| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/network/access/qhttp2protocolhandler_p.h
src/network/kernel/kernel.pri
src/network/ssl/qsslkey_qt.cpp
src/plugins/platforms/cocoa/qcocoascreen.mm
src/plugins/platforms/windows/accessible/iaccessible2.cpp
src/plugins/platforms/windows/accessible/iaccessible2.h
src/plugins/platforms/windows/accessible/qwindowsaccessibility.cpp
src/plugins/platforms/windows/accessible/qwindowsmsaaaccessible.cpp
src/plugins/platforms/windows/accessible/qwindowsmsaaaccessible.h
src/widgets/widgets/qmenu_p.h
tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
tests/auto/other/qaccessibility/tst_qaccessibility.cpp
tests/auto/testlib/selftests/expected_cmptest.lightxml
tests/auto/testlib/selftests/expected_cmptest.teamcity
tests/auto/testlib/selftests/expected_cmptest.txt
tests/auto/testlib/selftests/expected_cmptest.xml
Done-with: Edward Welbourne <edward.welbourne@qt.io>
Change-Id: I4217cc7d840cbae3e3dd28574741544469c4c6b9
|
| | |\
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/plugins/platforms/windows/qwindowswindow.cpp
tests/auto/widgets/kernel/qaction/tst_qaction.cpp
Change-Id: Ia017a825ed2ca2d53ac586f4ae48df6f65818d40
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Otherwise, the plain socket might be blocked indefinitely on waiting for
socket activity.
This issue is tested by tst_QSslSocket::disconnectFromHostWhenConnected()
which was unstable in CI.
Task-number: QTBUG-64016
Change-Id: I6a1a111dea4d1d1adaf55e6a90c0c5f995a270af
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Starting from iOS 11.0 (SDK) Apple has exposed two new functions:
SSLSetALPNProtocols and SSLCopyALPNProtocols. This allows us to
negotiate http/2 (and any other application layer protocol) via TLS on
iOS. Unlike OpenSSL, SecureTransport's version is very limited - we
have to compare protocols manually after the SSL handshake has
finished. Still, this is better than nothing. These two functions are
also declared in macOS SDK starting from 10.13, but unfortunately the
symbols are missing and for now this feature is only enabled on iOS.
Change-Id: I3ed2f287bfa864f8aca0c231171e804f7d6b8016
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The test OPENSSL_VERSION_NUMBER >= 0x1010000000L was introduced before
1.1 support. Now a couple of conditional inclusions can be converted
into QT_CONFIG(opensslv11).
Task-number: QTBUG-64275
Change-Id: I627e6b06f334deac70c827e463ecbfad879dfc24
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/plugins/platforms/windows/qwindowsmousehandler.cpp
src/plugins/platforms/xcb/qxcbimage.cpp
tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
tests/manual/qtabletevent/regular_widgets/main.cpp
Done-with: Friedemann Kleint<Friedemann.Kleint@qt.io>
Done-with: Mårten Nordheim<marten.nordheim@qt.io>
Change-Id: I5b2499513a92c590ed0756f7d2e93c35a64b7f30
|
| | |\|
| | |
| | |
| | | |
Change-Id: I3cf73c53cf131d0babfb558c2507bed0e0fc5f08
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Unique begins with a "y" sound, hence a unique is correct.
Change-Id: I9eb6b4d4c9ddab45af931e97c041c24edf163eca
Reviewed-by: Jake Petroules <jake.petroules@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As QAbstractSocket does not handle most cases for this socket type, we
should override skip() in QSslSocketPrivate implementation.
In unencrypted mode, QSslSocket should forward skipping to the plain
socket. If a connection is secure, we just need to check the connection
state.
Change-Id: I56602c6427b8617e8a9f453809a30fb2914ad798
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | | |
Change-Id: I631649b2ad8d9c2c766e99a12f7ff3a39c79cc7d
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | | |
Change-Id: I21b93b8d550f4a1f3e26d5d516886c76b2364e7b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/gui/kernel/qguiapplication.cpp
src/platformsupport/input/libinput/qlibinputpointer.cpp
src/plugins/platforminputcontexts/ibus/qibusplatforminputcontext.h
src/plugins/platforms/cocoa/qcocoawindow.h
src/testlib/qtestsystem.h
Change-Id: I5975ffb3261c2dd82fe02ec4e57df7c0950226c5
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The libraries are now 'libssl-1_1' and 'libcrypto-1_1', not 'ssleay32' or
'libeay32'. 64-bit versions also have -x64 suffix in their names.
Task-number: QTBUG-62692
Change-Id: Ic15bf8f8271d0f6266cb9d2143e292ddba643ded
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix the 'shared' OpenSSL code for those our users who build with QSSLSOCKET_DEBUG
defined and OpenSSL 1.1 detected: the preprocessor-excluded fragment is using old
API. Also remove never used in this file (and commented out) macro.
Task-number: QTBUG-63170
Change-Id: Id24ccf2955f0a65e4f1dea1ecb06e10245105080
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| | |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
examples/opengl/qopenglwidget/main.cpp
src/3rdparty/pcre2/src/pcre2_printint.c
src/plugins/platforms/cocoa/qnsview.mm
src/widgets/widgets/qcombobox.cpp
Change-Id: I37ced9da1e8056f95851568bcc52cd5dc34f56af
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Task-number: QTBUG-62257
Change-Id: I12632b7ffd2012adc99b4784892cbb6f79e065f7
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remaining uses of Q_NULLPTR are in:
src/corelib/global/qcompilerdetection.h
(definition and documentation of Q_NULLPTR)
tests/manual/qcursor/qcursorhighdpi/main.cpp
(a test executable compilable both under Qt4 and Qt5)
Change-Id: If6b074d91486e9b784138f4514f5c6d072acda9a
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remaining uses of Q_DECL_OVERRIDE are in:
src/corelib/global/qcompilerdetection.h
src/corelib/global/qglobal.cpp
doc/global/qt-cpp-defines.qdocconf
(definition and documentation of Q_DECL_OVERRIDE)
tests/manual/qcursor/qcursorhighdpi/main.cpp
(a test executable compilable both under Qt4 and Qt5)
Change-Id: Ib9b05d829add69e98a86238274b6a1fcb19b49ba
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Ville Voutilainen <ville.voutilainen@qt.io>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
examples/examples.pro
qmake/library/qmakebuiltins.cpp
src/corelib/global/qglobal.cpp
Re-apply b525ec2 to qrandom.cpp(code movement in 030782e)
src/corelib/global/qnamespace.qdoc
src/corelib/global/qrandom.cpp
src/gui/kernel/qwindow.cpp
Re-apply a3d59c7 to QWindowPrivate::setVisible() (code movement in d7a9e08)
src/network/ssl/qsslkey_openssl.cpp
src/plugins/platforms/android/androidjniinput.cpp
src/plugins/platforms/xcb/qxcbconnection.cpp
src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
src/widgets/widgets/qmenu.cpp
tests/auto/widgets/kernel/qwidget_window/tst_qwidget_window.cpp
Change-Id: If7ab427804408877a93cbe02079fca58e568bfd3
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY(). So check for missing key and
fail the load, since the file is useless to us. Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.
Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)
Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch avoids intermediate copying of the data by using a
new QIODevice::skip() API.
Change-Id: I358a83b21e2a58b59481745162fce1894549c0ac
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
QSslSocket::writeData() accumulates outgoing data. It might be called
multiple times during the event processing (most likely from the long
loops which serialize the data).
As this function produces a notification event on each call, it's
possible to get a huge number of slot invocations on the next event
loop run, when we are interested in a single flush.
So, this patch protects the code against uncontrolled signal emission
that results in the lesser resource usage.
Change-Id: If7cf5b0e239abf0bd88a0dfaa8c1183cbd49e5ed
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch avoids intermediate copying of the data by writing SSL
decryption data directly into the outer socket's read buffer.
Change-Id: I19e5b6087595f280436a99fb2ca93cc6793c8f36
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/io/qwindowspipewriter.cpp
src/widgets/styles/qcommonstyle.cpp
Change-Id: I0d33efdc4dc256e234abc490a18ccda72cd1d9e6
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
ASN UTCTime uses two characters to encode a year (YY). When converting it
into QDate, it's quite naive to just add 2000. According to RFC 2459,
these YY represent dates in the range [1950, 2049].
This patch also introduces a helper function doing the checked conversion
from a string to int (to be reused in the following-up patches).
Task-number: QTBUG-61934
Change-Id: I3f6f471d24e8357b83b2f5973023b2b842751389
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Qt 5.9 introduced a QByteArray::toHex() overload that
inserts a separator char after each byte. The function
colonSeparatedHex() could not be replaced completely,
as it skips leading zeros also.
Change-Id: Ic1d5d4771a0a5171f0e7e9813b83eb4c1f59f085
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
Change-Id: I43531e087bb810889d5c1fbfcdffb29b78804839
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I noticed we never release 'items' imported by SecPKCS12Import.
But looking at the actual code (SecImportExport.c), it appears
we own these 'items' and must release them. And this leads to a crash
(on over-release) which reveals another bug: a value from a dictionary
obtained with 'Get' method should follow the 'get rule' - we do not
own it and QCFType RAII object is not needed.
Change-Id: I219015fadedb256c401e50cf7e955f3d7e0a6c5f
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch-set implements a new QSslSocket backend based on OpenSSL 1.1.
1. General.
The code in this patch was organized to achieve these (somewhat contradicting)
objectives:
- keep the new code free of #if-ery, as far as possible;
- make it easy to clean away dead code when we're eventually able to retire
out-dated OpenSSL versions;
- reduce the amount of code duplication.
If changes in some file/component were insignificant (~5 one-liners per file),
we still use pp-checks like: #if QT_CONFIG(opensslv11) ... #else ... #endif -
the logic is simple and it's still easy to clean the code if we remove the legacy
back-end. Where it saved #if-ery, we also introduced 'forward-compatible'
macros implementing equivalents of 1.1 functions using older OpenSSL.
In case some class contains a lot of version-specific ifdefs (particularly where
nested #if-ery was complex) we choose to split code into: "pre11" h/cpp files,
"shared" h/cpp files (they preserve their original names, e.g qsslsocket_openssl.cpp)
and "11" h/cpp files. If in future we remove the legacy back-end, "pre11" should be
removed; "shared" and "11" parts - merged.
2. Configuration.
We introduced a new feature 'opensslv11' which complements the pre-existing
'openssl' and 'openssl-linked' features. The 'opensslv11' feature is enabled
by a simple test which either compiles successfully or ends in a compilation
error, depending on a value of the OPENSSL_VERSION_NUMBER constant. If the
feature was enabled, we also append an additional compilation flag
-DOPENSSL_API_COMPAT=0x10100000L to make sure our new code does not contain
deprecated structures, function calls, macro-invocations from OpenSSL < 1.1.
Change-Id: I2064efbe9685def5d2bb2233a66f7581954fb74a
Reviewed-by: André Klitzing <aklitzing@gmail.com>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/io/qprocess_unix.cpp
src/corelib/io/qprocess_win.cpp
src/plugins/platforms/android/qandroidplatformintegration.h
src/plugins/platforms/windows/qwindowscontext.cpp
src/plugins/platforms/windows/windows.pri
src/tools/uic/cpp/cppwriteinitialization.cpp
src/widgets/doc/src/widgets-and-layouts/gallery.qdoc
Change-Id: I8d0834c77f350ea7540140c2c7f372814afc2d0f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
That's the only place there we can potentially pass a null pointer
to CFArrayAppendValue (all other calls are conditionally-protected).
This results in (surprise! ... ?) Objective-C exception (while we call
something that is a pure-C API). So far we cannot reproduce this crash and
can only speculate: probably this happens with invalid (can be either
really invalid or the result of our generic QSslCertificate's failure to read/
parse)) custom CA certificates appended to a QSslConfiguration object by
applications using QSslSocket/QNAM. The fix will probably make a handshake to
fail, but this seems to be better than a crash anyway.
Task-number: QTBUG-58213
Change-Id: Ie4f9ab2138bc383adc9f9ed55ed61be2d3cf7020
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As QAbstractSocket::readData does and as the documentation of QIODevice says
"this function returns -1 in those cases (that is, reading on a closed
socket..."
Change-Id: I1e64673f6a6d792a640bd6cb28b2bb5a0f18dc36
Reviewed-by: Aleix Pol
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/widgets/widgets/qmenu.cpp
Change-Id: I6d3baf56eb24501cddb129a3cb6b958ccc25a308
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On iOS QSslConfiguration always has an empty list of system CA certificates.
Calling SecTrustSetAnchorCertificatesOnly(.., TRUE) on iOS results in
SecTrustEvaluate failing to verify a valid certificate, since there
are no 'anchors' at all. We can use SecTrustSetAnchorCerificatesOnly(.. TRUE)
on macOS only, where we do extract/copy system certificates using
SecTrustSettingsCopyCertificates and save them in a QSslConfiguration's
list.
Task-number: QTBUG-61053
Change-Id: I70d4e46273d78414baaac8531273def707c3eebc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
QSslCertificate used SSL without checking if SSL is available.
This patch adds such checks to the constructors.
Change-Id: Iea298aded5966641327e22e41ad4665a3d0ec5d3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
mkspecs/common/msvc-desktop.conf
mkspecs/win32-g++/qmake.conf
mkspecs/win32-icc/qmake.conf
src/platformsupport/fontdatabases/mac/coretext.pri
src/plugins/platforms/cocoa/qcocoawindow.h
src/plugins/platforms/cocoa/qcocoawindow.mm
Change-Id: I74a6f7705c9547ed8bbac7260eb4645543e32655
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Our OpenSSL backend allows missing symbols and in general protected
from possible related failures. Unfortunately, for OpenSSL 1.1 this
means not only missing symbols (removed functions), but new incompatible
opaque data-structures and our 1.0 code trying to use them and probably
accessing some data-members via macros - we end up in UB and crashes.
SSLeay, which returns a version number, was removed in 1.1. A failure
to resolve this symbol we consider as a version mismatch and we make
'supportsSsl' to return false.
Task-number: QTCREATORBUG-18137
Change-Id: I5cd270f9c61a729105149779ee7277816f9467d7
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/network/access/qnetworkreply.cpp
tests/auto/corelib/kernel/qmetaobject/tst_qmetaobject.cpp
Change-Id: Iadf766269454087e69fb216fc3857d85b0ddfaad
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Calling SecTrustSetAnchorCertificatesOnly(trust, false) we actually extend
what our user provided in QSslConfiguration as CA certificates (caCertificates,
setCaCertificates) - Secure Transport will also use a default set provided
by the system and SSL handshake can surprisingly (for a user) succeed.
And the default content of these caCertificates, if not altered by setCaCertificates
call - are those system CA certificates.
Task-number: QTBUG-60233
Change-Id: I8c1094bb7eec260f5202a47085f9f75e720eda7b
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| | |
Fixes a few ugly code pieces I added over the years.
Change-Id: I5c06b73e858add04ea184120c6df71720baf9be3
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/tools/qbytearray.h
src/corelib/tools/qdatetime.h
src/corelib/tools/qstring.h
src/corelib/tools/qversionnumber.h
src/plugins/platforms/android/qandroidplatformintegration.cpp
tests/auto/corelib/tools/qhashfunctions/tst_qhashfunctions.cpp
Change-Id: Iefd92a435e687a76cd593099e40d9a9620a1454d
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
That's before the return type or static, inline, constexpr or such
keywords (if any).
Perl Script:
s/^(\s+)(.*) Q_REQUIRED_RESULT(;)?(\s*\/\/.*)?$/\1Q_REQUIRED_RESULT \2\3\4/
Change-Id: I7814054a102a407d876ffffd14b6a16182f159e2
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry picked:
this change was first merged into dev, but now we also need it in 5.9
to enable SSL socket tests on the new CI VMs (macOS 10.11, 10.12).
As we do not merge dev->5.9, we need this cherry-pick.
Since day one Secure Transport socket has two annoying problems on macOS:
when we call SecPKCS12Import, we indeed import certs and keys into the default keychain
and also (which is more serious) later a dialog can pop up, asking for permission
to use a private key (this is especially annoying if you're running SSL autotests or
have a server application). Apparently, it's possible to work around those problems
if we create our own (temporary) keychain and pass it in the 'options' parameter
to SecPKCS12Import.
[ChangeLog][QtNetwork] Allow QSslSocket to use a temporary keychain on macOS.
Task-number: QTBUG-56102
Change-Id: Ic3a56c905100dc80d907a25fe6ebfa232dcf5b9e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
(cherry picked from commit 17927392cf1cecb20cef7cb9cd77131391de087c)
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- don't create a QString, a QByteArray suffices
- perform the mid() operation on a view type (QLatin1String),
not on a container
- use QStringBuilder
Change-Id: Ifd74f2bc98606425f9f6cb4da8618e8066a8b12e
Reviewed-by: Milian Wolff <milian.wolff@kdab.com>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
examples/examples.pro
tests/auto/corelib/tools/qchar/tst_qchar.cpp
tests/auto/other/qaccessibility/accessiblewidgets.h
Change-Id: I426696c40ab57d14dc295b8103152cede79f244c
|
| | |\
| | |
| | |
| | | |
Change-Id: Icdd71e9713725bda9c305e338f5c8b41a92ed8e8
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
RFC6125 section 6.4.2 specify we need to convert the IDN to ascii
before comparison. Note that we don't need to toLower anymore
because toAce takes care of it.
Section 7.2 recommands that we dod not attempt to check for wildcard
character embedded within the A-labels or U-labels of an
internationalized domain name. So we reject names that contiains a
'*' but starts with 'xn--'.
Change-Id: Ib0830520a1f82bbf9fd11818718277a479527ee3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/corelib/io/qfilesystemengine_win.cpp
src/gui/text/qdistancefield.cpp
src/plugins/platforms/xcb/qxcbconnection.h
Change-Id: I1be4a6f440ccb7599991159e3cb9de60990e4b1e
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Secure Transport supports more ciphers then we can convert into QSslCipher.
This results in our tests failing, since after the successful SSL handshake
sessionCipher is 'unknown'. This patch adds missing AES256-GCM-SHA384 and also,
to make new cipher addition easier in future, sorts cipher suites as it's done
in CipherSuite.h (ST framework's header) - grouped by RFC they were introduced
in + sorted within their group.
As a bonus (thanks to Eddy for spotting this problem) - some copy & paste (?)
typos were fixed (mismatched names).
Task-number: QTBUG-59480
Change-Id: I61e984da8b37f1c0787305a26fc289e2e7c2b4ad
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
examples/network/network.pro
mkspecs/features/mac/default_post.prf
src/corelib/io/qfilesystemengine_win.cpp
src/corelib/io/qprocess.cpp
src/corelib/io/qprocess.h
src/corelib/io/qprocess_p.h
src/corelib/io/qprocess_unix.cpp
src/corelib/io/qprocess_win.cpp
src/corelib/thread/qmutex.cpp
src/platformsupport/fontdatabases/windows/windows.pri
src/plugins/platforms/eglfs/eglfsdeviceintegration.pro
tests/auto/corelib/io/io.pro
Change-Id: I8a27e0e141454818bba9c433200a4e84a88d147e
|
