1 files changed, 57 insertions, 7 deletions
diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp
index 55c9a281ba..5c95c9f544 100644
--- a/src/network/ssl/qsslconfiguration.cpp
+++ b/src/network/ssl/qsslconfiguration.cpp
@@ -1,8 +1,8 @@
 /****************************************************************************
 **
-** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2015 The Qt Company Ltd.
 ** Copyright (C) 2014 BlackBerry Limited. All rights reserved.
-** Contact: http://www.qt-project.org/legal
+** Contact: http://www.qt.io/licensing/
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 **
@@ -11,9 +11,9 @@
 ** Licensees holding valid commercial Qt licenses may use this file in
 ** accordance with the commercial license agreement provided with the
 ** Software or, alternatively, in accordance with the terms contained in
-** a written agreement between you and Digia. For licensing terms and
-** conditions see http://qt.digia.com/licensing. For further information
-** use the contact form at http://qt.digia.com/contact-us.
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see http://www.qt.io/terms-conditions. For further
+** information use the contact form at http://www.qt.io/contact-us.
 **
 ** GNU Lesser General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU Lesser
@@ -24,8 +24,8 @@
 ** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
 ** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
-** In addition, as a special exception, Digia gives you certain additional
-** rights. These rights are described in the Digia Qt LGPL Exception
+** As a special exception, The Qt Company gives you certain additional
+** rights. These rights are described in The Qt Company LGPL Exception
 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** $QT_END_LICENSE$
@@ -203,6 +203,7 @@ bool QSslConfiguration::operator==(const QSslConfiguration &other) const
         d->sessionCipher == other.d->sessionCipher &&
         d->sessionProtocol == other.d->sessionProtocol &&
         d->ciphers == other.d->ciphers &&
+        d->ellipticCurves == other.d->ellipticCurves &&
         d->caCertificates == other.d->caCertificates &&
         d->protocol == other.d->protocol &&
         d->peerVerifyMode == other.d->peerVerifyMode &&
@@ -243,6 +244,7 @@ bool QSslConfiguration::isNull() const
             d->allowRootCertOnDemandLoading == true &&
             d->caCertificates.count() == 0 &&
             d->ciphers.count() == 0 &&
+            d->ellipticCurves.isEmpty() &&
             d->localCertificateChain.isEmpty() &&
             d->privateKey.isNull() &&
             d->peerCertificate.isNull() &&
@@ -698,6 +700,50 @@ int QSslConfiguration::sessionTicketLifeTimeHint() const
 }
 
 /*!
+    \since 5.5
+
+    Returns this connection's current list of elliptic curves. This
+    list is used during the handshake phase for choosing an
+    elliptic curve (when using an elliptic curve cipher).
+    The returned list of curves is ordered by descending preference
+    (i.e., the first curve in the list is the most preferred one).
+
+    By default, the handshake phase can choose any of the curves
+    supported by this system's SSL libraries, which may vary from
+    system to system. The list of curves supported by this system's
+    SSL libraries is returned by QSslSocket::supportedEllipticCurves().
+
+    You can restrict the list of curves used for choosing the session cipher
+    for this socket by calling setEllipticCurves() with a subset of the
+    supported ciphers. You can revert to using the entire set by calling
+    setEllipticCurves() with the list returned by
+    QSslSocket::supportedEllipticCurves().
+
+    \sa setEllipticCurves
+ */
+QVector<QSslEllipticCurve> QSslConfiguration::ellipticCurves() const
+{
+    return d->ellipticCurves;
+}
+
+/*!
+    \since 5.5
+
+    Sets the list of elliptic curves to be used by this socket to \a curves,
+    which must contain a subset of the curves in the list returned by
+    supportedEllipticCurves().
+
+    Restricting the elliptic curves must be done before the handshake
+    phase, where the session cipher is chosen.
+
+    \sa ellipticCurves
+ */
+void QSslConfiguration::setEllipticCurves(const QVector<QSslEllipticCurve> &curves)
+{
+    d->ellipticCurves = curves;
+}
+
+/*!
   \since 5.3
 
   This function returns the protocol negotiated with the server
@@ -728,7 +774,11 @@ QByteArray QSslConfiguration::nextNegotiatedProtocol() const
 
   \sa nextNegotiatedProtocol(), nextProtocolNegotiationStatus(), allowedNextProtocols(), QSslConfiguration::NextProtocolSpdy3_0, QSslConfiguration::NextProtocolHttp1_1
  */
+#if QT_VERSION >= QT_VERSION_CHECK(6,0,0)
+void QSslConfiguration::setAllowedNextProtocols(const QList<QByteArray> &protocols)
+#else
 void QSslConfiguration::setAllowedNextProtocols(QList<QByteArray> protocols)
+#endif
 {
     d->nextAllowedProtocols = protocols;
 }