Without TLS (and thus ALPN/NPN negotiation) HTTP/2 requires
a protocol upgrade procedure, as described in RFC 7540, 3.2.
We start as HTTP/1.1 (and thus we create QHttpProtocolHandler first),
augmenting the headers we send with 'Upgrade: h2c'. In case
we receive HTTP/1.1 response with status code 101 ('Switching
Protocols'), we continue as HTTP/2 session, creating QHttp2ProtocolHandler
and pretending the first request we sent was HTTP/2 request
on a real HTTP/2 stream. If the first response is something different
from 101, we continue as HTTP/1.1. This change also required
auto-test update: our toy-server now has to respond to
the initial HTTP/1.1 request on a platform without ALPN/NPN.
As a bonus a subtle flakyness in 'goaway' auto-test went
away (well, it was fixed).
[ChangeLog][QtNetwork][HTTP/2] In case of clear text HTTP/2 we
now initiate a required protocol upgrade procedure instead of
'H2Direct' connection.
Task-number: QTBUG-61397
Change-Id: I573fa304fdaf661490159037dc47775d97c8ea5b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
That means a file is never created, unless you ask for the name. There's
no chance of left-over temporary files being left behind. QSaveFile also
benefits from this, since the save file is not present on disk until
commit(). Unfortunately, QSaveFile must go through a temporary name
because linkat(2) cannot overwrite -- we need rename(2) for that (for
now).
[ChangeLog][Important Behavior Changes][QTemporaryFile] On Linux,
QTemporaryFile will attempt to create unnamed temporary files. If that
succeeds, open() will return true but exists() will be false. If you
call fileName() or any function that calls it, QTemporaryFile will give
the file a name, so most applications will not see a difference.
Change-Id: I1eba2b016de74620bfc8fffd14cc843e5b0919d0
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Conflicts:
src/widgets/kernel/qwidget.cpp
This merge also extends the expected output of the pairdiagnostics
teamcity output (added in dev in commit
c608ffc56a) after the recent addition of
the flowId attribute to the teamcity output (commit
8f03656211 in 5.9).
Change-Id: I3868166e5efc45538544fffd14d8aba438f9173c
The test verifies that a cookie with a date in the future is not
"expired" and will be sent to the server. This test started failing
on August 7th 2017 when the test case "0003" with it's cookie expiring
August 7th 2017 started ... expiring ;-)
Bumped all suspicious cookie test cases by a hundred years.
Change-Id: I7c09069ec4999e2ea0aae7b2a2819cced0fd6a99
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
The store is using QSettings under the hood. A user can enable/disable
storing HSTS policies (via QNAM's setter method) and we take care of
the rest - filling QHstsCache from the store, writing updated/observed
targets, removing expired policies.
Change-Id: I26e4a98761ddfe5005fedd18be56a6303fe7b35a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This is the result of running the (experimental) clang-tidy check
qt-modernize-qsharedpointer-create
Discarded changes:
- tst_qsharedpointer.cpp: not sure we want these replacements there
(→ separate change)
- tst_collations.cpp: hit in a template specialization that is
instantiated with both QSharedPointer and QSharedDataPointer.
Change-Id: I203c2646e91d026735d923473af3d151d19e3820
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
tst_qvariant.cpp(80): warning C4309: 'initializing': truncation of constant value
tst_qvariant.cpp(4635): warning C4309: 'initializing': truncation of constant value
tst_qbytearray.cpp(1438): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
tst_qbytearray.cpp(1440): warning C4267: 'argument': conversion from 'size_t' to 'uint', possible loss of data
http2srv.cpp(64): warning C4018: '<=': signed/unsigned mismatch
tst_qinputdialog.cpp(352): warning C4804: '<=': unsafe use of type 'bool' in operation
Change-Id: Id012d88b7b20c5c9f128f2ef53753cc1d479f358
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
If QEMU is provided sysroot with QEMU_LD_PREFIX, it opens files from there. If their
owner is the current user, testing their access rights based on assumption that they
are root fails. Skip the tests in that case similarly as is already done when the
tests are run as root.
This fixes following tests:
- tst_QTemporaryDir::nonWritableCurrentDir
- tst_QNetworkReply::getErrors(file-permissions)
- tst_qstandardpaths::testCustomRuntimeDirectory
Task-number: QTBUG-59966
Change-Id: I972ce37b4b5a7747cdd732a8e4a737ef09cbc6a5
Reviewed-by: Teemu Holappa <teemu.holappa@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Previously we were always setting SpdyWasUsedAttribute for SPDY/HTTP/2/HTTP/1.1
(true/false) which is confusing. Now if HTTP2AllowedAttribute was set to true on
a request, we set HTTP2WasUsedAttribute. Otherwise, as we did before, we're setting
SpdyWasUsedAttribute.
Change-Id: I0c44cfb5469fef0c12719baa951197ee2accee4a
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
It's a Qt 3 compatibility vehicle, and as such inherits the now-alien
property to distinguish empty and null strings. Particularly worrisome
is the following asymmetry:
QString("") == QString::null // false
QString("") == QString(QString::null) // true
Instead of fixing this behavior, recognize that people might use it as
a weird way to call isNull(), albeit one that once was idiomatic, and
simply deprecate everything that deals with QString::null.
[ChangeLog][QtCore][QString] QString::null is now deprecated. When
used to construct a QString, use QString() instead. When used to
compare to a QString, replace with QString::isNull().
Change-Id: I9f7e84a92522c75666da15f49324c500ae93af42
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Anton Kudryavtsev <antkudr@mail.ru>
Replace all QT_NO_PROCESS with QT_CONFIG(process), define it in
qconfig-bootstrapped.h, add QT_REQUIRE_CONFIG(process) to the qprocess
headers, exclude the sources from compilation when switched off, guard
header inclusions in places where compilation without QProcess seems
supported, drop some unused includes, and fix some tests that were
apparently designed to work with QT_NO_PROCESS but failed to.
Change-Id: Ieceea2504dea6fdf43b81c7c6b65c547b01b9714
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
After it started to fail (somehow it's only OpenSUSE 42.1) again and again
and after a quick re-evaluation it appears the logic testing SETTINGS|ACK
is incorrect. We (client side) start by sending the preface and then
continue to send our request(s). The other side (server) starts from sending its
SETTINGS frame. These settings must be ACKed, but apparently it can happen,
that server receives a requests and sends a reply before it receives SETTINGS|ACK,
resulting in replyFinished (replyFinishedWithError) signal and event loop stopping.
As a result - QVERIFY(serverGotSettingsACK) fails.
Task-number: QTBUG-58758
Change-Id: I8184cf459b2b88f70c646171e0115c184237fad1
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
HTTP Strict Transport Security (HSTS) is a web security policy that
allows a web server to declare that user agents should only interact
with it using secure HTTPS connections. HSTS is described by RFC6797.
This patch introduces a new API in Network Access Manager to enable
this policy or disable it (default - STS is disabled).
We also implement QHstsCache which caches known HTTS hosts, does
host name lookup and domain name matching; QHstsHeaderParser to
parse HSTS headers with HSTS policies.
A new autotest added to test the caching, host name matching
and headers parsing.
[ChangeLog][QtNetwork] Added HTTP Strict Transport Security to QNAM
Task-number: QTPM-238
Change-Id: Iabb5920344bf204a0d3036284f0d60675c29315c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
With this new policy, after emitting 'redirected', QNetworkReplyHttpImpl
waits for client code to decide if QNAM should follow this redirect or
not. The client can either allow this redirect by emitting 'redirectAllowed'
or abort the reply.
Task-number: QTPM-236
Change-Id: Ia04619f6bd1f0caa477833ae859b24033027b2e1
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
This patch makes it possible to enable/disable redirects on QNAM
level (before it was per-request only). This policy would be applied
to all subsequent requests* created by QNAM.
The policies we support at the moment:
a. Manual - that's what we always had - it's up to a user to handle
redirects.
b. NoLessSafeRedirectsPolicy - we allow http->http, http->https and
https->https redirects, but no protocol 'downgrade' (no
https->http redirects).
c. SameOriginPolicy - we check that protocol/host/port are
the same.
Updated tst_qnetworkreply.
*We previously were enabling redirect for each request, by
setting FollowRedirectsAttribute on QNetworkRequest object.
For backward compatibility this attribute has a higher priority
(if set) than QNAM's policy (and it will work as NoLessSafeRedirectsPolicy).
[ChangeLog][QtNetwork] Added redirects policy to QNAM
Task-number: QTPM-239
Task-number: QTPM-237
Change-Id: I493d1728254b71b61b5504937e8e01dca5953527
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Sometimes it is desirable to use a new connection but keep already
entered user credentials for usability reasons. This is now possible by
clearing the connection cache (but keeping the authentication cache).
Change-Id: I2f5f64836ce19f81c8525701783a3da823dd468e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
- Fix the case when we erroneously handled stream ID == 0 in a GOAWAY frame as
an invalid stream ID.
- _q_receivedReply: convert do{}while() loop into to while(){} to prevent
it from handling any frames after GOAWAY frame received and all active frame
finished.
- sendRequest - if we received GOAWAY, also clear spdyRequests in the connection
channel, otherwise it keeps re-trying to send requests!
- Http network connection channel never resets a protocolHandler in _q_encrypted/
_q_connected, which is BAD for HTTP/2, since HTTP/2 has unique per-connection
compression context and must be reset - now we recreate the protocol handler in
_q_encrypted or _q_connected (https/http).
- Update autotest.
Task-number: QTBUG-57600
Change-Id: Ib864ce52287bab23334ff43a83ba4b0b7cb52c60
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
... after a member-function declaration: this would be a compilation error
anywhere outside of a class-definition, allowed as 'opt' inside a class-definition
and essentially not needed at all (and is already different from other
member-functions we have in the same code).
Change-Id: Ia689a41bf2a1052cd19eb8fb4766ed9635c20c88
Reviewed-by: Jesus Fernandez <jesus.fernandez@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Consistent with other Unix platforms, and internally consistent between tests,
as a lot of tests were already applying CONFIG -= app_bundle manually.
Change-Id: Icd2b7e1c08015b26137af60ff82fddbc753f0ff4
Reviewed-by: Jake Petroules <jake.petroules@qt.io>
HTTP/2 allows a server to pre-emptively send (or "push") responses (along
with corresponding "promised" requests) to a client in association with a
previous client-initiated request. This can be useful when the server
knows the client will need to have those responses available in order
to fully process the response to the original request.
Server push is semantically equivalent to a server responding to a request;
however, in this case, that request is also sent by the server, as a
PUSH_PROMISE frame.
The PUSH_PROMISE frame includes a header block that contains a complete set
of request header fields that the server attributes to the request.
After sending the PUSH_PROMISE frame, the server can begin delivering the
pushed response as a response on a server-initiated stream that uses the
promised stream identifier.
This patch:
- fixes the HPACK decompression of PUSH_PROMISE frames;
- allows a user to enable PUSH_PROMISE;
- processes and caches pushed data for promised streams;
- updates auto-test - emulates a simple PUSH_PROMISE
scenario.
Change-Id: Ic4850863a5e3895320baac3871a723fc091b4aca
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
There are more than 1000 new entries since the table has been
generated the last time. The autotest needs to be tweaked
because the rules for the .mz domains have changed; use the
.ck domain instead.
Change-Id: Ife692afd46ac41a66604e966e5e8cb57c7aa649c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
... and move toString() implementations there which were repeated in
network tests, or #ifdef'ed in qtest.h.
Since the functions moved from network tests are now in a public header,
had to massage them a bit to pass headersclean:
- replace Q_FOREACH with C++11 range-for
- avoid implicit conversion from QByteArray -> const char* (done by
re-using toString(QByteArray) instead of calling strdup() manually)
Also made the functions overloads instead of specializations. This
allows to pass the enum by value instead of by const-&.
Like the existing QHostAddress, the newly-added toString() overloads are
marked as \internal. We can decide later whether to turn them into
public API.
Change-Id: I8c23db7a0a6575273567017d42d7b2a957acece8
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Move the different parts of configure.json/.pri into the libraries where
they belong.
Gui is not yet fully modularized, and contains many things related to
the different QPA plugins.
Done-with: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Change-Id: I6659bb29354ed1f36b95b8c69e7fce58f642053f
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Source (.cpp and .h) files should not be executable.
Change-Id: I021d8733185d73d071fcaf3df7e529862a490b63
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Debug code is suppressed; let someone investigating a problem be able
to turn it on/off by just editing one byte instead of each line of the
block of debug code.
Change-Id: Iba06df4042d9126d3a5d0873e524ef504c19d3de
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
The (event) loop member spends most of its time NULL, so make sure
slots that dereference it can't trip up if called asynchronously when
it is.
Change-Id: If634df0ecf9650b52621bdb5a3e9f151abbc18fc
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Restructure an if { if/else} else chain so that it reads more logically.
Change-Id: I0d9a68451147d2b7e6a6d01cf7bee1a64b9902a7
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
If SSL was unavailable but requested (should never happen)
MiniHttpServer::incomingConnection() would have crashed on
dereferencing unset member client. Rework the run-time conditioning
on SSL to sit entirely inside the #if-ery on SSL support, so that
client is at least set in each code-path.
Change-Id: I9a8ee8e4186e16dd0d00b7f9cc9b988f0b4c62ff
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Moved a line of code that appeared after each call to setupSslServer()
into that function and replaced a copy of its code with a call to it.
Moved a line from the end of both branches of an if/else to after it.
Change-Id: I74ef3e643e41ce0279a6de7f4828baea4423f267
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Many struct, class and function bodies had their open braces on the
declaring line rather than on a line of their own. Split some lines
up and joined others in the course of resolving. Removed a stray
semicolon after a constructor body.
Change-Id: I492233ca8c499f13ebe4b7d63349382e5eaa1e19
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
The whole point of this pattern is that the macro can be used with a
semi-colon after it and be a single statement; if it has a semicolon
in it, that makes it two (so, e.g., using it as the body of an if,
without braces, won't let you follow it with an else).
Change-Id: I57aca35898711ca24e10ddab73e075d361ef7eb8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Introduce new entity: class Http2::Frame with accessors like
payloadSize/type/flags/streamID etc. (they actually read
/interpret raw bytes from a frame's buffer) instead of
duplicating this functionality in reader/writer classes.
Delete defaulted members and remove explicitly defined
move ctors/operators (not needed actually).
Update auto-test ('HTTP/2 server') to use these new classes.
Change-Id: Ie3516efbd095704e212142eef9e792323678ccfa
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Use the new qtConfig macro in all pro/pri files.
This required adding some feature entries, and adding
{private,public}Feature to every referenced already existing entry.
Change-Id: I164214dad1154df6ad84e86d99ed14994ef97cf4
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Since headersFrame is a reference to a vector's element, clearing this
vector before accessing headersFrame.flags is not a good idea, must be
done later.
Change-Id: I80eee0761ac1cad580e979be9371ec7588a694ac
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Recently enabled cleartext fails to build with QT_NO_SSL - fix
test and QNAM.
Change-Id: I467edab8e4eb5113715ad2d3b3022e0d8c027de8
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
