Allow to specify the SSL protocol for a requests.

http://code.google.com/p/phantomjs/issues/detail?id=174
ariya · Oct 29, 2012 · b834f2a · b834f2a
1 parent 380c56e
commit b834f2a
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 3 deletions.
diff --git a/src/config.cpp b/src/config.cpp
@@ -62,6 +62,7 @@ static const struct QCommandLineConfigEntry flags[] =
     { QCommandLine::Option, '\0', "proxy-type", "Specifies the proxy type, 'http' (default), 'none' (disable completely), or 'socks5'", QCommandLine::Optional },
     { QCommandLine::Option, '\0', "script-encoding", "Sets the encoding used for the starting script, default is 'utf8'", QCommandLine::Optional },
     { QCommandLine::Option, '\0', "web-security", "Enables web security, 'yes' (default) or 'no'", QCommandLine::Optional },
+    { QCommandLine::Option, '\0', "ssl-protocol", "Sets the SSL protocol (supported protocols: 'SSLv3', 'SSLv2', 'TLSv1', 'TlsV1SslV3' (default))", QCommandLine::Optional },
     { QCommandLine::Param, '\0', "script", "Script", QCommandLine::Flags(QCommandLine::Optional|QCommandLine::ParameterFence)},
     { QCommandLine::Param, '\0', "argument", "Script argument", QCommandLine::OptionalMultiple },
     { QCommandLine::Switch, 'h', "help", "Shows this message and quits", QCommandLine::Optional },
@@ -593,6 +594,9 @@ void Config::handleOption(const QString &option, const QVariant &value)
     if (option == "web-security") {
         setWebSecurityEnabled(boolValue);
     }
+    if (option == "ssl-protocol") {
+        setSslProtocol(value.toString().toLower());
+    }
 }
 
 void Config::handleParam(const QString& param, const QVariant &value)
@@ -610,3 +614,12 @@ void Config::handleError(const QString &error)
     setUnknownOption(QString("Error: %1").arg(error));
 }
 
+QString Config::sslProtocol() const
+{
+    return m_sslProtocol;
+}
+
+void Config::setSslProtocol(const QString& sslProtocolName)
+{
+    m_sslProtocol = sslProtocolName;
+}
diff --git a/src/config.h b/src/config.h
@@ -57,6 +57,7 @@ class Config: QObject
     Q_PROPERTY(bool printDebugMessages READ printDebugMessages WRITE setPrintDebugMessages)
     Q_PROPERTY(bool javascriptCanOpenWindows READ javascriptCanOpenWindows WRITE setJavascriptCanOpenWindows)
     Q_PROPERTY(bool javascriptCanCloseWindows READ javascriptCanCloseWindows WRITE setJavascriptCanCloseWindows)
+    Q_PROPERTY(QString sslProtocol READ sslProtocol WRITE setSslProtocol)
 
 public:
     Config(QObject *parent = 0);
@@ -148,6 +149,9 @@ class Config: QObject
     void setJavascriptCanCloseWindows(const bool value);
     bool javascriptCanCloseWindows() const;
 
+    void setSslProtocol(const QString& sslProtocolName);
+    QString sslProtocol() const;
+
 public slots:
     void handleSwitch(const QString &sw);
     void handleOption(const QString &option, const QVariant &value);
@@ -191,6 +195,7 @@ public slots:
     bool m_printDebugMessages;
     bool m_javascriptCanOpenWindows;
     bool m_javascriptCanCloseWindows;
+    QString m_sslProtocol;
 };
 
 #endif // CONFIG_H
diff --git a/src/networkaccessmanager.cpp b/src/networkaccessmanager.cpp
@@ -75,6 +75,7 @@ NetworkAccessManager::NetworkAccessManager(QObject *parent, const Config *config
     , m_maxAuthAttempts(3)
     , m_idCounter(0)
     , m_networkDiskCache(0)
+    , m_sslConfiguration(QSslConfiguration::defaultConfiguration())
 {
     setCookieJar(CookieJar::instance());
 
@@ -86,6 +87,17 @@ NetworkAccessManager::NetworkAccessManager(QObject *parent, const Config *config
         setCache(m_networkDiskCache);
     }
 
+    if (QSslSocket::supportsSsl()) {
+        m_sslConfiguration = QSslConfiguration::defaultConfiguration();
+        if (config->sslProtocol() == "sslv3") {
+            m_sslConfiguration.setProtocol(QSsl::SslV3);
+        } else if (config->sslProtocol() == "sslv2") {
+            m_sslConfiguration.setProtocol(QSsl::SslV2);
+        } else if (config->sslProtocol() == "tlsv1") {
+            m_sslConfiguration.setProtocol(QSsl::TlsV1);
+        }
+    }
+
     connect(this, SIGNAL(authenticationRequired(QNetworkReply*,QAuthenticator*)), SLOT(provideAuthentication(QNetworkReply*,QAuthenticator*)));
     connect(this, SIGNAL(finished(QNetworkReply*)), SLOT(handleFinished(QNetworkReply*)));
 }
@@ -133,6 +145,8 @@ QNetworkReply *NetworkAccessManager::createRequest(Operation op, const QNetworkR
     if (!QSslSocket::supportsSsl()) {
         if (req.url().scheme().toLower() == QLatin1String("https"))
             qWarning() << "Request using https scheme without SSL support";
+    } else {
+        req.setSslConfiguration(m_sslConfiguration);
     }
 
     // Get the URL string before calling the superclass. Seems to work around
@@ -156,9 +170,6 @@ QNetworkReply *NetworkAccessManager::createRequest(Operation op, const QNetworkR
 
     // Pass duty to the superclass - Nothing special to do here (yet?)
     QNetworkReply *reply = QNetworkAccessManager::createRequest(op, req, outgoingData);
-    if(m_ignoreSslErrors) {
-        reply->ignoreSslErrors();
-    }
 
     QVariantList headers;
     foreach (QByteArray headerName, req.rawHeaderList()) {
@@ -179,6 +190,7 @@ QNetworkReply *NetworkAccessManager::createRequest(Operation op, const QNetworkR
     data["time"] = QDateTime::currentDateTime();
 
     connect(reply, SIGNAL(readyRead()), this, SLOT(handleStarted()));
+    connect(reply, SIGNAL(sslErrors(const QList<QSslError> &)), this, SLOT(handleSslErrors(const QList<QSslError> &)));
 
     emit resourceRequested(data);
     return reply;
@@ -269,3 +281,14 @@ void NetworkAccessManager::handleFinished(QNetworkReply *reply, const QVariant &
 
     emit resourceReceived(data);
 }
+
+void NetworkAccessManager::handleSslErrors(const QList<QSslError> &errors)
+{
+    QNetworkReply *reply = qobject_cast<QNetworkReply*>(sender());
+    foreach (QSslError e, errors) {
+        qDebug()<<"Network - SSL Error:" << e;
+    }
+
+    if (m_ignoreSslErrors)
+        reply->ignoreSslErrors();
+}
diff --git a/src/networkaccessmanager.h b/src/networkaccessmanager.h
@@ -36,9 +36,11 @@
 #include <QNetworkAccessManager>
 #include <QNetworkReply>
 #include <QSet>
+#include <QSslConfiguration>
 
 class Config;
 class QNetworkDiskCache;
+class QSslConfiguration;
 
 class NetworkAccessManager : public QNetworkAccessManager
 {
@@ -70,13 +72,15 @@ private slots:
     void handleStarted();
     void handleFinished(QNetworkReply *reply);
     void provideAuthentication(QNetworkReply *reply, QAuthenticator *authenticator);
+    void handleSslErrors(const QList<QSslError> &errors);
 
 private:
     QHash<QNetworkReply*, int> m_ids;
     QSet<QNetworkReply*> m_started;
     int m_idCounter;
     QNetworkDiskCache* m_networkDiskCache;
     QVariantMap m_customHeaders;
+    QSslConfiguration m_sslConfiguration;
 };
 
 #endif // NETWORKACCESSMANAGER_H