device directly, so when we get - // the signal for uploading we know which stream we are sending on - m_streamIDs.insert(request.uploadByteDevice(), streamID); - - QObject::connect(request.uploadByteDevice(), SIGNAL(readyRead()), this, - SLOT(_q_uploadDataReadyRead()), Qt::QueuedConnection); - QObject::connect(request.uploadByteDevice(), SIGNAL(destroyed(QObject*)), this, - SLOT(_q_uploadDataDestroyed(QObject *))); - } - - QByteArray namesAndValues = composeHeader(request); - quint32 length = namesAndValues.count() + 10; // 10 == 4 for Stream-ID + 4 for Associated-To-Stream-ID - // + 2 for Priority, Unused and Slot - - QByteArray wireData; - wireData.reserve(length); - wireData.append(intToFourBytes(streamID)); - wireData.append(intToFourBytes(associatedToStreamID)); - - // priority (3 bits) / unused (5 bits) / slot (8 bits) - char prioAndSlot[2]; - switch (request.priority()) { - case QHttpNetworkRequest::HighPriority: - prioAndSlot[0] = 0x00; // == prio 0 (highest) - break; - case QHttpNetworkRequest::NormalPriority: - prioAndSlot[0] = 0x80u; // == prio 4 - break; - case QHttpNetworkRequest::LowPriority: - prioAndSlot[0] = 0xe0u; // == prio 7 (lowest) - break; - } - prioAndSlot[1] = 0x00; // slot in client certificates (not supported currently) - wireData.append(prioAndSlot, 2); - - wireData.append(namesAndValues); - - sendControlFrame(FrameType_SYN_STREAM, flags, wireData.constData(), length); - - if (reply->d_func()->state == QHttpNetworkReplyPrivate::SPDYUploading) - uploadData(streamID); -} - -void QSpdyProtocolHandler::_q_uploadDataDestroyed(QObject *uploadData) -{ - m_streamIDs.remove(uploadData); -} - -void QSpdyProtocolHandler::sendRST_STREAM(qint32 streamID, RST_STREAM_STATUS_CODE statusCode) -{ - char wireData[8]; - appendIntToFourBytes(wireData, streamID); - appendIntToFourBytes(wireData + 4, statusCode); - sendControlFrame(FrameType_RST_STREAM, /* flags = */ { }, wireData, /* length = */ 8); -} - -void QSpdyProtocolHandler::sendPING(quint32 pingID) -{ - char rawData[4]; - appendIntToFourBytes(rawData, pingID); - sendControlFrame(FrameType_PING, /* flags = */ { }, rawData, /* length = */ 4); -} - -bool QSpdyProtocolHandler::uploadData(qint32 streamID) -{ - // we only rely on SPDY flow control here and don't care about TCP buffers - if (!m_inFlightStreams.contains(streamID)) { - sendRST_STREAM(streamID, RST_STREAM_INVALID_STREAM); - return false; - } - - HttpMessagePair messagePair = m_inFlightStreams.value(streamID); - QHttpNetworkRequest request = messagePair.first; - QHttpNetworkReply *reply = messagePair.second; - Q_ASSERT(reply); - QHttpNetworkReplyPrivate *replyPrivate = reply->d_func(); - Q_ASSERT(replyPrivate); - - if (reply->d_func()->state == QHttpNetworkReplyPrivate::SPDYHalfClosed || reply->d_func()->state == QHttpNetworkReplyPrivate::SPDYClosed) { - qWarning("Trying to upload to closed stream"); - return false; - } - - qint32 dataLeftInWindow = replyPrivate->windowSizeUpload - - replyPrivate->currentlyUploadedDataInWindow; - - while (dataLeftInWindow > 0 && !request.uploadByteDevice()->atEnd()) { - - // get pointer to upload data - qint64 currentReadSize = 0; - const char *readPointer = request.uploadByteDevice()->readPointer(dataLeftInWindow, - currentReadSize); - - if (currentReadSize == -1) { - // premature eof happened - m_connection->d_func()->emitReplyError(m_socket, reply, - QNetworkReply::UnknownNetworkError); - return false; - } else if (readPointer == 0 || currentReadSize == 0) { - // nothing to read currently, break the loop - break; - } else { - DataFrameFlags flags; - // we will send the FIN flag later if appropriate - qint64 currentWriteSize = sendDataFrame(streamID, flags, currentReadSize, readPointer); - if (currentWriteSize == -1 || currentWriteSize != currentReadSize) { - // socket broke down - m_connection->d_func()->emitReplyError(m_socket, reply, - QNetworkReply::UnknownNetworkError); - return false; - } else { - replyPrivate->currentlyUploadedDataInWindow += currentWriteSize; - replyPrivate->totallyUploadedData += currentWriteSize; - dataLeftInWindow = replyPrivate->windowSizeUpload - - replyPrivate->currentlyUploadedDataInWindow; - request.uploadByteDevice()->advanceReadPointer(currentWriteSize); - - emit reply->dataSendProgress(replyPrivate->totallyUploadedData, - request.contentLength()); - } - } - } - if (replyPrivate->totallyUploadedData == request.contentLength()) { - DataFrameFlags finFlag = DataFrame_FLAG_FIN; - qint64 writeSize = sendDataFrame(streamID, finFlag, 0, 0); - Q_ASSERT(writeSize == 0); - Q_UNUSED(writeSize); // silence -Wunused-variable - replyPrivate->state = QHttpNetworkReplyPrivate::SPDYHalfClosed; - if (reply->request().uploadByteDevice()) - reply->request().uploadByteDevice()->disconnect(this); - // ### this will not work if the content length is not known, but - // then again many servers will fail in this case anyhow according - // to the SPDY RFC - } - return true; -} - -void QSpdyProtocolHandler::_q_uploadDataReadyRead() -{ - QNonContiguousByteDevice *device = qobject_cast<QNonContiguousByteDevice *>(sender()); - Q_ASSERT(device); - qint32 streamID = m_streamIDs.value(device); - Q_ASSERT(streamID > 0); - uploadData(streamID); -} - -void QSpdyProtocolHandler::sendWINDOW_UPDATE(qint32 streamID, quint32 deltaWindowSize) -{ - char windowUpdateData[8]; - appendIntToFourBytes(windowUpdateData, streamID); - appendIntToFourBytes(windowUpdateData + 4, deltaWindowSize); - - sendControlFrame(FrameType_WINDOW_UPDATE, /* flags = */ { }, windowUpdateData, /* length = */ 8); -} - -qint64 QSpdyProtocolHandler::sendDataFrame(qint32 streamID, DataFrameFlags flags, - quint32 length, const char *data) -{ - QByteArray wireData; - wireData.reserve(8); - - wireData.append(intToFourBytes(streamID)); - wireData.append(flags); - wireData.append(intToThreeBytes(length)); - - Q_ASSERT(m_socket); - m_socket->write(wireData); - - if (data) { - qint64 ret = m_socket->write(data, length); - return ret; - } else { - return 0; // nothing to write, e.g. FIN flag - } -} - -void QSpdyProtocolHandler::handleControlFrame(const QByteArray &frameHeaders) // ### make it char * -{ - Q_ASSERT(frameHeaders.count() >= 8); - qint16 version = twoBytesToInt(frameHeaders.constData()); - version &= 0x3fff; // eliminate most significant bit to determine version - Q_ASSERT(version == 3); - - qint16 type = twoBytesToInt(frameHeaders.constData() + 2); - - char flags = frameHeaders.at(4); - qint32 length = threeBytesToInt(frameHeaders.constData() + 5); - Q_ASSERT(length > 0); - - QByteArray frameData; - frameData.resize(length); - if (!readNextChunk(length, frameData.data())) { - // put back the frame headers to the buffer - m_spdyBuffer.prepend(frameHeaders); - return; // we couldn't read the whole frame and need to wait - } else { - m_spdyBuffer.clear(); - m_waitingForCompleteStream = false; - } - - switch (type) { - case FrameType_SYN_STREAM: { - handleSYN_STREAM(flags, length, frameData); - break; - } - case FrameType_SYN_REPLY: { - handleSYN_REPLY(flags, length, frameData); - break; - } - case FrameType_RST_STREAM: { - handleRST_STREAM(flags, length, frameData); - break; - } - case FrameType_SETTINGS: { - handleSETTINGS(flags, length, frameData); - break; - } - case FrameType_PING: { - handlePING(flags, length, frameData); - break; - } - case FrameType_GOAWAY: { - handleGOAWAY(flags, length, frameData); - break; - } - case FrameType_HEADERS: { - handleHEADERS(flags, length, frameData); - break; - } - case FrameType_WINDOW_UPDATE: { - handleWINDOW_UPDATE(flags, length, frameData); - break; - } - default: - qWarning("cannot handle frame of type %d", int(type)); - } -} - -void QSpdyProtocolHandler::handleSYN_STREAM(char /*flags*/, quint32 /*length*/, - const QByteArray &frameData) -{ - // not implemented; will be implemented when servers start using it - // we just tell the server that we do not accept that - - qint32 streamID = getStreamID(frameData.constData()); - - sendRST_STREAM(streamID, RST_STREAM_REFUSED_STREAM); -} - -void QSpdyProtocolHandler::handleSYN_REPLY(char flags, quint32 /*length*/, const QByteArray &frameData) -{ - parseHttpHeaders(flags, frameData); -} - -void QSpdyProtocolHandler::parseHttpHeaders(char flags, const QByteArray &frameData) -{ - qint32 streamID = getStreamID(frameData.constData()); - const auto it = m_inFlightStreams.constFind(streamID); - if (it == m_inFlightStreams.cend()) { - sendRST_STREAM(streamID, RST_STREAM_INVALID_STREAM); - return; - } - - flags &= 0x3f; - bool flag_fin = flags & 0x01; - - QByteArray headerValuePairs = frameData.mid(4); - - HttpMessagePair pair = it.value(); - QHttpNetworkReply *httpReply = pair.second; - Q_ASSERT(httpReply != 0); - - if (httpReply->d_func()->state == QHttpNetworkReplyPrivate::SPDYClosed) { - sendRST_STREAM(streamID, RST_STREAM_STREAM_ALREADY_CLOSED); - return; - } - - QByteArray uncompressedHeader; - if (!uncompressHeader(headerValuePairs, &uncompressedHeader)) { - qWarning("error reading header from SYN_REPLY message"); - return; - } - - qint32 headerCount = fourBytesToInt(uncompressedHeader.constData()); - if (headerCount * 8 > uncompressedHeader.size()) { - qWarning("error parsing header from SYN_REPLY message"); - sendRST_STREAM(streamID, RST_STREAM_PROTOCOL_ERROR); - return; - } - qint32 readPointer = 4; - for (qint32 a = 0; a < headerCount; ++a) { - qint32 count = fourBytesToInt(uncompressedHeader.constData() + readPointer); - readPointer += 4; - QByteArray name = uncompressedHeader.mid(readPointer, count); - readPointer += count; - if (readPointer > uncompressedHeader.size()) { - qWarning("error parsing header from SYN_REPLY message"); - sendRST_STREAM(streamID, RST_STREAM_PROTOCOL_ERROR); - return; - } - count = fourBytesToInt(uncompressedHeader.constData() + readPointer); - readPointer += 4; - QByteArray value = uncompressedHeader.mid(readPointer, count); - readPointer += count; - if (readPointer > uncompressedHeader.size()) { - qWarning("error parsing header from SYN_REPLY message"); - sendRST_STREAM(streamID, RST_STREAM_PROTOCOL_ERROR); - return; - } - if (name == ":status") { - httpReply->setStatusCode(value.left(3).toInt()); - httpReply->d_func()->reasonPhrase = QString::fromLatin1(value.mid(4)); - } else if (name == ":version") { - int majorVersion = value.at(5) - 48; - int minorVersion = value.at(7) - 48; - httpReply->d_func()->majorVersion = majorVersion; - httpReply->d_func()->minorVersion = minorVersion; - } else if (name == "content-length") { - httpReply->setContentLength(value.toLongLong()); - } else { - value.replace('\0', name == "set-cookie" ? "\n" : ", "); - httpReply->setHeaderField(name, value); - } - } - emit httpReply->headerChanged(); - - if (flag_fin) { - if (httpReply->d_func()->state != QHttpNetworkReplyPrivate::SPDYHalfClosed) - sendDataFrame(streamID, DataFrame_FLAG_FIN, 0, 0); - replyFinished(httpReply, streamID); - } -} - -void QSpdyProtocolHandler::handleRST_STREAM(char /*flags*/, quint32 length, - const QByteArray &frameData) -{ - // flags are ignored - - Q_ASSERT(length == 8); - Q_UNUSED(length); // silence -Wunused-parameter - qint32 streamID = getStreamID(frameData.constData()); - QHttpNetworkReply *httpReply = m_inFlightStreams.value(streamID).second; - - qint32 statusCodeInt = fourBytesToInt(frameData.constData() + 4); - RST_STREAM_STATUS_CODE statusCode = static_cast<RST_STREAM_STATUS_CODE>(statusCodeInt); - QNetworkReply::NetworkError errorCode; - QByteArray errorMessage; - - switch (statusCode) { - case RST_STREAM_PROTOCOL_ERROR: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "SPDY protocol error"; - break; - case RST_STREAM_INVALID_STREAM: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "SPDY stream is not active"; - break; - case RST_STREAM_REFUSED_STREAM: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "SPDY stream was refused"; - break; - case RST_STREAM_UNSUPPORTED_VERSION: - errorCode = QNetworkReply::ProtocolUnknownError; - errorMessage = "SPDY version is unknown to the server"; - break; - case RST_STREAM_CANCEL: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "SPDY stream is no longer needed"; - break; - case RST_STREAM_INTERNAL_ERROR: - errorCode = QNetworkReply::InternalServerError; - errorMessage = "Internal server error"; - break; - case RST_STREAM_FLOW_CONTROL_ERROR: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "peer violated the flow control protocol"; - break; - case RST_STREAM_STREAM_IN_USE: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "server received a SYN_REPLY for an already open stream"; - break; - case RST_STREAM_STREAM_ALREADY_CLOSED: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "server received data or a SYN_REPLY for an already half-closed stream"; - break; - case RST_STREAM_INVALID_CREDENTIALS: - errorCode = QNetworkReply::ContentAccessDenied; - errorMessage = "server received invalid credentials"; - break; - case RST_STREAM_FRAME_TOO_LARGE: - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "server cannot process the frame because it is too large"; - break; - default: - qWarning("could not understand servers RST_STREAM status code"); - errorCode = QNetworkReply::ProtocolFailure; - errorMessage = "got SPDY RST_STREAM message with unknown error code"; - } - if (httpReply) - replyFinishedWithError(httpReply, streamID, errorCode, errorMessage.constData()); -} - -void QSpdyProtocolHandler::handleSETTINGS(char flags, quint32 /*length*/, const QByteArray &frameData) -{ - Q_ASSERT(frameData.count() > 0); - - SETTINGS_Flags settingsFlags = static_cast<SETTINGS_Flags>(flags); - if (settingsFlags & FLAG_SETTINGS_CLEAR_SETTINGS) { - // ### clear all persistent settings; since we do not persist settings - // as of now, we don't need to clear anything either - } - - qint32 numberOfEntries = fourBytesToInt(frameData.constData()); - Q_ASSERT(numberOfEntries > 0); - for (int a = 0, frameDataIndex = 4; a < numberOfEntries; ++a, frameDataIndex += 8) { - SETTINGS_ID_Flag idFlag = static_cast<SETTINGS_ID_Flag>(frameData[frameDataIndex]); - if (idFlag & FLAG_SETTINGS_PERSIST_VALUE) { - // ### we SHOULD persist the settings here according to the RFC, but we don't have to, - // so implement that later - } // the other value is only sent by us, but not received - - quint32 uniqueID = static_cast<SETTINGS_ID>( - threeBytesToInt(frameData.constData() + frameDataIndex + 1)); - quint32 value = fourBytesToInt(frameData.constData() + frameDataIndex + 4); - switch (uniqueID) { - case SETTINGS_UPLOAD_BANDWIDTH: { - // ignored for now, just an estimated informative value - break; - } - case SETTINGS_DOWNLOAD_BANDWIDTH: { - // ignored for now, just an estimated informative value - break; - } - case SETTINGS_ROUND_TRIP_TIME: { - // ignored for now, just an estimated informative value - break; - } - case SETTINGS_MAX_CONCURRENT_STREAMS: { - m_maxConcurrentStreams = value; - break; - } - case SETTINGS_CURRENT_CWND: { - // ignored for now, just an informative value - break; - } - case SETTINGS_DOWNLOAD_RETRANS_RATE: { - // ignored for now, just an estimated informative value - break; - } - case SETTINGS_INITIAL_WINDOW_SIZE: { - m_initialWindowSize = value; - break; - } - case SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE: { - // client certificates are not supported - break; - } - default: - qWarning("found unknown settings value %u", uint(value)); - } - } -} - -void QSpdyProtocolHandler::handlePING(char /*flags*/, quint32 length, const QByteArray &frameData) -{ - // flags are ignored - - Q_ASSERT(length == 4); - Q_UNUSED(length); // silence -Wunused-parameter - quint32 pingID = fourBytesToInt(frameData.constData()); - - // odd numbered IDs must be ignored - if ((pingID & 1) == 0) // is even? - sendPING(pingID); -} - -void QSpdyProtocolHandler::handleGOAWAY(char /*flags*/, quint32 /*length*/, - const QByteArray &frameData) -{ - // flags are ignored - - qint32 statusCode = static_cast<GOAWAY_STATUS>(fourBytesToInt(frameData.constData() + 4)); - QNetworkReply::NetworkError errorCode; - switch (statusCode) { - case GOAWAY_OK: { - errorCode = QNetworkReply::NoError; - break; - } - case GOAWAY_PROTOCOL_ERROR: { - errorCode = QNetworkReply::ProtocolFailure; - break; - } - case GOAWAY_INTERNAL_ERROR: { - errorCode = QNetworkReply::InternalServerError; - break; - } - default: - qWarning("unexpected status code %d", int(statusCode)); - errorCode = QNetworkReply::ProtocolUnknownError; - } - - qint32 lastGoodStreamID = getStreamID(frameData.constData()); - - // emit errors for all replies after the last good stream ID - Q_ASSERT(m_connection); - for (qint32 currentStreamID = lastGoodStreamID + 2; currentStreamID <= m_nextStreamID; - ++currentStreamID) { - QHttpNetworkReply *reply = m_inFlightStreams.value(currentStreamID).second; - Q_ASSERT(reply); - m_connection->d_func()->emitReplyError(m_socket, reply, errorCode); - } - // ### we could make sure a new session is initiated anyhow -} - -void QSpdyProtocolHandler::handleHEADERS(char flags, quint32 /*length*/, - const QByteArray &frameData) -{ - parseHttpHeaders(flags, frameData); -} - -void QSpdyProtocolHandler::handleWINDOW_UPDATE(char /*flags*/, quint32 /*length*/, - const QByteArray &frameData) -{ - qint32 streamID = getStreamID(frameData.constData()); - qint32 deltaWindowSize = fourBytesToInt(frameData.constData() + 4); - - const auto it = m_inFlightStreams.constFind(streamID); - if (it == m_inFlightStreams.cend()) { - sendRST_STREAM(streamID, RST_STREAM_INVALID_STREAM); - return; - } - - QHttpNetworkReply *reply = it.value().second; - Q_ASSERT(reply); - QHttpNetworkReplyPrivate *replyPrivate = reply->d_func(); - Q_ASSERT(replyPrivate); - - // Ignore WINDOW_UPDATE if we are already done. - if (replyPrivate->state == QHttpNetworkReplyPrivate::SPDYHalfClosed || replyPrivate->state == QHttpNetworkReplyPrivate::SPDYClosed) - return; - - replyPrivate->currentlyUploadedDataInWindow = replyPrivate->windowSizeUpload - deltaWindowSize; - uploadData(streamID); // we hopefully can continue to upload -} - - -void QSpdyProtocolHandler::handleDataFrame(const QByteArray &frameHeaders) -{ - Q_ASSERT(frameHeaders.count() >= 8); - - qint32 streamID = getStreamID(frameHeaders.constData()); - const auto it = m_inFlightStreams.constFind(streamID); - if (it == m_inFlightStreams.cend()) { - sendRST_STREAM(streamID, RST_STREAM_INVALID_STREAM); - return; - } - - unsigned char flags = static_cast<unsigned char>(frameHeaders.at(4)); - flags &= 0x3f; - bool flag_fin = flags & 0x01; - bool flag_compress = flags & 0x02; - qint32 length = threeBytesToInt(frameHeaders.constData() + 5); - - QByteArray data; - data.resize(length); - if (!readNextChunk(length, data.data())) { - // put back the frame headers to the buffer - m_spdyBuffer.prepend(frameHeaders); - return; // we couldn't read the whole frame and need to wait - } else { - m_spdyBuffer.clear(); - m_waitingForCompleteStream = false; - } - - HttpMessagePair pair = it.value(); - QHttpNetworkRequest httpRequest = pair.first; - QHttpNetworkReply *httpReply = pair.second; - Q_ASSERT(httpReply != 0); - - QHttpNetworkReplyPrivate *replyPrivate = httpReply->d_func(); - - if (replyPrivate->state == QHttpNetworkReplyPrivate::SPDYClosed) { - sendRST_STREAM(streamID, RST_STREAM_STREAM_ALREADY_CLOSED); - return; - } - - // check whether we need to send WINDOW_UPDATE (i.e. tell the sender it can send more) - replyPrivate->currentlyReceivedDataInWindow += length; - qint32 dataLeftInWindow = replyPrivate->windowSizeDownload - replyPrivate->currentlyReceivedDataInWindow; - - if (replyPrivate->currentlyReceivedDataInWindow > 0 - && dataLeftInWindow < replyPrivate->windowSizeDownload / 2) { - - // socket read buffer size is 64K actually, hard coded in the channel - // We can read way more than 64K per socket, because the window size - // here is per stream. - if (replyPrivate->windowSizeDownload >= m_socket->readBufferSize()) { - replyPrivate->windowSizeDownload = m_socket->readBufferSize(); - } else { - replyPrivate->windowSizeDownload *= 1.5; - } - QMetaObject::invokeMethod(this, "sendWINDOW_UPDATE", Qt::QueuedConnection, - Q_ARG(qint32, streamID), - Q_ARG(quint32, replyPrivate->windowSizeDownload)); - // setting the current data count to 0 is a race condition, - // because we call sendWINDOW_UPDATE through the event loop. - // But then again, the whole situation is a race condition because - // we don't know when the packet will arrive at the server; so - // this is most likely good enough here. - replyPrivate->currentlyReceivedDataInWindow = 0; - } - - httpReply->d_func()->compressedData.append(data); - - - replyPrivate->totalProgress += length; - - if (httpRequest.d->autoDecompress && httpReply->d_func()->isCompressed()) { - QByteDataBuffer inDataBuffer; // ### should we introduce one in the http reply? - inDataBuffer.append(data); - qint64 compressedCount = httpReply->d_func()->uncompressBodyData(&inDataBuffer, - &replyPrivate->responseData); - Q_ASSERT(compressedCount >= 0); - Q_UNUSED(compressedCount); // silence -Wunused-variable - } else { - replyPrivate->responseData.append(data); - } - - if (replyPrivate->shouldEmitSignals()) { - emit httpReply->readyRead(); - emit httpReply->dataReadProgress(replyPrivate->totalProgress, replyPrivate->bodyLength); - } - - if (flag_compress) { - qWarning("SPDY level compression is not supported"); - } - - if (flag_fin) { - if (httpReply->d_func()->state != QHttpNetworkReplyPrivate::SPDYHalfClosed) - sendDataFrame(streamID, DataFrame_FLAG_FIN, 0, 0); - replyFinished(httpReply, streamID); - } -} - -void QSpdyProtocolHandler::replyFinished(QHttpNetworkReply *httpReply, qint32 streamID) -{ - httpReply->d_func()->state = QHttpNetworkReplyPrivate::SPDYClosed; - httpReply->disconnect(this); - if (httpReply->request().uploadByteDevice()) - httpReply->request().uploadByteDevice()->disconnect(this); - int streamsRemoved = m_inFlightStreams.remove(streamID); - Q_ASSERT(streamsRemoved == 1); - Q_UNUSED(streamsRemoved); // silence -Wunused-variable - emit httpReply->finished(); -} - -void QSpdyProtocolHandler::replyFinishedWithError(QHttpNetworkReply *httpReply, qint32 streamID, - QNetworkReply::NetworkError errorCode, const char *errorMessage) -{ - Q_ASSERT(httpReply); - httpReply->d_func()->state = QHttpNetworkReplyPrivate::SPDYClosed; - httpReply->disconnect(this); - if (httpReply->request().uploadByteDevice()) - httpReply->request().uploadByteDevice()->disconnect(this); - int streamsRemoved = m_inFlightStreams.remove(streamID); - Q_ASSERT(streamsRemoved == 1); - Q_UNUSED(streamsRemoved); // silence -Wunused-variable - emit httpReply->finishedWithError(errorCode, QSpdyProtocolHandler::tr(errorMessage)); -} - -qint32 QSpdyProtocolHandler::generateNextStreamID() -{ - // stream IDs initiated by the client must be odd - m_nextStreamID += 2; - return m_nextStreamID; -} - -QT_END_NAMESPACE - -#endif // !defined(QT_NO_SSL) diff --git a/src/network/access/qspdyprotocolhandler_p.h b/src/network/access/qspdyprotocolhandler_p.h deleted file mode 100644 index 14e2ff388a..0000000000 --- a/src/network/access/qspdyprotocolhandler_p.h +++ /dev/null @@ -1,232 +0,0 @@ -/**************************************************************************** -** -** Copyright (C) 2014 BlackBerry Limited. All rights reserved. -** Contact: https://www.qt.io/licensing/ -** -** This file is part of the QtNetwork module of the Qt Toolkit. -** -** $QT_BEGIN_LICENSE:LGPL$ -** Commercial License Usage -** Licensees holding valid commercial Qt licenses may use this file in -** accordance with the commercial license agreement provided with the -** Software or, alternatively, in accordance with the terms contained in -** a written agreement between you and The Qt Company. For licensing terms -** and conditions see https://www.qt.io/terms-conditions. For further -** information use the contact form at https://www.qt.io/contact-us. -** -** GNU Lesser General Public License Usage -** Alternatively, this file may be used under the terms of the GNU Lesser -** General Public License version 3 as published by the Free Software -** Foundation and appearing in the file LICENSE.LGPL3 included in the -** packaging of this file. Please review the following information to -** ensure the GNU Lesser General Public License version 3 requirements -** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -** -** GNU General Public License Usage -** Alternatively, this file may be used under the terms of the GNU -** General Public License version 2.0 or (at your option) the GNU General -** Public license version 3 or any later version approved by the KDE Free -** Qt Foundation. The licenses are as published by the Free Software -** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -** included in the packaging of this file. Please review the following -** information to ensure the GNU General Public License requirements will -** be met: https://www.gnu.org/licenses/gpl-2.0.html and -** https://www.gnu.org/licenses/gpl-3.0.html. -** -** $QT_END_LICENSE$ -** -****************************************************************************/ - -#ifndef QSPDYPROTOCOLHANDLER_H -#define QSPDYPROTOCOLHANDLER_H - -// -// W A R N I N G -// ------------- -// -// This file is not part of the Qt API. It exists for the convenience -// of the Network Access API. This header file may change from -// version to version without notice, or even be removed. -// -// We mean it. -// - -#include <QtNetwork/private/qtnetworkglobal_p.h> -#include <private/qabstractprotocolhandler_p.h> -#include <QtNetwork/qnetworkreply.h> -#include <private/qbytedata_p.h> - -#include <zlib.h> - -QT_REQUIRE_CONFIG(http); - -#if !defined(QT_NO_SSL) - -QT_BEGIN_NAMESPACE - -class QHttpNetworkRequest; - -#ifndef HttpMessagePair -typedef QPair<QHttpNetworkRequest, QHttpNetworkReply*> HttpMessagePair; -#endif - -class QSpdyProtocolHandler : public QObject, public QAbstractProtocolHandler { - Q_OBJECT -public: - QSpdyProtocolHandler(QHttpNetworkConnectionChannel *channel); - ~QSpdyProtocolHandler(); - - enum DataFrameFlag { - DataFrame_FLAG_FIN = 0x01, - DataFrame_FLAG_COMPRESS = 0x02 - }; - - Q_DECLARE_FLAGS(DataFrameFlags, DataFrameFlag) - - enum ControlFrameFlag { - ControlFrame_FLAG_FIN = 0x01, - ControlFrame_FLAG_UNIDIRECTIONAL = 0x02 - }; - - Q_DECLARE_FLAGS(ControlFrameFlags, ControlFrameFlag) - - enum SETTINGS_Flag { - FLAG_SETTINGS_CLEAR_SETTINGS = 0x01 - }; - - Q_DECLARE_FLAGS(SETTINGS_Flags, SETTINGS_Flag) - - enum SETTINGS_ID_Flag { - FLAG_SETTINGS_PERSIST_VALUE = 0x01, - FLAG_SETTINGS_PERSISTED = 0x02 - }; - - Q_DECLARE_FLAGS(SETTINGS_ID_Flags, SETTINGS_ID_Flag) - - virtual void _q_receiveReply() override; - virtual void _q_readyRead() override; - virtual bool sendRequest() override; - -private slots: - void _q_uploadDataReadyRead(); - void _q_replyDestroyed(QObject*); - void _q_uploadDataDestroyed(QObject *); - -private: - - enum FrameType { - FrameType_SYN_STREAM = 1, - FrameType_SYN_REPLY = 2, - FrameType_RST_STREAM = 3, - FrameType_SETTINGS = 4, - FrameType_PING = 6, - FrameType_GOAWAY = 7, - FrameType_HEADERS = 8, - FrameType_WINDOW_UPDATE = 9, - FrameType_CREDENTIAL // has a special type - }; - - enum StatusCode { - StatusCode_PROTOCOL_ERROR = 1, - StatusCode_INVALID_STREAM = 2, - StatusCode_REFUSED_STREAM = 3, - StatusCode_UNSUPPORTED_VERSION = 4, - StatusCode_CANCEL = 5, - StatusCode_INTERNAL_ERROR = 6, - StatusCode_FLOW_CONTROL_ERROR = 7, - StatusCode_STREAM_IN_USE = 8, - StatusCode_STREAM_ALREADY_CLOSED = 9, - StatusCode_INVALID_CREDENTIALS = 10, - StatusCode_FRAME_TOO_LARGE = 11 - }; - - enum SETTINGS_ID { - SETTINGS_UPLOAD_BANDWIDTH = 1, - SETTINGS_DOWNLOAD_BANDWIDTH = 2, - SETTINGS_ROUND_TRIP_TIME = 3, - SETTINGS_MAX_CONCURRENT_STREAMS = 4, - SETTINGS_CURRENT_CWND = 5, - SETTINGS_DOWNLOAD_RETRANS_RATE = 6, - SETTINGS_INITIAL_WINDOW_SIZE = 7, - SETTINGS_CLIENT_CERTIFICATE_VECTOR_SIZE = 8 - }; - - enum GOAWAY_STATUS { - GOAWAY_OK = 0, - GOAWAY_PROTOCOL_ERROR = 1, - GOAWAY_INTERNAL_ERROR = 11 - }; - - enum RST_STREAM_STATUS_CODE { - RST_STREAM_PROTOCOL_ERROR = 1, - RST_STREAM_INVALID_STREAM = 2, - RST_STREAM_REFUSED_STREAM = 3, - RST_STREAM_UNSUPPORTED_VERSION = 4, - RST_STREAM_CANCEL = 5, - RST_STREAM_INTERNAL_ERROR = 6, - RST_STREAM_FLOW_CONTROL_ERROR = 7, - RST_STREAM_STREAM_IN_USE = 8, - RST_STREAM_STREAM_ALREADY_CLOSED = 9, - RST_STREAM_INVALID_CREDENTIALS = 10, - RST_STREAM_FRAME_TOO_LARGE = 11 - }; - - quint64 bytesAvailable() const; - bool readNextChunk(qint64 length, char *sink); - - void sendControlFrame(FrameType type, ControlFrameFlags flags, const char *data, quint32 length); - - void sendSYN_STREAM(const HttpMessagePair &pair, qint32 streamID, - qint32 associatedToStreamID); - void sendRST_STREAM(qint32 streamID, RST_STREAM_STATUS_CODE statusCode); - void sendPING(quint32 pingID); - - bool uploadData(qint32 streamID); - Q_INVOKABLE void sendWINDOW_UPDATE(qint32 streamID, quint32 deltaWindowSize); - - qint64 sendDataFrame(qint32 streamID, DataFrameFlags flags, quint32 length, - const char *data); - - QByteArray composeHeader(const QHttpNetworkRequest &request); - bool uncompressHeader(const QByteArray &input, QByteArray *output); - - void handleControlFrame(const QByteArray &frameHeaders); - void handleDataFrame(const QByteArray &frameHeaders); - - void handleSYN_STREAM(char, quint32, const QByteArray &frameData); - void handleSYN_REPLY(char flags, quint32, const QByteArray &frameData); - void handleRST_STREAM(char flags, quint32 length, const QByteArray &frameData); - void handleSETTINGS(char flags, quint32 length, const QByteArray &frameData); - void handlePING(char, quint32 length, const QByteArray &frameData); - void handleGOAWAY(char flags, quint32, const QByteArray &frameData); - void handleHEADERS(char flags, quint32, const QByteArray &frameData); - void handleWINDOW_UPDATE(char, quint32, const QByteArray &frameData); - - qint32 generateNextStreamID(); - void parseHttpHeaders(char flags, const QByteArray &frameData); - - void replyFinished(QHttpNetworkReply *httpReply, qint32 streamID); - void replyFinishedWithError(QHttpNetworkReply *httpReply, qint32 streamID, - QNetworkReply::NetworkError errorCode, const char *errorMessage); - - qint32 m_nextStreamID; - QHash<quint32, HttpMessagePair> m_inFlightStreams; - qint32 m_maxConcurrentStreams; - quint32 m_initialWindowSize; - QByteDataBuffer m_spdyBuffer; - bool m_waitingForCompleteStream; - z_stream m_deflateStream; - z_stream m_inflateStream; - QHash<QObject *, qint32> m_streamIDs; -}; - -Q_DECLARE_OPERATORS_FOR_FLAGS(QSpdyProtocolHandler::DataFrameFlags) -Q_DECLARE_OPERATORS_FOR_FLAGS(QSpdyProtocolHandler::ControlFrameFlags) -Q_DECLARE_OPERATORS_FOR_FLAGS(QSpdyProtocolHandler::SETTINGS_Flags) -Q_DECLARE_OPERATORS_FOR_FLAGS(QSpdyProtocolHandler::SETTINGS_ID_Flags) - -QT_END_NAMESPACE - -#endif // !defined(QT_NO_SSL) - -#endif // QSPDYPROTOCOLHANDLER_H diff --git a/src/network/bearer/bearer.pri b/src/network/bearer/bearer.pri index d58d5ec168..bcb7a5971e 100644 --- a/src/network/bearer/bearer.pri +++ b/src/network/bearer/bearer.pri @@ -6,11 +6,14 @@ HEADERS += bearer/qnetworkconfiguration.h \ bearer/qnetworkconfigmanager_p.h \ bearer/qnetworkconfiguration_p.h \ bearer/qnetworksession_p.h \ + bearer/qnetworksession_impl_p.h \ bearer/qbearerengine_p.h \ + bearer/qbearerengine_impl_p.h \ bearer/qbearerplugin_p.h \ bearer/qsharednetworksession_p.h SOURCES += bearer/qnetworksession.cpp \ + bearer/qnetworksession_impl.cpp \ bearer/qnetworkconfigmanager.cpp \ bearer/qnetworkconfiguration.cpp \ bearer/qnetworkconfigmanager_p.cpp \ diff --git a/src/network/bearer/qbearerengine_impl_p.h b/src/network/bearer/qbearerengine_impl_p.h new file mode 100644 index 0000000000..4221b73276 --- /dev/null +++ b/src/network/bearer/qbearerengine_impl_p.h @@ -0,0 +1,85 @@ +/**************************************************************************** +** +** Copyright (C) 2016 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the plugins of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QBEARERENGINE_IMPL_H +#define QBEARERENGINE_IMPL_H + +#include <QtNetwork/private/qbearerengine_p.h> + +#ifndef QT_NO_BEARERMANAGEMENT + +QT_BEGIN_NAMESPACE + +class Q_NETWORK_EXPORT QBearerEngineImpl : public QBearerEngine +{ + Q_OBJECT + +public: + enum ConnectionError { + InterfaceLookupError = 0, + ConnectError, + OperationNotSupported, + DisconnectionError, + }; + + QBearerEngineImpl(QObject *parent = nullptr) : QBearerEngine(parent) {} + ~QBearerEngineImpl() {} + + virtual void connectToId(const QString &id) = 0; + virtual void disconnectFromId(const QString &id) = 0; + + virtual QString getInterfaceFromId(const QString &id) = 0; + + virtual QNetworkSession::State sessionStateForId(const QString &id) = 0; + + virtual quint64 bytesWritten(const QString &) { return Q_UINT64_C(0); } + virtual quint64 bytesReceived(const QString &) { return Q_UINT64_C(0); } + virtual quint64 startTime(const QString &) { return Q_UINT64_C(0); } + +Q_SIGNALS: + void connectionError(const QString &id, QBearerEngineImpl::ConnectionError error); +}; + +QT_END_NAMESPACE + +Q_DECLARE_METATYPE(QBearerEngineImpl::ConnectionError) + +#endif // QT_NO_BEARERMANAGEMENT + +#endif // QBEARERENGINE_IMPL_H diff --git a/src/network/bearer/qnetworksession_impl.cpp b/src/network/bearer/qnetworksession_impl.cpp new file mode 100644 index 0000000000..4b8631d4db --- /dev/null +++ b/src/network/bearer/qnetworksession_impl.cpp @@ -0,0 +1,439 @@ +/**************************************************************************** +** +** Copyright (C) 2016 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the plugins of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +// see comment in ../platformdefs_win.h. +#define WIN32_LEAN_AND_MEAN 1 + +#include "qnetworksession_impl_p.h" +#include "qbearerengine_impl_p.h" + +#include <QtNetwork/qnetworksession.h> +#include <QtNetwork/private/qnetworkconfigmanager_p.h> + +#include <QtCore/qdatetime.h> +#include <QtCore/qdebug.h> +#include <QtCore/qmutex.h> +#include <QtCore/qstringlist.h> + +#ifndef QT_NO_BEARERMANAGEMENT + +QT_BEGIN_NAMESPACE + +static QBearerEngineImpl *getEngineFromId(const QString &id) +{ + QNetworkConfigurationManagerPrivate *priv = qNetworkConfigurationManagerPrivate(); + if (priv) { + const auto engines = priv->engines(); + for (QBearerEngine *engine : engines) { + QBearerEngineImpl *engineImpl = qobject_cast<QBearerEngineImpl *>(engine); + if (engineImpl && engineImpl->hasIdentifier(id)) + return engineImpl; + } + } + + return 0; +} + +class QNetworkSessionManagerPrivate : public QObject +{ + Q_OBJECT + +public: + QNetworkSessionManagerPrivate(QObject *parent = 0) : QObject(parent) {} + ~QNetworkSessionManagerPrivate() {} + + inline void forceSessionClose(const QNetworkConfiguration &config) + { emit forcedSessionClose(config); } + +Q_SIGNALS: + void forcedSessionClose(const QNetworkConfiguration &config); +}; + +Q_GLOBAL_STATIC(QNetworkSessionManagerPrivate, sessionManager); + +void QNetworkSessionPrivateImpl::syncStateWithInterface() +{ + connect(sessionManager(), SIGNAL(forcedSessionClose(QNetworkConfiguration)), + this, SLOT(forcedSessionClose(QNetworkConfiguration))); + + opened = false; + isOpen = false; + state = QNetworkSession::Invalid; + lastError = QNetworkSession::UnknownSessionError; + + qRegisterMetaType<QBearerEngineImpl::ConnectionError>(); + + switch (publicConfig.type()) { + case QNetworkConfiguration::InternetAccessPoint: + activeConfig = publicConfig; + engine = getEngineFromId(activeConfig.identifier()); + if (engine) { + qRegisterMetaType<QNetworkConfigurationPrivatePointer>(); + connect(engine, SIGNAL(configurationChanged(QNetworkConfigurationPrivatePointer)), + this, SLOT(configurationChanged(QNetworkConfigurationPrivatePointer)), + Qt::QueuedConnection); + connect(engine, SIGNAL(connectionError(QString,QBearerEngineImpl::ConnectionError)), + this, SLOT(connectionError(QString,QBearerEngineImpl::ConnectionError)), + Qt::QueuedConnection); + } + break; + case QNetworkConfiguration::ServiceNetwork: + serviceConfig = publicConfig; + // Defer setting engine and signals until open(). + Q_FALLTHROUGH(); + case QNetworkConfiguration::UserChoice: + // Defer setting serviceConfig and activeConfig until open(). + Q_FALLTHROUGH(); + default: + engine = 0; + } + + networkConfigurationsChanged(); +} + +void QNetworkSessionPrivateImpl::open() +{ + if (serviceConfig.isValid()) { + lastError = QNetworkSession::OperationNotSupportedError; + emit QNetworkSessionPrivate::error(lastError); + } else if (!isOpen) { + if ((activeConfig.state() & QNetworkConfiguration::Discovered) != QNetworkConfiguration::Discovered) { + lastError = QNetworkSession::InvalidConfigurationError; + state = QNetworkSession::Invalid; + emit stateChanged(state); + emit QNetworkSessionPrivate::error(lastError); + return; + } + opened = true; + + if ((activeConfig.state() & QNetworkConfiguration::Active) != QNetworkConfiguration::Active && + (activeConfig.state() & QNetworkConfiguration::Discovered) == QNetworkConfiguration::Discovered) { + state = QNetworkSession::Connecting; + emit stateChanged(state); + + engine->connectToId(activeConfig.identifier()); + } + + isOpen = (activeConfig.state() & QNetworkConfiguration::Active) == QNetworkConfiguration::Active; + if (isOpen) + emit quitPendingWaitsForOpened(); + } +} + +void QNetworkSessionPrivateImpl::close() +{ + if (serviceConfig.isValid()) { + lastError = QNetworkSession::OperationNotSupportedError; + emit QNetworkSessionPrivate::error(lastError); + } else if (isOpen) { + opened = false; + isOpen = false; + emit closed(); + } +} + +void QNetworkSessionPrivateImpl::stop() +{ + if (serviceConfig.isValid()) { + lastError = QNetworkSession::OperationNotSupportedError; + emit QNetworkSessionPrivate::error(lastError); + } else { + if ((activeConfig.state() & QNetworkConfiguration::Active) == QNetworkConfiguration::Active) { + state = QNetworkSession::Closing; + emit stateChanged(state); + + engine->disconnectFromId(activeConfig.identifier()); + + sessionManager()->forceSessionClose(activeConfig); + } + + opened = false; + isOpen = false; + emit closed(); + } +} + +void QNetworkSessionPrivateImpl::migrate() +{ +} + +void QNetworkSessionPrivateImpl::accept() +{ +} + +void QNetworkSessionPrivateImpl::ignore() +{ +} + +void QNetworkSessionPrivateImpl::reject() +{ +} + +#ifndef QT_NO_NETWORKINTERFACE +QNetworkInterface QNetworkSessionPrivateImpl::currentInterface() const +{ + if (!engine || state != QNetworkSession::Connected || !publicConfig.isValid()) + return QNetworkInterface(); + + QString iface = engine->getInterfaceFromId(activeConfig.identifier()); + if (iface.isEmpty()) + return QNetworkInterface(); + return QNetworkInterface::interfaceFromName(iface); +} +#endif + +QVariant QNetworkSessionPrivateImpl::sessionProperty(const QString &key) const +{ + if (key == QLatin1String("AutoCloseSessionTimeout")) { + if (engine && engine->requiresPolling() && + !(engine->capabilities() & QNetworkConfigurationManager::CanStartAndStopInterfaces)) { + return sessionTimeout >= 0 ? sessionTimeout * 10000 : -1; + } + } + + return QVariant(); +} + +void QNetworkSessionPrivateImpl::setSessionProperty(const QString &key, const QVariant &value) +{ + if (key == QLatin1String("AutoCloseSessionTimeout")) { + if (engine && engine->requiresPolling() && + !(engine->capabilities() & QNetworkConfigurationManager::CanStartAndStopInterfaces)) { + int timeout = value.toInt(); + if (timeout >= 0) { + connect(engine, SIGNAL(updateCompleted()), + this, SLOT(decrementTimeout()), Qt::UniqueConnection); + sessionTimeout = timeout / 10000; // convert to poll intervals + } else { + disconnect(engine, SIGNAL(updateCompleted()), this, SLOT(decrementTimeout())); + sessionTimeout = -1; + } + } + } +} + +QString QNetworkSessionPrivateImpl::errorString() const +{ + switch (lastError) { + case QNetworkSession::UnknownSessionError: + return tr("Unknown session error."); + case QNetworkSession::SessionAbortedError: + return tr("The session was aborted by the user or system."); + case QNetworkSession::OperationNotSupportedError: + return tr("The requested operation is not supported by the system."); + case QNetworkSession::InvalidConfigurationError: + return tr("The specified configuration cannot be used."); + case QNetworkSession::RoamingError: + return tr("Roaming was aborted or is not possible."); + default: + break; + } + + return QString(); +} + +QNetworkSession::SessionError QNetworkSessionPrivateImpl::error() const +{ + return lastError; +} + +quint64 QNetworkSessionPrivateImpl::bytesWritten() const +{ + if (engine && state == QNetworkSession::Connected) + return engine->bytesWritten(activeConfig.identifier()); + return Q_UINT64_C(0); +} + +quint64 QNetworkSessionPrivateImpl::bytesReceived() const +{ + if (engine && state == QNetworkSession::Connected) + return engine->bytesReceived(activeConfig.identifier()); + return Q_UINT64_C(0); +} + +quint64 QNetworkSessionPrivateImpl::activeTime() const +{ + if (state == QNetworkSession::Connected && startTime != Q_UINT64_C(0)) + return QDateTime::currentSecsSinceEpoch() - startTime; + return Q_UINT64_C(0); +} + +QNetworkSession::UsagePolicies QNetworkSessionPrivateImpl::usagePolicies() const +{ + return currentPolicies; +} + +void QNetworkSessionPrivateImpl::setUsagePolicies(QNetworkSession::UsagePolicies newPolicies) +{ + if (newPolicies != currentPolicies) { + currentPolicies = newPolicies; + emit usagePoliciesChanged(currentPolicies); + } +} + +void QNetworkSessionPrivateImpl::updateStateFromServiceNetwork() +{ + QNetworkSession::State oldState = state; + + const auto configs = serviceConfig.children(); + for (const QNetworkConfiguration &config : configs) { + if ((config.state() & QNetworkConfiguration::Active) != QNetworkConfiguration::Active) + continue; + + if (activeConfig != config) { + if (engine) { + disconnect(engine, SIGNAL(connectionError(QString,QBearerEngineImpl::ConnectionError)), + this, SLOT(connectionError(QString,QBearerEngineImpl::ConnectionError))); + } + + activeConfig = config; + engine = getEngineFromId(activeConfig.identifier()); + + if (engine) { + connect(engine, SIGNAL(connectionError(QString,QBearerEngineImpl::ConnectionError)), + this, SLOT(connectionError(QString,QBearerEngineImpl::ConnectionError)), + Qt::QueuedConnection); + } + emit newConfigurationActivated(); + } + + state = QNetworkSession::Connected; + if (state != oldState) + emit stateChanged(state); + + return; + } + + if (serviceConfig.children().isEmpty()) + state = QNetworkSession::NotAvailable; + else + state = QNetworkSession::Disconnected; + + if (state != oldState) + emit stateChanged(state); +} + +void QNetworkSessionPrivateImpl::updateStateFromActiveConfig() +{ + if (!engine) + return; + + QNetworkSession::State oldState = state; + state = engine->sessionStateForId(activeConfig.identifier()); + + bool oldActive = isOpen; + isOpen = (state == QNetworkSession::Connected) ? opened : false; + + if (!oldActive && isOpen) + emit quitPendingWaitsForOpened(); + if (oldActive && !isOpen) + emit closed(); + + if (oldState != state) + emit stateChanged(state); +} + +void QNetworkSessionPrivateImpl::networkConfigurationsChanged() +{ + if (serviceConfig.isValid()) + updateStateFromServiceNetwork(); + else + updateStateFromActiveConfig(); + + if (engine) + startTime = engine->startTime(activeConfig.identifier()); +} + +void QNetworkSessionPrivateImpl::configurationChanged(QNetworkConfigurationPrivatePointer config) +{ + if (serviceConfig.isValid() && + (config->id == serviceConfig.identifier() || config->id == activeConfig.identifier())) { + updateStateFromServiceNetwork(); + } else if (config->id == activeConfig.identifier()) { + updateStateFromActiveConfig(); + } +} + +void QNetworkSessionPrivateImpl::forcedSessionClose(const QNetworkConfiguration &config) +{ + if (activeConfig == config) { + opened = false; + isOpen = false; + + emit closed(); + + lastError = QNetworkSession::SessionAbortedError; + emit QNetworkSessionPrivate::error(lastError); + } +} + +void QNetworkSessionPrivateImpl::connectionError(const QString &id, QBearerEngineImpl::ConnectionError error) +{ + if (activeConfig.identifier() == id) { + networkConfigurationsChanged(); + switch (error) { + case QBearerEngineImpl::OperationNotSupported: + lastError = QNetworkSession::OperationNotSupportedError; + opened = false; + break; + case QBearerEngineImpl::InterfaceLookupError: + case QBearerEngineImpl::ConnectError: + case QBearerEngineImpl::DisconnectionError: + default: + lastError = QNetworkSession::UnknownSessionError; + } + + emit QNetworkSessionPrivate::error(lastError); + } +} + +void QNetworkSessionPrivateImpl::decrementTimeout() +{ + if (--sessionTimeout <= 0) { + disconnect(engine, SIGNAL(updateCompleted()), this, SLOT(decrementTimeout())); + sessionTimeout = -1; + close(); + } +} + +QT_END_NAMESPACE + +#include "qnetworksession_impl.moc" + +#endif // QT_NO_BEARERMANAGEMENT diff --git a/src/network/bearer/qnetworksession_impl_p.h b/src/network/bearer/qnetworksession_impl_p.h new file mode 100644 index 0000000000..b174760152 --- /dev/null +++ b/src/network/bearer/qnetworksession_impl_p.h @@ -0,0 +1,134 @@ +/**************************************************************************** +** +** Copyright (C) 2016 The Qt Company Ltd. +** Contact: https://www.qt.io/licensing/ +** +** This file is part of the plugins of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms +** and conditions see https://www.qt.io/terms-conditions. For further +** information use the contact form at https://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or (at your option) the GNU General +** Public license version 3 or any later version approved by the KDE Free +** Qt Foundation. The licenses are as published by the Free Software +** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 +** included in the packaging of this file. Please review the following +** information to ensure the GNU General Public License requirements will +** be met: https://www.gnu.org/licenses/gpl-2.0.html and +** https://www.gnu.org/licenses/gpl-3.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QNETWORKSESSION_IMPL_H +#define QNETWORKSESSION_IMPL_H + +// +// W A R N I N G +// ------------- +// +// This file is not part of the Qt API. It exists purely as an +// implementation detail. This header file may change from version to +// version without notice, or even be removed. +// +// We mean it. +// + +#include "qbearerengine_impl_p.h" + +#include <QtNetwork/private/qnetworkconfigmanager_p.h> +#include <QtNetwork/private/qnetworksession_p.h> + +#ifndef QT_NO_BEARERMANAGEMENT + +QT_BEGIN_NAMESPACE + +class QBearerEngineImpl; + +class Q_NETWORK_EXPORT QNetworkSessionPrivateImpl : public QNetworkSessionPrivate +{ + Q_OBJECT + +public: + QNetworkSessionPrivateImpl() + : engine(nullptr), startTime(0), lastError(QNetworkSession::UnknownSessionError), sessionTimeout(-1), currentPolicies(QNetworkSession::NoPolicy), opened(false) + {} + ~QNetworkSessionPrivateImpl() + {} + + //called by QNetworkSession constructor and ensures + //that the state is immediately updated (w/o actually opening + //a session). Also this function should take care of + //notification hooks to discover future state changes. + void syncStateWithInterface() override; + +#ifndef QT_NO_NETWORKINTERFACE + QNetworkInterface currentInterface() const override; +#endif + QVariant sessionProperty(const QString& key) const override; + void setSessionProperty(const QString& key, const QVariant& value) override; + + void open() override; + void close() override; + void stop() override; + void migrate() override; + void accept() override; + void ignore() override; + void reject() override; + + QString errorString() const override; //must return translated string + QNetworkSession::SessionError error() const override; + + quint64 bytesWritten() const override; + quint64 bytesReceived() const override; + quint64 activeTime() const override; + + QNetworkSession::UsagePolicies usagePolicies() const override; + void setUsagePolicies(QNetworkSession::UsagePolicies) override; + +private Q_SLOTS: + void networkConfigurationsChanged(); + void configurationChanged(QNetworkConfigurationPrivatePointer config); + void forcedSessionClose(const QNetworkConfiguration &config); + void connectionError(const QString &id, QBearerEngineImpl::ConnectionError error); + void decrementTimeout(); + +private: + void updateStateFromServiceNetwork(); + void updateStateFromActiveConfig(); + +private: + QBearerEngineImpl *engine; + + quint64 startTime; + + QNetworkSession::SessionError lastError; + + int sessionTimeout; + QNetworkSession::UsagePolicies currentPolicies; + + bool opened; +}; + +QT_END_NAMESPACE + +#endif // QT_NO_BEARERMANAGEMENT + +#endif // QNETWORKSESSION_IMPL_H diff --git a/src/network/kernel/qnetworkinterface.h b/src/network/kernel/qnetworkinterface.h index 4caedaa38f..c65ea58860 100644 --- a/src/network/kernel/qnetworkinterface.h +++ b/src/network/kernel/qnetworkinterface.h @@ -50,7 +50,6 @@ QT_BEGIN_NAMESPACE class QDeadlineTimer; -template<typename T> class QList; class QNetworkAddressEntryPrivate; class Q_NETWORK_EXPORT QNetworkAddressEntry diff --git a/src/network/socket/qlocalserver_p.h b/src/network/socket/qlocalserver_p.h index 92616e59ce..f331a3f10d 100644 --- a/src/network/socket/qlocalserver_p.h +++ b/src/network/socket/qlocalserver_p.h @@ -99,15 +99,18 @@ public: QMap<quintptr, QTcpSocket*> socketMap; #elif defined(Q_OS_WIN) struct Listener { - HANDLE handle; + Listener() = default; + HANDLE handle = nullptr; OVERLAPPED overlapped; - bool connected; + bool connected = false; + private: + Q_DISABLE_COPY(Listener) }; void setError(const QString &function); bool addListener(); - QList<Listener> listeners; + std::vector<std::unique_ptr<Listener>> listeners; HANDLE eventHandle; QWinEventNotifier *connectionEventNotifier; #else diff --git a/src/network/socket/qlocalserver_win.cpp b/src/network/socket/qlocalserver_win.cpp index 2d71a7e730..6d92ebe93a 100644 --- a/src/network/socket/qlocalserver_win.cpp +++ b/src/network/socket/qlocalserver_win.cpp @@ -62,8 +62,8 @@ bool QLocalServerPrivate::addListener() { // The object must not change its address once the // contained OVERLAPPED struct is passed to Windows. - listeners << Listener(); - Listener &listener = listeners.last(); + listeners.push_back(std::make_unique<Listener>()); + auto &listener = listeners.back(); SECURITY_ATTRIBUTES sa; sa.nLength = sizeof(SECURITY_ATTRIBUTES); @@ -175,7 +175,7 @@ bool QLocalServerPrivate::addListener() sa.lpSecurityDescriptor = pSD.data(); } - listener.handle = CreateNamedPipe( + listener->handle = CreateNamedPipe( reinterpret_cast<const wchar_t *>(fullServerName.utf16()), // pipe name PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED, // read/write access PIPE_TYPE_BYTE | // byte type pipe @@ -187,32 +187,32 @@ bool QLocalServerPrivate::addListener() 3000, // client time-out &sa); - if (listener.handle == INVALID_HANDLE_VALUE) { + if (listener->handle == INVALID_HANDLE_VALUE) { setError(QLatin1String("QLocalServerPrivate::addListener")); - listeners.removeLast(); + listeners.pop_back(); return false; } if (worldSID) FreeSid(worldSID); - memset(&listener.overlapped, 0, sizeof(listener.overlapped)); - listener.overlapped.hEvent = eventHandle; + memset(&listener->overlapped, 0, sizeof(OVERLAPPED)); + listener->overlapped.hEvent = eventHandle; // Beware! ConnectNamedPipe will reset the eventHandle to non-signaled. // Callers of addListener must check all listeners for connections. - if (!ConnectNamedPipe(listener.handle, &listener.overlapped)) { + if (!ConnectNamedPipe(listener->handle, &listener->overlapped)) { switch (GetLastError()) { case ERROR_IO_PENDING: - listener.connected = false; + listener->connected = false; break; case ERROR_PIPE_CONNECTED: - listener.connected = true; + listener->connected = true; break; default: - CloseHandle(listener.handle); + CloseHandle(listener->handle); setError(QLatin1String("QLocalServerPrivate::addListener")); - listeners.removeLast(); + listeners.pop_back(); return false; } } else { @@ -284,12 +284,12 @@ void QLocalServerPrivate::_q_onNewConnection() // Testing shows that there is indeed absolutely no guarantee which listener gets // a client connection first, so there is no way around polling all of them. - for (int i = 0; i < listeners.size(); ) { - HANDLE handle = listeners[i].handle; - if (listeners[i].connected - || GetOverlappedResult(handle, &listeners[i].overlapped, &dummy, FALSE)) + for (size_t i = 0; i < listeners.size(); ) { + HANDLE handle = listeners[i]->handle; + if (listeners[i]->connected + || GetOverlappedResult(handle, &listeners[i]->overlapped, &dummy, FALSE)) { - listeners.removeAt(i); + listeners.erase(listeners.begin() + i); addListener(); @@ -319,8 +319,8 @@ void QLocalServerPrivate::closeServer() connectionEventNotifier->deleteLater(); connectionEventNotifier = 0; CloseHandle(eventHandle); - for (int i = 0; i < listeners.size(); ++i) - CloseHandle(listeners[i].handle); + for (size_t i = 0; i < listeners.size(); ++i) + CloseHandle(listeners[i]->handle); listeners.clear(); } diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp index c9fa7f85d9..bfbe8eb90f 100644 --- a/src/network/ssl/qssl.cpp +++ b/src/network/ssl/qssl.cpp @@ -120,8 +120,6 @@ Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); Describes the protocol of the cipher. - \value SslV3 SSLv3; not supported by QSslSocket. - \value SslV2 SSLv2; not supported by QSslSocket. \value TlsV1_0 TLSv1.0 \value TlsV1_0OrLater TLSv1.0 and later versions. This option is not available when using the WinRT backend due to platform limitations. \value TlsV1 Obsolete, means the same as TlsV1_0 @@ -137,7 +135,6 @@ Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); \value TlsV1_3OrLater TLSv1.3 and later versions. (Since Qt 5.12) \value UnknownProtocol The cipher's protocol cannot be determined. \value AnyProtocol Any supported protocol. This value is used by QSslSocket only. - \value TlsV1SslV3 Same as TlsV1_0. \value SecureProtocols The default option, using protocols known to be secure. */ diff --git a/src/network/ssl/qssl.h b/src/network/ssl/qssl.h index b28c2a87b9..1fd2cf9c6d 100644 --- a/src/network/ssl/qssl.h +++ b/src/network/ssl/qssl.h @@ -77,20 +77,10 @@ namespace QSsl { #endif enum SslProtocol { -#if QT_DEPRECATED_SINCE(5, 15) - SslV3, - SslV2, -#endif TlsV1_0 = 2, -#if QT_DEPRECATED_SINCE(5,0) - TlsV1 = TlsV1_0, -#endif TlsV1_1, TlsV1_2, AnyProtocol, -#if QT_DEPRECATED_SINCE(5, 15) - TlsV1SslV3, -#endif SecureProtocols = AnyProtocol + 2, TlsV1_0OrLater, diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index a2e694ec92..b6199a2b16 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -54,7 +54,6 @@ const QSsl::SslOptions QSslConfigurationPrivate::defaultSslOptions = QSsl::SslOp |QSsl::SslOptionDisableSessionPersistence; const char QSslConfiguration::ALPNProtocolHTTP2[] = "h2"; -const char QSslConfiguration::NextProtocolSpdy3_0[] = "spdy/3"; const char QSslConfiguration::NextProtocolHttp1_1[] = "http/1.1"; /*! @@ -134,12 +133,6 @@ const char QSslConfiguration::NextProtocolHttp1_1[] = "http/1.1"; */ /*! - \variable QSslConfiguration::NextProtocolSpdy3_0 - \brief The value used for negotiating SPDY 3.0 during the Next - Protocol Negotiation. -*/ - -/*! \variable QSslConfiguration::NextProtocolHttp1_1 \brief The value used for negotiating HTTP 1.1 during the Next Protocol Negotiation. @@ -229,7 +222,9 @@ bool QSslConfiguration::operator==(const QSslConfiguration &other) const d->nextNegotiatedProtocol == other.d->nextNegotiatedProtocol && d->nextProtocolNegotiationStatus == other.d->nextProtocolNegotiationStatus && d->dtlsCookieEnabled == other.d->dtlsCookieEnabled && - d->ocspStaplingEnabled == other.d->ocspStaplingEnabled; + d->ocspStaplingEnabled == other.d->ocspStaplingEnabled && + d->reportFromCallback == other.d->reportFromCallback && + d->missingCertIsFatal == other.d->missingCertIsFatal; } /*! @@ -274,7 +269,9 @@ bool QSslConfiguration::isNull() const d->nextAllowedProtocols.isEmpty() && d->nextNegotiatedProtocol.isNull() && d->nextProtocolNegotiationStatus == QSslConfiguration::NextProtocolNegotiationNone && - d->ocspStaplingEnabled == false); + d->ocspStaplingEnabled == false && + d->reportFromCallback == false && + d->missingCertIsFatal == false); } /*! @@ -1033,7 +1030,7 @@ QByteArray QSslConfiguration::nextNegotiatedProtocol() const Whether or not the negotiation succeeded can be queried through nextProtocolNegotiationStatus(). - \sa nextNegotiatedProtocol(), nextProtocolNegotiationStatus(), allowedNextProtocols(), QSslConfiguration::NextProtocolSpdy3_0, QSslConfiguration::NextProtocolHttp1_1 + \sa nextNegotiatedProtocol(), nextProtocolNegotiationStatus(), allowedNextProtocols(), QSslConfiguration::NextProtocolHttp1_1 */ #if QT_VERSION >= QT_VERSION_CHECK(6,0,0) void QSslConfiguration::setAllowedNextProtocols(const QList<QByteArray> &protocols) @@ -1051,7 +1048,7 @@ void QSslConfiguration::setAllowedNextProtocols(QList<QByteArray> protocols) server through the Next Protocol Negotiation (NPN) or Application-Layer Protocol Negotiation (ALPN) TLS extension, as set by setAllowedNextProtocols(). - \sa nextNegotiatedProtocol(), nextProtocolNegotiationStatus(), setAllowedNextProtocols(), QSslConfiguration::NextProtocolSpdy3_0, QSslConfiguration::NextProtocolHttp1_1 + \sa nextNegotiatedProtocol(), nextProtocolNegotiationStatus(), setAllowedNextProtocols(), QSslConfiguration::NextProtocolHttp1_1 */ QList<QByteArray> QSslConfiguration::allowedNextProtocols() const { @@ -1197,6 +1194,89 @@ bool QSslConfiguration::ocspStaplingEnabled() const return d->ocspStaplingEnabled; } +/*! + \since 6.0 + + Returns true if a verification callback will emit QSslSocket::handshakeInterruptedOnError() + early, before concluding the handshake. + + \note This function always returns false for all backends but OpenSSL. + + \sa setHandshakeMustInterruptOnError(), QSslSocket::handshakeInterruptedOnError(), QSslSocket::continueInterruptedHandshake() +*/ +bool QSslConfiguration::handshakeMustInterruptOnError() const +{ + return d->reportFromCallback; +} + +/*! + \since 6.0 + + If \a interrupt is true and the underlying backend supports this option, + errors found during certificate verification are reported immediately + by emitting QSslSocket::handshakeInterruptedOnError(). This allows + to stop the unfinished handshake and send a proper alert message to + a peer. No special action is required from the application in this case. + QSslSocket will close the connection after sending the alert message. + If the application after inspecting the error wants to continue the + handshake, it must call QSslSocket::continueInterruptedHandshake() + from its slot function. The signal-slot connection must be direct. + + \note When interrupting handshake is enabled, errors that would otherwise + be reported by QSslSocket::peerVerifyError() are instead only reported by + QSslSocket::handshakeInterruptedOnError(). + \note Even if the handshake was continued, these errors will be + reported when emitting QSslSocket::sslErrors() signal (and thus must + be ignored in the corresponding function slot). + + \sa handshakeMustInterruptOnError(), QSslSocket::handshakeInterruptedOnError(), QSslSocket::continueInterruptedHandshake() +*/ +void QSslConfiguration::setHandshakeMustInterruptOnError(bool interrupt) +{ +#if QT_CONFIG(openssl) + d->reportFromCallback = interrupt; +#else + qCWarning(lcSsl, "This operation requires OpenSSL as TLS backend"); +#endif +} + +/*! + \since 6.0 + + Returns true if errors with code QSslError::NoPeerCertificate + cannot be ignored. + + \note Always returns false for all TLS backends but OpenSSL. + + \sa QSslSocket::ignoreSslErrors(), setMissingCertificateIsFatal() +*/ +bool QSslConfiguration::missingCertificateIsFatal() const +{ + return d->missingCertIsFatal; +} + +/*! + \since 6.0 + + If \a cannotRecover is true, and verification mode in use is + QSslSocket::VerifyPeer or QSslSocket::AutoVerifyPeer (for a + client-side socket), the missing peer's certificate would be + treated as an unrecoverable error that cannot be ignored. A proper + alert message will be sent to the peer before closing the connection. + + \note Only available if Qt was configured and built with OpenSSL backend. + + \sa QSslSocket::ignoreSslErrors(), QSslSocket::PeerVerifyMode, missingCertificateIsFatal() +*/ +void QSslConfiguration::setMissingCertificateIsFatal(bool cannotRecover) +{ +#if QT_CONFIG(openssl) + d->missingCertIsFatal = cannotRecover; +#else + qCWarning(lcSsl, "Handling a missing certificate as a fatal error requires an OpenSSL backend"); +#endif // openssl +} + /*! \internal */ bool QSslConfigurationPrivate::peerSessionWasShared(const QSslConfiguration &configuration) { diff --git a/src/network/ssl/qsslconfiguration.h b/src/network/ssl/qsslconfiguration.h index 247f3aecc9..dc4587a835 100644 --- a/src/network/ssl/qsslconfiguration.h +++ b/src/network/ssl/qsslconfiguration.h @@ -66,7 +66,6 @@ QT_BEGIN_NAMESPACE -template<typename T> class QList; class QSslCertificate; class QSslCipher; class QSslKey; @@ -173,6 +172,12 @@ public: static void setDefaultDtlsConfiguration(const QSslConfiguration &configuration); #endif // dtls + bool handshakeMustInterruptOnError() const; + void setHandshakeMustInterruptOnError(bool interrupt); + + bool missingCertificateIsFatal() const; + void setMissingCertificateIsFatal(bool cannotRecover); + void setOcspStaplingEnabled(bool enable); bool ocspStaplingEnabled() const; @@ -193,7 +198,6 @@ public: NextProtocolNegotiationStatus nextProtocolNegotiationStatus() const; static const char ALPNProtocolHTTP2[]; - static const char NextProtocolSpdy3_0[]; static const char NextProtocolHttp1_1[]; private: diff --git a/src/network/ssl/qsslconfiguration_p.h b/src/network/ssl/qsslconfiguration_p.h index 83126bb9a0..6ee3490df6 100644 --- a/src/network/ssl/qsslconfiguration_p.h +++ b/src/network/ssl/qsslconfiguration_p.h @@ -149,6 +149,14 @@ public: const bool ocspStaplingEnabled = false; #endif +#if QT_CONFIG(openssl) + bool reportFromCallback = false; + bool missingCertIsFatal = false; +#else + const bool reportFromCallback = false; + const bool missingCertIsFatal = false; +#endif // openssl + // in qsslsocket.cpp: static QSslConfiguration defaultConfiguration(); static void setDefaultConfiguration(const QSslConfiguration &configuration); diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index 562aa4f518..574f48a2b5 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -56,6 +56,7 @@ QT_BEGIN_NAMESPACE // defined in qsslsocket_openssl.cpp: extern int q_X509Callback(int ok, X509_STORE_CTX *ctx); +extern "C" int q_X509CallbackDirect(int ok, X509_STORE_CTX *ctx); extern QString getErrorsFromOpenSsl(); #if QT_CONFIG(dtls) @@ -286,42 +287,31 @@ void QSslContext::initSslContext(QSslContext *sslContext, QSslSocket::SslMode mo bool unsupportedProtocol = false; bool isDtls = false; init_context: - if (sslContext->sslConfiguration.protocol() == QSsl::SslV2) { - // SSL 2 is no longer supported, but chosen deliberately -> error - sslContext->ctx = nullptr; - unsupportedProtocol = true; - } else if (sslContext->sslConfiguration.protocol() == QSsl::SslV3) { - // SSL 3 is no longer supported, but chosen deliberately -> error - sslContext->ctx = nullptr; - unsupportedProtocol = true; - } else { - switch (sslContext->sslConfiguration.protocol()) { - case QSsl::DtlsV1_0: - case QSsl::DtlsV1_0OrLater: - case QSsl::DtlsV1_2: - case QSsl::DtlsV1_2OrLater: + switch (sslContext->sslConfiguration.protocol()) { + case QSsl::DtlsV1_0: + case QSsl::DtlsV1_0OrLater: + case QSsl::DtlsV1_2: + case QSsl::DtlsV1_2OrLater: #if QT_CONFIG(dtls) - isDtls = true; - sslContext->ctx = q_SSL_CTX_new(client ? q_DTLS_client_method() : q_DTLS_server_method()); + isDtls = true; + sslContext->ctx = q_SSL_CTX_new(client ? q_DTLS_client_method() : q_DTLS_server_method()); #else // dtls - sslContext->ctx = nullptr; - unsupportedProtocol = true; - qCWarning(lcSsl, "DTLS protocol requested, but feature 'dtls' is disabled"); - + sslContext->ctx = nullptr; + unsupportedProtocol = true; + qCWarning(lcSsl, "DTLS protocol requested, but feature 'dtls' is disabled"); #endif // dtls - break; - case QSsl::TlsV1_3: - case QSsl::TlsV1_3OrLater: + break; + case QSsl::TlsV1_3: + case QSsl::TlsV1_3OrLater: #if !defined(TLS1_3_VERSION) - qCWarning(lcSsl, "TLS 1.3 is not supported"); - sslContext->ctx = nullptr; - unsupportedProtocol = true; - break; + qCWarning(lcSsl, "TLS 1.3 is not supported"); + sslContext->ctx = nullptr; + unsupportedProtocol = true; + break; #endif // TLS1_3_VERSION - default: - // The ssl options will actually control the supported methods - sslContext->ctx = q_SSL_CTX_new(client ? q_TLS_client_method() : q_TLS_server_method()); - } + default: + // The ssl options will actually control the supported methods + sslContext->ctx = q_SSL_CTX_new(client ? q_TLS_client_method() : q_TLS_server_method()); } if (!sslContext->ctx) { @@ -373,7 +363,6 @@ init_context: #endif // TLS1_3_VERSION break; // Ranges: - case QSsl::TlsV1SslV3: case QSsl::AnyProtocol: case QSsl::SecureProtocols: case QSsl::TlsV1_0OrLater: @@ -415,12 +404,6 @@ init_context: Q_UNREACHABLE(); break; #endif // TLS1_3_VERSION - case QSsl::SslV2: - case QSsl::SslV3: - // These protocols are not supported, and we handle - // them as an error (see the code above). - Q_UNREACHABLE(); - break; case QSsl::UnknownProtocol: break; } @@ -589,11 +572,20 @@ init_context: if (sslContext->sslConfiguration.peerVerifyMode() == QSslSocket::VerifyNone) { q_SSL_CTX_set_verify(sslContext->ctx, SSL_VERIFY_NONE, nullptr); } else { - q_SSL_CTX_set_verify(sslContext->ctx, SSL_VERIFY_PEER, -#if QT_CONFIG(dtls) - isDtls ? dtlscallbacks::q_X509DtlsCallback : -#endif // dtls - q_X509Callback); + auto verificationCallback = + #if QT_CONFIG(dtls) + isDtls ? dtlscallbacks::q_X509DtlsCallback : + #endif // dtls + q_X509Callback; + + if (!isDtls && configuration.handshakeMustInterruptOnError()) + verificationCallback = q_X509CallbackDirect; + + auto verificationMode = SSL_VERIFY_PEER; + if (!isDtls && sslContext->sslConfiguration.missingCertificateIsFatal()) + verificationMode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT; + + q_SSL_CTX_set_verify(sslContext->ctx, verificationMode, verificationCallback); } #if QT_CONFIG(dtls) diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 690251727d..99329d3f4a 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -228,6 +228,74 @@ */ /*! + \enum QAlertLevel + \brief Describes the level of an alert message + \relates QSslSocket + \since 6.0 + + \ingroup network + \ingroup ssl + \inmodule QtNetwork + + This enum describes the level of an alert message that was sent + or received. + + \value Warning Non-fatal alert message + \value Fatal Fatal alert message, the underlying backend will + handle such an alert properly and close the connection. + \value Unknown An alert of unknown level of severity. +*/ + +/*! + \enum QAlertType + \brief Enumerates possible codes that an alert message can have + \relates QSslSocket + \since 6.0 + + \ingroup network + \ingroup ssl + \inmodule QtNetwork + + See \l{https://tools.ietf.org/html/rfc8446#page-85}{RFC 8446, section 6} + for the possible values and their meaning. + + \value CloseNotify, + \value UnexpectedMessage + \value BadRecordMac + \value RecordOverflow + \value DecompressionFailure + \value HandshakeFailure + \value NoCertificate + \value BadCertificate + \value UnsupportedCertificate + \value CertificateRevoked + \value CertificateExpired + \value CertificateUnknown + \value IllegalParameter + \value UnknownCa + \value AccessDenied + \value DecodeError + \value DecryptError + \value ExportRestriction + \value ProtocolVersion + \value InsufficientSecurity + \value InternalError + \value InappropriateFallback + \value UserCancelled + \value NoRenegotiation + \value MissingExtension + \value UnsupportedExtension + \value CertificateUnobtainable + \value UnrecognizedName + \value BadCertificateStatusResponse + \value BadCertificateHashValue + \value UnknownPskIdentity + \value CertificateRequired + \value NoApplicationProtocol + \value UnknownAlertMessage +*/ + +/*! \fn void QSslSocket::encrypted() This signal is emitted when QSslSocket enters encrypted mode. After this @@ -322,6 +390,48 @@ \sa QSslPreSharedKeyAuthenticator */ +/*! + \fn void QSslSocket::alertSent(QAlertLevel level, QAlertType type, const QString &description) + + QSslSocket emits this signal if an alert message was sent to a peer. \a level + describes if it was a warning or a fatal error. \a type gives the code + of the alert message. When a textual description of the alert message is + available, it is supplied in \a description. + + \note This signal is mostly informational and can be used for debugging + purposes, normally it does not require any actions from the application. + \note Not all backends support this functionality. + + \sa alertReceived(), QAlertLevel, QAlertType +*/ + +/*! + \fn void QSslSocket::alertReceived(QAlertLevel level, QAlertType type, const QString &description) + + QSslSocket emits this signal if an alert message was received from a peer. + \a level tells if the alert was fatal or it was a warning. \a type is the + code explaining why the alert was sent. When a textual description of + the alert message is available, it is supplied in \a description. + + \note The signal is mostly for informational and debugging purposes and does not + require any handling in the application. If the alert was fatal, underlying + backend will handle it and close the connection. + \note Not all backends support this functionality. + + \sa alertSent(), QAlertLevel, QAlertType +*/ + +/*! + \fn void QSslSocket::handshakeInterruptedOnError(const QSslError &error) + + QSslSocket emits this signal if a certificate verification error was + found and if early error reporting was enabled in QSslConfiguration. + An application is expected to inspect the \a error and decide if + it wants to continue the handshake, or abort it and send an alert message + to the peer. The signal-slot connection must be direct. + + \sa continueInterruptedHandshake(), sslErrors(), QSslConfiguration::setHandshakeMustInterruptOnError() +*/ #include "qssl_p.h" #include "qsslsocket.h" #include "qsslcipher.h" @@ -977,7 +1087,10 @@ void QSslSocket::setSslConfiguration(const QSslConfiguration &configuration) #if QT_CONFIG(ocsp) d->configuration.ocspStaplingEnabled = configuration.ocspStaplingEnabled(); #endif - +#if QT_CONFIG(openssl) + d->configuration.reportFromCallback = configuration.handshakeMustInterruptOnError(); + d->configuration.missingCertIsFatal = configuration.missingCertificateIsFatal(); +#endif // openssl // if the CA certificates were set explicitly (either via // QSslConfiguration::setCaCertificates() or QSslSocket::setCaCertificates(), // we cannot load the certificates on demand @@ -2043,6 +2156,23 @@ void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) d->ignoreErrorsList = errors; } + +/*! + \since 6.0 + + If an application wants to conclude a handshake even after receiving + handshakeInterruptedOnError() signal, it must call this function. + This call must be done from a slot function attached to the signal. + The signal-slot connection must be direct. + + \sa handshakeInterruptedOnError(), QSslConfiguration::setHandshakeMustInterruptOnError() +*/ +void QSslSocket::continueInterruptedHandshake() +{ + Q_D(QSslSocket); + d->handshakeInterrupted = false; +} + /*! \internal */ @@ -2217,13 +2347,24 @@ void QSslSocketPrivate::init() */ bool QSslSocketPrivate::verifyProtocolSupported(const char *where) { - if (configuration.protocol == QSsl::SslV2 || configuration.protocol == QSsl::SslV3) { - qCWarning(lcSsl) << where << "Attempted to use an unsupported protocol."; + QLatin1String protocolName("DTLS"); + switch (configuration.protocol) { + case QSsl::UnknownProtocol: + // UnknownProtocol, according to our docs, is for cipher whose protocol is unknown. + // Should not be used when configuring QSslSocket. + protocolName = QLatin1String("UnknownProtocol"); + Q_FALLTHROUGH(); + case QSsl::DtlsV1_0: + case QSsl::DtlsV1_2: + case QSsl::DtlsV1_0OrLater: + case QSsl::DtlsV1_2OrLater: + qCWarning(lcSsl) << where << "QSslConfiguration with unexpected protocol" << protocolName; setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError, QSslSocket::tr("Attempted to use an unsupported protocol.")); return false; + default: + return true; } - return true; } /*! @@ -2434,6 +2575,10 @@ void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPri #if QT_CONFIG(ocsp) ptr->ocspStaplingEnabled = global->ocspStaplingEnabled; #endif +#if QT_CONFIG(openssl) + ptr->reportFromCallback = global->reportFromCallback; + ptr->missingCertIsFatal = global->missingCertIsFatal; +#endif } /*! diff --git a/src/network/ssl/qsslsocket.h b/src/network/ssl/qsslsocket.h index 843e2d15f5..8b0f317da4 100644 --- a/src/network/ssl/qsslsocket.h +++ b/src/network/ssl/qsslsocket.h @@ -63,6 +63,49 @@ class QSslEllipticCurve; class QSslPreSharedKeyAuthenticator; class QOcspResponse; +enum class QAlertLevel { + Warning, + Fatal, + Unknown +}; + +enum class QAlertType { + CloseNotify, + UnexpectedMessage = 10, + BadRecordMac = 20, + RecordOverflow = 22, + DecompressionFailure = 30, // reserved + HandshakeFailure = 40, + NoCertificate = 41, // reserved + BadCertificate = 42, + UnsupportedCertificate = 43, + CertificateRevoked = 44, + CertificateExpired = 45, + CertificateUnknown = 46, + IllegalParameter = 47, + UnknownCa = 48, + AccessDenied = 49, + DecodeError = 50, + DecryptError = 51, + ExportRestriction = 60, // reserved + ProtocolVersion = 70, + InsufficientSecurity = 71, + InternalError = 80, + InappropriateFallback = 86, + UserCancelled = 90, + NoRenegotiation = 100, + MissingExtension = 109, + UnsupportedExtension = 110, + CertificateUnobtainable = 111, // reserved + UnrecognizedName = 112, + BadCertificateStatusResponse = 113, + BadCertificateHashValue = 114, // reserved + UnknownPskIdentity = 115, + CertificateRequired = 116, + NoApplicationProtocol = 120, + UnknownAlertMessage = 255 +}; + class QSslSocketPrivate; class Q_NETWORK_EXPORT QSslSocket : public QTcpSocket { @@ -201,6 +244,7 @@ public: static QString sslLibraryBuildVersionString(); void ignoreSslErrors(const QList<QSslError> &errors); + void continueInterruptedHandshake(); public Q_SLOTS: void startClientEncryption(); @@ -214,6 +258,9 @@ Q_SIGNALS: void modeChanged(QSslSocket::SslMode newMode); void encryptedBytesWritten(qint64 totalBytes); void preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator); + void alertSent(QAlertLevel level, QAlertType type, const QString &description); + void alertReceived(QAlertLevel level, QAlertType type, const QString &description); + void handshakeInterruptedOnError(const QSslError &error); protected: qint64 readData(char *data, qint64 maxlen) override; diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index e0e065679d..fe1c43d992 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -496,10 +496,6 @@ QSsl::SslProtocol QSslSocketBackendPrivate::sessionProtocol() const } switch (protocol) { - case kSSLProtocol2: - return QSsl::SslV2; - case kSSLProtocol3: - return QSsl::SslV3; case kTLSProtocol1: return QSsl::TlsV1_0; case kTLSProtocol11: @@ -657,23 +653,6 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui QSslCipher ciph; switch (cipher) { // Sorted as in CipherSuite.h (and groupped by their RFC) - case SSL_RSA_WITH_NULL_MD5: - ciph.d->name = QLatin1String("NULL-MD5"); - ciph.d->protocol = QSsl::SslV3; - break; - case SSL_RSA_WITH_NULL_SHA: - ciph.d->name = QLatin1String("NULL-SHA"); - ciph.d->protocol = QSsl::SslV3; - break; - case SSL_RSA_WITH_RC4_128_MD5: - ciph.d->name = QLatin1String("RC4-MD5"); - ciph.d->protocol = QSsl::SslV3; - break; - case SSL_RSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("RC4-SHA"); - ciph.d->protocol = QSsl::SslV3; - break; - // TLS addenda using AES, per RFC 3268 case TLS_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("AES128-SHA"); @@ -822,12 +801,8 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui ciph.d->isNull = false; // protocol - if (ciph.d->protocol == QSsl::SslV3) { - ciph.d->protocolString = QLatin1String("SSLv3"); - } else { - ciph.d->protocol = QSsl::TlsV1_2; - ciph.d->protocolString = QLatin1String("TLSv1.2"); - } + ciph.d->protocol = QSsl::TlsV1_2; + ciph.d->protocolString = QLatin1String("TLSv1.2"); const auto bits = ciph.d->name.splitRef(QLatin1Char('-')); if (bits.size() >= 2) { @@ -1106,22 +1081,6 @@ bool QSslSocketBackendPrivate::setSessionProtocol() { Q_ASSERT_X(context, Q_FUNC_INFO, "invalid SSL context (null)"); - // QSsl::SslV2 == kSSLProtocol2 is disabled in Secure Transport and - // always fails with errSSLIllegalParam: - // if (version < MINIMUM_STREAM_VERSION || version > MAXIMUM_STREAM_VERSION) - // return errSSLIllegalParam; - // where MINIMUM_STREAM_VERSION is SSL_Version_3_0, MAXIMUM_STREAM_VERSION is TLS_Version_1_2. - if (configuration.protocol == QSsl::SslV2) { - qCDebug(lcSsl) << "protocol QSsl::SslV2 is disabled"; - return false; - } - - // SslV3 is unsupported. - if (configuration.protocol == QSsl::SslV3) { - qCDebug(lcSsl) << "protocol QSsl::SslV3 is disabled"; - return false; - } - // SecureTransport has kTLSProtocol13 constant and also, kTLSProtocolMaxSupported. // Calling SSLSetProtocolVersionMax/Min with any of these two constants results // in errInvalidParam and a failure to set the protocol version. This means @@ -1162,13 +1121,6 @@ bool QSslSocketBackendPrivate::setSessionProtocol() qCDebug(lcSsl) << plainSocket << "requesting : any"; #endif err = SSLSetProtocolVersionMin(context, kTLSProtocol1); - } else if (configuration.protocol == QSsl::TlsV1SslV3) { - #ifdef QSSLSOCKET_DEBUG - qCDebug(lcSsl) << plainSocket << "requesting : SSLv3 - TLSv1.2"; - #endif - err = SSLSetProtocolVersionMin(context, kTLSProtocol1); - if (err == errSecSuccess) - err = SSLSetProtocolVersionMax(context, kTLSProtocol1); } else if (configuration.protocol == QSsl::SecureProtocols) { #ifdef QSSLSOCKET_DEBUG qCDebug(lcSsl) << plainSocket << "requesting : TLSv1 - TLSv1.2"; @@ -1213,8 +1165,6 @@ bool QSslSocketBackendPrivate::verifySessionProtocol() const bool protocolOk = false; if (configuration.protocol == QSsl::AnyProtocol) protocolOk = true; - else if (configuration.protocol == QSsl::TlsV1SslV3) - protocolOk = (sessionProtocol() == QSsl::TlsV1_0); else if (configuration.protocol == QSsl::SecureProtocols) protocolOk = (sessionProtocol() >= QSsl::TlsV1_0); else if (configuration.protocol == QSsl::TlsV1_0OrLater) diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 8fbbffcaca..f0775ba33b 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -98,6 +98,123 @@ QT_BEGIN_NAMESPACE +namespace { + +QAlertLevel tlsAlertLevel(int value) +{ + if (const char *typeString = q_SSL_alert_type_string(value)) { + // Documented to return 'W' for warning, 'F' for fatal, + // 'U' for unknown. + switch (typeString[0]) { + case 'W': + return QAlertLevel::Warning; + case 'F': + return QAlertLevel::Fatal; + default:; + } + } + + return QAlertLevel::Unknown; +} + +QString tlsAlertDescription(int value) +{ + QString description = QLatin1String(q_SSL_alert_desc_string_long(value)); + if (!description.size()) + description = QLatin1String("no description provided"); + return description; +} + +QAlertType tlsAlertType(int value) +{ + // In case for some reason openssl gives us a value, + // which is not in our enum actually, we leave it to + // an application to handle (supposedly they have + // if or switch-statements). + return QAlertType(value & 0xff); +} + +} // Unnamed namespace + +extern "C" +{ + +void qt_AlertInfoCallback(const SSL *connection, int from, int value) +{ + // Passed to SSL_set_info_callback() + // https://www.openssl.org/docs/man1.1.1/man3/SSL_set_info_callback.html + + if (!connection) { +#ifdef QSSLSOCKET_DEBUG + qCWarning(lcSsl, "Invalid 'connection' parameter (nullptr)"); +#endif // QSSLSOCKET_DEBUG + return; + } + + const auto offset = QSslSocketBackendPrivate::s_indexForSSLExtraData + + QSslSocketBackendPrivate::socketOffsetInExData; + auto privateSocket = + static_cast<QSslSocketBackendPrivate *>(q_SSL_get_ex_data(connection, offset)); + if (!privateSocket) { + // SSL_set_ex_data can fail: +#ifdef QSSLSOCKET_DEBUG + qCWarning(lcSsl, "No external data (socket backend) found for parameter 'connection'"); +#endif // QSSLSOCKET_DEBUG + return; + } + + if (!(from & SSL_CB_ALERT)) { + // We only want to know about alerts (at least for now). + return; + } + + if (from & SSL_CB_WRITE) + privateSocket->alertMessageSent(value); + else + privateSocket->alertMessageReceived(value); +} + +int q_X509CallbackDirect(int ok, X509_STORE_CTX *ctx) +{ + // Passed to SSL_CTX_set_verify() + // https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_verify.html + // Returns 0 to abort verification, 1 to continue. + + // This is a new, experimental verification callback, reporting + // errors immediately and returning 0 or 1 depending on an application + // either ignoring or not ignoring verification errors as they come. + if (!ctx) { + qCWarning(lcSsl, "Invalid store context (nullptr)"); + return 0; + } + + if (!ok) { + // "Whenever a X509_STORE_CTX object is created for the verification of the + // peer's certificate during a handshake, a pointer to the SSL object is + // stored into the X509_STORE_CTX object to identify the connection affected. + // To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can be + // used with the correct index." + SSL *ssl = static_cast<SSL *>(q_X509_STORE_CTX_get_ex_data(ctx, q_SSL_get_ex_data_X509_STORE_CTX_idx())); + if (!ssl) { + qCWarning(lcSsl, "No external data (SSL) found in X509 store object"); + return 0; + } + + const auto offset = QSslSocketBackendPrivate::s_indexForSSLExtraData + + QSslSocketBackendPrivate::socketOffsetInExData; + auto privateSocket = static_cast<QSslSocketBackendPrivate *>(q_SSL_get_ex_data(ssl, offset)); + if (!privateSocket) { + qCWarning(lcSsl, "No external data (QSslSocketBackendPrivate) found in SSL object"); + return 0; + } + + return privateSocket->emitErrorFromCallback(ctx); + } + return 1; +} + +} // extern "C" + Q_GLOBAL_STATIC(QRecursiveMutex, qt_opensslInitMutex) bool QSslSocketPrivate::s_libraryLoaded = false; @@ -250,11 +367,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(const SSL_CIPHER QString protoString = descriptionList.at(1).toString(); ciph.d->protocolString = protoString; ciph.d->protocol = QSsl::UnknownProtocol; - if (protoString == QLatin1String("SSLv3")) - ciph.d->protocol = QSsl::SslV3; - else if (protoString == QLatin1String("SSLv2")) - ciph.d->protocol = QSsl::SslV2; - else if (protoString == QLatin1String("TLSv1")) + if (protoString == QLatin1String("TLSv1")) ciph.d->protocol = QSsl::TlsV1_0; else if (protoString == QLatin1String("TLSv1.1")) ciph.d->protocol = QSsl::TlsV1_1; @@ -409,12 +522,15 @@ int q_X509Callback(int ok, X509_STORE_CTX *ctx) // Not found on store? Try SSL and its external data then. According to the OpenSSL's // documentation: // - // "Whenever a X509_STORE_CTX object is created for the verification of the peers certificate - // during a handshake, a pointer to the SSL object is stored into the X509_STORE_CTX object - // to identify the connection affected. To retrieve this pointer the X509_STORE_CTX_get_ex_data() - // function can be used with the correct index." + // "Whenever a X509_STORE_CTX object is created for the verification of the + // peer's certificate during a handshake, a pointer to the SSL object is + // stored into the X509_STORE_CTX object to identify the connection affected. + // To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can be + // used with the correct index." + const auto offset = QSslSocketBackendPrivate::s_indexForSSLExtraData + + QSslSocketBackendPrivate::errorOffsetInExData; if (SSL *ssl = static_cast<SSL *>(q_X509_STORE_CTX_get_ex_data(ctx, q_SSL_get_ex_data_X509_STORE_CTX_idx()))) - errors = ErrorListPtr(q_SSL_get_ex_data(ssl, QSslSocketBackendPrivate::s_indexForSSLExtraData + 1)); + errors = ErrorListPtr(q_SSL_get_ex_data(ssl, offset)); } if (!errors) { @@ -460,20 +576,23 @@ void q_setDefaultDtlsCiphers(const QList<QSslCipher> &ciphers); long QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions) { long options; - if (protocol == QSsl::TlsV1SslV3) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; - else if (protocol == QSsl::SecureProtocols) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; - else if (protocol == QSsl::TlsV1_0OrLater) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; - else if (protocol == QSsl::TlsV1_1OrLater) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1; - else if (protocol == QSsl::TlsV1_2OrLater) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1; - else if (protocol == QSsl::TlsV1_3OrLater) - options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2; - else + switch (protocol) { + case QSsl::SecureProtocols: + case QSsl::TlsV1_0OrLater: + options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; + break; + case QSsl::TlsV1_1OrLater: + options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1; + break; + case QSsl::TlsV1_2OrLater: + options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1; + break; + case QSsl::TlsV1_3OrLater: + options = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1_2; + break; + default: options = SSL_OP_ALL; + } // This option is disabled by default, so we need to be able to clear it if (sslOptions & QSsl::SslOptionDisableEmptyFragments) @@ -531,10 +650,7 @@ bool QSslSocketBackendPrivate::initSslContext() return false; } - if (configuration.protocol != QSsl::SslV2 && - configuration.protocol != QSsl::SslV3 && - configuration.protocol != QSsl::UnknownProtocol && - mode == QSslSocket::SslClientMode) { + if (configuration.protocol != QSsl::UnknownProtocol && mode == QSslSocket::SslClientMode) { // Set server hostname on TLS extension. RFC4366 section 3.1 requires it in ACE format. QString tlsHostName = verificationPeerName.isEmpty() ? q->peerName() : verificationPeerName; if (tlsHostName.isEmpty()) @@ -1200,18 +1316,32 @@ bool QSslSocketBackendPrivate::startHandshake() if (inSetAndEmitError) return false; + pendingFatalAlert = false; + errorsReportedFromCallback = false; QVector<QSslErrorEntry> lastErrors; - q_SSL_set_ex_data(ssl, s_indexForSSLExtraData + 1, &lastErrors); + q_SSL_set_ex_data(ssl, s_indexForSSLExtraData + errorOffsetInExData, &lastErrors); + + // SSL_set_ex_data can fail, but see the callback's code - we handle this there. + q_SSL_set_ex_data(ssl, s_indexForSSLExtraData + socketOffsetInExData, this); + q_SSL_set_info_callback(ssl, qt_AlertInfoCallback); + int result = (mode == QSslSocket::SslClientMode) ? q_SSL_connect(ssl) : q_SSL_accept(ssl); - q_SSL_set_ex_data(ssl, s_indexForSSLExtraData + 1, nullptr); + q_SSL_set_ex_data(ssl, s_indexForSSLExtraData + errorOffsetInExData, nullptr); + // Note, unlike errors as external data on SSL object, we do not unset + // a callback/ex-data if alert notifications are enabled: an alert can + // arrive after the handshake, for example, this happens when the server + // does not find a ClientCert or does not like it. - if (!lastErrors.isEmpty()) + if (!lastErrors.isEmpty() || errorsReportedFromCallback) storePeerCertificates(); - for (const auto ¤tError : qAsConst(lastErrors)) { - emit q->peerVerifyError(_q_OpenSSL_to_QSslError(currentError.code, - configuration.peerCertificateChain.value(currentError.depth))); - if (q->state() != QAbstractSocket::ConnectedState) - break; + + if (!errorsReportedFromCallback) { + for (const auto ¤tError : qAsConst(lastErrors)) { + emit q->peerVerifyError(_q_OpenSSL_to_QSslError(currentError.code, + configuration.peerCertificateChain.value(currentError.depth))); + if (q->state() != QAbstractSocket::ConnectedState) + break; + } } errorList << lastErrors; @@ -1235,6 +1365,10 @@ bool QSslSocketBackendPrivate::startHandshake() { const ScopedBool bg(inSetAndEmitError, true); setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, errorString); + if (pendingFatalAlert) { + trySendFatalAlert(); + pendingFatalAlert = false; + } } q->abort(); } @@ -1704,6 +1838,88 @@ bool QSslSocketBackendPrivate::checkOcspStatus() #endif // ocsp +void QSslSocketBackendPrivate::alertMessageSent(int value) +{ + Q_Q(QSslSocket); + + const auto level = tlsAlertLevel(value); + if (level == QAlertLevel::Fatal && !connectionEncrypted) { + // Note, this logic is handshake-time only: + pendingFatalAlert = true; + } + + emit q->alertSent(level, tlsAlertType(value), tlsAlertDescription(value)); +} + +void QSslSocketBackendPrivate::alertMessageReceived(int value) +{ + Q_Q(QSslSocket); + + emit q->alertReceived(tlsAlertLevel(value), tlsAlertType(value), tlsAlertDescription(value)); +} + +int QSslSocketBackendPrivate::emitErrorFromCallback(X509_STORE_CTX *ctx) +{ + // Returns 0 to abort verification, 1 to continue despite error (as + // OpenSSL expects from the verification callback). + Q_Q(QSslSocket); + + Q_ASSERT(ctx); + + using ScopedBool = QScopedValueRollback<bool>; + // While we are not setting, we are emitting and in general - + // we want to prevent accidental recursive startHandshake() + // calls: + const ScopedBool bg(inSetAndEmitError, true); + + X509 *x509 = q_X509_STORE_CTX_get_current_cert(ctx); + if (!x509) { + qCWarning(lcSsl, "Could not obtain the certificate (that failed to verify)"); + return 0; + } + const QSslCertificate certificate = QSslCertificatePrivate::QSslCertificate_from_X509(x509); + + const auto errorAndDepth = QSslErrorEntry::fromStoreContext(ctx); + const QSslError tlsError = _q_OpenSSL_to_QSslError(errorAndDepth.code, certificate); + + errorsReportedFromCallback = true; + handshakeInterrupted = true; + emit q->handshakeInterruptedOnError(tlsError); + + // Conveniently so, we also can access 'lastErrors' external data set + // in startHandshake, we store it for the case an application later + // wants to check errors (ignored or not): + const auto offset = QSslSocketBackendPrivate::s_indexForSSLExtraData + + QSslSocketBackendPrivate::errorOffsetInExData; + if (auto errorList = static_cast<QVector<QSslErrorEntry>*>(q_SSL_get_ex_data(ssl, offset))) + errorList->append(errorAndDepth); + + // An application is expected to ignore this error (by calling ignoreSslErrors) + // in its directly connected slot: + return !handshakeInterrupted; +} + +void QSslSocketBackendPrivate::trySendFatalAlert() +{ + Q_ASSERT(pendingFatalAlert); + + pendingFatalAlert = false; + QVarLengthArray<char, 4096> data; + int pendingBytes = 0; + while (plainSocket->isValid() && (pendingBytes = q_BIO_pending(writeBio)) > 0 + && plainSocket->openMode() != QIODevice::NotOpen) { + // Read encrypted data from the write BIO into a buffer. + data.resize(pendingBytes); + const int bioReadBytes = q_BIO_read(writeBio, data.data(), pendingBytes); + + // Write encrypted data from the buffer to the socket. + qint64 actualWritten = plainSocket->write(data.constData(), bioReadBytes); + if (actualWritten < 0) + return; + plainSocket->flush(); + } +} + void QSslSocketBackendPrivate::disconnectFromHost() { if (ssl) { @@ -1747,10 +1963,6 @@ QSsl::SslProtocol QSslSocketBackendPrivate::sessionProtocol() const int ver = q_SSL_version(ssl); switch (ver) { - case 0x2: - return QSsl::SslV2; - case 0x300: - return QSsl::SslV3; case 0x301: return QSsl::TlsV1_0; case 0x302: diff --git a/src/network/ssl/qsslsocket_openssl_p.h b/src/network/ssl/qsslsocket_openssl_p.h index 0370a7d2ac..06af9f5974 100644 --- a/src/network/ssl/qsslsocket_openssl_p.h +++ b/src/network/ssl/qsslsocket_openssl_p.h @@ -131,6 +131,10 @@ public: SSL_SESSION *session; QVector<QSslErrorEntry> errorList; static int s_indexForSSLExtraData; // index used in SSL_get_ex_data to get the matching QSslSocketBackendPrivate + enum ExDataOffset { + errorOffsetInExData = 1, + socketOffsetInExData = 2 + }; bool inSetAndEmitError = false; @@ -157,6 +161,15 @@ public: bool checkOcspStatus(); #endif + void alertMessageSent(int encoded); + void alertMessageReceived(int encoded); + + int emitErrorFromCallback(X509_STORE_CTX *ctx); + void trySendFatalAlert(); + + bool pendingFatalAlert = false; + bool errorsReportedFromCallback = false; + // This decription will go to setErrorAndEmit(SslHandshakeError, ocspErrorDescription) QString ocspErrorDescription; // These will go to sslErrors() diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index 3504924888..5b0a70d495 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -156,6 +156,10 @@ DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG) DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return) DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return) DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return) +using info_callback = void (*) (const SSL *ssl, int type, int val); +DEFINEFUNC2(void, SSL_set_info_callback, SSL *ssl, ssl, info_callback cb, cb, return, return) +DEFINEFUNC(const char *, SSL_alert_type_string, int value, value, return nullptr, return) +DEFINEFUNC(const char *, SSL_alert_desc_string_long, int value, value, return nullptr, return) #ifdef TLS1_3_VERSION DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return) DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG) @@ -839,7 +843,9 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(OPENSSL_sk_value) RESOLVEFUNC(DH_get0_pqg) RESOLVEFUNC(SSL_CTX_set_options) - + RESOLVEFUNC(SSL_set_info_callback) + RESOLVEFUNC(SSL_alert_type_string) + RESOLVEFUNC(SSL_alert_desc_string_long) #ifdef TLS1_3_VERSION RESOLVEFUNC(SSL_CTX_set_ciphersuites) RESOLVEFUNC(SSL_set_psk_use_session_callback) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index baf1a43113..ac6aa1760f 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -719,6 +719,10 @@ int q_OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b); void *q_CRYPTO_malloc(size_t num, const char *file, int line); #define q_OPENSSL_malloc(num) q_CRYPTO_malloc(num, "", 0) +void q_SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val)); +const char *q_SSL_alert_type_string(int value); +const char *q_SSL_alert_desc_string_long(int value); + QT_END_NAMESPACE #endif diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index 1abd18bb32..4b020b6a73 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -208,6 +208,7 @@ protected: bool paused; bool flushTriggered; QVector<QOcspResponse> ocspResponses; + bool handshakeInterrupted = false; }; #if QT_CONFIG(securetransport) || QT_CONFIG(schannel) diff --git a/src/network/ssl/qsslsocket_schannel.cpp b/src/network/ssl/qsslsocket_schannel.cpp index 31b0db4818..2db5c48ff2 100644 --- a/src/network/ssl/qsslsocket_schannel.cpp +++ b/src/network/ssl/qsslsocket_schannel.cpp @@ -226,12 +226,6 @@ DWORD toSchannelProtocol(QSsl::SslProtocol protocol) protocols = SP_PROT_TLS1_0 | SP_PROT_TLS1_1 | SP_PROT_TLS1_2; // @future Add TLS 1.3 when supported by Windows! break; - case QSsl::SslV2: - case QSsl::SslV3: - return DWORD(-1); // Not supported - case QSsl::TlsV1SslV3: - protocols = SP_PROT_TLS1_0; - break; case QSsl::TlsV1_0: protocols = SP_PROT_TLS1_0; break; diff --git a/src/network/ssl/qsslsocket_winrt.cpp b/src/network/ssl/qsslsocket_winrt.cpp index f3ca3dc257..5f5201fc82 100644 --- a/src/network/ssl/qsslsocket_winrt.cpp +++ b/src/network/ssl/qsslsocket_winrt.cpp @@ -230,13 +230,7 @@ void QSslSocketBackendPrivate::startClientEncryption() QSsl::SslProtocol protocol = q->protocol(); switch (q->protocol()) { - case QSsl::SslV2: - case QSsl::SslV3: - setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError, - QStringLiteral("unsupported protocol")); - return; case QSsl::AnyProtocol: - case QSsl::TlsV1SslV3: protectionLevel = SocketProtectionLevel_Tls10; break; case QSsl::TlsV1_0: @@ -270,7 +264,7 @@ void QSslSocketBackendPrivate::startClientEncryption() } // Sync custom certificates - const QSet<QSslCertificate> caCertificates = configuration.caCertificates.toSet(); + const QSet<QSslCertificate> caCertificates(configuration.caCertificates.constBegin(), configuration.caCertificates.constEnd()); const QSet<QSslCertificate> newCertificates = caCertificates - previousCaCertificates; const QSet<QSslCertificate> oldCertificates = previousCaCertificates - caCertificates; g->syncCaCertificates(newCertificates, oldCertificates); @@ -393,7 +387,7 @@ void QSslSocketBackendPrivate::continueHandshake() hr = control2->get_IgnorableServerCertificateErrors(&ignoreList); Q_ASSERT_SUCCEEDED(hr); - QSet<QSslError> ignoreErrors = ignoreErrorsList.toSet(); + QSet<QSslError> ignoreErrors(ignoreErrorsList.constBegin(), ignoreErrorsList.constEnd()); for (int i = ChainValidationResult_Untrusted; i < ChainValidationResult_OtherErrors + 1; ++i) { // Populate the native ignore list - break to add, continue to skip switch (i) { @@ -596,7 +590,7 @@ HRESULT QSslSocketBackendPrivate::onSslUpgrade(IAsyncAction *action, AsyncStatus } } - sslErrors = errors.toList(); + sslErrors = QList<QSslError>(errors.constBegin(), errors.constEnd()); // Peer validation if (!configuration.peerCertificate.isNull()) { |