| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With OpenSSL v3 it would be possible to compile-out functions,
directly working with entities like RSA, DSA, DH and EC_KEY.
For this you have to define OPENSSL_API_COMPAT >= 0x30000000L.
This would break QSslKey and QSslContext.
To mitigate this potential problem, we switch to the 'generic'
API, that works with EVP_PKEY instead. All functionality
will be preserved, except inability of QSslKey::handle()
to get pointers to RSA, DSA, DH or EC_KEY.
Fixes: QTBUG-95122
Pick-to: 6.2
Change-Id: Ic85b48502421c4330cf4877b52850539c855fa74
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this change, next() was the only way to advance the iterator,
whether the caller was ultimately interested in just the filePath()
(good) or not (bad luck, had to call .fileInfo()).
Add a new function, nextFileInfo(), with returns fileInfo() instead.
Incidentally, the returned object has already been constructed as part
of advance()ing the iterator, so the new function is faster than
next() even if the result is ignored, because we're not calculating a
QString result the caller may not be interested in.
Use the new function around the code.
Fix a couple of cases of next(); fileInfo().filePath() (just use
next()'s return value) as a drive-by.
[ChangeLog][QtCore][QDirIterator] Added nextFileInfo(), which is like
next(), but returns fileInfo() instead of filePath().
Change-Id: I601220575961169b44139fc55b9eae6c3197afb4
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
| |
Disabled (moved into the legacy provider) DES-CBC results in a crash,
when setting key length.
Pick-to: 6.2 6.1 5.15
Change-Id: Ie0b49424f11d8042ebecebfd3b6346263f730551
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The correct variable to check is WIN32 rather than WINDOWS.
This affects which plugins get automatically linked in a static
Qt build.
Amends a3b58a7844f77bd416fad8307f8333ff7c0efacf
Amends d385158d5213ef568b7629e2aa4a818016bbffac
Pick-to: 6.1 6.2
Fixes: QTBUG-95283
Change-Id: Idf78c78a1029f4d13fb460c07bef3d2669e55b09
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
| |
With -static build lcTlsBackend was duplicated.
Pick-to: 6.2
Change-Id: I20ee0f9c7e2027a7033c9fbae628d0d91672e719
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
| |
The Q_LOGGING_CATEGORY macro defines a function, and for each backend
the function would be defined (and defined differently).
Pick-to: 6.2
Change-Id: I6522b5e3baf731e5ead0e21da009c970d580fa02
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
... instead of QSharedPointer.
QSharedPointer performs twice as many atomic operations per pointer
copy as std::shared_ptr, and this is private API, we're not bound by
BC constraints, so we can port to the more efficient version.
Change-Id: I2e2a02493565a7ca51c86ec0ed66b6ce7c763e41
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
In preparation of porting to shared_ptr.
Add a few strategic moves and remove a rather pointless comment
stating the obvious.
Change-Id: Ie1c0f3431af79bdb204e00d99323bf9f2d100d0d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As pointed out by Marc Mutz in another review, the Android branches of
its #if-ery amounted to a complicated no-op, so simplify the #if-ery,
add a TODO and then simplify the code thereby freed of the need to
accommodate the #if-ery.
In the process, initialize a set of filenames with the two filenames
that we read certificates from after looping over the set, which might
have left those files being read twice.
Change-Id: I2ee4ee3c3cf40226ee6a50afd6127fa4a71d2834
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The maximum size for a hash result is 64 atm. Even if, and esp when,
we'll get to 128 and 256 bytes in the future, there's no reason to use
dynamic memory, because the sizes will always be statically known.
So use, essentially, a std::array<char, 64> to hold the result
internally. Add a bit of convenience API on top to limit impact on the
rest of the code and add a few static_asserts that ensure this is large
enough. Then give users access to the internal buffer by adding
QByteArrayView resultView() const noexcept. The documentation snippet
is taken from QString::data(), suitably adjusted.
Use resultView() in a few places instead of result().
[ChangeLog][QtCore][QCryptographicHash] Changed to use a
statically-sized buffer internally. Added resultView() to access it.
Change-Id: I96c35e55acacbe94529446d720c18325273ffd2f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Plugins shouldn't have public usage requirements.
Amends 434ada8dcb6132b3a597ea56b57a66c627f51728
Pick-to: 6.2
Task-number: QTBUG-90819
Change-Id: Iffb3def07ea428b1c3c5b9873e259a4d5168b7a1
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
| |
|
|
|
| |
Change-Id: Ib43a9b165deb6f3141700961469acf2eb60862ec
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
|
| |
|
|
|
|
|
|
|
|
| |
All callers use the shared-ptr version these days.
Change-Id: I77e9fc9ccb8a57bfebcad7883e9eaff3780748f0
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
| |
SSL_get_peer_certificate was deprecated in OpenSSL v3 and can be 'compiled-out'
using OPENSSL_API_COMPAT. Use SSL_get1_peer_certificate instead.
Pick-to: 6.2
Task-number: QTBUG-94596
Change-Id: Iedb2e06e673e981cab79d4bf0147ac6f5f90089a
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The workaround I had implemented based on alpha version of OpenSSL v3
and what developers (OpenSSL) said about DH back then is not going to work
in the end - they do remove all DH (struct and related functions) stuff
if you set a proper OPENSSL_API_COMPAT level. A proper re-write is required
to support OpenSSL v3, but then there is no reason to keep dead useless
code.
Pick-to: 6.2
Task-number: QTBUG-94596
Change-Id: Iae092dd08148521649a684879d30e190736e1abe
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
It was fixed quite some time ago for TLS counterpart (TLS_MAX_VERSION),
but somehow the similar fix was missing for DTLS. OpenSSL v3 deprecated
those constants and they can be compiled out by OPENSSL_API_COMPAT.
Pick-to: 6.2
Task-number: QTBUG-94596
Change-Id: Ia0246170a003db900c430b2fbfc177caf05a395a
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
|
|
|
| |
... instead of the "usual" rule of three: ctor, addData(), result().
Not only does it generate less code in the caller, it's now also
faster.
Change-Id: I67c7eeb01f527b90e80a08f60c1c7f2ec1e49dd4
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pro2cmake.py conversion script faithfully reproduced the .pro files
for the plugins, which specified the libraries as public. But in CMake,
the implications of this are that public usage requirements should then
be propagated to consumers. We don't expect any consumers, since a
plugin is created as a MODULE library in CMake, so for Windows we don't
even have an import library to link with. The only exception to this is
for static builds where plugins are created as STATIC libraries
instead, but only in certain controlled situations do we then link to
plugins. Even then, usage requirements are not expected to propagate to
the consumers, so these relationships should always be specified as
private.
Pick-to: 6.2
Task-number: QTBUG-90819
Change-Id: Ibc7c2bcd3b6a9dc77df40c4c0c22ff254a80f33d
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since Ministro no longer work on recent Android versions (Android 8+),
and it hasn't been maintained and the repos are not updated, the
existing code is practically a dead code.
[ChangeLog][Android] Remove ministro code since it's been unmaintained
and not working with recent Android versions.
Task-number: QTBUG-85201
Pick-to: 6.2
Change-Id: I18d7b1e209cba3cfd04674060e9bf39aa5a5510f
Reviewed-by: BogDan Vatra <bogdan@kdab.com>
|
| |
|
|
|
|
|
|
|
| |
No need to check if we're running on windows 8.1 or above.
We always are.
Pick-to: 6.2
Change-Id: I9f2e7a58631064e573725705882a603e900c7e39
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
As per the best practice laid forth in RFC-8996.
TLS 1.2 was recommended from 2008 until TLS 1.3 was released in 2018.
[ChangeLog][QtNetwork][QSslSocket] TLS 1.0, 1.1 and DTLS 1.0 are now
deprecated, as recommended by RFC-8996.
Fixes: QTBUG-92880
Change-Id: I90cebcfb07cfce623af7ac9f2b66ce9d02586b54
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
| |
Since we're no longer connected, much less encrypted.
Was done in schannel backend, but not in ST or OpenSSL
Pick-to: 6.2
Change-Id: Ia49387be0088f899a0c89091f7e468dba1c0eee6
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
| |
Small leftover mistake
Change-Id: I0cb55fe78a2666665a3c56b41200c127a42df0c2
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
With the recent change, 'system' headers gone: not in the test code anymore,
so, for example OPENSSL_VERSION_NUMBER is undefined, making the test
to select a wrong code-path - 'h2c', instead of encrypted h2.
Pick-to: 6.2
Pick-to: 6.1
Change-Id: I3b201e21fac56875c9045c7463e2ae69af4c6470
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously they all returned the runtime versions and one string
function did not include the backend's name.
The NTDDI_VERSION macro is what we use to base certain
feature-availability on during compilation so it makes the most sense to
use for the build-string.
Pick-to: 6.2
Change-Id: I96b025a5a05c0bbb4db3d5ee68656e0df5f4eb07
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
The generated CMake file Config.cmake in cmake/Qt6Network/
is generated from the target name. If it doesn't end with "Plugin",
then it won't be found by Qt6NetworkPlugins.cmake, which is looking
for Qt6*PluginConfig.cmake files.
Fixes: QTBUG-94108
Change-Id: I43f7056b2caede14509c9ec66b10e2037033762b
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |
|
|
|
|
|
|
| |
To report QDtlsClientVerifier implementation supported.
Change-Id: I23812396c0c6a9595769d8ddb9cc2f85cc636ecb
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
| |
Change-Id: I3bf366967d7995621aba1a7c1bec6732f3ef957d
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When cross compiling from a case sensitive file system, casing
matters, and mingw headers and import libraries consistently
use lowercase.
This was uncovered by d385158d5213ef568b7629e2aa4a818016bbffac;
prior to that, the schannel TLS plugin didn't end up built (at
least when cross compiling).
Fix other similar cases that can be found by grepping the repo.
Change-Id: Ia696e17b7aaa979d7b7f5b0801383f338a8b585b
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
All TLS (and non-TLS) backends that QSsl classes rely
on are now in plugins/tls (as openssl, securetransport,
schannel and certonly plugins).
For now, I have to disable some tests that were using OpenSSL
calls - this to be refactored/re-thought. These include:
qsslsocket auto-test (test-case where we work with private keys),
qsslkey auto-test (similar to qsslsocket - test-case working with
keys using OpenSSL calls).
qasn1element moved to plugins too, so its auto-test have to
be re-thought.
Since now we can have more than one working TLS-backend on a given
platform, the presence of OpenSSL also means I force this backend
as active before running tests, to make sure features implemented
only in OpenSSL-backend are tested.
OCSP auto test is disabled for now, since it heavily relies on
OpenSSL symbols (to be refactored).
[ChangeLog][QtNetwork][QSslSocket] QSslSocket by default prefers 'openssl' backend
if it is available.
[ChangeLog][QtNetwork][QSslSocket] TLS-backends are not mutually exclusive anymore,
depending on a platform, more than one TLS backend can be built. E.g., configuring
Qt with -openssl does not prevent SecureTransport or Schannel plugin from being
built.
Fixes: QTBUG-91928
Change-Id: I4c05e32f10179066bee3a518bdfdd6c4b15320c3
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
