| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QSslConfiguration is better suited for these APIs. The ones
in QSslSocket that already have a counterpart have been deprecated.
[ChangeLog][QtNetwork][SSL/TLS Support] Most of the QSslSocket
functions to deal with ciphersuites, certification authorities
as well as elliptic curves have been deprecated in favor of the
corresponding counterparts in QSslConfiguration.
Task-number: QTBUG-46558
Change-Id: I1de03379efcbcab931c20e876e252769fe4279e0
Reviewed-by: Liang Qi <liang.qi@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This has been known to be broken for a while. Now it works: you can bind
and you'll retain the port (and the file descriptor) for the connect
call. Incidentally, in fixing the binding for more than one IP for the
hostname (with event loop), this commit fixes the setSocketDescriptor
XFAIL.
[ChangeLog][QtNetwork] Fixed a bug that caused both QTcpSocket and
QUdpSocket to close the socket and lose any bound ports before
connecting. Now bind()/setSocketDescriptor() followed by connect() will
retain the original file descriptor.
Task-number: QTBUG-26538
Change-Id: I691caed7e8fd16a9cf687b5995afbf3006bf453a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Outdated header.LGPL removed (use header.LGPL21 instead)
Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)
Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination
Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.
[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).
Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
| |
Done automatically with clang-modernize on linux
(But does not add Q_DECL_OVERRIDE to the function that are marked
as inline because it a compilation error with MSVC2010)
Change-Id: I2196ee26e3e6fe20816834ecea5ea389eeab3171
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
| |
[ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic
curves should be used by an elliptic curve cipher.
Change-Id: If5d0d58922768b6f1375836489180e576f5a015a
Done-with: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
| |
- Renamed LICENSE.LGPL to LICENSE.LGPLv21
- Added LICENSE.LGPLv3
- Removed LICENSE.GPL
Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2
Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
|
|
|
|
|
|
|
|
|
| |
This moves the socket backend's host name matching functions up to
QSslSocketPrivate so that they can be shared between backends. This
works, as there is no OpenSSL-specific code here.
Change-Id: I73c2081fdc2e60a44c90e90800d1e1877391a626
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
| |
The change creates a stub implementation for WinRT, adding the needed
files and classes to build SSL support on that platform.
Task-number: QTBUG-37497
Change-Id: Idc3e8aa91c5eb8a938705f2385d1074fe6c1d83e
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to prepare the addition of WinRT and iOS (SecureTransport)
implementations of SSL the structure of some SSL files has to be
redone. Parts of certificate that probably can be reused by other
ports stayed in qsslcertificate.cpp while other parts were moved
to qsslcertificate_openssl.cpp. qsslcontext, qsslkey and qsslsocket
were suffixed by _openssl to show that these are pure openssl
implementations.
Change-Id: I7b022dec49759f882274999c0991bf95788f2a3a
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many bugs originate due to mismatches between the build-time and
run-time versions of openssl but they're hard to debug as we don't
provide access to the build-time info. This addresses that weakness.
[ChangeLog][QtNetwork][QSslSocket] Added accessors for the version
of openssl used at build-time. This will help when debugging
problems caused by a mismatch with the run-time version.
Change-Id: I6a4c21c8f16ab4c90cdf166f38c62fe37bf1f165
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously we allowed you to specify which version(s) you wanted to use,
but did not provide access to the version that was actually negotiated.
[ChangeLog][QtNetwork][QSslSocket] Add support for finding the version
of SSL/TLS in use by a connection.
Task-number: QTBUG-28471
Change-Id: I6d50d2bc9f1ce7f98192e67992178fe7e41c0575
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
configure
mkspecs/macx-xcode/Info.plist.app
mkspecs/macx-xcode/Info.plist.lib
qmake/doc/qmake.qdocconf
src/corelib/global/qglobal.h
tests/auto/other/exceptionsafety/exceptionsafety.pro
tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp
Change-Id: I3c769a4a82dc2e99a12c69123fbf17613fd2ac2a
|
| |
| |
| |
| |
| |
| |
| |
| | |
On Android, when not using Ministro, we cannot read certificates
from the file system, so we have to get them through Java APIs instead.
Change-Id: I415329fcb45836735c1112dbe832214b3c73dc9a
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
|
|/
|
|
|
|
|
|
|
|
| |
CSSM_DATA_PTR was deprecated in 10.7. Replace SecCertificateGetData
with SecCertificateCopyData.
Task-number: QTBUG-32715
Change-Id: I762687370689b5b5c032567240667631b1ffde98
Reviewed-by: Jake Petroules <jake.petroules@petroules.com>
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@digia.com>
|
|
|
|
|
|
|
|
|
|
| |
All occurrences of `#if defined(Q_OS_MAC) && !defined(Q_OS_IOS)` have
been replaced with `#if defined(Q_OS_MACX)`.
Change-Id: I5055d9bd1845136beb8ed1c79a8f0f2c0897751a
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
| |
... but rather throw an error, so the HTTP layer can recover from a SSL
shutdown gracefully. In case the other side sent us a shutdown, we should
not send one as well, as it results in an error.
Change-Id: Ie7a56cf3008b6ead912aade18dbec67846e2a87e
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
| |
This improves performance since a network round trip can be avoided.
Change-Id: I1aaff7e48ef9638cb137de0f43942c3a4dd2884a
Initial-patch-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make sure we keep track of when we can load root certs and when we
cannot (we cannot when the developer set the certs explicitly). This is
implemented the same way for QSslSocket already, and needs to be
duplicated because we have 2 methods for setting CA certificates: one in
QSslSocket and one in QSslConfiguration.
In addition, adapt the auto test which checks whether setting a default
QSslConfiguration works: There is no way to set on demand loading
through the API, so it should be enabled by default.
Task-number: QTBUG-29103
Change-Id: I5146128aaa385dfcc0ad1e0ef81a92d9350ec5f2
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: Ic804938fc352291d011800d21e549c10acac66fb
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
|
|
|
|
|
|
|
| |
Change copyrights and license headers from Nokia to Digia
Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Q_DECLARE_METATYPE must be outside of the qt namespace.
System headers must be included outside of the qt namespace.
Change-Id: I2f48b1df87e5edae2baee6ce813af08d3e011dc0
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Calling peek() for qsslsocket caused socket data to be copied into
qiodevices buffer and therefore make it unaccessible in qsslsocket.
Cherry picked form 4.8-branch & modified to Qt5 API changes
(int -> qintptr)
Original commits:
commit 621f18955082fc73471e75d1f8c35c2dcd4befeb
Author: Shane Kearns <ext-shane.2.kearns@nokia.com>
commit 68b1d5c17aa38d5921bdade2b0e0cb67c6c90513
Author: Kalle Viironen <kalle.viironen@digia.com>
Task-number: QTBUG-18498
Change-Id: I6be4b19baec2f3197537f5e7b61432040ec84ad2
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
| |
Replace "contains(QT_CONFIG, coreservices)" with "!ios" in config files.
Replace "QT_NO_CORESERVICES" with "Q_OS_IOS" in source files.
Change-Id: Id3b02316b245a24ce550e0b47596d18a4a409e4f
Reviewed-by: Morten Johan Sørvig <morten.sorvig@nokia.com>
|
|
|
|
|
|
|
| |
Put MacOS-specific code into #ifdef blocks to enable compilation on iOS.
Change-Id: I0bb3846f457d1b3a56d99fe182b1718bc8429117
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Windows ships with a minimal set of CA roots.
When using windows API to verify a certificate, it will fetch the
root certificate from windows update (assuming it is part of the
Microsoft trust program).
As we are using openssl, this does not happen transparently.
If SSL errors occur which indicate a broken chain then attempt
to fix it using the windows API before emitting sslErrors.
If the system CA certs are not in use (a CA bundle has been set
on the socket or as the global configuration), then this is skipped.
This is so an application can continue to use its own cert bundle
rather than trusting the system certs.
Key usage is specified, so that windows will return not trusted
status if the root is not suitable for SSL (server auth or
client auth OID).
Testability:
- to test, must delete the CA cert(s) from the "third party
root certification authorities" section of the cert store
using mmc.exe.
- If the workaround of installing the windows XP cert bundle was
performed, then you also need to delete certs from the "trusted
root certification authorities" section.
This is dangerous, be careful not to delete the required
certificates which are documented on MS website
- Naturally, modifying these areas of the cert store requires
elevated privilege.
Task-number: QTBUG-24827
Change-Id: I5cfe71c8a10595731f6bbbbabaaefa3313496654
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Always use <qt_windows.h> as the last file to be included.
- Remove it from some headers, use Qt::HANDLE instead of HANDLE.
- Clean up #ifdef, use Q_OS_WIN for Windows/Windows CE.
- Add NOMINMAX to qt_windows.h to avoid problems with the
min/max macros.
- Remove <windows.h> from qplatformdefs.h (VS2005)
Change-Id: Ic44e2cb3eafce38e1ad645c3bf85745439398e50
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
|
|
|
|
|
|
|
|
|
|
| |
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.
Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pause and resume is currently only supported upon emitting the
QSslSocket::sslErrors() signal. The API was added in QAbstractSocket to
also support QAbstractSocket::proxyAuthenticationRequired() in the
future.
This is the first patch to support that feature on the socket level,
another patch will follow to support sslErrors() and
authenticationRequired() in QNetworkAccessManager / QNetworkReply.
Task-number: QTBUG-19032
Change-Id: Ide2918268590ab9a01454ab26cb7fdca3dc840ab
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
|
|
|
|
|
|
|
| |
Replace Nokia contact email address with Qt Project website.
Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
|
|
|
|
|
| |
Change-Id: I02f2c620296fcd91d4967d58767ea33fc4e1e7dc
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
|
|
|
|
|
|
|
| |
Change-Id: I234c740b1acbfea670d6170332626f5e3ba49328
Reviewed-on: http://codereview.qt.nokia.com/1437
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds accessors for both the openssl version number and the
version string. The intention here is to aid debugging by making it
possible for applications to know which version of the openssl library
has been found by the runtime linking code.
Since the version of openssl in use will depend on the installation of
the developer, the test cases merely display the version string and
number rather than verifying that any particular version is in use.
Change-Id: Ieec44f0941f99887c85c2858bab0481722d739e5
Merge-request: 12
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1406
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
|
|
|
|
|
|
|
| |
Updated version of LGPL and FDL licenseheaders.
Apply release phase licenseheaders for all source files.
Reviewed-by: Trust Me
|
|
This is the beginning of revision history for this module. If you
want to look at revision history older than this, please refer to the
Qt Git wiki for how to use Git history grafting. At the time of
writing, this wiki is located here:
http://qt.gitorious.org/qt/pages/GitIntroductionWithQt
If you have already performed the grafting and you don't see any
history beyond this commit, try running "git log" with the "--follow"
argument.
Branched from the monolithic repo, Qt master branch, at commit
896db169ea224deb96c59ce8af800d019de63f12
|