summaryrefslogtreecommitdiffstats
path: root/src/network/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Fix build against older OpenSSL.Sérgio Martins2014-04-141-0/+2
| | | | | | | The declaration of q_SSL_ctrl is ifdefed, so ifdef it's usage too. Change-Id: I99a53af6f4f24ed991d39ab89f18e03b8f38c617 Reviewed-by: Richard J. Moore <rich@kde.org>
* Support for DH and ECDH key exchange for QSslSocket serversRichard J. Moore2014-04-093-0/+80
| | | | | | | | | | | | | | | | | Despite supporting DH and ECDH key exchange as a client, Qt did not provide any default parameters which prevented them being used as a server. A future change should allow the user to control the parameters used, but these defaults should be okay for most users. [ChangeLog][Important Behavior Changes] Support for DH and ECDH key exchange cipher suites when acting as an SSL server has been made possible. This change means the you can now implement servers that offer forward-secrecy using Qt. Task-number: QTBUG-20666 Change-Id: I469163900e4313da9d2d0c3e1e5e47ef46320b17 Reviewed-by: Daniel Molkentin <daniel@molkentin.de> Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* Ensure we initialize things before checking the openssl version.Richard J. Moore2014-04-081-0/+3
| | | | | | Task-number: QTBUG-37783 Change-Id: Ie276e597062d8bfc74ef57251ed21a94020e030f Reviewed-by: Friedemann Kleint <Friedemann.Kleint@digia.com>
* Fix crash if SSL_get0_next_proto_negotiated() cannot be resolved.Friedemann Kleint2014-03-201-4/+6
| | | | | | | | | | | | | Crash occurs after warnings like: QSslSocket: cannot call unresolved function SSL_get0_next_proto_negotiated Task-number: QTBUG-37515 Task-number: QTBUG-33208 Change-Id: I18b803e4709b9d5f6b33717c2ac43179676351a4 Reviewed-by: Richard J. Moore <rich@kde.org> Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* Replace Note: with \note in documentationKurt Pattyn2014-03-133-6/+6
| | | | | | Change-Id: I213ac1fb2733e675f3641441fe6c621bab06c1f0 Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Fix some typosSergio Ahumada2014-03-031-1/+1
| | | | | | Change-Id: I7dbe938bff5ac3ab50a0197f94bdb2f6c22fbd16 Reviewed-by: Kevin Krammer <kevin.krammer@kdab.com> Reviewed-by: Mitch Curtis <mitch.curtis@digia.com>
* QSslCipher: make QString constructor explicitMarc Mutz2014-02-211-1/+1
| | | | | | | | A QSslCipher is not an equivalent representation of a QString, so the constructor that takes a QString should be explicit. Change-Id: I4c1329d1eebf91b212616eb5200450c0861d900f Reviewed-by: Lars Knoll <lars.knoll@digia.com>
* Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2014-02-121-8/+11
|\ | | | | | | | | | | | | | | | | | | Conflicts: src/gui/image/qimage.cpp src/gui/text/qtextengine.cpp src/plugins/platforms/linuxfb/qlinuxfbscreen.cpp src/printsupport/kernel/qprintengine_win.cpp Change-Id: I09ce991a57f39bc7b1ad6978d0e0d858df0cd444
| * Correct the documentation of the return types of subjectInfo and issuerInfo.Richard J. Moore2014-02-121-8/+11
| | | | | | | | | | | | | | | | | | | | These functions now return a QStringList to reflect the possibility of there being more than one entry of a given type, but the documentation did not reflect this. Task-Number: QTBUG-36304 Change-Id: Iba2eda5e2c3174c8dcea640b5aed9cdc9a432392 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* | SSL: add support for the Next Protocol Negotiation extensionPeter Hartmann2014-02-119-3/+255
| | | | | | | | | | | | | | | | | | | | | | | | ... which is needed to negotiate the SPDY protocol. [ChangeLog][QtNetwork][QSslConfiguration] Added support for the Next Protocol Negotiation (NPN) TLS extension. Task-number: QTBUG-33208 Change-Id: I3c945f9b7e2d2ffb0814bfdd3e87de1dae6c20ef Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
* | Fix the QSslSocket::setCiphers(const QString &) overload.Richard J. Moore2014-02-023-6/+24
| | | | | | | | | | | | | | | | | | | | | | The overload used an evil hack to work around a flaw in the QSslCipher API rather than fixing the API. The hack was broken by the addition of support for newer versions of TLS. This change solves the issue properly by fixing the QSslCipher API then using the fixed version. Task-Number: QTBUG-34688 Change-Id: Ibf677c374f837f705395741e730d40d8f912d7c6 Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* | Merge "Merge remote-tracking branch 'origin/stable' into dev" into ↵Frederik Gladhorn2014-01-211-3/+0
|\ \ | | | | | | | | | refs/staging/dev
| * | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2014-01-201-3/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/global/qglobal.h src/corelib/tools/qstring.cpp src/gui/image/image.pri src/gui/image/qimage.cpp src/plugins/platforms/cocoa/qcocoawindow.h src/plugins/platforms/cocoa/qcocoawindow.mm src/plugins/platforms/eglfs/qeglfshooks_stub.cpp tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp Change-Id: I3b9ba029c8f2263b011f204fdf68c3231c6d4ce5
| | * Prevent spurious SSL errors from local certificates.Richard J. Moore2014-01-161-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Qt since approximately 4.4 has set the verify callback on both the SSL store and the SSL context. Only the latter is actually needed. This is normally not a problem, but openssl prior to 1.0.2 uses the verify code to find the intermediate certificates for any local certificate that has been set which can lead to verification errors for the local certificate to be emitted. Task-number: QTBUG-33228 Task-number: QTBUG-7200 Task-number: QTBUG-24234 Change-Id: Ie4115e7f7faa1267ea9b807c01b1ed6604c4a16c Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | | Ensure weak ciphers are not part of the default SSL configuration.Richard J. Moore2014-01-213-2/+7
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Any cipher that is < 128 bits is excluded from the default SSL configuration. These ciphers are still included in the list of availableCiphers() and can be used by applications if required. Calling QSslSocket::setDefaultCiphers(QSslSocket::availableCiphers()) will restore the old behavior. Note that in doing so I spotted that calling defaultCiphers() before doing other actions with SSL had an existing bug that I've addressed as part of the change. [ChangeLog][Important Behavior Changes] The default set of ciphers used by QSslSocket has been changed to exclude ciphers that are using key lengths smaller than 128 bits. These ciphers are still available and can be enabled by applications if required. Change-Id: If2241dda67b624e5febf788efa1369f38c6b1dba Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* / expand tabs and related whitespace fixes in *.{cpp,h,qdoc}Oswald Buddenhagen2014-01-132-21/+21
|/ | | | | | | | the diff -w for this commit is empty. Started-by: Thiago Macieira <thiago.macieira@intel.com> Change-Id: I77bb84e71c63ce75e0709e5b94bee18e3ce6ab9e Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* SSL: blacklist ANSSI intermediate certificatePeter Hartmann2013-12-101-0/+2
| | | | | | | | ... because it was used to operate a man-in-the-middle proxy. Task-number: QTBUG-35474 Change-Id: Ic7f19708b278b866e4f06533cbd84e0ff43357e9 Reviewed-by: Richard J. Moore <rich@kde.org>
* QSslConfiguration: rename [get]session() to [get]sessionTicket()Peter Hartmann2013-11-085-18/+18
| | | | | | | | to reflect the fact that this returns and sets the whole session ticket, and not just the session ID. Change-Id: I00fe2bc4197dbcd7a02b3ae4f2f84e3a2a7edad0 Reviewed-by: Richard J. Moore <rich@kde.org>
* use private linkage where possibleOswald Buddenhagen2013-10-311-1/+1
| | | | | | Change-Id: Ie8eaa71bee87654c21218a23efd7e9d65b71f022 Reviewed-by: Joerg Bornemann <joerg.bornemann@digia.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* use the right scopeOswald Buddenhagen2013-10-311-1/+1
| | | | | | | | | "windows" only worked more or less by accident (it's the opposite of "console" and just happens to be the default on windows). Change-Id: Ib60c8ae5aea04f28207c05cc0005183dd6eb6244 Reviewed-by: Joerg Bornemann <joerg.bornemann@digia.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* Doc: Adding mark-up to boolean default values.Jerome Pasion2013-10-087-33/+33
| | | | | | | | | | | | | | | | | Default values should have mark-up to denote that they are code. This commit changes: -"property is true" to "property is \c true". -"Returns true" to "Returns \c true". -"property is false" to "property is \c false". -"returns true" to "returns \c true". -"returns false" to "returns \c false". src/3rdparty and non-documentation instances were ignored. Task-number: QTBUG-33360 Change-Id: Ie87eaa57af947caa1230602b61c5c46292a4cf4e Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Jerome Pasion <jerome.pasion@digia.com>
* Fix ssh root certificates path for Blackberry playbook OS.sfabry2013-10-031-0/+1
| | | | | | | | | This was removed by commit 4c8d8a72ec65f409394075ef50401265e495c1dd But without it Playbook OS 2.1.0.1753 could not access ssh properly. Change-Id: I18e136eaede2a5dffeb10b5fe31023b9aef709cb Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
* Remove redundant code.Jędrzej Nowacki2013-09-291-2/+0
| | | | | | | | QPair is documented to initialize members Change-Id: I1dccfd265521ca3ca1a648b161c0a163c72e2f2e Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Reduce QtNetwork lib size by 16111 bytes.Jędrzej Nowacki2013-09-271-1/+6
| | | | | | | Warning message was repeated multiple times inside the library. Change-Id: Idcd417dda22de189893db597acfc36c2aa99d078 Reviewed-by: Richard J. Moore <rich@kde.org>
* Fix open ssl forwarding macros.Jędrzej Nowacki2013-09-272-16/+24
| | | | | | | | | | | This patch fixes them in many ways: - use Q_UNLIKELY to mark an error case - reduce QtNetwork library size by 40315 bytes - fix DEFINEFUNC9 which had wrong logic, happily it was not used anywhere Change-Id: Ic46a569f85aa22a00ecd88158e60c52f4665ec4c Reviewed-by: Richard J. Moore <rich@kde.org>
* Resolve error caused by server-initiated TLS renegotiationScott Deboy2013-09-171-5/+16
| | | | | | | | | | Updating the SSL_write code to correctly handle SSL_ERROR_WANT_WRITE and SSL_ERROR_WANT_READ, which are not actual errors. Change-Id: Icd7369b438ef402bf438c3fcc64514a1f9f45452 Reviewed-by: Peter Hartmann <phartmann@blackberry.com> Reviewed-by: Lars Knoll <lars.knoll@digia.com> Reviewed-by: Richard J. Moore <rich@kde.org>
* Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-08-144-29/+222
|\ | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure mkspecs/macx-xcode/Info.plist.app mkspecs/macx-xcode/Info.plist.lib qmake/doc/qmake.qdocconf src/corelib/global/qglobal.h tests/auto/other/exceptionsafety/exceptionsafety.pro tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp Change-Id: I3c769a4a82dc2e99a12c69123fbf17613fd2ac2a
| * Android: Get SSL root certificates from TrustManagerPaul Olav Tvete2013-07-294-29/+220
| | | | | | | | | | | | | | | | On Android, when not using Ministro, we cannot read certificates from the file system, so we have to get them through Java APIs instead. Change-Id: I415329fcb45836735c1112dbe832214b3c73dc9a Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
| * QNX: hardcode on-demand SSL root cert loadingPeter Hartmann2013-07-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | The c_rehash'ed symlinks are always there on QNX, so no need to check at every app start for the feature. This saves ~ 17ms at each app start. Task-number: QTBUG-32549 Change-Id: Ia9df60aba9d1bd70868b7004b847867a2128f600 Reviewed-by: Andreas Holzammer <andreas.holzammer@kdab.com> Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
* | OSX: Make QSslSocket compile on 10.9Liang Qi2013-08-062-15/+15
| | | | | | | | | | | | | | | | | | | | CSSM_DATA_PTR was deprecated in 10.7. Replace SecCertificateGetData with SecCertificateCopyData. Task-number: QTBUG-32715 Change-Id: I762687370689b5b5c032567240667631b1ffde98 Reviewed-by: Jake Petroules <jake.petroules@petroules.com> Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@digia.com>
* | QNX: adapt SSL lib file name lookup heuristicsPeter Hartmann2013-07-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I.e. do not try to load file names that are not there anyhow. The code would search for libcrypto.so.1.0.0 and libssl.so.1.0.0, while on QNX the libs are called libcrypto.so and libssl.so, and there are no symlinks with version numbers. This saves ~ 45 ms in real apps (tested with Facebook, Twitter and Foursquare), and ~ 24 ms at app startup in an isolated app without GUI (difference maybe because threads are fighting for CPU or so). Task-number: QTBUG-32548 Change-Id: I25869538bbfa3c2848541415e8361e0bd7a8fd50 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-07-231-3/+3
|\| | | | | | | | | | | | | Conflicts: tests/auto/dbus/qdbusabstractinterface/tst_qdbusabstractinterface.cpp Change-Id: I18a9d83fc14f4a9afdb1e40523ec51e3fa1d7754
| * Fix compilation of run-time-resolved SSL on AndroidEskil Abrahamsen Blomfeldt2013-07-191-3/+3
| | | | | | | | | | | | | | | | | | | | We need the same code for both the no-sdk and the sdk case for the OpenSSL code, since this is not covered by a system library, but by an external dependency in both cases. Task-number: QTBUG-32130 Change-Id: I976835556fcb0e6c32cfb3da4dd585e45490061b Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-06-043-3/+11
|\| | | | | | | | | | | | | | | Conflicts: src/corelib/global/qglobal.h src/plugins/platforms/cocoa/qnsview.mm Change-Id: I6fe345df5c417cb7a55a3f91285d9b47a22c04fa
| * Fixes: QtNetwork compilation for OpenSSL < 1.0.0aavit2013-05-233-3/+11
| | | | | | | | | | | | | | | | | | | | Incorporate some more of the API changes between OpenSSL versions 0.9.8 and 1.0.0. Task-number: QTBUG-31140 Change-Id: Ie719b34e3ec8751f0fbc07d315e82816c110762c Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
* | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-05-233-10/+6
|\| | | | | | | | | | | | | | | | | | | | | Conflicts: src/corelib/io/qdatastream.cpp src/corelib/io/qdatastream.h src/corelib/json/qjsonwriter.cpp src/plugins/platforms/cocoa/qcocoawindow.mm src/plugins/platforms/xcb/qxcbkeyboard.cpp Change-Id: I46fef1455f5a9f2ce1ec394a3c65881093c51b62
| * Improve support for <MODULE>_PATH optionsMatt Fischer2013-05-101-5/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several modules, including DBus, MySQL, and OpenSSL have configure options of the form <MODULE>_PATH, which is used on Windows (where pkg-config is not present) to specify the locations of third-party libraries. These switches had been implemented by adding extra variables which were referenced in .pro files, to add the appropriate compiler and linker switches. This is undesirable because it means there are two independent paths for adding the switches to the build, which can get out of sync with each other, and indeed this had happened for some of the DBus tools. To remedy the situation, all three of the switches were reworked so that they added values directly to the principal variables that are used in the project files. This reduces maintenance, by ensuring that the pkg-config and non-pkg-config paths appear the same to the rest of the build system. Change-Id: Iae342f1d14b79fbcfef9fe38aadc803ad3141799 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
| * Utilize the new Q_OS_MACX define.Jake Petroules2013-05-092-5/+5
| | | | | | | | | | | | | | | | | | | | All occurrences of `#if defined(Q_OS_MAC) && !defined(Q_OS_IOS)` have been replaced with `#if defined(Q_OS_MACX)`. Change-Id: I5055d9bd1845136beb8ed1c79a8f0f2c0897751a Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
* | QSslConfiguration: add API to persist and resume SSL sessionsPeter Hartmann2013-05-1011-9/+141
| | | | | | | | | | | | | | | | | | | | | | | | | | Session tickets can be cached on the client side for hours (e.g. graph.facebook.com: ~ 24 hours, api.twitter.com: 4 hours), because the server does not need to maintain state. We need public API for it so an application can cache the session (e.g. to disk) and resume a session already with the 1st handshake, saving one network round trip. Task-number: QTBUG-20668 Change-Id: I10255932dcd528ee1231538cb72b52b97f9f4a3c Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-04-293-4/+13
|\| | | | | | | Change-Id: I2a54058b64ac69c78b4120fdaf09b96e025a4c6c
| * SSL internals: do not write after shutting down the socketPeter Hartmann2013-04-233-4/+13
| | | | | | | | | | | | | | | | | | ... but rather throw an error, so the HTTP layer can recover from a SSL shutdown gracefully. In case the other side sent us a shutdown, we should not send one as well, as it results in an error. Change-Id: Ie7a56cf3008b6ead912aade18dbec67846e2a87e Reviewed-by: Richard J. Moore <rich@kde.org>
* | Merge remote-tracking branch 'origin/stable' into devFrederik Gladhorn2013-04-221-2/+6
|\| | | | | | | Change-Id: I059725e3b7d7ffd5a16a0931e6c17200917172b5
| * SSL internals: fix memory corruption using QSslConfigurationPrivatePeter Hartmann2013-04-181-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | We are passing a QSslConfigurationPrivate that is allocated on the stack (in QSslSocketBackendPrivate::initSslContext()) to QSslConfiguration::QSslConfiguration(QSslConfigurationPrivate *dd). When the SSL context is destroyed, this object is not there any more. So now we create a deep copy of the configuration like we do in QSslSocket::sslConfiguration(). Task-number: QTBUG-30648 Change-Id: Iaefaa9c00fd6bfb707eba5ac59e9508bf951f8a5 Reviewed-by: Richard J. Moore <rich@kde.org>
* | SSL namespace: Add enum to disable SSL session sharingPeter Hartmann2013-04-223-2/+5
|/ | | | | | | | | | There is already an enum to disable SSL session tickets, which has been used to disable session sharing for now. However, SSL session sharing is not the same as SSL session tickets: Session sharing is built into the SSL protocol, while session tickets is a TLS extension (RFC 5077). Change-Id: If76b99c94b346cfb00e47366e66098f6334fd9bc Reviewed-by: Richard J. Moore <rich@kde.org>
* SSL code: store SSL parameters for debugging, guarded by definePeter Hartmann2013-03-221-0/+35
| | | | | | | | | | | ... so SSL traffic can be decrypted with e.g. tcpdump / Wireshark. For this to work, the define needs to be uncommented and QtNetwork recompiled. This will create a file in /tmp/qt-ssl-keys which can be fed into Wireshark. A recent version of Wireshark is needed for this to work. Change-Id: I4e41fd2e6122260cd96d443b1360edc71b08b5fd Reviewed-by: Richard J. Moore <rich@kde.org>
* Whitespace cleanup: remove trailing whitespaceAxel Waggershauser2013-03-165-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | Remove all trailing whitespace from the following list of files: *.cpp *.h *.conf *.qdoc *.pro *.pri *.mm *.rc *.pl *.qps *.xpm *.txt *README excluding 3rdparty, test-data and auto generated code. Note A): the only non 3rdparty c++-files that still have trailing whitespace after this change are: * src/corelib/codecs/cp949codetbl_p.h * src/corelib/codecs/qjpunicode.cpp * src/corelib/codecs/qbig5codec.cpp * src/corelib/xml/qxmlstream_p.h * src/tools/qdoc/qmlparser/qqmljsgrammar.cpp * src/tools/uic/ui4.cpp * tests/auto/other/qtokenautomaton/tokenizers/* * tests/benchmarks/corelib/tools/qstring/data.cpp * util/lexgen/tokenizer.cpp Note B): in about 30 files some overlapping 'leading tab' and 'TAB character in non-leading whitespace' issues have been fixed to make the sanity bot happy. Plus some general ws-fixes here and there as asked for during review. Change-Id: Ia713113c34d82442d6ce4d93d8b1cf545075d11d Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
* Fixed build of SSL when using android-no-sdk.Samuel Rødal2013-03-071-3/+5
| | | | | | | | Introduced Q_OS_ANDROID_NO_SDK which makes more sense than Q_OS_LINUX_ANDROID when Q_OS_ANDROID also defines Q_OS_LINUX. Change-Id: Id2aa228b66daffba82776a12c91a264a360afd86 Reviewed-by: Gunnar Sletta <gunnar.sletta@digia.com>
* Introducing the Qt Android portPaul Olav Tvete2013-03-051-1/+16
| | | | | | | | | | | | | | | | | | | | | Based on the Necessitas project by Bogdan Vatra. Contributors to the Qt5 project: BogDan Vatra <bogdan@kde.org> Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com> hjk <hjk121@nokiamail.com> Oswald Buddenhagen <oswald.buddenhagen@digia.com> Paul Olav Tvete <paul.tvete@digia.com> Robin Burchell <robin+qt@viroteck.net> Samuel Rødal <samuel.rodal@digia.com> Yoann Lopes <yoann.lopes@digia.com> The full history of the Qt5 port can be found in refs/old-heads/android, SHA-1 249ca9ca2c7d876b91b31df9434dde47f9065d0d Change-Id: Iff1a7b2dbb707c986f2639e65e39ed8f22430120 Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com> Reviewed-by: Lars Knoll <lars.knoll@digia.com>
* Add support for intermediate certificates to server sockets.Richard Moore2013-02-195-0/+68
| | | | | | | | | | Add intermediate certificates to our server sockets, and to our client certs. Change-Id: Ib5aa575473f9e84f337bebe35099506dd7d7e2ba Task-Number: QTBUG-19825 Task-Number: QTBUG-13281 Reviewed-by: Peter Hartmann <phartmann@rim.com>
* Store the local certificate in a QList.Richard Moore2013-02-194-11/+31
| | | | | | | | | Instead of storing a single QSslCertificate for a the local cert, store a list of them. This will allow us to handle server sockets that use a certificate that is not issued directly from the CA root in future. Change-Id: I9a36b9a99daa9c0bdd17f61b4ce1a7da746f2e96 Reviewed-by: Peter Hartmann <phartmann@rim.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 03:30:27 +0000