Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-25015

QSslSocket - read ahead in unencrypted mode may lose data when starting encryption in STARTTLS style

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P2: Important
    • None
    • 4.8.0, 5.0.0
    • Network: SSL
    • None

    Description

      Calling QSslSocket::read() in unencrypted mode will read 16k of data from the plain socket into the QIODevice buffer in the SSL socket.
      If the plain socket already contains the handshake data (because the remote side sent some plaintext, and then started handshake) then this will be "lost" and the socket won't enter encrypted mode.

      Needs some testing to see if this prevents implementation of STARTTLS using QSslSocket or not.
      (STARTTLS has a plaintext handshake, so it might be avoidable)

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. QTBUG-18498 QSslSocket: calling peek() on the socket causes the entire socket buffer to be copied to a new buffer, meaning that peek *does* have side-effects in certain use cases

          • P2: Important - Urgent, should be fixed, but will not stop the release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              Unassigned Unassigned
              shkearns Shane Kearns
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Gerrit Reviews

                  There are no open Gerrit changes