| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
... by only reading in a certificate once. Before, we were adding all
files from all directories; since they often contained symlinks, the
same certificate was added several times.
Reviewed-by: Markus Goetz
Reviewed-by: Thiago Macieira
Task-number: QTBUG-14013
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The patch fixes the hanging issues on some Symbian devices that occurs while
retrieving certificates from the Symbian certificate store. The hanging was
caused by the certificate info array not being closed before exiting the
thread. This alone wouldn't make the existing implementation work, so the patch
replaces it with a pure Symbian style implementation which doesn't seem to be
affected (probably some OpenC threads issue).
Merge-request: 808
Reviewed-by: Shane Kearns
Reviewed-by: Simon Hausmann <simon.hausmann@nokia.com>
Task: QTBUG-13033
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
qmake/Makefile.win32
src/corelib/io/qfsfileengine_win.cpp
src/corelib/kernel/qeventdispatcher_win.cpp
src/gui/dialogs/qfiledialog_win.cpp
src/gui/inputmethod/qcoefepinputcontext_s60.cpp
src/gui/text/qfontdatabase_win.cpp
src/gui/util/qsystemtrayicon_win.cpp
src/script/utils/qscriptdate.cpp
tests/auto/qinputcontext/tst_qinputcontext.cpp
tests/auto/qscriptengine/tst_qscriptengine.cpp
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This was a security hole that has been there for a while, but the
public awareness have recently rised so the threat is more imminent
now.
The solution is to fix all places where we dynamically load system
libraries. More specifically, we now load all system libraries with
an absolute path that points to a library in the system directory
(usually c:\windows\system32).
We therefore introduce a small class named QSystemLibrary that only loads
libraries located in the system path. This shares some of the API with
QLibrary (in order to make the patch as small as possible).
We don't fix QLibrary due to risk of regressions. In
addition, applications can fix the code that calls QLibrary themselves.
The problem does not apply to Windows CE, since the search order is
documented as not searching in the current directory.
However, it touches some CE-specific code - therefore QSystemLibrary
is sometimes used on WinCE (however, it will just do a normal
LoadLibrary() since its safe anyway).
This change does not affect the testability plugin (it is not clearly
documented where that plugin is located, and the plugin should never
be used in production code anyway)
Loading OpenSSL libraries
The ssl libraries are handled specially, and searched in this order
(we cannot expect them to always be in the system folder):
1. Application path
2. System libraries path
3. Trying all paths inside the PATH environment variable
Task-number: QT-3825
Reviewed-by: Thiago Macieira
Reviewed-by: Peter Hartmann
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes Westpoint Security issue with Advisory ID#: wp-10-0001.
Before, we would allow wildcards in IP addresses like *.2.3.4 ; now,
IP addresses must match excatly.
Patch-by: Richard J. Moore <rich@kde.org>
Task-number: QT-3704
|
| | |
| |
| |
| |
| | |
QString::lower() is QT3_SUPPORT, the correct method is
QString::toLower().
|
| | |
| |
| |
| |
| |
| | |
Merge-request: 731
Task-number: QTBUG-4455
Reviewed-by: Peter Hartmann
|
| | |
| |
| |
| |
| | |
Reviewed-by: Markus Goetz
Task-number: QT-3567
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We were accessing the d-pointer of a QSslConfiguration which is
initialized lazily.
Reviewed-by: Markus Goetz
Task-number: QTBUG-13265
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
X509 has two time formats: UTC, where the year is in two-digit format,
and generalized time with four-digit years.
This patch allows dates specified generalized time.
Reviewed-by: Thiago Macieira
Task-number: QTBUG-12489
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
4.7-integration
* '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1: (32 commits)
Fix memory leak in QtScript variable object
doc: Changed some titles so lists of contents sort better.
QSslSocket: fix security vulnerability with wildcard IP addresses
doc: Some reorganization of top page topic hierarchy.
Mac: Fix crash when using style to draw on other things than widgets
Doc: Adding radius support for CSS3 and webkit
Correct spelling (UNKOWN -> UNKNOWN) to fix recent test regression
add performance comparisons to qregexp benchmark
configure: fix error message when calling config.status
Fix invalid memory write during recursive timer activation
Added comment about calendarPopup in setCalendarWidget function documentation.
doc: Fixed some qdoc errors.
Correcting spelling mistakes in documentation. Part of fix for QTBUG-11938.
CreateFileMapping returns NULL on error , only tested with INVALID_HANDLE_VALUE.
XmlListModel doc fixes
Mention QML_IMPORT_TRACE in Modules docs
Merge sections about when property and default state
Explain Flipable example further
PathView required some diagonal movement before a drag was initiated.
doc: Fixed some qdoc errors.
...
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes Westpoint Security issue with Advisory ID#: wp-10-0001.
Before, we would allow wildcards in IP addresses like *.2.3.4 ; now,
IP addresses must match excatly.
Patch-by: Richard J. Moore <rich@kde.org>
Task-number: QT-3704
|
| | | |
| | |
| | |
| | |
| | | |
Reviewer: David Boddie
Task number: QTBUG-11938
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
Due to a wrong ifdef sequence, the unix code was being compiled instead
of the symbian code for retrieving the system certificates.
Task-number: QTBUG-12718
Reviewed-by: Peter Hartmann
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The problem was that the QT_BEGIN_NAMESPACE was in the wrong place.
I moved it 10 lines before and the problem is gone.
Task-number: QTBUG-12262
Reviewed-by: Prasanth
|
| | |
| |
| |
| |
| | |
Reviewed-by: Markus Goetz
Task-number: QT-3567
|
| | | |
|
| | |
| |
| |
| |
| | |
QString::lower() is QT3_SUPPORT, the correct method is
QString::toLower().
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
4.7-integration
* '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1: (59 commits)
Doc: Cleaning style and adding support for Creator
Add NTLMv2 authentication support to QAuthenticator.
QIODPLB: Sync behavior of ungetBlock() and ungetChar()
QFileIconProvider: Load icons on demand.
Doc: fixing offline style
Fix handling of SSL certificates with wildcard domain names
Doc: fixing examples link
doc: Fixed several qdoc warnings.
doc: Fixed several qdoc warnings.
SSL library loading: load system libs only once
Revert "SSL backend: load libraries for certificates only once"
doc: Fixed several qdoc warnings.
doc: Fixed several qdoc warnings.
doc: Fixed several qdoc warnings.
doc: Fixed several qdoc warnings.
doc: Fixed several qdoc warnings.
Doc: Adding support for Qt Creator style
doc: Fixed last of the declarative/QML qdoc warnings.
qdoc: Marked some missing declarative properties and functions as \internal.
qhelpgenerator: Fix namespace syntax checking.
...
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Merge-request: 731
Task-number: QTBUG-4455
Reviewed-by: Peter Hartmann
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
... and make the loading thread-safe.
The global methods for loading the OpenSSL libraries
and the system libraries are accessed from within
different QSslSocket and QSslConfiguration instances,
so they need to be thread-safe.
Reviewed-by: Markus Goetz
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit f2187e31de13a6ab8631a9067487dab555f7c2e7.
Reviewed-by: Markus Goetz
|
| | | |
| | |
| | |
| | | |
Reviewed-by: Olivier Goffart
|
| |/ /
| |
| |
| |
| |
| |
| | |
This translates stl exceptions into Symbian OS Leaves, to
prevent an assertion failure in the active scheduler.
Reviewed-by: mread
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Implemented access to the unified certificate store on Symbian with
Shane and Peter's help.
Task-number: QTBUG-11399
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
on WinCE the function is called "CertOpenStore", and not
"CertOpenSystemStoreW".
Patch-by: Ismail Donmez
Task-number: QTBUG-11905
|
| | |
| |
| |
| | |
Reviewed-by: Simon Hausmann
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some CAs have several root certificates with the same SubjectInfo, but
different expiration date. This means that OpenSSL needs to choose the
valid root certificate over the expired ones when verifying a
certificate chain. Apparently, the certs added to the store first are
the ones that get used first, so we add the expired ones at the end.
Reviewed-by: Thiago Macieira
Task-number: QTBUG-11664
|
| | |
| |
| |
| |
| |
| |
| | |
Loading these uses about 1 MB of memory and can be be deferred until
it's actually needed.
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The case doesn't matter when building on Windows, but does
when cross-compiling on Unix.
Merge-request: 709
Reviewed-by: Andreas Kling <andreas.kling@nokia.com>
|
| | |
| |
| |
| | |
Reviewed-by: Markus Goetz
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The regression was introduced with 164f347aba7287407615223dc2219a016ebc8248.
As soon as possible we should probably rewrite the fromPath() function,
to have a proper solution.
Nevertheless this might be a bigger change and should not be done
so late in release cycle.
Reviewed-by: TrustMe
|
| | |
| |
| |
| | |
Reviewed-by: Zeno Albisser
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
since we now use the system certificates we should
not provide our own certificate bundle anymore.
Patch-by: Zeno Albisser and Peter Hartmann
Reviewed-by: Thiago
Task-number: QTBUG-8833
Task-number: QT-3361
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
before, we were shipping our own bundle of CA certificates.
Now we read the certificates from the system CA store.
Patch-by: Zeno Albisser and Peter Hartmann
Reviewed-by: Thiago
Task-number: QTBUG-8833
Task-number: QT-3361
|
| | |
| |
| |
| |
| | |
Reviewed-by: Thiago
Task-number: QTBUG-2706
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We were calling an OpenSSL function that returned a long for the serial
number; sometimes serial numbers are too big to fit into a long (up to
20 octets). In that case, do not convert the serial number to decimal,
but just output the hexadecimal value.
Reviewed-by: Zeno Albisser
Task-number: QTBUG-9973
|
| |\ \
| |/
| |
| |
| | |
Conflicts:
src/script/api/qscriptengine.cpp
|
| | |
| |
| |
| |
| | |
Reviewed-by: thiago
Reviewed-by: andreas
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Work done jointly by Gareth and me. Yields no qdoc errors.
Task-number: QTBUG-9342
Task-number: QTBUG-9120
Reviewed-by: Gareth Stockwell
Reviewed-by: David Boddie
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
4.7-integration
* '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1: (72 commits)
different approach to fixing "the other" aliasing issue
fix aliasing issue in node_construct()
detach in fewer cases, remove redundant calculation
SSL: Fix memleak related to local certificate
Improve keyboard layout detection on X11
Compile on ARM with -Werror -Wold-style-cast
Use the vista-style native dialog for QFileDialog::getExistingDirectory
Apply the stdset attribute for resource properties
doc: Completed sentence about HideNameFilterDetails
Doc fix in QLocale
Doc for for QGestureRecognizer::create.
Fix broken setCollectionFile (creating multiple models instead reusing)
Enable the fast paths when converting to Rgb565
qdoc: ifdefed out all the debug code.
Add missing QtScript API shims
Further fix license whitespace.
Remove NetworkManager test-bed application.
Remove configure test for NetworkManager.
Fix QDir::entryList regression
Add DEFINES to mingw32/windres.exe command line.
...
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Task-number: QTBUG-6504
Task-number: QTBUG-8924
Task-number: QTBUG-5645
Reviewed-by: andreas
Reviewed-by: Peter Hartmann
|
| |/
|
|
|
| |
Task-number: QTBUG-2515
Reviewed-by: Andreas Aardal Hanssen
|
| |
|
|
| |
Reviewed-by: joao
|
| |
|
|
| |
Reviewed-by: Peter Hartmann
|
| |
|
|
|
|
| |
.. and breaking out of a loop where we should.
Reviewed-by: thiago
|
