summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslconfiguration.cpp
Commit message (Collapse)AuthorAgeFilesLines
* HTTP2 protocol handlerTimur Pocheptsov2016-07-081-0/+1
| | | | | | | | | | Add HTTP2 support in QNAM - QHttp2ProtocolHandler + aux. classes. [ChangeLog][QtNetwork] Added support for HTTP/2 protocol Task-number: QTBUG-50956 Change-Id: I3a119cfbb1fb3118d9003225f5e54b46ae2829b6 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Fix some qdoc-warnings for Qt 5.8.Friedemann Kleint2016-06-281-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | qtbase/src/corelib/tools/qstring.cpp:8341: warning: Unknown command '\length' qtbase/src/corelib/tools/qstring.cpp:8354: warning: Unknown command '\length' qtbase/src/corelib/tools/qstring.cpp:8366: warning: Unknown command '\length' qtbase/src/corelib/doc/src/animation.qdoc:38: warning: Can't link to 'QAbstractAnimation::updateCurrentValue()' qtbase/src/corelib/io/qdatastream.cpp:529: warning: Undocumented enum item 'Qt_5_8' in QDataStream::Version qtbase/src/corelib/tools/qdatetime.cpp:4377: warning: No documentation for 'QDateTime::currentSecsSinceEpoch()' qtbase/src/corelib/tools/qcommandlineoption.cpp:435: warning: Undocumented parameter 'flags' in QCommandLineOption::setFlags() qtbase/src/network/ssl/qsslconfiguration.cpp:857: warning: Undocumented parameter 'dhparams' in QSslConfiguration::setDiffieHellmanParameters() qtbase/src/network/ssl/qsslconfiguration.cpp:830: warning: Undocumented parameter 'hint' in QSslConfiguration::setPreSharedKeyIdentityHint() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: No such enum item 'ErrorUnsafeParameters' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: No such enum item 'ErrorInvalidInputData' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'UnsafeParametersError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'NoError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'InvalidInputDataError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:105: warning: Undocumented parameter 'encoding' in QSslDiffieHellmanParameters::QSslDiffieHellmanParameters() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:129: warning: Undocumented parameter 'encoding' in QSslDiffieHellmanParameters::QSslDiffieHellmanParameters() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:208: warning: Can't link to 'clear()' qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:277: warning: Undocumented parameter 'dhparam' in operator<<() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:277: warning: No such parameter 'dhparm' in operator<<() qtbase/src/widgets/kernel/qapplication.cpp:999: warning: Cannot find 'QApplication::autoMaximizeThreshold' specified with '\property' in any header file Change-Id: I4ac00f0fc0dbc4d421cf7c0273635d9681962645 Reviewed-by: Topi Reiniö <topi.reinio@theqtcompany.com>
* Add settable QSslDiffieHellmanParameters for QSslSocket-based servers.Mikkel Krautz2016-05-251-0/+29
| | | | | | | | | | Only the OpenSSL backend is supported right now. [ChangeLog][QtNetwork][SSL/TLS support] It is now possible to set custom Diffie-Hellman parameters for QSslSocket-based servers. Change-Id: I50148873132cd0ec7e414250b107b6b4cbde02ea Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
* Merge remote-tracking branch 'origin/5.7' into devLiang Qi2016-05-231-0/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: mkspecs/wince80colibri-armv7-msvc2012/qmake.conf qmake/generators/win32/msvc_vcproj.cpp src/corelib/global/qnamespace.h src/corelib/global/qnamespace.qdoc src/corelib/io/qfsfileengine_win.cpp src/corelib/tools/tools.pri src/network/ssl/qsslconfiguration_p.h src/plugins/platforms/linuxfb/qlinuxfbscreen.cpp src/plugins/platforms/windows/windows.pri src/src.pro src/tools/bootstrap/bootstrap.pro src/tools/uic/cpp/cppwriteinitialization.cpp src/widgets/dialogs/qfilesystemmodel.cpp tests/auto/testlib/selftests/expected_cmptest.teamcity tests/auto/testlib/selftests/expected_cmptest.txt Change-Id: I4d2ac78f0dcc97f008186bbbc769c6fe588ab0e5
| * Add ephemeralServerKey to isNull() and operator==André Klitzing2016-05-131-0/+2
| | | | | | | | | | | | Change-Id: Iacd0f55886847630b84a8037d8d26504c558c90e Reviewed-by: Sebastian Lösch <Sebastian.Loesch@governikus.com> Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
* | Add support for PSK on server sideAndré Klitzing2016-05-021-0/+28
| | | | | | | | | | | | | | | | [ChangeLog][QtNetwork][QSslSocket] TLS PSK ciphers are possible in server sockets. Task-number: QTBUG-39077 Change-Id: Iaa854a6f50242deae5492f2e4759c727488995f5 Reviewed-by: Richard J. Moore <rich@kde.org>
* | qsslsocket/qsslcontext - add ALPN (OpenSSL only)Timur Pocheptsov2016-03-211-8/+12
|/ | | | | | | | | Application-Layer Protocol Negotiation (ALPN) - is a reworked revision of Next Protocol Negotiation (NPN) we have in our OpenSSL code. Can be used as a part of HTTP2 negotiation during TLS handshake. Change-Id: I484ec528c81d4887a64749095ec292dfaec18330 Reviewed-by: Richard J. Moore <rich@kde.org>
* Use QFlags::setFlag where prudent in qtbaseAndre Somers2016-02-121-4/+1
| | | | | | | | | | | | | | | | | QFlags::setFlag is most useful to replace explicit constructs like if (condition) { someFlags |= TheConditionFlag; } else { someFlags &= ~TheConditionFlag; } with someFlags.setFlag(TheConditionFlag, condition); Change-Id: Ie4586681c83e0af812d5bbf14965aad51941a960 Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* Updated license headersJani Heikkinen2016-01-151-14/+20
| | | | | | | | | | | From Qt 5.7 -> LGPL v2.1 isn't an option anymore, see http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/ Updated license headers to use new LGPL header instead of LGPL21 one (in those files which will be under LGPL v3) Change-Id: I046ec3e47b1876cd7b4b0353a576b352e3a946d9 Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
* Make ephemeral server key availableSebastian Lösch2016-01-041-0/+17
| | | | | | | | | | | | | | When using cipher algorithms with forward secrecy an ephemeral key is used to generate the symmetric session key. Beside the SSL certificate's key, this ephemeral key is of cryptographic interest. The ephemeral key is chosen by the server side - currently statically in the Qt implementation - so it is only of interest on the client side to check it. Therefore the ephemeral key is the null key if the connection is set up in server mode or a cipher without forward secrecy is used. Change-Id: If241247dbb8490a91233ae47f2b38952c6591bf4 Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
* QSslSocket: move default cipher, EC and default CA APIs to QSslConfigurationGiuseppe D'Angelo2015-06-111-0/+45
| | | | | | | | | | | | | | | | QSslConfiguration is better suited for these APIs. The ones in QSslSocket that already have a counterpart have been deprecated. [ChangeLog][QtNetwork][SSL/TLS Support] Most of the QSslSocket functions to deal with ciphersuites, certification authorities as well as elliptic curves have been deprecated in favor of the corresponding counterparts in QSslConfiguration. Task-number: QTBUG-46558 Change-Id: I1de03379efcbcab931c20e876e252769fe4279e0 Reviewed-by: Liang Qi <liang.qi@theqtcompany.com> Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
* Update copyright headersJani Heikkinen2015-02-111-7/+7
| | | | | | | | | | | | | | | | | | Qt copyrights are now in The Qt Company, so we could update the source code headers accordingly. In the same go we should also fix the links to point to qt.io. Outdated header.LGPL removed (use header.LGPL21 instead) Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing combination. New header.LGPL-COMM taken in the use file which were using old header.LGPL3 (src/plugins/platforms/android/extract.cpp) Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license combination Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
* Merge remote-tracking branch 'origin/5.4' into devFrederik Gladhorn2015-02-101-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro src/gui/image/qimage_conversions.cpp src/gui/opengl/qopenglextensions_p.h src/gui/text/qtextengine.cpp src/network/ssl/qsslsocket_openssl.cpp src/plugins/platforms/eglfs/qeglfshooks_stub.cpp src/plugins/platforms/eglfs/qeglfsscreen.cpp src/plugins/platforms/eglfs/qeglfswindow.cpp src/plugins/platforms/windows/qwindowsfontdatabase.cpp src/plugins/platforms/windows/qwindowsfontdatabase_ft.cpp src/plugins/platforms/windows/qwindowsnativeinterface.cpp src/plugins/platforms/windows/qwindowsscreen.cpp src/plugins/platforms/windows/qwindowswindow.cpp src/plugins/platforms/windows/qwindowswindow.h src/plugins/platforms/xcb/qxcbdrag.h src/widgets/itemviews/qabstractitemview.cpp src/widgets/kernel/qwidget.cpp src/widgets/util/qsystemtrayicon_p.h tests/auto/corelib/itemmodels/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp Thanks to Friedemann Kleint for resolving the qwindowsfontdatabase.cpp conflicts. Change-Id: I937232c30523d5121c195d947d92aec6f129b03e
| * Doc: add missing since 5.4 for new sessionProtocol() methods.David Faure2015-01-191-0/+1
| | | | | | | | | | | | | | | | They were added in 233a2f37bfa6c896612cbf9a7db42e8e0da788f5, which is in 5.4, but the \since information was missing. Change-Id: I346a049cad75647fdcd7b64df80dc169bb4ec70a Reviewed-by: Richard J. Moore <rich@kde.org>
* | [QSSL] Pass params of shareable type by const-ref rather than by valueKonstantin Ritt2015-01-281-0/+4
| | | | | | | | | | | | Change-Id: I9c09a3e2dfb90eb22d4509ac6c450a0bb5da48f6 Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/5.4' into devSimon Hausmann2014-12-181-1/+3
|\| | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/global/qglobal.h src/platformsupport/platformcompositor/qopenglcompositor.cpp src/platformsupport/platformcompositor/qopenglcompositorbackingstore.cpp tests/auto/gui/kernel/qwindow/tst_qwindow.cpp Change-Id: I5422868500be695584a496dbbbc719d146bc572d
| * Use categorized logging for ssl codeKai Koehne2014-12-101-1/+3
| | | | | | | | | | | | | | | | | | Place all debug output into the 'qt.network.ssl' category. This allows people to disable certain warnings at runtime. Task-number: QTBUG-43173 Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1 Reviewed-by: Richard J. Moore <rich@kde.org>
* | SSL: Add support for selecting which curves should be used by an elliptic cipherGiuseppe D'Angelo2014-11-261-0/+46
|/ | | | | | | | | [ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic curves should be used by an elliptic curve cipher. Change-Id: If5d0d58922768b6f1375836489180e576f5a015a Done-with: Marc Mutz <marc.mutz@kdab.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Update license headers and add new license filesMatti Paaso2014-09-241-19/+11
| | | | | | | | | - Renamed LICENSE.LGPL to LICENSE.LGPLv21 - Added LICENSE.LGPLv3 - Removed LICENSE.GPL Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2 Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
* Merge remote-tracking branch 'origin/stable' into devSergio Ahumada2014-03-131-1/+1
|\ | | | | | | Change-Id: Idec54e19963e8d88c711cb179cffc81596323899
| * Replace Note: with \note in documentationKurt Pattyn2014-03-131-1/+1
| | | | | | | | | | | | Change-Id: I213ac1fb2733e675f3641441fe6c621bab06c1f0 Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* | Add support for finding the version of SSL/TLS in use.Richard J. Moore2014-03-101-0/+13
|/ | | | | | | | | | | | Previously we allowed you to specify which version(s) you wanted to use, but did not provide access to the version that was actually negotiated. [ChangeLog][QtNetwork][QSslSocket] Add support for finding the version of SSL/TLS in use by a connection. Task-number: QTBUG-28471 Change-Id: I6d50d2bc9f1ce7f98192e67992178fe7e41c0575 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* SSL: add support for the Next Protocol Negotiation extensionPeter Hartmann2014-02-111-2/+104
| | | | | | | | | | | | ... which is needed to negotiate the SPDY protocol. [ChangeLog][QtNetwork][QSslConfiguration] Added support for the Next Protocol Negotiation (NPN) TLS extension. Task-number: QTBUG-33208 Change-Id: I3c945f9b7e2d2ffb0814bfdd3e87de1dae6c20ef Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
* Ensure weak ciphers are not part of the default SSL configuration.Richard J. Moore2014-01-211-1/+1
| | | | | | | | | | | | | | | | | | | | Any cipher that is < 128 bits is excluded from the default SSL configuration. These ciphers are still included in the list of availableCiphers() and can be used by applications if required. Calling QSslSocket::setDefaultCiphers(QSslSocket::availableCiphers()) will restore the old behavior. Note that in doing so I spotted that calling defaultCiphers() before doing other actions with SSL had an existing bug that I've addressed as part of the change. [ChangeLog][Important Behavior Changes] The default set of ciphers used by QSslSocket has been changed to exclude ciphers that are using key lengths smaller than 128 bits. These ciphers are still available and can be enabled by applications if required. Change-Id: If2241dda67b624e5febf788efa1369f38c6b1dba Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* QSslConfiguration: rename [get]session() to [get]sessionTicket()Peter Hartmann2013-11-081-12/+12
| | | | | | | | to reflect the fact that this returns and sets the whole session ticket, and not just the session ID. Change-Id: I00fe2bc4197dbcd7a02b3ae4f2f84e3a2a7edad0 Reviewed-by: Richard J. Moore <rich@kde.org>
* Doc: Adding mark-up to boolean default values.Jerome Pasion2013-10-081-4/+4
| | | | | | | | | | | | | | | | | Default values should have mark-up to denote that they are code. This commit changes: -"property is true" to "property is \c true". -"Returns true" to "Returns \c true". -"property is false" to "property is \c false". -"returns true" to "returns \c true". -"returns false" to "returns \c false". src/3rdparty and non-documentation instances were ignored. Task-number: QTBUG-33360 Change-Id: Ie87eaa57af947caa1230602b61c5c46292a4cf4e Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Jerome Pasion <jerome.pasion@digia.com>
* QSslConfiguration: add API to persist and resume SSL sessionsPeter Hartmann2013-05-101-3/+62
| | | | | | | | | | | | | Session tickets can be cached on the client side for hours (e.g. graph.facebook.com: ~ 24 hours, api.twitter.com: 4 hours), because the server does not need to maintain state. We need public API for it so an application can cache the session (e.g. to disk) and resume a session already with the 1st handshake, saving one network round trip. Task-number: QTBUG-20668 Change-Id: I10255932dcd528ee1231538cb72b52b97f9f4a3c Reviewed-by: Richard J. Moore <rich@kde.org>
* Add support for intermediate certificates to server sockets.Richard Moore2013-02-191-0/+27
| | | | | | | | | | Add intermediate certificates to our server sockets, and to our client certs. Change-Id: Ib5aa575473f9e84f337bebe35099506dd7d7e2ba Task-Number: QTBUG-19825 Task-Number: QTBUG-13281 Reviewed-by: Peter Hartmann <phartmann@rim.com>
* Store the local certificate in a QList.Richard Moore2013-02-191-4/+19
| | | | | | | | | Instead of storing a single QSslCertificate for a the local cert, store a list of them. This will allow us to handle server sockets that use a certificate that is not issued directly from the CA root in future. Change-Id: I9a36b9a99daa9c0bdd17f61b4ce1a7da746f2e96 Reviewed-by: Peter Hartmann <phartmann@rim.com>
* SSL: Implement session sharing and use it from QNetworkAccessManagerPeter Hartmann2013-02-061-0/+6
| | | | | | | | This improves performance since a network round trip can be avoided. Change-Id: I1aaff7e48ef9638cb137de0f43942c3a4dd2884a Initial-patch-by: Markus Goetz <markus@woboq.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* QSslConfiguration: toggle on demand loading of root certs properlyPeter Hartmann2013-01-231-0/+3
| | | | | | | | | | | | | | | make sure we keep track of when we can load root certs and when we cannot (we cannot when the developer set the certs explicitly). This is implemented the same way for QSslSocket already, and needs to be duplicated because we have 2 methods for setting CA certificates: one in QSslSocket and one in QSslConfiguration. In addition, adapt the auto test which checks whether setting a default QSslConfiguration works: There is no way to set on demand loading through the API, so it should be enabled by default. Task-number: QTBUG-29103 Change-Id: I5146128aaa385dfcc0ad1e0ef81a92d9350ec5f2 Reviewed-by: Richard J. Moore <rich@kde.org>
* Update copyright year in Digia's license headersSergio Ahumada2013-01-181-1/+1
| | | | | Change-Id: Ic804938fc352291d011800d21e549c10acac66fb Reviewed-by: Lars Knoll <lars.knoll@digia.com>
* Add more qtbase implictly-shared classes to the listGiuseppe D'Angelo2012-11-301-0/+1
| | | | | | | QText*Format and QDns* ones are still missing. Change-Id: I8e87fba596e87289ca935717e0a90bfc0b0a26c0 Reviewed-by: hjk <qthjk@ovi.com>
* Change copyrights from Nokia to DigiaIikka Eklund2012-09-221-24/+24
| | | | | | | | Change copyrights and license headers from Nokia to Digia Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e Reviewed-by: Lars Knoll <lars.knoll@digia.com> Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
* Disable SSL compression by default.Richard Moore2012-09-181-1/+2
| | | | | | | | | Disable SSL compression by default since this appears to be the a likely cause of the currently hyped CRIME attack. Change-Id: I515fcc46f5199acf938e9e880a4345f2d405b2a3 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Peter Hartmann <phartmann@rim.com>
* doc: Fixed qdoc errors in SSLMartin Smith2012-08-181-4/+6
| | | | | | | | | Fixed some bad camel case, marked some parameters with \a, and changed a \enum to a \typedef. Removed some obasolete text. Change-Id: I1e69dd9f3b74129230770addc80fe1c125faf268 Reviewed-by: Richard J. Moore <rich@kde.org>
* QtNetwork: add member-swap to shared classesMarc Mutz2012-07-061-0/+8
| | | | | | | | Implemented as in other shared classes (e.g. QPen). Change-Id: Ib3d87ff99603e617cc8810489f9f5e9fe054cd2a Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* Mark the testSslOption method as introduced in Qt 4.8Laszlo Papp2012-06-071-0/+2
| | | | | | Change-Id: Ibe7cb1ca9cdcedd3f09dd4f865907e3f0fa6aef3 Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* Doc: Fix \sa usageMarius Storm-Olsen2012-05-111-1/+1
| | | | | | | | | Ensure comma between elements (757 missing), single space and curly- braces around title elements, etc. Change-Id: Id16c3fda7fc47a12a0682f8720214f4990609a97 Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
* Doc: Modularize QtNetwork documentation.Casper van Donderen2012-05-091-1/+1
| | | | | | | This change moves the snippets and imagesto the modularized directories. Change-Id: If14912692a7f72d7de345eaf88d9ec9752310fca Reviewed-by: Marius Storm-Olsen <marius.storm-olsen@nokia.com>
* Remove the usage of deprecated qdoc macros.Casper van Donderen2012-03-021-10/+10
| | | | | | | | | | | QDoc now has support for Doxygen style commands for italics, bold and list items. This change applies that change in QDoc to the actual documentation. Task-number: QTBUG-24578 Change-Id: I519bf9c29b14092e3ab6067612f42bf749eeedf5 Reviewed-by: Shane Kearns <shane.kearns@accenture.com> Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
* Remove "All rights reserved" line from license headers.Jason McDonald2012-01-301-1/+1
| | | | | | | | | | As in the past, to avoid rewriting various autotests that contain line-number information, an extra blank line has been inserted at the end of the license text to ensure that this commit does not change the total number of lines in the license header. Change-Id: I311e001373776812699d6efc045b5f742890c689 Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* Update contact information in license headers.Jason McDonald2012-01-231-1/+1
| | | | | | | Replace Nokia contact email address with Qt Project website. Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415 Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* Update copyright year in license headers.Jason McDonald2012-01-051-1/+1
| | | | | Change-Id: I02f2c620296fcd91d4967d58767ea33fc4e1e7dc Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* Make the default ssloptions testable.Richard Moore2011-11-291-1/+4
| | | | | | | | | Centralise the specification of the default ssloptions to make the code clearer and more testable. Change-Id: I4f4bae72736dd063ee4cd64c6375e82d0600a105 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com> Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* SSL: fix compilation warning with gcc 4.6.1Peter Hartmann2011-11-161-1/+1
| | | | | | | | "qsslconfiguration.cpp:204:73: warning: suggest parentheses around comparison in operand of ‘|’ [-Wparentheses]" Change-Id: I887ffdf3ef8263c35a8f391b3fc97faee41b7dab Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
* SSL namespace: rename TlsV1 to TlsV1_0Peter Hartmann2011-11-161-1/+1
| | | | | | | | | | | | This is a source-incompatible change. TlsV1 is ambiguous; what is actually meant is TLS version 1.0. There are also TLS versions 1.1 and 1.2; we might want to add options for these once OpenSSL supports them (apparently they will be with OpenSSL version 1.0.1). Change-Id: I940d020b181b5fa528788ef0c3c47e8ef873796a Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
* Add the ability to do unsafe SSL renegotiation as a fallback.Richard Moore2011-11-151-1/+1
| | | | | | | | | | | This commit adds the ability to perform legacy SSL renegotiation as a fallback via QSsl::SslOptions. This is something that used to work, but has been disabled by default in newer versions of openssl. The need for this has been reported by users (eg. in QTBUG-14983). Change-Id: I5b80f3ffd07e0c5faddc469f6a8f857bac5740f7 Reviewed-by: Corentin Chary <corentin.chary@gmail.com> Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* Add the ability to enable various SSL bug workarounds.Richard Moore2011-10-201-2/+27
| | | | | | | | | | | | | There are lots of buggy SSL servers around and to connect to them you need to disable various features. This commit adds the ability to disable the SSL ticket extension, the ability to disable the insertion of empty fragments, and the ability to disable compression. Task-number: QTBUG-21906 Change-Id: I3e1d0347a46e9030b889bbf15b2aad19b8513b73 Merge-request: 68 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* Update licenseheader text in source files for qtbase Qt moduleJyri Tahtela2011-05-241-17/+17
| | | | | | | Updated version of LGPL and FDL licenseheaders. Apply release phase licenseheaders for all source files. Reviewed-by: Trust Me
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 08:50:33 +0000