summaryrefslogtreecommitdiffstats
path: root/src/network/ssl
diff options
context:
space:
mode:
authorQt Continuous Integration System <qt-info@nokia.com>2010-07-08 10:32:20 (GMT)
committerQt Continuous Integration System <qt-info@nokia.com>2010-07-08 10:32:20 (GMT)
commit63af499ed900b9aa8f4aff7253f4a9d1002dacda (patch)
tree524441b90341e6870fb624e4dec135a70b7f5008 /src/network/ssl
parent75c5bc5f7efd5f7055b689a244147e69733280a4 (diff)
parentb57afadf3f91f87eba02458faa2809dd07b45da5 (diff)
downloadQt-63af499ed900b9aa8f4aff7253f4a9d1002dacda.zip
Qt-63af499ed900b9aa8f4aff7253f4a9d1002dacda.tar.gz
Qt-63af499ed900b9aa8f4aff7253f4a9d1002dacda.tar.bz2
Merge branch '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1 into 4.7-integration
* '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1: (27 commits) fix build with sqlite2 respect UI_DIR when creating image collections Doc: more cleaning Doc: fixing escape character Doc: cleaning html generator Doc: changing index page Doc: fixing link to devnet Doc: adding HTML class names and style docs to the generator Doc: Fixing typo - background file name doc: Added doc for accessing views and models from delegates. Doc: Fixing broken link Doc: fixing typo Doc: fixing typos qdoc: Fixed table of contents for namespace pages. SSL backend: load libraries for certificates only once immediately set function context when entering a namespace Phonon MediaSource fails to load when passed as a resource file Set QT_DEFAULT_TEXTURE_GLYPH_CACHE_WIDTH to default value qdoc: Fixed a few links to QtObject (QML:QtObject) Simplify *= to += after contains() test ...
Diffstat (limited to 'src/network/ssl')
-rw-r--r--src/network/ssl/qsslsocket.cpp6
-rw-r--r--src/network/ssl/qsslsocket_openssl.cpp42
-rw-r--r--src/network/ssl/qsslsocket_p.h11
3 files changed, 30 insertions, 29 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index f85fa84..809e8aa 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -1849,7 +1849,7 @@ QList<QSslCipher> QSslSocketPrivate::defaultCiphers()
*/
QList<QSslCipher> QSslSocketPrivate::supportedCiphers()
{
- QSslSocketPrivate::ensureInitialized();
+ QSslSocketPrivate::ensureCertsAndCiphersLoaded();
QMutexLocker locker(&globalData()->mutex);
return globalData()->supportedCiphers;
}
@@ -1879,7 +1879,7 @@ void QSslSocketPrivate::setDefaultSupportedCiphers(const QList<QSslCipher> &ciph
*/
QList<QSslCertificate> QSslSocketPrivate::defaultCaCertificates()
{
- QSslSocketPrivate::ensureInitialized();
+ QSslSocketPrivate::ensureCertsAndCiphersLoaded();
QMutexLocker locker(&globalData()->mutex);
return globalData()->config->caCertificates;
}
@@ -1962,7 +1962,7 @@ void QSslConfigurationPrivate::setDefaultConfiguration(const QSslConfiguration &
*/
void QSslConfigurationPrivate::deepCopyDefaultConfiguration(QSslConfigurationPrivate *ptr)
{
- QSslSocketPrivate::ensureInitialized();
+ QSslSocketPrivate::ensureCertsAndCiphersLoaded();
QMutexLocker locker(&globalData()->mutex);
const QSslConfigurationPrivate *global = globalData()->config.constData();
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index d7088ee..b602b29 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -74,8 +74,9 @@
QT_BEGIN_NAMESPACE
-bool QSslSocketPrivate::s_libraryLoaded = false;
-bool QSslSocketPrivate::s_loadedCiphersAndCerts = false;
+bool QSslSocketPrivate::s_initialized = false;
+QBasicAtomicInt QSslSocketPrivate::s_CertsAndCiphersLoaded;
+Q_GLOBAL_STATIC(QMutex, s_CertsAndCiphersLoadedMutex);
// Useful defines
#define SSL_ERRORSTR() QString::fromLocal8Bit(q_ERR_error_string(q_ERR_get_error(), NULL))
@@ -170,7 +171,7 @@ QSslSocketBackendPrivate::QSslSocketBackendPrivate()
session(0)
{
// Calls SSL_library_init().
- ensureInitialized();
+ ensureCertsAndCiphersLoaded();
}
QSslSocketBackendPrivate::~QSslSocketBackendPrivate()
@@ -421,18 +422,18 @@ void QSslSocketPrivate::deinitialize()
bool QSslSocketPrivate::supportsSsl()
{
- return ensureLibraryLoaded();
+ return ensureInitialized();
}
-bool QSslSocketPrivate::ensureLibraryLoaded()
+bool QSslSocketPrivate::ensureInitialized()
{
if (!q_resolveOpenSslSymbols())
return false;
// Check if the library itself needs to be initialized.
QMutexLocker locker(openssl_locks()->initLock());
- if (!s_libraryLoaded) {
- s_libraryLoaded = true;
+ if (!s_initialized) {
+ s_initialized = true;
// Initialize OpenSSL.
q_CRYPTO_set_id_callback(id_function);
@@ -473,16 +474,6 @@ bool QSslSocketPrivate::ensureLibraryLoaded()
return true;
}
-void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
-{
- if (s_loadedCiphersAndCerts)
- return;
- s_loadedCiphersAndCerts = true;
-
- resetDefaultCiphers();
- setDefaultCaCertificates(systemCaCertificates());
-}
-
/*!
\internal
@@ -490,13 +481,18 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
been initialized.
*/
-void QSslSocketPrivate::ensureInitialized()
+void QSslSocketPrivate::ensureCertsAndCiphersLoaded()
{
- if (!supportsSsl())
+ // use double-checked locking to speed up this function
+ if (s_CertsAndCiphersLoaded)
return;
- ensureCiphersAndCertsLoaded();
+ QMutexLocker locker(s_CertsAndCiphersLoadedMutex());
+ if (s_CertsAndCiphersLoaded)
+ return;
+ if (!supportsSsl())
+ return;
//load symbols needed to receive certificates from system store
#if defined(Q_OS_MAC)
QLibrary securityLib("/System/Library/Frameworks/Security.framework/Versions/Current/Security");
@@ -532,6 +528,12 @@ void QSslSocketPrivate::ensureInitialized()
qWarning("could not load crypt32 library"); // should never happen
}
#endif
+ resetDefaultCiphers();
+ setDefaultCaCertificates(systemCaCertificates());
+ // we need to make sure that s_CertsAndCiphersLoaded is executed after the library loading above
+ // (the compiler/processor might reorder instructions otherwise)
+ if (!s_CertsAndCiphersLoaded.testAndSetRelease(0, 1))
+ Q_ASSERT_X(false, "certificate store", "certificate store has already been initialized!");
}
/*!
diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h
index 72b3ef7..b474175 100644
--- a/src/network/ssl/qsslsocket_p.h
+++ b/src/network/ssl/qsslsocket_p.h
@@ -63,6 +63,7 @@
#include <QtCore/qstringlist.h>
#include <private/qringbuffer_p.h>
+#include <QtCore/QMutex>
QT_BEGIN_NAMESPACE
@@ -113,7 +114,8 @@ public:
QString verificationPeerName;
static bool supportsSsl();
- static void ensureInitialized();
+ static bool ensureInitialized();
+ static void ensureCertsAndCiphersLoaded();
static void deinitialize();
static QList<QSslCipher> defaultCiphers();
static QList<QSslCipher> supportedCiphers();
@@ -161,11 +163,8 @@ public:
virtual QSslCipher sessionCipher() const = 0;
private:
- static bool ensureLibraryLoaded();
- static void ensureCiphersAndCertsLoaded();
-
- static bool s_libraryLoaded;
- static bool s_loadedCiphersAndCerts;
+ static bool s_initialized;
+ static QBasicAtomicInt s_CertsAndCiphersLoaded;
};
QT_END_NAMESPACE