Let's make sure we don't accidentally have it wrong in one of the three
versions.
Change-Id: Iee8cbc07c4434ce9b560ffff13c9bcf75ba66a66
Reviewed-by: Richard J. Moore <rich@kde.org>
The native socket engine sets the socketProtocol to that when it means
it's using IPv6 with v4 compatibility on (v6only = false).
We mustn't have faced problems so far because the multicast tests set
don't test v6only = false.
Change-Id: Iee8cbc07c4434ce9b560ffff13ca0aff60673940
Reviewed-by: Richard J. Moore <rich@kde.org>
Suddenly :(( With Security Framework v 7.0 dated by 17/02 SSLHandshake
works differently when our server socket is requesting a client side authentication
and client provides no certificate. Despite of kTryAuthenticate (this means,
auth. _can_ fail) server receives an error from SSLHandshake too early.
We have to handle this in startHandshake (when serveMode && canIgnore).
Change-Id: Ie55540078e2944e80cf2f4ade8b000acf29d6ca2
Reviewed-by: Richard J. Moore <rich@kde.org>
One of the reasons why we use "int" everywhere: to avoid this annoyance
about different types and having to explicitly cast to silence the
compiler.
qsslsocket_openssl.cpp(690) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
Change-Id: Ia0aac2f09e9245339951ffff13c8bdad334ce108
Reviewed-by: Richard J. Moore <rich@kde.org>
It has been a historical mistake that there wasn't a const overload.
Change-Id: Ia0aac2f09e9245339951ffff13c8d8b70f206a99
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
A mistake in const correctness resulted in the incoming QByteArray
getting modified when it shouldn't. I have no ldea if this could result
in user-visible effects.
Change-Id: Ia0aac2f09e9245339951ffff13c8d8c6b4f909bd
Reviewed-by: Richard J. Moore <rich@kde.org>
This allows one to check whether the conversion is successful without
checking for the return result, as the value of 0 represents the valid
IPv4 address 0.0.0.0.
Change-Id: I637fe55583f2255c85b0d955e5886b61494e0c7c
Reviewed-by: Richard J. Moore <rich@kde.org>
Unlike localhost (127.0.0.1), there's really no point in using
::ffff:0.0.0.0, since you shouldn't be sending packets to it. Linux
transforms 0.0.0.0 to localhost, but that's non-standard and won't work
on other OSs, so it's still a bad idea.
Change-Id: I5982b21bf953e11e04fc19893f94be90ed29089b
Reviewed-by: Richard J. Moore <rich@kde.org>
In 85136496bc, Shane made QHostAddress
automatically convert any IPv6 address that was v4-mapped to IPv4 in
QHostAddress. While that is an interesting trick, it prevents us from
being specific about what we want. On some OS (like FreeBSD and OS X),
the distinction is relevant, so keep it.
Moreover, it was inconsistent: it might fail depending on how the
QHostAddress was constructed and the order of comparison.
[ChangeLog][Important Behavior Changes] QHostAddress will no longer
convert IPv6 addresses of type "v4-mapped" to IPv4. To perform this
conversion manually, construct another QHostAddress with the result of
toIPv4Address().
Change-Id: I06afbc7018539804bb3044ef1fe6a49ac7a5f240
Reviewed-by: Richard J. Moore <rich@kde.org>
If our socket is already of a given type (probably due to a previous
call to bind()), then constrain the incoming target address to be of the
same family. On some OSs, trying to send or connect to an IPv4 address
from an IPv6 socket will fail with EINVAL, even if the socket is not in
"v6only" mode.
bind() can't be called after already being bound, but the function can
still be called on a socket created by the user and passed on with
setSocketDescriptor().
Change-Id: I209a1f8d0c782c6b6de2b39ea4cfad74d63f3293
Reviewed-by: Richard J. Moore <rich@kde.org>
This has been known to be broken for a while. Now it works: you can bind
and you'll retain the port (and the file descriptor) for the connect
call. Incidentally, in fixing the binding for more than one IP for the
hostname (with event loop), this commit fixes the setSocketDescriptor
XFAIL.
[ChangeLog][QtNetwork] Fixed a bug that caused both QTcpSocket and
QUdpSocket to close the socket and lose any bound ports before
connecting. Now bind()/setSocketDescriptor() followed by connect() will
retain the original file descriptor.
Task-number: QTBUG-26538
Change-Id: I691caed7e8fd16a9cf687b5995afbf3006bf453a
Reviewed-by: Richard J. Moore <rich@kde.org>
invalid conversion from ‘unsigned char**’ to ‘const unsigned char**’
Task-number: QTBUG-44744
Change-Id: I6263db106fe28c6aa04db8ca79421b3a9fc5adc9
Reviewed-by: Richard J. Moore <rich@kde.org>
Reasons:
- the PlayBook NDK is old and its compiler does not keep up with newest
C++11 improvements inside Qt code.
- the PlayBook NDK diverges considerably from the standard BB10 NDK,
making it non-trivial to keep a common codebase.
- It's a defunct platform.
- Maintenance time is limited.
[ChangeLog][Platform Specific Changes] Removed BlackBerry PlayBook support.
Change-Id: Ia338aff55f4e4b747ebdecb0e1463a369a656c03
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Bernd Weimer <bernd.weimer@pelagicore.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Do not return early on Windows if bytes are still in the buffer.
This is not in line with the behavior on other platforms,
and also breaks apps where the caller knows that the
bytes available are insufficient.
[ChangeLog][Network][QLocalSocket] On Windows, waitForReadyRead
now always waits for more data, even if bytes are still in the
buffer.
Task-number: QTBUG-16688
Change-Id: I1425a5780c7707295374934a6b5446ff8e148cc8
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
This change is a step closer to working with openssl 1.2 which makes
this struct opaque.
Change-Id: I3897142657edc0fa4053142b6ef743c2b00c013e
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
Linux's socket(2) system call can take SOCK_NONBLOCK and let us avoid
the extra two fcntl(2) to change the setting after it's created.
Change-Id: Ie0d7a2d51acc21acd850cbee6d0f76e27b1ae859
Reviewed-by: Richard J. Moore <rich@kde.org>
Enable certificate/trust validation when socket is in server mode.
Change-Id: I8fbba587a9484084495722219d83cca57973a3e6
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
...where passing them by value was not intentional.
Change-Id: Ifd5036d57b41fddeeacfbd3f5890881605b80647
Reviewed-by: Shawn Rutledge <shawn.rutledge@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Use the
QDebugStateSaver saver(debug);
debug.resetFormat().nospace();
idiom to unify the formatting and whitespace handling.
Change-Id: Id346d63b3f589b60ca19e4459271d587f1a0c003
Reviewed-by: Richard J. Moore <rich@kde.org>
Instead of using sprintf (and #ifdef'ing our way around Windows warnings),
simply do the conversion from uchar to hex digits ourselves, using
QtMiscUtils.
Also used the Qt::Uninitialized QString ctor, as the result length is
exactly known ahead of time.
Change-Id: Ie42e5f11c608e7719f7dc33d72739c1e41901b3b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
QAbstractSocket::close() always calls QIODevice::close(), which resets
QIODevice's internal read buffer. So it makes no sense to make same calls
from disconnectFromHost(). This made the closeCalled private member
superfluous.
Change-Id: I4ec64e9711490e44e737763e4ed7fb41bffe2556
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Since the algorithm can only be one the underlying structure can
share the same memory.
Change-Id: Ifeaa1a2d5c4ad3566cbbf847445b805876275260
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Outdated header.LGPL removed (use header.LGPL21 instead)
Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)
Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination
Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
The cipher is always valid here, so this check was never needed anyway.
Change-Id: I22be273d166702926b98f0c9443657a1dde65f6e
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
There were still ifdefs for openssl 0.9.7 and openssl 0.9.8f.
[ChangeLog][QtNetwork] Some legacy ifdefs for openssl 0.9.7 and openssl 0.9.8f
were removed, Qt will no longer build with these versions. In addition there
is no support for openssl built with NO_TLSEXT.
Change-Id: I9268515c0a125a2f6d79add8ee1cb40768e7e898
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
The postfix increment(decrement) creates a temp copy of *this before the
modification and then returns that copy. It's needed only when using the
old iterator and then incrementing it.
Change-Id: I7f6702de78f5f987cec3556047e76049b4ee063a
Reviewed-by: Konstantin Ritt <ritt.ks@gmail.com>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
libproxy is not part of Qt's public interface, but a helper library
used by Qt. Treat it as such by using LIB_PRIVATE.
Task-number: QTBUG-44326
Change-Id: I014f992e4b7a51de1e5a7407ce1bd08dd5352136
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
The OpenSSL backend for QSslSocket return an incomplete peer certificate
chain when in server mode: it does not include the peer's certificate as
the first element of the chain.
This change fixes this issue.
Change-Id: I2f0815bca2f314a075b48a2d0b5a6d5b7af50722
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
kernel/qnetworkproxy_libproxy.cpp:152:57: error: suggest parentheses around comparison in operand of ‘&’ [-Werror=parentheses]
if (proxy.capabilities() & requiredCapabilities == requiredCapabilities)
Change-Id: I37eba3443802e4949bab03e9cb4f3fb664fa492d
Reviewed-by: Richard J. Moore <rich@kde.org>
It will be used on Unix systems if the required dev package is
present. (Detected by a configure compile test.)
You can configure with -no-libproxy to avoid the dependency.
It will not be used on OS X or Windows, as we already implement
the native API for getting proxies there.
Currently we use whatever PAC runner is provided by the distro
for running PAC scripts - if we want to run PAC scripts using
Qt, then we would have to implement a pacrunner plugin to libproxy.
Note that their webkit pacrunner is using javascriptcore already.
Tested using the libproxy 0.4.7 that is included in Ubuntu 12.04.
Re-tested using Ubuntu 14.04 which ships libproxy 0.4.11.
It works except when both socks and http proxies are configured in
the manual settings - in that case libproxy returns only the socks
proxy. This seems to be covered by libproxy issue 119.
[ChangeLog][QtNetwork] Introduce libproxy backend for Unix platforms,
enabled automatically if the required dev package is present
Task-number: QTBUG-26295
Change-Id: I521c0a198fcf482386ea8a189114a0077778265c
Reviewed-by: Richard J. Moore <rich@kde.org>
... but choose HTTP/1.1 and continue connecting anyhow. According to
the NPN spec, actually we should choose SPDY:
"In the event that the client doesn't support any of server's protocols,
or the server doesn't advertise any, it SHOULD select the first protocol
that it supports."
However, some tested servers did not advertise anything and did not
support SPDY, so blindly trying the newest protocol would fail. We are
conservative in that case and choose HTTP.
Task-number: QTBUG-40714
Change-Id: Ia8aaf01fea74e13d9e4416306f85f1890b25559e
Reviewed-by: Richard J. Moore <rich@kde.org>
We do not support Windows older versions in the first place ...
Change-Id: I2cd3135f1b7f2dac6929c07624ea9373f4ac0ff1
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
The call to LookupAccountNameW from advapi32 was rewritten following
the example:
http://msdn.microsoft.com/en-us/library/aa392742%28v=vs.85%29.aspx
This prevents the generation of a garbage pointer when accessing
QWindowsSystemProxy::init() for Qt compiled as 64bit library
with MinGW-w64.
Task-number: QTBUG-39874
Task-number: QTBUG-38145
Change-Id: I620b2fa64941f84838f9a386851480285336e8d1
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Move these types to QAsn1Element so that they can use the toString()
method which guards against malicious ASN.1.
Change-Id: I7d6155147a6fc2d41da6f3ae87551b6cb75aa9ce
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
We don't currently use this class for critical things like hostname
verification however we still want to ensure that it is not possible
to trick it using ASN.1 strings with embedded NUL characters. This will
avoid problems in the future.
Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Classes should either use or not use override, otherwise it hurts
code readability.
Some inline keywords were removed because of an error with MSVC2010:
error C2216: 'override' cannot be used with 'inline'
Change-Id: I7276d5525a92281bd0d743beb11d0dc73441443b
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Because Proxy Auto Configuration performs DNS lookups,
the proxy settings are being cached. For long-running
programs this means that once users switch e.g. from or
to company networks with a proxy, they instantly will
lose connectivity because we cache the old setting.
To remedy this, we monitor the Registry (locations
courtesy of Chromium's platform support) for changes
in its settings, and requery for the current proxy in
that case.
Task-number: QTBUG-3470
Task-number: QTBUG-29990
Change-Id: Id25a51387bcd232c5f879cea0371038986d0e2de
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.
[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).
Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
Change-Id: I9c09a3e2dfb90eb22d4509ac6c450a0bb5da48f6
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>