summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket_p.h
Commit message (Collapse)AuthorAgeFilesLines
* QSslSocket: move default cipher, EC and default CA APIs to QSslConfigurationGiuseppe D'Angelo2015-06-111-2/+0
| | | | | | | | | | | | | | | | QSslConfiguration is better suited for these APIs. The ones in QSslSocket that already have a counterpart have been deprecated. [ChangeLog][QtNetwork][SSL/TLS Support] Most of the QSslSocket functions to deal with ciphersuites, certification authorities as well as elliptic curves have been deprecated in favor of the corresponding counterparts in QSslConfiguration. Task-number: QTBUG-46558 Change-Id: I1de03379efcbcab931c20e876e252769fe4279e0 Reviewed-by: Liang Qi <liang.qi@theqtcompany.com> Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
* Fix bind+connect in both TCP and UDPThiago Macieira2015-03-041-0/+1
| | | | | | | | | | | | | | | | | This has been known to be broken for a while. Now it works: you can bind and you'll retain the port (and the file descriptor) for the connect call. Incidentally, in fixing the binding for more than one IP for the hostname (with event loop), this commit fixes the setSocketDescriptor XFAIL. [ChangeLog][QtNetwork] Fixed a bug that caused both QTcpSocket and QUdpSocket to close the socket and lose any bound ports before connecting. Now bind()/setSocketDescriptor() followed by connect() will retain the original file descriptor. Task-number: QTBUG-26538 Change-Id: I691caed7e8fd16a9cf687b5995afbf3006bf453a Reviewed-by: Richard J. Moore <rich@kde.org>
* Update copyright headersJani Heikkinen2015-02-111-7/+7
| | | | | | | | | | | | | | | | | | Qt copyrights are now in The Qt Company, so we could update the source code headers accordingly. In the same go we should also fix the links to point to qt.io. Outdated header.LGPL removed (use header.LGPL21 instead) Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing combination. New header.LGPL-COMM taken in the use file which were using old header.LGPL3 (src/plugins/platforms/android/extract.cpp) Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license combination Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
* Add SecureTransport based SSL backend for iOS and OS XJeremy Lainé2015-02-021-0/+2
| | | | | | | | | | | Add support for SSL on iOS/OS X by adding a SecureTransport based backend. [ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X, implemented with Apple's Secure Transport (Security Framework). Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b Reviewed-by: Richard J. Moore <rich@kde.org>
* Add Q_DECL_OVERRIDE in the src subdirectoryOlivier Goffart2014-12-031-2/+2
| | | | | | | | | | Done automatically with clang-modernize on linux (But does not add Q_DECL_OVERRIDE to the function that are marked as inline because it a compilation error with MSVC2010) Change-Id: I2196ee26e3e6fe20816834ecea5ea389eeab3171 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* SSL: Add support for selecting which curves should be used by an elliptic cipherGiuseppe D'Angelo2014-11-261-0/+6
| | | | | | | | | [ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic curves should be used by an elliptic curve cipher. Change-Id: If5d0d58922768b6f1375836489180e576f5a015a Done-with: Marc Mutz <marc.mutz@kdab.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Update license headers and add new license filesMatti Paaso2014-09-241-19/+11
| | | | | | | | | - Renamed LICENSE.LGPL to LICENSE.LGPLv21 - Added LICENSE.LGPLv3 - Removed LICENSE.GPL Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2 Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
* ssl: Share the host name matching utilitiesAndrew Knight2014-08-271-0/+2
| | | | | | | | | This moves the socket backend's host name matching functions up to QSslSocketPrivate so that they can be shared between backends. This works, as there is no OpenSSL-specific code here. Change-Id: I73c2081fdc2e60a44c90e90800d1e1877391a626 Reviewed-by: Richard J. Moore <rich@kde.org>
* Introduce secure transport backend for Windows RuntimeOliver Wolff2014-08-131-7/+9
| | | | | | | | | | The change creates a stub implementation for WinRT, adding the needed files and classes to build SSL support on that platform. Task-number: QTBUG-37497 Change-Id: Idc3e8aa91c5eb8a938705f2385d1074fe6c1d83e Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Andrew Knight <andrew.knight@digia.com>
* SSL: split ssl files into general and "_openssl" implementationOliver Wolff2014-08-091-1/+3
| | | | | | | | | | | | | | | In order to prepare the addition of WinRT and iOS (SecureTransport) implementations of SSL the structure of some SSL files has to be redone. Parts of certificate that probably can be reused by other ports stayed in qsslcertificate.cpp while other parts were moved to qsslcertificate_openssl.cpp. qsslcontext, qsslkey and qsslsocket were suffixed by _openssl to show that these are pure openssl implementations. Change-Id: I7b022dec49759f882274999c0991bf95788f2a3a Reviewed-by: Andrew Knight <andrew.knight@digia.com> Reviewed-by: Oliver Wolff <oliver.wolff@digia.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Add accessors for the build-time version of openssl.Richard J. Moore2014-03-101-0/+2
| | | | | | | | | | | | | Many bugs originate due to mismatches between the build-time and run-time versions of openssl but they're hard to debug as we don't provide access to the build-time info. This addresses that weakness. [ChangeLog][QtNetwork][QSslSocket] Added accessors for the version of openssl used at build-time. This will help when debugging problems caused by a mismatch with the run-time version. Change-Id: I6a4c21c8f16ab4c90cdf166f38c62fe37bf1f165 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* Add support for finding the version of SSL/TLS in use.Richard J. Moore2014-03-101-0/+1
| | | | | | | | | | | | Previously we allowed you to specify which version(s) you wanted to use, but did not provide access to the version that was actually negotiated. [ChangeLog][QtNetwork][QSslSocket] Add support for finding the version of SSL/TLS in use by a connection. Task-number: QTBUG-28471 Change-Id: I6d50d2bc9f1ce7f98192e67992178fe7e41c0575 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-08-141-0/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure mkspecs/macx-xcode/Info.plist.app mkspecs/macx-xcode/Info.plist.lib qmake/doc/qmake.qdocconf src/corelib/global/qglobal.h tests/auto/other/exceptionsafety/exceptionsafety.pro tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp Change-Id: I3c769a4a82dc2e99a12c69123fbf17613fd2ac2a
| * Android: Get SSL root certificates from TrustManagerPaul Olav Tvete2013-07-291-0/+3
| | | | | | | | | | | | | | | | On Android, when not using Ministro, we cannot read certificates from the file system, so we have to get them through Java APIs instead. Change-Id: I415329fcb45836735c1112dbe832214b3c73dc9a Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
* | OSX: Make QSslSocket compile on 10.9Liang Qi2013-08-061-2/+2
|/ | | | | | | | | | CSSM_DATA_PTR was deprecated in 10.7. Replace SecCertificateGetData with SecCertificateCopyData. Task-number: QTBUG-32715 Change-Id: I762687370689b5b5c032567240667631b1ffde98 Reviewed-by: Jake Petroules <jake.petroules@petroules.com> Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@digia.com>
* Utilize the new Q_OS_MACX define.Jake Petroules2013-05-091-2/+2
| | | | | | | | | | All occurrences of `#if defined(Q_OS_MAC) && !defined(Q_OS_IOS)` have been replaced with `#if defined(Q_OS_MACX)`. Change-Id: I5055d9bd1845136beb8ed1c79a8f0f2c0897751a Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* SSL internals: do not write after shutting down the socketPeter Hartmann2013-04-231-0/+1
| | | | | | | | | ... but rather throw an error, so the HTTP layer can recover from a SSL shutdown gracefully. In case the other side sent us a shutdown, we should not send one as well, as it results in an error. Change-Id: Ie7a56cf3008b6ead912aade18dbec67846e2a87e Reviewed-by: Richard J. Moore <rich@kde.org>
* SSL: Implement session sharing and use it from QNetworkAccessManagerPeter Hartmann2013-02-061-2/+9
| | | | | | | | This improves performance since a network round trip can be avoided. Change-Id: I1aaff7e48ef9638cb137de0f43942c3a4dd2884a Initial-patch-by: Markus Goetz <markus@woboq.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* QSslConfiguration: toggle on demand loading of root certs properlyPeter Hartmann2013-01-231-0/+2
| | | | | | | | | | | | | | | make sure we keep track of when we can load root certs and when we cannot (we cannot when the developer set the certs explicitly). This is implemented the same way for QSslSocket already, and needs to be duplicated because we have 2 methods for setting CA certificates: one in QSslSocket and one in QSslConfiguration. In addition, adapt the auto test which checks whether setting a default QSslConfiguration works: There is no way to set on demand loading through the API, so it should be enabled by default. Task-number: QTBUG-29103 Change-Id: I5146128aaa385dfcc0ad1e0ef81a92d9350ec5f2 Reviewed-by: Richard J. Moore <rich@kde.org>
* Update copyright year in Digia's license headersSergio Ahumada2013-01-181-1/+1
| | | | | Change-Id: Ic804938fc352291d011800d21e549c10acac66fb Reviewed-by: Lars Knoll <lars.knoll@digia.com>
* Change copyrights from Nokia to DigiaIikka Eklund2012-09-221-24/+24
| | | | | | | | Change copyrights and license headers from Nokia to Digia Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e Reviewed-by: Lars Knoll <lars.knoll@digia.com> Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
* Fixed compile of QSslSocket with -qtnamespace on Windows.Rohan McGovern2012-05-011-7/+11
| | | | | | | | | | | Q_DECLARE_METATYPE must be outside of the qt namespace. System headers must be included outside of the qt namespace. Change-Id: I2f48b1df87e5edae2baee6ce813af08d3e011dc0 Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com> Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com> Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* Fix bug in qsslsocket peek()Kalle Viironen2012-04-231-0/+3
| | | | | | | | | | | | | | | | | | Calling peek() for qsslsocket caused socket data to be copied into qiodevices buffer and therefore make it unaccessible in qsslsocket. Cherry picked form 4.8-branch & modified to Qt5 API changes (int -> qintptr) Original commits: commit 621f18955082fc73471e75d1f8c35c2dcd4befeb Author: Shane Kearns <ext-shane.2.kearns@nokia.com> commit 68b1d5c17aa38d5921bdade2b0e0cb67c6c90513 Author: Kalle Viironen <kalle.viironen@digia.com> Task-number: QTBUG-18498 Change-Id: I6be4b19baec2f3197537f5e7b61432040ec84ad2 Reviewed-by: Shane Kearns <shane.kearns@accenture.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Change coreservices -> iosIan Dean2012-04-191-2/+2
| | | | | | | | Replace "contains(QT_CONFIG, coreservices)" with "!ios" in config files. Replace "QT_NO_CORESERVICES" with "Q_OS_IOS" in source files. Change-Id: Id3b02316b245a24ce550e0b47596d18a4a409e4f Reviewed-by: Morten Johan Sørvig <morten.sorvig@nokia.com>
* Added iOS compatibility.Qt4iOS2012-04-131-1/+3
| | | | | | | Put MacOS-specific code into #ifdef blocks to enable compilation on iOS. Change-Id: I0bb3846f457d1b3a56d99fe182b1718bc8429117 Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* Use windows API to update missing CA rootsShane Kearns2012-04-111-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Windows ships with a minimal set of CA roots. When using windows API to verify a certificate, it will fetch the root certificate from windows update (assuming it is part of the Microsoft trust program). As we are using openssl, this does not happen transparently. If SSL errors occur which indicate a broken chain then attempt to fix it using the windows API before emitting sslErrors. If the system CA certs are not in use (a CA bundle has been set on the socket or as the global configuration), then this is skipped. This is so an application can continue to use its own cert bundle rather than trusting the system certs. Key usage is specified, so that windows will return not trusted status if the root is not suitable for SSL (server auth or client auth OID). Testability: - to test, must delete the CA cert(s) from the "third party root certification authorities" section of the cert store using mmc.exe. - If the workaround of installing the windows XP cert bundle was performed, then you also need to delete certs from the "trusted root certification authorities" section. This is dangerous, be careful not to delete the required certificates which are documented on MS website - Naturally, modifying these areas of the cert store requires elevated privilege. Task-number: QTBUG-24827 Change-Id: I5cfe71c8a10595731f6bbbbabaaefa3313496654 Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Windows: Fix inclusion of <windows.h>Friedemann Kleint2012-02-011-1/+1
| | | | | | | | | | | | | - Always use <qt_windows.h> as the last file to be included. - Remove it from some headers, use Qt::HANDLE instead of HANDLE. - Clean up #ifdef, use Q_OS_WIN for Windows/Windows CE. - Add NOMINMAX to qt_windows.h to avoid problems with the min/max macros. - Remove <windows.h> from qplatformdefs.h (VS2005) Change-Id: Ic44e2cb3eafce38e1ad645c3bf85745439398e50 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
* Remove "All rights reserved" line from license headers.Jason McDonald2012-01-301-1/+1
| | | | | | | | | | As in the past, to avoid rewriting various autotests that contain line-number information, an extra blank line has been inserted at the end of the license text to ensure that this commit does not change the total number of lines in the license header. Change-Id: I311e001373776812699d6efc045b5f742890c689 Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* QAbstractSocket / QSslSocket: add API to pause and resumePeter Hartmann2012-01-251-0/+5
| | | | | | | | | | | | | | | pause and resume is currently only supported upon emitting the QSslSocket::sslErrors() signal. The API was added in QAbstractSocket to also support QAbstractSocket::proxyAuthenticationRequired() in the future. This is the first patch to support that feature on the socket level, another patch will follow to support sslErrors() and authenticationRequired() in QNetworkAccessManager / QNetworkReply. Task-number: QTBUG-19032 Change-Id: Ide2918268590ab9a01454ab26cb7fdca3dc840ab Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
* Update contact information in license headers.Jason McDonald2012-01-231-1/+1
| | | | | | | Replace Nokia contact email address with Qt Project website. Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415 Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* Update copyright year in license headers.Jason McDonald2012-01-051-1/+1
| | | | | Change-Id: I02f2c620296fcd91d4967d58767ea33fc4e1e7dc Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
* SSL internals: rename methods in the SSL backend to reflect public onesPeter Hartmann2011-07-111-2/+2
| | | | | | | Change-Id: I234c740b1acbfea670d6170332626f5e3ba49328 Reviewed-on: http://codereview.qt.nokia.com/1437 Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com> Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
* QSslSocket: Add accessors for SSL versionRichard Moore2011-07-111-0/+2
| | | | | | | | | | | | | | | | | This commit adds accessors for both the openssl version number and the version string. The intention here is to aid debugging by making it possible for applications to know which version of the openssl library has been found by the runtime linking code. Since the version of openssl in use will depend on the installation of the developer, the test cases merely display the version string and number rather than verifying that any particular version is in use. Change-Id: Ieec44f0941f99887c85c2858bab0481722d739e5 Merge-request: 12 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com> Reviewed-on: http://codereview.qt.nokia.com/1406 Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
* Update licenseheader text in source files for qtbase Qt moduleJyri Tahtela2011-05-241-17/+17
| | | | | | | Updated version of LGPL and FDL licenseheaders. Apply release phase licenseheaders for all source files. Reviewed-by: Trust Me
* Initial import from the monolithic Qt.Qt by Nokia2011-04-271-0/+181
This is the beginning of revision history for this module. If you want to look at revision history older than this, please refer to the Qt Git wiki for how to use Git history grafting. At the time of writing, this wiki is located here: http://qt.gitorious.org/qt/pages/GitIntroductionWithQt If you have already performed the grafting and you don't see any history beyond this commit, try running "git log" with the "--follow" argument. Branched from the monolithic repo, Qt master branch, at commit 896db169ea224deb96c59ce8af800d019de63f12
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-05 08:11:52 +0000