summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslcontext_openssl.cpp
Commit message (Collapse)AuthorAgeFilesLines
* QSslSocket: fix compilation errorNikita Baryshnikov2015-03-041-1/+1
| | | | | | | | invalid conversion from ‘unsigned char**’ to ‘const unsigned char**’ Task-number: QTBUG-44744 Change-Id: I6263db106fe28c6aa04db8ca79421b3a9fc5adc9 Reviewed-by: Richard J. Moore <rich@kde.org>
* QSslSocket: Factor out error message about failure to set the elliptic curves.Friedemann Kleint2015-02-251-2/+7
| | | | | Change-Id: Ic5305216536ee3938c389336c979b5c90fc886e4 Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* Use d2i_DHparams instead of poking around inside the DH struct.Richard J. Moore2015-02-161-41/+10
| | | | | | | | This change is a step closer to working with openssl 1.2 which makes this struct opaque. Change-Id: I3897142657edc0fa4053142b6ef743c2b00c013e Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
* QSsl: add TlsV1_0OrLater, TlsV1_1OrLater, TlsV1_2OrLaterMikkel Krautz2015-02-131-0/+16
| | | | | Change-Id: I90b99fb515dcf559824f673d2304081238541c4c Reviewed-by: Richard J. Moore <rich@kde.org>
* Update copyright headersJani Heikkinen2015-02-111-7/+7
| | | | | | | | | | | | | | | | | | Qt copyrights are now in The Qt Company, so we could update the source code headers accordingly. In the same go we should also fix the links to point to qt.io. Outdated header.LGPL removed (use header.LGPL21 instead) Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing combination. New header.LGPL-COMM taken in the use file which were using old header.LGPL3 (src/plugins/platforms/android/extract.cpp) Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license combination Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
* Merge remote-tracking branch 'origin/5.4' into devFrederik Gladhorn2015-02-101-0/+6
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro src/gui/image/qimage_conversions.cpp src/gui/opengl/qopenglextensions_p.h src/gui/text/qtextengine.cpp src/network/ssl/qsslsocket_openssl.cpp src/plugins/platforms/eglfs/qeglfshooks_stub.cpp src/plugins/platforms/eglfs/qeglfsscreen.cpp src/plugins/platforms/eglfs/qeglfswindow.cpp src/plugins/platforms/windows/qwindowsfontdatabase.cpp src/plugins/platforms/windows/qwindowsfontdatabase_ft.cpp src/plugins/platforms/windows/qwindowsnativeinterface.cpp src/plugins/platforms/windows/qwindowsscreen.cpp src/plugins/platforms/windows/qwindowswindow.cpp src/plugins/platforms/windows/qwindowswindow.h src/plugins/platforms/xcb/qxcbdrag.h src/widgets/itemviews/qabstractitemview.cpp src/widgets/kernel/qwidget.cpp src/widgets/util/qsystemtrayicon_p.h tests/auto/corelib/itemmodels/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp Thanks to Friedemann Kleint for resolving the qwindowsfontdatabase.cpp conflicts. Change-Id: I937232c30523d5121c195d947d92aec6f129b03e
| * Fix compile error if openssl is built with no-ssl3-methodAndré Klitzing2015-01-161-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | Since openssl 1.0.1k with enabled option no-ssl3-method we need to check for OPENSSL_NO_SSL3_METHOD to use following functions: - SSLv3_method - SSLv3_server_method - SSLv3_client_method Change-Id: Iee83a6f4bacbf5660baa6bdb89eb02ceb9f11614 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | Remove legacy ifdefs for ancient openssl.Richard J. Moore2015-02-081-2/+2
| | | | | | | | | | | | | | | | | | | | | | There were still ifdefs for openssl 0.9.7 and openssl 0.9.8f. [ChangeLog][QtNetwork] Some legacy ifdefs for openssl 0.9.7 and openssl 0.9.8f were removed, Qt will no longer build with these versions. In addition there is no support for openssl built with NO_TLSEXT. Change-Id: I9268515c0a125a2f6d79add8ee1cb40768e7e898 Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
* | Stop accessing the internals of the SSL_CTX structure.Richard J. Moore2015-02-071-1/+1
| | | | | | | | | | Change-Id: I51733e9a3bb0d5d54dc2f61ac75751d899a84bd1 Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
* | Add elliptic curve support to QSslAndré Klitzing2015-01-181-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add possibility to get length and other information of EC based certificates. Also it is possible to parse those public/private keys from PEM and DER encoded files. Based on patch by Remco Bloemen [ChangeLog][QtNetwork][SSL/TLS support] It is now possible to parse elliptic curve certificates. Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b Task-number: QTBUG-18972 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | Merge remote-tracking branch 'origin/5.4' into devSimon Hausmann2014-12-181-5/+6
|\| | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/global/qglobal.h src/platformsupport/platformcompositor/qopenglcompositor.cpp src/platformsupport/platformcompositor/qopenglcompositorbackingstore.cpp tests/auto/gui/kernel/qwindow/tst_qwindow.cpp Change-Id: I5422868500be695584a496dbbbc719d146bc572d
| * Use categorized logging for ssl codeKai Koehne2014-12-101-5/+6
| | | | | | | | | | | | | | | | | | Place all debug output into the 'qt.network.ssl' category. This allows people to disable certain warnings at runtime. Task-number: QTBUG-43173 Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1 Reviewed-by: Richard J. Moore <rich@kde.org>
* | QSslEllipticCurve: remove a copy when setting the curvesGiuseppe D'Angelo2014-12-031-5/+6
| | | | | | | | | | | | | | | | | | The only reason for copying QSslEllipticCurves into a temporary array would be to be extra-pedantic about type safety, but in the end, we can simply force a cast and remove the copy. Change-Id: Ice8a036fe4b79ba438ce83b5eacf6158eb3f0ce7 Reviewed-by: Richard J. Moore <rich@kde.org>
* | SSL: let a server choose the most appropriate curve for a clientGiuseppe D'Angelo2014-11-291-5/+12
| | | | | | | | | | | | | | | | | | | | OpenSSL 1.0.2 introduces SSL_CTX_set_ecdh_auto, which allows us to stop using one specific temporary curve, and instead makes the server negotiate the best curve. Task-number: QTBUG-42925 Change-Id: I3a68f29030bdf04f368bfdf79c888401ce82bdd8 Reviewed-by: Richard J. Moore <rich@kde.org>
* | SSL: Add support for selecting which curves should be used by an elliptic cipherGiuseppe D'Angelo2014-11-261-0/+25
| | | | | | | | | | | | | | | | | | [ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic curves should be used by an elliptic curve cipher. Change-Id: If5d0d58922768b6f1375836489180e576f5a015a Done-with: Marc Mutz <marc.mutz@kdab.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/5.4' into devFrederik Gladhorn2014-10-271-2/+5
|\| | | | | | | | | | | | | Conflicts: src/gui/text/qfontdatabase.cpp Change-Id: I6ac1f55faa22b8e7b591386fb67f0333d0ea443d
| * Update QSsl::SecureProtocols to not include Sslv3Allan Sandfeld Jensen2014-10-241-2/+5
| | | | | | | | | | | | | | | | | | | | | | After the poodle vulnerability SSLv3 should like SSLv2 no longer be considered safe, so when a user request a safe protocol we should only allow TLS versions. [ChangeLog][QtNetwork][QSsl] QSsl::SecureProtocols now also excludes SSLv3 Change-Id: If825f6beb599294b028d706903b39db6b20be519 Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/5.4' into devFrederik Gladhorn2014-10-201-4/+13
|\| | | | | | | Change-Id: If7e51514ed6832750e3ad967e4d322ccf920d2bb
| * Add information about unsupported SSL protocol when creating context.Mikołaj Siedlarek2014-10-101-4/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | When creating SSL context failed due to unsupported protocol being demanded, no explanation was given. It's because QSslContext::fromConfiguration() extracted explanation for error message from OpenSSL, which at that point hasn't even been called yet. This patch adds explicit message informing that an unsupported protocol was chosen. Task-number: QTBUG-41775 Change-Id: I9d2710da4ba314a16837a90afcdc5d9256179bef Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* | Merge remote-tracking branch 'origin/5.4' into devOswald Buddenhagen2014-09-291-18/+10
|\| | | | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/tools/qbytearray.cpp src/gui/image/qimage.cpp src/gui/image/qppmhandler.cpp src/gui/kernel/qguiapplication.cpp src/gui/painting/qpaintengine_raster.cpp Change-Id: I7c1a8e7ebdfd7f7ae767fdb932823498a7660765
| * Update license headers and add new license filesMatti Paaso2014-09-241-18/+10
| | | | | | | | | | | | | | | | | | - Renamed LICENSE.LGPL to LICENSE.LGPLv21 - Added LICENSE.LGPLv3 - Removed LICENSE.GPL Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2 Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
* | QSslContext: to represent a bool, use a bool, not an intGiuseppe D'Angelo2014-09-041-1/+1
|/ | | | | Change-Id: I2c2f5072302d2989362a382bd24cc10617336acf Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
* SSL: split ssl files into general and "_openssl" implementationOliver Wolff2014-08-091-0/+465
In order to prepare the addition of WinRT and iOS (SecureTransport) implementations of SSL the structure of some SSL files has to be redone. Parts of certificate that probably can be reused by other ports stayed in qsslcertificate.cpp while other parts were moved to qsslcertificate_openssl.cpp. qsslcontext, qsslkey and qsslsocket were suffixed by _openssl to show that these are pure openssl implementations. Change-Id: I7b022dec49759f882274999c0991bf95788f2a3a Reviewed-by: Andrew Knight <andrew.knight@digia.com> Reviewed-by: Oliver Wolff <oliver.wolff@digia.com> Reviewed-by: Richard J. Moore <rich@kde.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 20:19:49 +0000