Mac networking: check system keychain for proxy auth

... and not when normal HTTP authentication is required. Also, query the system keychain for the right credentials depending on the URL scheme. Task-number: QTBUG-30434 Change-Id: Ib6f74029b2e0de9734497440e3b0e48cdf73adcb Reviewed-by: Richard J. Moore <rich@kde.org>
2014-06-23 10:20:07 +02:00 · 2014-06-23 10:20:07 +02:00 · f46ce0a0b8
commit f46ce0a0b8
parent a5f3df04af
4 changed files with 24 additions and 22 deletions
--- a/src/network/access/qnetworkaccessbackend.cpp
+++ b/src/network/access/qnetworkaccessbackend.cpp
@ -338,7 +338,7 @@ void QNetworkAccessBackend::error(QNetworkReply::NetworkError code, const QStrin
 void QNetworkAccessBackend::proxyAuthenticationRequired(const QNetworkProxy &proxy,
                                                        QAuthenticator *authenticator)
 {
-    manager->proxyAuthenticationRequired(proxy, synchronous, authenticator, &reply->lastProxyAuthentication);
+    manager->proxyAuthenticationRequired(QUrl(), proxy, synchronous, authenticator, &reply->lastProxyAuthentication);
 }
 #endif

--- a/src/network/access/qnetworkaccessmanager.cpp
+++ b/src/network/access/qnetworkaccessmanager.cpp
@ -99,13 +99,13 @@ bool getProxyAuth(const QString& proxyHostname, const QString &scheme, QString&
    bool retValue = false;
    SecProtocolType protocolType = kSecProtocolTypeAny;
    if (scheme.compare(QLatin1String("ftp"),Qt::CaseInsensitive)==0) {
-        protocolType = kSecProtocolTypeFTP;
+        protocolType = kSecProtocolTypeFTPProxy;
    } else if (scheme.compare(QLatin1String("http"),Qt::CaseInsensitive)==0
               || scheme.compare(QLatin1String("preconnect-http"),Qt::CaseInsensitive)==0) {
-        protocolType = kSecProtocolTypeHTTP;
+        protocolType = kSecProtocolTypeHTTPProxy;
    } else if (scheme.compare(QLatin1String("https"),Qt::CaseInsensitive)==0
               || scheme.compare(QLatin1String("preconnect-https"),Qt::CaseInsensitive)==0) {
-        protocolType = kSecProtocolTypeHTTPS;
+        protocolType = kSecProtocolTypeHTTPSProxy;
    }
    QByteArray proxyHostnameUtf8(proxyHostname.toUtf8());
    err = SecKeychainFindInternetPassword(NULL,
@ -1392,21 +1392,6 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QAuthenticator *authen
        }
    }

-#ifndef QT_NO_NETWORKPROXY
-#if defined(Q_OS_MACX)
-    //now we try to get the username and password from keychain
-    //if not successful signal will be emitted
-    QString username;
-    QString password;
-    if (getProxyAuth(proxy.hostName(),reply->request().url().scheme(),username,password)) {
-        authenticator->setUser(username);
-        authenticator->setPassword(password);
-        authenticationManager->cacheProxyCredentials(proxy, authenticator);
-        return;
-    }
-#endif
-#endif //QT_NO_NETWORKPROXY
-
    // if we emit a signal here in synchronous mode, the user might spin
    // an event loop, which might recurse and lead to problems
    if (synchronous)
@ -1419,7 +1404,8 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QAuthenticator *authen
 }

 #ifndef QT_NO_NETWORKPROXY
-void QNetworkAccessManagerPrivate::proxyAuthenticationRequired(const QNetworkProxy &proxy,
+void QNetworkAccessManagerPrivate::proxyAuthenticationRequired(const QUrl &url,
+                                                               const QNetworkProxy &proxy,
                                                               bool synchronous,
                                                               QAuthenticator *authenticator,
                                                               QNetworkProxy *lastProxyAuthentication)
@ -1435,6 +1421,21 @@ void QNetworkAccessManagerPrivate::proxyAuthenticationRequired(const QNetworkPro
        }
    }

+#if defined(Q_OS_OSX)
+    //now we try to get the username and password from keychain
+    //if not successful signal will be emitted
+    QString username;
+    QString password;
+    if (getProxyAuth(proxy.hostName(), url.scheme(), username, password)) {
+        authenticator->setUser(username);
+        authenticator->setPassword(password);
+        authenticationManager->cacheProxyCredentials(proxy, authenticator);
+        return;
+    }
+#else
+    Q_UNUSED(url);
+#endif
+
    // if we emit a signal here in synchronous mode, the user might spin
    // an event loop, which might recurse and lead to problems
    if (synchronous)
--- a/src/network/access/qnetworkaccessmanager_p.h
+++ b/src/network/access/qnetworkaccessmanager_p.h
@ -113,7 +113,8 @@ public:
                                                             const QAuthenticator *auth = 0);

 #ifndef QT_NO_NETWORKPROXY
-    void proxyAuthenticationRequired(const QNetworkProxy &proxy,
+    void proxyAuthenticationRequired(const QUrl &url,
+                                const QNetworkProxy &proxy,
                                bool synchronous,
                                QAuthenticator *authenticator,
                                QNetworkProxy *lastProxyAuthentication);
--- a/src/network/access/qnetworkreplyhttpimpl.cpp
+++ b/src/network/access/qnetworkreplyhttpimpl.cpp
@ -1220,7 +1220,7 @@ void QNetworkReplyHttpImplPrivate::httpAuthenticationRequired(const QHttpNetwork
 void QNetworkReplyHttpImplPrivate::proxyAuthenticationRequired(const QNetworkProxy &proxy,
                                                        QAuthenticator *authenticator)
 {
-    managerPrivate->proxyAuthenticationRequired(proxy, synchronous, authenticator, &lastProxyAuthentication);
+    managerPrivate->proxyAuthenticationRequired(request.url(), proxy, synchronous, authenticator, &lastProxyAuthentication);
 }
 #endif