summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslconfiguration.cpp
Commit message (Collapse)AuthorAgeFilesLines
* QSslConfiguration - fix a warningTimur Pocheptsov2020-02-141-0/+2
| | | | | | | With non-OpenSSL backends parameters in setters are unused variables. Change-Id: I2113042d39bd97adbe964089f5d7e93c1df31ec5 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* Merge remote-tracking branch 'origin/5.15' into devLiang Qi2020-02-131-4/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: examples/widgets/graphicsview/boxes/scene.h src/corelib/Qt5CoreMacros.cmake src/corelib/Qt6CoreMacros.cmake src/network/ssl/qsslsocket.cpp src/network/ssl/qsslsocket.h src/platformsupport/fontdatabases/windows/qwindowsfontenginedirectwrite.cpp src/testlib/CMakeLists.txt src/testlib/.prev_CMakeLists.txt tests/auto/corelib/tools/qscopeguard/tst_qscopeguard.cpp Disabled building manual tests with CMake for now, because qmake doesn't do it, and it confuses people. Done-With: Alexandru Croitor <alexandru.croitor@qt.io> Done-With: Volker Hilsheimer <volker.hilsheimer@qt.io> Change-Id: I865ae347bd01f4e59f16d007b66d175a52f1f152
| * Implement/fix session resumption with TLS 1.3Timur Pocheptsov2020-01-291-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The session we cache at the end of a handshake is non-resumable in TLS 1.3, since NewSessionTicket message appears quite some time after the handshake was complete. OpenSSL has a callback where we can finally obtain a resumable session and inform an application about session ticket updated by emitting a signal. Truism: OpenSSL-only. [ChangeLog][QtNetwork] A new signal introduced to report when a valid session ticket received (TLS 1.3) Fixes: QTBUG-81591 Change-Id: I4d22fad5cc082e431577e20ddbda2835e864b511 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
| * Remove some usage of deprecated QSslCertificate::fromPathMårten Nordheim2020-01-291-1/+3
| | | | | | | | | | | | | | | | | | | | | | The changed function was added in September 2019 in 5.15 branch before the new overload was added and the old one was deprecated, so we can freely change it. Amends 1068d579ee848edf08db5ac611b292c76c30a39b Change-Id: Iff9d72c26ce557c28b188e1754daa03fd061d531 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* | QSslSocket (OpenSSL) improve alert messages handlingTimur Pocheptsov2019-12-031-2/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Add a new verification callback. This gives an option to report errors directly from this callback (by emitting handshakeInterruptedOnError()). This allows an application to explain to its peer why the handshake was interrupted (by sending a corresponding alert message). 2. This also means we want to notice such alerts (in Qt, from the application's point of view, they are mostly informational only, no interaction is required). So we also introduce a new 'info callback', that can notice alert messages read or written. We also introduce two new enums describing the level and type of an alert message. QSslSocket gets three new signals (for incoming/outgoing alerts and verification errors found early). 3. In case we requested a certificate, but the peer provided none, we would previously abruptly close the connection without a proper alert message (and such a situation is not handled by any verification callbacks, since there is no certificate(s) to verify essentially). So we now introduce a new verification option that maps to what OpenSSL calls 'SSL_VERIFY_FAIL_IF_NO_PEER_CERT'. This way, the proper alert will be generated. Fixes: QTBUG-68419 Change-Id: I5d1e9298b4040a2d4f867f5b1a3567a2253927b8 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* | Merge remote-tracking branch 'origin/5.15' into devQt Forward Merge Bot2019-10-021-6/+72
|\| | | | | | | Change-Id: Ideaa64d583746f1ce8265997131fb1ce3a9acbcf
| * QSslConfiguration: Add functions for adding CA certificatesMårten Nordheim2019-09-251-6/+72
| | | | | | | | | | | | | | | | The QSslSocket versions of these will be deprecated. Change-Id: I88c788f88e13f190e015d6a78b958e81c2d483a1 Reviewed-by: Jesus Fernandez <jsfdez@gmail.com> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* | Retire SPDY protocol implementation (Qt6)Timur Pocheptsov2019-09-251-9/+2
|/ | | | | | | | | | | | | | | | | | | As it was superseded by HTTP/2. Bye, Speedy. Since it's Qt 6, we also fix the attribute's enumerator to fit our coding convention with HTTP2AllowedAttribute becoming Http2AllowedAttribute, and the same for HTTP2WasUsedAttribute. tst_qnetworkreply in 'benchmark' directory of qtbase/tests was updated - we have the logic they tested in preConnectEncrypted in tst_http2 now. Manual qnetworkreply test was updated (instead of SPDY in NPN failure we can use H2, the second test was deleted - again, auto-tested in tst_http2). Change-Id: I559c140c333ddf72664911c6e275b1d0d2b980a9 Task-number: QTBUG-78255 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* Schannel supportMårten Nordheim2019-01-221-0/+4
| | | | | | | | | | | | | Adds support for Schannel, an SSL backend for Windows, as an alternative to OpenSSL. [ChangeLog][QtNetwork][Ssl] Added support for Schannel on Desktop Windows. To build Qt with Schannel support use '-schannel' during configure. Task-number: QTBUG-62637 Change-Id: Ic4fb8ed3657dab994f9f4a4ac5cbddc7001a0a46 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* Enable OCSP stapling in QSslSocketTimur Pocheptsov2018-12-031-2/+35
| | | | | | | | | | | | | | | | This patch enables OCSP stapling in QSslSocket::SslClientMode (OpenSSL back-end only). OCSP stapling is described by RFC6066 and based on the original OCSP as defined by RFC2560. At the moment multiple certificate status protocol is not supported (not implemented in OpenSSL). SecureTransport does not support OCSP stapling at the moment. [ChangeLog][QtNetwork][TLS] Added OCSP-stapling support for OpenSSL backend Task-number: QTBUG-12812 Task-number: QTBUG-17158 Change-Id: Id2e0f4cc861311d1ece462864e5e30c76184af8c Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* Merge remote-tracking branch 'origin/5.11' into 5.12Qt Forward Merge Bot2018-10-081-0/+4
|\ | | | | | | | | | | | | Conflicts: src/corelib/tools/qtimezoneprivate.cpp Change-Id: Icbb5999d378711ce3786a4fe0aba176a45ac702c
| * Doc: Describe behavior of QSslConfiguration::caCertificates() on iOSLeena Miettinen2018-10-041-0/+4
| | | | | | | | | | | | | | | | | | | | In iOS, the system certificates cannot be accessed, so this function will return an empty list for the default configuration. Task-number: QTBUG-60407 Change-Id: I0d691a0dd5e6367594e71c7ebccfbdc866d4a3f0 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Andy Shaw <andy.shaw@qt.io>
* | qdoc: Fix qdoc warnings from changes to QDtlsMartin Smith2018-08-151-1/+1
| | | | | | | | | | | | | | | | This update corrects several minor documentation errors that were introduced by a recent change to QDtls. Change-Id: I6ee6b0bf74c82dca86ba8d5f39acbd642829ec44 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* | Extend the feature 'dtls' to handle missing DTLS support in OpenSSLTimur Pocheptsov2018-07-131-22/+26
| | | | | | | | | | | | | | | | | | | | | | | | OpenSSL has 'no-dtls' configure option (or can be too ancient to properly support it), we shall respect such builds. This patch extends configure.json with a 'dtls' test and adds protection against linkage/compile-time issues in the QtNetwork's code. Change-Id: I0c0dd94f5c226115cee4285b82c83aa546555aea Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* | Merge remote-tracking branch 'origin/5.11' into devLiang Qi2018-07-021-1/+1
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/plugins/platforms/cocoa/qnsview.mm src/plugins/platforms/cocoa/qnsview_dragging.mm src/plugins/platforms/ios/qiosinputcontext.mm src/plugins/platforms/xcb/qxcbconnection.cpp src/plugins/platforms/xcb/qxcbconnection_xi2.cpp src/plugins/platforms/xcb/qxcbwindow.cpp src/tools/androiddeployqt/main.cpp Was moved from qttools into qtbase in 5.11. So re-apply 32398e4d here. tests/auto/corelib/global/qlogging/test/test.pro tests/auto/corelib/global/qlogging/tst_qlogging.cpp tests/auto/corelib/io/qfile/tst_qfile.cpp tests/auto/corelib/kernel/qtimer/tst_qtimer.cpp tests/auto/corelib/thread/qthreadstorage/test/test.pro tests/auto/widgets/itemviews/qheaderview/tst_qheaderview.cpp tests/auto/widgets/kernel/qapplication/test/test.pro Done-with: Gatis Paeglis <gatis.paeglis@qt.io> Done-with: Mårten Nordheim <marten.nordheim@qt.io> Done-with: Oliver Wolff <oliver.wolff@qt.io> Change-Id: Id970486c5315a1718c540f00deb2633533e8fc7b
| * Doc: Add missing full stops in briefsPaul Wicking2018-06-211-1/+1
| | | | | | | | | | | | Task-number: QTBUG-68933 Change-Id: I3f2a9f8c562f9a44bb32bddd31d75abbfe6de04d Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
* | Merge remote-tracking branch 'origin/5.11' into devLiang Qi2018-06-071-1/+1
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: .qmake.conf src/corelib/kernel/qeventdispatcher_cf.mm src/gui/kernel/qguiapplication_p.h src/gui/kernel/qwindowsysteminterface.cpp src/gui/kernel/qwindowsysteminterface.h src/plugins/platforms/cocoa/qcocoawindow.mm src/plugins/platforms/cocoa/qnswindowdelegate.mm src/plugins/platforms/ios/qioseventdispatcher.mm src/plugins/platforms/windows/qwindowsdrag.h src/plugins/platforms/windows/qwindowsinternalmimedata.h src/plugins/platforms/windows/qwindowsmime.cpp src/plugins/platforms/winrt/qwinrtscreen.cpp Change-Id: Ic817f265c2386e83839d2bb9ef7419cb29705246
| * Doc: Remove outdated info and linkify valueMårten Nordheim2018-06-041-1/+1
| | | | | | | | | | | | | | No reason to duplicate the info there in a paranthesis. Change-Id: Ie01be382d36bbc8e7f2eff4cc7ae0df207869c25 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* | Merge remote-tracking branch 'origin/5.11' into devLiang Qi2018-05-141-4/+4
|\| | | | | | | | | | | | | | | | | Conflicts: mkspecs/features/qt_module_headers.prf tests/auto/widgets/itemviews/qheaderview/tst_qheaderview.cpp tests/auto/widgets/kernel/qwidget/BLACKLIST Change-Id: I2a08952d28d1d0e3d73f521a3d44700ce79ff16c
| * Fix documentation of setBackendConfigurationOptionAndré Klitzing2018-04-251-4/+4
| | | | | | | | | | | | | | | | Introduced by mistake in f55c73ede28d4455f555a28e401407326ac9b954 Change-Id: Ieac8fc0a6bb536e5ef3770a22785fe41d4033ee9 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* | Add a new (D)TLS configurationTimur Pocheptsov2018-04-061-0/+56
|/ | | | | | | | | | | | | Namespace QSsl: introduce DtlsV1_0/DtlsV1_2/DtlsV1_2OrLater enumerators into SslProtocol. Implement QSslConfiguration::defaultDtlsConfiguration. Make some functions shared - now not only QSslSocket needs them, but also DTLS-related code. This patch-set also enables protocol-specific set of ciphers (so for DTLS we are using the correct method - 'DTLS_method'). Change-Id: I828fc898674aa3c0a471e8e5b94575bb50538601 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* Expand Config to Configuration in method namesEdward Welbourne2018-03-131-9/+9
| | | | | | | | Commit f55c73ede28d4455f555a28e401407326ac9b954 added various backendConfig methods; API review for 5.11 pointed out that Config should not be abbreviated. Change-Id: I3b294b44a030b2a6e4cdd034fa27583c228dfe42 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* Fix some qdoc-warnings for 5.11Friedemann Kleint2018-02-211-1/+1
| | | | | | | | | | | | | | | | Rename example savegame and its snippets following a6b697ca13945a174cff9f3e9b1af1cf61c0bea5. Fix: /qtbase/examples/corelib/serialization/savegame/doc/src/savegame.qdoc:28: warning: Cannot find file 'json/savegame/savegame.pro' or 'json/savegame/savegame.qmlproject' qtbase/examples/corelib/serialization/savegame/doc/src/savegame.qdoc:98: (qdoc) warning: Cannot find file to quote from: 'json/savegame/level.cpp' json qtbase/src/network/ssl/qsslconfiguration.cpp:889: warning: Undocumented parameter 'name' in QSslConfiguration::setBackendConfigOption() qtbase/src/corelib/tools/qbitarray.cpp:314: warning: No such parameter 'len' in QBitArray::fromBits() Change-Id: If59512873ca2116b89490927fdbf9ea1d8b237a8 Reviewed-by: Topi Reiniö <topi.reinio@qt.io> Reviewed-by: Martin Smith <martin.smith@qt.io>
* Introduce QSslConfiguration::backendConfigLars Schmertmann2018-01-261-0/+56
| | | | | | | | With this change it is possible to use all supported configurations in different backends without any new interfaces. Change-Id: Ib233539a970681d30ae3907258730e491f8d3531 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* HTTP2 protocol handlerTimur Pocheptsov2016-07-081-0/+1
| | | | | | | | | | Add HTTP2 support in QNAM - QHttp2ProtocolHandler + aux. classes. [ChangeLog][QtNetwork] Added support for HTTP/2 protocol Task-number: QTBUG-50956 Change-Id: I3a119cfbb1fb3118d9003225f5e54b46ae2829b6 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Fix some qdoc-warnings for Qt 5.8.Friedemann Kleint2016-06-281-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | qtbase/src/corelib/tools/qstring.cpp:8341: warning: Unknown command '\length' qtbase/src/corelib/tools/qstring.cpp:8354: warning: Unknown command '\length' qtbase/src/corelib/tools/qstring.cpp:8366: warning: Unknown command '\length' qtbase/src/corelib/doc/src/animation.qdoc:38: warning: Can't link to 'QAbstractAnimation::updateCurrentValue()' qtbase/src/corelib/io/qdatastream.cpp:529: warning: Undocumented enum item 'Qt_5_8' in QDataStream::Version qtbase/src/corelib/tools/qdatetime.cpp:4377: warning: No documentation for 'QDateTime::currentSecsSinceEpoch()' qtbase/src/corelib/tools/qcommandlineoption.cpp:435: warning: Undocumented parameter 'flags' in QCommandLineOption::setFlags() qtbase/src/network/ssl/qsslconfiguration.cpp:857: warning: Undocumented parameter 'dhparams' in QSslConfiguration::setDiffieHellmanParameters() qtbase/src/network/ssl/qsslconfiguration.cpp:830: warning: Undocumented parameter 'hint' in QSslConfiguration::setPreSharedKeyIdentityHint() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: No such enum item 'ErrorUnsafeParameters' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: No such enum item 'ErrorInvalidInputData' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'UnsafeParametersError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'NoError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:225: warning: Undocumented enum item 'InvalidInputDataError' in QSslDiffieHellmanParameters::Error qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:105: warning: Undocumented parameter 'encoding' in QSslDiffieHellmanParameters::QSslDiffieHellmanParameters() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:129: warning: Undocumented parameter 'encoding' in QSslDiffieHellmanParameters::QSslDiffieHellmanParameters() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:208: warning: Can't link to 'clear()' qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:277: warning: Undocumented parameter 'dhparam' in operator<<() qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp:277: warning: No such parameter 'dhparm' in operator<<() qtbase/src/widgets/kernel/qapplication.cpp:999: warning: Cannot find 'QApplication::autoMaximizeThreshold' specified with '\property' in any header file Change-Id: I4ac00f0fc0dbc4d421cf7c0273635d9681962645 Reviewed-by: Topi Reiniö <topi.reinio@theqtcompany.com>
* Add settable QSslDiffieHellmanParameters for QSslSocket-based servers.Mikkel Krautz2016-05-251-0/+29
| | | | | | | | | | Only the OpenSSL backend is supported right now. [ChangeLog][QtNetwork][SSL/TLS support] It is now possible to set custom Diffie-Hellman parameters for QSslSocket-based servers. Change-Id: I50148873132cd0ec7e414250b107b6b4cbde02ea Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
* Merge remote-tracking branch 'origin/5.7' into devLiang Qi2016-05-231-0/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: mkspecs/wince80colibri-armv7-msvc2012/qmake.conf qmake/generators/win32/msvc_vcproj.cpp src/corelib/global/qnamespace.h src/corelib/global/qnamespace.qdoc src/corelib/io/qfsfileengine_win.cpp src/corelib/tools/tools.pri src/network/ssl/qsslconfiguration_p.h src/plugins/platforms/linuxfb/qlinuxfbscreen.cpp src/plugins/platforms/windows/windows.pri src/src.pro src/tools/bootstrap/bootstrap.pro src/tools/uic/cpp/cppwriteinitialization.cpp src/widgets/dialogs/qfilesystemmodel.cpp tests/auto/testlib/selftests/expected_cmptest.teamcity tests/auto/testlib/selftests/expected_cmptest.txt Change-Id: I4d2ac78f0dcc97f008186bbbc769c6fe588ab0e5
| * Add ephemeralServerKey to isNull() and operator==André Klitzing2016-05-131-0/+2
| | | | | | | | | | | | Change-Id: Iacd0f55886847630b84a8037d8d26504c558c90e Reviewed-by: Sebastian Lösch <Sebastian.Loesch@governikus.com> Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
* | Add support for PSK on server sideAndré Klitzing2016-05-021-0/+28
| | | | | | | | | | | | | | | | [ChangeLog][QtNetwork][QSslSocket] TLS PSK ciphers are possible in server sockets. Task-number: QTBUG-39077 Change-Id: Iaa854a6f50242deae5492f2e4759c727488995f5 Reviewed-by: Richard J. Moore <rich@kde.org>
* | qsslsocket/qsslcontext - add ALPN (OpenSSL only)Timur Pocheptsov2016-03-211-8/+12
|/ | | | | | | | | Application-Layer Protocol Negotiation (ALPN) - is a reworked revision of Next Protocol Negotiation (NPN) we have in our OpenSSL code. Can be used as a part of HTTP2 negotiation during TLS handshake. Change-Id: I484ec528c81d4887a64749095ec292dfaec18330 Reviewed-by: Richard J. Moore <rich@kde.org>
* Use QFlags::setFlag where prudent in qtbaseAndre Somers2016-02-121-4/+1
| | | | | | | | | | | | | | | | | QFlags::setFlag is most useful to replace explicit constructs like if (condition) { someFlags |= TheConditionFlag; } else { someFlags &= ~TheConditionFlag; } with someFlags.setFlag(TheConditionFlag, condition); Change-Id: Ie4586681c83e0af812d5bbf14965aad51941a960 Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* Updated license headersJani Heikkinen2016-01-151-14/+20
| | | | | | | | | | | From Qt 5.7 -> LGPL v2.1 isn't an option anymore, see http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/ Updated license headers to use new LGPL header instead of LGPL21 one (in those files which will be under LGPL v3) Change-Id: I046ec3e47b1876cd7b4b0353a576b352e3a946d9 Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
* Make ephemeral server key availableSebastian Lösch2016-01-041-0/+17
| | | | | | | | | | | | | | When using cipher algorithms with forward secrecy an ephemeral key is used to generate the symmetric session key. Beside the SSL certificate's key, this ephemeral key is of cryptographic interest. The ephemeral key is chosen by the server side - currently statically in the Qt implementation - so it is only of interest on the client side to check it. Therefore the ephemeral key is the null key if the connection is set up in server mode or a cipher without forward secrecy is used. Change-Id: If241247dbb8490a91233ae47f2b38952c6591bf4 Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
* QSslSocket: move default cipher, EC and default CA APIs to QSslConfigurationGiuseppe D'Angelo2015-06-111-0/+45
| | | | | | | | | | | | | | | | QSslConfiguration is better suited for these APIs. The ones in QSslSocket that already have a counterpart have been deprecated. [ChangeLog][QtNetwork][SSL/TLS Support] Most of the QSslSocket functions to deal with ciphersuites, certification authorities as well as elliptic curves have been deprecated in favor of the corresponding counterparts in QSslConfiguration. Task-number: QTBUG-46558 Change-Id: I1de03379efcbcab931c20e876e252769fe4279e0 Reviewed-by: Liang Qi <liang.qi@theqtcompany.com> Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
* Update copyright headersJani Heikkinen2015-02-111-7/+7
| | | | | | | | | | | | | | | | | | Qt copyrights are now in The Qt Company, so we could update the source code headers accordingly. In the same go we should also fix the links to point to qt.io. Outdated header.LGPL removed (use header.LGPL21 instead) Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing combination. New header.LGPL-COMM taken in the use file which were using old header.LGPL3 (src/plugins/platforms/android/extract.cpp) Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license combination Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
* Merge remote-tracking branch 'origin/5.4' into devFrederik Gladhorn2015-02-101-0/+1
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro src/gui/image/qimage_conversions.cpp src/gui/opengl/qopenglextensions_p.h src/gui/text/qtextengine.cpp src/network/ssl/qsslsocket_openssl.cpp src/plugins/platforms/eglfs/qeglfshooks_stub.cpp src/plugins/platforms/eglfs/qeglfsscreen.cpp src/plugins/platforms/eglfs/qeglfswindow.cpp src/plugins/platforms/windows/qwindowsfontdatabase.cpp src/plugins/platforms/windows/qwindowsfontdatabase_ft.cpp src/plugins/platforms/windows/qwindowsnativeinterface.cpp src/plugins/platforms/windows/qwindowsscreen.cpp src/plugins/platforms/windows/qwindowswindow.cpp src/plugins/platforms/windows/qwindowswindow.h src/plugins/platforms/xcb/qxcbdrag.h src/widgets/itemviews/qabstractitemview.cpp src/widgets/kernel/qwidget.cpp src/widgets/util/qsystemtrayicon_p.h tests/auto/corelib/itemmodels/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp Thanks to Friedemann Kleint for resolving the qwindowsfontdatabase.cpp conflicts. Change-Id: I937232c30523d5121c195d947d92aec6f129b03e
| * Doc: add missing since 5.4 for new sessionProtocol() methods.David Faure2015-01-191-0/+1
| | | | | | | | | | | | | | | | They were added in 233a2f37bfa6c896612cbf9a7db42e8e0da788f5, which is in 5.4, but the \since information was missing. Change-Id: I346a049cad75647fdcd7b64df80dc169bb4ec70a Reviewed-by: Richard J. Moore <rich@kde.org>
* | [QSSL] Pass params of shareable type by const-ref rather than by valueKonstantin Ritt2015-01-281-0/+4
| | | | | | | | | | | | Change-Id: I9c09a3e2dfb90eb22d4509ac6c450a0bb5da48f6 Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/5.4' into devSimon Hausmann2014-12-181-1/+3
|\| | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/global/qglobal.h src/platformsupport/platformcompositor/qopenglcompositor.cpp src/platformsupport/platformcompositor/qopenglcompositorbackingstore.cpp tests/auto/gui/kernel/qwindow/tst_qwindow.cpp Change-Id: I5422868500be695584a496dbbbc719d146bc572d
| * Use categorized logging for ssl codeKai Koehne2014-12-101-1/+3
| | | | | | | | | | | | | | | | | | Place all debug output into the 'qt.network.ssl' category. This allows people to disable certain warnings at runtime. Task-number: QTBUG-43173 Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1 Reviewed-by: Richard J. Moore <rich@kde.org>
* | SSL: Add support for selecting which curves should be used by an elliptic cipherGiuseppe D'Angelo2014-11-261-0/+46
|/ | | | | | | | | [ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic curves should be used by an elliptic curve cipher. Change-Id: If5d0d58922768b6f1375836489180e576f5a015a Done-with: Marc Mutz <marc.mutz@kdab.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Update license headers and add new license filesMatti Paaso2014-09-241-19/+11
| | | | | | | | | - Renamed LICENSE.LGPL to LICENSE.LGPLv21 - Added LICENSE.LGPLv3 - Removed LICENSE.GPL Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2 Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
* Merge remote-tracking branch 'origin/stable' into devSergio Ahumada2014-03-131-1/+1
|\ | | | | | | Change-Id: Idec54e19963e8d88c711cb179cffc81596323899
| * Replace Note: with \note in documentationKurt Pattyn2014-03-131-1/+1
| | | | | | | | | | | | Change-Id: I213ac1fb2733e675f3641441fe6c621bab06c1f0 Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* | Add support for finding the version of SSL/TLS in use.Richard J. Moore2014-03-101-0/+13
|/ | | | | | | | | | | | Previously we allowed you to specify which version(s) you wanted to use, but did not provide access to the version that was actually negotiated. [ChangeLog][QtNetwork][QSslSocket] Add support for finding the version of SSL/TLS in use by a connection. Task-number: QTBUG-28471 Change-Id: I6d50d2bc9f1ce7f98192e67992178fe7e41c0575 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* SSL: add support for the Next Protocol Negotiation extensionPeter Hartmann2014-02-111-2/+104
| | | | | | | | | | | | ... which is needed to negotiate the SPDY protocol. [ChangeLog][QtNetwork][QSslConfiguration] Added support for the Next Protocol Negotiation (NPN) TLS extension. Task-number: QTBUG-33208 Change-Id: I3c945f9b7e2d2ffb0814bfdd3e87de1dae6c20ef Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
* Ensure weak ciphers are not part of the default SSL configuration.Richard J. Moore2014-01-211-1/+1
| | | | | | | | | | | | | | | | | | | | Any cipher that is < 128 bits is excluded from the default SSL configuration. These ciphers are still included in the list of availableCiphers() and can be used by applications if required. Calling QSslSocket::setDefaultCiphers(QSslSocket::availableCiphers()) will restore the old behavior. Note that in doing so I spotted that calling defaultCiphers() before doing other actions with SSL had an existing bug that I've addressed as part of the change. [ChangeLog][Important Behavior Changes] The default set of ciphers used by QSslSocket has been changed to exclude ciphers that are using key lengths smaller than 128 bits. These ciphers are still available and can be enabled by applications if required. Change-Id: If2241dda67b624e5febf788efa1369f38c6b1dba Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* QSslConfiguration: rename [get]session() to [get]sessionTicket()Peter Hartmann2013-11-081-12/+12
| | | | | | | | to reflect the fact that this returns and sets the whole session ticket, and not just the session ID. Change-Id: I00fe2bc4197dbcd7a02b3ae4f2f84e3a2a7edad0 Reviewed-by: Richard J. Moore <rich@kde.org>
* Doc: Adding mark-up to boolean default values.Jerome Pasion2013-10-081-4/+4
| | | | | | | | | | | | | | | | | Default values should have mark-up to denote that they are code. This commit changes: -"property is true" to "property is \c true". -"Returns true" to "Returns \c true". -"property is false" to "property is \c false". -"returns true" to "returns \c true". -"returns false" to "returns \c false". src/3rdparty and non-documentation instances were ignored. Task-number: QTBUG-33360 Change-Id: Ie87eaa57af947caa1230602b61c5c46292a4cf4e Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Jerome Pasion <jerome.pasion@digia.com>