qsslsocket_openssl.cpp

Absolute File Name:

/home/qt/qt5_coco/qt5/qtbase/src/network/ssl/qsslsocket_openssl.cpp

Source code

Switch to Preprocessed file

Line Source Count

1 /**************************************************************************** -

2 ** -

5 ** Contact: https://www.qt.io/licensing/ -

6 ** -

7 ** This file is part of the QtNetwork module of the Qt Toolkit. -

8 ** -

9 ** $QT_BEGIN_LICENSE:LGPL$ -

10 ** Commercial License Usage -

11 ** Licensees holding valid commercial Qt licenses may use this file in -

12 ** accordance with the commercial license agreement provided with the -

13 ** Software or, alternatively, in accordance with the terms contained in -

14 ** a written agreement between you and The Qt Company. For licensing terms -

15 ** and conditions see https://www.qt.io/terms-conditions. For further -

16 ** information use the contact form at https://www.qt.io/contact-us. -

17 ** -

18 ** GNU Lesser General Public License Usage -

19 ** Alternatively, this file may be used under the terms of the GNU Lesser -

20 ** General Public License version 3 as published by the Free Software -

21 ** Foundation and appearing in the file LICENSE.LGPL3 included in the -

22 ** packaging of this file. Please review the following information to -

23 ** ensure the GNU Lesser General Public License version 3 requirements -

24 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. -

25 ** -

26 ** GNU General Public License Usage -

27 ** Alternatively, this file may be used under the terms of the GNU -

28 ** General Public License version 2.0 or (at your option) the GNU General -

29 ** Public license version 3 or any later version approved by the KDE Free -

30 ** Qt Foundation. The licenses are as published by the Free Software -

31 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 -

32 ** included in the packaging of this file. Please review the following -

33 ** information to ensure the GNU General Public License requirements will -

34 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and -

35 ** https://www.gnu.org/licenses/gpl-3.0.html. -

36 ** -

37 ** $QT_END_LICENSE$ -

38 ** -

39 ****************************************************************************/ -

40 -

41 /**************************************************************************** -

42 ** -

43 ** In addition, as a special exception, the copyright holders listed above give -

44 ** permission to link the code of its release of Qt with the OpenSSL project's -

45 ** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the -

46 ** same license as the original version), and distribute the linked executables. -

47 ** -

48 ** You must comply with the GNU General Public License version 2 in all -

49 ** respects for all of the code used other than the "OpenSSL" code. If you -

50 ** modify this file, you may extend this exception to your version of the file, -

51 ** but you are not obligated to do so. If you do not wish to do so, delete -

52 ** this exception statement from your version of this file. -

53 ** -

54 ****************************************************************************/ -

55 -

56 //#define QSSLSOCKET_DEBUG -

57 //#define QT_DECRYPT_SSL_TRAFFIC -

58 -

59 #include "qssl_p.h" -

60 #include "qsslsocket_openssl_p.h" -

61 #include "qsslsocket_openssl_symbols_p.h" -

62 #include "qsslsocket.h" -

63 #include "qsslcertificate_p.h" -

64 #include "qsslcipher_p.h" -

65 #include "qsslkey_p.h" -

66 #include "qsslellipticcurve.h" -

67 #include "qsslpresharedkeyauthenticator.h" -

68 #include "qsslpresharedkeyauthenticator_p.h" -

69 -

70 #include <QtCore/qdatetime.h> -

71 #include <QtCore/qdebug.h> -

72 #include <QtCore/qdir.h> -

73 #include <QtCore/qdiriterator.h> -

74 #include <QtCore/qelapsedtimer.h> -

75 #include <QtCore/qfile.h> -

76 #include <QtCore/qfileinfo.h> -

77 #include <QtCore/qmutex.h> -

78 #include <QtCore/qthread.h> -

79 #include <QtCore/qurl.h> -

80 #include <QtCore/qvarlengtharray.h> -

81 #include <QLibrary> // for loading the security lib for the CA store -

82 -

83 #include <string.h> -

84 -

85 QT_BEGIN_NAMESPACE -

86 -

87 #if defined(Q_OS_MACX) -

#define kSecTrustSettingsDomainSystem 2 PtrSecCertificateCopyData QSslSocketPrivate::ptrSecCertificateCopyData = 0;

PtrSecTrustSettingsCopyCertificates QSslSocketPrivate::ptrSecTrustSettingsCopyCertificates = 0;

PtrSecTrustCopyAnchorCertificates QSslSocketPrivate::ptrSecTrustCopyAnchorCertificates = 0;

#elifdefined(Q_OS_WIN)

88 PtrCertOpenSystemStoreW QSslSocketPrivate::ptrCertOpenSystemStoreW = 0; -

89 PtrCertFindCertificateInStore QSslSocketPrivate::ptrCertFindCertificateInStore = 0; -

90 PtrCertCloseStore QSslSocketPrivate::ptrCertCloseStore = 0; -

91 #endif -

92 -

93 bool QSslSocketPrivate::s_libraryLoaded = false; -

94 bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; -

95 bool QSslSocketPrivate::s_loadRootCertsOnDemand = false; -

96 -

97 #if OPENSSL_VERSION_NUMBER >= 0x10001000L -

98 int QSslSocketBackendPrivate::s_indexForSSLExtraData = -1; -

99 #endif -

100 -

101 /* \internal -

102 -

103 From OpenSSL's thread(3) manual page: -

104 -

105 OpenSSL can safely be used in multi-threaded applications provided that at -

106 least two callback functions are set. -

107 -

108 locking_function(int mode, int n, const char *file, int line) is needed to -

109 perform locking on shared data structures. (Note that OpenSSL uses a -

110 number of global data structures that will be implicitly shared -

111 whenever multiple threads use OpenSSL.) Multi-threaded -

112 applications will crash at random if it is not set. ... -

113 ... -

114 id_function(void) is a function that returns a thread ID. It is not -

115 needed on Windows nor on platforms where getpid() returns a different -

116 ID for each thread (most notably Linux) -

117 */ -

118 class QOpenSslLocks -

119 { -

120 public: -

121 inline QOpenSslLocks() -

122 : initLocker(QMutex::Recursive), -

123 locksLocker(QMutex::Recursive) -

124 { -

125 QMutexLocker locker(&locksLocker); -

126 int numLocks = q_CRYPTO_num_locks(); -

127 locks = new QMutex *[numLocks]; -

128 memset(locks, 0, numLocks * sizeof(QMutex *)); -

129 } -

130 inline ~QOpenSslLocks() -

131 { -

132 QMutexLocker locker(&locksLocker); -

133 for (int i = 0; i < q_CRYPTO_num_locks(); ++i) -

134 delete locks[i]; -

135 delete [] locks; -

136 -

137 QSslSocketPrivate::deinitialize(); -

138 } -

139 inline QMutex *lock(int num) -

140 { -

141 QMutexLocker locker(&locksLocker); -

142 QMutex *tmp = locks[num]; -

143 if (!tmp) -

144 tmp = locks[num] = new QMutex(QMutex::Recursive); -

145 return tmp; -

146 } -

147 -

148 QMutex *globalLock() -

149 { -

150 return &locksLocker; -

151 } -

152 -

153 QMutex *initLock() -

154 { -

155 return &initLocker; -

156 } -

157 -

158 private: -

159 QMutex initLocker; -

160 QMutex locksLocker; -

161 QMutex **locks; -

162 }; -

163 Q_GLOBAL_STATIC(QOpenSslLocks, openssl_locks) -

164 -

165 QString QSslSocketBackendPrivate::getErrorsFromOpenSsl() -

166 { -

167 QString errorString; -

168 unsigned long errNum; -

169 while ((errNum = q_ERR_get_error())) { -

170 if (! errorString.isEmpty()) -

171 errorString.append(QLatin1String(", ")); -

172 const char *error = q_ERR_error_string(errNum, NULL); -

173 errorString.append(QString::fromLatin1(error)); // error is ascii according to man ERR_error_string -

174 } -

175 return errorString; -

176 } -

177 -

178 extern "C" { -

179 static void locking_function(int mode, int lockNumber, const char *, int) -

180 { -

181 QMutex *mutex = openssl_locks()->lock(lockNumber); -

182 -

183 // Lock or unlock it -

184 if (mode & CRYPTO_LOCK) -

185 mutex->lock(); -

186 else -

187 mutex->unlock(); -

188 } -

189 static unsigned long id_function() -

190 { -

191 return (quintptr)QThread::currentThreadId(); -

192 } -

193 -

194 #if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) -

195 static unsigned int q_ssl_psk_client_callback(SSL *ssl, -

196 const char *hint, -

197 char *identity, unsigned int max_identity_len, -

198 unsigned char *psk, unsigned int max_psk_len) -

199 { -

200 QSslSocketBackendPrivate *d = reinterpret_cast<QSslSocketBackendPrivate *>(q_SSL_get_ex_data(ssl, QSslSocketBackendPrivate::s_indexForSSLExtraData)); -

201 Q_ASSERT(d); -

202 return d->tlsPskClientCallback(hint, identity, max_identity_len, psk, max_psk_len); -

203 } -

204 #endif -

205 } // extern "C" -

206 -

207 QSslSocketBackendPrivate::QSslSocketBackendPrivate() -

208 : ssl(0), -

209 readBio(0), -

210 writeBio(0), -

211 session(0) -

212 { -

213 // Calls SSL_library_init(). -

214 ensureInitialized(); -

215 } -

216 -

217 QSslSocketBackendPrivate::~QSslSocketBackendPrivate() -

218 { -

219 destroySslContext(); -

220 } -

221 -

222 QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(SSL_CIPHER *cipher) -

223 { -

224 QSslCipher ciph; -

225 -

226 char buf [256]; -

227 QString descriptionOneLine = QString::fromLatin1(q_SSL_CIPHER_description(cipher, buf, sizeof(buf))); -

228 -

229 QStringListconst auto descriptionList = descriptionOneLine.splitsplitRef(QLatin1Char(' '), QString::SkipEmptyParts); -

230

if (descriptionList.size() > 5) {

descriptionList.size() > 5

Description

TRUE

evaluated 1784 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-1784

231 // ### crude code. -

232 ciph.d->isNull = false; -

233 ciph.d->name = descriptionList.at(0);).toString(); -

234 -

235 QString protoString = descriptionList.at(1);).toString(); -

236 ciph.d->protocolString = protoString; -

237 ciph.d->protocol = QSsl::UnknownProtocol; -

238

if (protoString == QLatin1String("SSLv3"))

protoString ==...tring("SSLv3")

Description

TRUE

evaluated 739 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

evaluated 1045 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

739-1045

239

ciph.d->protocol = QSsl::SslV3;

executed 739 times by 15 tests: ciph.d->protocol = QSsl::SslV3;

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

739

240

else if (protoString == QLatin1String("SSLv2"))

protoString ==...tring("SSLv2")

Description

TRUE

never evaluated

FALSE

evaluated 1045 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

0-1045

241

ciph.d->protocol = QSsl::SslV2;

never executed: ciph.d->protocol = QSsl::SslV2;

242

else if (protoString == QLatin1String("TLSv1"))

protoString ==...tring("TLSv1")

Description

TRUE

never evaluated

FALSE

evaluated 1045 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

0-1045

243

ciph.d->protocol = QSsl::TlsV1_0;

never executed: ciph.d->protocol = QSsl::TlsV1_0;

244

else if (protoString == QLatin1String("TLSv1.1"))

protoString ==...ing("TLSv1.1")

Description

TRUE

never evaluated

FALSE

evaluated 1045 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

0-1045

245

ciph.d->protocol = QSsl::TlsV1_1;

never executed: ciph.d->protocol = QSsl::TlsV1_1;

246

else if (protoString == QLatin1String("TLSv1.2"))

protoString ==...ing("TLSv1.2")

Description

TRUE

evaluated 1045 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-1045

247

ciph.d->protocol = QSsl::TlsV1_2;

executed 1045 times by 16 tests: ciph.d->protocol = QSsl::TlsV1_2;

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1045

248 -

249

if (descriptionList.at(2).startsWith(QLatin1String("Kx=")))

descriptionLis...String("Kx="))

Description

TRUE

evaluated 1784 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-1784

250

ciph.d->keyExchangeMethod = descriptionList.at(2).mid(3);).toString();

executed 1784 times by 16 tests: ciph.d->keyExchangeMethod = descriptionList.at(2).mid(3).toString();

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1784

251

if (descriptionList.at(3).startsWith(QLatin1String("Au=")))

descriptionLis...String("Au="))

Description

TRUE

evaluated 1784 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-1784

252

ciph.d->authenticationMethod = descriptionList.at(3).mid(3);).toString();

executed 1784 times by 16 tests: ciph.d->authenticationMethod = descriptionList.at(3).mid(3).toString();

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1784

253

if (descriptionList.at(4).startsWith(QLatin1String("Enc=")))

descriptionLis...tring("Enc="))

Description

TRUE

evaluated 1784 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-1784

254

ciph.d->encryptionMethod = descriptionList.at(4).mid(4);).toString();

executed 1784 times by 16 tests: ciph.d->encryptionMethod = descriptionList.at(4).mid(4).toString();

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1784

255

ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));

descriptionList.size() > 6

Description

TRUE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

evaluated 1769 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

descriptionLis...ring("export")

Description

TRUE

never evaluated

FALSE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

0-1769

256 -

257 ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits); -

258

}

executed 1784 times by 16 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1784

259

return ciph;

executed 1784 times by 16 tests: return ciph;

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

1784

260 } -

261 -

262 // static -

263 inline QSslErrorEntry QSslErrorEntry::fromStoreContext(X509_STORE_CTX *ctx) { -

264 QSslErrorEntry result = { -

265 q_X509_STORE_CTX_get_error(ctx), -

266 q_X509_STORE_CTX_get_error_depth(ctx) -

267 }; -

268

return result

executed 382 times by 8 tests: return result;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

;

executed 382 times by 8 tests: return result;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

382

269 } -

270 -

271 // ### This list is shared between all threads, and protected by a -

272 // mutex. Investigate using thread local storage instead. -

273 struct QSslErrorList -

274 { -

275 QMutex mutex; -

276 QList<QPairQVector<int, int>QSslErrorEntry> errors; -

277 }; -

278 Q_GLOBAL_STATIC(QSslErrorList, _q_sslErrorList) -

279 -

280 int q_X509Callback(int ok, X509_STORE_CTX *ctx) -

281 { -

282

if (!ok) {

!ok	Description
TRUE	evaluated 382 times by 8 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 370 times by 8 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

370-382

283 // Store the error and at which depth the error was detected. -

284 _q_sslErrorList()->errors << qMakePair<int, int>(q_X509_STORE_CTX_get_error(ctx), q_X509_STORE_CTX_get_error_depthQSslErrorEntry::fromStoreContext(ctx));); -

285 #ifdef QSSLSOCKET_DEBUG -

286 qCDebug(lcSsl) << "verification error: dumping bad certificate"; -

287 qCDebug(lcSsl) << QSslCertificatePrivate::QSslCertificate_from_X509(q_X509_STORE_CTX_get_current_cert(ctx)).toPem(); -

288 qCDebug(lcSsl) << "dumping chain"; -

289 foreach (QSslCertificate cert,const auto certs = QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(q_X509_STORE_CTX_get_chain(ctx))))); -

290 for (const QSslCertificate &cert : certs) { -

291 qCDebug(lcSsl) << "Issuer:" << "O=" << cert.issuerInfo(QSslCertificate::Organization) -

292 << "CN=" << cert.issuerInfo(QSslCertificate::CommonName) -

293 << "L=" << cert.issuerInfo(QSslCertificate::LocalityName) -

294 << "OU=" << cert.issuerInfo(QSslCertificate::OrganizationalUnitName) -

295 << "C=" << cert.issuerInfo(QSslCertificate::CountryName) -

296 << "ST=" << cert.issuerInfo(QSslCertificate::StateOrProvinceName); -

297 qCDebug(lcSsl) << "Subject:" << "O=" << cert.subjectInfo(QSslCertificate::Organization) -

298 << "CN=" << cert.subjectInfo(QSslCertificate::CommonName) -

299 << "L=" << cert.subjectInfo(QSslCertificate::LocalityName) -

300 << "OU=" << cert.subjectInfo(QSslCertificate::OrganizationalUnitName) -

301 << "C=" << cert.subjectInfo(QSslCertificate::CountryName) -

302 << "ST=" << cert.subjectInfo(QSslCertificate::StateOrProvinceName); -

303 qCDebug(lcSsl) << "Valid:" << cert.effectiveDate() << '-' << cert.expiryDate(); -

304 } -

305 #endif -

306

}

executed 382 times by 8 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

382

307 // Always return OK to allow verification to continue. We're handle the -

308 // errors gracefully after collecting all errors, after verification has -

309 // completed. -

310

return 1;

executed 752 times by 8 tests: return 1;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

752

311 } -

312 -

313 long QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions) -

314 { -

315 long options; -

316 if (protocol == QSsl::TlsV1SslV3) -

317 options = SSL_OP_ALL|SSL_OP_NO_SSLv2; -

318 else if (protocol == QSsl::SecureProtocols) -

319 options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; -

320 else if (protocol == QSsl::TlsV1_0OrLater) -

321 options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; -

322 #if OPENSSL_VERSION_NUMBER >= 0x10001000L -

323 // Choosing Tlsv1_1OrLater or TlsV1_2OrLater on OpenSSL < 1.0.1 -

324 // will cause an error in QSslContext::fromConfiguration, meaning -

325 // we will never get here. -

326 else if (protocol == QSsl::TlsV1_1OrLater) -

327 options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1; -

328 else if (protocol == QSsl::TlsV1_2OrLater) -

329 options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1; -

330 #endif -

331 else -

332 options = SSL_OP_ALL; -

333 -

334 // This option is disabled by default, so we need to be able to clear it -

335 if (sslOptions & QSsl::SslOptionDisableEmptyFragments) -

336 options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; -

337 else -

338 options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; -

339 -

340 #ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION -

341 // This option is disabled by default, so we need to be able to clear it -

342 if (sslOptions & QSsl::SslOptionDisableLegacyRenegotiation) -

343 options &= ~SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; -

344 else -

345 options |= SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION; -

346 #endif -

347 -

348 #ifdef SSL_OP_NO_TICKET -

349 if (sslOptions & QSsl::SslOptionDisableSessionTickets) -

350 options |= SSL_OP_NO_TICKET; -

351 #endif -

352 #ifdef SSL_OP_NO_COMPRESSION -

353 if (sslOptions & QSsl::SslOptionDisableCompression) -

354 options |= SSL_OP_NO_COMPRESSION; -

355 #endif -

356 -

357 if (!(sslOptions & QSsl::SslOptionDisableServerCipherPreference)) -

358 options |= SSL_OP_CIPHER_SERVER_PREFERENCE; -

359 -

360 return options; -

361 } -

362 -

363 bool QSslSocketBackendPrivate::initSslContext() -

364 { -

365 Q_Q(QSslSocket); -

366 -

367 // If no external context was set (e.g. bei QHttpNetworkConnection) we will create a default context -

368

if (!sslContextPointer) {

!sslContextPointer	Description
TRUE	evaluated 458 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 26 times by 1 test Evaluated by: tst_QNetworkReply

26-458

369 // create a deep copy of our configuration -

370 QSslConfigurationPrivate *configurationCopy = new QSslConfigurationPrivate(configuration); -

371 configurationCopy->ref.store(0); // the QSslConfiguration constructor refs up -

372 sslContextPointer = QSharedPointer<QSslContext>(QSslContext::fromConfigurationsharedFromConfiguration(mode, configurationCopy, allowRootCertOnDemandLoading));); -

373

}

executed 458 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

458

374 -

375

if (sslContextPointer->error() != QSslError::NoError) {

sslContextPoin...Error::NoError	Description
TRUE	evaluated 8 times by 2 tests Evaluated by: tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

8-476

376 setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError, sslContextPointer->errorString()); -

377 sslContextPointer.clear(); // deletes the QSslContext -

378

return false;

executed 8 times by 2 tests: return false;

Executed by:

tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

379 } -

380 -

381 // Create and initialize SSL session -

382

if (!(ssl = sslContextPointer->createSsl())) {

!(ssl = sslCon...->createSsl())	Description
TRUE	never evaluated
FALSE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-476

383 // ### Bad error code -

384 setErrorAndEmit(QAbstractSocket::SslInternalError, -

385 QSslSocket::tr("Error creating SSL session, %1").arg(getErrorsFromOpenSsl())); -

386

return false;

never executed: return false;

387 } -

388 -

389

if (configuration.protocol != QSsl::SslV2 &&

configuration....!= QSsl::SslV2	Description
TRUE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-476

390

configuration.protocol != QSsl::SslV3 &&

configuration....!= QSsl::SslV3	Description
TRUE	evaluated 457 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 19 times by 1 test Evaluated by: tst_qsslsocket - unknown status

19-457

391

configuration.protocol != QSsl::UnknownProtocol &&

configuration....nknownProtocol	Description
TRUE	evaluated 457 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-457

392

mode == QSslSocket::SslClientMode && q_SSLeay() >= 0x00090806fL) {

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 398 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 59 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

q_SSLeay() >= 0x00090806fL	Description
TRUE	evaluated 398 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-398

393 // Set server hostname on TLS extension. RFC4366 section 3.1 requires it in ACE format. -

394

QString tlsHostName = verificationPeerName.isEmpty() ? q->peerName() : verificationPeerName;

verificationPeerName.isEmpty()	Description
TRUE	evaluated 393 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 5 times by 1 test Evaluated by: tst_qsslsocket - unknown status

5-393

395

if (tlsHostName.isEmpty())

tlsHostName.isEmpty()	Description
TRUE	never evaluated
FALSE	evaluated 398 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-398

396

tlsHostName = hostName;

never executed: tlsHostName = hostName;

397 QByteArray ace = QUrl::toAce(tlsHostName); -

398 // only send the SNI header if the URL is valid and not an IP -

399

if (!ace.isEmpty()

!ace.isEmpty()	Description
TRUE	evaluated 398 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-398

400

&& !QHostAddress().setAddress(tlsHostName)

!QHostAddress(...s(tlsHostName)	Description
TRUE	evaluated 325 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 73 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

73-325

401

&& !(configuration.sslOptions & QSsl::SslOptionDisableServerNameIndication)) {

!(configuratio...ameIndication)	Description
TRUE	evaluated 325 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-325

402 // We don't send the trailing dot from the host header if present see -

403 // https://tools.ietf.org/html/rfc6066#section-3 -

404

if (ace.endsWith('.'))

ace.endsWith('.')	Description
TRUE	never evaluated
FALSE	evaluated 325 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-325

405

ace.chop(1);

never executed: ace.chop(1);

406

if (!q_SSL_ctrl(ssl, SSL_CTRL_SET_TLSEXT_HOSTNAME, TLSEXT_NAMETYPE_host_name, ace.data()))

!q_SSL_ctrl(ss...0, ace.data())	Description
TRUE	never evaluated
FALSE	evaluated 325 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-325

407

qCWarning(lcSsl, "could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled");

never executed:

QMessageLogger(__FILE__, 407, __PRETTY_FUNCTION__, lcSsl().categoryName()).warning("could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled");

qt_category_enabled	Description
TRUE	never evaluated
FALSE	never evaluated

408

}

executed 325 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

325

409

}

executed 398 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

398

410 -

411 // Clear the session. -

412 errorList.clear(); -

413 -

414 // Initialize memory BIOs for encryption and decryption. -

415 readBio = q_BIO_new(q_BIO_s_mem()); -

416 writeBio = q_BIO_new(q_BIO_s_mem()); -

417

if (!readBio || !writeBio) {

!readBio	Description
TRUE	never evaluated
FALSE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

!writeBio	Description
TRUE	never evaluated
FALSE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-476

418 setErrorAndEmit(QAbstractSocket::SslInternalError, -

419 QSslSocket::tr("Error creating SSL session: %1").arg(getErrorsFromOpenSsl())); -

420

return false;

never executed: return false;

421 } -

422 -

423 // Assign the bios. -

424 q_SSL_set_bio(ssl, readBio, writeBio); -

425 -

426

if (mode == QSslSocket::SslClientMode)

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 412 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 64 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

64-412

427

q_SSL_set_connect_state(ssl);

executed 412 times by 7 tests: q_SSL_set_connect_state(ssl);

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

412

428 else -

429

q_SSL_set_accept_state(ssl);

executed 64 times by 2 tests: q_SSL_set_accept_state(ssl);

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status

430 -

431 #if OPENSSL_VERSION_NUMBER >= 0x10001000L -

432 // Save a pointer to this object into the SSL structure. -

433

if (q_SSLeay() >= 0x10001000L)

q_SSLeay() >= 0x10001000L	Description
TRUE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-476

434

q_SSL_set_ex_data(ssl, s_indexForSSLExtraData, this);

executed 476 times by 7 tests: q_SSL_set_ex_data(ssl, s_indexForSSLExtraData, this);

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

476

435 #endif -

436 -

437 #if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) -

438 // Set the client callback for PSK -

439

if (q_SSLeay() >= 0x10001000L && mode == QSslSocket::SslClientMode)

q_SSLeay() >= 0x10001000L	Description
TRUE	evaluated 476 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 412 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 64 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

0-476

440

q_SSL_set_psk_client_callback(ssl, &q_ssl_psk_client_callback);

executed 412 times by 7 tests: q_SSL_set_psk_client_callback(ssl, &q_ssl_psk_client_callback);

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

412

441 #endif -

442 -

443

return true;

executed 476 times by 7 tests: return true;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

476

444 } -

445 -

446 void QSslSocketBackendPrivate::destroySslContext() -

447 { -

448 if (ssl) { -

449 q_SSL_free(ssl); -

450 ssl = 0; -

451 } -

452 sslContextPointer.clear(); -

453 } -

454 -

455 /*! -

456 \internal -

457 */ -

458 void QSslSocketPrivate::deinitialize() -

459 { -

460 q_CRYPTO_set_id_callback(0); -

461 q_CRYPTO_set_locking_callback(0); -

462 q_ERR_free_strings(); -

463 } -

464 -

465 /*! -

466 \internal -

467 -

468 Does the minimum amount of initialization to determine whether SSL -

469 is supported or not. -

470 */ -

471 -

472 bool QSslSocketPrivate::supportsSsl() -

473 { -

474 return ensureLibraryLoaded(); -

475 } -

476 -

477 bool QSslSocketPrivate::ensureLibraryLoaded() -

478 { -

479 if (!q_resolveOpenSslSymbols()) -

480 return false; -

481 -

482 // Check if the library itself needs to be initialized. -

483 QMutexLocker locker(openssl_locks()->initLock()); -

484 -

485 if (!s_libraryLoaded) { -

486 s_libraryLoaded = true; -

487 -

488 // Initialize OpenSSL. -

489 q_CRYPTO_set_id_callback(id_function); -

490 q_CRYPTO_set_locking_callback(locking_function); -

491 if (q_SSL_library_init() != 1) -

492 return false; -

493 q_SSL_load_error_strings(); -

494 q_OpenSSL_add_all_algorithms(); -

495 -

496 #if OPENSSL_VERSION_NUMBER >= 0x10001000L -

497 if (q_SSLeay() >= 0x10001000L) -

498 QSslSocketBackendPrivate::s_indexForSSLExtraData = q_SSL_get_ex_new_index(0L, NULL, NULL, NULL, NULL); -

499 #endif -

500 -

501 // Initialize OpenSSL's random seed. -

502 if (!q_RAND_status()) { -

503 qWarning("Random number generator not seeded, disabling SSL support"); -

504 return false; -

505 } -

506 } -

507 return true; -

508 } -

509 -

510 void QSslSocketPrivate::ensureCiphersAndCertsLoaded() -

511 { -

512 QMutexLocker locker(openssl_locks()->initLock()); -

513

if (s_loadedCiphersAndCerts)

s_loadedCiphersAndCerts

Description

TRUE

evaluated 73844 times by 16 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

15-73844

514

return;

executed 73844 times by 16 tests: return;

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QNetworkReply
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

73844

515 s_loadedCiphersAndCerts = true; -

516 -

517 resetDefaultCiphers(); -

518 resetDefaultEllipticCurves(); -

519 -

520 #ifndef QT_NO_LIBRARY -

521 //load symbols needed to receive certificates from system store -

522 #if defined(Q_OS_MACX) -

QLibrary securityLib("/System/Library/Frameworks/Security.framework/Versions/Current/Security");

if (securityLib.load()) {

ptrSecCertificateCopyData = (PtrSecCertificateCopyData) securityLib.resolve("SecCertificateCopyData");

if (!ptrSecCertificateCopyData)

qCWarning(lcSsl, "could not resolve symbols in security library"); ptrSecTrustSettingsCopyCertificates = (PtrSecTrustSettingsCopyCertificates) securityLib.resolve("SecTrustSettingsCopyCertificates");

if (!ptrSecTrustSettingsCopyCertificates) { ptrSecTrustCopyAnchorCertificates = (PtrSecTrustCopyAnchorCertificates) securityLib.resolve("SecTrustCopyAnchorCertificates");

if (!ptrSecTrustCopyAnchorCertificates)

qCWarning(lcSsl, "could not resolve symbols in security library"); }

} else {

qCWarning(lcSsl, "could not load security library");

}

#elifdefined(Q_OS_WIN)

523 HINSTANCE hLib = LoadLibraryW(L"Crypt32"); -

524 if (hLib) { -

525 #if defined(Q_OS_WINCE) -

526 ptrCertOpenSystemStoreW = (PtrCertOpenSystemStoreW)GetProcAddress(hLib, L"CertOpenStore"); -

527 ptrCertFindCertificateInStore = (PtrCertFindCertificateInStore)GetProcAddress(hLib, L"CertFindCertificateInStore"); -

528 ptrCertCloseStore = (PtrCertCloseStore)GetProcAddress(hLib, L"CertCloseStore"); -

529 #else -

530 ptrCertOpenSystemStoreW = (PtrCertOpenSystemStoreW)GetProcAddress(hLib, "CertOpenSystemStoreW"); -

531 ptrCertFindCertificateInStore = (PtrCertFindCertificateInStore)GetProcAddress(hLib, "CertFindCertificateInStore"); -

532 ptrCertCloseStore = (PtrCertCloseStore)GetProcAddress(hLib, "CertCloseStore"); -

533 #endif -

534 if (!ptrCertOpenSystemStoreW || !ptrCertFindCertificateInStore || !ptrCertCloseStore) -

535 qCWarning(lcSsl, "could not resolve symbols in crypt32 library"); // should never happen -

536 } else { -

537 qCWarning(lcSsl, "could not load crypt32 library"); // should never happen -

538 } -

539 #elif defined(Q_OS_QNX) -

540 s_loadRootCertsOnDemand = true; -

541 #elif defined(Q_OS_UNIX) && !defined(Q_OS_MAC) -

542 // check whether we can enable on-demand root-cert loading (i.e. check whether the sym links are there) -

543 QList<QByteArray> dirs = unixRootCertDirectories(); -

544 QStringList symLinkFilter; -

545 symLinkFilter << QLatin1String("[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].[0-9]"); -

546

for (int a = 0; a < dirs.count(); ++a) {

a < dirs.count()

Description

TRUE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-15

547 QDirIterator iterator(QLatin1String(dirs.at(a)), symLinkFilter, QDir::Files); -

548

if (iterator.hasNext()) {

iterator.hasNext()

Description

TRUE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

FALSE

never evaluated

0-15

549 s_loadRootCertsOnDemand = true; -

550

break;

executed 15 times by 15 tests: break;

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

551 } -

552

}

never executed: end of block

553 #endif -

554 #endif //QT_NO_LIBRARY -

555 // if on-demand loading was not enabled, load the certs now -

556

if (!s_loadRootCertsOnDemand)

!s_loadRootCertsOnDemand

Description

TRUE

never evaluated

FALSE

evaluated 15 times by 15 tests

Evaluated by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

0-15

557

setDefaultCaCertificates(systemCaCertificates());

never executed: setDefaultCaCertificates(systemCaCertificates());

558 #ifdef Q_OS_WIN -

559 //Enabled for fetching additional root certs from windows update on windows 6+ -

560 //This flag is set false by setDefaultCaCertificates() indicating the app uses -

561 //its own cert bundle rather than the system one. -

562 //Same logic that disables the unix on demand cert loading. -

563 //Unlike unix, we do preload the certificates from the cert store. -

564 if ((QSysInfo::windowsVersion() & QSysInfo::WV_NT_based) >= QSysInfo::WV_6_0) -

565 s_loadRootCertsOnDemand = true; -

566 #endif -

567

}

executed 15 times by 15 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QAbstractNetworkCache
tst_QHttpNetworkConnection
tst_QNetworkAccessManager_And_QProgressDialog
tst_QNetworkDiskCache
tst_QNetworkProxyFactory
tst_QXmlInputSource
tst_Spdy
tst_qsslcertificate - unknown status
tst_qsslellipticcurve - unknown status
tst_qsslerror - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status
tst_qtcpsocket - unknown status

568 -

569 /*! -

570 \internal -

571 -

572 Declared static in QSslSocketPrivate, makes sure the SSL libraries have -

573 been initialized. -

574 */ -

575 -

576 void QSslSocketPrivate::ensureInitialized() -

577 { -

578 if (!supportsSsl()) -

579 return; -

580 -

581 ensureCiphersAndCertsLoaded(); -

582 } -

583 -

584 long QSslSocketPrivate::sslLibraryVersionNumber() -

585 { -

586 if (!supportsSsl()) -

587 return 0; -

588 -

589 return q_SSLeay(); -

590 } -

591 -

592 QString QSslSocketPrivate::sslLibraryVersionString() -

593 { -

594 if (!supportsSsl()) -

595 return QString(); -

596 -

597 const char *versionString = q_SSLeay_version(SSLEAY_VERSION); -

598 if (!versionString) -

599 return QString(); -

600 -

601 return QString::fromLatin1(versionString); -

602 } -

603 -

604 long QSslSocketPrivate::sslLibraryBuildVersionNumber() -

605 { -

606 return OPENSSL_VERSION_NUMBER; -

607 } -

608 -

609 QString QSslSocketPrivate::sslLibraryBuildVersionString() -

610 { -

611 // Using QStringLiteral to store the version string as unicode and -

612 // avoid false positives from Google searching the playstore for old -

613 // SSL versions. See QTBUG-46265 -

614 return QStringLiteral(OPENSSL_VERSION_TEXT); -

615 } -

616 -

617 /*! -

618 \internal -

619 -

620 Declared static in QSslSocketPrivate, backend-dependent loading of -

621 application-wide global ciphers. -

622 */ -

623 void QSslSocketPrivate::resetDefaultCiphers() -

624 { -

625 SSL_CTX *myCtx = q_SSL_CTX_new(q_SSLv23_client_method()); -

626 SSL *mySsl = q_SSL_new(myCtx); -

627 -

628 QList<QSslCipher> ciphers; -

629 QList<QSslCipher> defaultCiphers; -

630 -

631 STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); -

632 for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { -

633 if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { -

634 QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); -

635 if (!ciph.isNull()) { -

636 // Unconditionally exclude ADH and AECDH ciphers since they offer no MITM protection -

637 if (!ciph.name().toLower().startsWith(QLatin1String("adh")) && -

638 !ciph.name().toLower().startsWith(QLatin1String("exp-adh")) && -

639 !ciph.name().toLower().startsWith(QLatin1String("aecdh"))) { -

640 ciphers << ciph; -

641 -

642 if (ciph.usedBits() >= 128) -

643 defaultCiphers << ciph; -

644 } -

645 } -

646 } -

647 } -

648 -

649 q_SSL_CTX_free(myCtx); -

650 q_SSL_free(mySsl); -

651 -

652 setDefaultSupportedCiphers(ciphers); -

653 setDefaultCiphers(defaultCiphers); -

654 } -

655 -

656 void QSslSocketPrivate::resetDefaultEllipticCurves() -

657 { -

658 QVector<QSslEllipticCurve> curves; -

659 -

660 #ifndef OPENSSL_NO_EC -

661 const size_t curveCount = q_EC_get_builtin_curves(NULL, 0); -

662 -

663 QVarLengthArray<EC_builtin_curve> builtinCurves(static_cast<int>(curveCount)); -

664 -

665 if (q_EC_get_builtin_curves(builtinCurves.data(), curveCount) == curveCount) { -

666 curves.reserve(int(curveCount)); -

667 for (size_t i = 0; i < curveCount; ++i) { -

668 QSslEllipticCurve curve; -

669 curve.id = builtinCurves[int(i)].nid; -

670 curves.append(curve); -

671 } -

672 } -

673 #endif // OPENSSL_NO_EC -

674 -

675 // set the list of supported ECs, but not the list -

676 // of *default* ECs. OpenSSL doesn't like forcing an EC for the wrong -

677 // ciphersuite, so don't try it -- leave the empty list to mean -

678 // "the implementation will choose the most suitable one". -

679 setDefaultSupportedEllipticCurves(curves); -

680 } -

681 -

682 #ifndef Q_OS_DARWIN // Apple implementation in qsslsocket_mac_shared.cpp -

683 QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates() -

684 { -

685 ensureInitialized(); -

686 #ifdef QSSLSOCKET_DEBUG -

687 QElapsedTimer timer; -

688 timer.start(); -

689 #endif -

690 QList<QSslCertificate> systemCerts; -

691 #if defined(Q_OS_MACX) -

CFArrayRef cfCerts;

OSStatus status = 1;

CFDataRef SecCertificateCopyData (

SecCertificateRef certificate

);

if (ptrSecCertificateCopyData) {

if (ptrSecTrustSettingsCopyCertificates)

status = ptrSecTrustSettingsCopyCertificates(kSecTrustSettingsDomainSystem, &cfCerts);

else if (ptrSecTrustCopyAnchorCertificates)

status = ptrSecTrustCopyAnchorCertificates(&cfCerts);

if (!status) {

CFIndex size = CFArrayGetCount(cfCerts);

for (CFIndex i = 0; i < size; ++i) {

SecCertificateRef cfCert = (SecCertificateRef)CFArrayGetValueAtIndex(cfCerts, i);

CFDataRef data;

data = ptrSecCertificateCopyData(cfCert);

if (data == NULL) {

qCWarning(lcSsl, "error retrieving a CA certificate from the system store");

} else {

QByteArray rawCert = QByteArray::fromRawData((const char *)CFDataGetBytePtr(data), CFDataGetLength(data));

systemCerts.append(QSslCertificate::fromData(rawCert, QSsl::Der));

CFRelease(data);

}

CFRelease(cfCerts);

}

else {

qCWarning(lcSsl, "could not retrieve system CA certificates");

}

#elifdefined(Q_OS_WIN)

692 if (ptrCertOpenSystemStoreW && ptrCertFindCertificateInStore && ptrCertCloseStore) { -

693 HCERTSTORE hSystemStore; -

694 #if defined(Q_OS_WINCE) -

695 hSystemStore = ptrCertOpenSystemStoreW(CERT_STORE_PROV_SYSTEM_W, -

696 0, -

697 0, -

698 CERT_STORE_NO_CRYPT_RELEASE_FLAG|CERT_SYSTEM_STORE_CURRENT_USER, -

699 L"ROOT"); -

700 #else -

701 hSystemStore = ptrCertOpenSystemStoreW(0, L"ROOT"); -

702 #endif -

703 if(hSystemStore) { -

704 PCCERT_CONTEXT pc = NULL; -

705 while(1) { -

706 pc = ptrCertFindCertificateInStore( hSystemStore, X509_ASN_ENCODING, 0, CERT_FIND_ANY, NULL, pc); -

707 if(!pc) -

708 break; -

709 QByteArray der((const char *)(pc->pbCertEncoded), static_cast<int>(pc->cbCertEncoded)); -

710 QSslCertificate cert(der, QSsl::Der); -

711 systemCerts.append(cert); -

712 } -

713 ptrCertCloseStore(hSystemStore, 0); -

714 } -

715 } -

716 #elif defined(Q_OS_UNIX) -

717 QSet<QString> certFiles; -

718 QDir currentDir; -

719 QStringList nameFilters; -

720 QList<QByteArray> directories; -

721 QSsl::EncodingFormat platformEncodingFormat; -

722 # ifndef Q_OS_ANDROID -

723 directories = unixRootCertDirectories(); -

724 nameFilters << QLatin1String("*.pem") << QLatin1String("*.crt"); -

725 platformEncodingFormat = QSsl::Pem; -

726 # else -

727 // Q_OS_ANDROID -

728 QByteArray ministroPath = qgetenv("MINISTRO_SSL_CERTS_PATH"); // Set by Ministro -

729 directories << ministroPath; -

730 nameFilters << QLatin1String("*.der"); -

731 platformEncodingFormat = QSsl::Der; -

732 # ifndef Q_OS_ANDROID_NO_SDKif (ministroPath.isEmpty()) { -

733 QList<QByteArray> certificateData = fetchSslCertificateData(); -

734 for (int i = 0; i < certificateData.size(); ++i) { -

735 systemCerts.append(QSslCertificate::fromData(certificateData.at(i), QSsl::Der)); -

736 } -

737 } else -

# endif # endif //Q_OS_ANDROID

739 { -

740 currentDir.setNameFilters(nameFilters); -

741

for (int a = 0; a < directories.count(); a++) {

a < directories.count()	Description
TRUE	evaluated 486 times by 3 tests Evaluated by: tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 54 times by 3 tests Evaluated by: tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

54-486

742 currentDir.setPath(QLatin1String(directories.at(a))); -

743 QDirIterator it(currentDir); -

744

while (it.hasNext()) {

it.hasNext()	Description
TRUE	evaluated 19008 times by 3 tests Evaluated by: tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 486 times by 3 tests Evaluated by: tst_qsslcertificate - unknown status tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

486-19008

745 it.next(); -

746 // use canonical path here to not load the same certificate twice if symlinked -

747 certFiles.insert(it.fileInfo().canonicalFilePath()); -

748

}

executed 19008 times by 3 tests: end of block

Executed by:

tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

19008

749

}

executed 486 times by 3 tests: end of block

Executed by:

tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

486

750 QSetIterator<QString> itfor (certFiles); -

whileconst QString& file : qAsConst(it.hasNext())certFiles))

751

systemCerts.append(QSslCertificate::fromPath(it.next(),file, platformEncodingFormat));

executed 9504 times by 3 tests: systemCerts.append(QSslCertificate::fromPath(file, platformEncodingFormat));

Executed by:

tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

9504

752 # ifndef Q_OS_ANDROID -

753 systemCerts.append(QSslCertificate::fromPath(QLatin1String("/etc/pki/tls/certs/ca-bundle.crt"), QSsl::Pem)); // Fedora, Mandriva -

754 systemCerts.append(QSslCertificate::fromPath(QLatin1String("/usr/local/share/certs/ca-root-nss.crt"), QSsl::Pem)); // FreeBSD's ca_root_nss -

755 # endif -

756 } -

757 #endif -

758 #ifdef QSSLSOCKET_DEBUG -

759 qCDebug(lcSsl) << "systemCaCertificates retrieval time " << timer.elapsed() << "ms"; -

760 qCDebug(lcSsl) << "imported " << systemCerts.count() << " certificates"; -

761 #endif -

762 -

763

return systemCerts;

executed 54 times by 3 tests: return systemCerts;

Executed by:

tst_qsslcertificate - unknown status
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

764 } -

765 #endif // Q_OS_DARWIN -

766 -

767 void QSslSocketBackendPrivate::startClientEncryption() -

768 { -

769 if (!initSslContext()) { -

770 setErrorAndEmit(QAbstractSocket::SslInternalError, -

771 QSslSocket::tr("Unable to init SSL Context: %1").arg(getErrorsFromOpenSsl())); -

772 return; -

773 } -

774 -

775 // Start connecting. This will place outgoing data in the BIO, so we -

776 // follow up with calling transmit(). -

777 startHandshake(); -

778 transmit(); -

779 } -

780 -

781 void QSslSocketBackendPrivate::startServerEncryption() -

782 { -

783 if (!initSslContext()) { -

784 setErrorAndEmit(QAbstractSocket::SslInternalError, -

785 QSslSocket::tr("Unable to init SSL Context: %1").arg(getErrorsFromOpenSsl())); -

786 return; -

787 } -

788 -

789 // Start connecting. This will place outgoing data in the BIO, so we -

790 // follow up with calling transmit(). -

791 startHandshake(); -

792 transmit(); -

793 } -

794 -

795 /*! -

796 \internal -

797 -

798 Transmits encrypted data between the BIOs and the socket. -

799 */ -

800 void QSslSocketBackendPrivate::transmit() -

801 { -

802 Q_Q(QSslSocket); -

803 -

804 // If we don't have any SSL context, don't bother transmitting. -

805

if (!ssl)

!ssl	Description
TRUE	evaluated 44 times by 3 tests Evaluated by: tst_NetworkSelfTest tst_qsslsocket - unknown status tst_qtcpsocket - unknown status
FALSE	evaluated 7408 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

44-7408

806

return;

executed 44 times by 3 tests: return;

Executed by:

tst_NetworkSelfTest
tst_qsslsocket - unknown status
tst_qtcpsocket - unknown status

807 -

808 bool transmitting; -

809 do { -

810 transmitting = false; -

811 -

812 // If the connection is secure, we can transfer data from the write -

813 // buffer (in plain text) to the write BIO through SSL_write. -

814

if (connectionEncrypted && !writeBuffer.isEmpty()) {

connectionEncrypted	Description
TRUE	evaluated 12514 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2660 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

!writeBuffer.isEmpty()	Description
TRUE	evaluated 4295 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	evaluated 8219 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

2660-12514

815 qint64 totalBytesWritten = 0; -

816 int nextDataBlockSize; -

817

while ((nextDataBlockSize = writeBuffer.nextDataBlockSize()) > 0) {

(nextDataBlock...ockSize()) > 0	Description
TRUE	evaluated 4370 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	evaluated 4295 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

4295-4370

818 int writtenBytes = q_SSL_write(ssl, writeBuffer.readPointer(), nextDataBlockSize); -

819

if (writtenBytes <= 0) {

writtenBytes <= 0	Description
TRUE	never evaluated
FALSE	evaluated 4370 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

0-4370

820 int error = q_SSL_get_error(ssl, writtenBytes); -

821 //write can result in a want_write_error - not an error - continue transmitting -

822

if (error == SSL_ERROR_WANT_WRITE) {

error == 3	Description
TRUE	never evaluated
FALSE	never evaluated

823 transmitting = true; -

824

break;

never executed: break;

825

} else if (error == SSL_ERROR_WANT_READ) {

error == 2	Description
TRUE	never evaluated
FALSE	never evaluated

826 //write can result in a want_read error, possibly due to renegotiation - not an error - stop transmitting -

827 transmitting = false; -

828

break;

never executed: break;

829 } else { -

830 // ### Better error handling. -

831 setErrorAndEmit(QAbstractSocket::SslInternalError, -

832 QSslSocket::tr("Unable to write data: %1").arg( -

833 getErrorsFromOpenSsl())); -

834

return;

never executed: return;

835 } -

836 } -

837 #ifdef QSSLSOCKET_DEBUG -

838 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encrypted" << writtenBytes << "bytes"; -

839 #endif -

840 writeBuffer.free(writtenBytes); -

841 totalBytesWritten += writtenBytes; -

842 -

843

if (writtenBytes < nextDataBlockSize) {

writtenBytes <...tDataBlockSize	Description
TRUE	never evaluated
FALSE	evaluated 4370 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

0-4370

844 // break out of the writing loop and try again after we had read -

845 transmitting = true; -

846

break;

never executed: break;

847 } -

848

}

executed 4370 times by 5 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

4370

849 -

850

if (totalBytesWritten > 0) {

totalBytesWritten > 0	Description
TRUE	evaluated 4295 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	never evaluated

0-4295

851 // Don't emit bytesWritten() recursively. -

852

if (!emittedBytesWritten) {

!emittedBytesWritten	Description
TRUE	evaluated 4295 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	never evaluated

0-4295

853 emittedBytesWritten = true; -

854 emit q->bytesWritten(totalBytesWritten); -

855 emittedBytesWritten = false; -

856

}

executed 4295 times by 5 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

4295

857 emit q->channelBytesWritten(0, totalBytesWritten); -

858

}

executed 4295 times by 5 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

4295

859

}

executed 4295 times by 5 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

4295

860 -

861 // Check if we've got any data to be written to the socket. -

862 QVarLengthArray<char, 4096> data; -

863 int pendingBytes; -

864

while (plainSocket->isValid() && (pendingBytes = q_BIO_pending(writeBio)) > 0) {

plainSocket->isValid()	Description
TRUE	evaluated 20413 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

(pendingBytes ...0,__null)) > 0	Description
TRUE	evaluated 5244 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 15169 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-20413

865 // Read encrypted data from the write BIO into a buffer. -

866 data.resize(pendingBytes); -

867 int encryptedBytesRead = q_BIO_read(writeBio, data.data(), pendingBytes); -

868 -

869 // Write encrypted data from the buffer to the socket. -

870 qint64 actualWritten = plainSocket->write(data.constData(), encryptedBytesRead); -

871 #ifdef QSSLSOCKET_DEBUG -

872 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: wrote" << encryptedBytesRead << "encrypted bytes to the socket" << actualWritten << "actual."; -

873 #endif -

874

if (actualWritten < 0) {

actualWritten < 0	Description
TRUE	evaluated 5 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 5239 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

5-5239

875 //plain socket write fails if it was in the pending close state. -

876 setErrorAndEmit(plainSocket->error(), plainSocket->errorString()); -

877

return;

executed 5 times by 1 test: return;

Executed by:

tst_qsslsocket - unknown status

878 } -

879 transmitting = true; -

880

}

executed 5239 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

5239

881 -

882 // Check if we've got any data to be read from the socket. -

883

if (!connectionEncrypted || !readBufferMaxSize || buffer.size() < readBufferMaxSize)

!connectionEncrypted	Description
TRUE	evaluated 2660 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 12509 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

!readBufferMaxSize	Description
TRUE	evaluated 5387 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QNetworkReply tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 7122 times by 4 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

buffer.size() ...dBufferMaxSize	Description
TRUE	evaluated 7103 times by 4 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	evaluated 19 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

19-12509

884

while ((pendingBytes = plainSocket->bytesAvailable()) > 0) {

(pendingBytes ...ailable()) > 0	Description
TRUE	evaluated 2672 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 15150 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

2672-15150

885 // Read encrypted data from the socket into a buffer. -

886 data.resize(pendingBytes); -

887 // just peek() here because q_BIO_write could write less data than expected -

888 int encryptedBytesRead = plainSocket->peek(data.data(), pendingBytes); -

889 -

890 #ifdef QSSLSOCKET_DEBUG -

891 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: read" << encryptedBytesRead << "encrypted bytes from the socket"; -

892 #endif -

893 // Write encrypted data from the buffer into the read BIO. -

894 int writtenToBio = q_BIO_write(readBio, data.constData(), encryptedBytesRead); -

895 -

896 // do the actual read() here and throw away the results. -

897

if (writtenToBio > 0) {

writtenToBio > 0	Description
TRUE	evaluated 2672 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	never evaluated

0-2672

898 // ### TODO: make this cheaper by not making it memcpy. E.g. make it work with data=0x0 or make it work with seek -

899 plainSocket->read(data.data(), writtenToBio); -

900

} else {

executed 2672 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2672

901 // ### Better error handling. -

902 setErrorAndEmit(QAbstractSocket::SslInternalError, -

903 QSslSocket::tr("Unable to decrypt data: %1").arg( -

904 getErrorsFromOpenSsl())); -

905

return;

never executed: return;

906 } -

907 -

908 transmitting = true; -

909

}

executed 2672 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2672

910 -

911 // If the connection isn't secured yet, this is the time to retry the -

912 // connect / accept. -

913

if (!connectionEncrypted) {

!connectionEncrypted	Description
TRUE	evaluated 2660 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 12509 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

2660-12509

914 #ifdef QSSLSOCKET_DEBUG -

915 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: testing encryption"; -

916 #endif -

917

if (startHandshake()) {

startHandshake()	Description
TRUE	evaluated 345 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2315 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

345-2315

918 #ifdef QSSLSOCKET_DEBUG -

919 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encryption established"; -

920 #endif -

921 connectionEncrypted = true; -

922 transmitting = true; -

923

} else if (plainSocket->state() != QAbstractSocket::ConnectedState) {

executed 345 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

plainSocket->s...ConnectedState	Description
TRUE	evaluated 84 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2231 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

84-2231

924 #ifdef QSSLSOCKET_DEBUG -

925 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: connection lost"; -

926 #endif -

927

break;

executed 84 times by 6 tests: break;

Executed by:

tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

928

} else if (paused) {

paused	Description
TRUE	evaluated 20 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 2211 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

20-2211

929 // just wait until the user continues -

930

return;

executed 20 times by 1 test: return;

Executed by:

tst_qsslsocket - unknown status

931 } else { -

932 #ifdef QSSLSOCKET_DEBUG -

933 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: encryption not done yet"; -

934 #endif -

935

}

executed 2211 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2211

936 } -

937 -

938 // If the request is small and the remote host closes the transmission -

939 // after sending, there's a chance that startHandshake() will already -

940 // have triggered a shutdown. -

941

if (!ssl)

!ssl	Description
TRUE	never evaluated
FALSE	evaluated 15065 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-15065

942

continue;

never executed: continue;

943 -

944 // We always read everything from the SSL decryption buffers, even if -

945 // we have a readBufferMaxSize. There's no point in leaving data there -

946 // just so that readBuffer.size() == readBufferMaxSize. -

947 int readBytes = 0; -

948 data.resize(4096); -

949 ::memset(data.data(), 0, data.size()); -

950 do { -

951 // Don't use SSL_pending(). It's very unreliable. -

952

if ((readBytes = q_SSL_read(ssl, data.data(), data.size())) > 0) {

(readBytes = q...a.size())) > 0	Description
TRUE	evaluated 6076 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	evaluated 15053 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

6076-15053

953 #ifdef QSSLSOCKET_DEBUG -

954 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: decrypted" << readBytes << "bytes"; -

955 #endif -

956 char *ptr =buffer.reserve(readBytes); -

::memcpyappend(ptr,data.dataconstData(), readBytes);

957 -

958

if (readyReadEmittedPointer)

readyReadEmittedPointer	Description
TRUE	evaluated 38 times by 3 tests Evaluated by: tst_NetworkSelfTest tst_QNetworkReply tst_qsslsocket - unknown status
FALSE	evaluated 6038 times by 4 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

38-6038

959

*readyReadEmittedPointer = true;

executed 38 times by 3 tests: *readyReadEmittedPointer = true;

Executed by:

tst_NetworkSelfTest
tst_QNetworkReply
tst_qsslsocket - unknown status

960 emit q->readyRead(); -

961 emit q->channelReadyRead(0); -

962 transmitting = true; -

963

continue;

executed 6076 times by 5 tests: continue;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

6076

964 } -

965 -

966 // Error. -

967 switch (q_SSL_get_error(ssl, readBytes)) { -

968

case SSL_ERROR_WANT_READ:

executed 15041 times by 7 tests: case 2:

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

15041

969

case SSL_ERROR_WANT_WRITE:

never executed: case 3:

970 // Out of data. -

971

break;

executed 15041 times by 7 tests: break;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

15041

972

case SSL_ERROR_ZERO_RETURN:

executed 12 times by 2 tests: case 6:

Executed by:

tst_NetworkSelfTest
tst_qsslsocket - unknown status

973 // The remote host closed the connection. -

974 #ifdef QSSLSOCKET_DEBUG -

975 qCDebug(lcSsl) << "QSslSocketBackendPrivate::transmit: remote disconnect"; -

976 #endif -

977 shutdown = true; // the other side shut down, make sure we do not send shutdown ourselves -

978 setErrorAndEmit(QAbstractSocket::RemoteHostClosedError, -

979 QSslSocket::tr("The TLS/SSL connection has been closed")); -

980

return;

executed 12 times by 2 tests: return;

Executed by:

tst_NetworkSelfTest
tst_qsslsocket - unknown status

981

case SSL_ERROR_SYSCALL: // some IO error

never executed: case 5:

982

case SSL_ERROR_SSL: // error in the SSL library

never executed: case 1:

983 // we do not know exactly what the error is, nor whether we can recover from it, -

984 // so just return to prevent an endless loop in the outer "while" statement -

985 setErrorAndEmit(QAbstractSocket::SslInternalError, -

986 QSslSocket::tr("Error while reading: %1").arg(getErrorsFromOpenSsl())); -

987

return;

never executed: return;

988

default:

never executed: default:

989 // SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT: can only happen with a -

990 // BIO_s_connect() or BIO_s_accept(), which we do not call. -

991 // SSL_ERROR_WANT_X509_LOOKUP: can only happen with a -

992 // SSL_CTX_set_client_cert_cb(), which we do not call. -

993 // So this default case should never be triggered. -

994 setErrorAndEmit(QAbstractSocket::SslInternalError, -

995 QSslSocket::tr("Error while reading: %1").arg(getErrorsFromOpenSsl())); -

996

break;

never executed: break;

997 } -

998

} while (ssl && readBytes > 0);

ssl	Description
TRUE	evaluated 21105 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 12 times by 1 test Evaluated by: tst_QNetworkReply

readBytes > 0	Description
TRUE	evaluated 6064 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status
FALSE	evaluated 15041 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

12-21105

999

} while (ssl && transmitting);

executed 15053 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

ssl	Description
TRUE	evaluated 15041 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 12 times by 1 test Evaluated by: tst_QNetworkReply

transmitting	Description
TRUE	evaluated 7766 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 7275 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

12-15053

1000

}

executed 7371 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

7371

1001 -

1002 static QSslError _q_OpenSSL_to_QSslError(int errorCode, const QSslCertificate &cert) -

1003 { -

1004 QSslError error; -

1005 switch (errorCode) { -

1006 case X509_V_OK: -

1007 // X509_V_OK is also reported if the peer had no certificate. -

1008 break; -

1009 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: -

1010 error = QSslError(QSslError::UnableToGetIssuerCertificate, cert); break; -

1011 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: -

1012 error = QSslError(QSslError::UnableToDecryptCertificateSignature, cert); break; -

1013 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: -

1014 error = QSslError(QSslError::UnableToDecodeIssuerPublicKey, cert); break; -

1015 case X509_V_ERR_CERT_SIGNATURE_FAILURE: -

1016 error = QSslError(QSslError::CertificateSignatureFailed, cert); break; -

1017 case X509_V_ERR_CERT_NOT_YET_VALID: -

1018 error = QSslError(QSslError::CertificateNotYetValid, cert); break; -

1019 case X509_V_ERR_CERT_HAS_EXPIRED: -

1020 error = QSslError(QSslError::CertificateExpired, cert); break; -

1021 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: -

1022 error = QSslError(QSslError::InvalidNotBeforeField, cert); break; -

1023 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: -

1024 error = QSslError(QSslError::InvalidNotAfterField, cert); break; -

1025 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: -

1026 error = QSslError(QSslError::SelfSignedCertificate, cert); break; -

1027 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: -

1028 error = QSslError(QSslError::SelfSignedCertificateInChain, cert); break; -

1029 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: -

1030 error = QSslError(QSslError::UnableToGetLocalIssuerCertificate, cert); break; -

1031 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: -

1032 error = QSslError(QSslError::UnableToVerifyFirstCertificate, cert); break; -

1033 case X509_V_ERR_CERT_REVOKED: -

1034 error = QSslError(QSslError::CertificateRevoked, cert); break; -

1035 case X509_V_ERR_INVALID_CA: -

1036 error = QSslError(QSslError::InvalidCaCertificate, cert); break; -

1037 case X509_V_ERR_PATH_LENGTH_EXCEEDED: -

1038 error = QSslError(QSslError::PathLengthExceeded, cert); break; -

1039 case X509_V_ERR_INVALID_PURPOSE: -

1040 error = QSslError(QSslError::InvalidPurpose, cert); break; -

1041 case X509_V_ERR_CERT_UNTRUSTED: -

1042 error = QSslError(QSslError::CertificateUntrusted, cert); break; -

1043 case X509_V_ERR_CERT_REJECTED: -

1044 error = QSslError(QSslError::CertificateRejected, cert); break; -

1045 default: -

1046 error = QSslError(QSslError::UnspecifiedError, cert); break; -

1047 } -

1048 return error; -

1049 } -

1050 -

1051 bool QSslSocketBackendPrivate::startHandshake() -

1052 { -

1053 Q_Q(QSslSocket); -

1054 -

1055 // Check if the connection has been established. Get all errors from the -

1056 // verification stage. -

1057 _q_sslErrorListQMutexLocker locker(&_q_sslErrorList()->mutex.lock();); -

1058 _q_sslErrorList()->errors.clear(); -

1059

int result = (mode == QSslSocket::SslClientMode) ? q_SSL_connect(ssl) : q_SSL_accept(ssl);

(mode == QSslS...SslClientMode)	Description
TRUE	evaluated 2768 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 368 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

368-2768

1060 -

1061 const QList<QPair<int, int> >auto &lastErrors = _q_sslErrorList()->errors; -

1062

if (!lastErrors.isEmpty())

!lastErrors.isEmpty()	Description
TRUE	evaluated 250 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2886 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

250-2886

1063

storePeerCertificates();

executed 250 times by 7 tests: storePeerCertificates();

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

250

1064 for (int i = 0; i < lastErrors.size(); ++i) {const QPair<int, int>auto &currentError =: lastErrors.at(i);) { -

1065 emit q->peerVerifyError(_q_OpenSSL_to_QSslError(currentError.firstcode, -

1066 configuration.peerCertificateChain.value(currentError.seconddepth))); -

1067

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	never evaluated
FALSE	evaluated 378 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-378

1068

break;

never executed: break;

1069

}

executed 378 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

378

1070 -

1071 errorList << lastErrors; -

1072 _q_sslErrorList()->mutexlocker.unlock(); -

1073 -

1074 // Connection aborted during handshake phase. -

1075

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	never evaluated
FALSE	evaluated 3136 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-3136

1076

return false;

never executed: return false;

1077 -

1078 // Check if we're encrypted or not. -

1079

if (result <= 0) {

result <= 0	Description
TRUE	evaluated 2696 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 440 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

440-2696

1080 switch (q_SSL_get_error(ssl, result)) { -

1081

case SSL_ERROR_WANT_READ:

executed 2687 times by 7 tests: case 2:

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2687

1082

case SSL_ERROR_WANT_WRITE:

never executed: case 3:

1083 // The handshake is not yet complete. -

1084

break;

executed 2687 times by 7 tests: break;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2687

1085

default:

executed 9 times by 2 tests: default:

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status

1086 QString errorString -

1087 = QSslSocket::tr("Error during SSL handshake: %1").arg(getErrorsFromOpenSsl()); -

1088 #ifdef QSSLSOCKET_DEBUG -

1089 qCDebug(lcSsl) << "QSslSocketBackendPrivate::startHandshake: error!" << errorString; -

1090 #endif -

1091 setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, errorString); -

1092 q->abort(); -

1093

}

executed 9 times by 2 tests: end of block

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status

1094

return false;

executed 2696 times by 7 tests: return false;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

2696

1095 } -

1096 -

1097 // store peer certificate chain -

1098 storePeerCertificates(); -

1099 -

1100 // Start translating errors. -

1101 QList<QSslError> errors; -

1102 -

1103 // check the whole chain for blacklisting (including root, as we check for subjectInfo and issuer) -

1104 foreachfor (const QSslCertificate &cert ,: qAsConst(configuration.peerCertificateChain))) { -

1105

if (QSslCertificatePrivate::isBlacklisted(cert)) {

QSslCertificat...cklisted(cert)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 419 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

1-419

1106 QSslError error(QSslError::CertificateBlacklisted, cert); -

1107 errors << error; -

1108 emit q->peerVerifyError(error); -

1109

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: tst_qsslsocket - unknown status

0-1

1110

return false;

never executed: return false;

1111

}

executed 1 time by 1 test: end of block

Executed by:

tst_qsslsocket - unknown status

1112

}

executed 420 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

420

1113 -

1114

bool doVerifyPeer = configuration.peerVerifyMode == QSslSocket::VerifyPeer

configuration....et::VerifyPeer	Description
TRUE	evaluated 6 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 434 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

6-434

1115

|| (configuration.peerVerifyMode == QSslSocket::AutoVerifyPeer

configuration....AutoVerifyPeer	Description
TRUE	evaluated 418 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 16 times by 1 test Evaluated by: tst_qsslsocket - unknown status

16-418

1116

&& mode == QSslSocket::SslClientMode);

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 379 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 39 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

39-379

1117 -

1118 // Check the peer certificate itself. First try the subject's common name -

1119 // (CN) as a wildcard, then try all alternate subject name DNS entries the -

1120 // same way. -

1121

if (!configuration.peerCertificate.isNull()) {

!configuration...icate.isNull()	Description
TRUE	evaluated 396 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 44 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

44-396

1122 // but only if we're a client connecting to a server -

1123 // if we're the server, don't check CN -

1124

if (mode == QSslSocket::SslClientMode) {

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 384 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 12 times by 1 test Evaluated by: tst_qsslsocket - unknown status

12-384

1125

QString peerName = (verificationPeerName.isEmpty () ? q->peerName() : verificationPeerName);

verificationPe...ame.isEmpty ()	Description
TRUE	evaluated 379 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 5 times by 1 test Evaluated by: tst_qsslsocket - unknown status

5-379

1126 -

1127

if (!isMatchingHostname(configuration.peerCertificate, peerName)) {

!isMatchingHos...ate, peerName)	Description
TRUE	evaluated 62 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status
FALSE	evaluated 322 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

62-322

1128 // No matches in common names or alternate names. -

1129 QSslError error(QSslError::HostNameMismatch, configuration.peerCertificate); -

1130 errors << error; -

1131 emit q->peerVerifyError(error); -

1132

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	never evaluated
FALSE	evaluated 62 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

0-62

1133

return false;

never executed: return false;

1134

}

executed 62 times by 2 tests: end of block

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status

1135

}

executed 384 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

384

1136

} else {

executed 396 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

396

1137 // No peer certificate presented. Report as error if the socket -

1138 // expected one. -

1139

if (doVerifyPeer) {

doVerifyPeer	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 43 times by 2 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status

1-43

1140 QSslError error(QSslError::NoPeerCertificate); -

1141 errors << error; -

1142 emit q->peerVerifyError(error); -

1143

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: tst_qsslsocket - unknown status

0-1

1144

return false;

never executed: return false;

1145

}

executed 1 time by 1 test: end of block

Executed by:

tst_qsslsocket - unknown status

1146

}

executed 44 times by 2 tests: end of block

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status

1147 -

1148 // Translate errors from the error list into QSslErrors. -

1149 const int numErrors = errorList.size();errors.reserve(errors.size() + numErrors);errorList.size()); -

1150 for (int i = 0; i < numErrors; ++i) {const QPair<int, int> &errorAndDepth = errorList.atauto &error : qAsConst(i); -

int err = errorAndDepth.first;

int depth = errorAndDepth.second;errorList))

1151

errors << _q_OpenSSL_to_QSslError(errerror.code, configuration.peerCertificateChain.value(error.depth));

executed 369 times by 7 tests: errors << _q_OpenSSL_to_QSslError(error.code, configuration.peerCertificateChain.value(error.depth));

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

369

1152 -

1153

}if (!errors.isEmpty()) {

!errors.isEmpty()	Description
TRUE	evaluated 248 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 192 times by 4 tests Evaluated by: tst_QNetworkReply tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

192-248

1154 sslErrors = errors; -

1155 -

1156 #ifdef Q_OS_WIN -

1157 //Skip this if not using system CAs, or if the SSL errors are configured in advance to be ignorable -

1158 if (doVerifyPeer -

1159 && s_loadRootCertsOnDemand -

1160 && allowRootCertOnDemandLoading -

1161 && !verifyErrorsHaveBeenIgnored()) { -

1162 //Windows desktop versions starting from vista ship with minimal set of roots -

1163 //and download on demand from the windows update server CA roots that are -

1164 //trusted by MS. -

1165 //However, this is only transparent if using WinINET - we have to trigger it -

1166 //ourselves. -

1167 QSslCertificate certToFetch; -

1168 bool fetchCertificate = true; -

1169 for (int i=0; i< sslErrors.count(); i++) { -

1170 switch (sslErrors.at(i).error()) { -

1171 case QSslError::UnableToGetLocalIssuerCertificate: // site presented intermediate cert, but root is unknown -

1172 case QSslError::SelfSignedCertificateInChain: // site presented a complete chain, but root is unknown -

1173 certToFetch = sslErrors.at(i).certificate(); -

1174 break; -

1175 case QSslError::SelfSignedCertificate: -

1176 case QSslError::CertificateBlacklisted: -

1177 //With these errors, we know it will be untrusted so save time by not asking windows -

1178 fetchCertificate = false; -

1179 break; -

1180 default: -

1181 #ifdef QSSLSOCKET_DEBUG -

1182 qCDebug(lcSsl) << sslErrors.at(i).errorString(); -

1183 #endif -

1184 break; -

1185 } -

1186 } -

1187 if (fetchCertificate && !certToFetch.isNull()) { -

1188 fetchCaRootForCert(certToFetch); -

1189 return false; -

1190 } -

1191 } -

1192 #endif -

1193

if (!checkSslErrors())

!checkSslErrors()	Description
TRUE	evaluated 94 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 154 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

94-154

1194

return false;

executed 94 times by 6 tests: return false;

Executed by:

tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

1195 // A slot, attached to sslErrors signal can call -

1196 // abort/close/disconnetFromHost/etc; no need to -

1197 // continue handshake then. -

1198

if (q->state() != QAbstractSocket::ConnectedState)

q->state() != ...ConnectedState	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 153 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

1-153

1199

return false;

executed 1 time by 1 test: return false;

Executed by:

tst_qsslsocket - unknown status

1200

} else {

executed 153 times by 5 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

153

1201 sslErrors.clear(); -

1202

}

executed 192 times by 4 tests: end of block

Executed by:

tst_QNetworkReply
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

192

1203 -

1204 continueHandshake(); -

1205

return true;

executed 345 times by 7 tests: return true;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

345

1206 } -

1207 -

1208 void QSslSocketBackendPrivate::storePeerCertificates() -

1209 { -

1210 // Store the peer certificate and chain. For clients, the peer certificate -

1211 // chain includes the peer certificate; for servers, it doesn't. Both the -

1212 // peer certificate and the chain may be empty if the peer didn't present -

1213 // any certificate. -

1214 X509 *x509 = q_SSL_get_peer_certificate(ssl); -

1215 configuration.peerCertificate = QSslCertificatePrivate::QSslCertificate_from_X509(x509); -

1216 q_X509_free(x509); -

1217 if (configuration.peerCertificateChain.isEmpty()) { -

1218 configuration.peerCertificateChain = STACKOFX509_to_QSslCertificates(q_SSL_get_peer_cert_chain(ssl)); -

1219 if (!configuration.peerCertificate.isNull() && mode == QSslSocket::SslServerMode) -

1220 configuration.peerCertificateChain.prepend(configuration.peerCertificate); -

1221 } -

1222 } -

1223 -

1224 bool QSslSocketBackendPrivate::checkSslErrors() -

1225 { -

1226 Q_Q(QSslSocket); -

1227

if (sslErrors.isEmpty())

sslErrors.isEmpty()	Description
TRUE	never evaluated
FALSE	evaluated 248 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-248

1228

return true;

never executed: return true;

1229 -

1230 emit q->sslErrors(sslErrors); -

1231 -

1232

bool doVerifyPeer = configuration.peerVerifyMode == QSslSocket::VerifyPeer

configuration....et::VerifyPeer	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 244 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

4-244

1233

|| (configuration.peerVerifyMode == QSslSocket::AutoVerifyPeer

configuration....AutoVerifyPeer	Description
TRUE	evaluated 242 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2 times by 1 test Evaluated by: tst_qsslsocket - unknown status

2-242

1234

&& mode == QSslSocket::SslClientMode);

mode == QSslSo...:SslClientMode	Description
TRUE	evaluated 240 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 2 times by 1 test Evaluated by: tst_qsslsocket - unknown status

2-240

1235 bool doEmitSslError = !verifyErrorsHaveBeenIgnored(); -

1236 // check whether we need to emit an SSL handshake error -

1237

if (doVerifyPeer && doEmitSslError) {

doVerifyPeer	Description
TRUE	evaluated 244 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 4 times by 1 test Evaluated by: tst_qsslsocket - unknown status

doEmitSslError	Description
TRUE	evaluated 94 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 150 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status

4-244

1238

if (q->pauseMode() & QAbstractSocket::PauseOnSslErrors) {

q->pauseMode()...useOnSslErrors	Description
TRUE	evaluated 20 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 74 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

20-74

1239 pauseSocketNotifiers(q); -

1240 paused = true; -

1241

} else {

executed 20 times by 1 test: end of block

Executed by:

tst_qsslsocket - unknown status

1242 setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, sslErrors.firstconstFirst().errorString()); -

1243 plainSocket->disconnectFromHost(); -

1244

}

executed 74 times by 6 tests: end of block

Executed by:

tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

1245

return false;

executed 94 times by 6 tests: return false;

Executed by:

tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

1246 } -

1247

return true;

executed 154 times by 5 tests: return true;

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status

154

1248 } -

1249 -

1250 unsigned int QSslSocketBackendPrivate::tlsPskClientCallback(const char *hint, -

1251 char *identity, unsigned int max_identity_len, -

1252 unsigned char *psk, unsigned int max_psk_len) -

1253 { -

1254 QSslPreSharedKeyAuthenticator authenticator; -

1255 -

1256 // Fill in some read-only fields (for the user) -

1257 if (hint) -

1258 authenticator.d->identityHint = QByteArray::fromRawData(hint, int(::strlen(hint))); // it's NUL terminated, but do not include the NUL -

1259 -

1260 authenticator.d->maximumIdentityLength = int(max_identity_len) - 1; // needs to be NUL terminated -

1261 authenticator.d->maximumPreSharedKeyLength = int(max_psk_len); -

1262 -

1263 // Let the client provide the remaining bits... -

1264 Q_Q(QSslSocket); -

1265 emit q->preSharedKeyAuthenticationRequired(&authenticator); -

1266 -

1267 // No PSK set? Return now to make the handshake fail -

1268 if (authenticator.preSharedKey().isEmpty()) -

1269 return 0; -

1270 -

1271 // Copy data back into OpenSSL -

1272 const int identityLength = qMin(authenticator.identity().length(), authenticator.maximumIdentityLength()); -

1273 ::memcpy(identity, authenticator.identity().constData(), identityLength); -

1274 identity[identityLength] = 0; -

1275 -

1276 const int pskLength = qMin(authenticator.preSharedKey().length(), authenticator.maximumPreSharedKeyLength()); -

1277 ::memcpy(psk, authenticator.preSharedKey().constData(), pskLength); -

1278 return pskLength; -

1279 } -

1280 -

1281 #ifdef Q_OS_WIN -

1282 -

1283 void QSslSocketBackendPrivate::fetchCaRootForCert(const QSslCertificate &cert) -

1284 { -

1285 Q_Q(QSslSocket); -

1286 //The root certificate is downloaded from windows update, which blocks for 15 seconds in the worst case -

1287 //so the request is done in a worker thread. -

1288 QWindowsCaRootFetcher *fetcher = new QWindowsCaRootFetcher(cert, mode); -

1289 QObject::connect(fetcher, SIGNAL(finished(QSslCertificate,QSslCertificate)), q, SLOT(_q_caRootLoaded(QSslCertificate,QSslCertificate)), Qt::QueuedConnection); -

1290 QMetaObject::invokeMethod(fetcher, "start", Qt::QueuedConnection); -

1291 pauseSocketNotifiers(q); -

1292 paused = true; -

1293 } -

1294 -

1295 //This is the callback from QWindowsCaRootFetcher, trustedRoot will be invalid (default constructed) if it failed. -

1296 void QSslSocketBackendPrivate::_q_caRootLoaded(QSslCertificate cert, QSslCertificate trustedRoot) -

1297 { -

1298 Q_Q(QSslSocket); -

1299 if (!trustedRoot.isNull() && !trustedRoot.isBlacklisted()) { -

1300 if (s_loadRootCertsOnDemand) { -

1301 //Add the new root cert to default cert list for use by future sockets -

1302 QSslSocket::addDefaultCaCertificate(trustedRoot); -

1303 } -

1304 //Add the new root cert to this socket for future connections -

1305 q->addCaCertificate(trustedRoot); -

1306 //Remove the broken chain ssl errors (as chain is verified by windows) -

1307 for (int i=sslErrors.count() - 1; i >= 0; --i) { -

1308 if (sslErrors.at(i).certificate() == cert) { -

1309 switch (sslErrors.at(i).error()) { -

1310 case QSslError::UnableToGetLocalIssuerCertificate: -

1311 case QSslError::CertificateUntrusted: -

1312 case QSslError::UnableToVerifyFirstCertificate: -

1313 case QSslError::SelfSignedCertificateInChain: -

1314 // error can be ignored if OS says the chain is trusted -

1315 sslErrors.removeAt(i); -

1316 break; -

1317 default: -

1318 // error cannot be ignored -

1319 break; -

1320 } -

1321 } -

1322 } -

1323 } -

1324 // Continue with remaining errors -

1325 if (plainSocket) -

1326 plainSocket->resume(); -

1327 paused = false; -

1328 if (checkSslErrors() && ssl) { -

1329 bool willClose = (autoStartHandshake && pendingClose); -

1330 continueHandshake(); -

1331 if (!willClose) -

1332 transmit(); -

1333 } -

1334 } -

1335 -

1336 class QWindowsCaRootFetcherThread : public QThread -

1337 { -

1338 public: -

1339 QWindowsCaRootFetcherThread() -

1340 { -

1341 qRegisterMetaType<QSslCertificate>(); -

1342 setObjectName(QStringLiteral("QWindowsCaRootFetcher")); -

1343 start(); -

1344 } -

1345 ~QWindowsCaRootFetcherThread() -

1346 { -

1347 quit(); -

1348 wait(15500); // worst case, a running request can block for 15 seconds -

1349 } -

1350 }; -

1351 -

1352 Q_GLOBAL_STATIC(QWindowsCaRootFetcherThread, windowsCaRootFetcherThread); -

1353 -

1354 QWindowsCaRootFetcher::QWindowsCaRootFetcher(const QSslCertificate &certificate, QSslSocket::SslMode sslMode) -

1355 : cert(certificate), mode(sslMode) -

1356 { -

1357 moveToThread(windowsCaRootFetcherThread()); -

1358 } -

1359 -

1360 QWindowsCaRootFetcher::~QWindowsCaRootFetcher() -

1361 { -

1362 } -

1363 -

1364 void QWindowsCaRootFetcher::start() -

1365 { -

1366 QByteArray der = cert.toDer(); -

1367 PCCERT_CONTEXT wincert = CertCreateCertificateContext(X509_ASN_ENCODING, (const BYTE *)der.constData(), der.length()); -

1368 if (!wincert) { -

1369 #ifdef QSSLSOCKET_DEBUG -

1370 qCDebug(lcSsl, "QWindowsCaRootFetcher failed to convert certificate to windows form"); -

1371 #endif -

1372 emit finished(cert, QSslCertificate()); -

1373 deleteLater(); -

1374 return; -

1375 } -

1376 -

1377 CERT_CHAIN_PARA parameters; -

1378 memset(&parameters, 0, sizeof(parameters)); -

1379 parameters.cbSize = sizeof(parameters); -

1380 // set key usage constraint -

1381 parameters.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND; -

1382 parameters.RequestedUsage.Usage.cUsageIdentifier = 1; -

1383 LPSTR oid = (LPSTR)(mode == QSslSocket::SslClientMode ? szOID_PKIX_KP_SERVER_AUTH : szOID_PKIX_KP_CLIENT_AUTH); -

1384 parameters.RequestedUsage.Usage.rgpszUsageIdentifier = &oid; -

1385 -

1386 #ifdef QSSLSOCKET_DEBUG -

1387 QElapsedTimer stopwatch; -

1388 stopwatch.start(); -

1389 #endif -

1390 PCCERT_CHAIN_CONTEXT chain; -

1391 BOOL result = CertGetCertificateChain( -

1392 0, //default engine -

1393 wincert, -

1394 0, //current date/time -

1395 0, //default store -

1396 &parameters, -

1397 0, //default dwFlags -

1398 0, //reserved -

1399 &chain); -

1400 #ifdef QSSLSOCKET_DEBUG -

1401 qCDebug(lcSsl) << "QWindowsCaRootFetcher" << stopwatch.elapsed() << "ms to get chain"; -

1402 #endif -

1403 -

1404 QSslCertificate trustedRoot; -

1405 if (result) { -

1406 #ifdef QSSLSOCKET_DEBUG -

1407 qCDebug(lcSsl) << "QWindowsCaRootFetcher - examining windows chains"; -

1408 if (chain->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR) -

1409 qCDebug(lcSsl) << " - TRUSTED"; -

1410 else -

1411 qCDebug(lcSsl) << " - NOT TRUSTED" << chain->TrustStatus.dwErrorStatus; -

1412 if (chain->TrustStatus.dwInfoStatus & CERT_TRUST_IS_SELF_SIGNED) -

1413 qCDebug(lcSsl) << " - SELF SIGNED"; -

1414 qCDebug(lcSsl) << "QSslSocketBackendPrivate::fetchCaRootForCert - dumping simple chains"; -

1415 for (unsigned int i = 0; i < chain->cChain; i++) { -

1416 if (chain->rgpChain[i]->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR) -

1417 qCDebug(lcSsl) << " - TRUSTED SIMPLE CHAIN" << i; -

1418 else -

1419 qCDebug(lcSsl) << " - UNTRUSTED SIMPLE CHAIN" << i << "reason:" << chain->rgpChain[i]->TrustStatus.dwErrorStatus; -

1420 for (unsigned int j = 0; j < chain->rgpChain[i]->cElement; j++) { -

1421 QSslCertificate foundCert(QByteArray((const char *)chain->rgpChain[i]->rgpElement[j]->pCertContext->pbCertEncoded -

1422 , chain->rgpChain[i]->rgpElement[j]->pCertContext->cbCertEncoded), QSsl::Der); -

1423 qCDebug(lcSsl) << " - " << foundCert; -

1424 } -

1425 } -

1426 qCDebug(lcSsl) << " - and" << chain->cLowerQualityChainContext << "low quality chains"; //expect 0, we haven't asked for them -

1427 #endif -

1428 -

1429 //based on http://msdn.microsoft.com/en-us/library/windows/desktop/aa377182%28v=vs.85%29.aspx -

1430 //about the final chain rgpChain[cChain-1] which must begin with a trusted root to be valid -

1431 if (chain->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR -

1432 && chain->cChain > 0) { -

1433 const PCERT_SIMPLE_CHAIN finalChain = chain->rgpChain[chain->cChain - 1]; -

1434 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa377544%28v=vs.85%29.aspx -

1435 // rgpElement[0] is the end certificate chain element. rgpElement[cElement-1] is the self-signed "root" certificate element. -

1436 if (finalChain->TrustStatus.dwErrorStatus == CERT_TRUST_NO_ERROR -

1437 && finalChain->cElement > 0) { -

1438 trustedRoot = QSslCertificate(QByteArray((const char *)finalChain->rgpElement[finalChain->cElement - 1]->pCertContext->pbCertEncoded -

1439 , finalChain->rgpElement[finalChain->cElement - 1]->pCertContext->cbCertEncoded), QSsl::Der); -

1440 } -

1441 } -

1442 CertFreeCertificateChain(chain); -

1443 } -

1444 CertFreeCertificateContext(wincert); -

1445 -

1446 emit finished(cert, trustedRoot); -

1447 deleteLater(); -

1448 } -

1449 #endif -

1450 -

1451 void QSslSocketBackendPrivate::disconnectFromHost() -

1452 { -

1453 if (ssl) { -

1454 if (!shutdown) { -

1455 q_SSL_shutdown(ssl); -

1456 shutdown = true; -

1457 transmit(); -

1458 } -

1459 } -

1460 plainSocket->disconnectFromHost(); -

1461 } -

1462 -

1463 void QSslSocketBackendPrivate::disconnected() -

1464 { -

1465 if (plainSocket->bytesAvailable() <= 0) -

1466 destroySslContext(); -

1467 else { -

1468 // Move all bytes into the plain buffer -

1469 qint64 tmpReadBufferMaxSize = readBufferMaxSize; -

1470 readBufferMaxSize = 0; // reset temporarily so the plain socket buffer is completely drained -

1471 transmit(); -

1472 readBufferMaxSize = tmpReadBufferMaxSize; -

1473 } -

1474 //if there is still buffered data in the plain socket, don't destroy the ssl context yet. -

1475 //it will be destroyed when the socket is deleted. -

1476 } -

1477 -

1478 QSslCipher QSslSocketBackendPrivate::sessionCipher() const -

1479 { -

1480 if (!ssl) -

1481 return QSslCipher(); -

1482 #if OPENSSL_VERSION_NUMBER >= 0x10000000L -

1483 // FIXME This is fairly evil, but needed to keep source level compatibility -

1484 // with the OpenSSL 0.9.x implementation at maximum -- some other functions -

1485 // don't take a const SSL_CIPHER* when they should -

1486 SSL_CIPHER *sessionCipher = const_cast<SSL_CIPHER *>(q_SSL_get_current_cipher(ssl)); -

1487 #else -

1488 SSL_CIPHER *sessionCipher = q_SSL_get_current_cipher(ssl); -

1489 #endif -

1490 return sessionCipher ? QSslCipher_from_SSL_CIPHER(sessionCipher) : QSslCipher(); -

1491 } -

1492 -

1493 QSsl::SslProtocol QSslSocketBackendPrivate::sessionProtocol() const -

1494 { -

1495 if (!ssl) -

1496 return QSsl::UnknownProtocol; -

1497 int ver = q_SSL_version(ssl); -

1498 -

1499 switch (ver) { -

1500 case 0x2: -

1501 return QSsl::SslV2; -

1502 case 0x300: -

1503 return QSsl::SslV3; -

1504 case 0x301: -

1505 return QSsl::TlsV1_0; -

1506 case 0x302: -

1507 return QSsl::TlsV1_1; -

1508 case 0x303: -

1509 return QSsl::TlsV1_2; -

1510 } -

1511 -

1512 return QSsl::UnknownProtocol; -

1513 } -

1514 -

1515 void QSslSocketBackendPrivate::continueHandshake() -

1516 { -

1517 Q_Q(QSslSocket); -

1518 // if we have a max read buffer size, reset the plain socket's to match -

1519

if (readBufferMaxSize)

readBufferMaxSize	Description
TRUE	evaluated 101 times by 3 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy
FALSE	evaluated 254 times by 5 tests Evaluated by: tst_NetworkSelfTest tst_QNetworkReply tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

101-254

1520

plainSocket->setReadBufferSize(readBufferMaxSize);

executed 101 times by 3 tests: plainSocket->setReadBufferSize(readBufferMaxSize);

Executed by:

tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy

101

1521 -

1522

if (q_SSL_ctrl((ssl), SSL_CTRL_GET_SESSION_REUSED, 0, NULL))

q_SSL_ctrl((ss... 8, 0, __null)	Description
TRUE	evaluated 16 times by 1 test Evaluated by: tst_QNetworkReply
FALSE	evaluated 339 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

16-339

1523

configuration.peerSessionShared = true;

executed 16 times by 1 test: configuration.peerSessionShared = true;

Executed by:

tst_QNetworkReply

1524 -

1525 #ifdef QT_DECRYPT_SSL_TRAFFIC -

1526 if (ssl->session && ssl->s3) { -

1527 const char *mk = reinterpret_cast<const char *>(ssl->session->master_key); -

1528 QByteArray masterKey(mk, ssl->session->master_key_length); -

1529 const char *random = reinterpret_cast<const char *>(ssl->s3->client_random); -

1530 QByteArray clientRandom(random, SSL3_RANDOM_SIZE); -

1531 -

1532 // different format, needed for e.g. older Wireshark versions: -

1533 // const char *sid = reinterpret_cast<const char *>(ssl->session->session_id); -

1534 // QByteArray sessionID(sid, ssl->session->session_id_length); -

1535 // QByteArray debugLineRSA("RSA Session-ID:"); -

1536 // debugLineRSA.append(sessionID.toHex().toUpper()); -

1537 // debugLineRSA.append(" Master-Key:"); -

1538 // debugLineRSA.append(masterKey.toHex().toUpper()); -

1539 // debugLineRSA.append("\n"); -

1540 -

1541 QByteArray debugLineClientRandom("CLIENT_RANDOM "); -

1542 debugLineClientRandom.append(clientRandom.toHex().toUpper()); -

1543 debugLineClientRandom.append(" "); -

1544 debugLineClientRandom.append(masterKey.toHex().toUpper()); -

1545 debugLineClientRandom.append("\n"); -

1546 -

1547 QString sslKeyFile = QDir::tempPath() + QLatin1String("/qt-ssl-keys"); -

1548 QFile file(sslKeyFile); -

1549 if (!file.open(QIODevice::Append)) -

1550 qCWarning(lcSsl) << "could not open file" << sslKeyFile << "for appending"; -

1551 if (!file.write(debugLineClientRandom)) -

1552 qCWarning(lcSsl) << "could not write to file" << sslKeyFile; -

1553 file.close(); -

1554 } else { -

1555 qCWarning(lcSsl, "could not decrypt SSL traffic"); -

1556 } -

1557 #endif -

1558 -

1559 // Cache this SSL session inside the QSslContext -

1560

if (!(configuration.sslOptions & QSsl::SslOptionDisableSessionSharing)) {

!(configuratio...essionSharing)	Description
TRUE	evaluated 349 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 6 times by 1 test Evaluated by: tst_QNetworkReply

6-349

1561

if (!sslContextPointer->cacheSession(ssl)) {

!sslContextPoi...heSession(ssl)	Description
TRUE	never evaluated
FALSE	evaluated 349 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-349

1562 sslContextPointer.clear(); // we could not cache the session -

1563

} else {

never executed: end of block

1564 // Cache the session for permanent usage as well -

1565

if (!(configuration.sslOptions & QSsl::SslOptionDisableSessionPersistence)) {

!(configuratio...onPersistence)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: tst_QNetworkReply
FALSE	evaluated 347 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

2-347

1566

if (!sslContextPointer->sessionASN1().isEmpty())

!sslContextPoi...N1().isEmpty()	Description
TRUE	evaluated 2 times by 1 test Evaluated by: tst_QNetworkReply
FALSE	never evaluated

0-2

1567

configuration.sslSession = sslContextPointer->sessionASN1();

executed 2 times by 1 test: configuration.sslSession = sslContextPointer->sessionASN1();

Executed by:

tst_QNetworkReply

1568 configuration.sslSessionTicketLifeTimeHint = sslContextPointer->sessionTicketLifeTimeHint(); -

1569

}

executed 2 times by 1 test: end of block

Executed by:

tst_QNetworkReply

1570

}

executed 349 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

349

1571 } -

1572 -

1573 #if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) -

1574 -

1575 configuration.nextProtocolNegotiationStatus = sslContextPointer->npnContext().status; -

1576

if (sslContextPointer->npnContext().status == QSslConfiguration::NextProtocolNegotiationUnsupported) {

sslContextPoin...ionUnsupported	Description
TRUE	never evaluated
FALSE	evaluated 355 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

0-355

1577 // we could not agree -> be conservative and use HTTP/1.1 -

1578 configuration.nextNegotiatedProtocol = QByteArrayLiteral("http/1.1"); -

1579

} else {

never executed: end of block

1580 const unsigned char *proto = 0; -

1581 unsigned int proto_len = 0; -

1582 q_SSL_get0_next_proto_negotiated(ssl, &proto, &proto_len); -

1583

if (proto_len)

proto_len	Description
TRUE	evaluated 6 times by 1 test Evaluated by: tst_Spdy
FALSE	evaluated 349 times by 7 tests Evaluated by: tst_NetworkSelfTest tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

6-349

1584

configuration.nextNegotiatedProtocol = QByteArray(reinterpret_cast<const char *>(proto), proto_len);

executed 6 times by 1 test: configuration.nextNegotiatedProtocol = QByteArray(reinterpret_cast<const char *>(proto), proto_len);

Executed by:

tst_Spdy

1585 else -

1586

configuration.nextNegotiatedProtocol.clear();

executed 349 times by 7 tests: configuration.nextNegotiatedProtocol.clear();

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

349

1587 } -

1588 #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... -

1589 -

1590 #if OPENSSL_VERSION_NUMBER >= 0x10002000L -

1591 if (q_SSLeay() >= 0x10002000L && mode == QSslSocket::SslClientMode) { -

1592 EVP_PKEY *key; -

1593 if (q_SSL_get_server_tmp_key(ssl, &key)) -

1594 configuration.ephemeralServerKey = QSslKey(key, QSsl::PublicKey); -

1595 } -

1596 #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ... -

1597 -

1598 connectionEncrypted = true; -

1599 emit q->encrypted(); -

1600

if (autoStartHandshake && pendingClose) {

autoStartHandshake	Description
TRUE	evaluated 266 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status
FALSE	evaluated 89 times by 3 tests Evaluated by: tst_NetworkSelfTest tst_QNetworkReply tst_qsslsocket - unknown status

pendingClose	Description
TRUE	evaluated 9 times by 1 test Evaluated by: tst_qsslsocket - unknown status
FALSE	evaluated 257 times by 6 tests Evaluated by: tst_QHttpNetworkConnection tst_QNetworkReply tst_Spdy tst_qsslsocket - unknown status tst_qsslsocket_onDemandCertificates_member - unknown status tst_qsslsocket_onDemandCertificates_static - unknown status

9-266

1601 pendingClose = false; -

1602 q->disconnectFromHost(); -

1603

}

executed 9 times by 1 test: end of block

Executed by:

tst_qsslsocket - unknown status

1604

}

executed 355 times by 7 tests: end of block

Executed by:

tst_NetworkSelfTest
tst_QHttpNetworkConnection
tst_QNetworkReply
tst_Spdy
tst_qsslsocket - unknown status
tst_qsslsocket_onDemandCertificates_member - unknown status
tst_qsslsocket_onDemandCertificates_static - unknown status

355

1605 -

1606 QList<QSslCertificate> QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(STACK_OF(X509) *x509) -

1607 { -

1608 ensureInitialized(); -

1609 QList<QSslCertificate> certificates; -

1610 for (int i = 0; i < q_sk_X509_num(x509); ++i) { -

1611 if (X509 *entry = q_sk_X509_value(x509, i)) -

1612 certificates << QSslCertificatePrivate::QSslCertificate_from_X509(entry); -

1613 } -

1614 return certificates; -

1615 } -

1616 -

1617 QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> &certificateChain, const QString &hostName) -

1618 { -

1619 QList<QSslError> errors; -

1620

if (certificateChain.count() <= 0) {

certificateChain.count() <= 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 7 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

1-7

1621 errors << QSslError(QSslError::UnspecifiedError); -

1622

return errors;

executed 1 time by 1 test: return errors;

Executed by:

tst_qsslcertificate - unknown status

1623 } -

1624 -

1625 // Setup the store with the default CA certificates -

1626 X509_STORE *certStore = q_X509_STORE_new(); -

1627

if (!certStore) {

!certStore	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

0-7

1628

qCWarning(lcSsl) << "Unable to create certificate store";

never executed:

QMessageLogger(__FILE__, 1628, __PRETTY_FUNCTION__, lcSsl().categoryName()).warning() << "Unable to create certificate store";

qt_category_enabled	Description
TRUE	never evaluated
FALSE	never evaluated

1629 errors << QSslError(QSslError::UnspecifiedError); -

1630

return errors;

never executed: return errors;

1631 } -

1632 -

1633

if (s_loadRootCertsOnDemand) {

s_loadRootCertsOnDemand	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 6 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

1-6

1634 setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates()); -

1635

}

executed 1 time by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

1636 -

1637 const QDateTime now = QDateTime::currentDateTimeUtc(); -

1638 foreach (const QSslCertificate &caCertificate,auto caCertificates = QSslConfiguration::defaultConfiguration().caCertificates())(); -

1639 for (const QSslCertificate &caCertificate : caCertificates) { -

1640 // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: -

1641 // -

1642 // If several CA certificates matching the name, key identifier, and -

1643 // serial number condition are available, only the first one will be -

1644 // examined. This may lead to unexpected results if the same CA -

1645 // certificate is available with different expiration dates. If a -

1646 // ``certificate expired'' verification error occurs, no other -

1647 // certificate will be searched. Make sure to not have expired -

1648 // certificates mixed with valid ones. -

1649 // -

1650 // See also: QSslContext::fromConfiguration() -

1651

if (caCertificate.expiryDate() >= now) {

caCertificate....yDate() >= now	Description
TRUE	evaluated 2296 times by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 154 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

154-2296

1652 q_X509_STORE_add_cert(certStore, reinterpret_cast<X509 *>(caCertificate.handle())); -

1653

}

executed 2296 times by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

2296

1654

}

executed 2450 times by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

2450

1655 -

1656 QMutexLocker sslErrorListMutexLocker(&_q_sslErrorList()->mutex); -

1657 -

1658 // Register a custom callback to get all verification errors. -

1659 X509_STORE_set_verify_cb_func(certStore, q_X509Callback); -

1660 -

1661 // Build the chain of intermediate certificates -

1662 STACK_OF(X509) *intermediates = 0; -

1663

if (certificateChain.length() > 1) {

certificateChain.length() > 1	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 3 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

3-4

1664 intermediates = (STACK_OF(X509) *) q_sk_new_null(); -

1665 -

1666

if (!intermediates) {

!intermediates	Description
TRUE	never evaluated
FALSE	evaluated 4 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

0-4

1667 q_X509_STORE_free(certStore); -

1668 errors << QSslError(QSslError::UnspecifiedError); -

1669

return errors;

never executed: return errors;

1670 } -

1671 -

1672 bool first = true; -

1673 foreachfor (const QSslCertificate &cert ,: certificateChain) { -

1674

if (first) {

first	Description
TRUE	evaluated 4 times by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 4 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

1675 first = false; -

1676

continue;

executed 4 times by 1 test: continue;

Executed by:

tst_qsslcertificate - unknown status

1677 } -

1678 #if OPENSSL_VERSION_NUMBER >= 0x10000000L -

1679 q_sk_push( (_STACK *)intermediates, reinterpret_cast<X509 *>(cert.handle())); -

1680 #else -

1681 q_sk_push( (STACK *)intermediates, reinterpret_cast<char *>(cert.handle())); -

1682 #endif -

1683

}

executed 4 times by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

1684

}

executed 4 times by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

1685 -

1686 X509_STORE_CTX *storeContext = q_X509_STORE_CTX_new(); -

1687

if (!storeContext) {

!storeContext	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

0-7

1688 q_X509_STORE_free(certStore); -

1689 errors << QSslError(QSslError::UnspecifiedError); -

1690

return errors;

never executed: return errors;

1691 } -

1692 -

1693

if (!q_X509_STORE_CTX_init(storeContext, certStore, reinterpret_cast<X509 *>(certificateChain[0].handle()), intermediates)) {

!q_X509_STORE_...intermediates)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

0-7

1694 q_X509_STORE_CTX_free(storeContext); -

1695 q_X509_STORE_free(certStore); -

1696 errors << QSslError(QSslError::UnspecifiedError); -

1697

return errors;

never executed: return errors;

1698 } -

1699 -

1700 // Now we can actually perform the verification of the chain we have built. -

1701 // We ignore the result of this function since we process errors via the -

1702 // callback. -

1703 (void) q_X509_verify_cert(storeContext); -

1704 -

1705 q_X509_STORE_CTX_free(storeContext); -

1706 #if OPENSSL_VERSION_NUMBER >= 0x10000000L -

1707 q_sk_free( (_STACK *) intermediates); -

1708 #else -

1709 q_sk_free( (STACK *) intermediates); -

1710 #endif -

1711 -

1712 // Now process the errors -

1713 const QList<QPair<int, int> >auto errorList = std::move(_q_sslErrorList()->errors;); -

1714 _q_sslErrorList()->errors.clear(); -

1715 -

1716 sslErrorListMutexLocker.unlock(); -

1717 -

1718 // Translate the errors -

1719

if (QSslCertificatePrivate::isBlacklisted(certificateChain[0])) {

QSslCertificat...icateChain[0])	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 6 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

1-6

1720 QSslError error(QSslError::CertificateBlacklisted, certificateChain[0]); -

1721 errors << error; -

1722

}

executed 1 time by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

1723 -

1724 // Check the certificate name against the hostname if one was specified -

1725

if ((!hostName.isEmpty()) && (!isMatchingHostname(certificateChain[0], hostName))) {

(!hostName.isEmpty())	Description
TRUE	evaluated 2 times by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 5 times by 1 test Evaluated by: tst_qsslcertificate - unknown status

(!isMatchingHo...0], hostName))	Description
TRUE	evaluated 1 time by 1 test Evaluated by: tst_qsslcertificate - unknown status
FALSE	evaluated 1 time by 1 test Evaluated by: tst_qsslcertificate - unknown status

1-5

1726 // No matches in common names or alternate names. -

1727 QSslError error(QSslError::HostNameMismatch, certificateChain[0]); -

1728 errors << error; -

1729

}

executed 1 time by 1 test: end of block

Executed by:

tst_qsslcertificate - unknown status

1730 -

1731 // Translate errors from the error list into QSslErrors. -

1732 const int numErrors = errorList.size();errors.reserve(errors.size() + numErrors);errorList.size()); -

1733 for (int i = 0; i < numErrors; ++i) {const QPair<int, int> &errorAndDepth = errorList.atauto &error : qAsConst(i); -

int err = errorAndDepth.first;

int depth = errorAndDepth.second;errorList))

1734

errors << _q_OpenSSL_to_QSslError(errerror.code, certificateChain.value(error.depth));}

executed 4 times by 1 test: errors << _q_OpenSSL_to_QSslError(error.code, certificateChain.value(error.depth));

Executed by:

tst_qsslcertificate - unknown status

1735 -

1736 q_X509_STORE_free(certStore); -

1737 -

1738

return errors;

executed 7 times by 1 test: return errors;

Executed by:

tst_qsslcertificate - unknown status

1739 } -

1740 -

1741 bool QSslSocketBackendPrivate::importPkcs12(QIODevice *device, -

1742 QSslKey *key, QSslCertificate *cert, -

1743 QList<QSslCertificate> *caCertificates, -

1744 const QByteArray &passPhrase) -

1745 { -

1746 if (!supportsSsl()) -

1747 return false; -

1748 -

1749 // These are required -

1750 Q_ASSERT(device); -

1751 Q_ASSERT(key); -

1752 Q_ASSERT(cert); -

1753 -

1754 // Read the file into a BIO -

1755 QByteArray pkcs12data = device->readAll(); -

1756 if (pkcs12data.size() == 0) -

1757 return false; -

1758 -

1759 BIO *bio = q_BIO_new_mem_buf(const_cast<char *>(pkcs12data.constData()), pkcs12data.size()); -

1760 -

1761 // Create the PKCS#12 object -

1762 PKCS12 *p12 = q_d2i_PKCS12_bio(bio, 0); -

1763 if (!p12) { -

1764 qCWarning(lcSsl, "Unable to read PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); -

1765 q_BIO_free(bio); -

1766 return false; -

1767 } -

1768 -

1769 // Extract the data -

1770 EVP_PKEY *pkey; -

1771 X509 *x509; -

1772 STACK_OF(X509) *ca = 0; -

1773 -

1774 if (!q_PKCS12_parse(p12, passPhrase.constData(), &pkey, &x509, &ca)) { -

1775 qCWarning(lcSsl, "Unable to parse PKCS#12 structure, %s", q_ERR_error_string(q_ERR_get_error(), 0)); -

1776 q_PKCS12_free(p12); -

1777 q_BIO_free(bio); -

1778 return false; -

1779 } -

1780 -

1781 // Convert to Qt types -

1782 if (!key->d->fromEVP_PKEY(pkey)) { -

1783 qCWarning(lcSsl, "Unable to convert private key"); -

1784 q_sk_pop_free(reinterpret_cast<STACK *>(ca), reinterpret_cast<void(*)(void*)>(q_sk_free)); -

1785 q_X509_free(x509); -

1786 q_EVP_PKEY_free(pkey); -

1787 q_PKCS12_free(p12); -

1788 q_BIO_free(bio); -

1789 -

1790 return false; -

1791 } -

1792 -

1793 *cert = QSslCertificatePrivate::QSslCertificate_from_X509(x509); -

1794 -

1795 if (caCertificates) -

1796 *caCertificates = QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(ca); -

1797 -

1798 // Clean up -

1799 q_sk_pop_free(reinterpret_cast<STACK *>(ca), reinterpret_cast<void(*)(void*)>(q_sk_free)); -

1800 q_X509_free(x509); -

1801 q_EVP_PKEY_free(pkey); -

1802 q_PKCS12_free(p12); -

1803 q_BIO_free(bio); -

1804 -

1805 return true; -

1806 } -

1807 -

1808 -

1809 QT_END_NAMESPACE -

Source code

Switch to Preprocessed file

Generated by Squish Coco Non-Commercial 4.3.0-BETA-master-30-08-2018-4cb69e9