summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket_schannel_p.h
Commit message (Collapse)AuthorAgeFilesLines
* CA fetcher (Windows) - relax the logic a bitTimur Pocheptsov2020-05-291-10/+0
| | | | | | | | | | | | | | | | | | | | | In case a certificate chain is missing an intermediate, for a certificate having "Authority Information Access" extension it's possible to fetch this intermediate and build the chain up to the trusted root. Unfortunately, it's not always possible to install the root certificate in the system "ROOT" store and then an application wants to set it in the socket's configuration, using setCaCertificates(). But this call also disables CA fetcher ('no on demand root loading'). It makes sense to relax this logic for such certificates and try to fetch the intermediate CA and then have the complete chain verified. Pick-to: 5.15 Fixes: QTBUG-84173 Change-Id: I5b9b4271767eba6f5fd2b5cf05e942360c6aa245 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io> Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
* Use Schannel's incomplete data guesstimation featureMårten Nordheim2019-10-211-0/+1
| | | | | | | | | It tells us how many bytes we will need before the call succeeds. It's not accurate but will reduce the amount of calls to their slow functions Change-Id: I82393d5acd68b84c6e6f3377ba40bb1d5c51ca8a Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* Schannel: unbreak renegotiation (and likely gracious shutdown)Mårten Nordheim2019-09-091-1/+0
| | | | | | | | | | | | | | The reason it wasn't working before was a couple of things: 1. Due to an extra 'else' it would not process the SEC_I_RENEGOTIATE or SEC_I_CONTEXT_EXPIRED branch. 2. The peerCertVerified boolean was not only wrong, but also broke renegotiation even if the 'else' wasn't there. My previous attempt to fix it ended up being a noop, so: Reverts e21fa577dde32849fdaa744f30ad3b23d63b7214 Change-Id: Ifbad55d4bb066b7566bb88cead48e329cbd574f9 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
* Schannel supportMårten Nordheim2019-01-221-0/+155
Adds support for Schannel, an SSL backend for Windows, as an alternative to OpenSSL. [ChangeLog][QtNetwork][Ssl] Added support for Schannel on Desktop Windows. To build Qt with Schannel support use '-schannel' during configure. Task-number: QTBUG-62637 Change-Id: Ic4fb8ed3657dab994f9f4a4ac5cbddc7001a0a46 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 23:40:50 +0000