Fix Google Chrome connection problem

Task-number: QTBUG-36757 Change-Id: I6a802e93e28b6281fe03aacf001897003310a027 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
author: Kurt Pattyn <pattyn.kurt@gmail.com> 2014-02-16 13:53:29 +0100
committer: The Qt Project <gerrit-noreply@qt-project.org> 2014-03-10 11:09:39 +0100
commit: f24940a3692dc9e37f519e0c1af47033b2361306 (patch)
tree: 8471f1485e89c972f6228db394af88dc9e60dd84 /src/websockets/qwebsocketserver_p.cpp
parent: c714231afe2b9763a76a4792082467ecb1f81284 (diff)
download: qtwebsockets-f24940a3692dc9e37f519e0c1af47033b2361306.tar.gz
1 files changed, 14 insertions, 4 deletions
diff --git a/src/websockets/qwebsocketserver_p.cpp b/src/websockets/qwebsocketserver_p.cpp
index a43e75a..f349dc2 100644
--- a/src/websockets/qwebsocketserver_p.cpp
+++ b/src/websockets/qwebsocketserver_p.cpp
@@ -94,7 +94,8 @@ void QWebSocketServerPrivate::init()
         m_pTcpServer = pSslServer;
         if (Q_LIKELY(m_pTcpServer)) {
             QObjectPrivate::connect(pSslServer, &QSslServer::newEncryptedConnection,
-                                    this, &QWebSocketServerPrivate::onNewConnection);
+                                    this, &QWebSocketServerPrivate::onNewConnection,
+                                    Qt::QueuedConnection);
             QObject::connect(pSslServer, &QSslServer::peerVerifyError,
                              q_ptr, &QWebSocketServer::peerVerifyError);
             QObject::connect(pSslServer, &QSslServer::sslErrors,
@@ -414,13 +415,22 @@ void QWebSocketServerPrivate::handshakeReceived()
         qWarning() << QWebSocketServer::tr("Sender is not a QTcpSocket. This is a Qt bug!!!");
         return;
     }
+    //When using Google Chrome the handshake in received in two parts.
+    //Therefore, the readyRead signal is emitted twice.
+    //This is a guard against the BEAST attack.
+    //See: https://www.imperialviolet.org/2012/01/15/beastfollowup.html
+    //For Safari, the handshake is delivered at once
+    //FIXME: For FireFox, the readyRead signal is never emitted
+    //This is a bug in FireFox (see https://bugzilla.mozilla.org/show_bug.cgi?id=594502)
+    if (!pTcpSocket->canReadLine()) {
+        return;
+    }
+    disconnect(pTcpSocket, &QTcpSocket::readyRead,
+               this, &QWebSocketServerPrivate::handshakeReceived);
     Q_Q(QWebSocketServer);
     bool success = false;
     bool isSecure = false;
 
-    disconnect(pTcpSocket, &QTcpSocket::readyRead,
-               this, &QWebSocketServerPrivate::handshakeReceived);
-
     if (m_pendingConnections.length() >= maxPendingConnections()) {
         pTcpSocket->close();
         pTcpSocket->deleteLater();
author	Kurt Pattyn <pattyn.kurt@gmail.com>	2014-02-16 13:53:29 +0100
committer	The Qt Project <gerrit-noreply@qt-project.org>	2014-03-10 11:09:39 +0100
commit	f24940a3692dc9e37f519e0c1af47033b2361306 (patch)
tree	8471f1485e89c972f6228db394af88dc9e60dd84 /src/websockets/qwebsocketserver_p.cpp
parent	c714231afe2b9763a76a4792082467ecb1f81284 (diff)
download	qtwebsockets-f24940a3692dc9e37f519e0c1af47033b2361306.tar.gz