1 files changed, 26 insertions, 36 deletions

diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp
index 4e090f96cb..f04387b5cb 100644
--- a/src/network/ssl/qsslsocket_mac.cpp
+++ b/src/network/ssl/qsslsocket_mac.cpp
@@ -1,31 +1,37 @@
 /****************************************************************************
 **
 ** Copyright (C) 2014 Jeremy Lainé <jeremy.laine@m4x.org>
-** Contact: http://www.qt.io/licensing/
+** Contact: https://www.qt.io/licensing/
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 **
-** $QT_BEGIN_LICENSE:LGPL21$
+** $QT_BEGIN_LICENSE:LGPL$
 ** Commercial License Usage
 ** Licensees holding valid commercial Qt licenses may use this file in
 ** accordance with the commercial license agreement provided with the
 ** Software or, alternatively, in accordance with the terms contained in
 ** a written agreement between you and The Qt Company. For licensing terms
-** and conditions see http://www.qt.io/terms-conditions. For further
-** information use the contact form at http://www.qt.io/contact-us.
+** and conditions see https://www.qt.io/terms-conditions. For further
+** information use the contact form at https://www.qt.io/contact-us.
 **
 ** GNU Lesser General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU Lesser
-** General Public License version 2.1 or version 3 as published by the Free
-** Software Foundation and appearing in the file LICENSE.LGPLv21 and
-** LICENSE.LGPLv3 included in the packaging of this file. Please review the
-** following information to ensure the GNU Lesser General Public License
-** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
-** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPL3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
 **
-** As a special exception, The Qt Company gives you certain additional
-** rights. These rights are described in The Qt Company LGPL Exception
-** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or (at your option) the GNU General
+** Public license version 3 or any later version approved by the KDE Free
+** Qt Foundation. The licenses are as published by the Free Software
+** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
+** included in the packaging of this file. Please review the following
+** information to ensure the GNU General Public License requirements will
+** be met: https://www.gnu.org/licenses/gpl-2.0.html and
+** https://www.gnu.org/licenses/gpl-3.0.html.
 **
 ** $QT_END_LICENSE$
 **
@@ -491,29 +497,6 @@ void QSslSocketPrivate::resetDefaultEllipticCurves()
     Q_UNIMPLEMENTED();
 }
 
-
-QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates()
-{
-    QList<QSslCertificate> systemCerts;
-#ifdef Q_OS_OSX
-    // SecTrustSettingsCopyCertificates is not defined on iOS.
-    QCFType<CFArrayRef> cfCerts;
-    OSStatus status = SecTrustSettingsCopyCertificates(kSecTrustSettingsDomainSystem, &cfCerts);
-    if (status == noErr) {
-        const CFIndex size = CFArrayGetCount(cfCerts);
-        for (CFIndex i = 0; i < size; ++i) {
-            SecCertificateRef cfCert = (SecCertificateRef)CFArrayGetValueAtIndex(cfCerts, i);
-            QCFType<CFDataRef> derData = SecCertificateCopyData(cfCert);
-            systemCerts << QSslCertificate(QByteArray::fromCFData(derData), QSsl::Der);
-        }
-    } else {
-       // no detailed error handling here
-       qCWarning(lcSsl) << "SecTrustSettingsCopyCertificates failed:" << status;
-    }
-#endif
-    return systemCerts;
-}
-
 QSslSocketBackendPrivate::QSslSocketBackendPrivate()
     : context(Q_NULLPTR)
 {
@@ -867,6 +850,9 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
     case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
         ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA384");
         break;
+    case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+        ciph.d->name = QLatin1String("ECDHE-RSA-AES256-GCM-SHA384");
+        break;
     default:
         return ciph;
     }
@@ -914,6 +900,10 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui
             ciph.d->encryptionMethod = QLatin1String("AES(128)");
             ciph.d->bits = 128;
             ciph.d->supportedBits = 128;
+        } else if (ciph.d->name.contains("AES256-GCM")) {
+            ciph.d->encryptionMethod = QLatin1String("AESGCM(256)");
+            ciph.d->bits = 256;
+            ciph.d->supportedBits = 256;
         } else if (ciph.d->name.contains("AES256-")) {
             ciph.d->encryptionMethod = QLatin1String("AES(256)");
             ciph.d->bits = 256;