qsslsocket.cpp

Absolute File Name:/home/qt/qt5_coco/qt5/qtbase/src/network/ssl/qsslsocket.cpp
Source codeSwitch to Preprocessed file
LineSourceCount
1/****************************************************************************-
2**-
3** Copyright (C) 2016 The Qt Company Ltd.-
4** Copyright (C) 2014 BlackBerry Limited. All rights reserved.-
5** Contact: https://www.qt.io/licensing/-
6**-
7** This file is part of the QtNetwork module of the Qt Toolkit.-
8**-
9** $QT_BEGIN_LICENSE:LGPL$-
10** Commercial License Usage-
11** Licensees holding valid commercial Qt licenses may use this file in-
12** accordance with the commercial license agreement provided with the-
13** Software or, alternatively, in accordance with the terms contained in-
14** a written agreement between you and The Qt Company. For licensing terms-
15** and conditions see https://www.qt.io/terms-conditions. For further-
16** information use the contact form at https://www.qt.io/contact-us.-
17**-
18** GNU Lesser General Public License Usage-
19** Alternatively, this file may be used under the terms of the GNU Lesser-
20** General Public License version 3 as published by the Free Software-
21** Foundation and appearing in the file LICENSE.LGPL3 included in the-
22** packaging of this file. Please review the following information to-
23** ensure the GNU Lesser General Public License version 3 requirements-
24** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.-
25**-
26** GNU General Public License Usage-
27** Alternatively, this file may be used under the terms of the GNU-
28** General Public License version 2.0 or (at your option) the GNU General-
29** Public license version 3 or any later version approved by the KDE Free-
30** Qt Foundation. The licenses are as published by the Free Software-
31** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3-
32** included in the packaging of this file. Please review the following-
33** information to ensure the GNU General Public License requirements will-
34** be met: https://www.gnu.org/licenses/gpl-2.0.html and-
35** https://www.gnu.org/licenses/gpl-3.0.html.-
36**-
37** $QT_END_LICENSE$-
38**-
39****************************************************************************/-
40-
41-
42//#define QSSLSOCKET_DEBUG-
43-
44/*!-
45 \class QSslSocket-
46 \brief The QSslSocket class provides an SSL encrypted socket for both-
47 clients and servers.-
48 \since 4.3-
49-
50 \reentrant-
51 \ingroup network-
52 \ingroup ssl-
53 \inmodule QtNetwork-
54-
55 QSslSocket establishes a secure, encrypted TCP connection you can-
56 use for transmitting encrypted data. It can operate in both client-
57 and server mode, and it supports modern SSL protocols, including-
58 SSL 3 and TLS 1.2. By default, QSslSocket uses only SSL protocols-
59 which are considered to be secure (QSsl::SecureProtocols), but you can-
60 change the SSL protocol by calling setProtocol() as long as you do-
61 it before the handshake has started.-
62-
63 SSL encryption operates on top of the existing TCP stream after-
64 the socket enters the ConnectedState. There are two simple ways to-
65 establish a secure connection using QSslSocket: With an immediate-
66 SSL handshake, or with a delayed SSL handshake occurring after the-
67 connection has been established in unencrypted mode.-
68-
69 The most common way to use QSslSocket is to construct an object-
70 and start a secure connection by calling connectToHostEncrypted().-
71 This method starts an immediate SSL handshake once the connection-
72 has been established.-
73-
74 \snippet code/src_network_ssl_qsslsocket.cpp 0-
75-
76 As with a plain QTcpSocket, QSslSocket enters the HostLookupState,-
77 ConnectingState, and finally the ConnectedState, if the connection-
78 is successful. The handshake then starts automatically, and if it-
79 succeeds, the encrypted() signal is emitted to indicate the socket-
80 has entered the encrypted state and is ready for use.-
81-
82 Note that data can be written to the socket immediately after the-
83 return from connectToHostEncrypted() (i.e., before the encrypted()-
84 signal is emitted). The data is queued in QSslSocket until after-
85 the encrypted() signal is emitted.-
86-
87 An example of using the delayed SSL handshake to secure an-
88 existing connection is the case where an SSL server secures an-
89 incoming connection. Suppose you create an SSL server class as a-
90 subclass of QTcpServer. You would override-
91 QTcpServer::incomingConnection() with something like the example-
92 below, which first constructs an instance of QSslSocket and then-
93 calls setSocketDescriptor() to set the new socket's descriptor to-
94 the existing one passed in. It then initiates the SSL handshake-
95 by calling startServerEncryption().-
96-
97 \snippet code/src_network_ssl_qsslsocket.cpp 1-
98-
99 If an error occurs, QSslSocket emits the sslErrors() signal. In this-
100 case, if no action is taken to ignore the error(s), the connection-
101 is dropped. To continue, despite the occurrence of an error, you-
102 can call ignoreSslErrors(), either from within this slot after the-
103 error occurs, or any time after construction of the QSslSocket and-
104 before the connection is attempted. This will allow QSslSocket to-
105 ignore the errors it encounters when establishing the identity of-
106 the peer. Ignoring errors during an SSL handshake should be used-
107 with caution, since a fundamental characteristic of secure-
108 connections is that they should be established with a successful-
109 handshake.-
110-
111 Once encrypted, you use QSslSocket as a regular QTcpSocket. When-
112 readyRead() is emitted, you can call read(), canReadLine() and-
113 readLine(), or getChar() to read decrypted data from QSslSocket's-
114 internal buffer, and you can call write() or putChar() to write-
115 data back to the peer. QSslSocket will automatically encrypt the-
116 written data for you, and emit encryptedBytesWritten() once-
117 the data has been written to the peer.-
118-
119 As a convenience, QSslSocket supports QTcpSocket's blocking-
120 functions waitForConnected(), waitForReadyRead(),-
121 waitForBytesWritten(), and waitForDisconnected(). It also provides-
122 waitForEncrypted(), which will block the calling thread until an-
123 encrypted connection has been established.-
124-
125 \snippet code/src_network_ssl_qsslsocket.cpp 2-
126-
127 QSslSocket provides an extensive, easy-to-use API for handling-
128 cryptographic ciphers, private keys, and local, peer, and-
129 Certification Authority (CA) certificates. It also provides an API-
130 for handling errors that occur during the handshake phase.-
131-
132 The following features can also be customized:-
133-
134 \list-
135 \li The socket's cryptographic cipher suite can be customized before-
136 the handshake phase with setCiphers() and setDefaultCiphers().-
137 \li The socket's local certificate and private key can be customized-
138 before the handshake phase with setLocalCertificate() and-
139 setPrivateKey().-
140 \li The CA certificate database can be extended and customized with-
141 addCaCertificate(), addCaCertificates(), addDefaultCaCertificate(),-
142 addDefaultCaCertificates(), and QSslConfiguration::defaultConfiguration().setCaCertificates().-
143 \endlist-
144-
145 \note If available, root certificates on Unix (excluding \macos) will be-
146 loaded on demand from the standard certificate directories. If you do not-
147 want to load root certificates on demand, you need to call either-
148 QSslConfiguration::defaultConfiguration().setCaCertificates() before the first-
149 SSL handshake is made in your application (for example, via passing-
150 QSslSocket::systemCaCertificates() to it), or call-
151 QSslConfiguration::defaultConfiguration()::setCaCertificates() on your QSslSocket instance-
152 prior to the SSL handshake.-
153-
154 For more information about ciphers and certificates, refer to QSslCipher and-
155 QSslCertificate.-
156-
157 This product includes software developed by the OpenSSL Project-
158 for use in the OpenSSL Toolkit (\l{http://www.openssl.org/}).-
159-
160 \note Be aware of the difference between the bytesWritten() signal and-
161 the encryptedBytesWritten() signal. For a QTcpSocket, bytesWritten()-
162 will get emitted as soon as data has been written to the TCP socket.-
163 For a QSslSocket, bytesWritten() will get emitted when the data-
164 is being encrypted and encryptedBytesWritten()-
165 will get emitted as soon as data has been written to the TCP socket.-
166-
167 \sa QSslCertificate, QSslCipher, QSslError-
168*/-
169-
170/*!-
171 \enum QSslSocket::SslMode-
172-
173 Describes the connection modes available for QSslSocket.-
174-
175 \value UnencryptedMode The socket is unencrypted. Its-
176 behavior is identical to QTcpSocket.-
177-
178 \value SslClientMode The socket is a client-side SSL socket.-
179 It is either alreayd encrypted, or it is in the SSL handshake-
180 phase (see QSslSocket::isEncrypted()).-
181-
182 \value SslServerMode The socket is a server-side SSL socket.-
183 It is either already encrypted, or it is in the SSL handshake-
184 phase (see QSslSocket::isEncrypted()).-
185*/-
186-
187/*!-
188 \enum QSslSocket::PeerVerifyMode-
189 \since 4.4-
190-
191 Describes the peer verification modes for QSslSocket. The default mode is-
192 AutoVerifyPeer, which selects an appropriate mode depending on the-
193 socket's QSocket::SslMode.-
194-
195 \value VerifyNone QSslSocket will not request a certificate from the-
196 peer. You can set this mode if you are not interested in the identity of-
197 the other side of the connection. The connection will still be encrypted,-
198 and your socket will still send its local certificate to the peer if it's-
199 requested.-
200-
201 \value QueryPeer QSslSocket will request a certificate from the peer, but-
202 does not require this certificate to be valid. This is useful when you-
203 want to display peer certificate details to the user without affecting the-
204 actual SSL handshake. This mode is the default for servers.-
205-
206 \value VerifyPeer QSslSocket will request a certificate from the peer-
207 during the SSL handshake phase, and requires that this certificate is-
208 valid. On failure, QSslSocket will emit the QSslSocket::sslErrors()-
209 signal. This mode is the default for clients.-
210-
211 \value AutoVerifyPeer QSslSocket will automatically use QueryPeer for-
212 server sockets and VerifyPeer for client sockets.-
213-
214 \sa QSslSocket::peerVerifyMode()-
215*/-
216-
217/*!-
218 \fn QSslSocket::encrypted()-
219-
220 This signal is emitted when QSslSocket enters encrypted mode. After this-
221 signal has been emitted, QSslSocket::isEncrypted() will return true, and-
222 all further transmissions on the socket will be encrypted.-
223-
224 \sa QSslSocket::connectToHostEncrypted(), QSslSocket::isEncrypted()-
225*/-
226-
227/*!-
228 \fn QSslSocket::modeChanged(QSslSocket::SslMode mode)-
229-
230 This signal is emitted when QSslSocket changes from \l-
231 QSslSocket::UnencryptedMode to either \l QSslSocket::SslClientMode or \l-
232 QSslSocket::SslServerMode. \a mode is the new mode.-
233-
234 \sa QSslSocket::mode()-
235*/-
236-
237/*!-
238 \fn QSslSocket::encryptedBytesWritten(qint64 written)-
239 \since 4.4-
240-
241 This signal is emitted when QSslSocket writes its encrypted data to the-
242 network. The \a written parameter contains the number of bytes that were-
243 successfully written.-
244-
245 \sa QIODevice::bytesWritten()-
246*/-
247-
248/*!-
249 \fn void QSslSocket::peerVerifyError(const QSslError &error)-
250 \since 4.4-
251-
252 QSslSocket can emit this signal several times during the SSL handshake,-
253 before encryption has been established, to indicate that an error has-
254 occurred while establishing the identity of the peer. The \a error is-
255 usually an indication that QSslSocket is unable to securely identify the-
256 peer.-
257-
258 This signal provides you with an early indication when something's wrong.-
259 By connecting to this signal, you can manually choose to tear down the-
260 connection from inside the connected slot before the handshake has-
261 completed. If no action is taken, QSslSocket will proceed to emitting-
262 QSslSocket::sslErrors().-
263-
264 \sa sslErrors()-
265*/-
266-
267/*!-
268 \fn void QSslSocket::sslErrors(const QList<QSslError> &errors);-
269-
270 QSslSocket emits this signal after the SSL handshake to indicate that one-
271 or more errors have occurred while establishing the identity of the-
272 peer. The errors are usually an indication that QSslSocket is unable to-
273 securely identify the peer. Unless any action is taken, the connection-
274 will be dropped after this signal has been emitted.-
275-
276 If you want to continue connecting despite the errors that have occurred,-
277 you must call QSslSocket::ignoreSslErrors() from inside a slot connected to-
278 this signal. If you need to access the error list at a later point, you-
279 can call sslErrors() (without arguments).-
280-
281 \a errors contains one or more errors that prevent QSslSocket from-
282 verifying the identity of the peer.-
283-
284 \note You cannot use Qt::QueuedConnection when connecting to this signal,-
285 or calling QSslSocket::ignoreSslErrors() will have no effect.-
286-
287 \sa peerVerifyError()-
288*/-
289-
290/*!-
291 \fn void QSslSocket::preSharedKeyAuthenticationRequired(QSslPreSharedKeyAuthenticator *authenticator)-
292 \since 5.5-
293-
294 QSslSocket emits this signal when it negotiates a PSK ciphersuite, and-
295 therefore a PSK authentication is then required.-
296-
297 When using PSK, the client must send to the server a valid identity and a-
298 valid pre shared key, in order for the SSL handshake to continue.-
299 Applications can provide this information in a slot connected to this-
300 signal, by filling in the passed \a authenticator object according to their-
301 needs.-
302-
303 \note Ignoring this signal, or failing to provide the required credentials,-
304 will cause the handshake to fail, and therefore the connection to be aborted.-
305-
306 \note The \a authenticator object is owned by the socket and must not be-
307 deleted by the application.-
308-
309 \sa QSslPreSharedKeyAuthenticator-
310*/-
311-
312#include "qssl_p.h"-
313#include "qsslsocket.h"-
314#include "qsslcipher.h"-
315#ifndef QT_NO_OPENSSL-
316#include "qsslsocket_openssl_p.h"-
317#endif-
318#ifdef Q_OS_WINRT-
319#include "qsslsocket_winrt_p.h"-
320#endif-
321#ifdef QT_SECURETRANSPORT-
322#include "qsslsocket_mac_p.h"-
323#endif-
324#include "qsslconfiguration_p.h"-
325-
326#include <QtCore/qdebug.h>-
327#include <QtCore/qdir.h>-
328#include <QtCore/qmutex.h>-
329#include <QtCore/qelapsedtimer.h>-
330#include <QtNetwork/qhostaddress.h>-
331#include <QtNetwork/qhostinfo.h>-
332-
333QT_BEGIN_NAMESPACE-
334-
335class QSslSocketGlobalData-
336{-
337public:-
338 QSslSocketGlobalData() : config(new QSslConfigurationPrivate) {}-
339-
340 QMutex mutex;-
341 QList<QSslCipher> supportedCiphers;-
342 QVector<QSslEllipticCurve> supportedEllipticCurves;-
343 QExplicitlySharedDataPointer<QSslConfigurationPrivate> config;-
344};-
345Q_GLOBAL_STATIC(QSslSocketGlobalData, globalData)-
346-
347/*!-
348 Constructs a QSslSocket object. \a parent is passed to QObject's-
349 constructor. The new socket's \l {QSslCipher} {cipher} suite is-
350 set to the one returned by the static method defaultCiphers().-
351*/-
352QSslSocket::QSslSocket(QObject *parent)-
353 : QTcpSocket(*new QSslSocketBackendPrivate, parent)-
354{-
355 Q_D(QSslSocket);-
356#ifdef QSSLSOCKET_DEBUG-
357 qCDebug(lcSsl) << "QSslSocket::QSslSocket(" << parent << "), this =" << (void *)this;-
358#endif-
359 d->q_ptr = this;-
360 d->init();-
361}-
362-
363/*!-
364 Destroys the QSslSocket.-
365*/-
366QSslSocket::~QSslSocket()-
367{-
368 Q_D(QSslSocket);-
369#ifdef QSSLSOCKET_DEBUG-
370 qCDebug(lcSsl) << "QSslSocket::~QSslSocket(), this =" << (void *)this;-
371#endif-
372 delete d->plainSocket;-
373 d->plainSocket = 0;-
374}-
375-
376/*!-
377 \reimp-
378-
379 \since 5.0-
380-
381 Continues data transfer on the socket after it has been paused. If-
382 "setPauseMode(QAbstractSocket::PauseOnSslErrors);" has been called on-
383 this socket and a sslErrors() signal is received, calling this method-
384 is necessary for the socket to continue.-
385-
386 \sa QAbstractSocket::pauseMode(), QAbstractSocket::setPauseMode()-
387*/-
388void QSslSocket::resume()-
389{-
390 // continuing might emit signals, rather do this through the event loop-
391 QMetaObject::invokeMethod(this, "_q_resumeImplementation", Qt::QueuedConnection);-
392}-
393-
394/*!-
395 Starts an encrypted connection to the device \a hostName on \a-
396 port, using \a mode as the \l OpenMode. This is equivalent to-
397 calling connectToHost() to establish the connection, followed by a-
398 call to startClientEncryption(). The \a protocol parameter can be-
399 used to specify which network protocol to use (eg. IPv4 or IPv6).-
400-
401 QSslSocket first enters the HostLookupState. Then, after entering-
402 either the event loop or one of the waitFor...() functions, it-
403 enters the ConnectingState, emits connected(), and then initiates-
404 the SSL client handshake. At each state change, QSslSocket emits-
405 signal stateChanged().-
406-
407 After initiating the SSL client handshake, if the identity of the-
408 peer can't be established, signal sslErrors() is emitted. If you-
409 want to ignore the errors and continue connecting, you must call-
410 ignoreSslErrors(), either from inside a slot function connected to-
411 the sslErrors() signal, or prior to entering encrypted mode. If-
412 ignoreSslErrors() is not called, the connection is dropped, signal-
413 disconnected() is emitted, and QSslSocket returns to the-
414 UnconnectedState.-
415-
416 If the SSL handshake is successful, QSslSocket emits encrypted().-
417-
418 \snippet code/src_network_ssl_qsslsocket.cpp 3-
419-
420 \note The example above shows that text can be written to-
421 the socket immediately after requesting the encrypted connection,-
422 before the encrypted() signal has been emitted. In such cases, the-
423 text is queued in the object and written to the socket \e after-
424 the connection is established and the encrypted() signal has been-
425 emitted.-
426-
427 The default for \a mode is \l ReadWrite.-
428-
429 If you want to create a QSslSocket on the server side of a connection, you-
430 should instead call startServerEncryption() upon receiving the incoming-
431 connection through QTcpServer.-
432-
433 \sa connectToHost(), startClientEncryption(), waitForConnected(), waitForEncrypted()-
434*/-
435void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode, NetworkLayerProtocol protocol)-
436{-
437 Q_D(QSslSocket);-
438 if (d->state == ConnectedState || d->state == ConnectingState) {-
439 qCWarning(lcSsl,-
440 "QSslSocket::connectToHostEncrypted() called when already connecting/connected");-
441 return;-
442 }-
443-
444 d->init();-
445 d->autoStartHandshake = true;-
446 d->initialized = true;-
447-
448 // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)-
449 // establish the connection immediately (i.e., first attempt).-
450 connectToHost(hostName, port, mode, protocol);-
451}-
452-
453/*!-
454 \since 4.6-
455 \overload-
456-
457 In addition to the original behaviour of connectToHostEncrypted,-
458 this overloaded method enables the usage of a different hostname-
459 (\a sslPeerName) for the certificate validation instead of-
460 the one used for the TCP connection (\a hostName).-
461-
462 \sa connectToHostEncrypted()-
463*/-
464void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,-
465 const QString &sslPeerName, OpenMode mode,-
466 NetworkLayerProtocol protocol)-
467{-
468 Q_D(QSslSocket);-
469 if (d->state == ConnectedState || d->state == ConnectingState) {-
470 qCWarning(lcSsl,-
471 "QSslSocket::connectToHostEncrypted() called when already connecting/connected");-
472 return;-
473 }-
474-
475 d->init();-
476 d->autoStartHandshake = true;-
477 d->initialized = true;-
478 d->verificationPeerName = sslPeerName;-
479-
480 // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)-
481 // establish the connection immediately (i.e., first attempt).-
482 connectToHost(hostName, port, mode, protocol);-
483}-
484-
485/*!-
486 Initializes QSslSocket with the native socket descriptor \a-
487 socketDescriptor. Returns \c true if \a socketDescriptor is accepted-
488 as a valid socket descriptor; otherwise returns \c false.-
489 The socket is opened in the mode specified by \a openMode, and-
490 enters the socket state specified by \a state.-
491-
492 \note It is not possible to initialize two sockets with the same-
493 native socket descriptor.-
494-
495 \sa socketDescriptor()-
496*/-
497bool QSslSocket::setSocketDescriptor(qintptr socketDescriptor, SocketState state, OpenMode openMode)-
498{-
499 Q_D(QSslSocket);-
500#ifdef QSSLSOCKET_DEBUG-
501 qCDebug(lcSsl) << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ','-
502 << state << ',' << openMode << ')';-
503#endif-
504 if (!d->plainSocket)
!d->plainSocketDescription
TRUEevaluated 69 times by 3 tests
Evaluated by:
  • tst_QNetworkReply
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEnever evaluated
0-69
505 d->createPlainSocket(openMode);
executed 69 times by 3 tests: d->createPlainSocket(openMode);
Executed by:
  • tst_QNetworkReply
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
69
506 bool retVal = d->plainSocket->setSocketDescriptor(socketDescriptor, state, openMode);-
507 d->cachedSocketDescriptor = d->plainSocket->socketDescriptor();-
508 d->setError(d->plainSocket->error(), d->plainSocket->errorString());-
509 setSocketState(state);-
510 setOpenMode(openMode);-
511 setLocalPort(d->plainSocket->localPort());-
512 setLocalAddress(d->plainSocket->localAddress());-
513 setPeerPort(d->plainSocket->peerPort());-
514 setPeerAddress(d->plainSocket->peerAddress());-
515 setPeerName(d->plainSocket->peerName());-
516 d->readChannelCount = d->plainSocket->readChannelCount();-
517 d->writeChannelCount = d->plainSocket->writeChannelCount();-
518 return retVal;
executed 69 times by 3 tests: return retVal;
Executed by:
  • tst_QNetworkReply
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
69
519}-
520-
521/*!-
522 \since 4.6-
523 Sets the given \a option to the value described by \a value.-
524-
525 \sa socketOption()-
526*/-
527void QSslSocket::setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value)-
528{-
529 Q_D(QSslSocket);-
530 if (d->plainSocket)-
531 d->plainSocket->setSocketOption(option, value);-
532}-
533-
534/*!-
535 \since 4.6-
536 Returns the value of the \a option option.-
537-
538 \sa setSocketOption()-
539*/-
540QVariant QSslSocket::socketOption(QAbstractSocket::SocketOption option)-
541{-
542 Q_D(QSslSocket);-
543 if (d->plainSocket)-
544 return d->plainSocket->socketOption(option);-
545 else-
546 return QVariant();-
547}-
548-
549/*!-
550 Returns the current mode for the socket; either UnencryptedMode, where-
551 QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or-
552 SslServerMode, where the client is either negotiating or in encrypted-
553 mode.-
554-
555 When the mode changes, QSslSocket emits modeChanged()-
556-
557 \sa SslMode-
558*/-
559QSslSocket::SslMode QSslSocket::mode() const-
560{-
561 Q_D(const QSslSocket);-
562 return d->mode;-
563}-
564-
565/*!-
566 Returns \c true if the socket is encrypted; otherwise, false is returned.-
567-
568 An encrypted socket encrypts all data that is written by calling write()-
569 or putChar() before the data is written to the network, and decrypts all-
570 incoming data as the data is received from the network, before you call-
571 read(), readLine() or getChar().-
572-
573 QSslSocket emits encrypted() when it enters encrypted mode.-
574-
575 You can call sessionCipher() to find which cryptographic cipher is used to-
576 encrypt and decrypt your data.-
577-
578 \sa mode()-
579*/-
580bool QSslSocket::isEncrypted() const-
581{-
582 Q_D(const QSslSocket);-
583 return d->connectionEncrypted;-
584}-
585-
586/*!-
587 Returns the socket's SSL protocol. By default, \l QSsl::SecureProtocols is used.-
588-
589 \sa setProtocol()-
590*/-
591QSsl::SslProtocol QSslSocket::protocol() const-
592{-
593 Q_D(const QSslSocket);-
594 return d->configuration.protocol;-
595}-
596-
597/*!-
598 Sets the socket's SSL protocol to \a protocol. This will affect the next-
599 initiated handshake; calling this function on an already-encrypted socket-
600 will not affect the socket's protocol.-
601*/-
602void QSslSocket::setProtocol(QSsl::SslProtocol protocol)-
603{-
604 Q_D(QSslSocket);-
605 d->configuration.protocol = protocol;-
606}-
607-
608/*!-
609 \since 4.4-
610-
611 Returns the socket's verify mode. This mode decides whether-
612 QSslSocket should request a certificate from the peer (i.e., the client-
613 requests a certificate from the server, or a server requesting a-
614 certificate from the client), and whether it should require that this-
615 certificate is valid.-
616-
617 The default mode is AutoVerifyPeer, which tells QSslSocket to use-
618 VerifyPeer for clients and QueryPeer for servers.-
619-
620 \sa setPeerVerifyMode(), peerVerifyDepth(), mode()-
621*/-
622QSslSocket::PeerVerifyMode QSslSocket::peerVerifyMode() const-
623{-
624 Q_D(const QSslSocket);-
625 return d->configuration.peerVerifyMode;-
626}-
627-
628/*!-
629 \since 4.4-
630-
631 Sets the socket's verify mode to \a mode. This mode decides whether-
632 QSslSocket should request a certificate from the peer (i.e., the client-
633 requests a certificate from the server, or a server requesting a-
634 certificate from the client), and whether it should require that this-
635 certificate is valid.-
636-
637 The default mode is AutoVerifyPeer, which tells QSslSocket to use-
638 VerifyPeer for clients and QueryPeer for servers.-
639-
640 Setting this mode after encryption has started has no effect on the-
641 current connection.-
642-
643 \sa peerVerifyMode(), setPeerVerifyDepth(), mode()-
644*/-
645void QSslSocket::setPeerVerifyMode(QSslSocket::PeerVerifyMode mode)-
646{-
647 Q_D(QSslSocket);-
648 d->configuration.peerVerifyMode = mode;-
649}-
650-
651/*!-
652 \since 4.4-
653-
654 Returns the maximum number of certificates in the peer's certificate chain-
655 to be checked during the SSL handshake phase, or 0 (the default) if no-
656 maximum depth has been set, indicating that the whole certificate chain-
657 should be checked.-
658-
659 The certificates are checked in issuing order, starting with the peer's-
660 own certificate, then its issuer's certificate, and so on.-
661-
662 \sa setPeerVerifyDepth(), peerVerifyMode()-
663*/-
664int QSslSocket::peerVerifyDepth() const-
665{-
666 Q_D(const QSslSocket);-
667 return d->configuration.peerVerifyDepth;-
668}-
669-
670/*!-
671 \since 4.4-
672-
673 Sets the maximum number of certificates in the peer's certificate chain to-
674 be checked during the SSL handshake phase, to \a depth. Setting a depth of-
675 0 means that no maximum depth is set, indicating that the whole-
676 certificate chain should be checked.-
677-
678 The certificates are checked in issuing order, starting with the peer's-
679 own certificate, then its issuer's certificate, and so on.-
680-
681 \sa peerVerifyDepth(), setPeerVerifyMode()-
682*/-
683void QSslSocket::setPeerVerifyDepth(int depth)-
684{-
685 Q_D(QSslSocket);-
686 if (depth < 0) {-
687 qCWarning(lcSsl, "QSslSocket::setPeerVerifyDepth: cannot set negative depth of %d", depth);-
688 return;-
689 }-
690 d->configuration.peerVerifyDepth = depth;-
691}-
692-
693/*!-
694 \since 4.8-
695-
696 Returns the different hostname for the certificate validation, as set by-
697 setPeerVerifyName or by connectToHostEncrypted.-
698-
699 \sa setPeerVerifyName(), connectToHostEncrypted()-
700*/-
701QString QSslSocket::peerVerifyName() const-
702{-
703 Q_D(const QSslSocket);-
704 return d->verificationPeerName;-
705}-
706-
707/*!-
708 \since 4.8-
709-
710 Sets a different host name, given by \a hostName, for the certificate-
711 validation instead of the one used for the TCP connection.-
712-
713 \sa connectToHostEncrypted()-
714*/-
715void QSslSocket::setPeerVerifyName(const QString &hostName)-
716{-
717 Q_D(QSslSocket);-
718 d->verificationPeerName = hostName;-
719}-
720-
721/*!-
722 \reimp-
723-
724 Returns the number of decrypted bytes that are immediately available for-
725 reading.-
726*/-
727qint64 QSslSocket::bytesAvailable() const-
728{-
729 Q_D(const QSslSocket);-
730 if (d->mode == UnencryptedMode)-
731 return QIODevice::bytesAvailable() + (d->plainSocket ? d->plainSocket->bytesAvailable() : 0);-
732 return QIODevice::bytesAvailable();-
733}-
734-
735/*!-
736 \reimp-
737-
738 Returns the number of unencrypted bytes that are waiting to be encrypted-
739 and written to the network.-
740*/-
741qint64 QSslSocket::bytesToWrite() const-
742{-
743 Q_D(const QSslSocket);-
744 if (d->mode == UnencryptedMode)-
745 return d->plainSocket ? d->plainSocket->bytesToWrite() : 0;-
746 return d->writeBuffer.size();-
747}-
748-
749/*!-
750 \since 4.4-
751-
752 Returns the number of encrypted bytes that are awaiting decryption.-
753 Normally, this function will return 0 because QSslSocket decrypts its-
754 incoming data as soon as it can.-
755*/-
756qint64 QSslSocket::encryptedBytesAvailable() const-
757{-
758 Q_D(const QSslSocket);-
759 if (d->mode == UnencryptedMode)-
760 return 0;-
761 return d->plainSocket->bytesAvailable();-
762}-
763-
764/*!-
765 \since 4.4-
766-
767 Returns the number of encrypted bytes that are waiting to be written to-
768 the network.-
769*/-
770qint64 QSslSocket::encryptedBytesToWrite() const-
771{-
772 Q_D(const QSslSocket);-
773 if (d->mode == UnencryptedMode)-
774 return 0;-
775 return d->plainSocket->bytesToWrite();-
776}-
777-
778/*!-
779 \reimp-
780-
781 Returns \c true if you can read one while line (terminated by a single ASCII-
782 '\\n' character) of decrypted characters; otherwise, false is returned.-
783*/-
784bool QSslSocket::canReadLine() const-
785{-
786 Q_D(const QSslSocket);-
787 if (d->mode == UnencryptedMode)-
788 return QIODevice::canReadLine() || (d->plainSocket && d->plainSocket->canReadLine());-
789 return QIODevice::canReadLine();-
790}-
791-
792/*!-
793 \reimp-
794*/-
795void QSslSocket::close()-
796{-
797#ifdef QSSLSOCKET_DEBUG-
798 qCDebug(lcSsl) << "QSslSocket::close()";-
799#endif-
800 Q_D(QSslSocket);-
801 if (encryptedBytesToWrite() || !d->writeBuffer.isEmpty())-
802 flush();-
803 if (d->plainSocket)-
804 d->plainSocket->close();-
805 QTcpSocket::close();-
806-
807 // must be cleared, reading/writing not possible on closed socket:-
808 d->buffer.clear();-
809 d->writeBuffer.clear();-
810}-
811-
812/*!-
813 \reimp-
814*/-
815bool QSslSocket::atEnd() const-
816{-
817 Q_D(const QSslSocket);-
818 if (d->mode == UnencryptedMode)-
819 return QIODevice::atEnd() && (!d->plainSocket || d->plainSocket->atEnd());-
820 return QIODevice::atEnd();-
821}-
822-
823/*!-
824 This function writes as much as possible from the internal write buffer to-
825 the underlying network socket, without blocking. If any data was written,-
826 this function returns \c true; otherwise false is returned.-
827-
828 Call this function if you need QSslSocket to start sending buffered data-
829 immediately. The number of bytes successfully written depends on the-
830 operating system. In most cases, you do not need to call this function,-
831 because QAbstractSocket will start sending data automatically once control-
832 goes back to the event loop. In the absence of an event loop, call-
833 waitForBytesWritten() instead.-
834-
835 \sa write(), waitForBytesWritten()-
836*/-
837// Note! docs copied from QAbstractSocket::flush()-
838bool QSslSocket::flush()-
839{-
840 Q_D(QSslSocket);-
841#ifdef QSSLSOCKET_DEBUG-
842 qCDebug(lcSsl) << "QSslSocket::flush()";-
843#endif-
844 if (d->mode != UnencryptedMode)-
845 // encrypt any unencrypted bytes in our buffer-
846 d->transmit();-
847-
848 return d->plainSocket ? d->plainSocket->flush() : false;-
849}-
850-
851/*!-
852 \since 4.4-
853-
854 Sets the size of QSslSocket's internal read buffer to be \a size bytes.-
855*/-
856void QSslSocket::setReadBufferSize(qint64 size)-
857{-
858 Q_D(QSslSocket);-
859 d->readBufferMaxSize = size;-
860-
861 if (d->plainSocket)-
862 d->plainSocket->setReadBufferSize(size);-
863}-
864-
865/*!-
866 Aborts the current connection and resets the socket. Unlike-
867 disconnectFromHost(), this function immediately closes the socket,-
868 clearing any pending data in the write buffer.-
869-
870 \sa disconnectFromHost(), close()-
871*/-
872void QSslSocket::abort()-
873{-
874 Q_D(QSslSocket);-
875#ifdef QSSLSOCKET_DEBUG-
876 qCDebug(lcSsl) << "QSslSocket::abort()";-
877#endif-
878 if (d->plainSocket)-
879 d->plainSocket->abort();-
880 close();-
881}-
882-
883/*!-
884 \since 4.4-
885-
886 Returns the socket's SSL configuration state. The default SSL-
887 configuration of a socket is to use the default ciphers,-
888 default CA certificates, no local private key or certificate.-
889-
890 The SSL configuration also contains fields that can change with-
891 time without notice.-
892-
893 \sa localCertificate(), peerCertificate(), peerCertificateChain(),-
894 sessionCipher(), privateKey(), ciphers(), caCertificates()-
895*/-
896QSslConfiguration QSslSocket::sslConfiguration() const-
897{-
898 Q_D(const QSslSocket);-
899-
900 // create a deep copy of our configuration-
901 QSslConfigurationPrivate *copy = new QSslConfigurationPrivate(d->configuration);-
902 copy->ref.store(0); // the QSslConfiguration constructor refs up-
903 copy->sessionCipher = d->sessionCipher();-
904 copy->sessionProtocol = d->sessionProtocol();-
905-
906 return QSslConfiguration(copy);-
907}-
908-
909/*!-
910 \since 4.4-
911-
912 Sets the socket's SSL configuration to be the contents of \a configuration.-
913 This function sets the local certificate, the ciphers, the private key and the CA-
914 certificates to those stored in \a configuration.-
915-
916 It is not possible to set the SSL-state related fields.-
917-
918 \sa setLocalCertificate(), setPrivateKey(), setCaCertificates(), setCiphers()-
919*/-
920void QSslSocket::setSslConfiguration(const QSslConfiguration &configuration)-
921{-
922 Q_D(QSslSocket);-
923 d->configuration.localCertificateChain = configuration.localCertificateChain();-
924 d->configuration.privateKey = configuration.privateKey();-
925 d->configuration.ciphers = configuration.ciphers();-
926 d->configuration.ellipticCurves = configuration.ellipticCurves();-
927 d->configuration.caCertificates = configuration.caCertificates();-
928 d->configuration.peerVerifyDepth = configuration.peerVerifyDepth();-
929 d->configuration.peerVerifyMode = configuration.peerVerifyMode();-
930 d->configuration.protocol = configuration.protocol();-
931 d->configuration.sslOptions = configuration.d->sslOptions;-
932 d->configuration.sslSession = configuration.sessionTicket();-
933 d->configuration.sslSessionTicketLifeTimeHint = configuration.sessionTicketLifeTimeHint();-
934 d->configuration.nextAllowedProtocols = configuration.allowedNextProtocols();-
935 d->configuration.nextNegotiatedProtocol = configuration.nextNegotiatedProtocol();-
936 d->configuration.nextProtocolNegotiationStatus = configuration.nextProtocolNegotiationStatus();-
937-
938 // if the CA certificates were set explicitly (either via-
939 // QSslConfiguration::setCaCertificates() or QSslSocket::setCaCertificates(),-
940 // we cannot load the certificates on demand-
941 if (!configuration.d->allowRootCertOnDemandLoading)-
942 d->allowRootCertOnDemandLoading = false;-
943}-
944-
945/*!-
946 Sets the certificate chain to be presented to the peer during the-
947 SSL handshake to be \a localChain.-
948-
949 \sa QSslConfiguration::setLocalCertificateChain()-
950 \since 5.1-
951 */-
952void QSslSocket::setLocalCertificateChain(const QList<QSslCertificate> &localChain)-
953{-
954 Q_D(QSslSocket);-
955 d->configuration.localCertificateChain = localChain;-
956}-
957-
958/*!-
959 Returns the socket's local \l {QSslCertificate} {certificate} chain,-
960 or an empty list if no local certificates have been assigned.-
961-
962 \sa setLocalCertificateChain()-
963 \since 5.1-
964*/-
965QList<QSslCertificate> QSslSocket::localCertificateChain() const-
966{-
967 Q_D(const QSslSocket);-
968 return d->configuration.localCertificateChain;-
969}-
970-
971/*!-
972 Sets the socket's local certificate to \a certificate. The local-
973 certificate is necessary if you need to confirm your identity to the-
974 peer. It is used together with the private key; if you set the local-
975 certificate, you must also set the private key.-
976-
977 The local certificate and private key are always necessary for server-
978 sockets, but are also rarely used by client sockets if the server requires-
979 the client to authenticate.-
980-
981 \sa localCertificate(), setPrivateKey()-
982*/-
983void QSslSocket::setLocalCertificate(const QSslCertificate &certificate)-
984{-
985 Q_D(QSslSocket);-
986 d->configuration.localCertificateChain = QList<QSslCertificate>();-
987 d->configuration.localCertificateChain += certificate;-
988}-
989-
990/*!-
991 \overload-
992-
993 Sets the socket's local \l {QSslCertificate} {certificate} to the-
994 first one found in file \a path, which is parsed according to the-
995 specified \a format.-
996*/-
997void QSslSocket::setLocalCertificate(const QString &path,-
998 QSsl::EncodingFormat format)-
999{-
1000 QFile file(path);-
1001 if (file.open(QIODevice::ReadOnly | QIODevice::Text))-
1002 setLocalCertificate(QSslCertificate(file.readAll(), format));-
1003-
1004}-
1005-
1006/*!-
1007 Returns the socket's local \l {QSslCertificate} {certificate}, or-
1008 an empty certificate if no local certificate has been assigned.-
1009-
1010 \sa setLocalCertificate(), privateKey()-
1011*/-
1012QSslCertificate QSslSocket::localCertificate() const-
1013{-
1014 Q_D(const QSslSocket);-
1015 if (d->configuration.localCertificateChain.isEmpty())-
1016 return QSslCertificate();-
1017 return d->configuration.localCertificateChain[0];-
1018}-
1019-
1020/*!-
1021 Returns the peer's digital certificate (i.e., the immediate-
1022 certificate of the host you are connected to), or a null-
1023 certificate, if the peer has not assigned a certificate.-
1024-
1025 The peer certificate is checked automatically during the-
1026 handshake phase, so this function is normally used to fetch-
1027 the certificate for display or for connection diagnostic-
1028 purposes. It contains information about the peer, including-
1029 its host name, the certificate issuer, and the peer's public-
1030 key.-
1031-
1032 Because the peer certificate is set during the handshake phase, it-
1033 is safe to access the peer certificate from a slot connected to-
1034 the sslErrors() signal or the encrypted() signal.-
1035-
1036 If a null certificate is returned, it can mean the SSL handshake-
1037 failed, or it can mean the host you are connected to doesn't have-
1038 a certificate, or it can mean there is no connection.-
1039-
1040 If you want to check the peer's complete chain of certificates,-
1041 use peerCertificateChain() to get them all at once.-
1042-
1043 \sa peerCertificateChain()-
1044*/-
1045QSslCertificate QSslSocket::peerCertificate() const-
1046{-
1047 Q_D(const QSslSocket);-
1048 return d->configuration.peerCertificate;-
1049}-
1050-
1051/*!-
1052 Returns the peer's chain of digital certificates, or an empty list-
1053 of certificates.-
1054-
1055 Peer certificates are checked automatically during the handshake-
1056 phase. This function is normally used to fetch certificates for-
1057 display, or for performing connection diagnostics. Certificates-
1058 contain information about the peer and the certificate issuers,-
1059 including host name, issuer names, and issuer public keys.-
1060-
1061 The peer certificates are set in QSslSocket during the handshake-
1062 phase, so it is safe to call this function from a slot connected-
1063 to the sslErrors() signal or the encrypted() signal.-
1064-
1065 If an empty list is returned, it can mean the SSL handshake-
1066 failed, or it can mean the host you are connected to doesn't have-
1067 a certificate, or it can mean there is no connection.-
1068-
1069 If you want to get only the peer's immediate certificate, use-
1070 peerCertificate().-
1071-
1072 \sa peerCertificate()-
1073*/-
1074QList<QSslCertificate> QSslSocket::peerCertificateChain() const-
1075{-
1076 Q_D(const QSslSocket);-
1077 return d->configuration.peerCertificateChain;-
1078}-
1079-
1080/*!-
1081 Returns the socket's cryptographic \l {QSslCipher} {cipher}, or a-
1082 null cipher if the connection isn't encrypted. The socket's cipher-
1083 for the session is set during the handshake phase. The cipher is-
1084 used to encrypt and decrypt data transmitted through the socket.-
1085-
1086 QSslSocket also provides functions for setting the ordered list of-
1087 ciphers from which the handshake phase will eventually select the-
1088 session cipher. This ordered list must be in place before the-
1089 handshake phase begins.-
1090-
1091 \sa ciphers(), setCiphers(), setDefaultCiphers(), defaultCiphers(),-
1092 supportedCiphers()-
1093*/-
1094QSslCipher QSslSocket::sessionCipher() const-
1095{-
1096 Q_D(const QSslSocket);-
1097 return d->sessionCipher();-
1098}-
1099-
1100/*!-
1101 Returns the socket's SSL/TLS protocol or UnknownProtocol if the-
1102 connection isn't encrypted. The socket's protocol for the session-
1103 is set during the handshake phase.-
1104-
1105 \sa protocol(), setProtocol()-
1106 \since 5.4-
1107*/-
1108QSsl::SslProtocol QSslSocket::sessionProtocol() const-
1109{-
1110 Q_D(const QSslSocket);-
1111 return d->sessionProtocol();-
1112}-
1113-
1114-
1115/*!-
1116 Sets the socket's private \l {QSslKey} {key} to \a key. The-
1117 private key and the local \l {QSslCertificate} {certificate} are-
1118 used by clients and servers that must prove their identity to-
1119 SSL peers.-
1120-
1121 Both the key and the local certificate are required if you are-
1122 creating an SSL server socket. If you are creating an SSL client-
1123 socket, the key and local certificate are required if your client-
1124 must identify itself to an SSL server.-
1125-
1126 \sa privateKey(), setLocalCertificate()-
1127*/-
1128void QSslSocket::setPrivateKey(const QSslKey &key)-
1129{-
1130 Q_D(QSslSocket);-
1131 d->configuration.privateKey = key;-
1132}-
1133-
1134/*!-
1135 \overload-
1136-
1137 Reads the string in file \a fileName and decodes it using-
1138 a specified \a algorithm and encoding \a format to construct-
1139 an \l {QSslKey} {SSL key}. If the encoded key is encrypted,-
1140 \a passPhrase is used to decrypt it.-
1141-
1142 The socket's private key is set to the constructed key. The-
1143 private key and the local \l {QSslCertificate} {certificate} are-
1144 used by clients and servers that must prove their identity to SSL-
1145 peers.-
1146-
1147 Both the key and the local certificate are required if you are-
1148 creating an SSL server socket. If you are creating an SSL client-
1149 socket, the key and local certificate are required if your client-
1150 must identify itself to an SSL server.-
1151-
1152 \sa privateKey(), setLocalCertificate()-
1153*/-
1154void QSslSocket::setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm,-
1155 QSsl::EncodingFormat format, const QByteArray &passPhrase)-
1156{-
1157 Q_D(QSslSocket);-
1158 QFile file(fileName);-
1159 if (file.open(QIODevice::ReadOnly)) {-
1160 d->configuration.privateKey = QSslKey(file.readAll(), algorithm,-
1161 format, QSsl::PrivateKey, passPhrase);-
1162 }-
1163}-
1164-
1165/*!-
1166 Returns this socket's private key.-
1167-
1168 \sa setPrivateKey(), localCertificate()-
1169*/-
1170QSslKey QSslSocket::privateKey() const-
1171{-
1172 Q_D(const QSslSocket);-
1173 return d->configuration.privateKey;-
1174}-
1175-
1176/*!-
1177 \deprecated-
1178-
1179 Use QSslConfiguration::ciphers() instead.-
1180-
1181 Returns this socket's current cryptographic cipher suite. This-
1182 list is used during the socket's handshake phase for choosing a-
1183 session cipher. The returned list of ciphers is ordered by-
1184 descending preference. (i.e., the first cipher in the list is the-
1185 most preferred cipher). The session cipher will be the first one-
1186 in the list that is also supported by the peer.-
1187-
1188 By default, the handshake phase can choose any of the ciphers-
1189 supported by this system's SSL libraries, which may vary from-
1190 system to system. The list of ciphers supported by this system's-
1191 SSL libraries is returned by supportedCiphers(). You can restrict-
1192 the list of ciphers used for choosing the session cipher for this-
1193 socket by calling setCiphers() with a subset of the supported-
1194 ciphers. You can revert to using the entire set by calling-
1195 setCiphers() with the list returned by supportedCiphers().-
1196-
1197 You can restrict the list of ciphers used for choosing the session-
1198 cipher for \e all sockets by calling setDefaultCiphers() with a-
1199 subset of the supported ciphers. You can revert to using the-
1200 entire set by calling setCiphers() with the list returned by-
1201 supportedCiphers().-
1202-
1203 \sa setCiphers(), defaultCiphers(), setDefaultCiphers(), supportedCiphers()-
1204*/-
1205QList<QSslCipher> QSslSocket::ciphers() const-
1206{-
1207 Q_D(const QSslSocket);-
1208 return d->configuration.ciphers;-
1209}-
1210-
1211/*!-
1212 \deprecated-
1213-
1214 USe QSslConfiguration::setCiphers() instead.-
1215-
1216 Sets the cryptographic cipher suite for this socket to \a ciphers,-
1217 which must contain a subset of the ciphers in the list returned by-
1218 supportedCiphers().-
1219-
1220 Restricting the cipher suite must be done before the handshake-
1221 phase, where the session cipher is chosen.-
1222-
1223 \sa ciphers(), setDefaultCiphers(), supportedCiphers()-
1224*/-
1225void QSslSocket::setCiphers(const QList<QSslCipher> &ciphers)-
1226{-
1227 Q_D(QSslSocket);-
1228 d->configuration.ciphers = ciphers;-
1229}-
1230-
1231/*!-
1232 \deprecated-
1233-
1234 Use QSslConfiguration::setCiphers() instead.-
1235-
1236 Sets the cryptographic cipher suite for this socket to \a ciphers, which-
1237 is a colon-separated list of cipher suite names. The ciphers are listed in-
1238 order of preference, starting with the most preferred cipher. For example:-
1239-
1240 \snippet code/src_network_ssl_qsslsocket.cpp 4-
1241-
1242 Each cipher name in \a ciphers must be the name of a cipher in the-
1243 list returned by supportedCiphers(). Restricting the cipher suite-
1244 must be done before the handshake phase, where the session cipher-
1245 is chosen.-
1246-
1247 \sa ciphers(), setDefaultCiphers(), supportedCiphers()-
1248*/-
1249void QSslSocket::setCiphers(const QString &ciphers)-
1250{-
1251 Q_D(QSslSocket);-
1252 d->configuration.ciphers.clear();-
1253 foreach (const QString &cipherName,auto cipherNames = ciphers.split(QLatin1Char(':'), QString::SkipEmptyParts)));-
1254 for (const QString &cipherName : cipherNames) {-
1255 QSslCipher cipher(cipherName);-
1256 if (!cipher.isNull())
!cipher.isNull()Description
TRUEevaluated 11 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 30 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
11-30
1257 d->configuration.ciphers << cipher;
executed 11 times by 1 test: d->configuration.ciphers << cipher;
Executed by:
  • tst_qsslsocket - unknown status
11
1258 }
executed 41 times by 1 test: end of block
Executed by:
  • tst_qsslsocket - unknown status
41
1259}
executed 11 times by 1 test: end of block
Executed by:
  • tst_qsslsocket - unknown status
11
1260-
1261/*!-
1262 \deprecated-
1263-
1264 Use QSslConfiguration::setCiphers() on the default QSslConfiguration instead.-
1265-
1266 Sets the default cryptographic cipher suite for all sockets in-
1267 this application to \a ciphers, which must contain a subset of the-
1268 ciphers in the list returned by supportedCiphers().-
1269-
1270 Restricting the default cipher suite only affects SSL sockets-
1271 that perform their handshake phase after the default cipher-
1272 suite has been changed.-
1273-
1274 \sa setCiphers(), defaultCiphers(), supportedCiphers()-
1275*/-
1276void QSslSocket::setDefaultCiphers(const QList<QSslCipher> &ciphers)-
1277{-
1278 QSslSocketPrivate::setDefaultCiphers(ciphers);-
1279}-
1280-
1281/*!-
1282 \deprecated-
1283-
1284 Use QSslConfiguration::ciphers() on the default QSslConfiguration instead.-
1285-
1286 Returns the default cryptographic cipher suite for all sockets in-
1287 this application. This list is used during the socket's handshake-
1288 phase when negotiating with the peer to choose a session cipher.-
1289 The list is ordered by preference (i.e., the first cipher in the-
1290 list is the most preferred cipher).-
1291-
1292 By default, the handshake phase can choose any of the ciphers-
1293 supported by this system's SSL libraries, which may vary from-
1294 system to system. The list of ciphers supported by this system's-
1295 SSL libraries is returned by supportedCiphers().-
1296-
1297 \sa supportedCiphers()-
1298*/-
1299QList<QSslCipher> QSslSocket::defaultCiphers()-
1300{-
1301 return QSslSocketPrivate::defaultCiphers();-
1302}-
1303-
1304/*!-
1305 \deprecated-
1306-
1307 Use QSslConfiguration::supportedCiphers() instead.-
1308-
1309 Returns the list of cryptographic ciphers supported by this-
1310 system. This list is set by the system's SSL libraries and may-
1311 vary from system to system.-
1312-
1313 \sa defaultCiphers(), ciphers(), setCiphers()-
1314*/-
1315QList<QSslCipher> QSslSocket::supportedCiphers()-
1316{-
1317 return QSslSocketPrivate::supportedCiphers();-
1318}-
1319-
1320/*!-
1321 Searches all files in the \a path for certificates encoded in the-
1322 specified \a format and adds them to this socket's CA certificate-
1323 database. \a path must be a file or a pattern matching one or more-
1324 files, as specified by \a syntax. Returns \c true if one or more-
1325 certificates are added to the socket's CA certificate database;-
1326 otherwise returns \c false.-
1327-
1328 The CA certificate database is used by the socket during the-
1329 handshake phase to validate the peer's certificate.-
1330-
1331 For more precise control, use addCaCertificate().-
1332-
1333 \sa addCaCertificate(), QSslCertificate::fromPath()-
1334*/-
1335bool QSslSocket::addCaCertificates(const QString &path, QSsl::EncodingFormat format,-
1336 QRegExp::PatternSyntax syntax)-
1337{-
1338 Q_D(QSslSocket);-
1339 QList<QSslCertificate> certs = QSslCertificate::fromPath(path, format, syntax);-
1340 if (certs.isEmpty())-
1341 return false;-
1342-
1343 d->configuration.caCertificates += certs;-
1344 return true;-
1345}-
1346-
1347/*!-
1348 Adds the \a certificate to this socket's CA certificate database.-
1349 The CA certificate database is used by the socket during the-
1350 handshake phase to validate the peer's certificate.-
1351-
1352 To add multiple certificates, use addCaCertificates().-
1353-
1354 \sa caCertificates(), setCaCertificates()-
1355*/-
1356void QSslSocket::addCaCertificate(const QSslCertificate &certificate)-
1357{-
1358 Q_D(QSslSocket);-
1359 d->configuration.caCertificates += certificate;-
1360}-
1361-
1362/*!-
1363 Adds the \a certificates to this socket's CA certificate database.-
1364 The CA certificate database is used by the socket during the-
1365 handshake phase to validate the peer's certificate.-
1366-
1367 For more precise control, use addCaCertificate().-
1368-
1369 \sa caCertificates(), addDefaultCaCertificate()-
1370*/-
1371void QSslSocket::addCaCertificates(const QList<QSslCertificate> &certificates)-
1372{-
1373 Q_D(QSslSocket);-
1374 d->configuration.caCertificates += certificates;-
1375}-
1376-
1377/*!-
1378 \deprecated-
1379-
1380 Use QSslConfiguration::setCaCertificates() instead.-
1381-
1382 Sets this socket's CA certificate database to be \a certificates.-
1383 The certificate database must be set prior to the SSL handshake.-
1384 The CA certificate database is used by the socket during the-
1385 handshake phase to validate the peer's certificate.-
1386-
1387 The CA certificate database can be reset to the current default CA-
1388 certificate database by calling this function with the list of CA-
1389 certificates returned by defaultCaCertificates().-
1390-
1391 \sa defaultCaCertificates()-
1392*/-
1393void QSslSocket::setCaCertificates(const QList<QSslCertificate> &certificates)-
1394{-
1395 Q_D(QSslSocket);-
1396 d->configuration.caCertificates = certificates;-
1397 d->allowRootCertOnDemandLoading = false;-
1398}-
1399-
1400/*!-
1401 \deprecated-
1402-
1403 Use QSslConfiguration::caCertificates() instead.-
1404-
1405 Returns this socket's CA certificate database. The CA certificate-
1406 database is used by the socket during the handshake phase to-
1407 validate the peer's certificate. It can be moodified prior to the-
1408 handshake with addCaCertificate(), addCaCertificates(), and-
1409 setCaCertificates().-
1410-
1411 \note On Unix, this method may return an empty list if the root-
1412 certificates are loaded on demand.-
1413-
1414 \sa addCaCertificate(), addCaCertificates(), setCaCertificates()-
1415*/-
1416QList<QSslCertificate> QSslSocket::caCertificates() const-
1417{-
1418 Q_D(const QSslSocket);-
1419 return d->configuration.caCertificates;-
1420}-
1421-
1422/*!-
1423 Searches all files in the \a path for certificates with the-
1424 specified \a encoding and adds them to the default CA certificate-
1425 database. \a path can be an explicit file, or it can contain-
1426 wildcards in the format specified by \a syntax. Returns \c true if-
1427 any CA certificates are added to the default database.-
1428-
1429 Each SSL socket's CA certificate database is initialized to the-
1430 default CA certificate database.-
1431-
1432 \sa defaultCaCertificates(), addCaCertificates(), addDefaultCaCertificate()-
1433*/-
1434bool QSslSocket::addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat encoding,-
1435 QRegExp::PatternSyntax syntax)-
1436{-
1437 return QSslSocketPrivate::addDefaultCaCertificates(path, encoding, syntax);-
1438}-
1439-
1440/*!-
1441 Adds \a certificate to the default CA certificate database. Each-
1442 SSL socket's CA certificate database is initialized to the default-
1443 CA certificate database.-
1444-
1445 \sa defaultCaCertificates(), addCaCertificates()-
1446*/-
1447void QSslSocket::addDefaultCaCertificate(const QSslCertificate &certificate)-
1448{-
1449 QSslSocketPrivate::addDefaultCaCertificate(certificate);-
1450}-
1451-
1452/*!-
1453 Adds \a certificates to the default CA certificate database. Each-
1454 SSL socket's CA certificate database is initialized to the default-
1455 CA certificate database.-
1456-
1457 \sa defaultCaCertificates(), addCaCertificates()-
1458*/-
1459void QSslSocket::addDefaultCaCertificates(const QList<QSslCertificate> &certificates)-
1460{-
1461 QSslSocketPrivate::addDefaultCaCertificates(certificates);-
1462}-
1463-
1464/*!-
1465 \deprecated-
1466-
1467 Use QSslConfiguration::setCaCertificates() on the default QSslConfiguration instead.-
1468-
1469 Sets the default CA certificate database to \a certificates. The-
1470 default CA certificate database is originally set to your system's-
1471 default CA certificate database. You can override the default CA-
1472 certificate database with your own CA certificate database using-
1473 this function.-
1474-
1475 Each SSL socket's CA certificate database is initialized to the-
1476 default CA certificate database.-
1477-
1478 \sa addDefaultCaCertificate()-
1479*/-
1480void QSslSocket::setDefaultCaCertificates(const QList<QSslCertificate> &certificates)-
1481{-
1482 QSslSocketPrivate::setDefaultCaCertificates(certificates);-
1483}-
1484-
1485/*!-
1486 \deprecated-
1487-
1488 Use QSslConfiguration::caCertificates() on the default QSslConfiguration instead.-
1489-
1490 Returns the current default CA certificate database. This database-
1491 is originally set to your system's default CA certificate database.-
1492 If no system default database is found, an empty database will be-
1493 returned. You can override the default CA certificate database-
1494 with your own CA certificate database using setDefaultCaCertificates().-
1495-
1496 Each SSL socket's CA certificate database is initialized to the-
1497 default CA certificate database.-
1498-
1499 \note On Unix, this method may return an empty list if the root-
1500 certificates are loaded on demand.-
1501-
1502 \sa caCertificates()-
1503*/-
1504QList<QSslCertificate> QSslSocket::defaultCaCertificates()-
1505{-
1506 return QSslSocketPrivate::defaultCaCertificates();-
1507}-
1508-
1509/*!-
1510 \deprecated-
1511-
1512 Use QSslConfiguration::systemDefaultCaCertificates instead.-
1513-
1514 This function provides the CA certificate database-
1515 provided by the operating system. The CA certificate database-
1516 returned by this function is used to initialize the database-
1517 returned by defaultCaCertificates(). You can replace that database-
1518 with your own with setDefaultCaCertificates().-
1519-
1520 \note: On OS X, only certificates that are either trusted for all-
1521 purposes or trusted for the purpose of SSL in the keychain will be-
1522 returned.-
1523-
1524 \sa caCertificates(), defaultCaCertificates(), setDefaultCaCertificates()-
1525*/-
1526QList<QSslCertificate> QSslSocket::systemCaCertificates()-
1527{-
1528 // we are calling ensureInitialized() in the method below-
1529 return QSslSocketPrivate::systemCaCertificates();-
1530}-
1531-
1532/*!-
1533 Waits until the socket is connected, or \a msecs milliseconds,-
1534 whichever happens first. If the connection has been established,-
1535 this function returns \c true; otherwise it returns \c false.-
1536-
1537 \sa QAbstractSocket::waitForConnected()-
1538*/-
1539bool QSslSocket::waitForConnected(int msecs)-
1540{-
1541 Q_D(QSslSocket);-
1542 if (!d->plainSocket)-
1543 return false;-
1544 bool retVal = d->plainSocket->waitForConnected(msecs);-
1545 if (!retVal) {-
1546 setSocketState(d->plainSocket->state());-
1547 d->setError(d->plainSocket->error(), d->plainSocket->errorString());-
1548 }-
1549 return retVal;-
1550}-
1551-
1552/*!-
1553 Waits until the socket has completed the SSL handshake and has-
1554 emitted encrypted(), or \a msecs milliseconds, whichever comes-
1555 first. If encrypted() has been emitted, this function returns-
1556 true; otherwise (e.g., the socket is disconnected, or the SSL-
1557 handshake fails), false is returned.-
1558-
1559 The following example waits up to one second for the socket to be-
1560 encrypted:-
1561-
1562 \snippet code/src_network_ssl_qsslsocket.cpp 5-
1563-
1564 If msecs is -1, this function will not time out.-
1565-
1566 \sa startClientEncryption(), startServerEncryption(), encrypted(), isEncrypted()-
1567*/-
1568bool QSslSocket::waitForEncrypted(int msecs)-
1569{-
1570 Q_D(QSslSocket);-
1571 if (!d->plainSocket || d->connectionEncrypted)-
1572 return false;-
1573 if (d->mode == UnencryptedMode && !d->autoStartHandshake)-
1574 return false;-
1575-
1576 QElapsedTimer stopWatch;-
1577 stopWatch.start();-
1578-
1579 if (d->plainSocket->state() != QAbstractSocket::ConnectedState) {-
1580 // Wait until we've entered connected state.-
1581 if (!d->plainSocket->waitForConnected(msecs))-
1582 return false;-
1583 }-
1584-
1585 while (!d->connectionEncrypted) {-
1586 // Start the handshake, if this hasn't been started yet.-
1587 if (d->mode == UnencryptedMode)-
1588 startClientEncryption();-
1589 // Loop, waiting until the connection has been encrypted or an error-
1590 // occurs.-
1591 if (!d->plainSocket->waitForReadyRead(qt_subtract_from_timeout(msecs, stopWatch.elapsed())))-
1592 return false;-
1593 }-
1594 return d->connectionEncrypted;-
1595}-
1596-
1597/*!-
1598 \reimp-
1599*/-
1600bool QSslSocket::waitForReadyRead(int msecs)-
1601{-
1602 Q_D(QSslSocket);-
1603 if (!d->plainSocket)-
1604 return false;-
1605 if (d->mode == UnencryptedMode && !d->autoStartHandshake)-
1606 return d->plainSocket->waitForReadyRead(msecs);-
1607-
1608 // This function must return true if and only if readyRead() *was* emitted.-
1609 // So we initialize "readyReadEmitted" to false and check if it was set to true.-
1610 // waitForReadyRead() could be called recursively, so we can't use the same variable-
1611 // (the inner waitForReadyRead() may fail, but the outer one still succeeded)-
1612 bool readyReadEmitted = false;-
1613 bool *previousReadyReadEmittedPointer = d->readyReadEmittedPointer;-
1614 d->readyReadEmittedPointer = &readyReadEmitted;-
1615-
1616 QElapsedTimer stopWatch;-
1617 stopWatch.start();-
1618-
1619 if (!d->connectionEncrypted) {-
1620 // Wait until we've entered encrypted mode, or until a failure occurs.-
1621 if (!waitForEncrypted(msecs)) {-
1622 d->readyReadEmittedPointer = previousReadyReadEmittedPointer;-
1623 return false;-
1624 }-
1625 }-
1626-
1627 if (!d->writeBuffer.isEmpty()) {-
1628 // empty our cleartext write buffer first-
1629 d->transmit();-
1630 }-
1631-
1632 // test readyReadEmitted first because either operation above-
1633 // (waitForEncrypted or transmit) may have set it-
1634 while (!readyReadEmitted &&-
1635 d->plainSocket->waitForReadyRead(qt_subtract_from_timeout(msecs, stopWatch.elapsed()))) {-
1636 }-
1637-
1638 d->readyReadEmittedPointer = previousReadyReadEmittedPointer;-
1639 return readyReadEmitted;-
1640}-
1641-
1642/*!-
1643 \reimp-
1644*/-
1645bool QSslSocket::waitForBytesWritten(int msecs)-
1646{-
1647 Q_D(QSslSocket);-
1648 if (!d->plainSocket)-
1649 return false;-
1650 if (d->mode == UnencryptedMode)-
1651 return d->plainSocket->waitForBytesWritten(msecs);-
1652-
1653 QElapsedTimer stopWatch;-
1654 stopWatch.start();-
1655-
1656 if (!d->connectionEncrypted) {-
1657 // Wait until we've entered encrypted mode, or until a failure occurs.-
1658 if (!waitForEncrypted(msecs))-
1659 return false;-
1660 }-
1661 if (!d->writeBuffer.isEmpty()) {-
1662 // empty our cleartext write buffer first-
1663 d->transmit();-
1664 }-
1665-
1666 return d->plainSocket->waitForBytesWritten(qt_subtract_from_timeout(msecs, stopWatch.elapsed()));-
1667}-
1668-
1669/*!-
1670 Waits until the socket has disconnected or \a msecs milliseconds,-
1671 whichever comes first. If the connection has been disconnected,-
1672 this function returns \c true; otherwise it returns \c false.-
1673-
1674 \sa QAbstractSocket::waitForDisconnected()-
1675*/-
1676bool QSslSocket::waitForDisconnected(int msecs)-
1677{-
1678 Q_D(QSslSocket);-
1679-
1680 // require calling connectToHost() before waitForDisconnected()-
1681 if (state() == UnconnectedState) {-
1682 qCWarning(lcSsl, "QSslSocket::waitForDisconnected() is not allowed in UnconnectedState");-
1683 return false;-
1684 }-
1685-
1686 if (!d->plainSocket)-
1687 return false;-
1688 if (d->mode == UnencryptedMode)-
1689 return d->plainSocket->waitForDisconnected(msecs);-
1690-
1691 QElapsedTimer stopWatch;-
1692 stopWatch.start();-
1693-
1694 if (!d->connectionEncrypted) {-
1695 // Wait until we've entered encrypted mode, or until a failure occurs.-
1696 if (!waitForEncrypted(msecs))-
1697 return false;-
1698 }-
1699 bool retVal = d->plainSocket->waitForDisconnected(qt_subtract_from_timeout(msecs, stopWatch.elapsed()));-
1700 if (!retVal) {-
1701 setSocketState(d->plainSocket->state());-
1702 d->setError(d->plainSocket->error(), d->plainSocket->errorString());-
1703 }-
1704 return retVal;-
1705}-
1706-
1707/*!-
1708 Returns a list of the last SSL errors that occurred. This is the-
1709 same list as QSslSocket passes via the sslErrors() signal. If the-
1710 connection has been encrypted with no errors, this function will-
1711 return an empty list.-
1712-
1713 \sa connectToHostEncrypted()-
1714*/-
1715QList<QSslError> QSslSocket::sslErrors() const-
1716{-
1717 Q_D(const QSslSocket);-
1718 return d->sslErrors;-
1719}-
1720-
1721/*!-
1722 Returns \c true if this platform supports SSL; otherwise, returns-
1723 false. If the platform doesn't support SSL, the socket will fail-
1724 in the connection phase.-
1725*/-
1726bool QSslSocket::supportsSsl()-
1727{-
1728 return QSslSocketPrivate::supportsSsl();-
1729}-
1730-
1731/*!-
1732 \since 5.0-
1733 Returns the version number of the SSL library in use. Note that-
1734 this is the version of the library in use at run-time not compile-
1735 time. If no SSL support is available then this will return an-
1736 undefined value.-
1737*/-
1738long QSslSocket::sslLibraryVersionNumber()-
1739{-
1740 return QSslSocketPrivate::sslLibraryVersionNumber();-
1741}-
1742-
1743/*!-
1744 \since 5.0-
1745 Returns the version string of the SSL library in use. Note that-
1746 this is the version of the library in use at run-time not compile-
1747 time. If no SSL support is available then this will return an empty value.-
1748*/-
1749QString QSslSocket::sslLibraryVersionString()-
1750{-
1751 return QSslSocketPrivate::sslLibraryVersionString();-
1752}-
1753-
1754/*!-
1755 \since 5.4-
1756 Returns the version number of the SSL library in use at compile-
1757 time. If no SSL support is available then this will return an-
1758 undefined value.-
1759-
1760 \sa sslLibraryVersionNumber()-
1761*/-
1762long QSslSocket::sslLibraryBuildVersionNumber()-
1763{-
1764 return QSslSocketPrivate::sslLibraryBuildVersionNumber();-
1765}-
1766-
1767/*!-
1768 \since 5.4-
1769 Returns the version string of the SSL library in use at compile-
1770 time. If no SSL support is available then this will return an-
1771 empty value.-
1772-
1773 \sa sslLibraryVersionString()-
1774*/-
1775QString QSslSocket::sslLibraryBuildVersionString()-
1776{-
1777 return QSslSocketPrivate::sslLibraryBuildVersionString();-
1778}-
1779-
1780/*!-
1781 Starts a delayed SSL handshake for a client connection. This-
1782 function can be called when the socket is in the \l ConnectedState-
1783 but still in the \l UnencryptedMode. If it is not yet connected,-
1784 or if it is already encrypted, this function has no effect.-
1785-
1786 Clients that implement STARTTLS functionality often make use of-
1787 delayed SSL handshakes. Most other clients can avoid calling this-
1788 function directly by using connectToHostEncrypted() instead, which-
1789 automatically performs the handshake.-
1790-
1791 \sa connectToHostEncrypted(), startServerEncryption()-
1792*/-
1793void QSslSocket::startClientEncryption()-
1794{-
1795 Q_D(QSslSocket);-
1796 if (d->mode != UnencryptedMode) {-
1797 qCWarning(lcSsl,-
1798 "QSslSocket::startClientEncryption: cannot start handshake on non-plain connection");-
1799 return;-
1800 }-
1801 if (state() != ConnectedState) {-
1802 qCWarning(lcSsl,-
1803 "QSslSocket::startClientEncryption: cannot start handshake when not connected");-
1804 return;-
1805 }-
1806#ifdef QSSLSOCKET_DEBUG-
1807 qCDebug(lcSsl) << "QSslSocket::startClientEncryption()";-
1808#endif-
1809 d->mode = SslClientMode;-
1810 emit modeChanged(d->mode);-
1811 d->startClientEncryption();-
1812}-
1813-
1814/*!-
1815 Starts a delayed SSL handshake for a server connection. This-
1816 function can be called when the socket is in the \l ConnectedState-
1817 but still in \l UnencryptedMode. If it is not connected or it is-
1818 already encrypted, the function has no effect.-
1819-
1820 For server sockets, calling this function is the only way to-
1821 initiate the SSL handshake. Most servers will call this function-
1822 immediately upon receiving a connection, or as a result of having-
1823 received a protocol-specific command to enter SSL mode (e.g, the-
1824 server may respond to receiving the string "STARTTLS\\r\\n" by-
1825 calling this function).-
1826-
1827 The most common way to implement an SSL server is to create a-
1828 subclass of QTcpServer and reimplement-
1829 QTcpServer::incomingConnection(). The returned socket descriptor-
1830 is then passed to QSslSocket::setSocketDescriptor().-
1831-
1832 \sa connectToHostEncrypted(), startClientEncryption()-
1833*/-
1834void QSslSocket::startServerEncryption()-
1835{-
1836 Q_D(QSslSocket);-
1837 if (d->mode != UnencryptedMode) {-
1838 qCWarning(lcSsl, "QSslSocket::startServerEncryption: cannot start handshake on non-plain connection");-
1839 return;-
1840 }-
1841#ifdef QSSLSOCKET_DEBUG-
1842 qCDebug(lcSsl) << "QSslSocket::startServerEncryption()";-
1843#endif-
1844 d->mode = SslServerMode;-
1845 emit modeChanged(d->mode);-
1846 d->startServerEncryption();-
1847}-
1848-
1849/*!-
1850 This slot tells QSslSocket to ignore errors during QSslSocket's-
1851 handshake phase and continue connecting. If you want to continue-
1852 with the connection even if errors occur during the handshake-
1853 phase, then you must call this slot, either from a slot connected-
1854 to sslErrors(), or before the handshake phase. If you don't call-
1855 this slot, either in response to errors or before the handshake,-
1856 the connection will be dropped after the sslErrors() signal has-
1857 been emitted.-
1858-
1859 If there are no errors during the SSL handshake phase (i.e., the-
1860 identity of the peer is established with no problems), QSslSocket-
1861 will not emit the sslErrors() signal, and it is unnecessary to-
1862 call this function.-
1863-
1864 \warning Be sure to always let the user inspect the errors-
1865 reported by the sslErrors() signal, and only call this method-
1866 upon confirmation from the user that proceeding is ok.-
1867 If there are unexpected errors, the connection should be aborted.-
1868 Calling this method without inspecting the actual errors will-
1869 most likely pose a security risk for your application. Use it-
1870 with great care!-
1871-
1872 \sa sslErrors()-
1873*/-
1874void QSslSocket::ignoreSslErrors()-
1875{-
1876 Q_D(QSslSocket);-
1877 d->ignoreAllSslErrors = true;-
1878}-
1879-
1880/*!-
1881 \overload-
1882 \since 4.6-
1883-
1884 This method tells QSslSocket to ignore only the errors given in \a-
1885 errors.-
1886-
1887 \note Because most SSL errors are associated with a certificate, for most-
1888 of them you must set the expected certificate this SSL error is related to.-
1889 If, for instance, you want to connect to a server that uses-
1890 a self-signed certificate, consider the following snippet:-
1891-
1892 \snippet code/src_network_ssl_qsslsocket.cpp 6-
1893-
1894 Multiple calls to this function will replace the list of errors that-
1895 were passed in previous calls.-
1896 You can clear the list of errors you want to ignore by calling this-
1897 function with an empty list.-
1898-
1899 \sa sslErrors()-
1900*/-
1901void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)-
1902{-
1903 Q_D(QSslSocket);-
1904 d->ignoreErrorsList = errors;-
1905}-
1906-
1907/*!-
1908 \internal-
1909*/-
1910void QSslSocket::connectToHost(const QString &hostName, quint16 port, OpenMode openMode, NetworkLayerProtocol protocol)-
1911{-
1912 Q_D(QSslSocket);-
1913 d->preferredNetworkLayerProtocol = protocol;-
1914 if (!d->initialized)
!d->initializedDescription
TRUEevaluated 311 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 410 times by 6 tests
Evaluated by:
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
311-410
1915 d->init();
executed 311 times by 3 tests: d->init();
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
311
1916 d->initialized = false;-
1917-
1918#ifdef QSSLSOCKET_DEBUG-
1919 qCDebug(lcSsl) << "QSslSocket::connectToHost("-
1920 << hostName << ',' << port << ',' << openMode << ')';-
1921#endif-
1922 if (!d->plainSocket) {
!d->plainSocketDescription
TRUEevaluated 593 times by 8 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 128 times by 4 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QNetworkReply
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
128-593
1923#ifdef QSSLSOCKET_DEBUG-
1924 qCDebug(lcSsl) << "\tcreating internal plain socket";-
1925#endif-
1926 d->createPlainSocket(openMode);-
1927 }
executed 593 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
593
1928#ifndef QT_NO_NETWORKPROXY-
1929 d->plainSocket->setProxy(proxy());-
1930#endif-
1931 QIODevice::open(openMode);-
1932 d->readChannelCount = d->writeChannelCount = 0;-
1933 d->plainSocket->connectToHost(hostName, port, openMode, d->preferredNetworkLayerProtocol);-
1934 d->cachedSocketDescriptor = d->plainSocket->socketDescriptor();-
1935}
executed 721 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
721
1936-
1937/*!-
1938 \internal-
1939*/-
1940void QSslSocket::disconnectFromHost()-
1941{-
1942 Q_D(QSslSocket);-
1943#ifdef QSSLSOCKET_DEBUG-
1944 qCDebug(lcSsl) << "QSslSocket::disconnectFromHost()";-
1945#endif-
1946 if (!d->plainSocket)-
1947 return;-
1948 if (d->state == UnconnectedState)-
1949 return;-
1950 if (d->mode == UnencryptedMode && !d->autoStartHandshake) {-
1951 d->plainSocket->disconnectFromHost();-
1952 return;-
1953 }-
1954 if (d->state <= ConnectingState) {-
1955 d->pendingClose = true;-
1956 return;-
1957 }-
1958-
1959 // Perhaps emit closing()-
1960 if (d->state != ClosingState) {-
1961 d->state = ClosingState;-
1962 emit stateChanged(d->state);-
1963 }-
1964-
1965 if (!d->writeBuffer.isEmpty()) {-
1966 d->pendingClose = true;-
1967 return;-
1968 }-
1969-
1970 if (d->mode == UnencryptedMode) {-
1971 d->plainSocket->disconnectFromHost();-
1972 } else {-
1973 d->disconnectFromHost();-
1974 }-
1975}-
1976-
1977/*!-
1978 \reimp-
1979*/-
1980qint64 QSslSocket::readData(char *data, qint64 maxlen)-
1981{-
1982 Q_D(QSslSocket);-
1983 qint64 readBytes = 0;-
1984-
1985 if (d->mode == UnencryptedMode && !d->autoStartHandshake) {-
1986 readBytes = d->plainSocket->read(data, maxlen);-
1987#ifdef QSSLSOCKET_DEBUG-
1988 qCDebug(lcSsl) << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") =="-
1989 << readBytes;-
1990#endif-
1991 } else {-
1992 // possibly trigger another transmit() to decrypt more data from the socket-
1993 if (d->plainSocket->bytesAvailable())-
1994 QMetaObject::invokeMethod(this, "_q_flushReadBuffer", Qt::QueuedConnection);-
1995 }-
1996-
1997 return readBytes;-
1998}-
1999-
2000/*!-
2001 \reimp-
2002*/-
2003qint64 QSslSocket::writeData(const char *data, qint64 len)-
2004{-
2005 Q_D(QSslSocket);-
2006#ifdef QSSLSOCKET_DEBUG-
2007 qCDebug(lcSsl) << "QSslSocket::writeData(" << (void *)data << ',' << len << ')';-
2008#endif-
2009 if (d->mode == UnencryptedMode && !d->autoStartHandshake)
d->mode == UnencryptedModeDescription
TRUEevaluated 302 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 5396 times by 5 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
!d->autoStartHandshakeDescription
TRUEevaluated 295 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 7 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
7-5396
2010 return d->plainSocket->write(data, len);
executed 295 times by 3 tests: return d->plainSocket->write(data, len);
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
295
2011-
2012 char *writePtr =d->writeBuffer.reserve(len);-
::memcpyappend(writePtr,data, len);
2013-
2014 // make sure we flush to the plain socket's buffer-
2015 QMetaObject::invokeMethod(this, "_q_flushWriteBuffer", Qt::QueuedConnection);-
2016-
2017 return len;
executed 5403 times by 5 tests: return len;
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
5403
2018}-
2019-
2020/*!-
2021 \internal-
2022*/-
2023QSslSocketPrivate::QSslSocketPrivate()-
2024 : initialized(false)-
2025 , mode(QSslSocket::UnencryptedMode)-
2026 , autoStartHandshake(false)-
2027 , connectionEncrypted(false)-
2028 , shutdown(false)-
2029 , ignoreAllSslErrors(false)-
2030 , readyReadEmittedPointer(0)-
2031 , allowRootCertOnDemandLoading(true)-
2032 , plainSocket(0)-
2033 , paused(false)-
2034{-
2035 QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);-
2036}-
2037-
2038/*!-
2039 \internal-
2040*/-
2041QSslSocketPrivate::~QSslSocketPrivate()-
2042{-
2043}-
2044-
2045/*!-
2046 \internal-
2047*/-
2048void QSslSocketPrivate::init()-
2049{-
2050 mode = QSslSocket::UnencryptedMode;-
2051 autoStartHandshake = false;-
2052 connectionEncrypted = false;-
2053 ignoreAllSslErrors = false;-
2054 shutdown = false;-
2055 pendingClose = false;-
2056-
2057 // we don't want to clear the ignoreErrorsList, so-
2058 // that it is possible setting it before connecting-
2059// ignoreErrorsList.clear();-
2060-
2061 buffer.clear();-
2062 writeBuffer.clear();-
2063 configuration.peerCertificate.clear();-
2064 configuration.peerCertificateChain.clear();-
2065}-
2066-
2067/*!-
2068 \internal-
2069*/-
2070QList<QSslCipher> QSslSocketPrivate::defaultCiphers()-
2071{-
2072 QSslSocketPrivate::ensureInitialized();-
2073 QMutexLocker locker(&globalData()->mutex);-
2074 return globalData()->config->ciphers;-
2075}-
2076-
2077/*!-
2078 \internal-
2079*/-
2080QList<QSslCipher> QSslSocketPrivate::supportedCiphers()-
2081{-
2082 QSslSocketPrivate::ensureInitialized();-
2083 QMutexLocker locker(&globalData()->mutex);-
2084 return globalData()->supportedCiphers;-
2085}-
2086-
2087/*!-
2088 \internal-
2089*/-
2090void QSslSocketPrivate::setDefaultCiphers(const QList<QSslCipher> &ciphers)-
2091{-
2092 QMutexLocker locker(&globalData()->mutex);-
2093 globalData()->config.detach();-
2094 globalData()->config->ciphers = ciphers;-
2095}-
2096-
2097/*!-
2098 \internal-
2099*/-
2100void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciphers)-
2101{-
2102 QMutexLocker locker(&globalData()->mutex);-
2103 globalData()->config.detach();-
2104 globalData()->supportedCiphers = ciphers;-
2105}-
2106-
2107/*!-
2108 \internal-
2109*/-
2110QVector<QSslEllipticCurve> QSslSocketPrivate::supportedEllipticCurves()-
2111{-
2112 QSslSocketPrivate::ensureInitialized();-
2113 const QMutexLocker locker(&globalData()->mutex);-
2114 return globalData()->supportedEllipticCurves;-
2115}-
2116-
2117/*!-
2118 \internal-
2119*/-
2120void QSslSocketPrivate::setDefaultSupportedEllipticCurves(const QVector<QSslEllipticCurve> &curves)-
2121{-
2122 const QMutexLocker locker(&globalData()->mutex);-
2123 globalData()->config.detach();-
2124 globalData()->supportedEllipticCurves = curves;-
2125}-
2126-
2127/*!-
2128 \internal-
2129*/-
2130QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates()-
2131{-
2132 QSslSocketPrivate::ensureInitialized();-
2133 QMutexLocker locker(&globalData()->mutex);-
2134 return globalData()->config->caCertificates;-
2135}-
2136-
2137/*!-
2138 \internal-
2139*/-
2140void QSslSocketPrivate::setDefaultCaCertificates(const QList<QSslCertificate> &certs)-
2141{-
2142 QSslSocketPrivate::ensureInitialized();-
2143 QMutexLocker locker(&globalData()->mutex);-
2144 globalData()->config.detach();-
2145 globalData()->config->caCertificates = certs;-
2146 // when the certificates are set explicitly, we do not want to-
2147 // load the system certificates on demand-
2148 s_loadRootCertsOnDemand = false;-
2149}-
2150-
2151/*!-
2152 \internal-
2153*/-
2154bool QSslSocketPrivate::addDefaultCaCertificates(const QString &path, QSsl::EncodingFormat format,-
2155 QRegExp::PatternSyntax syntax)-
2156{-
2157 QSslSocketPrivate::ensureInitialized();-
2158 QList<QSslCertificate> certs = QSslCertificate::fromPath(path, format, syntax);-
2159 if (certs.isEmpty())-
2160 return false;-
2161-
2162 QMutexLocker locker(&globalData()->mutex);-
2163 globalData()->config.detach();-
2164 globalData()->config->caCertificates += certs;-
2165 return true;-
2166}-
2167-
2168/*!-
2169 \internal-
2170*/-
2171void QSslSocketPrivate::addDefaultCaCertificate(const QSslCertificate &cert)-
2172{-
2173 QSslSocketPrivate::ensureInitialized();-
2174 QMutexLocker locker(&globalData()->mutex);-
2175 globalData()->config.detach();-
2176 globalData()->config->caCertificates += cert;-
2177}-
2178-
2179/*!-
2180 \internal-
2181*/-
2182void QSslSocketPrivate::addDefaultCaCertificates(const QList<QSslCertificate> &certs)-
2183{-
2184 QSslSocketPrivate::ensureInitialized();-
2185 QMutexLocker locker(&globalData()->mutex);-
2186 globalData()->config.detach();-
2187 globalData()->config->caCertificates += certs;-
2188}-
2189-
2190/*!-
2191 \internal-
2192*/-
2193QSslConfiguration QSslConfigurationPrivate::defaultConfiguration()-
2194{-
2195 QSslSocketPrivate::ensureInitialized();-
2196 QMutexLocker locker(&globalData()->mutex);-
2197 return QSslConfiguration(globalData()->config.data());-
2198}-
2199-
2200/*!-
2201 \internal-
2202*/-
2203void QSslConfigurationPrivate::setDefaultConfiguration(const QSslConfiguration &configuration)-
2204{-
2205 QSslSocketPrivate::ensureInitialized();-
2206 QMutexLocker locker(&globalData()->mutex);-
2207 if (globalData()->config == configuration.d)-
2208 return; // nothing to do-
2209-
2210 globalData()->config = const_cast<QSslConfigurationPrivate*>(configuration.d.constData());-
2211}-
2212-
2213/*!-
2214 \internal-
2215*/-
2216void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPrivate *ptr)-
2217{-
2218 QSslSocketPrivate::ensureInitialized();-
2219 QMutexLocker locker(&globalData()->mutex);-
2220 const QSslConfigurationPrivate *global = globalData()->config.constData();-
2221-
2222 if (!global)-
2223 return;-
2224-
2225 ptr->ref.store(1);-
2226 ptr->peerCertificate = global->peerCertificate;-
2227 ptr->peerCertificateChain = global->peerCertificateChain;-
2228 ptr->localCertificateChain = global->localCertificateChain;-
2229 ptr->privateKey = global->privateKey;-
2230 ptr->sessionCipher = global->sessionCipher;-
2231 ptr->sessionProtocol = global->sessionProtocol;-
2232 ptr->ciphers = global->ciphers;-
2233 ptr->caCertificates = global->caCertificates;-
2234 ptr->protocol = global->protocol;-
2235 ptr->peerVerifyMode = global->peerVerifyMode;-
2236 ptr->peerVerifyDepth = global->peerVerifyDepth;-
2237 ptr->sslOptions = global->sslOptions;-
2238 ptr->ellipticCurves = global->ellipticCurves;-
2239}-
2240-
2241/*!-
2242 \internal-
2243*/-
2244void QSslSocketPrivate::createPlainSocket(QIODevice::OpenMode openMode)-
2245{-
2246 Q_Q(QSslSocket);-
2247 q->setOpenMode(openMode); // <- from QIODevice-
2248 q->setSocketState(QAbstractSocket::UnconnectedState);-
2249 q->setSocketError(QAbstractSocket::UnknownSocketError);-
2250 q->setLocalPort(0);-
2251 q->setLocalAddress(QHostAddress());-
2252 q->setPeerPort(0);-
2253 q->setPeerAddress(QHostAddress());-
2254 q->setPeerName(QString());-
2255-
2256 plainSocket = new QTcpSocket(q);-
2257#ifndef QT_NO_BEARERMANAGEMENT-
2258 //copy network session down to the plain socket (if it has been set)-
2259 plainSocket->setProperty("_q_networksession", q->property("_q_networksession"));-
2260#endif-
2261 q->connect(plainSocket, SIGNAL(connected()),-
2262 q, SLOT(_q_connectedSlot()),-
2263 Qt::DirectConnection);-
2264 q->connect(plainSocket, SIGNAL(hostFound()),-
2265 q, SLOT(_q_hostFoundSlot()),-
2266 Qt::DirectConnection);-
2267 q->connect(plainSocket, SIGNAL(disconnected()),-
2268 q, SLOT(_q_disconnectedSlot()),-
2269 Qt::DirectConnection);-
2270 q->connect(plainSocket, SIGNAL(stateChanged(QAbstractSocket::SocketState)),-
2271 q, SLOT(_q_stateChangedSlot(QAbstractSocket::SocketState)),-
2272 Qt::DirectConnection);-
2273 q->connect(plainSocket, SIGNAL(error(QAbstractSocket::SocketError)),-
2274 q, SLOT(_q_errorSlot(QAbstractSocket::SocketError)),-
2275 Qt::DirectConnection);-
2276 q->connect(plainSocket, SIGNAL(readyRead()),-
2277 q, SLOT(_q_readyReadSlot()),-
2278 Qt::DirectConnection);-
2279 q->connect(plainSocket, SIGNAL(channelReadyRead(int)),-
2280 q, SLOT(_q_channelReadyReadSlot(int)),-
2281 Qt::DirectConnection);-
2282 q->connect(plainSocket, SIGNAL(bytesWritten(qint64)),-
2283 q, SLOT(_q_bytesWrittenSlot(qint64)),-
2284 Qt::DirectConnection);-
2285 q->connect(plainSocket, SIGNAL(channelBytesWritten(int, qint64)),-
2286 q, SLOT(_q_channelBytesWrittenSlot(int, qint64)),-
2287 Qt::DirectConnection);-
2288#ifndef QT_NO_NETWORKPROXY-
2289 q->connect(plainSocket, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)),-
2290 q, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)));-
2291#endif-
2292-
2293 buffer.clear();-
2294 writeBuffer.clear();-
2295 connectionEncrypted = false;-
2296 configuration.peerCertificate.clear();-
2297 configuration.peerCertificateChain.clear();-
2298 mode = QSslSocket::UnencryptedMode;-
2299 q->setReadBufferSize(readBufferMaxSize);-
2300}
executed 677 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
677
2301-
2302void QSslSocketPrivate::pauseSocketNotifiers(QSslSocket *socket)-
2303{-
2304 if (!socket->d_func()->plainSocket)-
2305 return;-
2306 QAbstractSocketPrivate::pauseSocketNotifiers(socket->d_func()->plainSocket);-
2307}-
2308-
2309void QSslSocketPrivate::resumeSocketNotifiers(QSslSocket *socket)-
2310{-
2311 if (!socket->d_func()->plainSocket)-
2312 return;-
2313 QAbstractSocketPrivate::resumeSocketNotifiers(socket->d_func()->plainSocket);-
2314}-
2315-
2316bool QSslSocketPrivate::isPaused() const-
2317{-
2318 return paused;-
2319}-
2320-
2321bool QSslSocketPrivate::bind(const QHostAddress &address, quint16 port, QAbstractSocket::BindMode mode)-
2322{-
2323 // this function is called from QAbstractSocket::bind-
2324 if (!initialized)
!initializedDescription
TRUEevaluated 15 times by 1 test
Evaluated by:
  • tst_qtcpsocket - unknown status
FALSEnever evaluated
0-15
2325 init();
executed 15 times by 1 test: init();
Executed by:
  • tst_qtcpsocket - unknown status
15
2326 initialized = false;-
2327-
2328#ifdef QSSLSOCKET_DEBUG-
2329 qCDebug(lcSsl) << "QSslSocket::bind(" << address << ',' << port << ',' << mode << ')';-
2330#endif-
2331 if (!plainSocket) {
!plainSocketDescription
TRUEevaluated 15 times by 1 test
Evaluated by:
  • tst_qtcpsocket - unknown status
FALSEnever evaluated
0-15
2332#ifdef QSSLSOCKET_DEBUG-
2333 qCDebug(lcSsl) << "\tcreating internal plain socket";-
2334#endif-
2335 createPlainSocket(QIODevice::ReadWrite);-
2336 }
executed 15 times by 1 test: end of block
Executed by:
  • tst_qtcpsocket - unknown status
15
2337 bool ret = plainSocket->bind(address, port, mode);-
2338 localPort = plainSocket->localPort();-
2339 localAddress = plainSocket->localAddress();-
2340 cachedSocketDescriptor = plainSocket->socketDescriptor();-
2341 readChannelCount = writeChannelCount = 0;-
2342 return ret;
executed 15 times by 1 test: return ret;
Executed by:
  • tst_qtcpsocket - unknown status
15
2343}-
2344-
2345/*!-
2346 \internal-
2347*/-
2348void QSslSocketPrivate::_q_connectedSlot()-
2349{-
2350 Q_Q(QSslSocket);-
2351 q->setLocalPort(plainSocket->localPort());-
2352 q->setLocalAddress(plainSocket->localAddress());-
2353 q->setPeerPort(plainSocket->peerPort());-
2354 q->setPeerAddress(plainSocket->peerAddress());-
2355 q->setPeerName(plainSocket->peerName());-
2356 cachedSocketDescriptor = plainSocket->socketDescriptor();-
2357 readChannelCount = plainSocket->readChannelCount();-
2358 writeChannelCount = plainSocket->writeChannelCount();-
2359-
2360#ifdef QSSLSOCKET_DEBUG-
2361 qCDebug(lcSsl) << "QSslSocket::_q_connectedSlot()";-
2362 qCDebug(lcSsl) << "\tstate =" << q->state();-
2363 qCDebug(lcSsl) << "\tpeer =" << q->peerName() << q->peerAddress() << q->peerPort();-
2364 qCDebug(lcSsl) << "\tlocal =" << QHostInfo::fromName(q->localAddress().toString()).hostName()-
2365 << q->localAddress() << q->localPort();-
2366#endif-
2367-
2368 if (autoStartHandshake)
autoStartHandshakeDescription
TRUEevaluated 376 times by 6 tests
Evaluated by:
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
FALSEevaluated 267 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
267-376
2369 q->startClientEncryption();
executed 376 times by 6 tests: q->startClientEncryption();
Executed by:
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
376
2370-
2371 emit q->connected();-
2372-
2373 if (pendingClose && !autoStartHandshake) {
pendingCloseDescription
TRUEevaluated 9 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 634 times by 8 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
!autoStartHandshakeDescription
TRUEnever evaluated
FALSEevaluated 9 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
0-634
2374 pendingClose = false;-
2375 q->disconnectFromHost();-
2376 }
never executed: end of block
0
2377}
executed 643 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
643
2378-
2379/*!-
2380 \internal-
2381*/-
2382void QSslSocketPrivate::_q_hostFoundSlot()-
2383{-
2384 Q_Q(QSslSocket);-
2385#ifdef QSSLSOCKET_DEBUG-
2386 qCDebug(lcSsl) << "QSslSocket::_q_hostFoundSlot()";-
2387 qCDebug(lcSsl) << "\tstate =" << q->state();-
2388#endif-
2389 emit q->hostFound();-
2390}-
2391-
2392/*!-
2393 \internal-
2394*/-
2395void QSslSocketPrivate::_q_disconnectedSlot()-
2396{-
2397 Q_Q(QSslSocket);-
2398#ifdef QSSLSOCKET_DEBUG-
2399 qCDebug(lcSsl) << "QSslSocket::_q_disconnectedSlot()";-
2400 qCDebug(lcSsl) << "\tstate =" << q->state();-
2401#endif-
2402 disconnected();-
2403 emit q->disconnected();-
2404-
2405 q->setLocalPort(0);-
2406 q->setLocalAddress(QHostAddress());-
2407 q->setPeerPort(0);-
2408 q->setPeerAddress(QHostAddress());-
2409 q->setPeerName(QString());-
2410 cachedSocketDescriptor = -1;-
2411}
executed 707 times by 9 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
  • tst_spdy - unknown status
707
2412-
2413/*!-
2414 \internal-
2415*/-
2416void QSslSocketPrivate::_q_stateChangedSlot(QAbstractSocket::SocketState state)-
2417{-
2418 Q_Q(QSslSocket);-
2419#ifdef QSSLSOCKET_DEBUG-
2420 qCDebug(lcSsl) << "QSslSocket::_q_stateChangedSlot(" << state << ')';-
2421#endif-
2422 q->setSocketState(state);-
2423 emit q->stateChanged(state);-
2424}-
2425-
2426/*!-
2427 \internal-
2428*/-
2429void QSslSocketPrivate::_q_errorSlot(QAbstractSocket::SocketError error)-
2430{-
2431 Q_UNUSED(error)-
2432#ifdef QSSLSOCKET_DEBUG-
2433 Q_Q(QSslSocket);-
2434 qCDebug(lcSsl) << "QSslSocket::_q_errorSlot(" << error << ')';-
2435 qCDebug(lcSsl) << "\tstate =" << q->state();-
2436 qCDebug(lcSsl) << "\terrorString =" << q->errorString();-
2437#endif-
2438 // this moves encrypted bytes from plain socket into our buffer-
2439 if (plainSocket->bytesAvailable()) {-
2440 qint64 tmpReadBufferMaxSize = readBufferMaxSize;-
2441 readBufferMaxSize = 0; // reset temporarily so the plain sockets completely drained drained-
2442 transmit();-
2443 readBufferMaxSize = tmpReadBufferMaxSize;-
2444 }-
2445-
2446 setErrorAndEmit(plainSocket->error(), plainSocket->errorString());-
2447}-
2448-
2449/*!-
2450 \internal-
2451*/-
2452void QSslSocketPrivate::_q_readyReadSlot()-
2453{-
2454 Q_Q(QSslSocket);-
2455#ifdef QSSLSOCKET_DEBUG-
2456 qCDebug(lcSsl) << "QSslSocket::_q_readyReadSlot() -" << plainSocket->bytesAvailable() << "bytes available";-
2457#endif-
2458 if (mode == QSslSocket::UnencryptedMode) {-
2459 if (readyReadEmittedPointer)-
2460 *readyReadEmittedPointer = true;-
2461 emit q->readyRead();-
2462 return;-
2463 }-
2464-
2465 transmit();-
2466}-
2467-
2468/*!-
2469 \internal-
2470*/-
2471void QSslSocketPrivate::_q_channelReadyReadSlot(int channel)-
2472{-
2473 Q_Q(QSslSocket);-
2474 if (mode == QSslSocket::UnencryptedMode)
mode == QSslSo...nencryptedModeDescription
TRUEevaluated 2340 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 2686 times by 7 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
2340-2686
2475 emit q->channelReadyRead(channel);
executed 2340 times by 3 tests: q->channelReadyRead(channel);
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
2340
2476}
executed 5026 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
5026
2477-
2478/*!-
2479 \internal-
2480*/-
2481void QSslSocketPrivate::_q_bytesWrittenSlot(qint64 written)-
2482{-
2483 Q_Q(QSslSocket);-
2484#ifdef QSSLSOCKET_DEBUG-
2485 qCDebug(lcSsl) << "QSslSocket::_q_bytesWrittenSlot(" << written << ')';-
2486#endif-
2487-
2488 if (mode == QSslSocket::UnencryptedMode)-
2489 emit q->bytesWritten(written);-
2490 else-
2491 emit q->encryptedBytesWritten(written);-
2492 if (state == QAbstractSocket::ClosingState && writeBuffer.isEmpty())-
2493 q->disconnectFromHost();-
2494}-
2495-
2496/*!-
2497 \internal-
2498*/-
2499void QSslSocketPrivate::_q_channelBytesWrittenSlot(int channel, qint64 written)-
2500{-
2501 Q_Q(QSslSocket);-
2502 if (mode == QSslSocket::UnencryptedMode)
mode == QSslSo...nencryptedModeDescription
TRUEevaluated 267 times by 3 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
FALSEevaluated 5194 times by 7 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
267-5194
2503 emit q->channelBytesWritten(channel, written);
executed 267 times by 3 tests: q->channelBytesWritten(channel, written);
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
  • tst_qtcpsocket - unknown status
267
2504}
executed 5461 times by 8 tests: end of block
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
  • tst_qtcpsocket - unknown status
5461
2505-
2506/*!-
2507 \internal-
2508*/-
2509void QSslSocketPrivate::_q_flushWriteBuffer()-
2510{-
2511 Q_Q(QSslSocket);-
2512 if (!writeBuffer.isEmpty())-
2513 q->flush();-
2514}-
2515-
2516/*!-
2517 \internal-
2518*/-
2519void QSslSocketPrivate::_q_flushReadBuffer()-
2520{-
2521 // trigger a read from the plainSocket into SSL-
2522 if (mode != QSslSocket::UnencryptedMode)-
2523 transmit();-
2524}-
2525-
2526/*!-
2527 \internal-
2528*/-
2529void QSslSocketPrivate::_q_resumeImplementation()-
2530{-
2531 if (plainSocket)
plainSocketDescription
TRUEevaluated 20 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEnever evaluated
0-20
2532 plainSocket->resume();
executed 20 times by 1 test: plainSocket->resume();
Executed by:
  • tst_qsslsocket - unknown status
20
2533 paused = false;-
2534 if (!connectionEncrypted) {
!connectionEncryptedDescription
TRUEevaluated 20 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEnever evaluated
0-20
2535 if (verifyErrorsHaveBeenIgnored()) {
verifyErrorsHaveBeenIgnored()Description
TRUEevaluated 10 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 10 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
10
2536 continueHandshake();-
2537 } else {
executed 10 times by 1 test: end of block
Executed by:
  • tst_qsslsocket - unknown status
10
2538 setErrorAndEmit(QAbstractSocket::SslHandshakeFailedError, sslErrors.firstconstFirst().errorString());-
2539 plainSocket->disconnectFromHost();-
2540 return;
executed 10 times by 1 test: return;
Executed by:
  • tst_qsslsocket - unknown status
10
2541 }-
2542 }-
2543 transmit();-
2544}
executed 10 times by 1 test: end of block
Executed by:
  • tst_qsslsocket - unknown status
10
2545-
2546/*!-
2547 \internal-
2548*/-
2549bool QSslSocketPrivate::verifyErrorsHaveBeenIgnored()-
2550{-
2551 bool doEmitSslError;-
2552 if (!ignoreErrorsList.empty()) {-
2553 // check whether the errors we got are all in the list of expected errors-
2554 // (applies only if the method QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)-
2555 // was called)-
2556 doEmitSslError = false;-
2557 for (int a = 0; a < sslErrors.count(); a++) {-
2558 if (!ignoreErrorsList.contains(sslErrors.at(a))) {-
2559 doEmitSslError = true;-
2560 break;-
2561 }-
2562 }-
2563 } else {-
2564 // if QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) was not called and-
2565 // we get an SSL error, emit a signal unless we ignored all errors (by calling-
2566 // QSslSocket::ignoreSslErrors() )-
2567 doEmitSslError = !ignoreAllSslErrors;-
2568 }-
2569 return !doEmitSslError;-
2570}-
2571-
2572/*!-
2573 \internal-
2574*/-
2575qint64 QSslSocketPrivate::peek(char *data, qint64 maxSize)-
2576{-
2577 if (mode == QSslSocket::UnencryptedMode && !autoStartHandshake) {
mode == QSslSo...nencryptedModeDescription
TRUEevaluated 112 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
FALSEevaluated 95 times by 4 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
!autoStartHandshakeDescription
TRUEevaluated 112 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
FALSEnever evaluated
0-112
2578 //unencrypted mode - do not use QIODevice::peek, as it reads ahead data from the plain socket-
2579 //peek at data already in the QIODevice buffer (from a previous read)-
2580 qint64 r = buffer.peek(data, maxSize, transactionPos);-
2581 if (r == maxSize)
r == maxSizeDescription
TRUEevaluated 107 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
5-107
2582 return r;
executed 107 times by 2 tests: return r;
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
107
2583 data += r;-
2584 //peek at data in the plain socket-
2585 if (plainSocket) {
plainSocketDescription
TRUEevaluated 5 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
FALSEnever evaluated
0-5
2586 qint64 r2 = plainSocket->peek(data, maxSize - r);-
2587 if (r2 < 0)
r2 < 0Description
TRUEnever evaluated
FALSEevaluated 5 times by 2 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
0-5
2588 return (r > 0 ? r : r2);
never executed: return (r > 0 ? r : r2);
0
2589 return r + r2;
executed 5 times by 2 tests: return r + r2;
Executed by:
  • tst_NetworkSelfTest
  • tst_qsslsocket - unknown status
5
2590 } else {-
2591 return -1;
never executed: return -1;
0
2592 }-
2593 } else {-
2594 //encrypted mode - the socket engine will read and decrypt data into the QIODevice buffer-
2595 return QTcpSocketPrivate::peek(data, maxSize);
executed 95 times by 4 tests: return QTcpSocketPrivate::peek(data, maxSize);
Executed by:
  • tst_NetworkSelfTest
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslsocket - unknown status
95
2596 }-
2597}-
2598-
2599/*!-
2600 \internal-
2601*/-
2602QByteArray QSslSocketPrivate::peek(qint64 maxSize)-
2603{-
2604 if (mode == QSslSocket::UnencryptedMode && !autoStartHandshake) {
mode == QSslSo...nencryptedModeDescription
TRUEevaluated 10 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 2 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
!autoStartHandshakeDescription
TRUEevaluated 10 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEnever evaluated
0-10
2605 //unencrypted mode - do not use QIODevice::peek, as it reads ahead data from the plain socket-
2606 //peek at data already in the QIODevice buffer (from a previous read)-
2607 QByteArray ret;-
2608 ret.reserve(maxSize);-
2609 ret.resize(buffer.peek(ret.data(), maxSize, transactionPos));-
2610 if (ret.length() == maxSize)
ret.length() == maxSizeDescription
TRUEevaluated 1 time by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 9 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
1-9
2611 return ret;
executed 1 time by 1 test: return ret;
Executed by:
  • tst_qsslsocket - unknown status
1
2612 //peek at data in the plain socket-
2613 if (plainSocket)
plainSocketDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
FALSEevaluated 5 times by 1 test
Evaluated by:
  • tst_qsslsocket - unknown status
4-5
2614 return ret + plainSocket->peek(maxSize - ret.length());
executed 4 times by 1 test: return ret + plainSocket->peek(maxSize - ret.length());
Executed by:
  • tst_qsslsocket - unknown status
4
2615 else-
2616 return QByteArray();
executed 5 times by 1 test: return QByteArray();
Executed by:
  • tst_qsslsocket - unknown status
5
2617 } else {-
2618 //encrypted mode - the socket engine will read and decrypt data into the QIODevice buffer-
2619 return QTcpSocketPrivate::peek(maxSize);
executed 2 times by 1 test: return QTcpSocketPrivate::peek(maxSize);
Executed by:
  • tst_qsslsocket - unknown status
2
2620 }-
2621}-
2622-
2623/*!-
2624 \internal-
2625*/-
2626bool QSslSocketPrivate::rootCertOnDemandLoadingSupported()-
2627{-
2628 return s_loadRootCertsOnDemand;-
2629}-
2630-
2631/*!-
2632 \internal-
2633*/-
2634QList<QByteArray> QSslSocketPrivate::unixRootCertDirectories()-
2635{-
2636 return QList<QByteArray>() << "/etc/ssl/certs/" // (K)ubuntu, OpenSUSE, Mandriva, MeeGo ...-
2637 << "/usr/lib/ssl/certs/" // Gentoo, Mandrake-
2638 << "/usr/share/ssl/" // Centos, Redhat, SuSE-
2639 << "/usr/local/ssl/" // Normal OpenSSL Tarball-
2640 << "/var/ssl/certs/" // AIX-
2641 << "/usr/local/ssl/certs/" // Solaris-
2642 << "/etc/openssl/certs/" // BlackBerry-
2643 << "/opt/openssl/certs/" // HP-UX-
2644 << "/etc/ssl/"; // OpenBSD-
2645}-
2646-
2647/*!-
2648 \internal-
2649*/-
2650void QSslSocketPrivate::checkSettingSslContext(QSslSocket* socket, QSharedPointer<QSslContext> sslContext)-
2651{-
2652 if (socket->d_func()->sslContextPointer.isNull())-
2653 socket->d_func()->sslContextPointer = sslContext;-
2654}-
2655-
2656/*!-
2657 \internal-
2658*/-
2659QSharedPointer<QSslContext> QSslSocketPrivate::sslContext(QSslSocket *socket)-
2660{-
2661 return (socket) ? socket->d_func()->sslContextPointer : QSharedPointer<QSslContext>();-
2662}-
2663-
2664bool QSslSocketPrivate::isMatchingHostname(const QSslCertificate &cert, const QString &peerName)-
2665{-
2666 const QString lowerPeerName = peerName.toLower();-
2667 const QStringList commonNameListcommonNames = cert.subjectInfo(QSslCertificate::CommonName);-
2668-
2669 foreachfor (const QString &commonName , commonNameList: commonNames) {-
2670 if (isMatchingHostname(commonName.toLower(), peerName.toLower())) {lowerPeerName))
isMatchingHost...lowerPeerName)Description
TRUEevaluated 323 times by 8 tests
Evaluated by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
FALSEevaluated 63 times by 3 tests
Evaluated by:
  • tst_QNetworkReply
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
63-323
2671 return true;
executed 323 times by 8 tests: return true;
Executed by:
  • tst_NetworkSelfTest
  • tst_QHttpNetworkConnection
  • tst_QNetworkReply
  • tst_Spdy
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
  • tst_qsslsocket_onDemandCertificates_member - unknown status
  • tst_qsslsocket_onDemandCertificates_static - unknown status
323
2672 }}
executed 63 times by 3 tests: end of block
Executed by:
  • tst_QNetworkReply
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
63
2673-
2674 foreach (const QString &altName,auto subjectAlternativeNames = cert.subjectAlternativeNames().values();-
2675 const auto altNames = subjectAlternativeNames.equal_range(QSsl::DnsEntry)));-
2676 for (auto it = altNames.first; it != altNames.second; ++it)
it != altNames.secondDescription
TRUEnever evaluated
FALSEevaluated 63 times by 3 tests
Evaluated by:
  • tst_QNetworkReply
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
 {
it != altNames.secondDescription
TRUEnever evaluated
FALSEevaluated 63 times by 3 tests
Evaluated by:
  • tst_QNetworkReply
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
0-63
2677 if (isMatchingHostname(altName.it->toLower(), peerName.toLower())) {lowerPeerName))
isMatchingHost...lowerPeerName)Description
TRUEnever evaluated
FALSEnever evaluated
0
2678 return true;}
never executed: return true;
0
2679 }
never executed: end of block
0
2680-
2681 return false;
executed 63 times by 3 tests: return false;
Executed by:
  • tst_QNetworkReply
  • tst_qsslcertificate - unknown status
  • tst_qsslsocket - unknown status
63
2682}-
2683-
2684bool QSslSocketPrivate::isMatchingHostname(const QString &cn, const QString &hostname)-
2685{-
2686 int wildcard = cn.indexOf(QLatin1Char('*'));-
2687-
2688 // Check this is a wildcard cert, if not then just compare the strings-
2689 if (wildcard < 0)-
2690 return cn == hostname;-
2691-
2692 int firstCnDot = cn.indexOf(QLatin1Char('.'));-
2693 int secondCnDot = cn.indexOf(QLatin1Char('.'), firstCnDot+1);-
2694-
2695 // Check at least 3 components-
2696 if ((-1 == secondCnDot) || (secondCnDot+1 >= cn.length()))-
2697 return false;-
2698-
2699 // Check * is last character of 1st component (ie. there's a following .)-
2700 if (wildcard+1 != firstCnDot)-
2701 return false;-
2702-
2703 // Check only one star-
2704 if (cn.lastIndexOf(QLatin1Char('*')) != wildcard)-
2705 return false;-
2706-
2707 // Check characters preceding * (if any) match-
2708 if (wildcard && (hostname.leftRef(wildcard) != cn.leftRef(wildcard)))-
2709 return false;-
2710-
2711 // Check characters following first . match-
2712 if (hostname.midRef(hostname.indexOf(QLatin1Char('.'))) != cn.midRef(firstCnDot))-
2713 return false;-
2714-
2715 // Check if the hostname is an IP address, if so then wildcards are not allowed-
2716 QHostAddress addr(hostname);-
2717 if (!addr.isNull())-
2718 return false;-
2719-
2720 // Ok, I guess this was a wildcard CN and the hostname matches.-
2721 return true;-
2722}-
2723-
2724QT_END_NAMESPACE-
2725-
2726#include "moc_qsslsocket.cpp"-
Source codeSwitch to Preprocessed file
Generated by Squish Coco Non-Commercial 4.3.0-BETA-master-30-08-2018-4cb69e9