| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Change-Id: I54c5ab6e1bfb1816bb510be9e2bfa1e3362faa36
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
|
|
|
|
|
| |
Change-Id: Ibfac6236e9f68b41e34e67ef03cfd590582439be
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This operation should be a no-op anyway, since at this point in time,
the fromAscii and toAscii functions simply call their fromLatin1 and
toLatin1 counterparts.
Task-number: QTBUG-21872
Change-Id: I94cc301ea75cc689bcb6e2d417120cf14e36808d
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although we created an enum for pause modes to make 5.x binary
compatible with 5.0, the enum value is not well named.
In 5.1, we propose to add PauseOnProxyAuthentication to the enum.
PauseOnNotify is not clear what it means, while PauseOnSslErrors is.
Any new notification in a minor release would need a new enum value
otherwise applications would get pauses they did not expect.
Task-number: QTBUG-19032
Change-Id: I4dbb7467663b37ca7f0551d24a31bc013968bedc
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a website presents the complete certificate chain in the handshake
i.e. site -> intermediate CA -> root CA then openssl gives
a different error (SelfSignedCertificateInChain)
Because of this windows feature, that either means the site is
signed by an untrusted CA, or the CA trust status is unknown because
we don't have the root cert in the cert store.
In any case, calling the windows verification function results
in a trusted chain & the root being added to the cert store.
Task-number: QTBUG-24827
Change-Id: I2663ea2f86cd0b4dfde105d858ec1b39a340c1f6
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
| |
The \since 5.0 directive was missing from many places.
Task-number: QTBUG-24001
Change-Id: I191ba8891ae66d78f923164bcab2fccb16eabef9
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-24001
Change-Id: I8d0980bd5418e9324d0a0fe55c00b432c0a98fb1
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
|
|
|
|
|
|
|
|
| |
With the new functions linked
Task-number: QTBUG-24001
Change-Id: I9fd2de746a6342a1f4f182189e7f2529f092c003
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we're not going to verify the peer, or we know in advance that
windows won't have a CA root then don't ask it to verify the
certificate chain.
The test case started failing in CI when the windows cert fetcher
was integrated due to timing change. I've relaxed the timing
requirement of the test to avoid it being unstable.
Task-number: QTBUG-24827
Change-Id: I694f193f7d96962667f00aa01b9483b326e3e054
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Q_DECLARE_METATYPE must be outside of the qt namespace.
System headers must be included outside of the qt namespace.
Change-Id: I2f48b1df87e5edae2baee6ce813af08d3e011dc0
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous solution didn't work on systems where the libraries
aren't in the same location.
Now we search for both libcrypto and libssl and load them if their
versions match, even if they are in different directories.
Task-number: QTBUG-25398
Change-Id: I37164638890586947d07670d8a59fc53a84f9c42
Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Calling peek() for qsslsocket caused socket data to be copied into
qiodevices buffer and therefore make it unaccessible in qsslsocket.
Cherry picked form 4.8-branch & modified to Qt5 API changes
(int -> qintptr)
Original commits:
commit 621f18955082fc73471e75d1f8c35c2dcd4befeb
Author: Shane Kearns <ext-shane.2.kearns@nokia.com>
commit 68b1d5c17aa38d5921bdade2b0e0cb67c6c90513
Author: Kalle Viironen <kalle.viironen@digia.com>
Task-number: QTBUG-18498
Change-Id: I6be4b19baec2f3197537f5e7b61432040ec84ad2
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
| |
Since we are calling q_SSL_load_error_strings to load error strings
we should call ERR_free_strings to free the memory again.
Task-number: QTBUG-15732
Change-Id: Ie41291bb0e1434f82025378edfca51930712a8aa
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
| |
Change-Id: I76269630ebabdf601c2fcb5f65a8dffbd6cdbc5e
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
| |
Replace "contains(QT_CONFIG, coreservices)" with "!ios" in config files.
Replace "QT_NO_CORESERVICES" with "Q_OS_IOS" in source files.
Change-Id: Id3b02316b245a24ce550e0b47596d18a4a409e4f
Reviewed-by: Morten Johan Sørvig <morten.sorvig@nokia.com>
|
|\
| |
| |
| | |
Change-Id: I964b0a6f5c38351fdfafb8a2a128a349ff8c89d1
|
| |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
configure
src/corelib/io/qurl.cpp
src/gui/kernel/qwindow.cpp
src/tools/moc/generator.cpp
src/widgets/kernel/qwidget_qpa.cpp
src/widgets/styles/qstyle.h
src/widgets/widgets/qtabbar.cpp
tests/auto/corelib/codecs/utf8/tst_utf8.cpp
Change-Id: Ia457228d6f684ec8184e13e8fcc9d25857b1751e
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
configure
src/widgets/styles/qwindowsxpstyle.cpp
tests/auto/gui/kernel/qwindow/qwindow.pro
tests/auto/gui/kernel/qwindow/tst_qwindow.cpp
Change-Id: I624b6d26abce9874c610c04954c1c45bc074bef3
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
Change-Id: I93551e4d13a1b0815b359b9415060e9089477db1
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is a semi-automatic search, so I'm
reasonably sure that all the exported ones
have been caught.
Change-Id: Ia00eb9194a5f64002bd7e7b894abf6333d1b825e
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: I837c74d38b9f73aed41c3839421f5faad9d22f3f
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: Ic14cefcf935fea822c581013f437ae61b820ddd9
Reviewed-by: Giuseppe D'Angelo <dangelog@gmail.com>
Reviewed-by: Casper van Donderen <casper.vandonderen@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Put MacOS-specific code into #ifdef blocks to enable compilation on iOS.
Change-Id: I0bb3846f457d1b3a56d99fe182b1718bc8429117
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Windows ships with a minimal set of CA roots.
When using windows API to verify a certificate, it will fetch the
root certificate from windows update (assuming it is part of the
Microsoft trust program).
As we are using openssl, this does not happen transparently.
If SSL errors occur which indicate a broken chain then attempt
to fix it using the windows API before emitting sslErrors.
If the system CA certs are not in use (a CA bundle has been set
on the socket or as the global configuration), then this is skipped.
This is so an application can continue to use its own cert bundle
rather than trusting the system certs.
Key usage is specified, so that windows will return not trusted
status if the root is not suitable for SSL (server auth or
client auth OID).
Testability:
- to test, must delete the CA cert(s) from the "third party
root certification authorities" section of the cert store
using mmc.exe.
- If the workaround of installing the windows XP cert bundle was
performed, then you also need to delete certs from the "trusted
root certification authorities" section.
This is dangerous, be careful not to delete the required
certificates which are documented on MS website
- Naturally, modifying these areas of the cert store requires
elevated privilege.
Task-number: QTBUG-24827
Change-Id: I5cfe71c8a10595731f6bbbbabaaefa3313496654
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The installed path of libssl may include an element describing the
architecture, e.g. x86_64-linux-gnu or i386-linux-gnu.
In most cases, the libraries already loaded (static dependencies of
Qt, such as libc) will include the path where libssl is installed.
Use dl_iterate_phdr to find the paths. This is a linux specific
function, but it does provide "/lib/<arch>" and "/usr/lib/<arch>"
at the point ssl symbols are being resolved when running the
qsslsocket autotest (which has less dependencies than a typical
Qt app).
Task-number: QTBUG-24694
Change-Id: I9af8081f41bb85c2fcff450a2acda5672a7f7518
Reviewed-by: Harald Fernengel <harald.fernengel@nokia.com>
|
|/
|
|
|
| |
Change-Id: I640f93750583d36284f189fa12bac6440664a7a2
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
If SSL_MODE_RELEASE_BUFFERS is available we should tell OpenSSL
to release memory early.
http://www.openssl.org/docs/ssl/SSL_CTX_set_mode.html
Task-number: QTBUG-14985
Change-Id: Ib6656ebb3c4d67ca868b317ee83ddbf0983953f9
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Markus Goetz <markus@woboq.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The comodogate 72:03:21:05:c5:0c:08:57:3d:8e:a5:30:4e:fe:e8:b0
certificate is a test certificate and the MD5 Collisions was created
as a proof of concept deliberately made to be expired at the time
of it's creation.
Task-number: QTBUG-24654
Change-Id: Ic8eb417363569fe50bf19cd229658f5e371862f7
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QSslCertificate can be copied around into multiple threads,
without detaching. For example, the https worker threads inside
QNetworkAccessManager.
There are const methods, which lazily initialise members of
the private class without detaching (i.e. caching results of
expensive function calls)
These functions now lock the d pointer using QMutexPool to
avoid concurrency related crashes.
autotest crashes 20% of the time in release builds without
the fix, passes 100 times in a row with the fix.
Task-number: QTBUG-20452
Change-Id: I64a01af8159216f2dd6215a08669890f6c029ca8
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
QDoc now has support for Doxygen style commands for italics, bold
and list items. This change applies that change in QDoc to the
actual documentation.
Task-number: QTBUG-24578
Change-Id: I519bf9c29b14092e3ab6067612f42bf749eeedf5
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
|
|
|
|
|
|
|
|
| |
This would break a namespaced Qt when QT_NO_DEBUG_STREAM
was in effect. Unlikely to hit, but nevertheless fixworthy.
Change-Id: Ie2a4cf4334a6a610c84233ab1ca89b928386c91a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
| |
Task-number: QTBUG-24350
Change-Id: I5a328efe6606f5d438bb4787a5c02a425ce42aca
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
| |
Change the ifdefs in our own code (except openssl backend) to use the
new configure flag.
Change-Id: I8774734771c66b22164b5fae8fdb27814ac3df7b
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: I9b63e0b63f225b245eec68ea4211cb0f2ccf9bb5
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
|
|
|
|
|
|
| |
Change-Id: If2471bea27f095352ae8c28604e104b896fd97c7
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a time when qsslsocket.h declared its private slots as
Q_PRIVATE_SLOT(d, void _q_connectedSlot())
But now they are correctly declared as
Q_PRIVATE_SLOT(d_func(), void _q_connectedSlot())
so the "#define d d_ptr" hack isn't needed.
Specifically, the define would break moc-generated code that refers
to the member d of a structure (which a future moc revision does,
namely QByteArrayData::d).
Change-Id: Ic94fa4d523fb17e8088973cfc0d090d5cce97267
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
QSslSocket overrides one version of QAbstractSocket::connectToHost.
Since these functions were made virtual, this now hides the other
overloads.
Added a using statement to make the other overloads visible.
Change-Id: Ia48fdc9bd67936c75c25bb24dabd26a723bb7a05
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
| |
This file was removed in commit ba9302b8a9b6b50f37987261c1ade9af2ade2d3c
Change-Id: Ib3a70877f6f6848c8cf072faf13da93abbe186f2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSL context was destroyed on disconnect. This makes it impossible to
decrypt buffered encrypted data. So if there is encrypted data in the
receive buffers, then don't destroy the ssl context until the socket is
destroyed.
Task-Number: QTBUG-23607
Change-Id: I16a7b4fa006647ec73049c90cdbc72686696850f
Reviewed-by: Jonas Gastal <jgastal@profusion.mobi>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Always use <qt_windows.h> as the last file to be included.
- Remove it from some headers, use Qt::HANDLE instead of HANDLE.
- Clean up #ifdef, use Q_OS_WIN for Windows/Windows CE.
- Add NOMINMAX to qt_windows.h to avoid problems with the
min/max macros.
- Remove <windows.h> from qplatformdefs.h (VS2005)
Change-Id: Ic44e2cb3eafce38e1ad645c3bf85745439398e50
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Joerg Bornemann <joerg.bornemann@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Create new QAbstractSocket::SocketError value that denotes a error in
the SSL library: SslInternalError
Create QAbstractSocket::SocketError value that denotes a error in data
provided by user cauding an SSL library error: SslInvalidUserDataError
Change-Id: I466a9389d9d7052efd8eddd1a2d6067ba26dfddb
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
|
|
|
|
|
|
|
|
|
| |
Implementating this would cause massive SC breakage and give little
gain.
Change-Id: I56a6d302fdd0e8b53d1f9154f3eaf9e1ee429f9d
Reviewed-by: Giuseppe D'Angelo <dangelog@gmail.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The intention is to add additional pause modes over time, this will
be easier if we can just test if a particular reason for pausing is
turned on. If we don't do this we'll end up having to check for each
enum value every time we check what is enabled.
Change-Id: I6b08f0e819b5593e3f6463c3dd175eff8625e155
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@nokia.com>
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
|
|
|
|
|
|
|
|
|
|
| |
As in the past, to avoid rewriting various autotests that contain
line-number information, an extra blank line has been inserted at the
end of the license text to ensure that this commit does not change the
total number of lines in the license header.
Change-Id: I311e001373776812699d6efc045b5f742890c689
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
|
|
|
|
|
|
|
|
| |
Per ### Qt5 comment and the fact that it was already virtual on
QAbstractSocket.
Change-Id: If2d2b2f9cdec1ef4c5bf625e3ce0d6f2d9a7bdfd
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
| |
Change-Id: I1f128eb9f99ef4d25590bd034762cb8a0e68b075
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: Iaa9cfd709c0ca4192760117ba5ec6d3992804d6a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pause and resume is currently only supported upon emitting the
QSslSocket::sslErrors() signal. The API was added in QAbstractSocket to
also support QAbstractSocket::proxyAuthenticationRequired() in the
future.
This is the first patch to support that feature on the socket level,
another patch will follow to support sslErrors() and
authenticationRequired() in QNetworkAccessManager / QNetworkReply.
Task-number: QTBUG-19032
Change-Id: Ide2918268590ab9a01454ab26cb7fdca3dc840ab
Reviewed-by: Shane Kearns <ext-shane.2.kearns@nokia.com>
|
|
|
|
|
|
|
|
|
|
| |
These defines were there to aid in the commercial
licensing scheme we used long ago, and are no longer needed.
Keep a QT_MODULE(x) define so other modules continue compiling.
Change-Id: I8fd76cd5270df8f14aee746b6cf32ebf7c23fec7
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
|
|
|
|
|
|
|
| |
Replace Nokia contact email address with Qt Project website.
Change-Id: I431bbbf76d7c27d8b502f87947675c116994c415
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
|