1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QDtls - refactor

Browse Source 
This patch renames rather awkward 'remote' into more conventional
'peer' (similar to what we have in QAbstractSocket).

Change-Id: Ifc45e538b8adf9cc076bd7aee693277829fd94dc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
This commit is contained in:
Timur Pocheptsov 2018-07-26 10:36:48 +02:00
parent eed8141a7c
commit 056fbf03a5
6 changed files with 48 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/network/secureudpclient/association.cpp
View File

@ -59,7 +59,7 @@ DtlsAssociation::DtlsAssociation(const QHostAddress &address, quint16 port,
{ {
auto configuration = QSslConfiguration::defaultDtlsConfiguration(); auto configuration = QSslConfiguration::defaultDtlsConfiguration();
configuration.setPeerVerifyMode(QSslSocket::VerifyNone); configuration.setPeerVerifyMode(QSslSocket::VerifyNone);
crypto.setRemote(address, port); crypto.setPeer(address, port);
crypto.setDtlsConfiguration(configuration); crypto.setDtlsConfiguration(configuration);
connect(&crypto, &QDtls::handshakeTimeout, this, &DtlsAssociation::handshakeTimeout); connect(&crypto, &QDtls::handshakeTimeout, this, &DtlsAssociation::handshakeTimeout);

12
examples/network/secureudpserver/server.cpp
View File

@ -151,8 +151,8 @@ void DtlsServer::readyRead()
const auto client = std::find_if(knownClients.begin(), knownClients.end(), const auto client = std::find_if(knownClients.begin(), knownClients.end(),
[&](const DtlsConnection &connection){ [&](const DtlsConnection &connection){
return connection->remoteAddress() == peerAddress return connection->peerAddress() == peerAddress
&& connection->remotePort() == peerPort; && connection->peerPort() == peerPort;
}); });
if (client == knownClients.end()) if (client == knownClients.end())
@ -189,7 +189,7 @@ void DtlsServer::handleNewConnection(const QHostAddress &peerAddress,
DtlsConnection newConnection(new QDtls(QSslSocket::SslServerMode)); DtlsConnection newConnection(new QDtls(QSslSocket::SslServerMode));
newConnection->setDtlsConfiguration(serverConfiguration); newConnection->setDtlsConfiguration(serverConfiguration);
newConnection->setRemote(peerAddress, peerPort); newConnection->setPeer(peerAddress, peerPort);
newConnection->connect(newConnection.data(), &QDtls::pskRequired, newConnection->connect(newConnection.data(), &QDtls::pskRequired,
this, &DtlsServer::pskRequired); this, &DtlsServer::pskRequired);
knownClients.push_back(newConnection); knownClients.push_back(newConnection);
@ -209,8 +209,8 @@ void DtlsServer::doHandshake(DtlsConnection newConnection, const QByteArray &cli
return; return;
} }
const QString peerInfo = peer_info(newConnection->remoteAddress(), const QString peerInfo = peer_info(newConnection->peerAddress(),
newConnection->remotePort()); newConnection->peerPort());
switch (newConnection->handshakeState()) { switch (newConnection->handshakeState()) {
case QDtls::HandshakeInProgress: case QDtls::HandshakeInProgress:
emit infoMessage(peerInfo + tr(": handshake is in progress ...")); emit infoMessage(peerInfo + tr(": handshake is in progress ..."));
@ -228,7 +228,7 @@ void DtlsServer::decryptDatagram(DtlsConnection connection, const QByteArray &cl
{ {
Q_ASSERT(connection->connectionEncrypted()); Q_ASSERT(connection->connectionEncrypted());
const QString peerInfo = peer_info(connection->remoteAddress(), connection->remotePort()); const QString peerInfo = peer_info(connection->peerAddress(), connection->peerPort());
const QByteArray dgram = connection->decryptDatagram(&serverSocket, clientMessage); const QByteArray dgram = connection->decryptDatagram(&serverSocket, clientMessage);
if (dgram.size()) { if (dgram.size()) {
emit datagramReceived(peerInfo, clientMessage, dgram); emit datagramReceived(peerInfo, clientMessage, dgram);

12
src/network/ssl/qdtls.cpp
View File

@ -208,14 +208,14 @@ QDtls::QDtls(QSslSocket::SslMode mode, QObject *parent)
setDtlsConfiguration(QSslConfiguration::defaultDtlsConfiguration()); setDtlsConfiguration(QSslConfiguration::defaultDtlsConfiguration());
} }
bool QDtls::setRemote(const QHostAddress &address, quint16 port, bool QDtls::setPeer(const QHostAddress &address, quint16 port,
const QString &verificationName) const QString &verificationName)
{ {
Q_D(QDtls); Q_D(QDtls);
if (d->handshakeState != HandshakeNotStarted) { if (d->handshakeState != HandshakeNotStarted) {
d->setDtlsError(QDtlsError::InvalidOperation, d->setDtlsError(QDtlsError::InvalidOperation,
tr("Cannot set remote after handshake started")); tr("Cannot set peer after handshake started"));
return false; return false;
} }
@ -256,14 +256,14 @@ bool QDtls::setPeerVerificationName(const QString &name)
return true; return true;
} }
QHostAddress QDtls::remoteAddress() const QHostAddress QDtls::peerAddress() const
{ {
Q_D(const QDtls); Q_D(const QDtls);
return d->remoteAddress; return d->remoteAddress;
} }
quint16 QDtls::remotePort() const quint16 QDtls::peerPort() const
{ {
Q_D(const QDtlsBase); Q_D(const QDtlsBase);
@ -370,7 +370,7 @@ bool QDtls::startHandshake(QUdpSocket *socket, const QByteArray &datagram)
if (d->remoteAddress.isNull()) { if (d->remoteAddress.isNull()) {
d->setDtlsError(QDtlsError::InvalidOperation, d->setDtlsError(QDtlsError::InvalidOperation,
tr("To start a handshake you must set remote address and port first")); tr("To start a handshake you must set peer's address and port first"));
return false; return false;
} }

8
src/network/ssl/qdtls.h
View File

@ -129,11 +129,11 @@ public:
explicit QDtls(QSslSocket::SslMode mode, QObject *parent = nullptr); explicit QDtls(QSslSocket::SslMode mode, QObject *parent = nullptr);
bool setRemote(const QHostAddress &address, quint16 port, bool setPeer(const QHostAddress &address, quint16 port,
const QString &verificationName = {}); const QString &verificationName = {});
bool setPeerVerificationName(const QString &name); bool setPeerVerificationName(const QString &name);
QHostAddress remoteAddress() const; QHostAddress peerAddress() const;
quint16 remotePort() const; quint16 peerPort() const;
QString peerVerificationName() const; QString peerVerificationName() const;
QSslSocket::SslMode sslMode() const; QSslSocket::SslMode sslMode() const;

56
tests/auto/network/ssl/qdtls/tst_qdtls.cpp
View File

@ -87,8 +87,8 @@ private slots:
void construction(); void construction();
void configuration_data(); void configuration_data();
void configuration(); void configuration();
void setRemote_data(); void setPeer_data();
void setRemote(); void setPeer();
void handshake_data(); void handshake_data();
void handshake(); void handshake();
void handshakeWithRetransmission(); void handshakeWithRetransmission();
@ -231,8 +231,8 @@ void tst_QDtls::construction()
QFETCH(const QSslSocket::SslMode, mode); QFETCH(const QSslSocket::SslMode, mode);
QDtls dtls(mode); QDtls dtls(mode);
QCOMPARE(dtls.remoteAddress(), QHostAddress()); QCOMPARE(dtls.peerAddress(), QHostAddress());
QCOMPARE(dtls.remotePort(), quint16()); QCOMPARE(dtls.peerPort(), quint16());
QCOMPARE(dtls.peerVerificationName(), QString()); QCOMPARE(dtls.peerVerificationName(), QString());
QCOMPARE(dtls.sslMode(), mode); QCOMPARE(dtls.sslMode(), mode);
@ -298,7 +298,7 @@ void tst_QDtls::configuration()
// Testing a DTLS server would be more complicated, we'd need a DTLS // Testing a DTLS server would be more complicated, we'd need a DTLS
// client sending ClientHello(s), running an event loop etc. - way too // client sending ClientHello(s), running an event loop etc. - way too
// much dancing for a simple setter/getter test. // much dancing for a simple setter/getter test.
QVERIFY(dtls.setRemote(serverAddress, serverPort)); QVERIFY(dtls.setPeer(serverAddress, serverPort));
QDTLS_VERIFY_NO_ERROR(dtls); QDTLS_VERIFY_NO_ERROR(dtls);
QUdpSocket clientSocket; QUdpSocket clientSocket;
@ -312,12 +312,12 @@ void tst_QDtls::configuration()
} }
} }
void tst_QDtls::setRemote_data() void tst_QDtls::setPeer_data()
{ {
clientServerData(); clientServerData();
} }
void tst_QDtls::setRemote() void tst_QDtls::setPeer()
{ {
static const QHostAddress invalid[] = {QHostAddress(), static const QHostAddress invalid[] = {QHostAddress(),
QHostAddress(QHostAddress::Broadcast), QHostAddress(QHostAddress::Broadcast),
@ -328,17 +328,17 @@ void tst_QDtls::setRemote()
QDtls dtls(mode); QDtls dtls(mode);
for (const auto &addr : invalid) { for (const auto &addr : invalid) {
QCOMPARE(dtls.setRemote(addr, 100, peerName), false); QCOMPARE(dtls.setPeer(addr, 100, peerName), false);
QCOMPARE(dtls.dtlsError(), QDtlsError::InvalidInputParameters); QCOMPARE(dtls.dtlsError(), QDtlsError::InvalidInputParameters);
QCOMPARE(dtls.remoteAddress(), QHostAddress()); QCOMPARE(dtls.peerAddress(), QHostAddress());
QCOMPARE(dtls.remotePort(), quint16()); QCOMPARE(dtls.peerPort(), quint16());
QCOMPARE(dtls.peerVerificationName(), QString()); QCOMPARE(dtls.peerVerificationName(), QString());
} }
QVERIFY(dtls.setRemote(serverAddress, serverPort, peerName)); QVERIFY(dtls.setPeer(serverAddress, serverPort, peerName));
QDTLS_VERIFY_NO_ERROR(dtls); QDTLS_VERIFY_NO_ERROR(dtls);
QCOMPARE(dtls.remoteAddress(), serverAddress); QCOMPARE(dtls.peerAddress(), serverAddress);
QCOMPARE(dtls.remotePort(), serverPort); QCOMPARE(dtls.peerPort(), serverPort);
QCOMPARE(dtls.peerVerificationName(), peerName); QCOMPARE(dtls.peerVerificationName(), peerName);
if (mode == QSslSocket::SslClientMode) { if (mode == QSslSocket::SslClientMode) {
@ -348,7 +348,7 @@ void tst_QDtls::setRemote()
QVERIFY(dtls.doHandshake(&clientSocket)); QVERIFY(dtls.doHandshake(&clientSocket));
QDTLS_VERIFY_NO_ERROR(dtls); QDTLS_VERIFY_NO_ERROR(dtls);
QCOMPARE(dtls.handshakeState(), QDtls::HandshakeInProgress); QCOMPARE(dtls.handshakeState(), QDtls::HandshakeInProgress);
QCOMPARE(dtls.setRemote(serverAddress, serverPort), false); QCOMPARE(dtls.setPeer(serverAddress, serverPort), false);
QCOMPARE(dtls.dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(dtls.dtlsError(), QDtlsError::InvalidOperation);
} }
} }
@ -391,7 +391,7 @@ void tst_QDtls::handshake()
QVERIFY(!serverCrypto->doHandshake(&serverSocket, QByteArray("ClientHello"))); QVERIFY(!serverCrypto->doHandshake(&serverSocket, QByteArray("ClientHello")));
QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation);
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName));
// Invalid socket: // Invalid socket:
QVERIFY(!clientCrypto->doHandshake(nullptr)); QVERIFY(!clientCrypto->doHandshake(nullptr));
@ -428,9 +428,9 @@ void tst_QDtls::handshake()
QVERIFY(!serverCrypto->doHandshake(&serverSocket, {"ServerHello"})); QVERIFY(!serverCrypto->doHandshake(&serverSocket, {"ServerHello"}));
QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation);
// Cannot change a remote without calling shutdown first. // Cannot change a remote without calling shutdown first.
QVERIFY(!clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(!clientCrypto->setPeer(serverAddress, serverPort));
QCOMPARE(clientCrypto->dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(clientCrypto->dtlsError(), QDtlsError::InvalidOperation);
QVERIFY(!serverCrypto->setRemote(clientAddress, clientPort)); QVERIFY(!serverCrypto->setPeer(clientAddress, clientPort));
QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation); QCOMPARE(serverCrypto->dtlsError(), QDtlsError::InvalidOperation);
} }
@ -446,7 +446,7 @@ void tst_QDtls::handshakeWithRetransmission()
auto clientConfig = QSslConfiguration::defaultDtlsConfiguration(); auto clientConfig = QSslConfiguration::defaultDtlsConfiguration();
clientConfig.setCaCertificates({selfSignedCert}); clientConfig.setCaCertificates({selfSignedCert});
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName));
// Now we are ready for handshake: // Now we are ready for handshake:
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
@ -482,7 +482,7 @@ void tst_QDtls::sessionCipher()
clientConfig.setCaCertificates({selfSignedCert}); clientConfig.setCaCertificates({selfSignedCert});
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName));
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
testLoop.enterLoopMSecs(handshakeTimeoutMS); testLoop.enterLoopMSecs(handshakeTimeoutMS);
@ -540,7 +540,7 @@ void tst_QDtls::cipherPreferences()
clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone); clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
clientConfig.setCiphers({aes256, aes128}); clientConfig.setCiphers({aes256, aes128});
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort));
QDTLS_VERIFY_NO_ERROR(clientCrypto); QDTLS_VERIFY_NO_ERROR(clientCrypto);
connectHandshakeReadingSlots(); connectHandshakeReadingSlots();
@ -604,7 +604,7 @@ void tst_QDtls::protocolVersionMatching()
clientConfig.setProtocol(clientProtocol); clientConfig.setProtocol(clientProtocol);
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort));
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
testLoop.enterLoopMSecs(handshakeTimeoutMS); testLoop.enterLoopMSecs(handshakeTimeoutMS);
@ -638,7 +638,7 @@ void tst_QDtls::verificationErrors()
QVERIFY(serverCrypto->setDtlsConfiguration(serverConfig)); QVERIFY(serverCrypto->setDtlsConfiguration(serverConfig));
// And our client already has the default DTLS configuration. // And our client already has the default DTLS configuration.
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort));
// Now we are ready for handshake: // Now we are ready for handshake:
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
@ -751,7 +751,7 @@ void tst_QDtls::verifyServerCertificate()
clientConfig.setPeerVerifyMode(verifyMode); clientConfig.setPeerVerifyMode(verifyMode);
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, peerName)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, peerName));
connectHandshakeReadingSlots(); connectHandshakeReadingSlots();
@ -886,7 +886,7 @@ void tst_QDtls::verifyClientCertificate()
clientConfig.setPrivateKey(clientKey); clientConfig.setPrivateKey(clientKey);
clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone); clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort));
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
QDTLS_VERIFY_NO_ERROR(clientCrypto); QDTLS_VERIFY_NO_ERROR(clientCrypto);
@ -935,7 +935,7 @@ void tst_QDtls::blacklistedCerificate()
connectHandshakeReadingSlots(); connectHandshakeReadingSlots();
const QString name(serverChain.first().subjectInfo(QSslCertificate::CommonName).first()); const QString name(serverChain.first().subjectInfo(QSslCertificate::CommonName).first());
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, name)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, name));
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
testLoop.enterLoopMSecs(handshakeTimeoutMS); testLoop.enterLoopMSecs(handshakeTimeoutMS);
@ -966,7 +966,7 @@ void tst_QDtls::readWriteEncrypted()
auto clientConfig = QSslConfiguration::defaultDtlsConfiguration(); auto clientConfig = QSslConfiguration::defaultDtlsConfiguration();
clientConfig.setCaCertificates({selfSignedCert}); clientConfig.setCaCertificates({selfSignedCert});
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort, hostName)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort, hostName));
// 0. Verify we cannot write any encrypted message without handshake done // 0. Verify we cannot write any encrypted message without handshake done
QDTLS_VERIFY_NO_ERROR(clientCrypto); QDTLS_VERIFY_NO_ERROR(clientCrypto);
@ -1047,7 +1047,7 @@ void tst_QDtls::datagramFragmentation()
auto clientConfig = QSslConfiguration::defaultDtlsConfiguration(); auto clientConfig = QSslConfiguration::defaultDtlsConfiguration();
clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone); clientConfig.setPeerVerifyMode(QSslSocket::VerifyNone);
QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig)); QVERIFY(clientCrypto->setDtlsConfiguration(clientConfig));
QVERIFY(clientCrypto->setRemote(serverAddress, serverPort)); QVERIFY(clientCrypto->setPeer(serverAddress, serverPort));
QVERIFY(clientCrypto->doHandshake(&clientSocket)); QVERIFY(clientCrypto->doHandshake(&clientSocket));
@ -1100,7 +1100,7 @@ void tst_QDtls::handshakeReadyRead()
if (addr.isNull() || addr.isBroadcast()) // Could never be us (client), bail out if (addr.isNull() || addr.isBroadcast()) // Could never be us (client), bail out
return; return;
if (!crypto->setRemote(addr, port)) if (!crypto->setPeer(addr, port))
return testLoop.exitLoop(); return testLoop.exitLoop();
// Check parameter validation: // Check parameter validation:

6
tests/auto/network/ssl/qdtlscookie/tst_qdtlscookie.cpp
View File

@ -158,7 +158,7 @@ void tst_QDtlsCookie::init()
serverPort = serverSocket.localPort(); serverPort = serverSocket.localPort();
dtls.reset(new QDtls(QSslSocket::SslClientMode)); dtls.reset(new QDtls(QSslSocket::SslClientMode));
dtls->setRemote(serverAddress, serverPort); dtls->setPeer(serverAddress, serverPort);
} }
void tst_QDtlsCookie::construction() void tst_QDtlsCookie::construction()
@ -434,7 +434,7 @@ void tst_QDtlsCookie::makeNoise()
noiseMaker.writeDatagram({"Hello, my little DTLS server, take this useless dgram!"}, noiseMaker.writeDatagram({"Hello, my little DTLS server, take this useless dgram!"},
serverAddress, serverPort); serverAddress, serverPort);
QDtls fakeHandshake(QSslSocket::SslClientMode); QDtls fakeHandshake(QSslSocket::SslClientMode);
fakeHandshake.setRemote(serverAddress, serverPort); fakeHandshake.setPeer(serverAddress, serverPort);
fakeHandshake.doHandshake(&noiseMaker, {}); fakeHandshake.doHandshake(&noiseMaker, {});
} }
@ -446,7 +446,7 @@ void tst_QDtlsCookie::spawnClients()
connect(newClient.first.data(), &QUdpSocket::readyRead, connect(newClient.first.data(), &QUdpSocket::readyRead,
this, &tst_QDtlsCookie::clientReadyRead); this, &tst_QDtlsCookie::clientReadyRead);
newClient.second.reset(new QDtls(QSslSocket::SslClientMode)); newClient.second.reset(new QDtls(QSslSocket::SslClientMode));
newClient.second->setRemote(serverAddress, serverPort); newClient.second->setPeer(serverAddress, serverPort);
connect(newClient.second.data(), &QDtls::handshakeTimeout, connect(newClient.second.data(), &QDtls::handshakeTimeout,
this, &tst_QDtlsCookie::handleClientTimeout); this, &tst_QDtlsCookie::handleClientTimeout);
newClient.second->doHandshake(newClient.first.data(), {}); newClient.second->doHandshake(newClient.first.data(), {});