Provide access to QSslCertificate on OpenSSL free Windows builds

The QSslCertificate class can parse and provide details about SSL certificates without a proper backend, this can for instance be used by QtWebEngine to provide metadata about certificates, even on Windows builds without OpenSSL, as QtWebEngine does not use Qt's SSL stack. Change-Id: Ib48f1ed7315c5bc66721ec87ee651d8372f07f71 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
author: Allan Sandfeld Jensen <allan.jensen@qt.io> 2018-06-29 11:33:36 +0200
committer: Allan Sandfeld Jensen <allan.jensen@qt.io> 2018-07-06 06:52:06 +0000
commit: a149659c5c028d4049c60c4f9a30b481a79cfe08 (patch)
tree: ef9147ef0de9a6cc4bb7f9683726ebd7c3473c0b /src/network
parent: 514972544a34aca0fd679b3a78521a0a1558d4e0 (diff)
6 files changed, 46 insertions, 28 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 6433b84e80..135dc9f7a9 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -125,7 +125,9 @@
 #include "qssl_p.h"
 #include "qsslcertificate.h"
 #include "qsslcertificate_p.h"
+#ifndef QT_NO_SSL
 #include "qsslkey_p.h"
+#endif
 
 #include <QtCore/qdir.h>
 #include <QtCore/qdiriterator.h>
@@ -142,8 +144,12 @@ QT_BEGIN_NAMESPACE
 QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format)
     : d(new QSslCertificatePrivate)
 {
+#ifndef QT_NO_OPENSSL
     QSslSocketPrivate::ensureInitialized();
     if (device && QSslSocket::supportsSsl())
+#else
+    if (device)
+#endif
         d->init(device->readAll(), format);
 }
 
@@ -156,8 +162,10 @@ QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format)
 QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format)
     : d(new QSslCertificatePrivate)
 {
+#ifndef QT_NO_OPENSSL
     QSslSocketPrivate::ensureInitialized();
     if (QSslSocket::supportsSsl())
+#endif
         d->init(data, format);
 }
 
@@ -557,6 +565,8 @@ QList<QSslCertificate> QSslCertificate::fromData(const QByteArray &data, QSsl::E
         : QSslCertificatePrivate::certificatesFromDer(data);
 }
 
+#ifndef QT_NO_SSL
+
 /*!
     Verifies a certificate chain. The chain to be verified is passed in the
     \a certificateChain parameter. The first certificate in the list should
@@ -600,6 +610,8 @@ bool QSslCertificate::importPkcs12(QIODevice *device,
     return QSslSocketBackendPrivate::importPkcs12(device, key, certificate, caCertificates, passPhrase);
 }
 
+#endif
+
 // These certificates are known to be fraudulent and were created during the comodo
 // compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
 static const char *const certificate_blacklist[] = {
diff --git a/src/network/ssl/qsslcertificate.h b/src/network/ssl/qsslcertificate.h
index 6cd66fd20f..553fb8884d 100644
--- a/src/network/ssl/qsslcertificate.h
+++ b/src/network/ssl/qsslcertificate.h
@@ -55,8 +55,6 @@
 #include <QtCore/qmap.h>
 #include <QtNetwork/qssl.h>
 
-#ifndef QT_NO_SSL
-
 QT_BEGIN_NAMESPACE
 
 class QDateTime;
@@ -131,7 +129,9 @@ public:
     QMultiMap<QSsl::AlternativeNameEntryType, QString> subjectAlternativeNames() const;
     QDateTime effectiveDate() const;
     QDateTime expiryDate() const;
+#ifndef QT_NO_SSL
     QSslKey publicKey() const;
+#endif
     QList<QSslCertificateExtension> extensions() const;
 
     QByteArray toPem() const;
@@ -146,6 +146,7 @@ public:
     static QList<QSslCertificate> fromData(
         const QByteArray &data, QSsl::EncodingFormat format = QSsl::Pem);
 
+#ifndef QT_NO_SSL
 #if QT_VERSION >= QT_VERSION_CHECK(6,0,0)
     static QList<QSslError> verify(const QList<QSslCertificate> &certificateChain, const QString &hostName = QString());
 #else
@@ -156,6 +157,7 @@ public:
                              QSslKey *key, QSslCertificate *cert,
                              QList<QSslCertificate> *caCertificates = nullptr,
                              const QByteArray &passPhrase=QByteArray());
+#endif
 
     Qt::HANDLE handle() const;
 
@@ -178,6 +180,4 @@ QT_END_NAMESPACE
 
 Q_DECLARE_METATYPE(QSslCertificate)
 
-#endif // QT_NO_SSL
-
 #endif
diff --git a/src/network/ssl/qsslcertificate_p.h b/src/network/ssl/qsslcertificate_p.h
index 0397845f8d..dfdceab502 100644
--- a/src/network/ssl/qsslcertificate_p.h
+++ b/src/network/ssl/qsslcertificate_p.h
@@ -55,7 +55,9 @@
 // We mean it.
 //
 
+#ifndef QT_NO_SSL
 #include "qsslsocket_p.h"
+#endif
 #include "qsslcertificateextension.h"
 #include <QtCore/qdatetime.h>
 #include <QtCore/qmap.h>
@@ -83,7 +85,9 @@ public:
     QSslCertificatePrivate()
         : null(true), x509(0)
     {
+#ifndef QT_NO_SSL
         QSslSocketPrivate::ensureInitialized();
+#endif
     }
 
     ~QSslCertificatePrivate()
diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp
index 1cc2b1f964..4efc477dc3 100644
--- a/src/network/ssl/qsslcertificate_qt.cpp
+++ b/src/network/ssl/qsslcertificate_qt.cpp
@@ -41,8 +41,10 @@
 #include "qsslcertificate_p.h"
 
 #include "qssl_p.h"
+#ifndef QT_NO_SSL
 #include "qsslkey.h"
 #include "qsslkey_p.h"
+#endif
 #include "qsslcertificateextension.h"
 #include "qsslcertificateextension_p.h"
 #include "qasn1element_p.h"
@@ -145,6 +147,7 @@ Qt::HANDLE QSslCertificate::handle() const
 }
 #endif
 
+#ifndef QT_NO_SSL
 QSslKey QSslCertificate::publicKey() const
 {
     QSslKey key;
@@ -155,6 +158,7 @@ QSslKey QSslCertificate::publicKey() const
     }
     return key;
 }
+#endif
 
 QList<QSslCertificateExtension> QSslCertificate::extensions() const
 {
diff --git a/src/network/ssl/qsslcertificateextension.h b/src/network/ssl/qsslcertificateextension.h
index 2ce2112687..c2910e1707 100644
--- a/src/network/ssl/qsslcertificateextension.h
+++ b/src/network/ssl/qsslcertificateextension.h
@@ -48,9 +48,6 @@
 
 QT_BEGIN_NAMESPACE
 
-
-#ifndef QT_NO_SSL
-
 class QSslCertificateExtensionPrivate;
 
 class Q_NETWORK_EXPORT QSslCertificateExtension
@@ -80,8 +77,6 @@ private:
 
 Q_DECLARE_SHARED(QSslCertificateExtension)
 
-#endif // QT_NO_SSL
-
 QT_END_NAMESPACE
 
 
diff --git a/src/network/ssl/ssl.pri b/src/network/ssl/ssl.pri
index 8919ec3819..6975264038 100644
--- a/src/network/ssl/ssl.pri
+++ b/src/network/ssl/ssl.pri
@@ -1,11 +1,22 @@
 # OpenSSL support; compile in QSslSocket.
+
+HEADERS += ssl/qasn1element_p.h \
+           ssl/qssl.h \
+           ssl/qssl_p.h \
+           ssl/qsslcertificate.h \
+           ssl/qsslcertificate_p.h \
+           ssl/qsslcertificateextension.h \
+           ssl/qsslcertificateextension_p.h
+
+SOURCES += ssl/qasn1element.cpp \
+           ssl/qssl.cpp \
+           ssl/qsslcertificate.cpp \
+           ssl/qsslcertificateextension.cpp
+
+!qtConfig(openssl): SOURCES += ssl/qsslcertificate_qt.cpp
+
 qtConfig(ssl) {
-    HEADERS += ssl/qasn1element_p.h \
-               ssl/qssl.h \
-               ssl/qssl_p.h \
-               ssl/qsslcertificate.h \
-               ssl/qsslcertificate_p.h \
-               ssl/qsslconfiguration.h \
+    HEADERS += ssl/qsslconfiguration.h \
                ssl/qsslconfiguration_p.h \
                ssl/qsslcipher.h \
                ssl/qsslcipher_p.h \
@@ -18,26 +29,19 @@ qtConfig(ssl) {
                ssl/qsslsocket.h \
                ssl/qsslsocket_p.h \
                ssl/qsslpresharedkeyauthenticator.h \
-               ssl/qsslpresharedkeyauthenticator_p.h \
-               ssl/qsslcertificateextension.h \
-               ssl/qsslcertificateextension_p.h
-    SOURCES += ssl/qasn1element.cpp \
-               ssl/qssl.cpp \
-               ssl/qsslcertificate.cpp \
-               ssl/qsslconfiguration.cpp \
+               ssl/qsslpresharedkeyauthenticator_p.h
+    SOURCES += ssl/qsslconfiguration.cpp \
                ssl/qsslcipher.cpp \
                ssl/qssldiffiehellmanparameters.cpp \
                ssl/qsslellipticcurve.cpp \
                ssl/qsslkey_p.cpp \
                ssl/qsslerror.cpp \
                ssl/qsslsocket.cpp \
-               ssl/qsslpresharedkeyauthenticator.cpp \
-               ssl/qsslcertificateextension.cpp
+               ssl/qsslpresharedkeyauthenticator.cpp
 
     winrt {
         HEADERS += ssl/qsslsocket_winrt_p.h
-        SOURCES += ssl/qsslcertificate_qt.cpp \
-                   ssl/qsslcertificate_winrt.cpp \
+        SOURCES += ssl/qsslcertificate_winrt.cpp \
                    ssl/qssldiffiehellmanparameters_dummy.cpp \
                    ssl/qsslkey_qt.cpp \
                    ssl/qsslkey_winrt.cpp \
@@ -47,8 +51,7 @@ qtConfig(ssl) {
 
     qtConfig(securetransport) {
         HEADERS += ssl/qsslsocket_mac_p.h
-        SOURCES += ssl/qsslcertificate_qt.cpp \
-                   ssl/qssldiffiehellmanparameters_dummy.cpp \
+        SOURCES += ssl/qssldiffiehellmanparameters_dummy.cpp \
                    ssl/qsslkey_qt.cpp \
                    ssl/qsslkey_mac.cpp \
                    ssl/qsslsocket_mac_shared.cpp \
author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2018-06-29 11:33:36 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2018-07-06 06:52:06 +0000
commit	a149659c5c028d4049c60c4f9a30b481a79cfe08 (patch)
tree	ef9147ef0de9a6cc4bb7f9683726ebd7c3473c0b /src/network
parent	514972544a34aca0fd679b3a78521a0a1558d4e0 (diff)