1 files changed, 81 insertions, 15 deletions

diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index ca03ab6..0e9cb4f 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -49,7 +49,7 @@
     \since 4.3
 
     \reentrant
-    \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 
@@ -113,8 +113,8 @@
     readLine(), or getChar() to read decrypted data from QSslSocket's
     internal buffer, and you can call write() or putChar() to write
     data back to the peer. QSslSocket will automatically encrypt the
-    written data for you, and emit bytesWritten() once the data has
-    been written to the peer.
+    written data for you, and emit encryptedBytesWritten() once
+    the data has been written to the peer.
 
     As a convenience, QSslSocket supports QTcpSocket's blocking
     functions waitForConnected(), waitForReadyRead(),
@@ -356,7 +356,7 @@ QSslSocket::~QSslSocket()
     want to ignore the errors and continue connecting, you must call
     ignoreSslErrors(), either from inside a slot function connected to
     the sslErrors() signal, or prior to entering encrypted mode. If
-    ignoreSslErrors is not called, the connection is dropped, signal
+    ignoreSslErrors() is not called, the connection is dropped, signal
     disconnected() is emitted, and QSslSocket returns to the
     UnconnectedState.
 
@@ -397,6 +397,36 @@ void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port, O
 }
 
 /*!
+    \since 4.6
+    \overload
+
+    In addition to the original behaviour of connectToHostEncrypted,
+    this overloaded method enables the usage of a different hostname 
+    (\a sslPeerName) for the certificate validation instead of
+    the one used for the TCP connection (\a hostName).
+
+    \sa connectToHostEncrypted()
+*/
+void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,
+                                        const QString &sslPeerName, OpenMode mode)
+{
+    Q_D(QSslSocket);
+    if (d->state == ConnectedState || d->state == ConnectingState) {
+        qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected");
+        return;
+    }
+
+    d->init();
+    d->autoStartHandshake = true;
+    d->initialized = true;
+    d->verificationPeerName = sslPeerName;
+
+    // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)
+    // establish the connection immediately (i.e., first attempt).
+    connectToHost(hostName, port, mode);
+}
+
+/*!
     Initializes QSslSocket with the native socket descriptor \a
     socketDescriptor. Returns true if \a socketDescriptor is accepted
     as a valid socket descriptor; otherwise returns false.
@@ -412,8 +442,8 @@ bool QSslSocket::setSocketDescriptor(int socketDescriptor, SocketState state, Op
 {
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ","
-             << state << "," << openMode << ")";
+    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ','
+             << state << ',' << openMode << ')';
 #endif
     if (!d->plainSocket)
         d->createPlainSocket(openMode);
@@ -1569,7 +1599,33 @@ void QSslSocket::startServerEncryption()
 void QSslSocket::ignoreSslErrors()
 {
     Q_D(QSslSocket);
-    d->ignoreSslErrors = true;
+    d->ignoreAllSslErrors = true;
+}
+
+/*!
+    \overload
+    \since 4.6
+
+    This method tells QSslSocket to ignore only the errors given in \a
+    errors.
+
+    Note that you can set the expected certificate in the SSL error:
+    If, for instance, you want to connect to a server that uses
+    a self-signed certificate, consider the following snippet:
+
+    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 6
+
+    Multiple calls to this function will replace the list of errors that
+    were passed in previous calls.
+    You can clear the list of errors you want to ignore by calling this
+    function with an empty list.
+
+    \sa sslErrors()
+*/
+void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
+{
+    Q_D(QSslSocket);
+    d->ignoreErrorsList = errors;
 }
 
 /*!
@@ -1585,7 +1641,7 @@ void QSslSocket::connectToHostImplementation(const QString &hostName, quint16 po
 
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::connectToHostImplementation("
-             << hostName << "," << port << "," << openMode << ")";
+             << hostName << ',' << port << ',' << openMode << ')';
 #endif
     if (!d->plainSocket) {
 #ifdef QSSLSOCKET_DEBUG
@@ -1659,7 +1715,7 @@ qint64 QSslSocket::readData(char *data, qint64 maxlen)
         } while (!d->readBuffer.isEmpty() && readBytes < maxlen);
     }
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::readData(" << (void *)data << "," << maxlen << ") ==" << readBytes;
+    qDebug() << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" << readBytes;
 #endif
     return readBytes;
 }
@@ -1671,7 +1727,7 @@ qint64 QSslSocket::writeData(const char *data, qint64 len)
 {
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::writeData(" << (void *)data << "," << len << ")";
+    qDebug() << "QSslSocket::writeData(" << (void *)data << ',' << len << ')';
 #endif
     if (d->mode == UnencryptedMode && !d->autoStartHandshake)
         return d->plainSocket->write(data, len);
@@ -1689,7 +1745,13 @@ qint64 QSslSocket::writeData(const char *data, qint64 len)
     \internal
 */
 QSslSocketPrivate::QSslSocketPrivate()
-    : initialized(false), readyReadEmittedPointer(0), plainSocket(0)
+    : initialized(false)
+    , mode(QSslSocket::UnencryptedMode)
+    , autoStartHandshake(false)
+    , connectionEncrypted(false)
+    , ignoreAllSslErrors(false)
+    , readyReadEmittedPointer(0)
+    , plainSocket(0)
 {
     QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);
 }
@@ -1709,7 +1771,11 @@ void QSslSocketPrivate::init()
     mode = QSslSocket::UnencryptedMode;
     autoStartHandshake = false;
     connectionEncrypted = false;
-    ignoreSslErrors = false;
+    ignoreAllSslErrors = false;
+
+    // we don't want to clear the ignoreErrorsList, so
+    // that it is possible setting it before connecting
+//    ignoreErrorsList.clear();
 
     readBuffer.clear();
     writeBuffer.clear();
@@ -1976,7 +2042,7 @@ void QSslSocketPrivate::_q_stateChangedSlot(QAbstractSocket::SocketState state)
 {
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ")";
+    qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ')';
 #endif
     q->setSocketState(state);
     emit q->stateChanged(state);
@@ -1989,7 +2055,7 @@ void QSslSocketPrivate::_q_errorSlot(QAbstractSocket::SocketError error)
 {
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_errorSlot(" << error << ")";
+    qDebug() << "QSslSocket::_q_errorSlot(" << error << ')';
     qDebug() << "\tstate =" << q->state();
     qDebug() << "\terrorString =" << q->errorString();
 #endif
@@ -2024,7 +2090,7 @@ void QSslSocketPrivate::_q_bytesWrittenSlot(qint64 written)
 {
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
-    qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ")";
+    qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ')';
 #endif
 
     if (mode == QSslSocket::UnencryptedMode)