| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| | |
Change-Id: Ieb57137ee2b7d0c505e3531d5aa1bcb66978847e
|
| | |
| |
| |
| |
| |
| |
| |
| | |
When setting dtls configuration, we should also copy
backendConfig, otherwise this setting will be ignored.
Change-Id: I4df53e8e6d8c2bd0eb7dddb9928b7883c401d60a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also blacklist tst_QRawFont::unsupportedWritingSystem() and
tst_QGlyphRun::mixedScripts() on windows for now.
Conflicts:
qmake/generators/makefile.cpp
src/corelib/itemmodels/qstringlistmodel.cpp
src/platformsupport/fontdatabases/windows/qwindowsfontengine_p.h
tests/auto/corelib/itemmodels/qstringlistmodel/tst_qstringlistmodel.cpp
tests/auto/gui/text/qglyphrun/BLACKLIST
tests/auto/gui/text/qrawfont/BLACKLIST
Task-number: QTBUG-72836
Change-Id: I10fea1493f0ae1a5708e1e48d0a4d7d6b76258b9
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fixes: QTBUG-72780
Change-Id: I16d89d29f573dba37ed8e1986ed9677117ca6aad
Reviewed-by: André Hartmann <aha_1980@gmx.de>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
| | |
| |
| |
| |
| | |
Change-Id: I47c1c43b5db30cf1d59de9c6c20ca83abef2cf8c
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I23445f5e0c936b82aa5d65b261d456a563deab9a
Fixes: QTBUG-72516
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
|
| | |
| |
| |
| |
| |
| |
| | |
we have support for objc++ since 591edbb11.
Change-Id: I5f430fd7c410913d4532627d18529b077f794035
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
there is no particular reason to exclude static builds from the default.
misses are cheap now, so it's fine if nothing is found.
this affects only the legacy pre-1.1 library names under windows.
Change-Id: I998b9f7bfcce42ec990a236bb44372c4d6b3f631
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
both the mingw and msvc build have a "lib" prefix on the libraries. this
makes the msvc build unconventional, so it needs an extra source. for
the mingw build, otoh, this is the expected setup, so the source used
for unix will work just fine.
this doesn't fix any actual bug, because mingw will apparently resolve
-llibfoo to libfoo.a even though only liblibfoo.a and libfoo.lib are
documented (on mingw.org). however, this mix of conventions is ugly and
should be avoided.
Change-Id: I32b1621e4ac15db1f071c08ced738bfdafdcc11b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
don't run the openssl_headers test pointlessly when openssl-linked is
selected but its test fails. implementing this cleanly required creating
a separate openssl-runtime feature, including 'redirecting' the -openssl
option (which is just an alias for -openssl-runtime) to it.
simplify the openssl-linked conditions: while "anything but the value
that enables it" in the 'disable' field effectively means "don't
auto-detect it", it's better to be explicit about that.
Change-Id: I6b117cc50711bb64d090fcfdb89ff009c60ed86c
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I think this may have been for some POST method form queries, but
obviously was missing something.
Task-number: QTBUG-72382
Change-Id: I59016776aeedf4b5599b3b44af70610babb0a61e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
Reviewed-by: Ryan Chu <ryan.chu@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
in addition to the actual library resolution, also resolve the headers
belonging to the library, to validate the include path, and possibly
ensure that the right version of the library is present.
the "include" entries were moved out of the "test" objects, and renamed
to "headers". this cleanly permits libraries without compile tests.
the headers were not put into the sources, because the variance among
the includes is generally orthogonal to the variance among the
libraries.
note that this - like the library resolution - provides no support for
darwin frameworks. consequently, the opengl libraries are excluded from
the conversion on darwin.
similarly, wasm is excluded (centrally), because emcc is magic and would
need advanced wizardry to be dealt with.
Change-Id: Ib390c75371efa2badcfec9b74274047ce67c3e5a
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
since we'll refuse to continue with a handshake, failing in initSslContext()
on a disabled protocol versions. Then, functions like waitForEncrypted,
connectToHostEncrypted, startServerEncryption and startClientEncryption
should either bail out early (who needs a TCP connection which we'll
abort anyway?) or bail out whenever we can, as soon as a disabled protocol
was found in a configuration. This change also makes the behavior
of different back-ends consistent, since it's a general code-path
that reports the same SslInvalidUserData error. Update auto-test to
... actually test what it claims it tests.
Task-number: QTBUG-72196
Task-number: QTBUG-72179
Change-Id: I548468993410f10c07ce5773b78f38132be8e3e0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Update references in documentation from the obsoleted/deprecated version
because it doesn't make sense here to refer to these versions.
Change-Id: I5e9bdf46191e3ba0c7d91855cb3ccc30097cd412
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Again, 1.0 is required now.
Change-Id: Icca5dc38eb33c1579653d96d6c079b335a401aad
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We require OpenSSL >= 1.0 now.
Change-Id: I6ffe8b2dd606d600671565ebc8bc8ac2b9e0d6c2
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As per RFC 6176 (2011) and RFC 7568 (2015).
Code-wise, we're left with the decision of what to do with a few
enumerators in QSsl::Protocol; I've made TlsV1SslV3 act as TlsV1,
and adjusted the description of AnyProtocol.
A new test was introduced - deprecatedProtocol() - to test that
we, indeed, do not allow use of SSL v2 and v3. protocol() and
protocolServerSide() were reduced to exclude the (now) no-op
and meaningless tests - neither client nor server side can
start a handshake now, since we bail out early in initSslContext().
[ChangeLog][QtNetwork][SSL] Support for SSLv2 and SSLv3
sockets has been dropped, as per RFC 6176 (2011)
and RFC 7568 (2015).
Change-Id: I2fe4e8c3e82adf7aa10d4bdc9e3f7b8c299f77b6
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The map can contain multiple entries for one key,
so a multi map is the correct data structure.
Change-Id: I852ba3548f46415d8078fd0e8fdd7953ec6c370b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| | |
Change-Id: Idaeb99562d39abfd020ff81b1818cba825c4e802
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| | |
Change-Id: I3cfcfba892ff4a0ab4e31f308620b445162bb17b
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
|
| |\|
| |
| |
| | |
Change-Id: I91e684e74c36467efda8ded6ed19791baa0c1a1f
|
| | |\
| | |
| | |
| | | |
Change-Id: If49df791f73e9edf616baa094e0f301a44cb853d
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Turns out that also Debian patches OpenSSL 1.0, changing its soname to "1.0.2".
Therefore, try also to load that one.
Amends 2708c6c11d685ab25c12d558961d924c9a4533d2.
Task-number: QTBUG-68156
Change-Id: I37cc060e90422779a6c29a324ab900f0fb99cfa7
Reviewed-by: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a PAC script is used on macOS, it will only allow connections for
http/https, although a proxy can be used for ws/wss. Therefore we need
to add a means of setting the protocol type for this sort of connection
so that we can pass on the necessary information to the PAC script.
Change-Id: I3fa29fa85a529bd88d9565daa58fe9d748b61a92
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| |
| | |
| | |
| | | |
Change-Id: Ied1194730e75a6f30839bbf5429aa2699230288e
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We filter out Content-Length from the cache metadata due to IIS
sending it bogusly on 304 responses; however, we were only doing this
if the cached response had a Content-Length header, which doesn't
happen when the original request was delivered chunked. Furthermore,
the filtering wasn't limited to the case of 304 responses. So skip
the "had it previously" requirement and only do this for 304s.
Fixes: QTBUG-72035
Change-Id: Ie5d858e0f0205bf68f0a13a9c9d4a6e844cb3568
Reviewed-by: Joni Poikelin <joni.poikelin@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
And having duplicated entries in the hash doesn't make any sense. So use
regular iteration and insert for streaming the data in and out.
Change-Id: Ic3983010bdb9e17b207c6038fdccf43659da0e23
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch introduces a private 'API' to enable server-side OCSP responses
and implements a simple OCSP responder, tests OCSP status on a client
side (the test is pretty basic, but for now should suffice).
Change-Id: I4c6cacd4a1b949dd0ef5e6b59322fb0967d02120
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\ \ \
| | | |
| | | |
| | | | |
refs/staging/dev
|
| | |\| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Conflicts:
src/gui/painting/qdrawhelper.cpp
Change-Id: I4916e07b635e1d3830e9b46ef7914f99bec3098e
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this considerably speeds up failures, as no doomed build is attempted,
and produces more reliable results, as no second lookup (which would be
subject to environment changes) is done any more during the build.
in principle, this also opens up possibilities like selecting specific
variants of dependencies, automatically extracting rpaths, etc.
qt_helper_lib.prf also needs to create fully resolved library names now.
Change-Id: I65f13564b635433030e40fa017427bbc72d1c130
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I3738e989a41607244b55245222ec3c83dda68198
Reviewed-by: Alex Blasche <alexander.blasche@qt.io>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
no need in duplicating DTLS-specific cases.
Change-Id: I475c6fb53daa44d60a5054bf3acc8474355b2186
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Usually we embed the private key for the leaf certificate, but in
Schannel _q_makePkcs12 is also used to create a certificate store for
our CA certificates, which we don't have any private key for.
So lift this restriction.
Change-Id: Ic86a2a6725f2c8272c951148eb97e18a964a36f2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove braces for single-line bodies, space around binary operators
Change-Id: I958396772966428dcd9694279175fd61d6109b40
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch enables OCSP stapling in QSslSocket::SslClientMode (OpenSSL back-end
only). OCSP stapling is described by RFC6066 and based on the original OCSP as
defined by RFC2560. At the moment multiple certificate status protocol is not
supported (not implemented in OpenSSL). SecureTransport does not support OCSP
stapling at the moment.
[ChangeLog][QtNetwork][TLS] Added OCSP-stapling support for OpenSSL backend
Task-number: QTBUG-12812
Task-number: QTBUG-17158
Change-Id: Id2e0f4cc861311d1ece462864e5e30c76184af8c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |\| |
| | |
| | |
| | | |
Change-Id: I04afffdce6b78856d0301eb583f21d334c7466b0
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
SSL_CTX_set_ciphers is new in 1.1.1.
Task-number: QTBUG-71983
Change-Id: If0ae9f95dcc867c62ed0d3a6a60c22c7f5e1cc9f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
strlcpy is not available on some UNIX platforms, such as GNU/kFreeBSD.
qstrncpy is available everywhere and has similar semantics (in addition
it fills the rest of buffer size with NULL bytes, but that does not
cause extra work as our buffer sizes are small).
Change-Id: I76c5905eba248fd9fbc1f63f05e88e0617f8407a
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We report two types of errors - those found by our code and errors
coming from the OS. setErrorString(), despite its name, does not just
set a string, but extracts a windows error code via GetLastError() and
then calls _q_winError(). This is wrong: some arbitrary error code (or
no error) can be reported when it was actually an error found by
Qt. Worse yet, string operations (allocations etc.) can potentially
clear the real error code. So remove setErrorString(), set errors
explicitly if it's the application code error or use _q_WinError
directly.
Task-number: QTBUG-71744
Change-Id: I67277d84006c4ad365f5636caf850e1f3ba4e1dc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is necessary to provide details for the key too,
when the server is using DHE-RSA-AESxxx-SHAxxx.
Amends 7f77dc84fb434f33ffe96f6633792706b80fb0a3.
Change-Id: I8ab15b6987c17c857f54bc368df3c6c1818f428c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/corelib/io/qdir.cpp
src/corelib/kernel/qtimer.cpp
src/corelib/kernel/qtimer.h
Done-With: Edward Welbourne <edward.welbourne@qt.io>
Change-Id: I683d897760ec06593136d77955f8bc87fdef3f9f
|
| | |\|
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/platformsupport/fontdatabases/mac/qfontengine_coretext.mm
Change-Id: I66a08c770767a93cd26535689e3e7806486aab06
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The function's documentation needlessly repeated parts of its first
line. The BindFlag enum it takes as a parameter confused readers by
saying an option is ignored on Windows, failing to make clear that it
is so because that option is what Windows does by default.
Tidied some phrasing and typos in the process.
Fixes: QTBUG-52364
Change-Id: Ia6510caff7ec80216eefccf41fb009b1357e4b2e
Reviewed-by: Andy Shaw <andy.shaw@qt.io>
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
|
| | |\ \
| | | |
| | | |
| | | | |
Change-Id: Ic1dd39044e19f50e1068d4ac70dacaad6440e570
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
1. Remove the conditional inclusion of DTLS versions, they made difficult
and unnecessary ugly adding new protocols (something like TlsV1_2OrLater + 4).
2. OpenSSL 1.1.1 first introduced TLS 1.3 support. OpenSSL 1.1 back-end is
compatible with OpenSSL 1.1.1, but would fail to extract/report protocol
versions and set versions like 'TLS 1.3 only' or 'TLS 1.3 or better' on a
new context. Given 1.1.1 is deployed/adapted fast by different distros,
and 5.12 is LTS, we fix this issue by introducing QSsl::Tls1_3 and
QSsl::Tls1_3OrLater.
SecureTransport, WinRT and OpenSSL below 1.1.1 will report an error in case
the application requests this protocol (SecureTransport in future will
probably enable TLS 1.3).
Saying all that, TLS 1.3 support is experimental in QSslSocket.
Done-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Done-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Change-Id: I4a97cc789b62763763cf41c44157ef0a9fd6cbec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We use std::vector and thus RAII instead of manual memory management.
std::vector (re)allocates only if needed, growing exponentially,
initializing only new elements. std::vector<>::resize also makes
initialization loop redundant
Task-number: QTBUG-71156
Change-Id: I253bb428c0fb641872f0f7f2dcfe1f9e89db0296
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mikhail Svetkin <mikhail.svetkin@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We have linked against Crypt32 for a while.
Change-Id: I7ec9401a63d7405e4b5357d6589501e997e31aca
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |\| | |
| | | |
| | | |
| | | | |
Change-Id: I5dbdc13c6133e5b03e362c5461b4a599d781bd1e
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When a TCP connection timed out a QAbstractSocket::NetworkError was set.
To enable a more precise error handling for timeouts
QAbstractSocket::SocketTimeoutError is now set instead.
Separated ETIMEDOUT from other errors in nativeRead() and take over
responsibility for setting the error, which was previously handled by read().
Change-Id: Iccd45bdbb3d944cd160ae50c257d3256e05b1ae5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: David Faure <david.faure@kdab.com>
|
