summaryrefslogtreecommitdiff
path: root/src/websockets
diff options
context:
space:
mode:
authorKurt Pattyn <pattyn.kurt@gmail.com>2014-02-16 13:53:29 +0100
committerThe Qt Project <gerrit-noreply@qt-project.org>2014-03-10 11:09:39 +0100
commitf24940a3692dc9e37f519e0c1af47033b2361306 (patch)
tree8471f1485e89c972f6228db394af88dc9e60dd84 /src/websockets
parentc714231afe2b9763a76a4792082467ecb1f81284 (diff)
downloadqtwebsockets-f24940a3692dc9e37f519e0c1af47033b2361306.tar.gz
Fix Google Chrome connection problem
Task-number: QTBUG-36757 Change-Id: I6a802e93e28b6281fe03aacf001897003310a027 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Diffstat (limited to 'src/websockets')
-rw-r--r--src/websockets/qwebsocketserver.cpp7
-rw-r--r--src/websockets/qwebsocketserver_p.cpp18
2 files changed, 21 insertions, 4 deletions
diff --git a/src/websockets/qwebsocketserver.cpp b/src/websockets/qwebsocketserver.cpp
index 0645947..884f422 100644
--- a/src/websockets/qwebsocketserver.cpp
+++ b/src/websockets/qwebsocketserver.cpp
@@ -70,6 +70,13 @@
\l {http://tools.ietf.org/html/rfc6455#page-39} {extensions} and
\l {http://tools.ietf.org/html/rfc6455#page-12} {subprotocols}.
+ \note When working with self-signed certificates, FireFox currently has a
+ \l {https://bugzilla.mozilla.org/show_bug.cgi?id=594502} {bug} that prevents it to
+ connect to a secure websocket server. To work around this problem, first browse to the
+ secure websocket server using https. FireFox will indicate that the certificate is invalid.
+ From here on, the certificate can be added to the exceptions. After this, the secure websockets
+ connection should work.
+
QWebSocketServer only supports version 13 of the WebSocket protocol, as outlined in RFC 6455.
\sa echoserver.html
diff --git a/src/websockets/qwebsocketserver_p.cpp b/src/websockets/qwebsocketserver_p.cpp
index a43e75a..f349dc2 100644
--- a/src/websockets/qwebsocketserver_p.cpp
+++ b/src/websockets/qwebsocketserver_p.cpp
@@ -94,7 +94,8 @@ void QWebSocketServerPrivate::init()
m_pTcpServer = pSslServer;
if (Q_LIKELY(m_pTcpServer)) {
QObjectPrivate::connect(pSslServer, &QSslServer::newEncryptedConnection,
- this, &QWebSocketServerPrivate::onNewConnection);
+ this, &QWebSocketServerPrivate::onNewConnection,
+ Qt::QueuedConnection);
QObject::connect(pSslServer, &QSslServer::peerVerifyError,
q_ptr, &QWebSocketServer::peerVerifyError);
QObject::connect(pSslServer, &QSslServer::sslErrors,
@@ -414,13 +415,22 @@ void QWebSocketServerPrivate::handshakeReceived()
qWarning() << QWebSocketServer::tr("Sender is not a QTcpSocket. This is a Qt bug!!!");
return;
}
+ //When using Google Chrome the handshake in received in two parts.
+ //Therefore, the readyRead signal is emitted twice.
+ //This is a guard against the BEAST attack.
+ //See: https://www.imperialviolet.org/2012/01/15/beastfollowup.html
+ //For Safari, the handshake is delivered at once
+ //FIXME: For FireFox, the readyRead signal is never emitted
+ //This is a bug in FireFox (see https://bugzilla.mozilla.org/show_bug.cgi?id=594502)
+ if (!pTcpSocket->canReadLine()) {
+ return;
+ }
+ disconnect(pTcpSocket, &QTcpSocket::readyRead,
+ this, &QWebSocketServerPrivate::handshakeReceived);
Q_Q(QWebSocketServer);
bool success = false;
bool isSecure = false;
- disconnect(pTcpSocket, &QTcpSocket::readyRead,
- this, &QWebSocketServerPrivate::handshakeReceived);
-
if (m_pendingConnections.length() >= maxPendingConnections()) {
pTcpSocket->close();
pTcpSocket->deleteLater();