| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Incorporate some more of the API changes between OpenSSL versions
0.9.8 and 1.0.0.
Task-number: QTBUG-31140
Change-Id: Ie719b34e3ec8751f0fbc07d315e82816c110762c
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Several modules, including DBus, MySQL, and OpenSSL have
configure options of the form <MODULE>_PATH, which is used
on Windows (where pkg-config is not present) to specify the
locations of third-party libraries. These switches had been
implemented by adding extra variables which were referenced
in .pro files, to add the appropriate compiler and linker
switches. This is undesirable because it means there are
two independent paths for adding the switches to the build,
which can get out of sync with each other, and indeed this
had happened for some of the DBus tools.
To remedy the situation, all three of the switches were
reworked so that they added values directly to the principal
variables that are used in the project files. This reduces
maintenance, by ensuring that the pkg-config and non-pkg-config
paths appear the same to the rest of the build system.
Change-Id: Iae342f1d14b79fbcfef9fe38aadc803ad3141799
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
|
|
|
|
|
|
|
|
|
|
| |
All occurrences of `#if defined(Q_OS_MAC) && !defined(Q_OS_IOS)` have
been replaced with `#if defined(Q_OS_MACX)`.
Change-Id: I5055d9bd1845136beb8ed1c79a8f0f2c0897751a
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
| |
... but rather throw an error, so the HTTP layer can recover from a SSL
shutdown gracefully. In case the other side sent us a shutdown, we should
not send one as well, as it results in an error.
Change-Id: Ie7a56cf3008b6ead912aade18dbec67846e2a87e
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are passing a QSslConfigurationPrivate that is allocated on the stack
(in QSslSocketBackendPrivate::initSslContext()) to
QSslConfiguration::QSslConfiguration(QSslConfigurationPrivate *dd).
When the SSL context is destroyed, this object is not there any more.
So now we create a deep copy of the configuration like we do in
QSslSocket::sslConfiguration().
Task-number: QTBUG-30648
Change-Id: Iaefaa9c00fd6bfb707eba5ac59e9508bf951f8a5
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
... so SSL traffic can be decrypted with e.g. tcpdump / Wireshark.
For this to work, the define needs to be uncommented and QtNetwork
recompiled. This will create a file in /tmp/qt-ssl-keys which can
be fed into Wireshark.
A recent version of Wireshark is needed for this to work.
Change-Id: I4e41fd2e6122260cd96d443b1360edc71b08b5fd
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove all trailing whitespace from the following list of files:
*.cpp *.h *.conf *.qdoc *.pro *.pri *.mm *.rc *.pl *.qps *.xpm *.txt *README
excluding 3rdparty, test-data and auto generated code.
Note A): the only non 3rdparty c++-files that still
have trailing whitespace after this change are:
* src/corelib/codecs/cp949codetbl_p.h
* src/corelib/codecs/qjpunicode.cpp
* src/corelib/codecs/qbig5codec.cpp
* src/corelib/xml/qxmlstream_p.h
* src/tools/qdoc/qmlparser/qqmljsgrammar.cpp
* src/tools/uic/ui4.cpp
* tests/auto/other/qtokenautomaton/tokenizers/*
* tests/benchmarks/corelib/tools/qstring/data.cpp
* util/lexgen/tokenizer.cpp
Note B): in about 30 files some overlapping 'leading tab' and
'TAB character in non-leading whitespace' issues have been fixed
to make the sanity bot happy. Plus some general ws-fixes here
and there as asked for during review.
Change-Id: Ia713113c34d82442d6ce4d93d8b1cf545075d11d
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
|
|
|
|
|
|
|
|
| |
Introduced Q_OS_ANDROID_NO_SDK which makes more sense than
Q_OS_LINUX_ANDROID when Q_OS_ANDROID also defines Q_OS_LINUX.
Change-Id: Id2aa228b66daffba82776a12c91a264a360afd86
Reviewed-by: Gunnar Sletta <gunnar.sletta@digia.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the Necessitas project by Bogdan Vatra.
Contributors to the Qt5 project:
BogDan Vatra <bogdan@kde.org>
Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@digia.com>
hjk <hjk121@nokiamail.com>
Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Paul Olav Tvete <paul.tvete@digia.com>
Robin Burchell <robin+qt@viroteck.net>
Samuel Rødal <samuel.rodal@digia.com>
Yoann Lopes <yoann.lopes@digia.com>
The full history of the Qt5 port can be found in refs/old-heads/android,
SHA-1 249ca9ca2c7d876b91b31df9434dde47f9065d0d
Change-Id: Iff1a7b2dbb707c986f2639e65e39ed8f22430120
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
|
|
|
|
|
|
|
|
|
| |
Add intermediate certificates to our server sockets, and to our client
certs.
Change-Id: Ib5aa575473f9e84f337bebe35099506dd7d7e2ba
Task-Number: QTBUG-19825
Task-Number: QTBUG-13281
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
|
|
|
|
|
|
|
|
| |
Instead of storing a single QSslCertificate for a the local cert, store
a list of them. This will allow us to handle server sockets that use a
certificate that is not issued directly from the CA root in future.
Change-Id: I9a36b9a99daa9c0bdd17f61b4ce1a7da746f2e96
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
src/widgets/styles/qmacstyle_mac.mm
Change-Id: If8326db9e7da3cbf45dbf7475fdff9915c7723b1
|
| |
| |
| |
| |
| |
| |
| | |
... because almost everybody gets it wrong almost every time.
Change-Id: I54938ef094323ba8de02186b585b11b9579f3ca4
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Qt5 requires Mac OS 10.6, so we can remove checks such as
if MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_6
Change-Id: Iea21727a277291148704ecf9677ed0b68c24920f
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/concurrent/doc/qtconcurrent.qdocconf
src/corelib/doc/qtcore.qdocconf
src/corelib/global/qglobal.h
src/dbus/doc/qtdbus.qdocconf
src/dbus/qdbusmessage.h
src/gui/doc/qtgui.qdocconf
src/gui/image/qimagereader.cpp
src/network/doc/qtnetwork.qdocconf
src/opengl/doc/qtopengl.qdocconf
src/opengl/qgl.h
src/plugins/platforms/windows/qwindowswindow.cpp
src/printsupport/doc/qtprintsupport.qdocconf
src/sql/doc/qtsql.qdocconf
src/testlib/doc/qttestlib.qdocconf
src/tools/qdoc/doc/config/qt-cpp-ignore.qdocconf
src/widgets/doc/qtwidgets.qdocconf
src/xml/doc/qtxml.qdocconf
Change-Id: Ie9a1fa2cc44bec22a0b942e817a1095ca3414629
|
| |
| |
| |
| |
| |
| | |
Change-Id: I559d4dd8789a249af855f6fe9bfe013ba1d77132
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
DER certificates should not be opened as text files, so we
only pass the QIODevice::Text flag when the format is
QSsl::Pem.
Change-Id: I4bad98023c397b967d5beeec0aaa6c414e06fd9c
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When OpenSSL is built using MSVC then the library names are
named ssleay32.dll and libeay32. However, when OpenSSL is built
with GCC then different library names are used like libssl-10.dll
and libcrypto-10.dll (depending on the version of OpenSSL used)
Change-Id: Icb79a5f82d2a511752bfc904f53a58423ce4b86b
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes a compilation error with GCC 4.7
which was introduced in b5652df775efbd1c52eecee5f08e40e600e5d70b
In function ‘SSL_SESSION* q_SSL_get1_session(const SSL*)’:
invalid conversion from ‘const SSL* {aka const ssl_st*}’ to ‘SSL* {aka ssl_st*}’ [-fpermissive]
Change-Id: I909f7fb4295b2019283a7af66a038d4711e5f7cb
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This improves performance since a network round trip can be avoided.
Change-Id: I1aaff7e48ef9638cb137de0f43942c3a4dd2884a
Initial-patch-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|\|
| |
| |
| | |
refs/staging/dev
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow the conventions at
http://qt-project.org/wiki/Spelling_Module_Names_in_Qt_Documentation
QtCore -> Qt Core
QtDBus -> Qt D-Bus
QtDesigner -> Qt Designer
QtGui -> Qt GUI
QtImageFormats -> Qt Image Formats
QtNetwork -> Qt Network
QtPrintSupport -> Qt Print Support
QtScript -> Qt Script
QtSql -> Qt SQL
QtSvg -> Qt SVG
QtTest -> Qt Test
QtWebKit -> Qt WebKit
QtWidgets -> Qt Widgets
QtXml -> Qt XML
QtConcurrent -> Qt Concurrent (partial)
QtQuick -> Qt Quick (partial)
Also, distinguish between "module" and "library"
Change-Id: Icb8aa695ae60b0e45920b0c8fce4dc763a12b0cd
Reviewed-by: Jerome Pasion <jerome.pasion@digia.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
The macro was made empty in ba3dc5f3b56d1fab6fe37fe7ae08096d7dc68bcb
and is no longer necessary or used.
Discussed-on: http://lists.qt-project.org/pipermail/development/2013-January/009284.html
Change-Id: Id2bb2e2cabde059305d4af5f12593344ba30f001
Reviewed-by: Laszlo Papp <lpapp@kde.org>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Reviewed-by: hjk <hjk121@nokiamail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make sure we keep track of when we can load root certs and when we
cannot (we cannot when the developer set the certs explicitly). This is
implemented the same way for QSslSocket already, and needs to be
duplicated because we have 2 methods for setting CA certificates: one in
QSslSocket and one in QSslConfiguration.
In addition, adapt the auto test which checks whether setting a default
QSslConfiguration works: There is no way to set on demand loading
through the API, so it should be enabled by default.
Task-number: QTBUG-29103
Change-Id: I5146128aaa385dfcc0ad1e0ef81a92d9350ec5f2
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: Ic804938fc352291d011800d21e549c10acac66fb
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
|
|
|
|
|
|
|
|
|
| |
Currently /etc/openssl/certs is symlinked to
/var/certmgr/web/user_trusted, but this will be changed in the future.
/etc/openssl/certs is the folder to be used to read the root certs.
Change-Id: Ic037e5075ec7ee50c132fe08dc69abbe585e32e4
Reviewed-by: Sean Harmer <sean.harmer@kdab.com>
|
|
|
|
|
|
|
|
|
|
| |
On Mac if AssertMacros.h has already been included then it defines
verify which conflicts with the verify static function. Therefore we
just undef this if is already defined.
Task-number: QTBUG-27316
Change-Id: I5960e504c4efa4fc4ff65ba66bbd7decb33ffc62
Reviewed-by: Richard Moe Gustavsen <richard.gustavsen@digia.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Those certificates have erroneously set the CA attribute to true,
meaning everybody in possesion of their keys can issue certificates on
their own.
Task-number: QTBUG-28937
Change-Id: Iff351e590ad3e6ab802e6fa1d65a9a9a9f7683de
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise it is possible to assert if
qRegisterMetaType<QList<QSslError> >("QList<QSslError>")
is called in a TU which does not include the Q_DECLARE_METATYPE
invocation.
Change-Id: Ice1ffbb0f8d0a745d2bffc8b4e13ca31621e8ca4
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: I37ccb10d40d2a848b7c251286d29aeb85411e912
Reviewed-by: hjk <qthjk@ovi.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL changed the layout of X509_STORE_CTX between 0.9 and 1.0
So we have to consider this struct as private implementation, and use
the access functions instead.
This bug would cause certificate verification problems if a different
version of openssl is loaded at runtime to the headers Qt was compiled
against.
Task-number: QTBUG-28343
Change-Id: I47fc24336f7d9c80f08f9c8ba6debc51a5591258
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
| |
QText*Format and QDns* ones are still missing.
Change-Id: I8e87fba596e87289ca935717e0a90bfc0b0a26c0
Reviewed-by: hjk <qthjk@ovi.com>
|
|
|
|
|
| |
Change-Id: If72d80979e1d2ea909227785cd691be39d75c8ab
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
| |
Change-Id: Ie080cd3d0a6ac37fad625759946a71134c989c83
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When doing happy eyeballs style network state lookup, we might have to
close an SSL socket from its connected signal. This can cause the warning:
QSslSocket::startClientEncryption: cannot start handshake when not connected
The signal should be emitted after we called startClientEncryption to
avoid this warning. In that case it will initialize the encryption
and ramp it down right after.
Change-Id: I0c8c79cad7f91f0088b87c5e4ee8aafbc688411c
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
| |
Change-Id: If165933df41e518f5ba6065792676260fd2492b6
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
|
|
|
|
|
|
|
|
| |
To fix a compile error when QT_NO_LIBRARY is defined.
Change-Id: Ie72b60b8204641fa05f4cdbf66e908cb3526217e
Reviewed-by: Jing Bai <jing.bai@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
| |
Change copyrights and license headers from Nokia to Digia
Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
|
|
|
|
|
|
| |
Change-Id: I3c8c28ba1016af6351afa5118893133d373cb4e6
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: Icfafa00062b442903579dd7993c75fffb60187f9
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
|
|
|
|
|
|
|
|
| |
Disable SSL compression by default since this appears to be the a likely
cause of the currently hyped CRIME attack.
Change-Id: I515fcc46f5199acf938e9e880a4345f2d405b2a3
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
|
|
|
|
|
|
|
|
|
|
| |
Use an include guard in headers to ensure the header is not included
more than once. Make the header guard match its file name.
Also, cpp files should include their own headers first (but below config.h)
Change-Id: Iecf5da23c0f8e6d457f67657b88ef7557bde9669
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add SslProtocol enums TlsV1_1 and TlsV1_2 and use the appropriate OpenSSL
methods when they're selected (TLSv1_1_client_method, TLSv1_2_client_method,
TLSv1_1_server_method and TLSv1_2_server_method). This allows us to
explicitly use TLS 1.1 or 1.2.
Task-number: QTBUG-26866
Change-Id: I159da548546fa746c20e9e96bc0e5b785e4e761b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
|
| |
These two variables are only ever accessed under mutex protection,
and don't otherwise look like they could be changed by the hardware,
so remove the volatile qualifier.
Change-Id: I714451bb3e80778b971a901d53fe13e1b01dd84f
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
| |
Change-Id: Ib3eaba59836529ad0cf8e4353b54dd0cd31fd1ad
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
|
|
|
|
|
|
|
|
|
| |
Fixed some bad camel case, marked some parameters with \a,
and changed a \enum to a \typedef. Removed some obasolete
text.
Change-Id: I1e69dd9f3b74129230770addc80fe1c125faf268
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Under Windows it's quite possible that OpenSSL, DBUS or MySQL is
not installed into a central place. If -I and -L is
passed at configure time, it is added to all targets,
and if that path contained a conflicting header things would go
wrong.
Change-Id: Ic3338c49aa6eaa91b3abf5341e709ef604bf7aab
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
|
|
|
|
|
|
|
|
|
| |
msvc cannot use the same library for debug and release builds
if openssl libraries are linked statically into the network library.
Change-Id: Ic27ede2d9531b94aff4c50c1699947ce72caf286
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@nokia.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The Q_DECLARE_METATYPE()s were outside of #ifndef QT_NO_SSL for classes
that are defined inside.
Expand the #ifndef block.
Change-Id: I45b73a24032fb2a79fd80d91282b782daa8a8f68
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using the nullary version has the advantage that multiple calls
during a program run are much more efficient, since an inlined
atomic is used to store the result. It also ensures that
Q_DECLARE_METATYPE(T) has been used, whereas qRegisterMetaType<T>("T")
will happily register anything. So I've added the macro where it
was missing, or moved it to a central place when it existed
hidden.
In tst_qnetworkreply, this became a bit tricky, because a private
header is conditionally included, so moved the Q_DECLARE_METATYPE()
into a conditional section, too.
Change-Id: I71484523e4277f4697b7d4b2ddc3505375162727
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
|