From 4b7ff8e98c0208273a25d84e1f0322cad5bce2bf Mon Sep 17 00:00:00 2001 From: Timur Pocheptsov Date: Thu, 13 Sep 2018 12:59:59 +0200 Subject: Protect HSTS code for no-feature-settings build MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Under the hood we use QSettings to store HSTS policies. Qt configured with 'no feature settings' would fail to build then. For such builds, we fall back to in-memory only HSTS cache. Change-Id: I6df551d8c6c96d982080a51ce6b1bdce71d04b9f Reviewed-by: MÃ¥rten Nordheim Reviewed-by: Edward Welbourne --- src/network/access/qhsts.cpp | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'src/network/access/qhsts.cpp') diff --git a/src/network/access/qhsts.cpp b/src/network/access/qhsts.cpp index 43a8a3663e..af913ca015 100644 --- a/src/network/access/qhsts.cpp +++ b/src/network/access/qhsts.cpp @@ -37,13 +37,16 @@ ** ****************************************************************************/ -#include "qhstsstore_p.h" #include "qhsts_p.h" #include "QtCore/private/qipaddress_p.h" #include "QtCore/qvector.h" #include "QtCore/qlist.h" +#if QT_CONFIG(settings) +#include "qhstsstore_p.h" +#endif // QT_CONFIG(settings) + QT_BEGIN_NAMESPACE static bool is_valid_domain_name(const QString &host) @@ -83,8 +86,10 @@ void QHstsCache::updateFromHeaders(const QList> &h QHstsHeaderParser parser; if (parser.parse(headers)) { updateKnownHost(url.host(), parser.expirationDate(), parser.includeSubDomains()); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->synchronize(); +#endif // QT_CONFIG(settings) } } @@ -93,12 +98,14 @@ void QHstsCache::updateFromPolicies(const QVector &policies) for (const auto &policy : policies) updateKnownHost(policy.host(), policy.expiry(), policy.includesSubDomains()); +#if QT_CONFIG(settings) if (hstsStore && policies.size()) { // These policies are coming either from store or from QNAM's setter // function. As a result we can notice expired or new policies, time // to sync ... hstsStore->synchronize(); } +#endif // QT_CONFIG(settings) } void QHstsCache::updateKnownHost(const QUrl &url, const QDateTime &expires, @@ -108,8 +115,10 @@ void QHstsCache::updateKnownHost(const QUrl &url, const QDateTime &expires, return; updateKnownHost(url.host(), expires, includeSubDomains); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->synchronize(); +#endif // QT_CONFIG(settings) } void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, @@ -137,8 +146,10 @@ void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, } knownHosts.insert(pos, {hostName, newPolicy}); +#if QT_CONFIG(settings) if (hstsStore) hstsStore->addToObserved(newPolicy); +#endif // QT_CONFIG(settings) return; } @@ -149,8 +160,10 @@ void QHstsCache::updateKnownHost(const QString &host, const QDateTime &expires, else return; +#if QT_CONFIG(settings) if (hstsStore) hstsStore->addToObserved(newPolicy); +#endif // QT_CONFIG(settings) } bool QHstsCache::isKnownHost(const QUrl &url) const @@ -187,10 +200,12 @@ bool QHstsCache::isKnownHost(const QUrl &url) const if (pos != knownHosts.end()) { if (pos->second.isExpired()) { knownHosts.erase(pos); +#if QT_CONFIG(settings) if (hstsStore) { // Inform our store that this policy has expired. hstsStore->addToObserved(pos->second); } +#endif // QT_CONFIG(settings) } else if (!superDomainMatch || pos->second.includesSubDomains()) { return true; } @@ -221,6 +236,7 @@ QVector QHstsCache::policies() const return values; } +#if QT_CONFIG(settings) void QHstsCache::setStore(QHstsStore *store) { // Caller retains ownership of store, which must outlive this cache. @@ -248,6 +264,7 @@ void QHstsCache::setStore(QHstsStore *store) updateFromPolicies(restored); } } +#endif // QT_CONFIG(settings) // The parser is quite simple: 'nextToken' knowns exactly what kind of tokens // are valid and it will return false if something else was found; then -- cgit v1.2.3