| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| | |
Change-Id: Ic1dd39044e19f50e1068d4ac70dacaad6440e570
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. Remove the conditional inclusion of DTLS versions, they made difficult
and unnecessary ugly adding new protocols (something like TlsV1_2OrLater + 4).
2. OpenSSL 1.1.1 first introduced TLS 1.3 support. OpenSSL 1.1 back-end is
compatible with OpenSSL 1.1.1, but would fail to extract/report protocol
versions and set versions like 'TLS 1.3 only' or 'TLS 1.3 or better' on a
new context. Given 1.1.1 is deployed/adapted fast by different distros,
and 5.12 is LTS, we fix this issue by introducing QSsl::Tls1_3 and
QSsl::Tls1_3OrLater.
SecureTransport, WinRT and OpenSSL below 1.1.1 will report an error in case
the application requests this protocol (SecureTransport in future will
probably enable TLS 1.3).
Saying all that, TLS 1.3 support is experimental in QSslSocket.
Done-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Done-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Change-Id: I4a97cc789b62763763cf41c44157ef0a9fd6cbec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a TCP connection timed out a QAbstractSocket::NetworkError was set.
To enable a more precise error handling for timeouts
QAbstractSocket::SocketTimeoutError is now set instead.
Separated ETIMEDOUT from other errors in nativeRead() and take over
responsibility for setting the error, which was previously handled by read().
Change-Id: Iccd45bdbb3d944cd160ae50c257d3256e05b1ae5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: David Faure <david.faure@kdab.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The engine used to send a UDP datagram to the local address to check
the proxy setup, but the check fails in case of the proxy hosted in
WAN and the local address hidden behind a NAT. In other words the
check fails because a public proxy hosted somewhere in internet has
no access to local addresses such as 192.168.1.2.
Remove the check to fix the issue; we still have other means to
detect network errors.
Change-Id: Ib6df263c87ebd7d6e88a0b5e024e78a559995234
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Attempts to use QSslSocket and its OpenSSL 1.1 back-end with OpenSSL 1.1.1
in a very peculiar way (for some reason the reporter calls OPENSSL_no_config())
combined with a bug in OpenSSL 1.1.1 resulted in a QSslSocket dead-locking
in initialization. This was happening because supportsSsl() first reported
false (OpenSSL internally fails to initialize after OPENSSL_no_config()),
but we have s_libraryLoaded set to true too early, thus the first supportsSsl()
returns false, the second - true.
Move setting of s_libraryLoaded later so that we don't claim to support
OpenSSL when an earlier ensureLibraryLoaded() attempt failed.
Task-number: QTBUG-70956
Task-number: QTBUG-71446
Change-Id: I8ad8763d357c84fc38c62e2ce914366367c2b445
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|\
| |
| |
| | |
Change-Id: Iaf28977e7ecf566b28b9406dcb005d48621169c2
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some Linux distributions patch OpenSSL's soname, making builds
on such distributions not deployable elsewhere. The problem is that
the code loading OpenSSL symbols would attempt to use the soname
of the build machine, and therefore not finding the OpenSSL
libraries on the deploy system.
The binary builds of Qt for Linux are affected by this problem,
as they build under RHEL7.4 which changes to soname of OpenSSL to
a non-standard string. This makes the binary builds not pick up
OpenSSL 1.0 from the machine where the build gets installed on.
Given that in the pre-1.1 versions only the 1.0 series is supported,
bump the minimum requirement of Qt to that. The 1.0.x releases
(up to 1.0.2, at the time of this writing) have kept binary
compatibility, and advertise a soname of "1.0.0", which is used
by most distributions.
So, if loading of OpenSSL with the build-time soname fails,
try to load them with the "1.0.0" hardcoded soname.
[ChangeLog][QtNetwork][SSL] OpenSSL >= 1.0 is now required to build
Qt with OpenSSL support.
Task-number: QTBUG-68156
Change-Id: Ieff1561a3c1d278b511f09fef06580f034f188c6
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|\|
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/plugins/platformthemes/platformthemes.pro
src/printsupport/kernel/qplatformprintdevice.cpp
Change-Id: Iac01729ad954bb1c7af5867d982eb243b2139ee6
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If you, directly after connecting, call "ignoreSslErrors()" followed by
"resume()" then you will most likely crash.
It is very contrived and there's no reason to do this.
Change-Id: I949a303238f5012296d0e84eb76173764eb9de2e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also, call it only if the state really changes. If we stay disconnected
the whole time, there is no point in trying to create the session over
and over.
Change-Id: Ic3a92dd0575bed1a23ae36a944cc51b9741fb64a
Fixes: QTBUG-49760
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to override this snippet for the documentation
we generate for Qt for Python, and it is easier to have
it on a separate file.
Task-number: PYSIDE-801
Task-number: PYSIDE-691
Change-Id: Ideb5b6af25024279f167137d3b65660bb9c96a7e
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
and fix handling of incoming binary data
Change-Id: I31e97505ad4ff64cf8e380df5d0d6b70c3cd60b0
Reviewed-by: Ryan Chu <ryan.chu@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
|
|\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/tools/qtimezoneprivate.cpp
Change-Id: Icbb5999d378711ce3786a4fe0aba176a45ac702c
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In iOS, the system certificates cannot be accessed, so this function
will return an empty list for the default configuration.
Task-number: QTBUG-60407
Change-Id: I0d691a0dd5e6367594e71c7ebccfbdc866d4a3f0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Andy Shaw <andy.shaw@qt.io>
|
|\|
| |
| |
| | |
Change-Id: Iaa438d14357be1bf75bb645cb8d3245947c055b8
|
| |
| |
| |
| |
| |
| | |
Change-Id: I061848ae570b382d640f8e46a1c54aeaeddbd77d
Fixes: QTBUG-61307
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
Task-number: QTBUG-70208
Change-Id: Ib73ca0d3c0736336bf517ffb968cbdbab4610319
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Morten Johan Sørvig <morten.sorvig@qt.io>
|
|\ \
| | |
| | |
| | | |
refs/staging/5.12
|
| |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/corelib/global/qconfig-bootstrapped.h
src/widgets/util/qcompleter.cpp
Change-Id: I4f44f0f074982530f2f2e750ce696230b2754cf3
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As it's done (albeit in old-style there) in other public QSsl-classes.
Task-number: QTBUG-70604
Change-Id: If3cd9da0e8f8378fd29a80215cd889e459aa7bce
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Change-Id: I2236a456fe3758d9054b22e36fe6316f3522d533
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
According to the SSL_CTX_set_max_proto_version manpage [1]:
> Setting the minimum or maximum version to 0, will enable protocol
> versions down to the lowest version, or up to the highest version
> supported by the library, respectively.
This should make it possible to use Qt Network with older versions of
libssl than it was compiled against. In particular, use with 1.1.0 when
compiled against 1.1.1.
Also, one of OpenSSL developers is suggesting to remove TLS_MAX_VERSION
from the public header in the future [2].
[1] https://www.openssl.org/docs/man1.1.0/ssl/SSL_CTX_set_max_proto_version.html#DESCRIPTION
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908567#59
Change-Id: Ie76054b917daa8e54d5c0156e848dbaca7bb8a82
Reviewed-by: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Under the hood we use QSettings to store HSTS policies.
Qt configured with 'no feature settings' would fail to
build then. For such builds, we fall back to in-memory
only HSTS cache.
Change-Id: I6df551d8c6c96d982080a51ce6b1bdce71d04b9f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Testing barely 10.13 seems to be insuficcient: we have developers working
on macOS 10.12 with SDK 10.13, but apparently they cannot update to the
latest SDK 10.13. We can try to be more specific and use __MAC_10_13_4.
Task-number: QTBUG-70757
Change-Id: I083d51f1a945f63f0413792387475341ecb96118
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Andy Maloney <asmaloney@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Returnes -> returns
Change-Id: I52372488a16d7c13e85fca0e11eaab738db9355d
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While these destructors are essentially trivial and contain no code,
the classes inherit QObject and thus have virtual tables. For such
classes -Wweak-vtable generates a warning: "'Class' has no out-of-line
virtual method definitions; its vtable will be emitted in every translation
unit." Noticed this after updating QtCreator to the latest version.
Change-Id: Iacb5d0cd49353bd35260aff736652542bb1ef197
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|\|
| |
| |
| | |
Change-Id: I66c7f18a2abd13601da0947919436f7da3549ae9
|
| |
| |
| |
| |
| |
| | |
Change-Id: Icc7552b46a2657c81958e40f33596ddeee045172
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add override, disable copies where appropriate and use = default
for trivial functions.
Change-Id: Ia5bc7419b1aa053c5503ea7dfaf11cb6dfafd2e2
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Gabriel de Dietrich <gabriel.dedietrich@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the squashed diff from wip/webassembly to dev.
Done-with: Peng Wu <peng.wu@intopalo.com>
Done-with: Sami Enne <sami.enne@intopalo.com>
Done-with: Morten Johan Sørvig <morten.sorvig@qt.io>
Started-by: Andrew Knight <andrew.knight@intopalo.com>
Change-Id: I6562433c0a38d6ec49ab675e0f104f2665f3392d
Reviewed-by: Lorn Potter <lorn.potter@gmail.com>
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Replace by reinterpret_cast or const_cast, respectively.
Use auto when initializing a variable to fix Clang warnings
about repeating the type name, do minor tidying along the way,
and a few conversions of 0 or NULL to nullptr.
Change-Id: Ieb271a87ddcf064f536e1ff05d23b1e688b1b56a
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Provides two convenient getter for a display name of the subject and
issuer. This simplifies cases where you just want a simple string
describing either of the two.
Change-Id: Ia5d0e058f14dae067b13ac7360e7fec4edd9ec53
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add it to configure.json and replace all occurrences of QT_NO_THREAD
with QT_CONFIG(thread). Add conditions for other features that depend
on thread support. Remove conditions where we can use the QMutex and
QThreadStorage stubs.
Change-Id: I284e5d794fda9a4c6f4a1ab29e55aa686272a0eb
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/corelib/global/qconfig-bootstrapped.h
src/plugins/platforms/xcb/qxcbbackingstore.cpp
Done-with: Gatis Paeglis <gatis.paeglis@qt.io>
Change-Id: I4af138ffb2f5306373244523768209e8873b2798
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Task-number: QTBUG-69659
Change-Id: I184cc460d2e3736d042893a38aa1c11b7d443f88
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Respect allowRootCertOnDemandLoading, as it's done in QSslSocket (well,
almost as in QSslSocket).
Change-Id: Ic6cbb24a91e92cdb20f5f749553f15a62aae8b02
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, the function had a different name that made its purpose
clear - "abort after peer verification error was encoutered". Since
now it's just 'abort handshake', it also should abort an ongoing
handshake, even if no peer verification error found so that we
now have an API that can reset a QDtls object to its initial
'nothing done yet' state.
Change-Id: Idadfec6f82d65c8f07d1c2afa4467c921c7e85c4
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This update corrects several minor documentation errors that
were introduced by a recent change to QDtls.
Change-Id: I6ee6b0bf74c82dca86ba8d5f39acbd642829ec44
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This update corrects several minor documentation errors that
cause qdoc warnings. These include incorrect or missing \fn
commands, incorrect uses of \e and \a commands together,
incorrect spellings, etc.
Change-Id: Ib26edef541fa3440025490bcf79cc101623e7f7b
Reviewed-by: Martin Smith <martin.smith@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A weird behavior of the DTLS server example, when linked with 1.0.2,
exposed that client code, requesting an invalid protocol (for example, SSLv3)
can end-up with connection encrypted with DTLS 1.2 (which is not that bad,
but totally surprising). When we check the protocol version early in
setDtlsConfiguration() and find a wrong version, we leave our previous
configuration intact and we will use it later during the handshake.
This is wrong. So now we let our user set whatever wrong configuration they
have and later fail in TLS initialization, saying -
'Unsupported protocol, DTLS was expected'.
Auto-test was reduced - the follow-up patch will introduce a new
'invalidConfiguration' auto-test.
Change-Id: I9be054c6112eea11b7801a1595aaf1d34329e1d2
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
And reflow the text where it exceeds the 100 column limit.
Change-Id: I0d270c6a74a4c6ecba30e4e4d38a5d8f2cf81040
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As discussed/proposed previously: remove the duplicated code when converting the
native certificate representation into QSslCertificate (configuration.peerCertificate).
Also, use the correct integer type when iterating - CFIndex is actually long, not int.
Change-Id: Ia6f43172e21b5153a93f1ef2589980d68ec2b39f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| | |
Task-number: QTBUG-68070
Change-Id: Ifd08ecb7c2c1a6dc352952a10ad56259bd1ecf10
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|\ \
| | |
| | |
| | | |
refs/staging/dev
|
| |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
.qmake.conf
src/corelib/doc/src/objectmodel/signalsandslots.qdoc
src/plugins/platforms/cocoa/qcocoamenuloader.mm
src/plugins/platforms/xcb/qxcbconnection.cpp
src/plugins/platforms/xcb/qxcbconnection.h
src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
src/plugins/platforms/xcb/qxcbwindow.cpp
tests/auto/gui/image/qimage/tst_qimage.cpp
Done-with: Gatis Paeglis <gatis.paeglis@qt.io>
Change-Id: I9bd24ee9b00d4f26c8f344ce3970aa6e93935ff5
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It appears that by default our keychain auto-locks when the
system sleeps. This makes the keychain totally useless, since
its password is a random 256 bytes our user never has a chance
to know. Thanks to Mårten for the hint about SecKeychainSetSettings,
the way to properly fix it.
Task-number: QTBUG-69677
Change-Id: I2603c26b8422a1bcace3336e9b4ebe0381c952d7
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When the connection has been encrypted we will,
in QHttpNetworkConnectionChannel::_q_encrypted, emit 'reply->encrypted'
in which user slots can be called.
In the event that the user calls abort it will, however, not abort until
the next time it goes back to the event loop (which might not happen
until after the request has already been sent).
Task-number: QTBUG-65960
Change-Id: I96865f83c47f89deb9f644c86a71948dbb0ec0d0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Specify that we're calling QLocalSocket::close in dtor.
While it's virtual it will not call any overloads at this time.
From cppcheck.
Change-Id: I7b8030ab96e1568cbb2a378ceaf07b2ecabf054f
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
QNetworkAccessBackend has a QSharedPointer called uploadByteDevice.
QNetworkAccessDebugPipeBackend and QNetworkAccessFileBackend both
duplicated the member, by taking a copy of the raw pointer, while also
shadowing the QNetworkAccessBackend's member by reusing the name.
Change-Id: I91f4e8d43d95c5f30c5bc2571393804209b7a843
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also remove unneeded and now wrong check (was marked with TODO)
which was a copy and paste from OpenSSL counterpart. There, testing
if peerCertificateChain.isEmpty() makes sense, since there we
potentially call storePeerCertificates() twice during the handshake.
Change-Id: I946e6876adb3f9504e93c06ac90ff36dd44aca4c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|