| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| | |
Change-Id: Idadb5639da6e55e7ac8cc30eedf76d147d8d5d23
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes an issue where under certain circumstances, QSslSocket could get
stuck in a state where it would disconnect immediately after starting
encryption. Since it doesn't make any sense for the socket to be
initialized to a state where any connection attempt will fail, the
pendingClose value should be set to false.
Thanks to Martin Sandsmark for his help debugging this issue.
Task-number: QTBUG-43793
Change-Id: I7deebacbac588c21439a8e594db4222095cf3f22
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |\
| | |
| | |
| | | |
Change-Id: I78d848c0bb396584a205a8066d253f2bcac8da56
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since openssl 1.0.1k with enabled option no-ssl3-method we need to
check for OPENSSL_NO_SSL3_METHOD to use following functions:
- SSLv3_method
- SSLv3_server_method
- SSLv3_client_method
Change-Id: Iee83a6f4bacbf5660baa6bdb89eb02ceb9f11614
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The documentation says that QUdpSocket emits readyRead() only for one
datagram and that if you don't read it, the class will not emit again.
That should be implemented by disabling of the socket notifier once we
have the datagram already read, but was broken.
In turn, that breakage caused a live-lock of the event loop: since we
didn't disable the notifier nor read the pending datagram, the event
loop would fire every time for the same datagram.
The re-enabling of the notifier was already working.
Task-number: QTBUG-43857
Change-Id: Ic5d393bfd36e48a193fcffff13bb32ad390b5fe8
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
They were added in 233a2f37bfa6c896612cbf9a7db42e8e0da788f5, which is in
5.4, but the \since information was missing.
Change-Id: I346a049cad75647fdcd7b64df80dc169bb4ec70a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |/
|/|
| |
| |
| | |
Change-Id: I29d5576902a5d1ea25558e980081952d9157f7f0
Reviewed-by: Topi Reiniö <topi.reinio@digia.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The outer QNativeSocketEngine::bind() function will call
fetchConnectionParameters() as soon as nativeBind() returns, so don't
bother copying localAddress.
Change-Id: Ice13e507ccb9c575a7d3bdf0b41394f35230b746
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|/
|
|
|
|
|
| |
There's no need to allocate memory for the special address.
Change-Id: I5f3760565807731ab595e91fc934c21d10df212a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The documentation for CFURLCreateDataAndPropertiesFromResource()
does not make this clear but from looking at the CFNetwork implementation
and a user stacktrace it appears that this function can return true
but not set the data argument under certain circumstances.
Change-Id: I48034a640d6f47a51cd5883bbafacad4bcbd0415
Task-number: QTBUG-36787
Patch-By: Robert Knight
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit checks whether CFURLCreateWithString() succeeded.
It does not appear to be possible to enter an empty URL directly in the
PAC configuration dialog but I can't rule out the possibility
that it could find its way into the settings via some other means.
Change-Id: I6c2053d385503bf0330f5ae9fb1ec36a473d425d
Patch-By: Robert Knight
Task-number: QTBUG-36787
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
macQueryInternal() was retrieving the PAC URL string as-entered by
the user in the 'Proxies' tab of the system network settings dialog
and passing it to CFURLCreateWithString().
CFURLCreateWithString() returns null if the input string contains
non-URL legal chars or is empty.
Change-Id: I9166d0433a62c7b2274b5435a7dea0a16997d10e
Patch-By: Robert Knight
Task-number: QTBUG-36787
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Markus Goetz <markus@woboq.com>
|
|
|
|
|
|
|
|
| |
With toString(), it was printing "0.0.0.0", which is the same as
QHostAddress::AnyIPv4, making it difficult to tell the two apart.
Change-Id: I4668ec3337c25ddfdc2fa3bbacc83b9d34316b1f
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
| |
QUdpSocket doesn't support binding to QHostAddress::Any and then joining
an IPv4 multicat group since QHostAddress::Any is really an IPv6 socket
with v6only = false. The test did check this case, but failed to ignore
the warning.
Change-Id: I62d782408319a6e566e0ff1a6081b706ac1f669c
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: I60baa01f0ef9419a73535c761c4722c5abd6f26e
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The order is:
1) own header
2) own private header, if any
3) other headers
Commit f17d7a124f0fa817a7e1a2dda6f48098432c0dc0 broke the order.
Change-Id: I7225024691db91fd936a057accdad65bacb3f979
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
cache.
The cookies may contain sensitive information. so we should not store cookies in disk cache.
Task-number: QTBUG-42546
Change-Id: I6331bdd766445af41f55bfaf0e9132b75dd7957f
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
| |
The Qt bug tracker URL changes as part of the qt.io transition
Change-Id: Icb4ab198943b93639b5e3a8d99262303785c6459
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
|
|
|
|
|
|
|
|
|
| |
Place all debug output into the 'qt.network.ssl' category.
This allows people to disable certain warnings at runtime.
Task-number: QTBUG-43173
Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The keepalive socket can only be set if the socket is not connected
(see
http://msdn.microsoft.com/en-us/library/ie/windows.networking.sockets.streamsocketcontrol.keepalive)
Task-number: QTBUG-38623
Change-Id: Ia40dc66f071a8109538e4be7a8f420de81d5be8d
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Leena Miettinen <riitta-leena.miettinen@theqtcompany.com>
Reviewed-by: Andrew Knight <andrew.knight@theqtcompany.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Synchronous error reply.
The App might use response data of Synchronous 401 reply. (example : specific error info of code, string as json)
so, Added a function to read it for Sync.
Async is already OK. Sync path is different from Async path.
Change-Id: I683d4b6b40f600793d2545811dcd6644515de79c
Task-number:QTBUG-43030
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: I86e493178bf523c47eed36015354c0fbbebd56d2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
dist/changes-5.4.0
7231e1fbe24102f2a93b34dfa70e3dca884440d2 went into 5.4 instead of the
5.4.0 branch, thus the conflict.
Change-Id: I70b8597ab52506490dcaf700427183950d42cbd1
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes it follow the coding style, which says to camel case acronyms too,
and makes it consistent with the rest of the class.
Change-Id: I4a1b21de1815530e476fc5aa8a0d41c724fc8021
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: hjk <hjk121@nokiamail.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If "encrypted" signal is fired the configuration of ssl is not updated.
If someone wants to perform additional checks on the certificate chain
it is now possible to use peerCertificate and peerCertificateChain.
Change-Id: Id5136a8c52727562c36028eaef721cc9ad86619d
Task-number: QTBUG-40401
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|\|
| |
| |
| | |
Change-Id: I95f235a66ce2e9b1fa435c0f911c6f7e811755f0
|
| |
| |
| |
| |
| |
| |
| |
| | |
Variable dsa is assigned in this block with q_DSA_new instead of rsa.
So this should be the destination of memcpy.
Change-Id: Id5a41d99f1606bf525ad5f819bbc06bb1235bf5b
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There was still a TODO left in there and the data was never filled.
In addition to filling the data, some pointer checks for addr and port
were added.
Task-number: QTBUG-42244
Change-Id: I8e358b5544edcdb4077a52f433e4bc17d92014ce
Reviewed-by: Andrew Knight <andrew.knight@theqtcompany.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While a POST request with no body may be a pointless thing it does
happen on many websites. Currently this causes QtNetwork to print a
warning to the console and set an invalid content-type. This patch
allows the content-type to be absent when content is.
Task-number: QTBUG-42479
Change-Id: Ia84c89147d2469a9421b9694d062c797987b3194
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows apps to ship their own openssl libraries inside the
application bundle.
The change consists of two parts: First, adding
<bundle>/Contents/Frameworks
to the alternative search paths. Second, disabling the preemtive
check for libssl.dylib, libcrypto.dylib in the system paths:
The system's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib
will still be picked up as a fallback in the alternative search
paths, but only after .app/Contents/Frameworks have been inspected.
[ChangeLog][QtNetwork][QSsl] On OS X and iOS, openssl dylib's are
picked up from the 'Frameworks' directory of the app bundle.
Change-Id: I982930f4a6cf5e0114c04ecbc87f27e54ba8bb88
Reviewed-by: Jake Petroules <jake.petroules@petroules.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QIODevice makes readData() call only when its read buffer is empty.
Also data argument points to the user or reserved read buffer area.
So, no need in data transfer from read buffer at this point at all.
Task-number: QTBUG-41797
Change-Id: Ieb4afdf7eec37fdf288073e4a060e64424f22b9c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit 1853579dad1bbb44599314213a1d8a203ecae1c9)
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since QNAM is initialized with defaultConfiguration, we need to
reset the internal configuration used to the current
defaultConfiguration when the state changes and a new configuration
becomes the default.
Task-number: QTBUG-40234
Change-Id: I50f23c62804f29370915eecac2c92301c5f3ead2
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
Reviewed-by: Alex Blasche <alexander.blasche@digia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes errors like
qsslsocket_openssl_symbols.cpp:111:6: error:
unused function 'qsslSocketUnresolvedSymbolWarning'
[-Werror,-Wunused-function]
void qsslSocketUnresolvedSymbolWarning(const char *functionName)
^
1 error generated.
Change-Id: I164518de583f080724ab9a7165c885602a1c6231
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
| |
If requestedServerName is a full path e.g. "/tmp/some/long/path" the
temp path will end up "/tmp/some/long/path.balblabla/tmp/some/long/path"
and it might fail because it doesn't fit in addr.sun_path.
Change-Id: I6a138fd92be9e0b3b432ab9ac977d04cb330f3fd
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|
|
|
|
|
|
|
| |
The temp socket is in a safe place. There is no need to set any
permissions at this point.
Change-Id: I18ea4b71b7c20db65dc46c57ddc5d34d8b93f577
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|
|
|
|
|
|
|
|
| |
Mode is always != 0 at this point (QLocalServer::WorldAccessOption is
a combination of the bits tested later).
Change-Id: I5abfb4e49fdc7903e21398525af05989f40d7f94
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Reviewed-by: BogDan Vatra <bogdan@kde.org>
|
|
|
|
|
| |
Change-Id: Id974abca3ee2be9cb70c380a842e76c0ba1520bd
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|
|
|
|
|
|
|
|
|
|
| |
After the poodle vulnerability SSLv3 should like SSLv2 no longer be
considered safe, so when a user request a safe protocol we should
only allow TLS versions.
[ChangeLog][QtNetwork][QSsl] QSsl::SecureProtocols now also excludes SSLv3
Change-Id: If825f6beb599294b028d706903b39db6b20be519
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
QNetworkDiskCache don't handle to set CookieHeader. so All Set-Cookie's value is invalid.
The root of cause is that metaDataChanged() don't work because of no slot for it.
Add the slot for it and renamed to _q_metaDataChanged.
Task-number: QTBUG-41514
Change-Id: I5cec017e59a1de69c6e89c0bc7209a73dcdc11da
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Jung Dong-Heon <clamp03@gmail.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Set the reply state to "finished" also on errors.
Do a proper string compare to correctly translate
the error codes.
Task-number: QTBUG-42023
Change-Id: I222cc06a47b1f9f89095e8f935f316bf94fd0cd6
Reviewed-by: Caroline Chao <caroline.chao@theqtcompany.com>
Reviewed-by: Richard Moe Gustavsen <richard.gustavsen@digia.com>
|
|
|
|
|
|
|
|
| |
Task-number: QTBUG-41934
Change-Id: Ib92d8a83965e11e2706ef0daba945cb00692d2c5
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-41747
Change-Id: Idb4afea0215b94957a11895c7db97a72ae680804
Reviewed-by: Lorn Potter <lorn.potter@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslError), so
make it public.
Also included both .error() and .certificate() in the hash, as
both of these are used to determine equality (the WinRT version
only used .error()).
[ChangeLog][QtNetwork][QSslError] Can now be used in QSet/QHash.
Change-Id: Ieb7995bed491ff011d4be9dad544248b56fd4f73
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslCertificate), so
make it public.
Also, the implementation in qsslsocket_winrt.cpp simply hashed
the handle(), which violates the principle that equal instances
must hash to the same value. Also, for some platforms, the
implementation returns nullptr unconditionally, which, while not
violating the above-mentioned principle, will make all users of
the hash have worst-case complexity.
To calculate a meaningful hash, therefore, the certificate needs
to be inspected deeper than just the handle.
For OpenSSL, we use X509::sha1_hash, which also X509_cmp uses
internally to determine inequality (it checks more stuff, but
if X059::sha1_hash is different, X509_cmp() returns non-zero,
which is sufficient for the purposes of qHash()). sha1_hash may
not be up-to-date, though, so we call X509_cmp to make it valid.
Ugh.
For WinRT/Qt, we use the DER encoding, as that is the native
storage format used in QSslCertificate. This is not equivalent
to the implementation used in qsslsocket_winrt.cpp before, but
since handle() == handle() => toDer() == toDer(), it should not
be a problem.
[ChangeLog][QtNetwork][QSslCertificate] Can now be used as a key in QSet/QHash.
Change-Id: I10858fe648c70fc9535af6913dd3b7f3b2cf0eba
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Calling if_nametoindex with an empty string will always return 0, but
on ARM linux platforms this call seems to be very expensive (~30ms),
adding a large overhead to calls such as QUdpSocket::writeDatagram()
Task-number: QTBUG-37092
Change-Id: Iad00867585d9534af1ddaee936dd4e4dc5e03611
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When creating SSL context failed due to unsupported protocol being
demanded, no explanation was given. It's because
QSslContext::fromConfiguration() extracted explanation for error message
from OpenSSL, which at that point hasn't even been called yet. This
patch adds explicit message informing that an unsupported protocol was
chosen.
Task-number: QTBUG-41775
Change-Id: I9d2710da4ba314a16837a90afcdc5d9256179bef
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
|
|
|
|
| |
When QSslCertificatePrivate::certificatesFromDer() was passed count ==
-1 to extract unlimied number of certificates from buffer, it also tried
to parse the 0-sized fragment after the last certificate. This has
caused d2i_X509() to report an error on latest OpenSSL.
Task-number: QTBUG-41774
Change-Id: Ifa36b7ac5b4236bd2fb53b9d7fe53c5db3cb078c
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
| |
Change-Id: Ib13f0ddd65fe78f5559f343f2fc30756b1d3ef76
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Orgad Shaneh <orgads@gmail.com>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For const char*s, operator== is overloaded, so comparing to a (C) string
literal is efficient, since qstrcmp doesn't require the length of the
strings to compare.
OTOH, QByteArrayLiteral, when not using RVO, litters the code with
QByteArray dtor calls, which are not inline. Worse, absent lambdas,
it even allocates memory.
So, just compare with a (C) string literal instead.
Change-Id: Id3bfdc89558ba51911f6317a7a73c287f96e6f24
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|\ |
|