There is already an enum to disable SSL session tickets, which has been
used to disable session sharing for now. However, SSL session sharing
is not the same as SSL session tickets: Session sharing is built into
the SSL protocol, while session tickets is a TLS extension (RFC 5077).
Change-Id: If76b99c94b346cfb00e47366e66098f6334fd9bc
Reviewed-by: Richard J. Moore <rich@kde.org>
There is no 'name' variable, but apparently 'd->serverName' is correct
variable here. Some other methods take 'name' as an argument and have
similar code block, so I think this is a copy/paste error introduced
somewhere in the past.
Change-Id: I2e82b42688b9928e0dcc5054df04e87d30a5e38e
Reviewed-by: Andreas Holzammer <andreas.holzammer@kdab.com>
Reviewed-by: Johannes Oikarinen <johannes.oikarinen@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
... before trying to update the configurations. Before, we would check
whether the pointer to the QNetworkConfigurationManagerPrivate instance
was 0 and in that case construct it. This would mean that this code path
was taken "at app shutdown", i.e. when the qAddPostRoutine had already
been called but the other statics were still accessed.
Note: This is not thread safe, but neither is the rest of the code;
making it thread-safe would require additional changes.
Task-number: QTBUG-30585
Change-Id: I8f6cf616e3f3ba1e84b8246589fb7210d2dae57a
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@digia.com>
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
In particular, set online state right upon construction of the
QNetworkAccessManager instance. Therefor, QNAM needs an instance of a
QNetworkConfigurationManager internally.
Before, this would only work properly if a network session was created.
Now, networkAccessible() returns the correct status.
Change-Id: I7ff9ccfd18ad376a131fc5977843b55bf185fba0
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
In case a network session is not required, we need access to the
configuration object rather than to the QString.
Change-Id: I05945525ce8247e343d0bebd7ec15e0e162ed826
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
... otherwise we would not read from the beginning when trying to
read again. The device is reset when we try to resend a request
(e.g. remote host closed etc.).
Change-Id: I21d3647dd0e00ae8bc2507f08166234f21f88861
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
... so SSL traffic can be decrypted with e.g. tcpdump / Wireshark.
For this to work, the define needs to be uncommented and QtNetwork
recompiled. This will create a file in /tmp/qt-ssl-keys which can
be fed into Wireshark.
A recent version of Wireshark is needed for this to work.
Change-Id: I4e41fd2e6122260cd96d443b1360edc71b08b5fd
Reviewed-by: Richard J. Moore <rich@kde.org>
Remove all trailing whitespace from the following list of files:
*.cpp *.h *.conf *.qdoc *.pro *.pri *.mm *.rc *.pl *.qps *.xpm *.txt *README
excluding 3rdparty, test-data and auto generated code.
Note A): the only non 3rdparty c++-files that still
have trailing whitespace after this change are:
* src/corelib/codecs/cp949codetbl_p.h
* src/corelib/codecs/qjpunicode.cpp
* src/corelib/codecs/qbig5codec.cpp
* src/corelib/xml/qxmlstream_p.h
* src/tools/qdoc/qmlparser/qqmljsgrammar.cpp
* src/tools/uic/ui4.cpp
* tests/auto/other/qtokenautomaton/tokenizers/*
* tests/benchmarks/corelib/tools/qstring/data.cpp
* util/lexgen/tokenizer.cpp
Note B): in about 30 files some overlapping 'leading tab' and
'TAB character in non-leading whitespace' issues have been fixed
to make the sanity bot happy. Plus some general ws-fixes here
and there as asked for during review.
Change-Id: Ia713113c34d82442d6ce4d93d8b1cf545075d11d
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Introduced Q_OS_ANDROID_NO_SDK which makes more sense than
Q_OS_LINUX_ANDROID when Q_OS_ANDROID also defines Q_OS_LINUX.
Change-Id: Id2aa228b66daffba82776a12c91a264a360afd86
Reviewed-by: Gunnar Sletta <gunnar.sletta@digia.com>
When attempting to connect a tcp-based QLocalSocket while it was
already connected, the open() (and connectToServer()) method
failed silently. That behavior was not helpful and inconsistent
with the windows and unix implementations.
So an error is now set and error() is emitted
Change-Id: I544e81f0a303dd6d5b1869287df860878a8a06c6
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Add getter and setter for handling the server QLocalSocket connects to.
Move the connectServer() implementation to QLocalSocket::open
so the local socket can be handled transparently as a QIODevice
Add a convenient connectToServer(OpenMode) method
Change-Id: Ibc8dc33f79903f92daf2d1ca2e64ead2ce39f33e
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Based on the Necessitas project by Bogdan Vatra.
Contributors to the Qt5 project:
BogDan Vatra <bogdan@kde.org>
Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
hjk <hjk121@nokiamail.com>
Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Paul Olav Tvete <paul.tvete@digia.com>
Robin Burchell <robin+qt@viroteck.net>
Samuel Rødal <samuel.rodal@digia.com>
Yoann Lopes <yoann.lopes@digia.com>
The full history of the Qt5 port can be found in refs/old-heads/android,
SHA-1 249ca9ca2c7d876b91b31df9434dde47f9065d0d
Change-Id: Iff1a7b2dbb707c986f2639e65e39ed8f22430120
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
This change lets you call QHostInfo::lookupHost() with a null receiver
in order to warm up the DNS cache. This allows you to try to get the
DNS request in flight early.
Change-Id: Icfdd28146479aa534ae9ceb472f75e08aaa39cd2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Add an encrypted signal to QNAM and QNetworkReply to allow applications
to perform additional checks on the certificate chain beyond those done
as part of the standard SSL validation. This allows things like
certificate change notification to be implemented for QNAM as they can
be for QSSLSocket currently.
Change-Id: I693e3e6fec8b7040379b7e7f1f819550e6b2617f
Reviewed-by: Peter Hartmann <phartmann@rim.com>
Add intermediate certificates to our server sockets, and to our client
certs.
Change-Id: Ib5aa575473f9e84f337bebe35099506dd7d7e2ba
Task-Number: QTBUG-19825
Task-Number: QTBUG-13281
Reviewed-by: Peter Hartmann <phartmann@rim.com>
Instead of storing a single QSslCertificate for a the local cert, store
a list of them. This will allow us to handle server sockets that use a
certificate that is not issued directly from the CA root in future.
Change-Id: I9a36b9a99daa9c0bdd17f61b4ce1a7da746f2e96
Reviewed-by: Peter Hartmann <phartmann@rim.com>
Qt5 requires Mac OS 10.6, so we can remove checks such as
if MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6
Change-Id: Iea21727a277291148704ecf9677ed0b68c24920f
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
... because almost everybody gets it wrong almost every time.
Change-Id: I54938ef094323ba8de02186b585b11b9579f3ca4
Reviewed-by: Richard J. Moore <rich@kde.org>
... like e.g. in QAbstractSocket::connectToHost().
We can set the scheme on the query URL based on well-known ports; even
if the port is not well-known, we can just query the URL anyhow and let
the netstatus API resolve the right proxy for us.
In addition, return early for local schemes like "file" and "qrc".
Task-number: QTBUG-29425
Change-Id: I900f1ecbac6dd380bb8a77470b39de2c07aa7f6e
Reviewed-by: Andrey Leonov <aleonov@rim.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
When OpenSSL is built using MSVC then the library names are
named ssleay32.dll and libeay32. However, when OpenSSL is built
with GCC then different library names are used like libssl-10.dll
and libcrypto-10.dll (depending on the version of OpenSSL used)
Change-Id: Icb79a5f82d2a511752bfc904f53a58423ce4b86b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This fixes a compilation error with GCC 4.7
which was introduced in b5652df775
In function ‘SSL_SESSION* q_SSL_get1_session(const SSL*)’:
invalid conversion from ‘const SSL* {aka const ssl_st*}’ to ‘SSL* {aka ssl_st*}’ [-fpermissive]
Change-Id: I909f7fb4295b2019283a7af66a038d4711e5f7cb
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
DER certificates should not be opened as text files, so we
only pass the QIODevice::Text flag when the format is
QSsl::Pem.
Change-Id: I4bad98023c397b967d5beeec0aaa6c414e06fd9c
Reviewed-by: Richard J. Moore <rich@kde.org>
i.e. make it obvious that they come from Qt.
This helps when debugging and trying to differ user created threads
from Qt threads.
Change-Id: Idd6804246d6676b17cf15de6b644a5be629aa023
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
This improves performance since a network round trip can be avoided.
Change-Id: I1aaff7e48ef9638cb137de0f43942c3a4dd2884a
Initial-patch-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This change increases the size of the DNS cache in QHostInfo from 64
entries to 128. Given the figures in the google chrome performance paper
http://www.igvita.com/posa/high-performance-networking-in-google-chrome/
this should mean we can cache enough entries to handle 4 tabs at once.
Change-Id: I34e32e9e0966473591c59ca5f222623a354650d2
Reviewed-by: Peter Hartmann <phartmann@rim.com>
This is supposed to workaround a race condition in the underlying
netstatus API: Sometimes we get an event that the Wifi interface
changed, but it is not up, e.g. no gateway (yet). In that case we need
to check back (currently: 300 ms) whether the interface has come
up or not.
This commit can be reverted again once the race condition in the
netstatus API has been resolved.
Task-number: QTBUG-29421
Change-Id: I215ce8aae4848b6e942e77c6425adba90e9cc526
Reviewed-by: Sean Harmer <sean.harmer@kdab.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
The macro was made empty in ba3dc5f3b5
and is no longer necessary or used.
Discussed-on: http://lists.qt-project.org/pipermail/development/2013-January/009284.html
Change-Id: Id2bb2e2cabde059305d4af5f12593344ba30f001
Reviewed-by: Laszlo Papp <lpapp@kde.org>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Reviewed-by: hjk <hjk121@nokiamail.com>