From 2bf36986a10da33b9e9ae082c7f60c5affe3dfac Mon Sep 17 00:00:00 2001 From: Jerome Pasion Date: Fri, 21 Feb 2014 10:50:13 +0100 Subject: Doc: Fixed missing line separators in qdocconf file. -needed to get the documentation to build. Task-number: QTBUG-33360 Change-Id: Ifed61ebb39843936ac3e350f26f6accffda78318 Reviewed-by: Martin Smith Reviewed-by: Kurt Pattyn --- src/websockets/doc/qtwebsockets.qdocconf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/websockets/doc/qtwebsockets.qdocconf b/src/websockets/doc/qtwebsockets.qdocconf index 434c9f2..7822edc 100644 --- a/src/websockets/doc/qtwebsockets.qdocconf +++ b/src/websockets/doc/qtwebsockets.qdocconf @@ -40,11 +40,11 @@ tagfile = ../../../doc/qtwebsockets/ depends += qtcore qtnetwork qtdoc -headerdirs += .. +headerdirs += .. \ ../../imports sourcedirs += .. \ - src + src \ ../../imports -- cgit v1.2.1 From 576079f25c2a1de18da26f82473614d442e2f7a5 Mon Sep 17 00:00:00 2001 From: Sergio Ahumada Date: Fri, 28 Feb 2014 15:29:20 +0100 Subject: Add .tag file and the git-archive export options The .gitattributes and .gitignore files do not need to be present in packaged sources, as they are for people using the Git repository. Change-Id: I37f69ce0dfbc25592c149118137398f96cdeb117 Reviewed-by: Thiago Macieira --- .gitattributes | 4 ++++ .tag | 1 + 2 files changed, 5 insertions(+) create mode 100644 .gitattributes create mode 100644 .tag diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..1a045fa --- /dev/null +++ b/.gitattributes @@ -0,0 +1,4 @@ +.tag export-subst +.gitignore export-ignore +.gitattributes export-ignore +.commit-template export-ignore diff --git a/.tag b/.tag new file mode 100644 index 0000000..6828f88 --- /dev/null +++ b/.tag @@ -0,0 +1 @@ +$Format:%H$ -- cgit v1.2.1 From cb52b7857ce0a4cc5448d0abfabb62090933439e Mon Sep 17 00:00:00 2001 From: Sergio Ahumada Date: Sat, 1 Mar 2014 17:22:51 +0100 Subject: Prefer to use normalised signal/slot signatures Change-Id: I92322fc3404795bea8442b9b849564d5cd39b367 Reviewed-by: Marc Mutz Reviewed-by: Kurt Pattyn --- tests/auto/dataprocessor/tst_dataprocessor.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/auto/dataprocessor/tst_dataprocessor.cpp b/tests/auto/dataprocessor/tst_dataprocessor.cpp index c60ed0e..a63193a 100644 --- a/tests/auto/dataprocessor/tst_dataprocessor.cpp +++ b/tests/auto/dataprocessor/tst_dataprocessor.cpp @@ -751,7 +751,7 @@ void tst_DataProcessor::frameTooSmall() QSignalSpy pongMessageSpy(&dataProcessor, SIGNAL(pongReceived(QByteArray))); QSignalSpy textMessageSpy(&dataProcessor, SIGNAL(textMessageReceived(QString))); QSignalSpy binaryMessageSpy(&dataProcessor, SIGNAL(binaryMessageReceived(QByteArray))); - QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString, bool))); + QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString,bool))); QSignalSpy binaryFrameSpy(&dataProcessor, SIGNAL(binaryFrameReceived(QByteArray,bool))); dataProcessor.process(&buffer); @@ -1363,7 +1363,7 @@ void tst_DataProcessor::invalidPayloadInCloseFrame() QSignalSpy pongMessageSpy(&dataProcessor, SIGNAL(pongReceived(QByteArray))); QSignalSpy textMessageSpy(&dataProcessor, SIGNAL(textMessageReceived(QString))); QSignalSpy binaryMessageSpy(&dataProcessor, SIGNAL(binaryMessageReceived(QByteArray))); - QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString, bool))); + QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString,bool))); QSignalSpy binaryFrameSpy(&dataProcessor, SIGNAL(binaryFrameReceived(QByteArray,bool))); data.append(firstByte).append(secondByte); @@ -1463,7 +1463,7 @@ void tst_DataProcessor::doTest() SIGNAL(errorEncountered(QWebSocketProtocol::CloseCode,QString))); QSignalSpy textMessageSpy(&dataProcessor, SIGNAL(textMessageReceived(QString))); QSignalSpy binaryMessageSpy(&dataProcessor, SIGNAL(binaryMessageReceived(QByteArray))); - QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString, bool))); + QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString,bool))); QSignalSpy binaryFrameSpy(&dataProcessor, SIGNAL(binaryFrameReceived(QByteArray,bool))); if (isContinuationFrame) @@ -1508,7 +1508,7 @@ void tst_DataProcessor::doCloseFrameTest() SIGNAL(errorEncountered(QWebSocketProtocol::CloseCode,QString))); QSignalSpy textMessageSpy(&dataProcessor, SIGNAL(textMessageReceived(QString))); QSignalSpy binaryMessageSpy(&dataProcessor, SIGNAL(binaryMessageReceived(QByteArray))); - QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString, bool))); + QSignalSpy textFrameSpy(&dataProcessor, SIGNAL(textFrameReceived(QString,bool))); QSignalSpy binaryFrameSpy(&dataProcessor, SIGNAL(binaryFrameReceived(QByteArray,bool))); data.append(firstByte).append(secondByte); -- cgit v1.2.1 From 06c27bdb5e90445b6ab89ea4315b3af235826152 Mon Sep 17 00:00:00 2001 From: Sergio Ahumada Date: Sat, 1 Mar 2014 17:16:43 +0100 Subject: Use const & for your foreach variables Change-Id: I6096111284f02f07e1e7864b8795236563d4f6c1 Reviewed-by: Kurt Pattyn --- src/websockets/qwebsockethandshakeresponse.cpp | 2 +- tests/manual/websockets/tst_websockets.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/websockets/qwebsockethandshakeresponse.cpp b/src/websockets/qwebsockethandshakeresponse.cpp index d244000..aa9a881 100644 --- a/src/websockets/qwebsockethandshakeresponse.cpp +++ b/src/websockets/qwebsockethandshakeresponse.cpp @@ -207,7 +207,7 @@ QString QWebSocketHandshakeResponse::getHandshakeResponse( if (Q_UNLIKELY(!m_canUpgrade)) { response << QStringLiteral("HTTP/1.1 400 Bad Request"); QStringList versions; - Q_FOREACH (QWebSocketProtocol::Version version, supportedVersions) + Q_FOREACH (const QWebSocketProtocol::Version &version, supportedVersions) versions << QString::number(static_cast(version)); response << QStringLiteral("Sec-WebSocket-Version: ") % versions.join(QStringLiteral(", ")); diff --git a/tests/manual/websockets/tst_websockets.cpp b/tests/manual/websockets/tst_websockets.cpp index c2fbc6b..b9a7f5e 100644 --- a/tests/manual/websockets/tst_websockets.cpp +++ b/tests/manual/websockets/tst_websockets.cpp @@ -169,7 +169,7 @@ void tst_WebSocketsTest::testPeerAddress() QVERIFY(addresses.length() > 0); QHostAddress peer = m_pWebSocket->peerAddress(); bool found = false; - Q_FOREACH(QHostAddress a, addresses) + Q_FOREACH (const QHostAddress &a, addresses) { if (a == peer) { -- cgit v1.2.1 From c714231afe2b9763a76a4792082467ecb1f81284 Mon Sep 17 00:00:00 2001 From: Sergio Ahumada Date: Sat, 1 Mar 2014 17:10:22 +0100 Subject: Make the constructor explicit Change-Id: I6dcd225de9fee909c4cd1afa70938c2eb7ff819a Reviewed-by: Kurt Pattyn --- src/websockets/qsslserver_p.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/websockets/qsslserver_p.h b/src/websockets/qsslserver_p.h index 12da3c5..12b9369 100644 --- a/src/websockets/qsslserver_p.h +++ b/src/websockets/qsslserver_p.h @@ -55,7 +55,7 @@ class QSslServer : public QTcpServer Q_DISABLE_COPY(QSslServer) public: - QSslServer(QObject *parent = Q_NULLPTR); + explicit QSslServer(QObject *parent = Q_NULLPTR); virtual ~QSslServer(); void setSslConfiguration(const QSslConfiguration &sslConfiguration); -- cgit v1.2.1 From f24940a3692dc9e37f519e0c1af47033b2361306 Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Sun, 16 Feb 2014 13:53:29 +0100 Subject: Fix Google Chrome connection problem Task-number: QTBUG-36757 Change-Id: I6a802e93e28b6281fe03aacf001897003310a027 Reviewed-by: Peter Hartmann --- src/websockets/qwebsocketserver.cpp | 7 +++++++ src/websockets/qwebsocketserver_p.cpp | 18 ++++++++++++++---- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/src/websockets/qwebsocketserver.cpp b/src/websockets/qwebsocketserver.cpp index 0645947..884f422 100644 --- a/src/websockets/qwebsocketserver.cpp +++ b/src/websockets/qwebsocketserver.cpp @@ -70,6 +70,13 @@ \l {http://tools.ietf.org/html/rfc6455#page-39} {extensions} and \l {http://tools.ietf.org/html/rfc6455#page-12} {subprotocols}. + \note When working with self-signed certificates, FireFox currently has a + \l {https://bugzilla.mozilla.org/show_bug.cgi?id=594502} {bug} that prevents it to + connect to a secure websocket server. To work around this problem, first browse to the + secure websocket server using https. FireFox will indicate that the certificate is invalid. + From here on, the certificate can be added to the exceptions. After this, the secure websockets + connection should work. + QWebSocketServer only supports version 13 of the WebSocket protocol, as outlined in RFC 6455. \sa echoserver.html diff --git a/src/websockets/qwebsocketserver_p.cpp b/src/websockets/qwebsocketserver_p.cpp index a43e75a..f349dc2 100644 --- a/src/websockets/qwebsocketserver_p.cpp +++ b/src/websockets/qwebsocketserver_p.cpp @@ -94,7 +94,8 @@ void QWebSocketServerPrivate::init() m_pTcpServer = pSslServer; if (Q_LIKELY(m_pTcpServer)) { QObjectPrivate::connect(pSslServer, &QSslServer::newEncryptedConnection, - this, &QWebSocketServerPrivate::onNewConnection); + this, &QWebSocketServerPrivate::onNewConnection, + Qt::QueuedConnection); QObject::connect(pSslServer, &QSslServer::peerVerifyError, q_ptr, &QWebSocketServer::peerVerifyError); QObject::connect(pSslServer, &QSslServer::sslErrors, @@ -414,13 +415,22 @@ void QWebSocketServerPrivate::handshakeReceived() qWarning() << QWebSocketServer::tr("Sender is not a QTcpSocket. This is a Qt bug!!!"); return; } + //When using Google Chrome the handshake in received in two parts. + //Therefore, the readyRead signal is emitted twice. + //This is a guard against the BEAST attack. + //See: https://www.imperialviolet.org/2012/01/15/beastfollowup.html + //For Safari, the handshake is delivered at once + //FIXME: For FireFox, the readyRead signal is never emitted + //This is a bug in FireFox (see https://bugzilla.mozilla.org/show_bug.cgi?id=594502) + if (!pTcpSocket->canReadLine()) { + return; + } + disconnect(pTcpSocket, &QTcpSocket::readyRead, + this, &QWebSocketServerPrivate::handshakeReceived); Q_Q(QWebSocketServer); bool success = false; bool isSecure = false; - disconnect(pTcpSocket, &QTcpSocket::readyRead, - this, &QWebSocketServerPrivate::handshakeReceived); - if (m_pendingConnections.length() >= maxPendingConnections()) { pTcpSocket->close(); pTcpSocket->deleteLater(); -- cgit v1.2.1 From ceac1d619029e1fcf10c12290fbaac25c7fa516e Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Sun, 9 Mar 2014 12:33:26 +0100 Subject: Fix documentation warnings Change-Id: I5790460aab2377144d041c5b2a75ae0208ec5c00 Reviewed-by: Kurt Pattyn --- src/websockets/qmaskgenerator.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/websockets/qmaskgenerator.cpp b/src/websockets/qmaskgenerator.cpp index aa78f77..3e4ce17 100644 --- a/src/websockets/qmaskgenerator.cpp +++ b/src/websockets/qmaskgenerator.cpp @@ -41,7 +41,9 @@ /*! \class QMaskGenerator - The QMaskGenerator class provides an abstract base for custom 32-bit mask generators. + \inmodule QtWebSockets + + \brief The QMaskGenerator class provides an abstract base for custom 32-bit mask generators. The WebSockets specification as outlined in {http://tools.ietf.org/html/rfc6455}{RFC 6455} requires that all communication from client to server must be masked. This is to prevent @@ -61,6 +63,7 @@ Initializes the QMaskGenerator by seeding the randomizer. When seed() is not called, it depends on the specific implementation of a subclass if a default seed is used or no seed is used at all. + Returns \e true if seeding succeeds, otherwise false. */ /*! @@ -75,7 +78,7 @@ QT_BEGIN_NAMESPACE /*! - Creates a new QMaskGenerator object. + Creates a new QMaskGenerator object with the given optional QObject \a parent. */ QMaskGenerator::QMaskGenerator(QObject *parent) : QObject(parent) -- cgit v1.2.1 From d122d15b66bdcecb42f4c3cabaeaab6791f1edaa Mon Sep 17 00:00:00 2001 From: Nico Vertriest Date: Fri, 28 Feb 2014 12:31:13 +0100 Subject: Doc: Review documentation Qt WebSockets Task-number: QTBUG-37149 Change-Id: Ia8fe7b11140d31bc231a17bfcc16887f3af0dbce Reviewed-by: Jerome Pasion --- examples/doc/echoclient.qdoc | 5 ++++- examples/doc/echoserver.qdoc | 6 ++++-- examples/doc/qmlwebsocketclient.qdoc | 1 + examples/doc/simplechat.qdoc | 5 ++++- examples/doc/sslechoclient.qdoc | 2 ++ examples/doc/sslechoserver.qdoc | 2 ++ examples/examples.qdoc | 3 +-- src/websockets/doc/src/index.qdoc | 9 +++++++-- src/websockets/doc/src/qtwebsockets-module.qdoc | 6 ++++++ 9 files changed, 31 insertions(+), 8 deletions(-) diff --git a/examples/doc/echoclient.qdoc b/examples/doc/echoclient.qdoc index a1f1646..a6cb1a9 100644 --- a/examples/doc/echoclient.qdoc +++ b/examples/doc/echoclient.qdoc @@ -43,7 +43,10 @@ \example echoclient \title Echo Client Example \ingroup qtwebsockets-examples - \brief Explains how to use the websocket API to create a simple echo client. + \brief Describes how to use the websocket API for creating a simple echo client. + + The Echo Client Example shows how to use the websocket API to create a simple + echo client. \sa {Echo Server Example} */ diff --git a/examples/doc/echoserver.qdoc b/examples/doc/echoserver.qdoc index b7b8299..fcb0442 100644 --- a/examples/doc/echoserver.qdoc +++ b/examples/doc/echoserver.qdoc @@ -43,9 +43,11 @@ \example echoserver \title Echo Server Example \ingroup qtwebsockets-examples + \brief Shows how to create a simple server application that + sends back the messages it receives. - The Echo Server example shows how to create a simple server application that - sends back the messages that it receives, using the websockets API. + The Echo Server Example shows how to create a simple server application that + sends back the messages it receives, using the websockets API. \sa {Echo Client Example} */ diff --git a/examples/doc/qmlwebsocketclient.qdoc b/examples/doc/qmlwebsocketclient.qdoc index 0bf39bd..776e486 100644 --- a/examples/doc/qmlwebsocketclient.qdoc +++ b/examples/doc/qmlwebsocketclient.qdoc @@ -43,4 +43,5 @@ \example qmlwebsocketclient \title QML WebSocket Client Example \ingroup qtwebsockets-examples + \brief Explains how to program a QML WebSocket client example. */ diff --git a/examples/doc/simplechat.qdoc b/examples/doc/simplechat.qdoc index 215c46a..506d45a 100644 --- a/examples/doc/simplechat.qdoc +++ b/examples/doc/simplechat.qdoc @@ -43,7 +43,10 @@ \example simplechat \title Simple Chat Example \ingroup qtwebsockets-examples + \brief Shows how to use the QWebSocket and QWebSocketServer classes + for creating a minimalistic chat application over websockets. - The Simple Chat example shows how to use the QWebSocket and QWebSocketServer + The Simple Chat Example shows how to use the QWebSocket and QWebSocketServer classes to create a minimalistic chat application over websockets. + */ diff --git a/examples/doc/sslechoclient.qdoc b/examples/doc/sslechoclient.qdoc index ca515ec..d7d1897 100644 --- a/examples/doc/sslechoclient.qdoc +++ b/examples/doc/sslechoclient.qdoc @@ -43,6 +43,8 @@ \example sslechoclient \title SSL Echo Client Example \ingroup qtwebsockets-examples + \brief Shows how to use the QWebSocket class to implement an echo + client over a secure connection (wss). The SSL Echo Client example shows how to use the QWebSocket class to implement an echo client over a secure connection (wss). diff --git a/examples/doc/sslechoserver.qdoc b/examples/doc/sslechoserver.qdoc index 608b27a..d158a68 100644 --- a/examples/doc/sslechoserver.qdoc +++ b/examples/doc/sslechoserver.qdoc @@ -43,6 +43,8 @@ \example sslechoserver \title SSL Echo Server Example \ingroup qtwebsockets-examples + \brief Shows how to use the QWebSocketServer class for implementing a simple + echo server over secure sockets (wss). The SSL Echo Server example shows how to use the QWebSocketServer class to implement a simple echo server over secure sockets (wss). diff --git a/examples/examples.qdoc b/examples/examples.qdoc index b770704..bc1ad32 100644 --- a/examples/examples.qdoc +++ b/examples/examples.qdoc @@ -45,8 +45,7 @@ \page examples.html \brief List of Qt WebSocket examples - The module provides the following examples for reference to - help understand the API usage: + The examples below can be used as a guide to using the API. \list \li \l echoclient diff --git a/src/websockets/doc/src/index.qdoc b/src/websockets/doc/src/index.qdoc index f85380b..2961ef3 100644 --- a/src/websockets/doc/src/index.qdoc +++ b/src/websockets/doc/src/index.qdoc @@ -50,10 +50,15 @@ QT += websockets \endcode - \section1 Related information + \section1 Reference documentation \list \li \l{Qt WebSockets C++ Classes}{C++ Classes} - \li \l{Qt WebSockets Examples}{Examples} \li \l{Qt WebSockets QML Types}{QML Types} \endlist + + \section1 Examples + + The module provides the following examples as a guide to using + the API. + \l{Qt WebSockets Examples}{Examples} */ diff --git a/src/websockets/doc/src/qtwebsockets-module.qdoc b/src/websockets/doc/src/qtwebsockets-module.qdoc index c4dea41..02d31d1 100644 --- a/src/websockets/doc/src/qtwebsockets-module.qdoc +++ b/src/websockets/doc/src/qtwebsockets-module.qdoc @@ -29,6 +29,7 @@ \title Qt WebSockets C++ Classes \ingroup modules \qtvariable websockets + \since 5.3 \brief List of C++ classes that provide WebSockets communication. To use these classes in your application, use the following include @@ -52,4 +53,9 @@ \brief List of QML types that provide WebSockets communication. \annotatedlist websockets-qml + + The QML types are accessed by using: + \code + import QtWebSockets 1.0 + \endcode */ -- cgit v1.2.1 From 8cda01eb77b9f52ad8f5d58e65d7cd76d8e20154 Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Sun, 9 Mar 2014 13:11:58 +0100 Subject: Update documentation. Change-Id: I8fca0df0ea66adba0898d95f8249ea1b7f33892a Reviewed-by: Kurt Pattyn --- src/websockets/qdefaultmaskgenerator_p.cpp | 41 ++++++++++++++++++++++++++++++ src/websockets/qmaskgenerator.cpp | 1 + src/websockets/qsslserver.cpp | 41 ++++++++++++++++++++++++++++++ src/websockets/qwebsocket.cpp | 4 +++ 4 files changed, 87 insertions(+) diff --git a/src/websockets/qdefaultmaskgenerator_p.cpp b/src/websockets/qdefaultmaskgenerator_p.cpp index 814e04d..da166ac 100644 --- a/src/websockets/qdefaultmaskgenerator_p.cpp +++ b/src/websockets/qdefaultmaskgenerator_p.cpp @@ -38,6 +38,26 @@ ** $QT_END_LICENSE$ ** ****************************************************************************/ +/*! + \class QDefaultMaskGenerator + + \inmodule QtWebSockets + + \brief The QDefaultMaskGenerator class provides the default mask generator for QtWebSockets. + + The WebSockets specification as outlined in {http://tools.ietf.org/html/rfc6455}{RFC 6455} + requires that all communication from client to server must be masked. This is to prevent + malicious scripts to attack bad behaving proxies. + For more information about the importance of good masking, + see \l {http://w2spconf.com/2011/papers/websocket.pdf}. + The default mask generator uses the cryptographically insecure qrand() function. + The best measure against attacks mentioned in the document above, + is to use QWebSocket over a secure connection (\e wss://). + In general, always be careful to not have 3rd party script access to + a QWebSocket in your application. + + \internal +*/ #include "qdefaultmaskgenerator_p.h" #include @@ -45,21 +65,42 @@ QT_BEGIN_NAMESPACE +/*! + Constructs a new QDefaultMaskGenerator with the given \a parent. + + \internal +*/ QDefaultMaskGenerator::QDefaultMaskGenerator(QObject *parent) : QMaskGenerator(parent) { } +/*! + Destroys the QDefaultMaskGenerator object. + + \internal +*/ QDefaultMaskGenerator::~QDefaultMaskGenerator() { } +/*! + Seeds the QDefaultMaskGenerator using qsrand(). + When seed() is not called, no seed is used at all. + + \internal +*/ bool QDefaultMaskGenerator::seed() { qsrand(static_cast(QDateTime::currentMSecsSinceEpoch())); return true; } +/*! + Generates a new random mask using the insecure qrand() method. + + \internal +*/ quint32 QDefaultMaskGenerator::nextMask() { return quint32((double(qrand()) / RAND_MAX) * std::numeric_limits::max()); diff --git a/src/websockets/qmaskgenerator.cpp b/src/websockets/qmaskgenerator.cpp index 3e4ce17..04f5e1e 100644 --- a/src/websockets/qmaskgenerator.cpp +++ b/src/websockets/qmaskgenerator.cpp @@ -41,6 +41,7 @@ /*! \class QMaskGenerator + \inmodule QtWebSockets \brief The QMaskGenerator class provides an abstract base for custom 32-bit mask generators. diff --git a/src/websockets/qsslserver.cpp b/src/websockets/qsslserver.cpp index d1add19..e5faded 100644 --- a/src/websockets/qsslserver.cpp +++ b/src/websockets/qsslserver.cpp @@ -39,6 +39,16 @@ ** ****************************************************************************/ +/*! + \class QSslServer + + \inmodule QtWebSockets + + \brief Implements a secure TCP server over SSL. + + \internal +*/ + #include "qsslserver_p.h" #include @@ -46,26 +56,57 @@ QT_BEGIN_NAMESPACE +/*! + Constructs a new QSslServer with the given \a parent. + + \internal +*/ QSslServer::QSslServer(QObject *parent) : QTcpServer(parent), m_sslConfiguration(QSslConfiguration::defaultConfiguration()) { } +/*! + Destroys the QSslServer. + + All open connections are closed. + + \internal +*/ QSslServer::~QSslServer() { } +/*! + Sets the \a sslConfiguration to use. + + \sa QSslSocket::setSslConfiguration() + + \internal +*/ void QSslServer::setSslConfiguration(const QSslConfiguration &sslConfiguration) { m_sslConfiguration = sslConfiguration; } +/*! + Returns the current ssl configuration. + + \internal +*/ QSslConfiguration QSslServer::sslConfiguration() const { return m_sslConfiguration; } +/*! + Called when a new connection is established. + + Converts \a socket to a QSslSocket. + + \internal +*/ void QSslServer::incomingConnection(qintptr socket) { QSslSocket *pSslSocket = new QSslSocket(); diff --git a/src/websockets/qwebsocket.cpp b/src/websockets/qwebsocket.cpp index 707d459..85b45c0 100644 --- a/src/websockets/qwebsocket.cpp +++ b/src/websockets/qwebsocket.cpp @@ -60,6 +60,10 @@ QWebSocket only supports version 13 of the WebSocket protocol, as outlined in \l {http://tools.ietf.org/html/rfc6455}{RFC 6455}. + \note Some proxies do not understand certain HTTP headers used during a web socket handshake. + In that case, non-secure web socket connections fail. The best way to mitigate against + this problem is to use web sockets over a secure connection. + \warning To generate masks, this implementation of WebSockets uses the cryptographically insecure qrand() function. For more information about the importance of good masking, -- cgit v1.2.1 From 89dcdaeedf0e42e99ccc1d44183e1fbaccc40bb1 Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Sun, 9 Mar 2014 11:05:36 +0100 Subject: Return correct error string for known socket errors Task-number: QTBUG-37228 Change-Id: I246b858694ea456bce9a0fc4ac963a83502fd058 Reviewed-by: Kurt Pattyn --- src/websockets/qwebsocket_p.cpp | 2 +- tests/auto/qwebsocket/tst_qwebsocket.cpp | 42 +++++++++++++++++++++++++++----- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/src/websockets/qwebsocket_p.cpp b/src/websockets/qwebsocket_p.cpp index be589db..c51ba38 100644 --- a/src/websockets/qwebsocket_p.cpp +++ b/src/websockets/qwebsocket_p.cpp @@ -92,7 +92,7 @@ QWebSocketPrivate::QWebSocketPrivate(const QString &origin, QWebSocketProtocol:: QObjectPrivate(), q_ptr(pWebSocket), m_pSocket(), - m_errorString(QWebSocket::tr("Unknown error")), + m_errorString(), m_version(version), m_resourceName(), m_requestUrl(), diff --git a/tests/auto/qwebsocket/tst_qwebsocket.cpp b/tests/auto/qwebsocket/tst_qwebsocket.cpp index f7f57b7..d2c5055 100644 --- a/tests/auto/qwebsocket/tst_qwebsocket.cpp +++ b/tests/auto/qwebsocket/tst_qwebsocket.cpp @@ -146,6 +146,7 @@ private Q_SLOTS: void tst_invalidOrigin(); void tst_sendTextMessage(); void tst_sendBinaryMessage(); + void tst_errorString(); }; tst_QWebSocket::tst_QWebSocket() @@ -202,8 +203,7 @@ void tst_QWebSocket::tst_initialisation() QCOMPARE(socket->origin(), expectedOrigin); QCOMPARE(socket->version(), expectedVersion); QCOMPARE(socket->error(), QAbstractSocket::UnknownSocketError); - //error string defaults to "Unknown error" (localised) - QVERIFY(!socket->errorString().isEmpty()); + QVERIFY(socket->errorString().isEmpty()); QVERIFY(!socket->isValid()); QVERIFY(socket->localAddress().isNull()); QCOMPARE(socket->localPort(), quint16(0)); @@ -298,7 +298,7 @@ void tst_QWebSocket::tst_invalidOpen() //at this point the socket is in a connecting state //so, there should no error at this point QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); - QVERIFY(!socket.errorString().isEmpty()); + //QVERIFY(socket.errorString().isEmpty()); QVERIFY(!socket.isValid()); QVERIFY(socket.localAddress().isNull()); QCOMPARE(socket.localPort(), quint16(0)); @@ -407,11 +407,15 @@ void tst_QWebSocket::tst_invalidOrigin() void tst_QWebSocket::tst_sendTextMessage() { - //will resolve in another commit + //TODO: will resolve in another commit #ifndef Q_OS_WIN EchoServer echoServer; QWebSocket socket; + + //should return 0 because socket is not open yet + QCOMPARE(socket.sendTextMessage(QStringLiteral("1234")), 0); + QSignalSpy socketConnectedSpy(&socket, SIGNAL(connected())); QSignalSpy textMessageReceived(&socket, SIGNAL(textMessageReceived(QString))); QSignalSpy textFrameReceived(&socket, SIGNAL(textFrameReceived(QString,bool))); @@ -477,11 +481,15 @@ void tst_QWebSocket::tst_sendTextMessage() void tst_QWebSocket::tst_sendBinaryMessage() { - //will resolve in another commit + //TODO: will resolve in another commit #ifndef Q_OS_WIN EchoServer echoServer; QWebSocket socket; + + //should return 0 because socket is not open yet + QCOMPARE(socket.sendBinaryMessage(QByteArrayLiteral("1234")), 0); + QSignalSpy socketConnectedSpy(&socket, SIGNAL(connected())); QSignalSpy textMessageReceived(&socket, SIGNAL(textMessageReceived(QString))); QSignalSpy textFrameReceived(&socket, SIGNAL(textFrameReceived(QString,bool))); @@ -514,7 +522,7 @@ void tst_QWebSocket::tst_sendBinaryMessage() socket.close(); - //QTBUG-36762: QWebSocket emits multiplied signals when socket was reopened + //QTBUG-36762: QWebSocket emits multiple signals when socket is reopened socketConnectedSpy.clear(); binaryMessageReceived.clear(); binaryFrameReceived.clear(); @@ -545,6 +553,28 @@ void tst_QWebSocket::tst_sendBinaryMessage() #endif } +void tst_QWebSocket::tst_errorString() +{ + //Check for QTBUG-37228: QWebSocket returns "Unknown Error" for known errors + QWebSocket socket; + + //check that the default error string is empty + QVERIFY(socket.errorString().isEmpty()); + + QSignalSpy errorSpy(&socket, SIGNAL(error(QAbstractSocket::SocketError))); + + socket.open(QUrl(QStringLiteral("ws://someserver.on.mars:9999"))); + + if (errorSpy.count() == 0) + errorSpy.wait(); + QCOMPARE(errorSpy.count(), 1); + QList arguments = errorSpy.takeFirst(); + QAbstractSocket::SocketError socketError = + qvariant_cast(arguments.at(0)); + QCOMPARE(socketError, QAbstractSocket::HostNotFoundError); + QCOMPARE(socket.errorString(), QStringLiteral("Host not found")); +} + QTEST_MAIN(tst_QWebSocket) #include "tst_qwebsocket.moc" -- cgit v1.2.1 From 699f772bffab3ae0a6399f56d7154e333a273d6c Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Wed, 12 Mar 2014 11:23:24 +0100 Subject: Fix for self-signed certificates Change-Id: I529976e6fc8813d273290e97e86405f51c3efa57 Reviewed-by: Kurt Pattyn --- examples/sslechoclient/sslechoclient.cpp | 12 ++++++++++++ examples/sslechoclient/sslechoclient.h | 9 +++++---- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/examples/sslechoclient/sslechoclient.cpp b/examples/sslechoclient/sslechoclient.cpp index fdf00df..cf5b976 100644 --- a/examples/sslechoclient/sslechoclient.cpp +++ b/examples/sslechoclient/sslechoclient.cpp @@ -40,6 +40,8 @@ ****************************************************************************/ #include "sslechoclient.h" #include +#include +#include QT_USE_NAMESPACE @@ -49,6 +51,9 @@ SslEchoClient::SslEchoClient(const QUrl &url, QObject *parent) : m_webSocket() { connect(&m_webSocket, &QWebSocket::connected, this, &SslEchoClient::onConnected); + typedef void (QWebSocket:: *sslErrorsSignal)(const QList &); + connect(&m_webSocket, static_cast(&QWebSocket::sslErrors), + this, &SslEchoClient::onSslErrors); m_webSocket.open(QUrl(url)); } //! [constructor] @@ -67,5 +72,12 @@ void SslEchoClient::onConnected() void SslEchoClient::onTextMessageReceived(QString message) { qDebug() << "Message received:" << message; + qApp->quit(); +} + +void SslEchoClient::onSslErrors(const QList &errors) +{ + Q_UNUSED(errors); + m_webSocket.ignoreSslErrors(); } //! [onTextMessageReceived] diff --git a/examples/sslechoclient/sslechoclient.h b/examples/sslechoclient/sslechoclient.h index cec9e9d..7ec373b 100644 --- a/examples/sslechoclient/sslechoclient.h +++ b/examples/sslechoclient/sslechoclient.h @@ -43,6 +43,10 @@ #include #include +#include +#include +#include +#include QT_FORWARD_DECLARE_CLASS(QWebSocket) @@ -52,13 +56,10 @@ class SslEchoClient : public QObject public: explicit SslEchoClient(const QUrl &url, QObject *parent = Q_NULLPTR); -Q_SIGNALS: - -public Q_SLOTS: - private Q_SLOTS: void onConnected(); void onTextMessageReceived(QString message); + void onSslErrors(const QList &errors); private: QWebSocket m_webSocket; -- cgit v1.2.1 From b05b0c07dd7b06412fd4a0cb3cc5d2e889236eff Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Wed, 12 Mar 2014 14:16:08 +0100 Subject: Fix unit tests Change-Id: I24091b8b976b30e8d6ef26f41530027339106243 Reviewed-by: Kurt Pattyn --- tests/auto/qwebsocket/tst_qwebsocket.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/auto/qwebsocket/tst_qwebsocket.cpp b/tests/auto/qwebsocket/tst_qwebsocket.cpp index d2c5055..9e5997e 100644 --- a/tests/auto/qwebsocket/tst_qwebsocket.cpp +++ b/tests/auto/qwebsocket/tst_qwebsocket.cpp @@ -298,7 +298,7 @@ void tst_QWebSocket::tst_invalidOpen() //at this point the socket is in a connecting state //so, there should no error at this point QCOMPARE(socket.error(), QAbstractSocket::UnknownSocketError); - //QVERIFY(socket.errorString().isEmpty()); + QVERIFY(!socket.errorString().isEmpty()); QVERIFY(!socket.isValid()); QVERIFY(socket.localAddress().isNull()); QCOMPARE(socket.localPort(), quint16(0)); -- cgit v1.2.1 From d4ac9f51f6d18a05016e3d61c06eace27501f589 Mon Sep 17 00:00:00 2001 From: Kurt Pattyn Date: Wed, 12 Mar 2014 14:53:00 +0100 Subject: Add warning to example regarding ignoring ssl errors Change-Id: I3d615a774f4071a085b0f233bef2eac76aefbefb Reviewed-by: Richard J. Moore --- examples/sslechoclient/sslechoclient.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/examples/sslechoclient/sslechoclient.cpp b/examples/sslechoclient/sslechoclient.cpp index cf5b976..037990d 100644 --- a/examples/sslechoclient/sslechoclient.cpp +++ b/examples/sslechoclient/sslechoclient.cpp @@ -78,6 +78,11 @@ void SslEchoClient::onTextMessageReceived(QString message) void SslEchoClient::onSslErrors(const QList &errors) { Q_UNUSED(errors); + + // WARNING: Never ignore SSL errors in production code. + // The proper way to handle self-signed certificates is to add a custom root + // to the CA store. + m_webSocket.ignoreSslErrors(); } //! [onTextMessageReceived] -- cgit v1.2.1