diff options
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/kernel/qauthenticator.cpp | 3 | ||||
-rw-r--r-- | src/network/kernel/qdnslookup_unix.cpp | 6 | ||||
-rw-r--r-- | src/network/kernel/qhostinfo_unix.cpp | 4 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 137 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 5 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols.cpp | 13 |
6 files changed, 96 insertions, 72 deletions
diff --git a/src/network/kernel/qauthenticator.cpp b/src/network/kernel/qauthenticator.cpp index 107addae58..099d9586d2 100644 --- a/src/network/kernel/qauthenticator.cpp +++ b/src/network/kernel/qauthenticator.cpp @@ -1445,7 +1445,8 @@ static PSecurityFunctionTable pSecurityFunctionTable = NULL; static bool q_NTLM_SSPI_library_load() { - QMutexLocker locker(QMutexPool::globalInstanceGet((void *)&pSecurityFunctionTable)); + static QBasicMutex mutex; + QMutexLocker l(&mutex); // Initialize security interface if (pSecurityFunctionTable == NULL) { diff --git a/src/network/kernel/qdnslookup_unix.cpp b/src/network/kernel/qdnslookup_unix.cpp index 41038dc8da..1da00813ce 100644 --- a/src/network/kernel/qdnslookup_unix.cpp +++ b/src/network/kernel/qdnslookup_unix.cpp @@ -39,7 +39,9 @@ #include "qdnslookup_p.h" +#if QT_CONFIG(library) #include <qlibrary.h> +#endif #include <qscopedpointer.h> #include <qurl.h> #include <private/qnativesocketengine_p.h> @@ -58,7 +60,7 @@ QT_BEGIN_NAMESPACE -#ifndef QT_NO_LIBRARY +#if QT_CONFIG(library) #if defined(Q_OS_OPENBSD) typedef struct __res_state* res_state; @@ -382,6 +384,6 @@ void QDnsLookupRunnable::query(const int requestType, const QByteArray &requestN return; } -#endif /* ifndef QT_NO_LIBRARY */ +#endif /* QT_CONFIG(library) */ QT_END_NAMESPACE diff --git a/src/network/kernel/qhostinfo_unix.cpp b/src/network/kernel/qhostinfo_unix.cpp index 7af8db73e0..cf08a15f96 100644 --- a/src/network/kernel/qhostinfo_unix.cpp +++ b/src/network/kernel/qhostinfo_unix.cpp @@ -45,7 +45,9 @@ #include "private/qnativesocketengine_p.h" #include "qiodevice.h" #include <qbytearray.h> +#if QT_CONFIG(library) #include <qlibrary.h> +#endif #include <qbasicatomic.h> #include <qurl.h> #include <qfile.h> @@ -93,7 +95,7 @@ static res_state_ptr local_res = 0; static bool resolveLibraryInternal() { -#if !defined(QT_NO_LIBRARY) && !defined(Q_OS_QNX) +#if QT_CONFIG(library) && !defined(Q_OS_QNX) QLibrary lib; #ifdef LIBRESOLV_SO lib.setFileName(QStringLiteral(LIBRESOLV_SO)); diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index 07de954cef..44171ca911 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -575,6 +575,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui { QSslCipher ciph; switch (cipher) { + // Sorted as in CipherSuite.h (and groupped by their RFC) case SSL_RSA_WITH_NULL_MD5: ciph.d->name = QLatin1String("NULL-MD5"); ciph.d->protocol = QSsl::SslV3; @@ -592,38 +593,21 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui ciph.d->protocol = QSsl::SslV3; break; - case TLS_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("DES-CBC3-SHA"); - break; + // TLS addenda using AES, per RFC 3268 case TLS_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("AES128-SHA"); break; - case TLS_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("AES128-SHA256"); - break; - case TLS_RSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("AES256-SHA"); - break; - case TLS_RSA_WITH_AES_256_CBC_SHA256: - ciph.d->name = QLatin1String("AES256-SHA256"); - break; - - case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA"); - break; case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA"); break; - case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256"); + case TLS_RSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("AES256-SHA"); break; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA"); break; - case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: - ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256"); - break; + // ECDSA addenda, RFC 4492 case TLS_ECDH_ECDSA_WITH_NULL_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-NULL-SHA"); break; @@ -636,21 +620,29 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA"); break; - case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256"); - break; case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA"); break; - case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384"); + case TLS_ECDHE_ECDSA_WITH_NULL_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA"); + break; + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA"); break; - case TLS_ECDH_RSA_WITH_NULL_SHA: ciph.d->name = QLatin1String("ECDH-RSA-NULL-SHA"); break; case TLS_ECDH_RSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA"); + ciph.d->name = QLatin1String("ECDH-RSA-RC4-SHA"); break; case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-DES-CBC3-SHA"); @@ -658,62 +650,91 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSLCipherSuite(SSLCipherSui case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA"); break; - case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256"); - break; case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA"); break; - case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384"); + case TLS_ECDHE_RSA_WITH_NULL_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA"); + break; + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-RC4-SHA"); + break; + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA"); + break; + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA"); + break; + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_NULL_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-NULL-SHA"); + // TLS 1.2 addenda, RFC 5246 + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("DES-CBC3-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-RC4-SHA"); + case TLS_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("AES128-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-DES-CBC3-SHA"); + case TLS_RSA_WITH_AES_256_CBC_SHA256: + ciph.d->name = QLatin1String("AES256-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA"); + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + ciph.d->name = QLatin1String("DHE-RSA-DES-CBC3-SHA"); break; - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256"); + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("DHE-RSA-AES128-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA"); + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + ciph.d->name = QLatin1String("DHE-RSA-AES256-SHA256"); break; - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: - ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384"); + + // Addendum from RFC 4279, TLS PSK + // all missing atm. + + // RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption + // all missing atm. + + // Addenda from rfc 5288 AES Galois Counter Mode (CGM) Cipher Suites for TLS + case TLS_RSA_WITH_AES_256_GCM_SHA384: + ciph.d->name = QLatin1String("AES256-GCM-SHA384"); break; - case TLS_ECDHE_RSA_WITH_NULL_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-NULL-SHA"); + // RFC 5487 - PSK with SHA-256/384 and AES GCM + // all missing atm. + + // Addenda from rfc 5289 Elliptic Curve Cipher Suites with HMAC SHA-256/384 + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_RC4_128_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDHE-ECDSA-AES256-SHA384"); break; - case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-DES-CBC3-SHA"); + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDH-ECDSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA"); + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDH-ECDSA-AES256-SHA384"); break; case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: ciph.d->name = QLatin1String("ECDHE-RSA-AES128-SHA256"); break; - case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: - ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA"); - break; case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: ciph.d->name = QLatin1String("ECDHE-RSA-AES256-SHA384"); break; + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + ciph.d->name = QLatin1String("ECDH-RSA-AES128-SHA256"); + break; + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + ciph.d->name = QLatin1String("ECDH-RSA-AES256-SHA384"); + break; + + // Addenda from rfc 5289 Elliptic Curve Cipher Suites + // with SHA-256/384 and AES Galois Counter Mode (GCM) case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: ciph.d->name = QLatin1String("ECDHE-RSA-AES256-GCM-SHA384"); break; + default: return ciph; } diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 28576f1167..65a5c1ba3a 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -78,7 +78,6 @@ #include <QtCore/qthread.h> #include <QtCore/qurl.h> #include <QtCore/qvarlengtharray.h> -#include <QLibrary> // for loading the security lib for the CA store #include <string.h> @@ -572,7 +571,7 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() resetDefaultCiphers(); resetDefaultEllipticCurves(); -#ifndef QT_NO_LIBRARY +#if QT_CONFIG(library) //load symbols needed to receive certificates from system store #if defined(Q_OS_WIN) HINSTANCE hLib = LoadLibraryW(L"Crypt32"); @@ -600,7 +599,7 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() } } #endif -#endif //QT_NO_LIBRARY +#endif // QT_CONFIG(library) // if on-demand loading was not enabled, load the certs now if (!s_loadRootCertsOnDemand) setDefaultCaCertificates(systemCaCertificates()); diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index 02364b194b..2ce7bbb3fa 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -58,7 +58,7 @@ #ifdef Q_OS_WIN # include <private/qsystemlibrary_p.h> -#else +#elif QT_CONFIG(library) # include <QtCore/qlibrary.h> #endif #include <QtCore/qmutex.h> @@ -125,7 +125,7 @@ void qsslSocketUnresolvedSymbolWarning(const char *functionName) qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName); } -#ifndef QT_NO_LIBRARY +#if QT_CONFIG(library) void qsslSocketCannotResolveSymbolWarning(const char *functionName) { qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName); @@ -473,12 +473,11 @@ DEFINEFUNC(void, PKCS12_free, PKCS12 *pkcs12, pkcs12, return, DUMMYARG) #if !defined QT_LINKED_OPENSSL -#ifdef QT_NO_LIBRARY +#if !QT_CONFIG(library) bool q_resolveOpenSslSymbols() { - qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. " - "QT_NO_LIBRARY is defined which means runtime resolving of " - "libraries won't work."); + qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the " + "'library' feature, which means runtime resolving of libraries won't work."); qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving " "of libraries."); return false; @@ -1044,7 +1043,7 @@ bool q_resolveOpenSslSymbols() delete libs.second; return true; } -#endif // QT_NO_LIBRARY +#endif // QT_CONFIG(library) #else // !defined QT_LINKED_OPENSSL |