| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Fix access or uninitialized memory. It is safe in this case, but causes
valgrind's memcheck to complain unnecessarily.
Change-Id: I01ad09d282b07f7099ad6bed85f4327b3c7c677f
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Suddenly :(( With Security Framework v 7.0 dated by 17/02 SSLHandshake
works differently when our server socket is requesting a client side authentication
and client provides no certificate. Despite of kTryAuthenticate (this means,
auth. _can_ fail) server receives an error from SSLHandshake too early.
We have to handle this in startHandshake (when serveMode && canIgnore).
Change-Id: Ie55540078e2944e80cf2f4ade8b000acf29d6ca2
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
| |
One of the reasons why we use "int" everywhere: to avoid this annoyance
about different types and having to explicitly cast to silence the
compiler.
qsslsocket_openssl.cpp(690) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
Change-Id: Ia0aac2f09e9245339951ffff13c8bdad334ce108
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
| |
Found with GCC's -Wcast-qual.
Change-Id: Ia0aac2f09e9245339951ffff13c946859c282001
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This has been known to be broken for a while. Now it works: you can bind
and you'll retain the port (and the file descriptor) for the connect
call. Incidentally, in fixing the binding for more than one IP for the
hostname (with event loop), this commit fixes the setSocketDescriptor
XFAIL.
[ChangeLog][QtNetwork] Fixed a bug that caused both QTcpSocket and
QUdpSocket to close the socket and lose any bound ports before
connecting. Now bind()/setSocketDescriptor() followed by connect() will
retain the original file descriptor.
Task-number: QTBUG-26538
Change-Id: I691caed7e8fd16a9cf687b5995afbf3006bf453a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
| |
invalid conversion from ‘unsigned char**’ to ‘const unsigned char**’
Task-number: QTBUG-44744
Change-Id: I6263db106fe28c6aa04db8ca79421b3a9fc5adc9
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
| |
Change-Id: Ic5305216536ee3938c389336c979b5c90fc886e4
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reasons:
- the PlayBook NDK is old and its compiler does not keep up with newest
C++11 improvements inside Qt code.
- the PlayBook NDK diverges considerably from the standard BB10 NDK,
making it non-trivial to keep a common codebase.
- It's a defunct platform.
- Maintenance time is limited.
[ChangeLog][Platform Specific Changes] Removed BlackBerry PlayBook support.
Change-Id: Ia338aff55f4e4b747ebdecb0e1463a369a656c03
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Bernd Weimer <bernd.weimer@pelagicore.com>
Reviewed-by: Rafael Roquetto <rafael.roquetto@kdab.com>
|
|
|
|
|
| |
Change-Id: Ibebe1318d1c2de97601aa07269705c87737083ee
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
|
|
|
|
|
|
|
|
| |
This change is a step closer to working with openssl 1.2 which makes
this struct opaque.
Change-Id: I3897142657edc0fa4053142b6ef743c2b00c013e
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
|
|
|
|
|
|
|
| |
and TlsV1_2OrLater
Change-Id: I001ffebef30b47b63cae6ea9487d9e96ca85ff92
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
| |
Enable certificate/trust validation when socket is in server mode.
Change-Id: I8fbba587a9484084495722219d83cca57973a3e6
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
|
|
|
|
|
| |
Change-Id: I90b99fb515dcf559824f673d2304081238541c4c
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the
QDebugStateSaver saver(debug);
debug.resetFormat().nospace();
idiom to unify the formatting and whitespace handling.
Change-Id: Id346d63b3f589b60ca19e4459271d587f1a0c003
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
| |
Since the algorithm can only be one the underlying structure can
share the same memory.
Change-Id: Ifeaa1a2d5c4ad3566cbbf847445b805876275260
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Outdated header.LGPL removed (use header.LGPL21 instead)
Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)
Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination
Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro
src/gui/image/qimage_conversions.cpp
src/gui/opengl/qopenglextensions_p.h
src/gui/text/qtextengine.cpp
src/network/ssl/qsslsocket_openssl.cpp
src/plugins/platforms/eglfs/qeglfshooks_stub.cpp
src/plugins/platforms/eglfs/qeglfsscreen.cpp
src/plugins/platforms/eglfs/qeglfswindow.cpp
src/plugins/platforms/windows/qwindowsfontdatabase.cpp
src/plugins/platforms/windows/qwindowsfontdatabase_ft.cpp
src/plugins/platforms/windows/qwindowsnativeinterface.cpp
src/plugins/platforms/windows/qwindowsscreen.cpp
src/plugins/platforms/windows/qwindowswindow.cpp
src/plugins/platforms/windows/qwindowswindow.h
src/plugins/platforms/xcb/qxcbdrag.h
src/widgets/itemviews/qabstractitemview.cpp
src/widgets/kernel/qwidget.cpp
src/widgets/util/qsystemtrayicon_p.h
tests/auto/corelib/itemmodels/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp
Thanks to Friedemann Kleint for resolving the qwindowsfontdatabase.cpp
conflicts.
Change-Id: I937232c30523d5121c195d947d92aec6f129b03e
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
... but choose HTTP/1.1 and continue connecting anyhow. According to
the NPN spec, actually we should choose SPDY:
"In the event that the client doesn't support any of server's protocols,
or the server doesn't advertise any, it SHOULD select the first protocol
that it supports."
However, some tested servers did not advertise anything and did not
support SPDY, so blindly trying the newest protocol would fail. We are
conservative in that case and choose HTTP.
Task-number: QTBUG-40714
Change-Id: Ia8aaf01fea74e13d9e4416306f85f1890b25559e
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |\
| | |
| | |
| | | |
Change-Id: Idadb5639da6e55e7ac8cc30eedf76d147d8d5d23
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes an issue where under certain circumstances, QSslSocket could get
stuck in a state where it would disconnect immediately after starting
encryption. Since it doesn't make any sense for the socket to be
initialized to a state where any connection attempt will fail, the
pendingClose value should be set to false.
Thanks to Martin Sandsmark for his help debugging this issue.
Task-number: QTBUG-43793
Change-Id: I7deebacbac588c21439a8e594db4222095cf3f22
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since openssl 1.0.1k with enabled option no-ssl3-method we need to
check for OPENSSL_NO_SSL3_METHOD to use following functions:
- SSLv3_method
- SSLv3_server_method
- SSLv3_client_method
Change-Id: Iee83a6f4bacbf5660baa6bdb89eb02ceb9f11614
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |/
| |
| |
| |
| |
| |
| |
| | |
They were added in 233a2f37bfa6c896612cbf9a7db42e8e0da788f5, which is in
5.4, but the \since information was missing.
Change-Id: I346a049cad75647fdcd7b64df80dc169bb4ec70a
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| | |
The cipher is always valid here, so this check was never needed anyway.
Change-Id: I22be273d166702926b98f0c9443657a1dde65f6e
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There were still ifdefs for openssl 0.9.7 and openssl 0.9.8f.
[ChangeLog][QtNetwork] Some legacy ifdefs for openssl 0.9.7 and openssl 0.9.8f
were removed, Qt will no longer build with these versions. In addition there
is no support for openssl built with NO_TLSEXT.
Change-Id: I9268515c0a125a2f6d79add8ee1cb40768e7e898
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The postfix increment(decrement) creates a temp copy of *this before the
modification and then returns that copy. It's needed only when using the
old iterator and then incrementing it.
Change-Id: I7f6702de78f5f987cec3556047e76049b4ee063a
Reviewed-by: Konstantin Ritt <ritt.ks@gmail.com>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
|
| |
| |
| |
| |
| | |
Change-Id: I51733e9a3bb0d5d54dc2f61ac75751d899a84bd1
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The OpenSSL backend for QSslSocket return an incomplete peer certificate
chain when in server mode: it does not include the peer's certificate as
the first element of the chain.
This change fixes this issue.
Change-Id: I2f0815bca2f314a075b48a2d0b5a6d5b7af50722
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move these types to QAsn1Element so that they can use the toString()
method which guards against malicious ASN.1.
Change-Id: I7d6155147a6fc2d41da6f3ae87551b6cb75aa9ce
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't currently use this class for critical things like hostname
verification however we still want to ensure that it is not possible
to trick it using ASN.1 strings with embedded NUL characters. This will
avoid problems in the future.
Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.
[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).
Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| | |
Change-Id: I9c09a3e2dfb90eb22d4509ac6c450a0bb5da48f6
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ChangeLog][QtNetwork][QSslSocket] It is now possible to use TLS PSK
ciphersuites in client sockets.
Task-number: QTBUG-39077
Change-Id: I5523a2be33d46230c6f4106c322fab8a5afa37b4
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make it easier for the compiler to apply the
Named Return Value Optimization (NRVO) in the
shortName()/longName() functions by not returning
different objects in different return statements.
Change-Id: I1b6fa7e6121bc1c843378be33499728c56c97f92
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
const functions
Rationale: the case of an invalid QSslEllipticCurve is already
dealt with before we'd call ensureInitialized(). But in order
to have a non-invalid QSslEllipticCurve, we must have called
one of the constructor functions first. There, we already call
ensureInitialized(), so we don't need to do it here again.
Change-Id: I96bdb5db63ec0165e6b8fac9469b5d81c6b2cdae
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
| |
| |
| |
| |
| | |
Change-Id: I94701ddb78a822adf35aea57f9e171a747745f6b
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
| |
| |
| |
| |
| | |
Change-Id: I66b8b85e6c02b0e53391079d5048017d5e63ac8b
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Since the conversion to a long name was already there, also support
creation from a long name.
Change-Id: Iad712db7447fb0a0a18f600b7db54da5b5b87154
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add possibility to get length and other information of EC based
certificates. Also it is possible to parse those public/private
keys from PEM and DER encoded files.
Based on patch by Remco Bloemen
[ChangeLog][QtNetwork][SSL/TLS support] It is now possible to
parse elliptic curve certificates.
Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b
Task-number: QTBUG-18972
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
| |
| |
| |
| | |
Change-Id: I726041ec5e92d371bc5afb9b7f8cb854bfd41451
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/tools/qbytearray.cpp
src/gui/kernel/qplatformsystemtrayicon.cpp
src/gui/kernel/qplatformsystemtrayicon.h
src/plugins/platforms/xcb/xcb-plugin.pro
Change-Id: I00355d3908b678af8a61c38f9e814a63df808c79
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The order is:
1) own header
2) own private header, if any
3) other headers
Commit f17d7a124f0fa817a7e1a2dda6f48098432c0dc0 broke the order.
Change-Id: I7225024691db91fd936a057accdad65bacb3f979
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/global/qglobal.h
src/platformsupport/platformcompositor/qopenglcompositor.cpp
src/platformsupport/platformcompositor/qopenglcompositorbackingstore.cpp
tests/auto/gui/kernel/qwindow/tst_qwindow.cpp
Change-Id: I5422868500be695584a496dbbbc719d146bc572d
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Place all debug output into the 'qt.network.ssl' category.
This allows people to disable certain warnings at runtime.
Task-number: QTBUG-43173
Change-Id: Ide731fae3109f9cd7730cc096ee069a5b99d35f1
Reviewed-by: Richard J. Moore <rich@kde.org>
|
|\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
doc/global/template/style/online.css
mkspecs/android-g++/qmake.conf
Change-Id: Ib39ea7bd42f5ae12e82a3bc59a66787a16bdfc61
|
| |\
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
dist/changes-5.4.0
7231e1fbe24102f2a93b34dfa70e3dca884440d2 went into 5.4 instead of the
5.4.0 branch, thus the conflict.
Change-Id: I70b8597ab52506490dcaf700427183950d42cbd1
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This makes it follow the coding style, which says to camel case acronyms too,
and makes it consistent with the rest of the class.
Change-Id: I4a1b21de1815530e476fc5aa8a0d41c724fc8021
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: hjk <hjk121@nokiamail.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Done automatically with clang-modernize on linux
(But does not add Q_DECL_OVERRIDE to the function that are marked
as inline because it a compilation error with MSVC2010)
Change-Id: I2196ee26e3e6fe20816834ecea5ea389eeab3171
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The only reason for copying QSslEllipticCurves into a temporary array
would be to be extra-pedantic about type safety, but in the end,
we can simply force a cast and remove the copy.
Change-Id: Ice8a036fe4b79ba438ce83b5eacf6158eb3f0ce7
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenSSL 1.0.2 introduces SSL_CTX_set_ecdh_auto, which allows us
to stop using one specific temporary curve, and instead makes
the server negotiate the best curve.
Task-number: QTBUG-42925
Change-Id: I3a68f29030bdf04f368bfdf79c888401ce82bdd8
Reviewed-by: Richard J. Moore <rich@kde.org>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic
curves should be used by an elliptic curve cipher.
Change-Id: If5d0d58922768b6f1375836489180e576f5a015a
Done-with: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
|