summaryrefslogtreecommitdiffstats
path: root/src/network/ssl
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote branch 'origin/4.7' into qt-4.8-from-4.7Jani Hautakangas2011-06-221-2/+2
|\ | | | | | | | | | | | | Conflicts: src/opengl/qgl.cpp src/opengl/qpixmapdata_symbiangl.cpp src/opengl/qwindowsurface_gl.cpp
| * SSL readbuffer 16->32 kBJaakko Koskenkorva2011-06-101-2/+2
| | | | | | | | | | | | | | | | Enlarge SSL readbuffer as per performance testing results. Checked from Shane Kearns that larger buffer is OK. Task-id: http://bugreports.qt.nokia.com/browse/QTBUG-18943 RC id: ou1cimx1#779022
* | Merge branch 'master' of scm.dev.nokia.troll.no:qt/qt-fire-staging into ↵Qt Continuous Integration System2011-06-212-4/+6
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | master-integration * 'master' of scm.dev.nokia.troll.no:qt/qt-fire-staging: Adding debug output for not supported gl features Compile fix in network for ios Make it possible to compile in a screen plugin name in QWS Don't redefine EGL defines Compile fixes in corelib for ios Export IPHONEOS_DEPLOYMENT_TARGET from qmake Adding arm armv6 and armv7 as valid archs for mac builds reset certain global variables on deletion Made tst_QWidget::repaintWhenChildDeleted() pass.
| * | Compile fix in network for iosIan2011-06-202-4/+6
| | | | | | | | | | | | Reviewed-by: Jørgen Lind
* | | Merge branch '4.8' of scm.dev.nokia.troll.no:qt/qtDavid Boddie2011-06-174-39/+35
|\ \ \ | |/ / | | | | | | | | | | | | | | | Conflicts: doc/src/declarative/righttoleft.qdoc examples/draganddrop/fridgemagnets/main.cpp examples/script/context2d/main.cpp
| * | Merge remote branch 'origin/4.7' into 4.8-from-4.7Rohan McGovern2011-06-011-2/+2
| |\ \ | | |/ | | | | | | | | | | | | Conflicts: src/declarative/declarative.pro tests/auto/qnetworkproxyfactory/tst_qnetworkproxyfactory.cpp
| | * Increase SSL readbuffer 1 -> 16 kBJaakko Koskenkorva2011-05-311-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reading incoming data in Symbian is slow when it is done from the native RSocket in 1kB blocks. Typically other native apps use 16 kB or even 24 kB (browser). This contributes (among other slow tasks such as writing to mass memory) to the TCP window filling up. This case, even though it should be recoverable, has proven to be problematic in some scenarios including downloading from Ovi Store via 3G. The fix just increases the amount of data read, which speeds things up and makes the problematic window fill-up less common. Reviewed-by: Shane Kearns Task-number: QTBUG-18943
| | * Merge branch '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1 into ↵Qt Continuous Integration System2011-05-1723-393/+393
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 4.7-integration * '4.7' of scm.dev.nokia.troll.no:qt/oslo-staging-1: Updating file with CRLF line endings for the updated header Fix a regression in QList::mid() update gitignore remove -fno-stack-protector Fix make confclean Update licenseheader text in source files
| | | * Update licenseheader text in source filesJyri Tahtela2011-05-1323-393/+393
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Updated version of LGPL and FDL licenseheaders. Apply release phase licenseheaders for all source files. Reviewed-by: Trust Me
| | * | Send User-Agent from the network request in http proxy CONNECT commandShane Kearns2011-05-051-0/+2
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some proxies can discriminate based on the User-Agent when sent a CONNECT command for establishing a HTTPS connection. With this change, if the User-Agent header is set in the QNetworkRequest then it will be passed to the http socket engine for use in the connect command sent to the proxy. As before, "Mozilla/5.0" will be used by default when no user agent has been set. Task-number: QTBUG-17223 Reviewed-by: Markus Goetz
| * | Merge remote-tracking branch 'origin/4.8'Olivier Goffart2011-05-2423-393/+393
| |\ \
| * | | fix Symbian ordinals for merge request re. utf8 characters in SSL certsPeter Hartmann2011-05-241-1/+5
| | | | | | | | | | | | | | | | Task-number: QTBUG-7912
| * | | fix coding style for merge request re. utf8 characters in SSL certsPierre Rossi2011-05-231-7/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes minor coding issues for "Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerName" Task-number: QTBUG-7912 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
| * | | Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerNameRaul Metsma2011-05-233-36/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... to be able to display non-ASCII names from subject and issuerInfo. Task-number: QTBUG-7912 Merge-request: 922 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* | | | Merge branch '4.8' of scm.dev.nokia.troll.no:qt/qtDavid Boddie2011-05-2423-393/+395
|\ \ \ \ | | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Conflicts: src/gui/text/qrawfont.cpp src/gui/text/qtextlayout.cpp src/gui/util/qscroller.cpp src/gui/widgets/qlineedit.cpp
| * | | Update licenseheader text in source files for qt4.8Jyri Tahtela2011-05-1323-393/+393
| |/ / | | | | | | | | | | | | | | | | | | Updated version of LGPL and FDL licenseheaders. Apply release phase licenseheaders for all source files. Reviewed-by: Trust Me
| * | Merge branch 'symbian-socket-engine' into staging-masterShane Kearns2011-05-101-0/+2
| |\ \
| | * | Send User-Agent from the network request in http proxy CONNECT commandShane Kearns2011-05-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some proxies can discriminate based on the User-Agent when sent a CONNECT command for establishing a HTTPS connection. With this change, if the User-Agent header is set in the QNetworkRequest then it will be passed to the http socket engine for use in the connect command sent to the proxy. As before, "Mozilla/5.0" will be used by default when no user agent has been set. Task-number: QTBUG-17223 Reviewed-by: Markus Goetz
| * | | QSslConfiguration documentation fixTaito Silvola2011-05-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | setPeerVerifyMode() and peerVerifyMode() comments fix Merge-request: 1220 Reviewed-by: Peter Hartmann
* | | | Doc: Fixed qdoc warnings.David Boddie2011-05-111-2/+2
| | | |
* | | | setPeerVerifyMode() and peerVerifyMode() comments fixTaito Silvola2011-05-051-2/+2
|/ / /
* | | QSslConfiguration: fix equals operatorPeter Hartmann2011-04-151-1/+1
|/ /
* | Merge branch 'master' of scm.dev.troll.no:qt/qt-earth-team into ↵Shane Kearns2011-04-118-37/+69
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | symbian-socket-engine Conflicts: src/s60installs/bwins/QtCoreu.def src/s60installs/bwins/QtGuiu.def src/s60installs/bwins/QtNetworku.def src/s60installs/eabi/QtCoreu.def src/s60installs/eabi/QtGuiu.def src/s60installs/eabi/QtNetworku.def src/s60installs/eabi/QtOpenVGu.def tests/auto/qabstractnetworkcache/tst_qabstractnetworkcache.cpp
| * | SSL code: introduce new error value for blacklisted certificatesPeter Hartmann2011-04-073-7/+14
| | | | | | | | | | | | | | | | | | | | | | | | improve error reporting by introducing a new enum value in case the peer certificate is blacklisted. Reviewed-by: Markus Goetz Task-number: QTBUG-18338
| * | Merge branch 'master' of scm.dev.nokia.troll.no:qt/qt into earth-masteraxis2011-04-073-4/+38
| |\ \ | | | | | | | | | | | | | | | | Conflicts: src/corelib/thread/qthread_unix.cpp
| | * \ Merge remote-tracking branch 'origin/4.7' into qt-master-from-4.7Olivier Goffart2011-03-313-4/+38
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: doc/src/declarative/example-slideswitch.qdoc doc/src/development/qmake-manual.qdoc doc/src/snippets/code/doc_src_qmake-manual.pro doc/src/snippets/code/doc_src_qtscript.qdoc src/corelib/animation/qabstractanimation.cpp src/s60installs/bwins/QtOpenGLu.def src/s60installs/eabi/QtOpenGLu.def src/s60installs/eabi/QtOpenVGu.def tests/auto/qdir/qdir.pro tests/auto/qsslsocket/tst_qsslsocket.cpp tools/qdoc3/doc/qdoc-manual.qdocconf
| | | * QSslSocket internals: abort on encountering blacklisted certificatesPeter Hartmann2011-03-251-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tested manually with "openssl s_server -cert blacklisted.pem -key key.pem" and connecting a QSslSocket. Reviewed-by: Markus Goetz Task-number: QTBUG-18338
| | | * QSslCertificate: report fraudulent certificates as invalidPeter Hartmann2011-03-242-4/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are some fraudulent certificates in the wild that are not valid; this patch introduces a blacklist of serial numbers of those certificates. Reviewed-by: Richard J. Moore Reviewed-by: Markus Goetz Task-number: QTBUG-18338
| * | | QSslSocket: fix setReadBufferSizeMartin Petersson2011-03-311-8/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This fix the qnetworkreply::ioPostToHttpsUploadProgress() auto test. Before the readbuffer where always limited to 1k for ssl sockets. Reviewed-by: Markus Goetz
| * | | QSslConfiguration: do not lazily construct the d-pointerPeter Hartmann2011-03-283-25/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...the private class is cheap anyway; and lazy construction lead to problems like setting an empty default configuration would crash etc. Reviewed-by: Markus Goetz Task-number: QTBUG-17550
* | | | Merge remote branch 'earth/master' into symbian-socket-engineShane Kearns2011-03-256-11/+38
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/network/access/qhttpnetworkconnectionchannel.cpp src/network/socket/qlocalsocket.cpp src/s60installs/bwins/QtCoreu.def src/s60installs/bwins/QtGuiu.def src/s60installs/bwins/QtTestu.def src/s60installs/eabi/QtCoreu.def src/s60installs/eabi/QtGuiu.def
| * | | SSL: send SNI extension only if not connecting to an IPPeter Hartmann2011-03-221-1/+2
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | otherwise the host name and the name we send in the SNI header (the IP) would not match. Reviewed-by: Thiago Macieira Reviewed-by: Richard J. Moore Task-number: QTBUG-18258
| * | Merge remote-tracking branch 'origin/4.7' into HEADThiago Macieira2011-03-161-2/+11
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure mkspecs/symbian-gcce/qmake.conf qmake/generators/metamakefile.cpp qmake/generators/win32/mingw_make.cpp src/corelib/global/global.pri src/corelib/global/qglobal.h src/opengl/qgl.cpp src/opengl/qwindowsurface_gl.cpp src/plugins/platforms/wayland/qwaylandbuffer.h tests/auto/qnetworkreply/tst_qnetworkreply.cpp tools/designer/src/components/formeditor/qdesigner_resource.cpp
| | * SSL: Fix certification loading on Mac OS X 10.5Martin Petersson2011-03-141-2/+11
| | | | | | | | | | | | | | | | | | | | | Do not add the expired certificates on Mac OS X 10.5. Task-number: QTBUG-14520 Reviewed-by: Markus Goetz
| * | SSL: give protocol enum SecureProtocols an own valuePeter Hartmann2011-03-154-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | ... so that an application that uses SecureProtocols can make use of updates to a Qt version without being recompiled. Reviewed-by: Markus Goetz Reviewed-by: Richard J. Moore
| * | SSL backend: avoid setting SNI hostname for old SSL versionsPeter Hartmann2011-03-142-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | With this patch, we only use SNI functionality when the SSL version supports it (meaning when using TLS), otherwise the function call would trigger a warning. Reviewed-by: Markus Goetz
| * | SSL: Switch default version to TlsV1SslV3 (i.e. use TLS 1 or SSL 3)Peter Hartmann2011-03-145-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | ... and introduce a new enum SecureProtocols. Switching the default version is better for compatibility (e.g. servers using this option will understand both TLS and SSL 3). Reviewed-by: Markus Goetz
| * | SSL: introduce new option TlsV1SslV3 for SSL communicationPeter Hartmann2011-03-143-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | currently there are 3 supported protocols: SSL2, SSL3 and TLS1. SSL2 is considered insecure and should not be used anymore. This commit offers an option to use both TLS1 and SSL3, leaving SSL2 out. Part-of-the-patch-by: Darren Lissimore Reviewed-by: Markus Goetz Task-number: QTBUG-12338
* | | SSL: fix compilation on WindowsMartin Petersson2011-03-151-0/+1
| | | | | | | | | | | | Reviewed-by: Markus Goetz
* | | Merge branch 'symbian-socket-engine' of ↵Shane Kearns2011-03-081-0/+4
|\ \ \ | |/ / |/| | | | | | | | | | | | | | | | | scm.dev.troll.no:qt/qt-symbian-network into symbian-socket-engine Conflicts: src/network/access/qnetworkaccessmanager.cpp tests/auto/qsslsocket/tst_qsslsocket.cpp
| * | Explicit network session for QNetworkAccessManagerShane Kearns2011-02-171-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Implemented a tunnel to get the QNetworkSession from QNetworkAccessManager down to the socket engine. This is currently a private API for QNAM. This patch only implements the FTP backend - the other backends are to follow. On Symbian, the native socket engine will extract the native session (RConnection) from the QNetworkSession implementation, and use that to open sockets using the explicitly specified session. When no session is specified on the socket (default for networking usage outside of QNAM) then the socket is opened with no RConnection specified, which allows the IP stack to find any route via an open interface. The QFtp autotest is enhanced to test QFtp with an explicit session as well as implicit connectivity (where a QNetworkSession is opened by the user, and then QFtp is used without a specified connection). This autotest gives better coverage than the FTP test cases in QNetworkReply. Reviewed-by: Markus Goetz
* | | SSL backend: check at runtime for the right OpenSSL version for SNIPeter Hartmann2011-03-044-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SNI = Server Name Indication. The function "SSL_ctrl()" has been there since always in OpenSSL, but not with the specific enum SSL_CTRL_SET_TLSEXT_HOSTNAME, so let's avoid the call for older versions. Additionally, fix the resolving of SSL_CTX_load_verify_locations for Symbian (is not used in Symbian yet). Reviewed-by: Markus Goetz
* | | SSL TLS extension on Symbian: work around missing symbolPeter Hartmann2011-02-281-0/+6
| | | | | | | | | | | | | | | | | | | | | ... by defining it ourselves. That symbol is missing in the header files for Symbian. Reviewed-by: Shane Kearns
* | | SSL: Switch default version to TLS 1.0Peter Hartmann2011-02-284-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TLS is backward compatible, so servers only supporting SSL 3 should still work. All browsers send a TLS 1.0 Client Hello these days. However, some servers apparently have problems with a TLS handshake (and a SNI message); for now, wait and see how many of them are broken and either add a fallback to SSLv3 or blacklist them (i.e. set the used SSL version for those servers explicitly). Reviewed-by: Markus Goetz
* | | QSslSocket backend: resolve symbols for SNI for SymbianPeter Hartmann2011-02-281-0/+3
| | | | | | | | | | | | Task-number: QTBUG-1352
* | | Add QSslSocket::setPeerVerifyName()/peerVerifyName()David Faure2011-02-282-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | This allows to set the sslPeerName even when not using connectToHostEncrypted, but rather connectToHost + startClientEncryption Task-number: QTBUG-1352 Merge-request: 1110 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* | | QSslSocket SNI: prefer verificationPeerName then peerName then hostNameDavid Faure2011-02-281-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | As suggested by p--hartmann in a comment for MR 1574. Task-number: QTBUG-1352 Merge-request: 1110 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* | | Add Server Name Identification (RFC4366 section 3.1)Daniel Black2011-02-284-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | ...to client QSslSocket connections when supported by openssl as per task tracker id #188841 Merge-request: 1574 Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
* | | Merge remote branch 'earth/master' into masterJoão Abecasis2011-02-285-14/+71
|\ \ \ | |_|/ |/| |
| * | SSL backend: loat root certificates on demand on Unix (excluding Mac)Peter Hartmann2011-02-235-14/+71
| |/ | | | | | | | | | | | | | | | | | | Previously, on initializing the first QSslSocket, we read all root certificates into memory (~ 150 files). Now, we tell OpenSSL where to find the root certificates, so that they can be loaded on demand (if supported, see 'man c_rehash' for details). Reviewed-by: Markus Goetz Task-number: QTBUG-14016
generated by cgit v0.12 at 2025-01-29 01:26:13 (GMT)