Move plugin code from QtNetwork to qtbase/plugins

All TLS (and non-TLS) backends that QSsl classes rely
on are now in plugins/tls (as openssl, securetransport,
schannel and certonly plugins).

For now, I have to disable some tests that were using OpenSSL
calls - this to be refactored/re-thought. These include:
qsslsocket auto-test (test-case where we work with private keys),
qsslkey auto-test (similar to qsslsocket - test-case working with
keys using OpenSSL calls).
qasn1element moved to plugins too, so its auto-test have to
be re-thought.
Since now we can have more than one working TLS-backend on a given
platform, the presence of OpenSSL also means I force this backend
as active before running tests, to make sure features implemented
only in OpenSSL-backend are tested.
OCSP auto test is disabled for now, since it heavily relies on
OpenSSL symbols (to be refactored).

[ChangeLog][QtNetwork][QSslSocket] QSslSocket by default prefers 'openssl' backend
if it is available.

[ChangeLog][QtNetwork][QSslSocket] TLS-backends are not mutually exclusive anymore,
depending on a platform, more than one TLS backend can be built. E.g., configuring
Qt with -openssl does not prevent SecureTransport or Schannel plugin from being
built.

Fixes: QTBUG-91928
Change-Id: I4c05e32f10179066bee3a518bdfdd6c4b15320c3
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>

1 files changed, 124 insertions, 0 deletions

diff --git a/src/plugins/tls/openssl/qx509_openssl_p.h b/src/plugins/tls/openssl/qx509_openssl_p.h
new file mode 100644
index 0000000000..19f2f7614e
--- /dev/null
+++ b/src/plugins/tls/openssl/qx509_openssl_p.h
@@ -0,0 +1,124 @@
+/****************************************************************************
+**
+** Copyright (C) 2021 The Qt Company Ltd.
+** Contact: https://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPL3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or (at your option) the GNU General
+** Public license version 3 or any later version approved by the KDE Free
+** Qt Foundation. The licenses are as published by the Free Software
+** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-2.0.html and
+** https://www.gnu.org/licenses/gpl-3.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QX509_OPENSSL_P_H
+#define QX509_OPENSSL_P_H
+
+//
+//  W A R N I N G
+//  -------------
+//
+// This file is not part of the Qt API.  It exists purely as an
+// implementation detail.  This header file may change from version to
+// version without notice, or even be removed.
+//
+// We mean it.
+//
+
+#include <QtNetwork/private/qtnetworkglobal_p.h>
+
+#include "../shared/qx509_base_p.h"
+
+#include <QtNetwork/private/qtlsbackend_p.h>
+
+#include <QtCore/qvariant.h>
+#include <QtCore/qglobal.h>
+#include <QtCore/qstring.h>
+
+#include "qopenssl_p.h"
+
+#include <algorithm>
+
+QT_BEGIN_NAMESPACE
+
+namespace QTlsPrivate {
+
+class X509CertificateOpenSSL final : public X509CertificateBase
+{
+public:
+    X509CertificateOpenSSL();
+    ~X509CertificateOpenSSL();
+
+    // TLSTODO: in future may become movable/copyable (ref-counted based
+    // OpenSSL's X509 implementation).
+
+    bool isEqual(const X509Certificate &rhs) const override;
+    bool isSelfSigned() const override;
+    QMultiMap<QSsl::AlternativeNameEntryType, QString> subjectAlternativeNames() const override;
+    TlsKey *publicKey() const override;
+
+    QByteArray toPem() const override;
+    QByteArray toDer() const override;
+    QString toText() const override;
+    Qt::HANDLE handle() const override;
+
+    size_t hash(size_t seed) const noexcept override;
+
+    static QSslCertificate certificateFromX509(X509 *x);
+    static QList<QSslCertificate> stackOfX509ToQSslCertificates(STACK_OF(X509) *x509);
+    static QSslErrorEntry errorEntryFromStoreContext(X509_STORE_CTX *ctx);
+
+    static QList<QSslError> verify(const QList<QSslCertificate> &chain, const QString &hostName);
+    static QList<QSslError> verify(const QList<QSslCertificate> &caCertificates,
+                                   const QList<QSslCertificate> &certificateChain,
+                                   const QString &hostName);
+
+    static QList<QSslCertificate> certificatesFromPem(const QByteArray &pem, int count);
+    static QList<QSslCertificate> certificatesFromDer(const QByteArray &der, int count);
+    static bool importPkcs12(QIODevice *device, QSslKey *key, QSslCertificate *cert,
+                             QList<QSslCertificate> *caCertificates,
+                             const QByteArray &passPhrase);
+
+    static QSslError openSSLErrorToQSslError(int errorCode, const QSslCertificate &cert);
+private:
+    void parseExtensions();
+    static X509CertificateExtension convertExtension(X509_EXTENSION *ext);
+
+    X509 *x509 = nullptr;
+
+    Q_DISABLE_COPY_MOVE(X509CertificateOpenSSL)
+};
+
+extern "C" int qt_X509Callback(int ok, X509_STORE_CTX *ctx);
+
+} // namespace QTlsPrivate
+
+QT_END_NAMESPACE
+
+#endif // QX509_OPENSSL_P_H