| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
This reverts commit d201c0a2184881a226bce76528047707e9062856.
Reason for revert: QNX have support only for OpenSSL1.1.
QNX will start supporting OpenSSL3 with upcoming QNX8.0 but as long as we want to support QNX7.1 (and even QNX7.0) removing OpenSSL1.1 support from Qt is not an option.
Change-Id: Ia2083eda318779968eb6ee84fff2f56ebe3dadf7
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.1 reached EOL last September [1]. We will only support
OpenSSL 3.
Cherry-picking aggressively, as there's no purpose at keeping maintained
Qt versions work with an unmaintained library given the security
implications.
[1] https://www.openssl.org/blog/blog/2023/09/11/eol-111/
[ChangeLog][QtNetwork][SSL] Support for OpenSSL 1.1 has been dropped. Qt
now only supports OpenSSL 3.
Change-Id: I51a231a9ca17804739acbd2f22c478d2a8ff9b3b
Fixes: QTBUG-119330
Pick-to: 6.6 6.5 6.2 5.15
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
|
|
|
|
|
|
| |
[ChangeLog][QtNetwork][QSslDiffieHellmanParameters] An empty
Diffie-Hellmann parameter enables auto selection of openssl
backend.
Fixes: QTBUG-117666
Change-Id: Ic2e0529d48542752ca801bcb4d609988e5ddff25
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've been requiring C++17 since Qt 6.0, and our qAsConst use finally
starts to bother us (QTBUG-99313), so time to port away from it
now.
Since qAsConst has exactly the same semantics as std::as_const (down
to rvalue treatment, constexpr'ness and noexcept'ness), there's really
nothing more to it than a global search-and-replace, with manual
unstaging of the actual definition and documentation in dist/,
src/corelib/doc/ and src/corelib/global/.
Task-number: QTBUG-99313
Change-Id: I4c7114444a325ad4e62d0fcbfd347d2bbfb21541
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is semantic patch using ClangTidyTransformator:
auto QtContainerClass = expr(hasType(namedDecl(hasAnyName(<classes>)))).bind(o)
makeRule(cxxMemberCallExpr(on(QtContainerClass),
callee(cxxMethodDecl(hasAnyName({"count", "length"),
parameterCountIs(0))))),
changeTo(cat(access(o, cat("size"), "()"))),
cat("use 'size()' instead of 'count()/length()'"))
a.k.a qt-port-to-std-compatible-api with config Scope: 'Container'.
<classes> are:
// sequential:
"QByteArray",
"QList",
"QQueue",
"QStack",
"QString",
"QVarLengthArray",
"QVector",
// associative:
"QHash",
"QMultiHash",
"QMap",
"QMultiMap",
"QSet",
// Qt has no QMultiSet
Change-Id: Ibe8837be96e8d30d1846881ecd65180c1bc459af
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
openssl3 uses uint64_t for the options argument in SSL_CTX_set_options,
older ones used long.
sizeof(long) is not the same on any platform as sizeof(uint64_t)
Fixes: QTBUG-105041
Change-Id: If148ffd883f50b58bc284c6f2609337d80fb5c58
Pick-to: 5.15 6.2 6.3 6.4
Reviewed-by: Dmitry Shachnev <mitya57@gmail.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the current license disclaimer in files by
a SPDX-License-Identifier.
Files that have to be modified by hand are modified.
License files are organized under LICENSES directory.
Task-number: QTBUG-67283
Change-Id: Id880c92784c40f3bbde861c0d93f58151c18b9f1
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Jörg Bornemann <joerg.bornemann@qt.io>
|
|
|
|
|
|
|
| |
'Use size() or length() instead'
Change-Id: I284fce29727c4c1ec9ea38a4e8ea13a9e0af5390
Reviewed-by: Sona Kurazyan <sona.kurazyan@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
If we have OPENSSL_NO_DEPRECATED_3_0 defined. This includes RSA, DSA,
EC and DH-related APIs. As of now, we only make sure the code still
compiles.
Pick-to: 6.2 5.15
Fixes: QTBUG-83733
Change-Id: Id455b851421ce0dcdfb0229fa515ba2b2ed690b1
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With OpenSSL v3 it would be possible to compile-out functions,
directly working with entities like RSA, DSA, DH and EC_KEY.
For this you have to define OPENSSL_API_COMPAT >= 0x30000000L.
This would break QSslKey and QSslContext.
To mitigate this potential problem, we switch to the 'generic'
API, that works with EVP_PKEY instead. All functionality
will be preserved, except inability of QSslKey::handle()
to get pointers to RSA, DSA, DH or EC_KEY.
Fixes: QTBUG-95122
Pick-to: 6.2
Change-Id: Ic85b48502421c4330cf4877b52850539c855fa74
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
... instead of QSharedPointer.
QSharedPointer performs twice as many atomic operations per pointer
copy as std::shared_ptr, and this is private API, we're not bound by
BC constraints, so we can port to the more efficient version.
Change-Id: I2e2a02493565a7ca51c86ec0ed66b6ce7c763e41
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
All callers use the shared-ptr version these days.
Change-Id: I77e9fc9ccb8a57bfebcad7883e9eaff3780748f0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
It was fixed quite some time ago for TLS counterpart (TLS_MAX_VERSION),
but somehow the similar fix was missing for DTLS. OpenSSL v3 deprecated
those constants and they can be compiled out by OPENSSL_API_COMPAT.
Pick-to: 6.2
Task-number: QTBUG-94596
Change-Id: Ia0246170a003db900c430b2fbfc177caf05a395a
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
As per the best practice laid forth in RFC-8996.
TLS 1.2 was recommended from 2008 until TLS 1.3 was released in 2018.
[ChangeLog][QtNetwork][QSslSocket] TLS 1.0, 1.1 and DTLS 1.0 are now
deprecated, as recommended by RFC-8996.
Fixes: QTBUG-92880
Change-Id: I90cebcfb07cfce623af7ac9f2b66ce9d02586b54
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|
All TLS (and non-TLS) backends that QSsl classes rely
on are now in plugins/tls (as openssl, securetransport,
schannel and certonly plugins).
For now, I have to disable some tests that were using OpenSSL
calls - this to be refactored/re-thought. These include:
qsslsocket auto-test (test-case where we work with private keys),
qsslkey auto-test (similar to qsslsocket - test-case working with
keys using OpenSSL calls).
qasn1element moved to plugins too, so its auto-test have to
be re-thought.
Since now we can have more than one working TLS-backend on a given
platform, the presence of OpenSSL also means I force this backend
as active before running tests, to make sure features implemented
only in OpenSSL-backend are tested.
OCSP auto test is disabled for now, since it heavily relies on
OpenSSL symbols (to be refactored).
[ChangeLog][QtNetwork][QSslSocket] QSslSocket by default prefers 'openssl' backend
if it is available.
[ChangeLog][QtNetwork][QSslSocket] TLS-backends are not mutually exclusive anymore,
depending on a platform, more than one TLS backend can be built. E.g., configuring
Qt with -openssl does not prevent SecureTransport or Schannel plugin from being
built.
Fixes: QTBUG-91928
Change-Id: I4c05e32f10179066bee3a518bdfdd6c4b15320c3
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|