diff options
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/access/qnetworkcookie.cpp | 40 | ||||
-rw-r--r-- | src/network/access/qnetworkcookie_p.h | 1 | ||||
-rw-r--r-- | src/network/access/qnetworkdiskcache.cpp | 8 | ||||
-rw-r--r-- | src/network/kernel/qnetworkproxy.cpp | 22 | ||||
-rw-r--r-- | src/network/ssl/qsslcipher.cpp | 2 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols.cpp | 9 |
6 files changed, 52 insertions, 30 deletions
diff --git a/src/network/access/qnetworkcookie.cpp b/src/network/access/qnetworkcookie.cpp index aaa5075..67df526 100644 --- a/src/network/access/qnetworkcookie.cpp +++ b/src/network/access/qnetworkcookie.cpp @@ -913,6 +913,17 @@ static QDateTime parseDateString(const QByteArray &dateString) */ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieString) { + // cookieString can be a number of set-cookie header strings joined together + // by \n, parse each line separately. + QList<QNetworkCookie> cookies; + QList<QByteArray> list = cookieString.split('\n'); + for (int a = 0; a < list.size(); a++) + cookies += QNetworkCookiePrivate::parseSetCookieHeaderLine(list.at(a)); + return cookies; +} + +QList<QNetworkCookie> QNetworkCookiePrivate::parseSetCookieHeaderLine(const QByteArray &cookieString) +{ // According to http://wp.netscape.com/newsref/std/cookie_spec.html,< // the Set-Cookie response header is of the format: // @@ -930,12 +941,6 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin while (position < length) { QNetworkCookie cookie; - // When there are multiple SetCookie headers they are join with a new line - // \n will always be the start of a new cookie - int endOfSetCookie = cookieString.indexOf('\n', position); - if (endOfSetCookie == -1) - endOfSetCookie = length; - // The first part is always the "NAME=VALUE" part QPair<QByteArray,QByteArray> field = nextField(cookieString, position); if (field.first.isEmpty() || field.second.isNull()) @@ -946,7 +951,7 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin position = nextNonWhitespace(cookieString, position); bool endOfCookie = false; - while (!endOfCookie && position < endOfSetCookie) + while (!endOfCookie && position < length) { switch (cookieString.at(position++)) { case ',': // end of the cookie @@ -969,9 +974,7 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin position = end; QDateTime dt = parseDateString(dateString.toLower()); if (!dt.isValid()) { - cookie = QNetworkCookie(); - endOfCookie = true; - continue; + return result; } cookie.setExpirationDate(dt); } else if (field.first == "domain") { @@ -988,8 +991,7 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin bool ok = false; int secs = field.second.toInt(&ok); if (!ok) - // invalid cookie string - return QList<QNetworkCookie>(); + return result; cookie.setExpirationDate(now.addSecs(secs)); } else if (field.first == "path") { QString path = QUrl::fromPercentEncoding(field.second); @@ -1003,9 +1005,7 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin } else if (field.first == "version") { if (field.second != "1") { // oops, we don't know how to handle this cookie - cookie = QNetworkCookie(); - endOfCookie = true; - continue; + return result; } } else { // got an unknown field in the cookie @@ -1013,9 +1013,8 @@ QList<QNetworkCookie> QNetworkCookie::parseCookies(const QByteArray &cookieStrin } position = nextNonWhitespace(cookieString, position); - if (position > endOfSetCookie) - endOfCookie = true; } + } if (!cookie.name().isEmpty()) result += cookie; @@ -1197,6 +1196,13 @@ bool QNetworkCookieJar::setCookiesFromUrl(const QList<QNetworkCookie> &cookieLis || isParentDomain(defaultDomain, domain))) { continue; // not accepted } + + // reject if domain is like ".com" + // (i.e., reject if domain does not contain embedded dots, see RFC 2109 section 4.3.2) + // this is just a rudimentary check and does not cover all cases + if (domain.lastIndexOf(QLatin1Char('.')) == 0) + continue; // not accepted + } QList<QNetworkCookie>::Iterator it = d->allCookies.begin(), diff --git a/src/network/access/qnetworkcookie_p.h b/src/network/access/qnetworkcookie_p.h index 83ef14a..0c41322 100644 --- a/src/network/access/qnetworkcookie_p.h +++ b/src/network/access/qnetworkcookie_p.h @@ -61,6 +61,7 @@ class QNetworkCookiePrivate: public QSharedData { public: inline QNetworkCookiePrivate() : secure(false), httpOnly(false) { } + static QList<QNetworkCookie> parseSetCookieHeaderLine(const QByteArray &cookieString); QDateTime expirationDate; QString domain; diff --git a/src/network/access/qnetworkdiskcache.cpp b/src/network/access/qnetworkdiskcache.cpp index 14a04f1..d42370d 100644 --- a/src/network/access/qnetworkdiskcache.cpp +++ b/src/network/access/qnetworkdiskcache.cpp @@ -193,7 +193,11 @@ QIODevice *QNetworkDiskCache::prepare(const QNetworkCacheMetaData &metaData) } else { QString templateName = d->tmpCacheFileName(); cacheItem->file = new QTemporaryFile(templateName, &cacheItem->data); - cacheItem->file->open(); + if (!cacheItem->file->open()) { + qWarning() << "QNetworkDiskCache::prepare() unable to open temporary file"; + delete cacheItem; + return 0; + } cacheItem->writeHeader(cacheItem->file); device = cacheItem->file; } @@ -231,7 +235,7 @@ void QNetworkDiskCachePrivate::storeItem(QCacheItem *cacheItem) if (QFile::exists(fileName)) { if (!QFile::remove(fileName)) { - qWarning() << "QNetworkDiskCache: could't remove the cache file " << fileName; + qWarning() << "QNetworkDiskCache: couldn't remove the cache file " << fileName; return; } } diff --git a/src/network/kernel/qnetworkproxy.cpp b/src/network/kernel/qnetworkproxy.cpp index f4ece97..62bdfc7 100644 --- a/src/network/kernel/qnetworkproxy.cpp +++ b/src/network/kernel/qnetworkproxy.cpp @@ -86,10 +86,11 @@ The SOCKS5 support in Qt 4 is based on \l{RFC 1928} and \l{RFC 1929}. The supported authentication methods are no authentication and username/password authentication. Both IPv4 and IPv6 are - supported, but domain name resolution via the SOCKS server is not - supported; i.e. all domain names are resolved locally. There are - several things to remember when using SOCKS5 with QUdpSocket and - QTcpServer: + supported. Domain names are resolved through the SOCKS5 server if + the QNetworkProxy::HostNameLookupCapability is enabled, otherwise + they are resolved locally and the IP address is sent to the + server. There are several things to remember when using SOCKS5 + with QUdpSocket and QTcpServer: With QUdpSocket, a call to \l {QUdpSocket::bind()}{bind()} may fail with a timeout error. If a port number other than 0 is passed to @@ -365,7 +366,8 @@ static QNetworkProxy::Capabilities defaultCapabilitiesForType(QNetworkProxy::Pro int(QNetworkProxy::HostNameLookupCapability)), }; - Q_ASSERT(int(type) >= 0 && int(type) <= int(QNetworkProxy::FtpCachingProxy)); + if (int(type) < 0 && int(type) > int(QNetworkProxy::FtpCachingProxy)) + type = QNetworkProxy::DefaultProxy; return QNetworkProxy::Capabilities(defaults[int(type)]); } @@ -378,6 +380,7 @@ public: QNetworkProxy::Capabilities capabilities; quint16 port; QNetworkProxy::ProxyType type; + bool capabilitiesSet; inline QNetworkProxyPrivate(QNetworkProxy::ProxyType t = QNetworkProxy::DefaultProxy, const QString &h = QString(), quint16 p = 0, @@ -387,7 +390,8 @@ public: password(pw), capabilities(defaultCapabilitiesForType(t)), port(p), - type(t) + type(t), + capabilitiesSet(false) { } inline bool operator==(const QNetworkProxyPrivate &other) const @@ -490,13 +494,16 @@ QNetworkProxy &QNetworkProxy::operator=(const QNetworkProxy &other) Sets the proxy type for this instance to be \a type. Note that changing the type of a proxy does not change - the set of capabilities this QNetworkProxy object holds. + the set of capabilities this QNetworkProxy object holds if any + capabilities have been set with setCapabilities(). \sa type(), setCapabilities() */ void QNetworkProxy::setType(QNetworkProxy::ProxyType type) { d->type = type; + if (!d->capabilitiesSet) + d->capabilities = defaultCapabilitiesForType(type); } /*! @@ -519,6 +526,7 @@ QNetworkProxy::ProxyType QNetworkProxy::type() const void QNetworkProxy::setCapabilities(Capabilities capabilities) { d->capabilities = capabilities; + d->capabilitiesSet = true; } /*! diff --git a/src/network/ssl/qsslcipher.cpp b/src/network/ssl/qsslcipher.cpp index 505c662..7fec2df 100644 --- a/src/network/ssl/qsslcipher.cpp +++ b/src/network/ssl/qsslcipher.cpp @@ -64,9 +64,9 @@ #ifndef QT_NO_DEBUG_STREAM #include <QtCore/qdebug.h> +#endif QT_BEGIN_NAMESPACE -#endif /*! Constructs an empty QSslCipher object. diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index e09e764..42c09f5 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -364,11 +364,14 @@ static QPair<QLibrary*, QLibrary*> loadOpenSsl() // DT_RPATH tags on our library header as well as other system-specific search // paths. See the man page for dlopen(3) on your system for more information. +#ifdef Q_OS_OPENBSD + libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint); +#endif #ifdef SHLIB_VERSION_NUMBER // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER> libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER)); libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER)); - if (libssl->load() && libcrypto->load()) { + if (libcrypto->load() && libssl->load()) { // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found return pair; } else { @@ -380,7 +383,7 @@ static QPair<QLibrary*, QLibrary*> loadOpenSsl() // second attempt: find the development files libssl.so and libcrypto.so libssl->setFileNameAndVersion(QLatin1String("ssl"), -1); libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1); - if (libssl->load() && libcrypto->load()) { + if (libcrypto->load() && libssl->load()) { // libssl.so.0 and libcrypto.so.0 found return pair; } else { @@ -395,7 +398,7 @@ static QPair<QLibrary*, QLibrary*> loadOpenSsl() crypto.replace(QLatin1String("ssl"), QLatin1String("crypto")); libssl->setFileNameAndVersion(ssl, -1); libcrypto->setFileNameAndVersion(crypto, -1); - if (libssl->load() && libcrypto->load()) { + if (libcrypto->load() && libssl->load()) { // libssl.so.0 and libcrypto.so.0 found return pair; } else { |