There was still a TODO left in there and the data was never filled.
In addition to filling the data, some pointer checks for addr and port
were added.
Task-number: QTBUG-42244
Change-Id: I8e358b5544edcdb4077a52f433e4bc17d92014ce
Reviewed-by: Andrew Knight <andrew.knight@theqtcompany.com>
This allows apps to ship their own openssl libraries inside the
application bundle.
The change consists of two parts: First, adding
<bundle>/Contents/Frameworks
to the alternative search paths. Second, disabling the preemtive
check for libssl.dylib, libcrypto.dylib in the system paths:
The system's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib
will still be picked up as a fallback in the alternative search
paths, but only after .app/Contents/Frameworks have been inspected.
[ChangeLog][QtNetwork][QSsl] On OS X and iOS, openssl dylib's are
picked up from the 'Frameworks' directory of the app bundle.
Change-Id: I982930f4a6cf5e0114c04ecbc87f27e54ba8bb88
Reviewed-by: Jake Petroules <jake.petroules@petroules.com>
QIODevice makes readData() call only when its read buffer is empty.
Also data argument points to the user or reserved read buffer area.
So, no need in data transfer from read buffer at this point at all.
Task-number: QTBUG-41797
Change-Id: Ieb4afdf7eec37fdf288073e4a060e64424f22b9c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
(cherry picked from commit 1853579dad1bbb44599314213a1d8a203ecae1c9)
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Since QNAM is initialized with defaultConfiguration, we need to
reset the internal configuration used to the current
defaultConfiguration when the state changes and a new configuration
becomes the default.
Task-number: QTBUG-40234
Change-Id: I50f23c62804f29370915eecac2c92301c5f3ead2
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
Reviewed-by: Alex Blasche <alexander.blasche@digia.com>
When sending a second request with implied credentials the connection
used may be cached as a connection without credentials, and thereby
incorrectly reused later for other connections with different implied
credentials.
This patch updates the credentials a cached http-connection is using
before sending a request on it.
Task-number: QTBUG-39456
Change-Id: I1609234136a89c32e00432a67720cd62a73a488a
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Fixes errors like
qsslsocket_openssl_symbols.cpp:111:6: error:
unused function 'qsslSocketUnresolvedSymbolWarning'
[-Werror,-Wunused-function]
void qsslSocketUnresolvedSymbolWarning(const char *functionName)
^
1 error generated.
Change-Id: I164518de583f080724ab9a7165c885602a1c6231
Reviewed-by: Richard J. Moore <rich@kde.org>
If requestedServerName is a full path e.g. "/tmp/some/long/path" the
temp path will end up "/tmp/some/long/path.balblabla/tmp/some/long/path"
and it might fail because it doesn't fit in addr.sun_path.
Change-Id: I6a138fd92be9e0b3b432ab9ac977d04cb330f3fd
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
The temp socket is in a safe place. There is no need to set any
permissions at this point.
Change-Id: I18ea4b71b7c20db65dc46c57ddc5d34d8b93f577
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Mode is always != 0 at this point (QLocalServer::WorldAccessOption is
a combination of the bits tested later).
Change-Id: I5abfb4e49fdc7903e21398525af05989f40d7f94
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Reviewed-by: BogDan Vatra <bogdan@kde.org>
After the poodle vulnerability SSLv3 should like SSLv2 no longer be
considered safe, so when a user request a safe protocol we should
only allow TLS versions.
[ChangeLog][QtNetwork][QSsl] QSsl::SecureProtocols now also excludes SSLv3
Change-Id: If825f6beb599294b028d706903b39db6b20be519
Reviewed-by: Richard J. Moore <rich@kde.org>
QNetworkDiskCache don't handle to set CookieHeader. so All Set-Cookie's value is invalid.
The root of cause is that metaDataChanged() don't work because of no slot for it.
Add the slot for it and renamed to _q_metaDataChanged.
Task-number: QTBUG-41514
Change-Id: I5cec017e59a1de69c6e89c0bc7209a73dcdc11da
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Jung Dong-Heon <clamp03@gmail.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Set the reply state to "finished" also on errors.
Do a proper string compare to correctly translate
the error codes.
Task-number: QTBUG-42023
Change-Id: I222cc06a47b1f9f89095e8f935f316bf94fd0cd6
Reviewed-by: Caroline Chao <caroline.chao@theqtcompany.com>
Reviewed-by: Richard Moe Gustavsen <richard.gustavsen@digia.com>
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslError), so
make it public.
Also included both .error() and .certificate() in the hash, as
both of these are used to determine equality (the WinRT version
only used .error()).
[ChangeLog][QtNetwork][QSslError] Can now be used in QSet/QHash.
Change-Id: Ieb7995bed491ff011d4be9dad544248b56fd4f73
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslCertificate), so
make it public.
Also, the implementation in qsslsocket_winrt.cpp simply hashed
the handle(), which violates the principle that equal instances
must hash to the same value. Also, for some platforms, the
implementation returns nullptr unconditionally, which, while not
violating the above-mentioned principle, will make all users of
the hash have worst-case complexity.
To calculate a meaningful hash, therefore, the certificate needs
to be inspected deeper than just the handle.
For OpenSSL, we use X509::sha1_hash, which also X509_cmp uses
internally to determine inequality (it checks more stuff, but
if X059::sha1_hash is different, X509_cmp() returns non-zero,
which is sufficient for the purposes of qHash()). sha1_hash may
not be up-to-date, though, so we call X509_cmp to make it valid.
Ugh.
For WinRT/Qt, we use the DER encoding, as that is the native
storage format used in QSslCertificate. This is not equivalent
to the implementation used in qsslsocket_winrt.cpp before, but
since handle() == handle() => toDer() == toDer(), it should not
be a problem.
[ChangeLog][QtNetwork][QSslCertificate] Can now be used as a key in QSet/QHash.
Change-Id: I10858fe648c70fc9535af6913dd3b7f3b2cf0eba
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Calling if_nametoindex with an empty string will always return 0, but
on ARM linux platforms this call seems to be very expensive (~30ms),
adding a large overhead to calls such as QUdpSocket::writeDatagram()
Task-number: QTBUG-37092
Change-Id: Iad00867585d9534af1ddaee936dd4e4dc5e03611
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
When creating SSL context failed due to unsupported protocol being
demanded, no explanation was given. It's because
QSslContext::fromConfiguration() extracted explanation for error message
from OpenSSL, which at that point hasn't even been called yet. This
patch adds explicit message informing that an unsupported protocol was
chosen.
Task-number: QTBUG-41775
Change-Id: I9d2710da4ba314a16837a90afcdc5d9256179bef
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
When QSslCertificatePrivate::certificatesFromDer() was passed count ==
-1 to extract unlimied number of certificates from buffer, it also tried
to parse the 0-sized fragment after the last certificate. This has
caused d2i_X509() to report an error on latest OpenSSL.
Task-number: QTBUG-41774
Change-Id: Ifa36b7ac5b4236bd2fb53b9d7fe53c5db3cb078c
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
For const char*s, operator== is overloaded, so comparing to a (C) string
literal is efficient, since qstrcmp doesn't require the length of the
strings to compare.
OTOH, QByteArrayLiteral, when not using RVO, litters the code with
QByteArray dtor calls, which are not inline. Worse, absent lambdas,
it even allocates memory.
So, just compare with a (C) string literal instead.
Change-Id: Id3bfdc89558ba51911f6317a7a73c287f96e6f24
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
... so that a user can have more fine-grained uploadProgress signal
emissions if desired.
Change-Id: I9f77fd80c100dbe249beaf3057e6e8974680ec59
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
My previous fix for CPU load issues between HTTP thread
and user thread was fragile if the upload QIODevice
emitted readyRead() multiple times.
[ChangeLog][QtNetwork][QNetworkAccessManager] Fix behavior of upload QIODevice
that generate data on readyRead() for HTTP PUT/POST
Change-Id: Idb1c2d5a382a704d8cc08fe03c55c883bfc95aa7
Reviewed-by: Christian Kamm <kamm@incasoftware.de>
Reviewed-by: Richard J. Moore <rich@kde.org>
Remove an useless check which spontaneously allow direct reads from the
socket engine.
Change-Id: Ia3d2a572d6f1563d613fe2f00d0d6849df259827
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
socket(2) is allowed to return 0, so 0 should not be included
when checking for errors.
Change-Id: I0454ea60347d90078d3ab3046969add8d5c37935
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
device is private, always null and class has no friends, so no need to have it at all
Change-Id: I320d47f1a712a3202c08b494563533e29d185501
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
The symptoms were made apparent in the xmlpatterns command line
utility when trying to use the synchronous HTTP code path in
QXmlQuery for fetching schemas.
Change-Id: I93b283fdec4b501a5c1fc646f7ddc30d8407f5ae
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
Heuristic with last-modified time in Qt has some problems.
1) Remove redundant expirationDate.isInvalid() check
expirationDate.isInvalid is already checked. So I removed.
2) Add dateHeader.isInvalid() check
The dateHeader is used in expiration calculation.
I add invalid check for the dateHeader.
*. The dateHeader is the origin server's Date
3) Change diff time calculation.
The expirationDate is calculated with time diff.
Previous calculation is
// The lastModified is earlier than the currentDateTime.
// The diff has negative value.
int diff = currentDateTime.secsTo(lastModified);
// The expirationDate is earlier than lastModified
// , currentDateTime and dateHeader.
expirationDate = lastModified.addSecs(diff / 10);
*. currentDateTime: current time
*. lastModified: last modified date in server
It means that files are not cached with the heuristic.
I changed diff calculation.
int diff = lastModified.secsTo(dateHeader);
freshness_lifetime = diff / 10; // RFC 2616 13.2.4
4) httpRequest.headerField setting
If current_age is larger than 1 day, the cache MUST attach Warning 113.
*. The current_age is value of age in header
or elapsed time from dateHeader in Qt source code.
Previous code does not check current_age is larger than 1 day correctly.
// dt = 1970-01-01T00:00:00 + current_age
dt.setTime_t(current_age);
// currentDateTime is much bigger than 1970-01-01T00:00:00
if (dt.daysTo(currentDateTime) > 1)
Task-number: QTBUG-40836
Change-Id: I4b00c3b287e6fafeea6b02681533fe75a198247e
Reviewed-by: Jung Dong-Heon <dongheon.jung@lge.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
QIODevice makes readData() call only when its read buffer is empty.
Also data argument points to the user or reserved read buffer area.
So, no need in data transfer from read buffer at this point at all.
Change-Id: Ieb4afdf7eec37fdf288073e4a060e64424f22b9c
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
In some cases, e.g. when bad credentials are provided in an ftp URI,
QNetworkAccessAuthenticationManager::cacheCredentials is called with a
null authenticator. This authenticator should not be cached, because
it is useless, and leads to inconsistencies in the use of the cache
Task-number: QTBUG-40622
Change-Id: If2a0a422b915f268648f5eef1d68601446123371
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
This makes non-OpenSSL backends able to handle to certificate
extensions.
This also converts the Q_OS_WINRT #ifdef's in the unit test to
QT_NO_OPENSSL as the behavior is the same for any non-OpenSSL
backend.
Change-Id: I6a8306dc5c97a659ec96063d5a59cee2ee9a63a9
Reviewed-by: Richard J. Moore <rich@kde.org>
I was actually wondering if the test always succeeds (i.e. should
be turned into a Q_ASSERT), but I don't know the codebase enough to
justify such a change.
Change-Id: Id01b8de7244428e9b1c240dc365c66eeef0d6111
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This adds support for reading and writing ASN.1 boolean
values. It also adds an operator to test two ASN.1 elements
for equality.
Change-Id: I4a22cbf9808533d593fc59d27b63caaf650b1f57
Reviewed-by: Richard J. Moore <rich@kde.org>
udpSocket() can only be called after the socket descriptor is set.
Change-Id: If651ff58507cd66c98de4b699a80149913d9ffcf
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This adds the infrastructure for reading and writing encrypted private keys
when using non-OpenSSL backends. Each platform must provide its cryptographic
encrypt / decrypt functions.
As WinRT already uses the common parser, this commit includes an
implementation for that platform.
Done-with: Andrew Knight <andrew.knight@digia.com>
Task-number: QTBUG-40688
Change-Id: I0d153425ce63601ff03b784a111e13962061025f
Reviewed-by: Richard J. Moore <rich@kde.org>
This change adds the ability to decode ASN.1 INTEGER fields,
provided they represent a positive number of less than 64-bit.
This is needed for PKCS#12 decoding.
Change-Id: Iafb76f22383278d6773b9e879a8f3ef43c8d2c8f
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
QSslKey currently has methods which supposedly allow decoding and
encoding private keys as DER protected by a passphrase. This is
broken by design as explained in QTBUG-41038, as storing the encrypted
DER data alone makes no sense: such a file lacks the necessary
information about the encryption algorithm and initialization vector.
This change:
- explicitly stops using the passphrase when decoding DER in the
constructor. The behavior is unchanged, it is not possible to
read the encrypted DER alone.
- refuses to honor the passphrase to DER encode a private key. The toDer
method now outputs an empty QByteArray instead of garbage.
Task-number: QTBUG-41038
Change-Id: I4281050cf1104f12d154db201a173633bfe22bd9
Reviewed-by: Richard J. Moore <rich@kde.org>
Move from a stub to a functional SSL socket implementation.
This implementation has some limitations. Due to the way the native
SSL upgrade works, it is not possible to ignore SSL errors after the
handshake has begun. The user must set the ignore flags before
connecting to the host.
Due to missing implementation in the underlying native socket, the
synchronous methods (waitForConnected(), waitForDisconnected()) are not
functional either. Users must rely on the asynchronous methods instead.
This is not a problem in the general case, as HTTP(S) is not affected.
SSL server sockets are not supported by the native API, so it is not
possible to bind an SSL server socket.
Change-Id: Id0b323f273892580b294aa5a6ff601a8241470df
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
The native handle and import functions are now available for use in other
parts of the winrt backend.
Change-Id: I07e6f95b3411c3dc7c1a7a164544b18e5e435d01
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This internal implementation of QSslKey can be used when OpenSSL is not
available. Encrypted keys are not supported, as the cryptography must
be supplied by a separate library.
With this commit, WinRT is migrated to the new implementation,
but qsslkey_winrt.cpp is left in place so that the missing crypto
implementation can be added later. This also means most of the expected
failures for that platform can be removed from the autotest.
Change-Id: I24a3ad1053bb72311613b28b3ae845aa1645a321
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Simplify the temporary buffer usage by using the built-in WinRT Buffer
class. This also allows one use of the local event loop to be removed.
Change-Id: Ice552910227ffbe31c6e8716ff7896af7c4532ef
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
This stores the socket pointer in the descriptor, rather than an
abitrary handle, so that it is easier to access from e.g. SSL socket.
To further support SSL sockets, a special case for SSL sockets is
made so that the the socket reader installation can be delayed until
after the socket is encrypted (as this is the only supported mode of
operation with StreamSocket).
Change-Id: I693229189722dc43b221b167e8256f5497a50346
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Similarly to 1b19f660 (which added socket flushing before close), the
socket should have a chance to disconnect if the write buffer is not
empty. Instead of flushing, the pendingClose is added so that the
backend may disconnect the socket once these bytes have been written.
Change-Id: I2d85b6356c3e158bade3d5d86161d3e33649cad6
Reviewed-by: Richard J. Moore <rich@kde.org>
This moves the socket backend's host name matching functions up to
QSslSocketPrivate so that they can be shared between backends. This
works, as there is no OpenSSL-specific code here.
Change-Id: I73c2081fdc2e60a44c90e90800d1e1877391a626
Reviewed-by: Richard J. Moore <rich@kde.org>
Having QAsn1Element in place, we can have a common foundation
for the ssl certificate class for upcoming ports like WinRT
and SecureTransport. The only thing that has to be added to
the existing class is the handle() functionality.
Change-Id: I560a8e412b26f350855c7bc456fcdb8e9b750939
Reviewed-by: Richard J. Moore <rich@kde.org>
This element can be used for backends that do not offer all the
information that is needed when implementing a ssl certificate backend.
WinRT and the SecureTransport lack functionality in this area for
example.
The sources and tests are added for ssl and openssl configurations in order
to be tested. The condition for adding these can be changed as soon
as they are used by an actual implementation
Change-Id: I2b836133105afdc178bf3b1ee7d732bea069effa
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This commit should fix proxy authentication when NTLM is used.
NTLM differs from normal HTTP(S) authentication by having 2 roundtrips
instead of 1, some parts of our code however were not prepared for that.
I've tested this patch with Microsoft Forefront, both with normal
NTLM and with NTLM SSPI (in Windows domain).
I removed an optimization added in 3c3ea9a8, I could not see that behavior
anymore. That commit was the wrong fix in my opinion.
[ChangeLog][QtNetwork] Fix NTLM (SSPI) Proxy Authentication (HTTP/HTTPS)
Task-number: QTBUG-30829
Task-number: QTBUG-35101
Change-Id: Idcc9c0dbf388b011d49f2806e9a6dd55ebc35cec
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
In cases where a cached ftp connection fails to connect, or a file
transfer has failed, we should removed the cached connection. Since qnam
has an idea of a single internal QFtp per full operation, when file
transfers failed previously the cached connection would be reused for
subsequent connections and thus fail.
[ChangeLog][QtNetwork][QNetworkAccessManager] QNetworkAccessManager now
properly handles FTP transfer failures by removing failed cached ftp
connections.
Task-number: QTBUG-40797
Change-Id: Ie090a39ceddd7e58a0d8baf7d01f2a08c70162e5
Reviewed-by: Richard J. Moore <rich@kde.org>
This allows for opening of public key files. It does not, however,
support opening private keys (or decrypting/encrypting them). This is
due to limitations in the native API.
Nearly all public key tests pass (the native API doesn't support the
40-bit key in the test set). The private key tests are expected to fail.
Task-number: QTBUG-40688
Change-Id: Id8f2f1ae6526540736ceb2e5371f6a5d80c4ba7b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
The change creates a stub implementation for WinRT, adding the needed
files and classes to build SSL support on that platform.
Task-number: QTBUG-37497
Change-Id: Idc3e8aa91c5eb8a938705f2385d1074fe6c1d83e
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Manually included changes from
3a347a4e70
in src/opengl/qgl.cpp.
Conflicts:
src/opengl/qgl_qpa.cpp
src/plugins/platforms/android/androidjnimain.cpp
Change-Id: Ic26b58ee587d4884c9d0fba45c5a94b5a45ee929
These methods assumed incoming data would have LF line endings, and
therefore broke when parsing files with CRLF line endings. This
simply removes the line feed from the header/footer strings, and switches
to QByteArrayLiteral while doing so.
Change-Id: I0c14634243c4bd7d19a6b5ef718b6ed1cc6bcdb2
Reviewed-by: Richard J. Moore <rich@kde.org>
This allows QSslKey to avoid converting to pem format if the backend
supports native der decoding.
Change-Id: I0822a21401ad0ca81c6eeb6c7d53c421e1e2e93a
Reviewed-by: Richard J. Moore <rich@kde.org>
We have to document because we don't know how to fix the bug and don't
know when they will be fixed. We should also disable the unit tests
related to those functions, as they probably cause CI instability.
Task-number: QTBUG-24451
Change-Id: I0e60682ec4af7570258b13735339051ba8f4a6e4
Reviewed-by: David Faure <david.faure@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
In order to prepare the addition of WinRT and iOS (SecureTransport)
implementations of SSL the structure of some SSL files has to be
redone. Parts of certificate that probably can be reused by other
ports stayed in qsslcertificate.cpp while other parts were moved
to qsslcertificate_openssl.cpp. qsslcontext, qsslkey and qsslsocket
were suffixed by _openssl to show that these are pure openssl
implementations.
Change-Id: I7b022dec49759f882274999c0991bf95788f2a3a
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Lots of code depended on an indirect includes from qstringlist.h.
Change-Id: I33d0dce33d64302d6c0e49180cc1249b90ab27c5
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
If this fails, we want to know about it when trying to debug.
Change-Id: I33f05186e93fcd9284a7e7c609d00fe7ac87cd4e
Reviewed-by: Richard J. Moore <rich@kde.org>
FD types differ depending on the platform, so using the stream form is the
easiest way to make this work.
Change-Id: I00b1a303f3d865fe5e89ba97bd438c51c6cd8f09
Reviewed-by: Richard J. Moore <rich@kde.org>
Some Linux distributions disable EC by default which causes compile
errors on those platforms.
Task-number: QTBUG-40394
Change-Id: If5816d473bd1d64b1d4977860db662704a83310f
Reviewed-by: Richard J. Moore <rich@kde.org>
In some cases, depending on the proxy server response, the current
implementation of QHttpSocketEngine may write to memory beyond the
allocated buffer size. That will trigger undefined behavior on UNIX
systems and a buffer overrun exception if compiled with visual studio.
Change-Id: I5769d10c56b6a7483d6d94672aa4321287b82651
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
This fixes high CPU load for upload devices that don't generate
a constant stream of data. Their readData() function was called all the
time without returning actual data.
This was noticed when implementing an upload device that emits data in
a limited way for bandwidth limiting.
[ChangeLog][QtNetwork][QNetworkAccessManager] Fixed high CPU load when handling
POST/upload QIODevice that generates data on readyRead().
Change-Id: Iefbcb1a21d8aedef1eb11761232dd16a049018dc
Reviewed-by: Richard J. Moore <rich@kde.org>
At the moment, there is no stream information in the cache file. This
can lead to a problem when current stream version differs from version
cache file written with.
As an example, if file written with Qt 5.1.1, QTimeDate in the metadata
stored as 13-bytes value, but Qt 5.2 and later can read additional 4
bytes which breaks following data, leading to network request just hangs
forever.
Adding stream version fixes this problem.
As cache format changed, cache version bumped.
Task-number: QTBUG-36219
Change-Id: I467d8c9fda82bcf9302192f51e7a00d2f6a9ff66
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Replaces the raw jni calls with our own jni wrappers. This allows us
to make use of the centralized cache, avoid global data storage and
use a more optimized way to attach to the jni environment.
This change also removes the JNI_OnLoad() function since it's not
used. If we need to add a JNI_OnLoad() function later, we should find a
more suited place for it.
Change-Id: Id84ead10c27d03d19c160304b1f9853b381a103c
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
Replacement for the the generic bearer plugin.
Compared to the generic bearer engine, this plugin provides a more
detailed overview of the network configurations on Android.
Added features are:
- Correct bearer type, also for mobile connections.
- Connection state (e.g., roaming).
- Data statistics (On devices that supports it).
- Polling is not required.
Change-Id: I728cb91e04a66343648c0add6be2a003caca0f1f
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
This allows QtWebEngine to use the class API on top of the
Chromium network stack.
Change-Id: If595e30cfa6ecdc62cba8453d8f57ddccc1793d9
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
url is set in qtbase/doc/global which is inherited by the
Qt 5 module qdocconf files.
Change-Id: Ieffa174f598f4a3b8ce8be9bfae7ca9b6981f12b
Reviewed-by: Martin Smith <martin.smith@digia.com>
Conflicts:
mkspecs/qnx-x86-qcc/qplatformdefs.h
src/corelib/global/qglobal.h
src/network/socket/qnativesocketengine_winrt.cpp
src/plugins/platforms/android/androidjniaccessibility.cpp
src/plugins/platforms/windows/qwindowswindow.cpp
Manually adjusted:
mkspecs/qnx-armle-v7-qcc/qplatformdefs.h
to include 9ce697f2d5
Thanks goes to Sergio for the qnx mkspecs adjustments.
Change-Id: I53b1fd6bc5bc884e5ee2c2b84975f58171a1cb8e
When a QNetworkReply is in WaitingForSession state and is aborted the finished signal
was not emitted.
Task-number: QTBUG-37473
Change-Id: Iccc4dfd8e8e65e9e42625a908432ce9083caa231
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
This change makes it possible to set a Qt namespace for Android builds.
Change-Id: I79f4ae8200223f36f97e2849aae49e45b8850d23
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
qnetworkinterface_win_p.h needs to include at least one Qt header before
it can use QT_BEGIN_NAMESPACE. That header is the first header in
qnetworkinterface_win.cpp.
Found when trying to compile Qt with ICC.
Change-Id: Iaa312ff54243b6fb3beb107f0eda74f92c6e3ebb
Reviewed-by: Richard J. Moore <rich@kde.org>
This removes extra code and potential memory leaks by using smart
pointers instead of calling Release() directly.
Task-number: QTBUG-38115
Change-Id: If799d6948af8c3df3d0c1617742653b104087e3b
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
We were keeping a dangling pointer to a non-existent QIODevice around
which would lead to a crash.
Task-number: QTBUG-17400
Change-Id: Ie374cbb94bb45c9b0fbef46287b3317f60154123
Reviewed-by: Richard J. Moore <rich@kde.org>
... instead of running into an endless loop in case they are wrong.
Task-number: QTBUG-30434
Change-Id: Iab258ebe1098a0c95f19da789a7a86de9d5bf149
Reviewed-by: Richard J. Moore <rich@kde.org>
... and not when normal HTTP authentication is required. Also,
query the system keychain for the right credentials depending
on the URL scheme.
Task-number: QTBUG-30434
Change-Id: Ib6f74029b2e0de9734497440e3b0e48cdf73adcb
Reviewed-by: Richard J. Moore <rich@kde.org>
qhosaddress.h(88) : warning C4224: nonstandard extension used : formal parameter 'sockaddr' was previously defined as a type
Change-Id: I38ee9dcb0d81d5ec4f71c2b50dc4f331eb61e7de
Reviewed-by: Richard J. Moore <rich@kde.org>
Task-number: QTBUG-39136
Change-Id: I4d2626416fae99339988cd994653ce7ec753f081
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
uClibc doesn't have a nsmap member in __res_state. Since it also doesn't have
res_nquery() which is mandatory for QDnsLookup, we can simply disable the code
to fix the build.
Change-Id: Ia872f535519aca3a2de763548c6dd0e3e0ee20d4
Reviewed-by: Jørgen Lind <jorgen.lind@digia.com>
Reviewed-by: Mandeep Sandhu <mandeepsandhu.chd@gmail.com>
On Unix systems where the GUI event dispatcher uses a notification
system for socket notifiers that is out of band compared to select(),
it's possible for the QSocketNotifier to activate after the pipe has
been read from. When that happened, the ioctl(2) call with FIONREAD
might return 0 bytes available, which we interpreted to mean EOF.
Instead of doing that, always try to read at least one byte and examine
the returned byte count from read(2). If it returns 0, that's a real
EOF; if it returns -1 EWOULDBLOCK, we simply ignore the situation.
That's the case on OS X: the Cocoa event dispatcher uses CFSocket to get
notifications and those use kevent (and, apparently, an auxiliary
thread) instead of an in-thread select() or poll(). That means the event
loop would activate the QSocketNotifier even though there is nothing to
be read.
Task-number: QTBUG-39488
Change-Id: I1a58b5b1db7a47034fb36a78a005ebff96290efb
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Re-order the constructor parameters for QHttpNetworkConnection to be consistent with the #ifndef version.
Change-Id: Icd8be4406ff549d468e06d635fac2ddc34826b1c
Reviewed-by: Richard J. Moore <rich@kde.org>
The static method QDnsLookupRunnable::query() got an additional parameter for QTBUG-30166, but the #ifdef'd part was not updated.
Change-Id: Ifc317bfae6e02c00936e1922ec77f89fb5faf497
Reviewed-by: Richard J. Moore <rich@kde.org>
HSTRING needs to be released or handles will be leaked.
Instead use HString which takes care of resource management
on its own.
Task-Number: QTBUG-38115
Change-Id: I2c767776c1f22f45acd8dd77b693f30d63d894b9
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Note added in QNetworkReply and QSslSocket documentation.
Task-number: QTBUG-16770
Change-Id: I2dd8cfb913ec29a96b5465a905cd213713b8d537
Reviewed-by: Richard J. Moore <rich@kde.org>
If you do sock->write(data) followed by sock->close() then the data
written is not transmitted unless you flush when using QSslSocket but
is when using QTcpSocket. This change makes QSslSocket work like
QTcpSocket.
Change-Id: Ia2e1c021dc48ac0d573f78da782ea77641c03bc1
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
IANA reserves scope ID of 0x0 to mean "no scope ID", so make sure that
we don't try to set it when reading from the sockaddr_in6 structure.
Change-Id: I71b207e6f8262ab2bf9fde993288a71ba63c7572
Reviewed-by: Richard J. Moore <rich@kde.org>
Implementation will be added for Qt 5.4.0 as it cannot be done
sooner.
Change-Id: I4d2626416fae99339988cd994653ce7ec753f081
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Avoid accessing the internals of the SSL_CIPHER struct since this has
changed size etc. over time leading to binary incompatibilities.
Task-number: QTBUG-32423
Task-number: QTBUG-23363
Change-Id: I8cb399484e3a62be7d511f4b8b22c876825c87d4
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Recreating QCoreApplication could cause a crash in QNetworkAccessManager
constructor. That was caused by an invalid shutdown detection introduced
in f273d6fbc0.
Task-number: QTBUG-36897
Change-Id: Ib5bba773a2a4fcde690a3a93680aef551aae3a5b
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Discussed with Peter and agreed that it's a slightly better fit there.
Change-Id: If8db777336e2273670a23d75d8542b30c07e0d7b
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Fix warnings about 'truncation of constant value':
qspdyprotocolhandler.cpp(583) : warning C4309: '=' : truncation of constant value
qspdyprotocolhandler.cpp(656) : warning C4309: '=' : truncation of constant value
qspdyprotocolhandler.cpp(659) : warning C4309: '=' : truncation of constant value
Change-Id: I3c32b9f47c06da9b50f5c94871a2ee455b3a5cb6
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
You set the environment /before/ you run configure.
Change-Id: I6954656f892214f41b5f2ec4e3f4926eb5a9e247
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Topi Reiniö <topi.reinio@digia.com>
Add support for loading certificates and keys from PKCS#12 bundles
(also known as pfx files).
Task-number: QTBUG-1565
[ChangeLog][QtNetwork][QSslSocket] Support for loading PKCS#12
bundles was added. These are often used to transport keys and
certificates conveniently, particularly when making use of
client certificates.
Change-Id: Idaeb2cb4dac4b19881a5c99c7c0a7eea00c2b207
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
OpenSSL has a bug when validating a chain with two certificates.
If a certificate exists twice (which is a valid use case for renewed
CAs), and the first one it hits is expired (which depends on the order
on data structure internal to OpenSSL), it will fail to validate the
chain.
This is only a bandaid fix, which trades improved chain validation
for error reporting accuracy. However given that reissuing of CA certs
is a real problem that is only getting worse, this fix is needed.
See also: https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html#WARNINGS
[ChangeLog][QtNetwork][QSslSocket] Added a workaround to an OpenSSL problem
that may cause errors when the trust store contains two certificates of the
issuing CA, one of which is expired.
Task-number: QTBUG-38896
Change-Id: I8f17972ac94555648098624e470fff0eff2e7940
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@digia.com>
df757e30f8 may have fixed this for one platform,
but different platforms appear to have different ideas on what constitutes a FD.
Just use the stream operator to avoid having to face this nightmare all the
time.
Change-Id: I298c5a4b31e8a4af6b613d039cb9aee6e8263b5a
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Some calls pass len=32, so garbage was shown when maxlen (readBytes) is smaller.
Change-Id: I97e61dcdf5a0db032317c57afb4bfb406437d8d5
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
... and not duplicate part of the logic in the SPDY code. This code was
also existent in QNetworkRequest.
The next step will be to actually respect the header if set via
QNetworkRequest::setRawHeader().
Change-Id: Ifda2658ea826d039c9dad61ed6fa42aaedaee6b6
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Without these, a spew of connection warnings will occur when using HTTP
on Qt builds with QT_NO_NETWORKPROXY.
Change-Id: I330f6d98d1abdbadc57768dc48b8fab0ee1f6655
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
This restores behavior for UDP sockets as it was in 5.2.1. Change
13c246ee11 introduced a behavioral
change / regression in that respect.
Task-number: QTBUG-37489
Change-Id: I8f0b26d763dd66ea6edcc343e91ff5c9c7bdc0f2
Reviewed-by: Richard J. Moore <rich@kde.org>
All read calls are now pulled from an intermediate buffer which is
populated from the asynchronous callback (this was a TODO previously, and
was breaking downloads of large requests). As a side-benefit, the use of
only async callbacks ensures fewer first-chance exceptions appear in the
debug output.
Task-number: QTBUG-30196
Change-Id: I5653742d8d94934a4b4a4227298865d20518bc4c
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
The declaration of q_SSL_ctrl is ifdefed, so ifdef it's usage too.
Change-Id: I99a53af6f4f24ed991d39ab89f18e03b8f38c617
Reviewed-by: Richard J. Moore <rich@kde.org>
Use QSharedPointer<T>::create(), which co-locates the refcount with the payload
in a single memory allocation, instead of QSharedPointer<T>(new T), which causes
two allocations.
Change-Id: I58196b6390dcc9bd52417e279fd9e000ab9ee9cc
Reviewed-by: Richard J. Moore <rich@kde.org>
Use QSharedPointer<T>::create(), which co-locates the refcount with the payload
in a single memory allocation, instead of QSharedPointer<T>(new T), which causes
two allocations.
Change-Id: I84980e98c4fe9773f12533983937eafa0b0ab250
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Despite supporting DH and ECDH key exchange as a client, Qt did not provide
any default parameters which prevented them being used as a server. A
future change should allow the user to control the parameters used, but
these defaults should be okay for most users.
[ChangeLog][Important Behavior Changes] Support for DH and ECDH key exchange
cipher suites when acting as an SSL server has been made possible. This
change means the you can now implement servers that offer forward-secrecy
using Qt.
Task-number: QTBUG-20666
Change-Id: I469163900e4313da9d2d0c3e1e5e47ef46320b17
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
QDateTime::addSecs() is a const function and returns a new QDateTime with
the given seconds added, thus the current statement had no effect.
Found by applying Q_REQUIRED_RESULT in dev branch.
Change-Id: Id712334f91e0adb40bafc23470bf46479334c81a
Reviewed-by: Richard J. Moore <rich@kde.org>
... and not only one. This was a problem e.g. when there were several
requests to the same host and the host was not reachable; only one
reply would get an error signal in case we suppressed other errors in
"happy eyeballs" host lookup style.
Task-number: QTBUG-36890
Change-Id: I1b5757498bd644b0d773cf6c43e4950620949c5c
Reviewed-by: Richard J. Moore <rich@kde.org>
for more efficient creation of QNonContiguousByteDevices held in shared pointers.
Use the new functions in QNetworkAccessBackend::createUploadByteDevice()
and QNetworkReplyHttpImplPrivate::createUploadByteDevice().
Change-Id: I8a3c76f7c8d5926850303992c77e9382a39a55e8
Reviewed-by: Richard J. Moore <rich@kde.org>
This prevents error reporting from being useless in case an errno value isn't
one we anticipate.
Change-Id: I65f8c2570d07971a06ba3687d75e9df91a0e7611
Reviewed-by: Richard J. Moore <rich@kde.org>
tested manually with internal proxy.
Patch-by: Jonathan Lauvernier <Jonathan.Lauvernier@gmail.com>
Change-Id: Ief5b4579b3444ce70eb99637edf771d37d3971fb
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
... so that the socket notifiers are enabled after selecting and thus
emit signals even after selecting (select() is called e.g. by the
waitFor* methods).
Task-number: QTBUG-36144
Change-Id: I385f288e8c42f92a9c84e53bce843e52f8094ada
Reviewed-by: Kevin Krammer <kevin.krammer@kdab.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Reviewed-by: Fanda Vacek <fvacek@blackberry.com>
Reviewed-by: Bernd Weimer <bweimer@blackberry.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Crash occurs after warnings like:
QSslSocket: cannot call unresolved function SSL_get0_next_proto_negotiated
Task-number: QTBUG-37515
Task-number: QTBUG-33208
Change-Id: I18b803e4709b9d5f6b33717c2ac43179676351a4
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
It could be that the channel has its reply already reset to 0, while
the protocol handler thinks the reply is still active, which might
lead to weird behavior including hard to reproduce crashes.
Task-number: QTBUG-37424
Change-Id: I89b65d34caaa546a343edc2ee205aa76425de88f
Reviewed-by: Richard J. Moore <rich@kde.org>
Change-Id: I613a737600f85ef90155e3b8647197b4fd092998
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Change-Id: I7afedbf679ae1c8467eea749e79eb10f2516d039
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Correct the tense of send vs sent in comments and documentation.
Change-Id: I1c5ce9a7b1e49b8b0e8dcfde7d732e4c69acf73a
Reviewed-by: Kurt Pattyn <pattyn.kurt@gmail.com>
Reviewed-by: Laszlo Agocs <laszlo.agocs@digia.com>
Task-number: QTBUG-37042
Change-Id: I7ddcbc315b4b720e7da7880fc00731c28beb4bb2
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com>
Use QSharedPointer<T>::create(), which co-locates the refcount with the payload
in a single memory allocation, instead of QSharedPointer<T>(new T), which causes
two allocations.
Change-Id: I3f70d15a6d1bfaaa8b48a36ed3c877e817a5b701
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Use QSharedPointer<T>::create(), which co-locates the refcount with the payload
in a single memory allocation, instead of QSharedPointer<T>(new T), which causes
two allocations.
Change-Id: I280caf861b894f87996a9d3ae783943f55d54ff3
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Change-Id: I213ac1fb2733e675f3641441fe6c621bab06c1f0
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Many bugs originate due to mismatches between the build-time and
run-time versions of openssl but they're hard to debug as we don't
provide access to the build-time info. This addresses that weakness.
[ChangeLog][QtNetwork][QSslSocket] Added accessors for the version
of openssl used at build-time. This will help when debugging
problems caused by a mismatch with the run-time version.
Change-Id: I6a4c21c8f16ab4c90cdf166f38c62fe37bf1f165
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Previously we allowed you to specify which version(s) you wanted to use,
but did not provide access to the version that was actually negotiated.
[ChangeLog][QtNetwork][QSslSocket] Add support for finding the version
of SSL/TLS in use by a connection.
Task-number: QTBUG-28471
Change-Id: I6d50d2bc9f1ce7f98192e67992178fe7e41c0575
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
We should not accept or process messages on closed streams, and unless
we are in a half-closed state (having initiated close ourselves), we
should respond to FIN with a FIN of our own.
This patch means we no longer trigger all the corner case teardown on
common sites that were fixed in earlier patches.
Change-Id: I0d2bab62700a0022a959e66c7053afbad07a9f7e
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
A QNetworkReply may be deleted before it is closed by the protocol.
Since QSpdyProtocolHandler tracks pointers to QNetworkReplies it must
keep track of their destruction as well to avoid links to deleted
objects.
This fixes the last issue with SPDY access of Google Mail in QtWebKit.
Change-Id: I2c56dc080fdcb249b6ed9189fef84cbbc1220cbd
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
We already remove QNetworkReply from most queues, but we also need
to remove it from the SPDY queue. Otherwise we might end up trying
to send an already deleted message.
Change-Id: Ib39bf8f26315b66179755a6f66dbd657576cbbe3
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
We should never upload on a SPDY stream in a closed or half-closed
state. To avoid it we need to stop listening for readyRead on the
upload device, and ignore WINDOW_UPDATE on completed streams.
This fixes SPDY access of facebook.com.
Change-Id: Icad45ffc109b2c14b921f1571e114b70a30f40a9
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Add handling of invalid stream-ids and buffer overflow in header
parsing.
Change-Id: I712af189d72612639d25890a8861a8f4fe084ce3
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
SPDY is currently assuming it will only receive RST_STREAM messages on
active steams. This is however not always a safe assumption.
Task-number: QTBUG-37100
Change-Id: Ied89a68a209891992ad72daa513066efc1d7c421
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
QSharedPointers here are passed by value - good, since it enabled C++11 move semantics,
transparently.
However, when passing such parameters on to assignment operators or other functions,
copies were made where moves would have been sufficient. Thus, add some qMove()s.
Change-Id: Ied1a5edf1bfbb16108dfeefbe85e58ab3d4ef92f
Reviewed-by: Richard J. Moore <rich@kde.org>
SPDY sends multiple header values for the same header key by null-byte
separating them.
This patch maps the multiple values the same way
qnetworkreplyhttpimpl.cpp
does. With this patch applied we can now log on to GMail using SPDY.
Change-Id: I03656ad1695d13b5c3ed252794dc6c89c67c7b97
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
A QSslCipher is not an equivalent representation of a QString, so
the constructor that takes a QString should be explicit.
Change-Id: I4c1329d1eebf91b212616eb5200450c0861d900f
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Currently the only supported SPDY version is 3.0.
The feature needs to be enabled explicitly via
QNetworkRequest::SpdyAllowedAttribute. Whether SPDY actually was used
can be determined via QNetworkRequest::SpdyWasUsedAttribute from a
QNetworkReply once it has been started (i.e. after the encrypted()
signal has been received). Whether SPDY can be used will be
determined during the SSL handshake through the TLS NPN extension
(see separate commit).
The following things from SPDY have not been enabled currently:
* server push is not implemented, it has never been seen in the wild;
in that case we just reject a stream pushed by the server, which is
legit.
* settings are not persisted across SPDY sessions. In practice this
means that the server sends a small message upon session start
telling us e.g. the number of concurrent connections.
* SSL client certificates are not supported.
Task-number: QTBUG-18714
[ChangeLog][QtNetwork] Added support for the SPDY protocol (version
3.0).
Change-Id: I81bbe0495c24ed84e9cf8af3a9dbd63ca1e93d0d
Reviewed-by: Richard J. Moore <rich@kde.org>
Modern websites use around 15 hosts on average so the limit of 5 DNS
looks meant that most non-trivial sites have to wait for at least one
unneeded round trip.
Task-number: QTBUG-30866
Change-Id: I584dd46c247e0413b2ed88dd66f111cff08ff987
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Implemented the use of the new QDnsLookup property "nameserver".
On the Linux platform, we can specify both IPv4 and IPv6 addresses
for the nameserver.
On Windows since we are using DnsQuery_W(), which does not have a
way of accepting IPv6 addresses, passing IPv6 nameserver address
is not supported.
On OSX/BSD platforms, specifying IPv6 addresses for nameserver
require access to the __res_state_ext structure which is in a
private header of libresolv (this header is different for BSDs and
OSX). If this feature has to be enabled in the future, we have to
figure out a way to access this struct by either accessing the
private header or by specifying one of our own. Currently, I'm
disabling it till such a solution is arrived at.
Nameserver support on different platforms:
Platform | IPv4 | IPv6
-------------+---------------+---------------
Linux/X11 | supported | supported
-------------+---------------+---------------
Windows | supported | not supported
-------------+---------------+---------------
OSX | supported | not supported
-------------+---------------+---------------
WinRT | not supported | not supported
-------------+---------------+---------------
Others | supported | not supported
| (not tested) |
-------------+---------------+---------------
Task-number: QTBUG-30166
Change-Id: Iedbddf15b9a62738ce4c2cfa0fce051514d64766
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Added basic functionality to socket for WinRT. Even though not
all auto tests pass yet, this patch can be seen as a foundation
for upcoming work in this area. Reading from and writing to TCP
socket works and one can listen for tcp connections.
Change-Id: Id4c25ba1c7187ed92b6368c785c4f62837faded7
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
... to defer the decision which protocol will be used on a specific
channel. This is to allow using the SPDY protocol instead of HTTP (to
be implemented in a later commit); which protocol will be used can
only be decided after the SSL handshake.
Change-Id: I6b538320668fe4994438f0095ecdc445677cf0a6
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
... from the private to the public class, because we need to access
these methods from other classes.
Change-Id: I2c5ea84e0f5d3641c1dc02342348f1022d886249
Reviewed-by: Richard J. Moore <rich@kde.org>
These functions now return a QStringList to reflect the possibility of
there being more than one entry of a given type, but the documentation
did not reflect this.
Task-Number: QTBUG-36304
Change-Id: Iba2eda5e2c3174c8dcea640b5aed9cdc9a432392
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
... which is needed to negotiate the SPDY protocol.
[ChangeLog][QtNetwork][QSslConfiguration] Added support for the Next
Protocol Negotiation (NPN) TLS extension.
Task-number: QTBUG-33208
Change-Id: I3c945f9b7e2d2ffb0814bfdd3e87de1dae6c20ef
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
This bug causes that Cascades QML application cannot open more than
system ulimit defined number of different asset:///*.qml files.
The realFile is ordinary closed in the ~QNetworkReplyFileImpl(),
the QDeclarativeTypeLoader::::networkReplyFinished() calls
reply->deleteLater(). There are tricky situations when event-loop is
not entered and too many read already files are waiting for close.
This patch close() file when all the data is read. It can be done
this way since the QNetworkReplyFileImplnetworkreply is a sequential
device.
For more info, please, read comments on QTBUG-36032
Task-number: QTBUG-36032
Change-Id: I4002f21b4b0c7350af48b0dc6530d9606fd2794b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
The overload used an evil hack to work around a flaw in the QSslCipher
API rather than fixing the API. The hack was broken by the addition of
support for newer versions of TLS. This change solves the issue properly
by fixing the QSslCipher API then using the fixed version.
Task-Number: QTBUG-34688
Change-Id: Ibf677c374f837f705395741e730d40d8f912d7c6
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
A few more HTTP status codes from the 4xx and 5xx series have been
added to QNetworkReply::NetworkError.
For content errors, the following codes have been added:
1. 409 - Resource Conflict
2. 410 - Resource Gone
For server related errors, the following codes have been added:
1. 500 - Internal Server Error
2. 501 - Operation Not Implemented
3. 503 - Service Unavailable
Few of the above codes are quite possible when communicating with REST
based services.
NOTE:
=====
* HTTP error status 400 is interpreted as
QNetworkReply::ProtocolInvalidOperationError.
* QNetworkReply::UnknownServerError is returned for all server related
errors (5xx) not listed above.
[ChangeLog][QtNetwork][QNetworkReply] Added more (specific) HTTP status
codes to NetworkError enum.
Task-number: QTBUG-30880
Change-Id: I9d2a133f6b3869f26710c6eb930dd8b08df31108
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
When the caches is deleted, the open files are deleted without closing action.
The file descriptor is remaining until the process is terminated.
Change-Id: If85519d173d05548ddf3273c85800441887199e2
Reviewed-by: jungo kim <jungo.kim@lge.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
