From 7e853bcd05cbc955b71843586ee20158e6ed3091 Mon Sep 17 00:00:00 2001 From: Thiago Macieira Date: Tue, 24 Oct 2017 20:46:22 -0700 Subject: Update to new QRandomGenerator API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I69f37f9304f24709a823fffd14e676c097712329 Reviewed-by: Timur Pocheptsov Reviewed-by: MÃ¥rten Nordheim --- src/websockets/qdefaultmaskgenerator_p.cpp | 8 ++++---- src/websockets/qmaskgenerator.cpp | 2 +- src/websockets/qwebsocket.cpp | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/websockets/qdefaultmaskgenerator_p.cpp b/src/websockets/qdefaultmaskgenerator_p.cpp index 7dc0cee..7763868 100644 --- a/src/websockets/qdefaultmaskgenerator_p.cpp +++ b/src/websockets/qdefaultmaskgenerator_p.cpp @@ -48,7 +48,7 @@ malicious scripts to attack bad behaving proxies. For more information about the importance of good masking, see \l {"Talking to Yourself for Fun and Profit" by Lin-Shung Huang et al}. - The default mask generator uses the reasonably secure QRandomGenerator::get32() function. + The default mask generator uses the reasonably secure QRandomGenerator::global()->generate() function. The best measure against attacks mentioned in the document above, is to use QWebSocket over a secure connection (\e wss://). In general, always be careful to not have 3rd party script access to @@ -90,16 +90,16 @@ bool QDefaultMaskGenerator::seed() Q_DECL_NOEXCEPT } /*! - Generates a new random mask using the insecure QRandomGenerator::get32() method. + Generates a new random mask using the insecure QRandomGenerator::global()->generate() method. \internal */ quint32 QDefaultMaskGenerator::nextMask() Q_DECL_NOEXCEPT { - quint32 value = QRandomGenerator::get32(); + quint32 value = QRandomGenerator::global()->generate(); while (Q_UNLIKELY(value == 0)) { // a mask of zero has a special meaning - value = QRandomGenerator::get32(); + value = QRandomGenerator::global()->generate(); } return value; } diff --git a/src/websockets/qmaskgenerator.cpp b/src/websockets/qmaskgenerator.cpp index 56d1223..40f8594 100644 --- a/src/websockets/qmaskgenerator.cpp +++ b/src/websockets/qmaskgenerator.cpp @@ -50,7 +50,7 @@ malicious scripts from attacking badly behaving proxies. For more information about the importance of good masking, see \l {"Talking to Yourself for Fun and Profit" by Lin-Shung Huang et al}. - By default QWebSocket uses the reasonably secure QRandomGenerator::get32() function. + By default QWebSocket uses the reasonably secure QRandomGenerator::global()->generate() function. The best measure against attacks mentioned in the document above, is to use QWebSocket over a secure connection (\e wss://). In general, always be careful to not have 3rd party script access to diff --git a/src/websockets/qwebsocket.cpp b/src/websockets/qwebsocket.cpp index 30bb39d..de5ac22 100644 --- a/src/websockets/qwebsocket.cpp +++ b/src/websockets/qwebsocket.cpp @@ -64,7 +64,7 @@ this problem is to use WebSocket over a secure connection. \warning To generate masks, this implementation of WebSockets uses the reasonably - secure QRandomGenerator::get32() function. + secure QRandomGenerator::global()->generate() function. For more information about the importance of good masking, see \l {"Talking to Yourself for Fun and Profit" by Lin-Shung Huang et al}. The best measure against attacks mentioned in the document above, -- cgit v1.2.1