diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp index e82f9d459de..97f4a2cba48 100644 --- a/src/network/kernel/qauthenticator.cpp +++ b/src/network/kernel/qauthenticator.cpp @@ -77,14 +77,13 @@ static QByteArray qNtlmPhase3(QAuthenticatorPrivate *ctx, const QByteArray& phas #if QT_CONFIG(sspi) // SSPI static bool q_SSPI_library_load(); static QByteArray qSspiStartup(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate::Method method, - const QString& host); + QStringView host); static QByteArray qSspiContinue(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate::Method method, - const QString& host, const QByteArray& challenge = QByteArray()); + QStringView host, QByteArrayView challenge = {}); #elif QT_CONFIG(gssapi) // GSSAPI -static bool qGssapiTestGetCredentials(const QString &host); -static QByteArray qGssapiStartup(QAuthenticatorPrivate *ctx, const QString& host); -static QByteArray qGssapiContinue(QAuthenticatorPrivate *ctx, - const QByteArray& challenge = QByteArray()); +static bool qGssapiTestGetCredentials(QStringView host); +static QByteArray qGssapiStartup(QAuthenticatorPrivate *ctx, QStringView host); +static QByteArray qGssapiContinue(QAuthenticatorPrivate *ctx, QByteArrayView challenge = {}); #endif // gssapi /*! @@ -445,7 +444,7 @@ bool QAuthenticatorPrivate::isMethodSupported(QByteArrayView method) static bool verifyDigestMD5(QByteArrayView value) { - auto opts = QAuthenticatorPrivate::parseDigestAuthenticationChallenge(value.toByteArray()); + auto opts = QAuthenticatorPrivate::parseDigestAuthenticationChallenge(value); if (auto it = opts.constFind("algorithm"); it != opts.cend()) { QByteArray alg = it.value(); if (alg.size() < 3) @@ -458,7 +457,8 @@ static bool verifyDigestMD5(QByteArrayView value) return true; // assume it's ok if algorithm is not specified } -void QAuthenticatorPrivate::parseHttpResponse(const QList > &values, bool isProxy, const QString &host) +void QAuthenticatorPrivate::parseHttpResponse(const QList> &values, + bool isProxy, QStringView host) { #if !QT_CONFIG(gssapi) Q_UNUSED(host); @@ -553,7 +553,8 @@ void QAuthenticatorPrivate::parseHttpResponse(const QList QAuthenticatorPrivate::parseDigestAuthenticationChallenge(const QByteArray &challenge) +QHash +QAuthenticatorPrivate::parseDigestAuthenticationChallenge(QByteArrayView challenge) { QHash options; // parse the challenge - const char *d = challenge.constData(); + const char *d = challenge.data(); const char *end = d + challenge.length(); while (d < end) { while (d < end && (*d == ' ' || *d == '\n' || *d == '\r')) @@ -736,17 +738,17 @@ QHash QAuthenticatorPrivate::parseDigestAuthenticationCh /* calculate request-digest/response-digest as per HTTP Digest spec */ static QByteArray digestMd5ResponseHelper( - const QByteArray &alg, - const QByteArray &userName, - const QByteArray &realm, - const QByteArray &password, - const QByteArray &nonce, /* nonce from server */ - const QByteArray &nonceCount, /* 8 hex digits */ - const QByteArray &cNonce, /* client nonce */ - const QByteArray &qop, /* qop-value: "", "auth", "auth-int" */ - const QByteArray &method, /* method from the request */ - const QByteArray &digestUri, /* requested URL */ - const QByteArray &hEntity /* H(entity body) if qop="auth-int" */ + QByteArrayView alg, + QByteArrayView userName, + QByteArrayView realm, + QByteArrayView password, + QByteArrayView nonce, /* nonce from server */ + QByteArrayView nonceCount, /* 8 hex digits */ + QByteArrayView cNonce, /* client nonce */ + QByteArrayView qop, /* qop-value: "", "auth", "auth-int" */ + QByteArrayView method, /* method from the request */ + QByteArrayView digestUri, /* requested URL */ + QByteArrayView hEntity /* H(entity body) if qop="auth-int" */ ) { QCryptographicHash hash(QCryptographicHash::Md5); @@ -800,7 +802,8 @@ static QByteArray digestMd5ResponseHelper( return hash.result().toHex(); } -QByteArray QAuthenticatorPrivate::digestMd5Response(const QByteArray &challenge, const QByteArray &method, const QByteArray &path) +QByteArray QAuthenticatorPrivate::digestMd5Response(QByteArrayView challenge, QByteArrayView method, + QByteArrayView path) { QHash options = parseDigestAuthenticationChallenge(challenge); @@ -1251,7 +1254,7 @@ static QString qStringFromUcs2Le(QByteArray src) * --------------------------------------- * *********************************************************************/ -QByteArray qEncodeHmacMd5(QByteArray &key, const QByteArray &message) +QByteArray qEncodeHmacMd5(QByteArray &key, QByteArrayView message) { Q_ASSERT_X(!(message.isEmpty()),"qEncodeHmacMd5", "Empty message check"); Q_ASSERT_X(!(key.isEmpty()),"qEncodeHmacMd5", "Empty key check"); @@ -1584,7 +1587,7 @@ static bool q_SSPI_library_load() } static QByteArray qSspiStartup(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate::Method method, - const QString& host) + QStringView host) { if (!q_SSPI_library_load()) return QByteArray(); @@ -1624,7 +1627,7 @@ static QByteArray qSspiStartup(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate } static QByteArray qSspiContinue(QAuthenticatorPrivate *ctx, QAuthenticatorPrivate::Method method, - const QString &host, const QByteArray &challenge) + QStringView host, QByteArrayView challenge) { QByteArray result; SecBuffer challengeBuf; @@ -1717,7 +1720,7 @@ static void q_GSSAPI_error(const char *message, OM_uint32 majStat, OM_uint32 min q_GSSAPI_error_int(message, minStat, GSS_C_MECH_CODE); } -static gss_name_t qGSsapiGetServiceName(const QString &host) +static gss_name_t qGSsapiGetServiceName(QStringView host) { QByteArray serviceName = "HTTPS@" + host.toLocal8Bit(); gss_buffer_desc nameDesc = {static_cast(serviceName.size()), serviceName.data()}; @@ -1735,7 +1738,7 @@ static gss_name_t qGSsapiGetServiceName(const QString &host) } // Send initial GSS authentication token -static QByteArray qGssapiStartup(QAuthenticatorPrivate *ctx, const QString &host) +static QByteArray qGssapiStartup(QAuthenticatorPrivate *ctx, QStringView host) { if (!ctx->gssApiHandles) ctx->gssApiHandles.reset(new QGssApiHandles); @@ -1754,7 +1757,7 @@ static QByteArray qGssapiStartup(QAuthenticatorPrivate *ctx, const QString &host } // Continue GSS authentication with next token as needed -static QByteArray qGssapiContinue(QAuthenticatorPrivate *ctx, const QByteArray& challenge) +static QByteArray qGssapiContinue(QAuthenticatorPrivate *ctx, QByteArrayView challenge) { OM_uint32 majStat, minStat, ignored; QByteArray result; @@ -1800,7 +1803,7 @@ static QByteArray qGssapiContinue(QAuthenticatorPrivate *ctx, const QByteArray& return result; } -static bool qGssapiTestGetCredentials(const QString &host) +static bool qGssapiTestGetCredentials(QStringView host) { gss_name_t serviceName = qGSsapiGetServiceName(host); if (!serviceName) diff --git a/src/network/kernel/qauthenticator_p.h b/src/network/kernel/qauthenticator_p.h index 9ef6330ceb2..6cdff484a20 100644 --- a/src/network/kernel/qauthenticator_p.h +++ b/src/network/kernel/qauthenticator_p.h @@ -105,15 +105,18 @@ public: QString workstation; QString userDomain; - QByteArray calculateResponse(const QByteArray &method, const QByteArray &path, const QString& host); + QByteArray calculateResponse(QByteArrayView method, QByteArrayView path, QStringView host); inline static QAuthenticatorPrivate *getPrivate(QAuthenticator &auth) { return auth.d; } inline static const QAuthenticatorPrivate *getPrivate(const QAuthenticator &auth) { return auth.d; } - QByteArray digestMd5Response(const QByteArray &challenge, const QByteArray &method, const QByteArray &path); - static QHash parseDigestAuthenticationChallenge(const QByteArray &challenge); + QByteArray digestMd5Response(QByteArrayView challenge, QByteArrayView method, + QByteArrayView path); + static QHash + parseDigestAuthenticationChallenge(QByteArrayView challenge); - void parseHttpResponse(const QList >&, bool isProxy, const QString &host); + void parseHttpResponse(const QList> &, bool isProxy, + QStringView host); void updateCredentials(); static bool isMethodSupported(QByteArrayView method); diff --git a/tests/auto/network/kernel/qauthenticator/tst_qauthenticator.cpp b/tests/auto/network/kernel/qauthenticator/tst_qauthenticator.cpp index 8e573d7ded8..28a28ca78be 100644 --- a/tests/auto/network/kernel/qauthenticator/tst_qauthenticator.cpp +++ b/tests/auto/network/kernel/qauthenticator/tst_qauthenticator.cpp @@ -97,7 +97,7 @@ void tst_QAuthenticator::basicAuth() QCOMPARE(priv->phase, QAuthenticatorPrivate::Start); - QCOMPARE(priv->calculateResponse("GET", "/", "").constData(), QByteArray("Basic " + expectedReply).constData()); + QCOMPARE(priv->calculateResponse("GET", "/", u"").constData(), QByteArray("Basic " + expectedReply).constData()); } void tst_QAuthenticator::ntlmAuth_data() @@ -137,9 +137,9 @@ void tst_QAuthenticator::ntlmAuth() headers << qMakePair(QByteArrayLiteral("WWW-Authenticate"), QByteArrayLiteral("NTLM")); priv->parseHttpResponse(headers, /*isProxy = */ false, {}); if (sso) - QVERIFY(priv->calculateResponse("GET", "/", "").startsWith("NTLM ")); + QVERIFY(priv->calculateResponse("GET", "/", u"").startsWith("NTLM ")); else - QCOMPARE(priv->calculateResponse("GET", "/", "").constData(), "NTLM TlRMTVNTUAABAAAABYIIAAAAAAAAAAAAAAAAAAAAAAA="); + QCOMPARE(priv->calculateResponse("GET", "/", u"").constData(), "NTLM TlRMTVNTUAABAAAABYIIAAAAAAAAAAAAAAAAAAAAAAA="); // NTLM phase 2: challenge headers.clear(); @@ -150,7 +150,7 @@ void tst_QAuthenticator::ntlmAuth() QEXPECT_FAIL("with-realm-sso", "NTLM authentication code doesn't extract the realm", Continue); QCOMPARE(auth.realm(), realm); - QVERIFY(priv->calculateResponse("GET", "/", "").startsWith("NTLM ")); + QVERIFY(priv->calculateResponse("GET", "/", u"").startsWith("NTLM ")); } // We don't (currently) support SHA256. So, when presented with the option of MD5 or SHA256,