| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Change-Id: I3cfcfba892ff4a0ab4e31f308620b445162bb17b
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After a handshake was completed, TLS socket is in 'connectionEncrypted' state.
So on a read notification, in 'transmit', we call 'SSLRead' to read supposedly
encrypted application data or TLS internal messages. In case SSLRead finds either
ClientHello or HelloRequest from a server, it attempts in a rather sneaky manner
to renegotiate. And as it happens here and there with SecureTransport, SSLRead
fails and the work is only half-done, since we have kSSLSessionOptionBreakOnServerAuth
and kSSLSessionOptionBreakOnCertRequested options set to 'true'. We end up with
completely unexpected errors like errSSLClientCertRequested or errSSLPeerAuthCompleted
(yes, this is so normal and totally expected for 'SSLRead' function to verify
certificates and WRITE messages, no need to document this at all!).
If SecureTransport is sneaky, so can be us:
- in a read callback SecureTransport is probing the type of record
and we can notice a sudden session state change - it goes from
kSSLConnected (which is set upon handshake completion) to
kSSLHandshake (which means a (re)handshake is ongoing);
- if this is the case - we lie to SecureTransport about the amount
of data available (0 bytes), set 'renegotiating' to 'true', return
errSSLWouldBlock;
- in 'transmit', if SSLRead returns errSSLWouldBlock and 'renegotiating'
was set, we call 'startHandshake' until isHandshakeComplete() == true
or some error encountered.
[ChangeLog][QtNetwork][QSslSocket] Implement renegotiation for SecureTransport backend
Task-number: QTBUG-69420
Change-Id: Iaab1336aa3abf3f6ac94b358f3142d2738a18ee9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remaining uses of Q_DECL_OVERRIDE are in:
src/corelib/global/qcompilerdetection.h
src/corelib/global/qglobal.cpp
doc/global/qt-cpp-defines.qdocconf
(definition and documentation of Q_DECL_OVERRIDE)
tests/manual/qcursor/qcursorhighdpi/main.cpp
(a test executable compilable both under Qt4 and Qt5)
Change-Id: Ib9b05d829add69e98a86238274b6a1fcb19b49ba
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
|
|\
| |
| |
| | |
Change-Id: I36e6b890b65d12bf6931757540bcc9c553b5eb8f
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
tests/auto/widgets/itemviews/qtreeview/tst_qtreeview.cpp
Change-Id: I6f3878b204464313aa2f9d988d3b35121d4d9867
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The unneeded ';' triggered warnings in pedantic compilation mode.
Change-Id: Id2324823e138560bb25234306601253d7bbd713e
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The new modular configuration system requires one global
header per module, that is included by all other files in
this module.
That header will later on #include the configuration file
for Qt Network. For now it defines the Q_NETWORK_EXPORT
macro for this library.
Change-Id: I9c45d425baf881c431ed71fd457c7feb2c123855
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
From Qt 5.7 -> LGPL v2.1 isn't an option anymore, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/
Updated license headers to use new LGPL header instead of LGPL21 one
(in those files which will be under LGPL v3)
Change-Id: I046ec3e47b1876cd7b4b0353a576b352e3a946d9
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/network/socket/qnativesocketengine_p.h
src/network/ssl/qsslsocket_mac.cpp
src/network/ssl/qsslsocket_mac_p.h
src/widgets/kernel/qwidget.cpp
Change-Id: I39592cb37d710dfaf8640769ba3c1b637927d7f4
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On OS X SSLCreateContext is quite recent - it requires OS X/SDK version
>= 10.8. Since SecureTransport back-end is the default one in Qt 5.6,
make it also work on OS X 10.7.
Change-Id: I364feff9dd95772fcea926494b2d4edaffd2dde1
Reviewed-by: Morten Johan Sørvig <morten.sorvig@theqtcompany.com>
|
|/
|
|
|
|
|
|
|
| |
Introduce the methods setError(), setErrorAndEmit() to consistently
set the internal error state.
Change-Id: I4ff951d100cf5e9f9a7e27135bb52188cde99853
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Suddenly :(( With Security Framework v 7.0 dated by 17/02 SSLHandshake
works differently when our server socket is requesting a client side authentication
and client provides no certificate. Despite of kTryAuthenticate (this means,
auth. _can_ fail) server receives an error from SSLHandshake too early.
We have to handle this in startHandshake (when serveMode && canIgnore).
Change-Id: Ie55540078e2944e80cf2f4ade8b000acf29d6ca2
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Outdated header.LGPL removed (use header.LGPL21 instead)
Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)
Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination
Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
|
|
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.
[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).
Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
|