summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimur Pocheptsov <timur.pocheptsov@qt.io>2021-07-20 16:55:24 +0200
committerTimur Pocheptsov <timur.pocheptsov@qt.io>2021-07-21 12:20:06 +0200
commit4c5b604fabc0a7992ae5b1ab7beaa294f0e33388 (patch)
treea1a26179c1b27c1bc95f9761d7f2c8102e3caad6
parent18458dbebdd8bddd3242dc72a2bf7b74d6700b3c (diff)
Fix lcTlsBackend redefined in several places (plugins, static build)
With -static build lcTlsBackend was duplicated. Change-Id: I20ee0f9c7e2027a7033c9fbae628d0d91672e719 Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io> (cherry picked from commit 5e688a72046972b871347ff4d8dd141cdf9f2cef)
-rw-r--r--src/network/ssl/qtlsbackend_p.h2
-rw-r--r--src/plugins/tls/certonly/qtlsbackend_cert.cpp2
-rw-r--r--src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp1
-rw-r--r--src/plugins/tls/openssl/qtlsbackend_openssl_p.h2
-rw-r--r--src/plugins/tls/securetransport/qtls_st.cpp80
-rw-r--r--src/plugins/tls/securetransport/qtlsbackend_st.cpp2
-rw-r--r--src/plugins/tls/securetransport/qtlsbackend_st_p.h2
-rw-r--r--src/plugins/tls/shared/qsslsocket_mac_shared.cpp10
-rw-r--r--src/plugins/tls/shared/qx509_generic.cpp2
9 files changed, 48 insertions, 55 deletions
diff --git a/src/network/ssl/qtlsbackend_p.h b/src/network/ssl/qtlsbackend_p.h
index 79bd0c5ebf..28016df3a3 100644
--- a/src/network/ssl/qtlsbackend_p.h
+++ b/src/network/ssl/qtlsbackend_p.h
@@ -428,8 +428,6 @@ public:
Q_DISABLE_COPY_MOVE(QTlsBackend)
};
-Q_DECLARE_LOGGING_CATEGORY(lcTlsBackend)
-
#define QTlsBackend_iid "org.qt-project.Qt.QTlsBackend"
Q_DECLARE_INTERFACE(QTlsBackend, QTlsBackend_iid);
diff --git a/src/plugins/tls/certonly/qtlsbackend_cert.cpp b/src/plugins/tls/certonly/qtlsbackend_cert.cpp
index c81eb0252e..e7e5f0f760 100644
--- a/src/plugins/tls/certonly/qtlsbackend_cert.cpp
+++ b/src/plugins/tls/certonly/qtlsbackend_cert.cpp
@@ -47,8 +47,6 @@
QT_BEGIN_NAMESPACE
-Q_LOGGING_CATEGORY(lcTlsBackend, "qt.tlsbackend.cert-only");
-
QString QTlsBackendCertOnly::backendName() const
{
return builtinBackendNames[nameIndexCertOnly];
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
index d4a7c27825..d2424549da 100644
--- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
+++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
@@ -55,6 +55,7 @@
****************************************************************************/
#include "qsslsocket_openssl_symbols_p.h"
+#include "qtlsbackend_openssl_p.h"
#include <QtNetwork/private/qssl_p.h>
diff --git a/src/plugins/tls/openssl/qtlsbackend_openssl_p.h b/src/plugins/tls/openssl/qtlsbackend_openssl_p.h
index 93b6442a59..04044f489e 100644
--- a/src/plugins/tls/openssl/qtlsbackend_openssl_p.h
+++ b/src/plugins/tls/openssl/qtlsbackend_openssl_p.h
@@ -134,6 +134,8 @@ private:
void forceAutotestSecurityLevel() override;
};
+Q_DECLARE_LOGGING_CATEGORY(lcTlsBackend)
+
QT_END_NAMESPACE
#endif // QTLSBACKEND_OPENSSL_P_H
diff --git a/src/plugins/tls/securetransport/qtls_st.cpp b/src/plugins/tls/securetransport/qtls_st.cpp
index 6741fbc5b2..bd0b8559a8 100644
--- a/src/plugins/tls/securetransport/qtls_st.cpp
+++ b/src/plugins/tls/securetransport/qtls_st.cpp
@@ -109,7 +109,7 @@ EphemeralSecKeychain::EphemeralSecKeychain()
{
const auto uuid = QUuid::createUuid();
if (uuid.isNull()) {
- qCWarning(lcTlsBackend) << "Failed to create a unique keychain name";
+ qCWarning(lcSecureTransport) << "Failed to create a unique keychain name";
return;
}
@@ -136,14 +136,14 @@ EphemeralSecKeychain::EphemeralSecKeychain()
const auto ok = CFStringGetFileSystemRepresentation(cfName, &posixPath[0],
CFIndex(posixPath.size()));
if (!ok) {
- qCWarning(lcTlsBackend) << "Failed to create a unique keychain name from"
- << "QDir::tempPath()";
+ qCWarning(lcSecureTransport) << "Failed to create a unique keychain name from"
+ << "QDir::tempPath()";
return;
}
std::vector<uint8_t> passUtf8(256);
if (SecRandomCopyBytes(kSecRandomDefault, passUtf8.size(), &passUtf8[0])) {
- qCWarning(lcTlsBackend) << "SecRandomCopyBytes: failed to create a key";
+ qCWarning(lcSecureTransport) << "SecRandomCopyBytes: failed to create a key";
return;
}
@@ -151,7 +151,7 @@ EphemeralSecKeychain::EphemeralSecKeychain()
&passUtf8[0], FALSE, nullptr,
&keychain);
if (status != errSecSuccess || !keychain) {
- qCWarning(lcTlsBackend) << "SecKeychainCreate: failed to create a custom keychain";
+ qCWarning(lcSecureTransport) << "SecKeychainCreate: failed to create a custom keychain";
if (keychain) {
SecKeychainDelete(keychain);
CFRelease(keychain);
@@ -166,13 +166,13 @@ EphemeralSecKeychain::EphemeralSecKeychain()
// == false, set interval to INT_MAX to never lock ...
settings.lockInterval = INT_MAX;
if (SecKeychainSetSettings(keychain, &settings) != errSecSuccess)
- qCWarning(lcTlsBackend) << "SecKeychainSettings: failed to disable lock on sleep";
+ qCWarning(lcSecureTransport) << "SecKeychainSettings: failed to disable lock on sleep";
}
#ifdef QSSLSOCKET_DEBUG
if (keychain) {
- qCDebug(lcTlsBackend) << "Custom keychain with name" << keychainName << "was created"
- << "successfully";
+ qCDebug(lcSecureTransport) << "Custom keychain with name" << keychainName << "was created"
+ << "successfully";
}
#endif
}
@@ -204,7 +204,7 @@ SSLContextRef qt_createSecureTransportContext(QSslSocket::SslMode mode)
// We never use kSSLDatagramType, so it's kSSLStreamType unconditionally.
SSLContextRef context = SSLCreateContext(nullptr, side, kSSLStreamType);
if (!context)
- qCWarning(lcTlsBackend) << "SSLCreateContext failed";
+ qCWarning(lcSecureTransport) << "SSLCreateContext failed";
return context;
}
@@ -280,7 +280,7 @@ OSStatus TlsCryptographSecureTransport::ReadCallback(TlsCryptographSecureTranspo
const qint64 bytes = plainSocket->read(data, *dataLength);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "read" << bytes;
+ qCDebug(lcSecureTransport) << plainSocket << "read" << bytes;
#endif
if (bytes < 0) {
*dataLength = 0;
@@ -306,7 +306,7 @@ OSStatus TlsCryptographSecureTransport::WriteCallback(TlsCryptographSecureTransp
const qint64 bytes = plainSocket->write(data, *dataLength);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "write" << bytes;
+ qCDebug(lcSecureTransport) << plainSocket << "write" << bytes;
#endif
if (bytes < 0) {
*dataLength = 0;
@@ -346,7 +346,7 @@ void TlsCryptographSecureTransport::continueHandshake()
Q_ASSERT(d);
d->setEncrypted(true);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << d->plainTcpSocket() << "connection encrypted";
+ qCDebug(lcSecureTransport) << d->plainTcpSocket() << "connection encrypted";
#endif
#if QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE(__MAC_10_13_4, __IPHONE_11_0, __TVOS_11_0, __WATCHOS_4_0)
@@ -434,7 +434,7 @@ QSsl::SslProtocol TlsCryptographSecureTransport::sessionProtocol() const
SSLProtocol protocol = kSSLProtocolUnknown;
const OSStatus err = SSLGetNegotiatedProtocolVersion(context, &protocol);
if (err != errSecSuccess) {
- qCWarning(lcTlsBackend) << "SSLGetNegotiatedProtocolVersion failed:" << err;
+ qCWarning(lcSecureTransport) << "SSLGetNegotiatedProtocolVersion failed:" << err;
return QSsl::UnknownProtocol;
}
@@ -500,7 +500,7 @@ void TlsCryptographSecureTransport::transmit()
size_t writtenBytes = 0;
const OSStatus err = SSLWrite(context, writeBuffer.readPointer(), nextDataBlockSize, &writtenBytes);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << d->plainTcpSocket() << "SSLWrite returned" << err;
+ qCDebug(lcSecureTransport) << d->plainTcpSocket() << "SSLWrite returned" << err;
#endif
if (err != errSecSuccess && err != errSSLWouldBlock) {
setErrorAndEmit(d, QAbstractSocket::SslInternalError,
@@ -538,7 +538,7 @@ void TlsCryptographSecureTransport::transmit()
data.resize(4096);
const OSStatus err = SSLRead(context, data.data(), data.size(), &readBytes);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << d->plainTcpSocket() << "SSLRead returned" << err;
+ qCDebug(lcSecureTransport) << d->plainTcpSocket() << "SSLRead returned" << err;
#endif
if (err == errSSLClosedGraceful) {
shutdown = true; // the other side shut down, make sure we do not send shutdown ourselves
@@ -703,8 +703,8 @@ bool TlsCryptographSecureTransport::initSslContext()
if (cfNames) {
for (const QByteArray &name : protocolNames) {
if (name.size() > 255) {
- qCWarning(lcTlsBackend) << "TLS ALPN extension" << name
- << "is too long and will be ignored.";
+ qCWarning(lcSecureTransport) << "TLS ALPN extension" << name
+ << "is too long and will be ignored.";
continue;
} else if (name.isEmpty()) {
continue;
@@ -718,10 +718,10 @@ bool TlsCryptographSecureTransport::initSslContext()
// failed, and handle this non-TLS error, we do not handle
// the result of this call as an error:
if (SSLSetALPNProtocols(context, cfNames) != errSecSuccess)
- qCWarning(lcTlsBackend) << "SSLSetALPNProtocols failed - too long protocol names?";
+ qCWarning(lcSecureTransport) << "SSLSetALPNProtocols failed - too long protocol names?";
}
} else {
- qCWarning(lcTlsBackend) << "failed to allocate ALPN names array";
+ qCWarning(lcSecureTransport) << "failed to allocate ALPN names array";
}
}
#endif // QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE
@@ -776,12 +776,12 @@ bool TlsCryptographSecureTransport::initSslContext()
cfCiphers << sslCipher;
}
if (cfCiphers.size() == 0) {
- qCWarning(lcTlsBackend) << "failed to add any of the requested ciphers from the configuration";
+ qCWarning(lcSecureTransport) << "failed to add any of the requested ciphers from the configuration";
return false;
}
OSStatus err = SSLSetEnabledCiphers(context, cfCiphers.data(), cfCiphers.size());
if (err != errSecSuccess) {
- qCWarning(lcTlsBackend) << "failed to set the ciphers from the configuration";
+ qCWarning(lcSecureTransport) << "failed to set the ciphers from the configuration";
return false;
}
}
@@ -843,8 +843,8 @@ bool TlsCryptographSecureTransport::setSessionCertificate(QString &errorDescript
OSStatus err = SecPKCS12Import(pkcs12, options, &items);
if (err != errSecSuccess) {
#ifdef QSSLSOCKET_DEBUG
- qCWarning(lcTlsBackend) << plainSocket
- << QStringLiteral("SecPKCS12Import failed: %1").arg(err);
+ qCWarning(lcSecureTransport) << plainSocket
+ << QStringLiteral("SecPKCS12Import failed: %1").arg(err);
#endif
errorCode = QAbstractSocket::SslInvalidUserDataError;
errorDescription = QStringLiteral("SecPKCS12Import failed: %1").arg(err);
@@ -853,7 +853,7 @@ bool TlsCryptographSecureTransport::setSessionCertificate(QString &errorDescript
if (!CFArrayGetCount(items)) {
#ifdef QSSLSOCKET_DEBUG
- qCWarning(lcTlsBackend) << plainSocket << "SecPKCS12Import returned no items";
+ qCWarning(lcSecureTransport) << plainSocket << "SecPKCS12Import returned no items";
#endif
errorCode = QAbstractSocket::SslInvalidUserDataError;
errorDescription = QStringLiteral("SecPKCS12Import returned no items");
@@ -864,7 +864,7 @@ bool TlsCryptographSecureTransport::setSessionCertificate(QString &errorDescript
SecIdentityRef identity = (SecIdentityRef)CFDictionaryGetValue(import, kSecImportItemIdentity);
if (!identity) {
#ifdef QSSLSOCKET_DEBUG
- qCWarning(lcTlsBackend) << plainSocket << "SecPKCS12Import returned no identity";
+ qCWarning(lcSecureTransport) << plainSocket << "SecPKCS12Import returned no identity";
#endif
errorCode = QAbstractSocket::SslInvalidUserDataError;
errorDescription = QStringLiteral("SecPKCS12Import returned no identity");
@@ -889,8 +889,8 @@ bool TlsCryptographSecureTransport::setSessionCertificate(QString &errorDescript
err = SSLSetCertificate(context, certs);
if (err != errSecSuccess) {
#ifdef QSSLSOCKET_DEBUG
- qCWarning(lcTlsBackend)
- << plainSocket << QStringLiteral("Cannot set certificate and key: %1").arg(err);
+ qCWarning(lcSecureTransport) << plainSocket
+ << QStringLiteral("Cannot set certificate and key: %1").arg(err);
#endif
errorCode = QAbstractSocket::SslInvalidUserDataError;
errorDescription = QStringLiteral("Cannot set certificate and key: %1").arg(err);
@@ -915,7 +915,7 @@ bool TlsCryptographSecureTransport::setSessionProtocol()
switch (configuration.protocol()) {
case QSsl::TlsV1_3:
case QSsl::TlsV1_3OrLater:
- qCWarning(lcTlsBackend) << plainSocket << "SecureTransport does not support TLS 1.3";
+ qCWarning(lcSecureTransport) << plainSocket << "SecureTransport does not support TLS 1.3";
return false;
default:;
}
@@ -924,53 +924,53 @@ bool TlsCryptographSecureTransport::setSessionProtocol()
if (configuration.protocol() == QSsl::TlsV1_0) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1.0";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1.0";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol1);
if (err == errSecSuccess)
err = SSLSetProtocolVersionMax(context, kTLSProtocol1);
} else if (configuration.protocol() == QSsl::TlsV1_1) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1.1";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1.1";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol11);
if (err == errSecSuccess)
err = SSLSetProtocolVersionMax(context, kTLSProtocol11);
} else if (configuration.protocol() == QSsl::TlsV1_2) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1.2";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1.2";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol12);
if (err == errSecSuccess)
err = SSLSetProtocolVersionMax(context, kTLSProtocol12);
} else if (configuration.protocol() == QSsl::AnyProtocol) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : any";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : any";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol1);
} else if (configuration.protocol() == QSsl::SecureProtocols) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1 - TLSv1.2";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1 - TLSv1.2";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol1);
} else if (configuration.protocol() == QSsl::TlsV1_0OrLater) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1 - TLSv1.2";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1 - TLSv1.2";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol1);
} else if (configuration.protocol() == QSsl::TlsV1_1OrLater) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1.1 - TLSv1.2";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1.1 - TLSv1.2";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol11);
} else if (configuration.protocol() == QSsl::TlsV1_2OrLater) {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "requesting : TLSv1.2";
+ qCDebug(lcSecureTransport) << plainSocket << "requesting : TLSv1.2";
#endif
err = SSLSetProtocolVersionMin(context, kTLSProtocol12);
} else {
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "no protocol version found in the configuration";
+ qCDebug(lcSecureTransport) << plainSocket << "no protocol version found in the configuration";
#endif
return false;
}
@@ -1128,7 +1128,7 @@ bool TlsCryptographSecureTransport::verifyPeerTrust()
if (QCFType<SecCertificateRef> secRef = SecCertificateCreateWithData(nullptr, certData))
CFArrayAppendValue(certArray, secRef);
else
- qCWarning(lcTlsBackend, "Failed to create SecCertificate from QSslCertificate");
+ qCWarning(lcSecureTransport, "Failed to create SecCertificate from QSslCertificate");
}
SecTrustSetAnchorCertificates(trust, certArray);
@@ -1237,7 +1237,7 @@ bool TlsCryptographSecureTransport::startHandshake()
OSStatus err = SSLHandshake(context);
#ifdef QSSLSOCKET_DEBUG
- qCDebug(lcTlsBackend) << plainSocket << "SSLHandhake returned" << err;
+ qCDebug(lcSecureTransport) << plainSocket << "SSLHandhake returned" << err;
#endif
if (err == errSSLWouldBlock) {
@@ -1283,7 +1283,7 @@ bool TlsCryptographSecureTransport::startHandshake()
// Connection aborted during handshake phase.
if (q->state() != QAbstractSocket::ConnectedState) {
- qCDebug(lcTlsBackend) << "connection aborted";
+ qCDebug(lcSecureTransport) << "connection aborted";
renegotiating = false;
return false;
}
diff --git a/src/plugins/tls/securetransport/qtlsbackend_st.cpp b/src/plugins/tls/securetransport/qtlsbackend_st.cpp
index 7fc7692350..315dae6d21 100644
--- a/src/plugins/tls/securetransport/qtlsbackend_st.cpp
+++ b/src/plugins/tls/securetransport/qtlsbackend_st.cpp
@@ -49,7 +49,7 @@ QT_BEGIN_NAMESPACE
Q_GLOBAL_STATIC(QRecursiveMutex, qt_securetransport_mutex)
-Q_LOGGING_CATEGORY(lcTlsBackend, "qt.tlsbackend.securetransport");
+Q_LOGGING_CATEGORY(lcSecureTransport, "qt.tlsbackend.securetransport");
namespace QTlsPrivate {
diff --git a/src/plugins/tls/securetransport/qtlsbackend_st_p.h b/src/plugins/tls/securetransport/qtlsbackend_st_p.h
index ebce859db3..3ccad01a95 100644
--- a/src/plugins/tls/securetransport/qtlsbackend_st_p.h
+++ b/src/plugins/tls/securetransport/qtlsbackend_st_p.h
@@ -91,6 +91,8 @@ private:
static bool s_loadedCiphersAndCerts;
};
+Q_DECLARE_LOGGING_CATEGORY(lcSecureTransport)
+
QT_END_NAMESPACE
#endif // QTLSBACKEND_ST_P_H
diff --git a/src/plugins/tls/shared/qsslsocket_mac_shared.cpp b/src/plugins/tls/shared/qsslsocket_mac_shared.cpp
index b808c9e83b..cdecdee9b2 100644
--- a/src/plugins/tls/shared/qsslsocket_mac_shared.cpp
+++ b/src/plugins/tls/shared/qsslsocket_mac_shared.cpp
@@ -57,8 +57,6 @@
QT_BEGIN_NAMESPACE
-Q_DECLARE_LOGGING_CATEGORY(lcTlsBackend)
-
#ifdef Q_OS_MACOS
namespace {
@@ -107,9 +105,8 @@ bool isCaCertificateTrusted(SecCertificateRef cfCert, int domain)
}
}
}
- } else {
- qCWarning(lcTlsBackend, "Error receiving trust for a CA certificate");
}
+
return false;
}
@@ -133,11 +130,8 @@ QList<QSslCertificate> systemCaCertificates()
SecCertificateRef cfCert = (SecCertificateRef)CFArrayGetValueAtIndex(cfCerts, i);
QCFType<CFDataRef> derData = SecCertificateCopyData(cfCert);
if (isCaCertificateTrusted(cfCert, dom)) {
- if (derData == nullptr) {
- qCWarning(lcTlsBackend, "Error retrieving a CA certificate from the system store");
- } else {
+ if (derData)
systemCerts << QSslCertificate(QByteArray::fromCFData(derData), QSsl::Der);
- }
}
}
}
diff --git a/src/plugins/tls/shared/qx509_generic.cpp b/src/plugins/tls/shared/qx509_generic.cpp
index 9265498c4e..f5fd1b6b30 100644
--- a/src/plugins/tls/shared/qx509_generic.cpp
+++ b/src/plugins/tls/shared/qx509_generic.cpp
@@ -79,8 +79,6 @@ bool X509CertificateGeneric::isSelfSigned() const
if (null)
return false;
- qCWarning(lcTlsBackend, "QSslCertificate::isSelfSigned: This function does not check, whether the certificate "
- "is actually signed. It just checks whether issuer and subject are identical");
return subjectMatchesIssuer;
}