Changeset 561 for trunk/src/network/ssl/qsslsocket.cpp

Timestamp:

Feb 11, 2010, 11:19:06 PM (15 years ago)

Author:

Dmitry A. Kuminov

Message:

trunk: Merged in qt 4.6.1 sources.

Location:

trunk

Files:

• . (modified) (1 prop)
• src/network/ssl/qsslsocket.cpp (modified) (24 diffs)

trunk/src/network/ssl/qsslsocket.cpp

@@ -2 +2 @@
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
-** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
@@ -21 +22 @@
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
-** In addition, as a special exception, Nokia gives you certain
-** additional rights. These rights are described in the Nokia Qt LGPL
-** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
-** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
@@ -34 +34 @@
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
-** If you are unsure which license is appropriate for your use, please
-** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
@@ -50 +50 @@
 
     \reentrant
-    \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
@@ -114 +114 @@
     internal buffer, and you can call write() or putChar() to write
     data back to the peer. QSslSocket will automatically encrypt the
-    written data for you, and emit bytesWritten() once the data has
-    been written to the peer.
+    written data for you, and emit encryptedBytesWritten() once
+    the data has been written to the peer.
 
     As a convenience, QSslSocket supports QTcpSocket's blocking
@@ -150 +150 @@
     for use in the OpenSSL Toolkit (\l{http://www.openssl.org/}).
 
+    \note Be aware of the difference between the bytesWritten() signal and
+    the encryptedBytesWritten() signal. For a QTcpSocket, bytesWritten()
+    will get emitted as soon as data has been written to the TCP socket.
+    For a QSslSocket, bytesWritten() will get emitted when the data
+    is being encrypted and encryptedBytesWritten()
+    will get emitted as soon as data has been written to the TCP socket.
+
     \sa QSslCertificate, QSslCipher, QSslError
 */
@@ -357 +364 @@
     ignoreSslErrors(), either from inside a slot function connected to
     the sslErrors() signal, or prior to entering encrypted mode. If
-    ignoreSslErrors is not called, the connection is dropped, signal
+    ignoreSslErrors() is not called, the connection is dropped, signal
     disconnected() is emitted, and QSslSocket returns to the
     UnconnectedState.
@@ -398 +405 @@
 
 /*!
+    \since 4.6
+    \overload
+
+    In addition to the original behaviour of connectToHostEncrypted,
+    this overloaded method enables the usage of a different hostname 
+    (\a sslPeerName) for the certificate validation instead of
+    the one used for the TCP connection (\a hostName).
+
+    \sa connectToHostEncrypted()
+*/
+void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,
+                                        const QString &sslPeerName, OpenMode mode)
+{
+    Q_D(QSslSocket);
+    if (d->state == ConnectedState || d->state == ConnectingState) {
+        qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected");
+        return;
+    }
+
+    d->init();
+    d->autoStartHandshake = true;
+    d->initialized = true;
+    d->verificationPeerName = sslPeerName;
+
+    // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)
+    // establish the connection immediately (i.e., first attempt).
+    connectToHost(hostName, port, mode);
+}
+
+/*!
     Initializes QSslSocket with the native socket descriptor \a
     socketDescriptor. Returns true if \a socketDescriptor is accepted
@@ -413 +450 @@
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ","
-             << state << "," << openMode << ")";
+    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ','
+             << state << ',' << openMode << ')';
 #endif
     if (!d->plainSocket)
@@ -432 +469 @@
 
 /*!
+    \since 4.6
+    Sets the given \a option to the value described by \a value.
+
+    \sa socketOption()
+*/
+void QSslSocket::setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value)
+{
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        d->plainSocket->setSocketOption(option, value);
+}
+
+/*!
+    \since 4.6
+    Returns the value of the \a option option.
+
+    \sa setSocketOption()
+*/
+QVariant QSslSocket::socketOption(QAbstractSocket::SocketOption option)
+{
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        return d->plainSocket->socketOption(option);
+    else
+        return QVariant();
+}
+
+/*!
     Returns the current mode for the socket; either UnencryptedMode, where
     QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or
@@ -451 +516 @@
 
     An encrypted socket encrypts all data that is written by calling write()
-    or putChar() before the data is written to the network, and descrypts all
+    or putChar() before the data is written to the network, and decrypts all
     incoming data as the data is received from the network, before you call
     read(), readLine() or getChar().
@@ -654 +719 @@
     qDebug() << "QSslSocket::close()";
 #endif
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        d->plainSocket->close();
     QTcpSocket::close();
+
+    // must be cleared, reading/writing not possible on closed socket:
+    d->readBuffer.clear();
+    d->writeBuffer.clear();
+    // for QTcpSocket this is already done because it uses the readBuffer/writeBuffer
+    // if the QIODevice it is based on
+    // ### FIXME QSslSocket should probably do similar instead of having
+    // its own readBuffer/writeBuffer
 }
 
@@ -1259 +1335 @@
 
 /*!
-    Returns the system default CA certificate database for your
-    system. This database is normally found in a standard place for
-    your system. If it is not found there, Qt will provide its own
-    default CA certificate database. The CA certificate database
+    This function provides a default CA certificate database
+    shipped together with Qt. The CA certificate database
     returned by this function is used to initialize the database
     returned by defaultCaCertificates(). You can replace that database
@@ -1528 +1602 @@
     Q_D(QSslSocket);
     if (d->mode != UnencryptedMode) {
-        qWarning("QSslSocket::startClientEncryption: cannot start handshake on non-plain connection");
+        qWarning("QSslSocket::startServerEncryption: cannot start handshake on non-plain connection");
         return;
     }
@@ -1563 +1637 @@
 {
     Q_D(QSslSocket);
-    d->ignoreSslErrors = true;
+    d->ignoreAllSslErrors = true;
+}
+
+/*!
+    \overload
+    \since 4.6
+
+    This method tells QSslSocket to ignore only the errors given in \a
+    errors.
+
+    Note that you can set the expected certificate in the SSL error:
+    If, for instance, you want to connect to a server that uses
+    a self-signed certificate, consider the following snippet:
+
+    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 6
+
+    Multiple calls to this function will replace the list of errors that
+    were passed in previous calls.
+    You can clear the list of errors you want to ignore by calling this
+    function with an empty list.
+
+    \sa sslErrors()
+*/
+void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
+{
+    Q_D(QSslSocket);
+    d->ignoreErrorsList = errors;
 }
 
@@ -1579 +1679 @@
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::connectToHostImplementation("
-             << hostName << "," << port << "," << openMode << ")";
+             << hostName << ',' << port << ',' << openMode << ')';
 #endif
     if (!d->plainSocket) {
@@ -1653 +1753 @@
     }
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::readData(" << (void *)data << "," << maxlen << ") ==" << readBytes;
+    qDebug() << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" << readBytes;
 #endif
+
+    // possibly trigger another transmit() to decrypt more data from the socket
+    if (d->readBuffer.isEmpty() && d->plainSocket->bytesAvailable())
+        QMetaObject::invokeMethod(this, "_q_flushReadBuffer", Qt::QueuedConnection);
+
     return readBytes;
 }
@@ -1665 +1770 @@
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::writeData(" << (void *)data << "," << len << ")";
+    qDebug() << "QSslSocket::writeData(" << (void *)data << ',' << len << ')';
 #endif
     if (d->mode == UnencryptedMode && !d->autoStartHandshake)
@@ -1683 +1788 @@
 */
 QSslSocketPrivate::QSslSocketPrivate()
-    : initialized(false), readyReadEmittedPointer(0), plainSocket(0)
+    : initialized(false)
+    , mode(QSslSocket::UnencryptedMode)
+    , autoStartHandshake(false)
+    , connectionEncrypted(false)
+    , ignoreAllSslErrors(false)
+    , readyReadEmittedPointer(0)
+    , plainSocket(0)
 {
     QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);
@@ -1703 +1814 @@
     autoStartHandshake = false;
     connectionEncrypted = false;
-    ignoreSslErrors = false;
+    ignoreAllSslErrors = false;
+
+    // we don't want to clear the ignoreErrorsList, so
+    // that it is possible setting it before connecting
+//    ignoreErrorsList.clear();
 
     readBuffer.clear();
@@ -1970 +2085 @@
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ")";
+    qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ')';
 #endif
     q->setSocketState(state);
@@ -1983 +2098 @@
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_errorSlot(" << error << ")";
+    qDebug() << "QSslSocket::_q_errorSlot(" << error << ')';
     qDebug() << "\tstate =" << q->state();
     qDebug() << "\terrorString =" << q->errorString();
@@ -2018 +2133 @@
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ")";
+    qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ')';
 #endif
 
@@ -2039 +2154 @@
 }
 
+/*!
+    \internal
+*/
+void QSslSocketPrivate::_q_flushReadBuffer()
+{
+    // trigger a read from the plainSocket into SSL
+    if (mode != QSslSocket::UnencryptedMode)
+        transmit();
+}
+
 QT_END_NAMESPACE