QBasicMutex is a POD and can be used as a static global object.
in qpicture.cpp factoryLoader is used only once, and under the mutex, so
there is no need for Q_GLOBAL_STATIC for it, it can be a function static
in qhostinfo_unix.cpp the code seemed wrong while compiled with
namespace and QT_NO_GETADDRINFO. I also could get rid of one include
because it was included earlier.
Change-Id: I3c700203c3e067266c20733f4bda8031446dbb86
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
SSL context was destroyed on disconnect. This makes it impossible to
decrypt buffered encrypted data. So if there is encrypted data in the
receive buffers, then don't destroy the ssl context until the socket is
destroyed.
Task-Number: QTBUG-23607
Change-Id: I16a7b4fa006647ec73049c90cdbc72686696850f
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Richard J. Moore <rich@kde.org>
Unify the includes for resolver function on unix-like platforms
to avoid build failures on BSD platforms.
Change-Id: I9accd7077d5a319a2c93642e011492d0fc779394
Reviewed-by: Holger Freyther <holger+qt@freyther.de>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
- Always use <qt_windows.h> as the last file to be included.
- Remove it from some headers, use Qt::HANDLE instead of HANDLE.
- Clean up #ifdef, use Q_OS_WIN for Windows/Windows CE.
- Add NOMINMAX to qt_windows.h to avoid problems with the
min/max macros.
- Remove <windows.h> from qplatformdefs.h (VS2005)
Change-Id: Ic44e2cb3eafce38e1ad645c3bf85745439398e50
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
After discussion with Liang, I'm reverting it as he requested. This change put every header into the SYNCQT.HEADER_FILES twice for in-source builds, and the qtMODULEversion.h header did not include a path component.
This reverts commit 2fbc45b58bba860abf67fb28aa1319c9f4ededaf
Change-Id: Ie84cef19193ce5e49072f1f67a41140d9d2673b8
Reviewed-by: Liang Qi <liang.qi@nokia.com>
Create new QAbstractSocket::SocketError value that denotes a error in
the SSL library: SslInternalError
Create QAbstractSocket::SocketError value that denotes a error in data
provided by user cauding an SSL library error: SslInvalidUserDataError
Change-Id: I466a9389d9d7052efd8eddd1a2d6067ba26dfddb
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
Implementating this would cause massive SC breakage and give little
gain.
Change-Id: I56a6d302fdd0e8b53d1f9154f3eaf9e1ee429f9d
Reviewed-by: Giuseppe D'Angelo <dangelog@gmail.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
%l has no meaning, should be %li according to the arguments.
Change-Id: Ife9ec524109e021ad723865445e80b6bad51a5c6
Reviewed-by: Richard J. Moore <rich@kde.org>
The debug message could derefence a null pointer, this crashed when
running ssl autotests
Change-Id: I176aaa9f3cf3c6cc1512cdc34db06d4c79f92e73
Reviewed-by: Richard J. Moore <rich@kde.org>
The intention is to add additional pause modes over time, this will
be easier if we can just test if a particular reason for pausing is
turned on. If we don't do this we'll end up having to check for each
enum value every time we check what is enabled.
Change-Id: I6b08f0e819b5593e3f6463c3dd175eff8625e155
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@nokia.com>
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
The QDnsLookup class provides asynchronous APIs for performing
DNS lookups. For now, the following lookups are supported:
- A and AAAA
- CNAME as defined per RFC 1035
- MX as defined per RFC 1035
- NS as defined per RFC 1035
- PTR as defined per RFC 1035
- SRV as defined per RFC 2782
- TXT as defined per RFC 1035
Task-number: QTBUG-10481
Change-Id: I46c1741ec23615863eeca3a1231d5e3f8942495e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.
Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
It was put in source tree before.
Task-number: QTBUG-20439
Change-Id: Ib52d9c2e83ae375aad259ddc74138bbc728b3ed0
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Per ### Qt5 comment and the fact that it was already virtual on
QAbstractSocket.
Change-Id: If2d2b2f9cdec1ef4c5bf625e3ce0d6f2d9a7bdfd
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QNetworkCookieJar now has the following virtual methods:
virtual bool validateCookie(QNetworkCookie &cookie);
virtual bool insertCookie(const QNetworkCookie &cookie, const QUrl &url);
virtual bool updateCookie(const QNetworkCookie &cookie);
virtual void deleteCookie(const QNetworkCookie &cookie);
Their implementation is such that the behavior the class previously
had(in memory storage of the cookies) is mantained.
Task-number: QTBUG-23145
Change-Id: I1420894d31e8072eca6903c3c7ffd6f06205a257
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Alexis Menard <alexis.menard@openbossa.org>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
pause and resume is currently only supported upon emitting the
QSslSocket::sslErrors() signal. The API was added in QAbstractSocket to
also support QAbstractSocket::proxyAuthenticationRequired() in the
future.
This is the first patch to support that feature on the socket level,
another patch will follow to support sslErrors() and
authenticationRequired() in QNetworkAccessManager / QNetworkReply.
Task-number: QTBUG-19032
Change-Id: Ide2918268590ab9a01454ab26cb7fdca3dc840ab
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
The original architecture of the QtNetwork bearer support hosted the
engines in the application's main thread, but this causes some problems.
If the QNetworkConfigurationManager is constructed in a worker thread,
then it is populated asynchronously without any notification when it is
done (the app gets incomplete or missing results)
Fixing that by restoring the earlier behaviour of using blocking queued
connections to wait for the lists to be populated caused a regression,
as some applications deadlock because the main thread is waiting on the
worker thread at this time.
By introducing a dedicated worker thread for the bearer engines,
QNetworkConfigurationManager can be safely constructed in any thread
while using blocking queued connections internally.
Task-number: QTBUG-18795
Change-Id: Iaa1706d44b02b42057c100b0b399364175af2ddb
Reviewed-by: mread
(cherry picked from commit 5f879c55e531165cc2569b03c3796d0f33d0a0b7)
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Murray Read <ext-murray.2.read@nokia.com>
Reviewed-by: Alex <alex.blasche@nokia.com>
These defines were there to aid in the commercial
licensing scheme we used long ago, and are no longer needed.
Keep a QT_MODULE(x) define so other modules continue compiling.
Change-Id: I8fd76cd5270df8f14aee746b6cf32ebf7c23fec7
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Change-Id: Iae377505e36ae1239be7ce52c773dc2a4f4a9767
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
The following methods have been made virtual:
setReadBufferSize()
socketDescriptor()
setSocketDescriptor()
socketOption()
setSocketOption()
waitForConnected()
waitForDisconnected()
Now that these methods are virtual we no longer need the nasty
polymorphism workarounds for QSslSocket.
Change-Id: I319989b6cdb025ba33d7d53ae90f3a6a3b6b1b7b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QAuthenticator used it for the convinience of QHttpSocketEngine only.
QHttpSocketEngine has now been ported to use QHttpNetworkReply to parse
HTTP responses.
Change-Id: Idf6e70aa76613aad6e3d789d81ca1b4fd73575c2
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Change-Id: I6db7211fcf6b24bd75e360645bbb2fdf1ef8a8bc
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@nokia.com>
Reviewed-by: João Abecasis <joao.abecasis@nokia.com>
- Missing return value
- Wrong format for qint64
Change-Id: Id0de58c85b7c8ed2a62f7237fd23e6c5a5ac92ec
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Also, use QStringLiteral instead of QLatin1String.
Change-Id: I232fc02a56261929864c2ea66993ef1c74bc1237
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Robin Burchell <robin+qt@viroteck.net>
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
"interface" is not used by QNetworkConfiguration.
Change-Id: I742fe179d415ab1424bfddb1f6c034fc98c55e61
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
QNetworkConfigurationManager and QNetworkSession are QObject, which
should not be thought of as values that can be copied or assigned, but
as unique identities.
Change-Id: I6ff0124a613862c2b411da2df31f03d5033315a9
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Robin Burchell <robin+qt@viroteck.net>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
It was added only to maintain source compatibility with Qt Mobility.
Change-Id: Iea8d40e401bd1f8d5115268e09b256eacca69ea0
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
QNetworkCookie doesn't need to know about QNetworkCookieJar and for
QNetworkCookieJar header a forward declared QNetworkCookie is enough.
Change-Id: I21145ce0f67a0a6bd68a46a5e757f82105cdf520
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
In qdoc, the \value command is meant to document a single value of an
enum. e.g.
\value TypeOfService Text describing the type of service. It runs until
the next \value or a blank line.
Although it doesn't say you can't build a \table in the \value text,
it doesn't work. For now, the fix is to remove the \table from the
\value text and make the table separate from the enum \value list and
let the description of the \table refer to the value that it belongs
to.
Task-number: QTBUG-23599
Change-Id: I88b456dca419a565eece30ba20fe09c0bcd4d98d
Reviewed-by: Martin Smith <martin.smith@nokia.com>
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
All references to QFtp in documentation have been removed, QFtp's
documentaiton was marked internal. The QFtp example was removed.
Task-number: QTBUG-23199
Change-Id: Ifff83cac069fb350e8ebeae63e605850e65c0c30
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
It was checked in a few places, but it didn't actually remove QTextStream,
so it was pretty useless.
Change-Id: I8eaf28893cd6c7acbe1c0b69d58de90742aee755
Reviewed-by: João Abecasis <joao.abecasis@nokia.com>
The previous change missed some headers from years prior to 2011, and a
few new files were merged after the previous change.
Change-Id: Ib7d1a2b7062228c2a5373da64242b2ee1f0981e1
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
This is consistent with the other socket classes.
Also see commit bf7f170607.
Change-Id: Ic4bf01bd4abf778e21fe575c5304f86c9bee82fc
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
This is to help us debug problems with CA certificates.
Code is not compiled by default, only when QtNetwork is built with
QSSLSOCKET_DEBUG defined
Change-Id: I404c36bf4c6bf1190f480196038197be30b4b5f9
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This mantains BC between version compiled with and without OPENSSL,
which was the reason for the use of "runtime virtuals". Using proper
virtuals should make code clearer.
Change-Id: I24f141ebaab68c000c2d602b54addbae1679a424
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
OpenSSL tries certificates in the order they are added to the store.
There was logic to add the expired certificates after the valid ones
to ensure the valid certificate is checked first if the OS cert store
contains both the expired and renewed version of the same cert (e.g.
the verisign class 3 cert on windows)
However due to a coding error, the ordering was reversed, ensuring the
problem is always encountered instead of always avoided.
Task-number: QTBUG-20012
Change-Id: I7c8dba8a09842540a22b44d33c7dcb22bbbc6a58
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
We're trying to deprecate these, so don't use them anymore.
The inline uses of these have been left intact, for the moment. Inline code will
need to create their own non-inline allocation methods (for future-proofing to
allow alterations in how e.g. individual containers allocate)
Change-Id: I1071a487c25e95b7bb81a3327b20c5481fb5ed22
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
Commit 231369eb04 introduced the use of
QBuffer::setBuffer with a QByteArray that is allocated on the stack,
causing plenty of memory corruption.
This patch replaces the use of setBuffer with setData, which correctly
assigns the QBuffer's buffer instead of just relying on the pointer
passed to setBuffer.
Spotted by Rohan in http://codereview.qt-project.org/#change,11859
Change-Id: I7cdf43d438a2a7864de7c35841b42421c1c60e68
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Robin Burchell <robin+qt@viroteck.net>
Need to check that the networkSession has been set so we don't
crash when bearermanagement is enabled.
Task-number: QTBUG-23484
Change-Id: Ifdb71350ba5b4ddbdbd17a8d87189c78c524783e
Reviewed-by: Aaron Kennedy <aaron.kennedy@nokia.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
At the moment users of Qt must detect if it was compiled with SSL
support by testing for QT_NO_OPENSSL. This means that any code that is
conditionally compiled this way is tied to the presence of the openssl
backend. This commit makes it possible to implement new SSL backends
during the Qt5 lifetime without breaking this code. People can still
test for QT_NO_OPENSSL if they really need openssl, but if they simply
want to know if there's SSL support at all they should use this define
instead.
In addition, this commit changes the public API headers to use the new
define.
Change-Id: Ib57a71aa65836ac9351f120a487bfeb8009d9515
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Windows x64 uses 64 bits integer for sockets, to ensure compatibility we
should use ptr sized integers for our socket descriptors.
Task-number: QTBUG-19004
Change-Id: I4b56023874a4f1bad107c66c054fecfedde33d88
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
- Initialization order in QHttpNetworkConnectionChannel
- Potential use of uninitialized value in QNetworkReplyDataImpl
Change-Id: Ia405147ef81a3f1509149349d6b5b01bb078f853
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
This applies to both local and abstract sockets.
Task-number: QTBUG-22450
Change-Id: I5c58d68da95ffb6bcde5be510853359b288e5984
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
This change makes Qt load the default openssl config always, not just
when compiled with OPENSSL_LOAD_CONF. This means that facilities like
openssl engines (and their configuration) are usable. An alternative
would be to call OPENSSL_config(NULL) ourselves, but that's exactly
what the OPENSSL_add_all_algorithms_conf does for us.
Task-number: QTBUG-16018
Change-Id: I4cda701f82627e0541b6225009f4e1249aec9d47
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This is a regression caused by the NTLMv2 authentication patch.
I have manually tested NTLMv2 authentication against MS IIS and reverting
these two lines does not break it.
Task-number: QT-5209
Change-Id: I64159cbe468e1a7f834f8726fd0c9d4ab4c54b38
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
When authentication is cancelled, close the channel instead of the
underlying socket.
The previous behaviour could result in further requests being sent
on the closed socket, which caused errors in case of https over a proxy.
Change-Id: I3dbfc164de4fb29a426c06acaac8f29b9da1d705
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
When an ssl socket is closed during connecting, and it is using a proxy
then it is possible for the plain socket to be in pending close state
when transmit() is called.
As errors were not handled, this caused the socket (and https request)
to "hang".
It now propagates the error from plain socket.
Change-Id: I6fb86815a2a63e197cea582f4b153e487543477c
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The code which prevents pipelining of requests when authentication is
in use had || where && should have been used.
Also check for blank user with a password.
Change-Id: Ic278cedd370c9d81377f49a0af43aef415cb49ad
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Creates a new SocketOption called called TypeOfServiceOption that can be
used with the existing setSocketOption method to set the ToS byte in a
socket socket. This is done only for unix systems because windows
doesn't support directly setting the ToS/DSCP byte:
http://support.microsoft.com/kb/248611http://blogs.msdn.com/b/wndp/archive/2006/07/05/657196.aspx
Change-Id: Idf9da2dd8307ac7057982fbfdf9e4e9ebe366780
Task-number: QTBUG-6221
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
OpenSSL's SSL_ctrl() always took a "void *" argument as 4th parameter,
since at least version 0.9.7.
I have no idea why we had "const void *" in there.
Reviewed-by: Richard J. Moore <rich@kde.org>
Task-number: QTBUG-23132
(cherry picked from commit 4db91cbd6147e40f543342f22c05b7baddc52e5a)
Change-Id: Ie570e1cc59b72f13d3e6f3ed6fc1892444a63743
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Robin Burchell <robin+qt@viroteck.net>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Instead of always delaying IPv4 when we have both Ipv4 and IPv6 we
should use the order we get from getaddrinfo to descide which one
that should be delayed.
Task-number: QTBUG-23066
Change-Id: Ibe8c4d7000abd6e57fe8c6afac8a4a843e17ff27
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Modifying the proxy causes a detach(), so the socket is still using
the unmodified proxy.
Changed this to setProxy() the modified one back to the socket.
Test case tst_QNetworkReply::httpProxyCommands()
Change-Id: I448c2f2ab43ce8d78bc6edb8261599bf67372676
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The code for reading named pipes can now be used in
other places as well.
Change-Id: Id734617a3927e369491a6c5daf965169ceb01f74
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
Incase we have both IPv4 and IPv6 available after the host lookup
we should delay the connection attempt to IPv4.
Task-number: QTBUG-23066
Change-Id: I8c0177cf125c9daae314ada73cacef790a39b856
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
This saves us from creating a single shot timer every time we emit
readyRead and eliminates the parallel pendingReadyRead flag.
Done-with: ossi
Change-Id: I1de7f07b83b583b9d60dd8862d6a9f7865b5b891
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
We must not close the QIODevice, if we detect a broken pipe.
We still can have data in our read buffer that can be read by the user.
Autotest: tst_QLocalSocket::threadedConnection
Change-Id: Ibe823c006516acb27f51a06ca0bbe5555dbd88f5
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
These aren't used, and so they shouldn't be there.
Change-Id: Id4a08d90836c45c140d811b8eca07756e14c56e5
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
When using "user@dns-domain" for NTLM authentication, the whole string
should be sent as the username, and the domain should be set to an
empty string.
The domain sent by the server is still reflected if the username
does not contain an '@' character.
Manually tested using MS IIS on a domain-joined PC.
Task-number: QTBUG-19894
Task-number: ou1cimx1#949951
Change-Id: Ie1f81172e71cb7cce7b8c909062be990c24aea47
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
If NTLM authentication is required for the URL with an empty path,
then QNetworkAuthenticationCache::findClosestMatch(url.path()) returns 0.
e.g. "http://10.1.2.3".
Return a default constructed credential in this case.
Change-Id: I84ad3b308ee3f74fbbac9ad0f11dbdc66047b50b
Reviewed-by: Robin Burchell <robin+qt@viroteck.net>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
The downloadBuffer size should not be larger then the
downloadBufferMaximumSize. I also added a try catch for the allocation
incase we are low on memory, so that we don't crash.
Task-number: QTBUG-23040
Change-Id: Ib9820bc19fc5db994ede20f123f8c167a8d43ff7
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
The docs say this is required, but we don't check it and instead
segfault right now.
Change-Id: I825b00a312a481c5383af127333c0c4698188348
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
When listening on QHostAddress::Any, serverAddress() should return
QHostAddress::Any too, assuming that setting the socket options
was successful.
Task-number: QTBUG-22899
Change-Id: I50a9ff1b4ad0c1c1905e2952c595d7068df2627d
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QWinEventNotifier is an essential class if you're using native Windows
Overlapped IO and need to convert it to Qt signals. However the header
is marked private.
Task-number: QTBUG-68
Change-Id: I22e9a84da97f969ddb82e9ba15e604a01abd80d0
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
QHostAddress(QHostAddress::Any) was not equal to QHostAddress::Any
because only one of the operator== overloads was handling this.
Task-number: QTBUG-22898
Change-Id: Ifd36947a50e8c36362b4e850fd8d5105ee0925ff
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Centralise the specification of the default ssloptions to make the code
clearer and more testable.
Change-Id: I4f4bae72736dd063ee4cd64c6375e82d0600a105
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Since recently QSslCertificate::serialNumber() always returns the
hexadecimal format, so we need to adapt to that when checking the
serial numbers for the blacklisted certificates.
Change-Id: I43bdb1be77faad7ad79a835c896fc39477452e75
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
... and only resolve the functions when the methods are available.
SSL 2 functionality is not always available in OpenSSL anymore.
Change-Id: Ia3178685b26c67ac55447476789e06710b596181
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
This property is no longer necessary because we can now set the user
agent directly on the proxy.
Task-number: QTBUG-17223
Change-Id: I27cb126dd401f02525290d2317650f55cae9f4ef
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
The API is the same that is present on QNetworkRequest class. Since
these are HTTP headers, this only affects proxies of type HttpProxy and
HttpCachingProxy.
This was created as a general solution to the problem pointed out in
QTBUG-19569(some proxies only accept request with specific User Agents).
In the same way that there are cases where setting the User Agent is
desired there might be reasons to set other headers, hence the support
for any header.
Change-Id: Ifd04f34d29eedb6c2a3f0b50708244996b12a123
Task: QTBUG-19569
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
There's no real reason for the typedef here, QtNetwork
will compile without it and it might conflict with
openssl.
Change-Id: Id352ccc98d84ca9ee9ea3c7b4a942382882173f1
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This is done on systems other than Windows or Mac.
Change-Id: I631ea350cb9bc123edc6df33b6f661afa8f0778b
Reviewed-by: Arvid Picciani <arvid.picciani@nokia.com>
There is a bug in CFSocket/CFRunLoopSource in OS X 10.7 which can lead to a deadlock
in CFRunLoopRemoveSource or CFRunLoopSourceInvalidate if the CFSocket manager thread
is concurrently calling CFSocketInvalidate as a result of the socket's file descriptor
having been closed.
QLocalServer::close() triggers this race by closing the socket fd before unregistering
the QSocketNotifier, which internally uses CFSocket.
This commit fixes the problem by changing the ordering in close() so that the socket notifier
is disabled before closing the file descriptor. This change also makes QLocalServer::close()
perform operations in reverse order to QLocalServer::listen(), as would be expected.
Task-number: QTBUG-22789
Merge-request: 1470
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
(cherry picked from commit a9c3f7169faf4621d39714f753d6e8b376c5d6e5)
Change-Id: Ia9c3f7169faf4621d39714f753d6e8b376c5d6e5
The handling of QSslOptions is complicated not only by the subject, but
also by the fact that some of the openssl directives are negatives. This
commit tries to separate the inherent complexity from the complexity of
the api by allowing us to test them independently.
Change-Id: Ieb9386c69dd9b0b49dc42e26b2878a301f26ded1
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
"qsslconfiguration.cpp:204:73: warning: suggest parentheses around
comparison in operand of ‘|’ [-Wparentheses]"
Change-Id: I887ffdf3ef8263c35a8f391b3fc97faee41b7dab
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
This is a source-incompatible change.
TlsV1 is ambiguous; what is actually meant is TLS version 1.0. There are
also TLS versions 1.1 and 1.2; we might want to add options for these
once OpenSSL supports them (apparently they will be with OpenSSL version
1.0.1).
Change-Id: I940d020b181b5fa528788ef0c3c47e8ef873796a
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
This commit adds the ability to perform legacy SSL renegotiation as
a fallback via QSsl::SslOptions. This is something that used to work,
but has been disabled by default in newer versions of openssl. The
need for this has been reported by users (eg. in QTBUG-14983).
Change-Id: I5b80f3ffd07e0c5faddc469f6a8f857bac5740f7
Reviewed-by: Corentin Chary <corentin.chary@gmail.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
In Qt 4.x the serial number is reported by a mixture of the hex value
and the number, The hex is what is used by other tools, and we should do
the same.
Change-Id: Ia0361d43fb5b920d053c95e932e0c8a012436e5e
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
that server was found out not to support HTTP pipelining.
tested manually; for more information see the task.
Change-Id: I9120e8be1a9a05f39f99752d6426c92fa3d093f2
(cherry picked from commit ec6d7694f72498d1b156bb0ae8d305e01931f7b2)
Reviewed-by: Markus Goetz
Task-number: QTBUG-21369
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
removes several files and cleans up the code, removing all Symbian
specific #ifdef's etc.
Change-Id: Ie457e54cb4b3a992f251383320d47822259c38f1
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Currently isValid wrongly gives the impression it checks a certificate
for validity - it doesn't. It merely checks if the certificate dates
are valid and if the certificate is blacklisted. Since it's already
easy for users to check the dates, let's just give them access to the
ability to check for blacklisting.
Change-Id: I25be3bde6a01063034702a9574b28469bf4882cd
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Two problems:
- The signal cacheCredidentials was not connected in the synchronous
case while it must be connected. (Regression when the threaded http
was merged)
- We cannot cache the credidentials when we proceed the url because
at that point, we do not know the realm (this basically reverts
9bc5a32b875b812c3a706034c8c27614f86bd138)
Task-number: QTBUG-18411
Change-Id: I8ea11fa23db4314c3f17ed06d2d7f9ee934ccdba
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
... as did browser vendors.
Tested manually with affected CA certificates.
Reviewed-by: Richard J. Moore <rich@kde.org>
(cherry picked from commit e1d6df4e5931ee49b4b68dd5a33146f5639268b7)
Change-Id: I5bf6c147abf6d2de0f313d65faa2d9a1e9684cea
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
... by adding a new class QSslCertificateExtension and methods in
QSslCertificate to support extensions. This is needed e.g. for OCSP
(checking revocation status of a certificate) or Extended Validation
certificates.
Change-Id: I5c5d9513fa640cd487786bb9a5af734afebd0828
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
The Proxy-Connection header is a non standard header, but is widely
used so forming a de-facto standard.
Some proxies use the official Connection header, so we should check
for that in responses. Otherwise https connections over http proxy
fail in case the proxy sends "Connection: close" with the 407 reply.
Task-number: QTBUG-22177
Change-Id: If6cfa4ebb7ac9d97d65b6ddcc8257aee20ac0448
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 9d5c920bb23b949a0b98f1268679a0a2c06dd1d9)
Change-Id: Id99040051afe97bca3b1a8e4e3ae5a4c7f617cc9
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Symbian is no longer a supported platform.
Change-Id: Ifcb2e05661b16acc6307a4ccfaa42586750734c1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
This should be API-compatible with Qt 4, but is not ABI-compatible, due to
removing the enum from QUdpSocket.
Task-number: QTBUG-121
Change-Id: I967968c6cb6f96d3ab1d6300eadd5bde6154b300
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This should have always been the case, as it simply makes sense, but the
upcoming moving of binding to QAbstractSocket will require this for autotesting.
Change-Id: Ieef70196616227e7914c76fff5388a4068c36efb
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
It was originally added to keep compatibility with the bearer management module from Qt Mobility, and no longer needed in Qt 5.
Change-Id: I187494e02a71c3d39a52f8c0bd4d0c7cc23d0b4b
Reviewed-by: Aaron McCarthy <aaron.mccarthy@nokia.com>
the generic systemProxyForQuery will use http_proxy from the
environment, if it is set.
Change-Id: Ie685c47eb6df1fdd2ab223defc7172bb25e6fe30
Reviewed-by: Thiago Macieira (Intel) <thiago.macieira@intel.com>
Various places in QtNetwork checked for Localhost or LocalHostIPv6,
i.e. 127.0.0.1 or ::1. By using the isLoopback API, other loopback
addresses are treated the same way (e.g. 127.0.0.2 and ::ffff:127.0.0.1)
Task-number: QTBUG-22246
Change-Id: I46f55630d8646fd68034a509969a0b7cb72ca77c
Reviewed-by: Thiago Macieira (Intel) <thiago.macieira@intel.com>
The standard IPv4 loopback address is 127.0.0.1, however anything in
the 127.0.0.0/8 range is also a loopback address.
isLoopback returns true for any address that is in the IPv4 loopback
address range, or is the single IPv6 loopback address ::1
Task-number: QTBUG-22246
Change-Id: Ic39100e2e97a52db700e01b109998a1cfd4335e3
Reviewed-by: Thiago Macieira (Intel) <thiago.macieira@intel.com>
QAtomicInt has a constructor, so QBasicAtomicInt needs to be used
instead to allow compile time initialisation.
Task-Number: QTBUG-20343
Reviewed-By: Olivier Goffart
(cherry picked from commit 29495592d27505feff024d574e1333809794c304)
Change-Id: Ia531c74f47daa86ba24a1b01bee36ddb1101af11
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Certain FTP servers refuse the SIZE command in ASCII mode (proftpd)
or refuse the SIZE command in ASCII mode for large files.
This is a security feature, as the SIZE command requires reading
the whole file and counting line ends which can cause denial of
services. In binary mode, the file size on disc is reported, which
is a relatively quick operation.
Qt had two problems here:
1. when size command fails, the total size was reported as -1,
whereas the documentation of QFtp::dataTransferProgress states
it should be reported as 0 (so that QProgressDialog can display
a wait note rather than progress bar)
2. SIZE command was sent before setting the type of the transfer
to ASCII / Binary. This is a problem as the size reported by
the server is incorrect. Also it usually means sending ASCII
SIZE for Binary transfers, which results in the 550 error on
FTP servers with DOS protection.
Task-Number: QTTH-1428
Reviewed-By: Peter Hartmann
(cherry picked from commit 72bf6105214bfc26cff33632f7f4bdeed9cdf362)
Change-Id: Ie1f356c34d6a04362eaca64befb00788f85c0ccb
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
There are lots of buggy SSL servers around and to connect to them you
need to disable various features. This commit adds the ability to
disable the SSL ticket extension, the ability to disable the insertion
of empty fragments, and the ability to disable compression.
Task-number: QTBUG-21906
Change-Id: I3e1d0347a46e9030b889bbf15b2aad19b8513b73
Merge-request: 68
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
startHostInfoLookup will try to detect if IPv4 or IPv6 will be used
when connecting to the host. If a proxy is set we should lookup
the proxy hostname instead, in case host name can't be resolved
via DNS and should be resolved by the proxy.
Task-number: QTBUG-21889
Change-Id: I2012798784fc40f153469a1298e261c52981297e
Reviewed-on: http://codereview.qt-project.org/6447
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
When two threads construct a QNetworkAccessManager at exactly the
same time on an SMP system, there are construction races for some
Q_GLOBAL_STATIC data. This is normal and expected - the losing
thread deletes its instance as part of the Q_GLOBAL_STATIC macro.
For QNetworkAccessBackendFactoryData, a guard mechanism intended
to prevent the data being reconstructed by destructors of other
global static classes was being set by the loser.
To fix this, the bool is changed to a QAtomicInt. In the normal
case, it will have value 0->1 on startup and 1->0 on shutdown.
In the race case, it will have values 0->1->2->1 on startup and
1->0 on shutdown.
Task-Number: QTBUG-20343
Change-Id: Ie3fe38944d10809d1ccdbe772df82d67faffe19c
Reviewed-on: http://codereview.qt-project.org/6181
Sanity-Review: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
The current code was meant to be a thread-safe initialisation that
also ran a couple of extra steps. But it wasn't. While it's ok to call
qAddPostRoutine(), the call to updateConfigurations() was
thread-unsafe. It is possible that another thread got the pointer to
the Private before updateConfigurations() finished.
So instead protect the initialisation with a mutex.
It's possible that the value of the pointer becomes visible to
other processors before the other contained values, so use
atomics here.
To call qAddPostRoutine safely from the main thread, use the trick
of deleteLater() (which is thread-safe) in another thread connecting
to a slot.
Change-Id: If9bab88138755df95a791f34b0be8684207979d7
Reviewed-on: http://codereview.qt-project.org/5028
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Bradley T. Hughes <bradley.hughes@nokia.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
QHttpNetworkReply was waiting for a body to be sent for 401 and 407
responses, whereas with a HTTP HEAD request, there will be no body.
This delayed the authentication signal until after the http channel
is closed by the server after a timeout. For example with the server
used for autotesting, the authentication signal is delayed 15 seconds.
When the server has a very long timeout, the authentication signal may
not be emitted at all.
Task-Number: QT-5304
Reviewed-By: Martin Petersson
(cherry picked from commit 8610ee14b8636641651a8ba6040cca16c4141ed6)
Change-Id: Ie4ce6c598df86ce59910f793fd5ae7c1ccf39f9d
Reviewed-on: http://codereview.qt-project.org/6032
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
The QHttpNetworkConnectionPrivate::errorDetail is supposed to return a
translated string, which is then set as the QNetworkReply error.
The current code incorrectly uses QT_TRANSLATE_NOOP,
which mark the strings for translation, but does not translate them.
The result is that even with a translator loaded those strings are
written in English.
Fixes QTBUG-18382.
Merge-request: 2671
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
(cherry picked from commit 434686a926a2a6e71f3cdea2508898b7800f7c81)
Change-Id: I8673cef7671d41106f50b75e78394916f3b720c9
Reviewed-on: http://codereview.qt-project.org/4691
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
and do not only check leaf certificates, but all intermediates and
the root. Tested manually with the cross-signed intermediates.
Change-Id: I860dc9b568bc244abc9228486dbb374a1a2b47c4
Reviewed-by: Richard J. Moore <rich@kde.org>
(cherry picked from commit 64adbd0c5775f97343afbe0e7b5fde0d70bdaedd)
Reviewed-on: http://codereview.qt.nokia.com/4291
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
... to reduce the possibility of blacklisting valid certificates that
happen to have the same serial number as a blacklisted one, which is
unlikely, but possible.
Reviewed-by: Richard J. Moore <rich@kde.org>
(cherry picked from commit 6b1a8129623e3716f2fc075608b260ce7c381fe2
and adapted to the source incompatible change)
Change-Id: If714c34f6ce028032eee6d68f34d088b6ad5a0cc
Reviewed-on: http://codereview.qt.nokia.com/3895
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Also export two symbols for auto tests since opaque keys
need EVP_PKEY * created by openssl.
Change-Id: Ib7801ddfceb259de7291bfaa5940df87f68af97d
Merge-request: 48
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/4011
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
This allow to use directly EVP_PKEY * with QSslKey (for
example comming from a PKCS#11 dongle).
Change-Id: Icb1ba5081506a831ec3d8cfffe13ce70939608ea
Merge-request: 48
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/4010
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
blacklist the leaf certificate for now. There might well be more fake
certificates in the wild, for that either the Diginotar.nl root cert
needs to be disabled on the system or OCSP would need to be enabled
(not supported by Qt yet).
Reviewed-by: Richard J. Moore <rich@kde.org>
(cherry picked from commit 70f6a1b91b242174682c30be976c2aa36c450cc7)
Change-Id: I7cd3fdc4c6e85202914764f983a60d301e54aa35
Reviewed-on: http://codereview.qt.nokia.com/3893
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
For the Happy eyeballs implementation we use two channels for the case
where a host lookup gives us both Ipv4 and Ipv6 addresses.
In the case where the Connection is setup to only use one channel
we can not use this solution, so in this case we should use the old
way of connecting with one channel.
Task-number: QTBUG-20981
Change-Id: I6590fb4c67d6a8261cd0e4da8f99cd3603bbb524
Reviewed-on: http://codereview.qt.nokia.com/3524
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Setting only a password (no username) for HTTP requests does not
result in the password being sent.
Only cancel authentication if neither a username nor a password is set.
Requiring a username was preventing user-less logins.
Merge-request: 1250
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Task-number: QTBUG-15566
(cherry picked from commit 6057909d2b73c2c3aa01a0e9216714ef07fb652f)
Change-Id: I23a52362e3e8cf114219accca2b548ceb9dccff7
Reviewed-on: http://codereview.qt.nokia.com/2940
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
... and add a new method subjectAlternativeNames() instead. This was
a typo in the API.
Change-Id: Id8704c387c9ff8e1af2b9a524ff628f5c053a294
Reviewed-on: http://codereview.qt.nokia.com/2618
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: João Abecasis <joao.abecasis@nokia.com>
In Qt 4.8 this generated a warning. For Qt 5 we should no longer
accept file urls without a scheme set. So you should use file://
for local files.
Change-Id: I57789e2b56b712aa4f370aec9437c6febf0d0211
Reviewed-on: http://codereview.qt.nokia.com/1822
Reviewed-by: Markus Goetz
there are return statements between locking and unlocking, so to not
leave the mutex locked when returning, this commit introduces a
QMutexLocker.
Change-Id: I74e2f329bf116e92250189bf097deb47d460d9dc
Reviewed-on: http://codereview.qt.nokia.com/1656
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
This eliminates some code (header parsing) that can be done by
zlib already.
Add support for 'deflate' encoding.
Also do less memory copying while uncompressing.
Change-Id: I94de21e3c58b904dd91d004c375ed8cbea56cb0b
Task-Number: QTBUG-13191
Reviewed-on: http://codereview.qt.nokia.com/1314
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Markus Goetz
Currently it is only possible to verify a certificate chain when
connecting to a server. This change makes it possible to verify a
chain at any time.
Change-Id: Ib70ad7b81418f880e995f391b82ce59561ededb8
Merge-request: 11
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1509
RFC 2459 "Internet X.509 Public Key Infrastructure" uses the word
"attribute" for fields in a certificate like common name, organization
etc.
Change-Id: I51e595acbe3e146acf81af21cf48e554fa9490e4
Reviewed-on: http://codereview.qt.nokia.com/1453
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Moves the code for extracting the name of an ASN1_OBJECT to a function.
We're going to need this again for implementing support for X509
extensions.
Change-Id: I43276eb375b37f5fef0d981f4003220d7e7b81ba
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1452
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Add methods that return a list of the tags in use in a certificate
issuer or subject. This means that unknown elements of these fields can
be accessed.
Change-Id: I588989e34f541b1d31cc9e97f5a85d1624ece1b1
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1451
The internals of QSslCertificate were using QString but the API used
QByteArray, this commit unifies the code. This means that we don't keep
converting things.
Change-Id: I29fc149a85b77e786a6e90e5154c62f713476599
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1450
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Previously, x509 name entries that didn't have a shortname would all be
(accidentally) stored with the tag 'UNDEF'. This commit changes things
so that they are stored using the string form of their OID.
Change-Id: I667306cc4f91b1ca84f29b986bc21daadeb089b6
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1449
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
This commit adds accessors for both the openssl version number and the
version string. The intention here is to aid debugging by making it
possible for applications to know which version of the openssl library
has been found by the runtime linking code.
Since the version of openssl in use will depend on the installation of
the developer, the test cases merely display the version string and
number rather than verifying that any particular version is in use.
Change-Id: Ieec44f0941f99887c85c2858bab0481722d739e5
Merge-request: 12
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1406
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
QHostInfo was leaking in the code path where it removes duplicate
name lookups after one has completed.
Task-number: QT-5121
Reviewed-by: Markus Goetz
(cherry picked from commit 73df7890923f377f19147466d9317fe1ec064b1d)
Change-Id: I26cc6a168ef8ea6cc18940300ca2eddd6777071d
Reviewed-on: http://codereview.qt.nokia.com/1363
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
AF_INET6 needs to be defined on Windows. This got undefined when
QT_NO_IPV6 was removed in 85869920bb
Change-Id: I1b4904f9561286b884324882f0f11dc29ba01416
Reviewed-on: http://codereview.qt.nokia.com/1169
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
In the cases where a DNS lookup will give you both an IPv4 and IPv6
address, this will start two connection channels at the same time.
One trying to connect using IPv4 and one on IPv6. This is done so
that we can use the fastest one for the connection. To do this we
have to do the hostlookup in the connection. The result is then
in the cache for the individual socket so it will not need to do
another lookup.
Task-number: QTBUG-16458
Change-Id: I806c20168d9c5edc2831b80f82a2bd570b36d5fa
Reviewed-on: http://codereview.qt.nokia.com/1003
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
As it turns out some test cases in QtWebKit rely on this.
Task-number: QTBUG-19556
Change-Id: I84c8abca5e9a018a4057c827fca973b8ebb39df6
Reviewed-on: http://codereview.qt.nokia.com/795
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
SSL_ctrl's prototype has changed slightly in openssl 1.0.0x - the 4th
argument is now a void* as opposed to a const void*.
gcc 4.6 doesn't allow this as an implicit cast.
Merge-request: 1239
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 007f01a7e801d5409708e4b8de8b3ead1481cf7d)
Change-Id: I4f41af981cf0762383b3fc867ec5d726e2b1e5c6
Reviewed-on: http://codereview.qt.nokia.com/821
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
THIS COMMIT BREAKS SOURCE COMPATIBILITY BETWEEN Qt 4 AND Qt 5
Qt4 assumed that there was only one entry of each type in the subject
and issuer of a certificate. This is incorrect (eg. you can have many
common names). In addition, some of the fields required by RFC3280
were not suppport. This change modifiers the API to return a list of
entries of each type and adds support for the missing fields. It also
updates the commonname matching code for SSL connections to handle
multiple entries.
Change-Id: I9457266a205def0a07c13de47094ff56ead42845
Merge-request: 5
Reviewed-on: http://codereview.qt.nokia.com/796
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
Adds support for binding "dual stack" sockets (via QUdpSocket or
QTcpServer). A dual stack socket will accept incoming connections on
either IPv4 or IPv6 interfaces.
QHostAddress::Any - use this to bind a dual stack socket
QHostAddress::AnyIPv6 - use this to bind a socket for IPv6 only
QHostAddress::AnyIPv4 - use this to bind a socket for IPv4 only
Binding to a specific address rather than one of the "any" addresses
is restricting you to a protocol anyway so no behaviour change there.
IPv6 sockets were previously dual stack on some OS and v6 only on others
Any previously meant IPv4 only
This commit implemented & tested on Windows 7, Linux (Ubuntu 10.04)
and Mac OS 10.6.7.
Windows XP and server 2003 do not support dual stack sockets, even though
they can support IPv6. On those versions, QHostAddress::Any will still
bind to IPv4 0.0.0.0 (which is also the behaviour anywhere QT_NO_IPV6 is
defined)
Autotests run:
qudpsocket (includes a new test case)
qtcpserver (includes a new test case)
qtcpsocket
qnetworkreply
qhostaddress
Task-number: QTBUG-17080
Change-Id: Id486677c4f832e18dc0ff1a86c5f5fc422c9eb4f
Reviewed-on: http://codereview.qt.nokia.com/421
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Thiago Macieira <thiago.macieira@nokia.com>
Reviewed-by: Markus Goetz
apparently there are really big certificates around, so 4k might not
always be enough.
Change-Id: I84df82d117469a14b4c6db81e0ceecc1a8ba47b3
Reviewed-on: http://codereview.qt.nokia.com/554
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Adds a function that will convert a certificate to human readable text
format using the openssl print function. This is useful for debugging
and for displaying the full details of a certificate (including those
parts not supported by the Qt API).
Change-Id: I27238d05df37f8b15ad09f8e761b06344631a9ce
Merge-request: 2
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/551
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Regression was introduced by 8d4cd52b6981a4e6deea7fdb77f56e40c4f3e6ba
when it failed to check when msecs == -1. This manifested visibly in KDE
failing to connect to any SSL site -- kioslaves are synchronous and use
waitForXXX(-1) (in this particular case, waitForEncrypted, which calls
waitForReadyRead).
Also, take the opportunity to convert these tests in QTcpSocket to use
port 80 (a defined service in the test server) instead of port 22.
Reviewed-by: Martin Petersson
(cherry picked from commit cb5b6799333794496269aa7e6515f96c2ac96d37)
Change-Id: I256a1e138e43fd45844976fe84cd2bc938552e47
Reviewed-on: http://codereview.qt.nokia.com/359
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
This enables external modules to also make use of them without having
access to the complete QtBase source code.
Change-Id: I056e45cba6c6798b76670b8d238dadb2d9f9c092
Task: QTBUG-19585
Reviewed-on: http://codereview.qt.nokia.com/234
Reviewed-by: Marius Storm-Olsen <marius.storm-olsen@nokia.com>
The application can normally control the amount of buffering of a
socket or QNetworkReply by using the setReadBufferSize API.
This allows the application to flow control the TCP connection, and
avoids out of memory errors when the data being downloaded is received
faster than the application can process it.
However when using a proxy, the proxy socket engine has an internal
socket which is used to communicate with the proxy server. It is not
visible to the user, and does not have awareness of the buffer size of
the external socket.
To solve this, we limit the internal sockets' buffer size to 64k bytes.
Under normal operation, the data is swiftly copied to the external
socket where the buffer can grow (or not) based on the application's
set value for read buffer size.
Task-number: QT-4966
Reviewed-by: Markus Goetz
(cherry picked from commit c4727a85eed57a4db698326a1bed4aa75b6e5284)
Change-Id: I29e6628e38b79b41c4464ba8cb772a0f03717043
Reviewed-on: http://codereview.qt.nokia.com/153
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
Changes in 4.8 led to a timer being created in the wrong thread.
I have restored the invokeMethod used to call startPolling() to solve
this problem.
Reviewed-By: mread
(cherry picked from commit e9e95f75e7c1e8325c2acce0087ff8677d773779)
Change-Id: I8b89fa89766679beb2d469f9bbd1f5e2233f061b
Reviewed-on: http://codereview.qt.nokia.com/138
Reviewed-by: Markus Goetz
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-staging: (21 commits)
Fixed line endings.
Update licenseheader text in source files for qtbase Qt module
New configure.exe binary
Add -qpa option on Windows
Use qglobal.h's VERSION number instead of hardcoded current version
More examples adjusted to Symbian and Maemo5. (cherry picked from commit a97b9620a584c9b1a2e006873183526b3d7e001e)
Doc: Added some details to the accessibility events API documentation.
Doc: Fixed qdoc warnings.
Doc: Fixed qdoc warnings.
Doc: Made an additional change for clarity.
Doc: Noted that the example will not work as expected with a mouse.
Doc: Fixed qdoc warnings.
Doc: Applying a pending change from previous merges.
Doc: Fixed qdoc warning.
Doc: Fixed qdoc warnings.
Doc: Applied pending fixes to API documentation.
Doc: Various fixes to documentation, some based on changes in master.
Doc: Added missing project and desktop files.
Doc: Documented the value returned when no field can be found.
Squashed commit of changes from the 4.8-temp branch.
...
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-earth-staging:
QUrl auto test: include core-private headers
QUrl TLD: fix documentation file for "Add QUrl::topLevelDomain() ..."
Add QUrl::topLevelDomain() and move TLD table from QtNetwork to QtCore
Move Qt's copy of the Mozilla public suffix list from QtNetwork
to QtCore and use it to expose a new API function QUrl::topLevelDomain().
This function returns the section of the url that is a registrar-controlled
top level domain.
QtCore now exports a couple of functions to the other Qt modules: qTopLevelDomain,
a helper function for QUrl::topLevelDomain(); and qIsEffectiveTLD(), a helper
function for QNetworkCookeieJar.
The motivation for this new API is to allow QtWebKit implement a Third-Party
Cookie blocking policy. For this QtWebKit needs to know the element of the url
that is the registry-controlled TLD. Without this knowledge it would end up
blocking third-party cookies per host rather than per registry-controlled domain.
See also https://bugs.webkit.org/show_bug.cgi?id=45455
Merge-request: 1205
Task-number: QTBUG-13601
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 154402f56dcf8303a6ce601a52215226af8d31ba)
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-earth-staging:
add auto test for SSL certificates containing utf8 characters
fix coding style for merge request re. utf8 characters in SSL certs
Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerName
fixes minor coding issues for
"Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerName"
Task-number: QTBUG-7912
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 2e8d206fd9f656cd88b797c059ef83ed3df32881)
... to be able to display non-ASCII names from subject and issuerInfo.
Task-number: QTBUG-7912
Merge-request: 922
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit e5d94256be2525c24a8b61edd771662b7f2b8be3)
On unix systems for which QT_NO_GETIFADDRS is defined, the way that the
hardware address field is extracted from the result of a call to
qt_safe_ioctl() is incorrect. The address of the ifreq.ifr_addr struct
is taken rather than the appropriate member within that struct, sa_data,
resulting in a memory offset and subsequently the hardware address has
garbage in the first two of six fields. This commit modifies the code
to pass the sa_data member instead of the address of the struct as a
whole.
Task-number: QTBUG-19165
Merge-request: 2614
Reviewed-by: Martin Petersson
(cherry picked from commit 004ad12669ef696eeba70fd57d1eb0c67c806d1d)
If we can not get online when the request is made then we are in the
WaitingForSession state. This will happen for example if the device
is in flight mode. This fix follows the same logic as in
_q_networkSessionFailed, but we should look into why we have the
WaitingForSession check in finished().
Task-number: QT-4747
Reviewed-by: Markus Goetz
(cherry picked from commit 0c9cb9a34d6b472cb53bf1af4616af55b593b616)
QAbstractSocketEngine::createSocketEngine can return 0 as well as throw.
In two cases the pointer was being used before the null check, in a 3rd
case the null check was missing.
Reviewed-by: Markus Goetz
(cherry picked from commit 19edac88af53eea7f733cabbaee77f9b725b7ea9)
Do the easy checks first, will avoid a crash in the HTTP code
if request is serviced from the cache.
Task-number: QTBUG-18770
Reviewed-by: Peter Hartmann
(cherry picked from commit d03a28a289cf0665290e6ea0375b31cbb2d6649e)
In Symbian, the OS function to get the size of a pending datagram also
includes the size of the packet header (which is different for IPv4 and
IPv6). We were reading the datagram with the "peek" flag set to
implement pendingDatagramSize, then reading again normally when the
client called read/readDatagram.
This change removes the "peek" flag, and buffers the datagram in the
socket engine, returning it and clearing the buffer when read or
readDatagram is called.
If there is no buffered data, the existing code path is followed - it
isn't mandatory to call pendingDatagramSize before reading from the
socket.
Reviewed-by: Markus Goetz
(cherry picked from commit dd8de4c2437397748daba49569cbc7f89a8bfbee)
The generic layer calls setReadNotificationEnabled(false) on sockets
after they are closed. This no longer causes a warning from the symbian
socket engine. A warning will only be emitted if trying to enable
notifications on a closed socket.
Task-number: QTBUG-18713
Reviewed-by: Markus Goetz
(cherry picked from commit 0aa780235c24ed724fcf6a9095a6467e34b9346e)
The header field "Cache-Control: must-revalidate" is a strict
requirement for loading the resource from the server, and not reading it
from the cache without revalidating first. With this patch, PreferCache
will load such from the network instead of loading them from the cache,
and AlwaysCache will throw a ContentNotFound error.
Reviewed-by: Markus Goetz
Task-number: QTBUG-18983
(cherry picked from commit 0e449f38894b1bd2dbb2f14206a011424679f063)
Conflicts between 61c6d66b7efd8de4a83b021e7c4ef2b1a803ece2 and 940f16babab76b328b7c9bfdb5435102c689b76b
(cherry picked from commit 7a20cf9d4419cf1a5a9a4ed450b03caa8716fd58)
QNetworkConfigurationManager creates the engines loaded from plugins
as objects in the main thread.
If a QNetworkConfigurationManager instance is created in a worker thread
without any instance previously existing in the main thread, then it
is uninitialised until the main thread has run.
This causes allConfigurations() to return an empty list if called
immediately after instantiation, for example.
This fix initialises the plugins using blocking queued connections,
which causes the worker thread to block until the initialisation function
has been called in the context of the main thread.
Deadlock is possible if the main thread is for some reason waiting on the
worker thread, but it will not deadlock on QNetworkConfigurationManager's
mutex.
If this is a problem for an application, it should use
QNetworkConfigurationManager from the main thread first to preload the
plugins.
Task-number: QTBUG-18795
Task-number: QTBUG-18799
Reviewed-by: Cristiano Di Flora
In Qt 4.7, http network requests are assigned to http connection
channels before connecting the channel.
In Qt 4.8, channels are connected "blind" as this gives a performance
improvement in certain circumstances.
On the assumption that User-Agent should be the same for all the
requests being sent to the server in a given burst, we use the first
queued request to set the user agent for a http proxy.
Task-number: QTBUG-17223
Reviewed-by: Markus Goetz
Reviewed-by: Martin Petersson
Some proxies can discriminate based on the User-Agent when sent a
CONNECT command for establishing a HTTPS connection.
With this change, if the User-Agent header is set in the QNetworkRequest
then it will be passed to the http socket engine for use in the connect
command sent to the proxy.
As before, "Mozilla/5.0" will be used by default when no user agent
has been set.
Task-number: QTBUG-17223
Reviewed-by: Markus Goetz
The backend was never started when compiled without bearer management,
now it is.
Now emits the error signal in case of startup errors which would leave
the state machine hanging. Previously it just printed a warning.
Reviewed-by: Peter Hartmann
Delayed the resolving of the proxy until the backend is being started.
This is because the proxy settings are not known until after
QNetworkAccessManager has brought the network online using
QNetworkSession.
On Nokia's symbian3 phones, the default network configuration is a
service network containing a list of access points in priority order.
For a typical user, this will include one or more WLAN networks and a
cellular network - each of which can have different proxy settings.
Task-number: QTBUG-18618
Reviewed-by: Peter Hartmann
When Qt is compiled with bearer management support, the network
configuration can be included as a parameter in QNetworkProxyQuery.
This allows QNetworkProxyFactory::systemProxyForQuery to get the right
proxy setting for a specific network. For example a mobile phone could
have network configurations for home WLAN, work WLAN and 3G data
access points, each with different proxy configurations.
Task-number: QTBUG-18618
Reviewed-by: Peter Hartmann
When socks socket engine calls the write function of the native socket
engine, it now propagates errors to the abstract socket.
Task-number: QTBUG-18713
Reviewed-by: Markus Goetz
The header field "Cache-Control: must-revalidate" is a strict
requirement for loading the resource from the server, and not reading it
from the cache without revalidating first. With this patch, PreferCache
will load such from the network instead of loading them from the cache,
and AlwaysCache will throw a ContentNotFound error.
Reviewed-by: Markus Goetz
Task-number: QTBUG-18983
The header field "Cache-Control: must-revalidate" is a strict
requirement for loading the resource from the server, and not reading it
from the cache without revalidating first. With this patch, PreferCache
will load such from the network instead of loading them from the cache,
and AlwaysCache will throw a ContentNotFound error.
Reviewed-by: Markus Goetz
Task-number: QTBUG-18983
We should follow
http://tools.ietf.org/html/draft-ietf-httpstate-cookie-23 , which says
parse the value until reaching the next ';' or the end of the line.
Other cookie implementations allow spaces in unquoted values as well.
Reviewed-by: Martin Petersson
Task-number: QTBUG-18876
This will allow us to expose private headers in a controlled manner,
and ensure that they are not used by accident. This also means that
we internally will have to enable the private headers for the
modules we wish to use in the project.
startPolling() is called by each engine, so before it would start
multiple singleshot timers. So I moved the timer to the class
and check if it has already been started before it is activated
again. So that we just use one timer.
Task-number: QTBUG-17219
Reviewed-by: Iiro Kause
Reviewed-by: Kranthi Kuntala
(cherry picked from commit 2506b86828ca8140c2f22d85a4378df40899b132)
Make sure that waitForReadyRead times out if the read buffer is full.
Task-number: QTBUG-16123
Reviewed-by: Peter Hartmann
(cherry picked from commit 8d4cd52b6981a4e6deea7fdb77f56e40c4f3e6ba)
This is the beginning of revision history for this module. If you
want to look at revision history older than this, please refer to the
Qt Git wiki for how to use Git history grafting. At the time of
writing, this wiki is located here:
http://qt.gitorious.org/qt/pages/GitIntroductionWithQt
If you have already performed the grafting and you don't see any
history beyond this commit, try running "git log" with the "--follow"
argument.
Branched from the monolithic repo, Qt master branch, at commit
896db169ea224deb96c59ce8af800d019de63f12
