1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QtNetwork: Fix and streamline translations of QDtls

Browse Source 
- Use %-placeholder formatting instead of string concatenation
  for messages of the form "XX failed: %1"
- Introduce helper functions for duplicate messages
- Introduce helper function for message reporting function failures
  to avoid duplication
- Extract helper function for reporting SSL handshake errors

Complemements ac583b686d0677517e7f8a10ce4e79c7fe227ccf.

Change-Id: Iaf6c158ca8086d0b17a3e3c51955707734829615
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This commit is contained in:
Friedemann Kleint 2018-06-27 11:38:53 +02:00
parent bc71946487
commit ee8c052395
4 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/network/ssl/qdtls.cpp
View File

@ -151,6 +151,11 @@ QDtlsClientVerifier::GeneratorParameters QDtlsClientVerifier::cookieGeneratorPar
return {d->hashAlgorithm, d->secret}; return {d->hashAlgorithm, d->secret};
} }
static QString msgUnsupportedMulticastAddress()
{
return QDtls::tr("Multicast and broadcast addresses are not supported");
}
bool QDtlsClientVerifier::verifyClient(QUdpSocket *socket, const QByteArray &dgram, bool QDtlsClientVerifier::verifyClient(QUdpSocket *socket, const QByteArray &dgram,
const QHostAddress &address, quint16 port) const QHostAddress &address, quint16 port)
{ {
@ -164,7 +169,7 @@ bool QDtlsClientVerifier::verifyClient(QUdpSocket *socket, const QByteArray &dgr
if (address.isBroadcast() || address.isMulticast()) { if (address.isBroadcast() || address.isMulticast()) {
d->setDtlsError(QDtlsError::InvalidInputParameters, d->setDtlsError(QDtlsError::InvalidInputParameters,
tr("Multicast and broadcast addresses are not supported")); msgUnsupportedMulticastAddress());
return false; return false;
} }
@ -222,7 +227,7 @@ bool QDtls::setRemote(const QHostAddress &address, quint16 port,
if (address.isBroadcast() || address.isMulticast()) { if (address.isBroadcast() || address.isMulticast()) {
d->setDtlsError(QDtlsError::InvalidInputParameters, d->setDtlsError(QDtlsError::InvalidInputParameters,
tr("Multicast and broadcast addresses are not supported")); msgUnsupportedMulticastAddress());
return false; return false;
} }

30
src/network/ssl/qdtls_openssl.cpp
View File

@ -704,6 +704,12 @@ bool DtlsState::initTls(QDtlsBasePrivate *dtlsBase)
return true; return true;
} }
static QString msgFunctionFailed(const char *function)
{
//: %1: Some function
return QDtls::tr("%1 failed").arg(QLatin1String(function));
}
bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase) bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase)
{ {
Q_ASSERT(dtlsBase); Q_ASSERT(dtlsBase);
@ -727,7 +733,8 @@ bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase)
TlsConnection newConnection(newContext->createSsl(), dtlsutil::delete_connection); TlsConnection newConnection(newContext->createSsl(), dtlsutil::delete_connection);
if (!newConnection.data()) { if (!newConnection.data()) {
dtlsBase->setDtlsError(QDtlsError::TlsInitializationError, QDtls::tr("SSL_new failed")); dtlsBase->setDtlsError(QDtlsError::TlsInitializationError,
msgFunctionFailed("SSL_new"));
return false; return false;
} }
@ -736,7 +743,8 @@ bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase)
this); this);
if (set != 1 && configurationCopy->peerVerifyMode != QSslSocket::VerifyNone) { if (set != 1 && configurationCopy->peerVerifyMode != QSslSocket::VerifyNone) {
dtlsBase->setDtlsError(QDtlsError::TlsInitializationError, QDtls::tr("SSL_set_ex_data failed")); dtlsBase->setDtlsError(QDtlsError::TlsInitializationError,
msgFunctionFailed("SSL_set_ex_data"));
return false; return false;
} }
@ -764,7 +772,7 @@ bool DtlsState::initBIO(QDtlsBasePrivate *dtlsBase)
dtlsutil::delete_bio_method); dtlsutil::delete_bio_method);
if (!customMethod.data()) { if (!customMethod.data()) {
dtlsBase->setDtlsError(QDtlsError::TlsInitializationError, dtlsBase->setDtlsError(QDtlsError::TlsInitializationError,
QDtls::tr("BIO_meth_new failed")); msgFunctionFailed("BIO_meth_new"));
return false; return false;
} }
@ -782,7 +790,8 @@ bool DtlsState::initBIO(QDtlsBasePrivate *dtlsBase)
QScopedPointer<BIO, dtlsutil::bio_deleter> newBio(q_BIO_new(biom)); QScopedPointer<BIO, dtlsutil::bio_deleter> newBio(q_BIO_new(biom));
BIO *bio = newBio.data(); BIO *bio = newBio.data();
if (!bio) { if (!bio) {
dtlsBase->setDtlsError(QDtlsError::TlsInitializationError, QDtls::tr("BIO_new failed")); dtlsBase->setDtlsError(QDtlsError::TlsInitializationError,
msgFunctionFailed("BIO_new"));
return false; return false;
} }
@ -1025,8 +1034,8 @@ bool QDtlsPrivateOpenSSL::continueHandshake(QUdpSocket *socket, const QByteArray
return true; // The handshake is not yet complete. return true; // The handshake is not yet complete.
default: default:
storePeerCertificates(); storePeerCertificates();
setDtlsError(QDtlsError::TlsFatalError, QDtls::tr("Error during SSL handshake: ") setDtlsError(QDtlsError::TlsFatalError,
+ QSslSocketBackendPrivate::getErrorsFromOpenSsl()); QSslSocketBackendPrivate::msgErrorsDuringHandshake());
dtls.reset(); dtls.reset();
handshakeState = QDtls::HandshakeNotStarted; handshakeState = QDtls::HandshakeNotStarted;
return false; return false;
@ -1166,8 +1175,8 @@ qint64 QDtlsPrivateOpenSSL::writeDatagramEncrypted(QUdpSocket *socket,
if (socket->error() != QAbstractSocket::UnknownSocketError && description.isEmpty()) { if (socket->error() != QAbstractSocket::UnknownSocketError && description.isEmpty()) {
setDtlsError(QDtlsError::UnderlyingSocketError, socket->errorString()); setDtlsError(QDtlsError::UnderlyingSocketError, socket->errorString());
} else { } else {
setDtlsError(QDtlsError::TlsFatalError, QDtls::tr("Error while writing: ") setDtlsError(QDtlsError::TlsFatalError,
+ description); QDtls::tr("Error while writing: %1").arg(description));
} }
} }
@ -1226,8 +1235,9 @@ QByteArray QDtlsPrivateOpenSSL::decryptDatagram(QUdpSocket *socket, const QByteA
// DTLSTODO: Apparently, some errors can be ignored, for example, // DTLSTODO: Apparently, some errors can be ignored, for example,
// ECONNRESET etc. This all needs a lot of testing!!! // ECONNRESET etc. This all needs a lot of testing!!!
default: default:
setDtlsError(QDtlsError::TlsNonFatalError, QDtls::tr("Error while reading: ") setDtlsError(QDtlsError::TlsNonFatalError,
+ QSslSocketBackendPrivate::getErrorsFromOpenSsl()); QDtls::tr("Error while reading: %1")
.arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()));
return dgram; return dgram;
} }
} }

9
src/network/ssl/qsslsocket_openssl.cpp
View File

@ -891,6 +891,12 @@ QSslError _q_OpenSSL_to_QSslError(int errorCode, const QSslCertificate &cert)
return error; return error;
} }
QString QSslSocketBackendPrivate::msgErrorsDuringHandshake()
{
return QSslSocket::tr("Error during SSL handshake: %1")
.arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
}
bool QSslSocketBackendPrivate::startHandshake() bool QSslSocketBackendPrivate::startHandshake()
{ {
Q_Q(QSslSocket); Q_Q(QSslSocket);
@ -926,8 +932,7 @@ bool QSslSocketBackendPrivate::startHandshake()
// The handshake is not yet complete. // The handshake is not yet complete.
break; break;
default: default:
QString errorString QString errorString = QSslSocketBackendPrivate::msgErrorsDuringHandshake();
= QSslSocket::tr("Error during SSL handshake: %1").arg(getErrorsFromOpenSsl());
#ifdef QSSLSOCKET_DEBUG #ifdef QSSLSOCKET_DEBUG
qCDebug(lcSsl) << "QSslSocketBackendPrivate::startHandshake: error!" << errorString; qCDebug(lcSsl) << "QSslSocketBackendPrivate::startHandshake: error!" << errorString;
#endif #endif

2
src/network/ssl/qsslsocket_openssl_p.h
View File

@ -159,6 +159,8 @@ public:
QSslKey *key, QSslCertificate *cert, QSslKey *key, QSslCertificate *cert,
QList<QSslCertificate> *caCertificates, QList<QSslCertificate> *caCertificates,
const QByteArray &passPhrase); const QByteArray &passPhrase);
static QString msgErrorsDuringHandshake();
}; };
QT_END_NAMESPACE QT_END_NAMESPACE