AuroraMiddleware/qt5base-lts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SSL namespace: rename TlsV1 to TlsV1_0

Browse Source 
This is a source-incompatible change.

TlsV1 is ambiguous; what is actually meant is TLS version 1.0. There are
also TLS versions 1.1 and 1.2; we might want to add options for these
once OpenSSL supports them (apparently they will be with OpenSSL version
1.0.1).

Change-Id: I940d020b181b5fa528788ef0c3c47e8ef873796a
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
This commit is contained in:
Peter Hartmann 2011-11-14 12:33:55 +01:00 committed by Qt by Nokia
parent e2628ef943
commit 4dc390e66f
10 changed files with 38 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dist/changes-5.0.0 vendored
View File

@ -60,6 +60,8 @@ information about a particular change.
only the current data row of a data-driven test function. Every skipped
data row is now reported in the test log.
- The QSsl::TlsV1 enum value was renamed to QSsl::TlsV1_0 .
****************************************************************************
* General *
****************************************************************************

2
doc/src/snippets/code/src_network_ssl_qsslconfiguration.cpp
View File

@ -40,6 +40,6 @@
//! [0]
QSslConfiguration config = sslSocket.sslConfiguration();
config.setProtocol(QSsl::TlsV1);
config.setProtocol(QSsl::TlsV1_0);
sslSocket.setSslConfiguration(config);
//! [0]

2
src/network/access/qnetworkrequest.cpp
View File

@ -543,7 +543,7 @@ QSslConfiguration QNetworkRequest::sslConfiguration() const
/*!
Sets this network request's SSL configuration to be \a config. The
settings that apply are the private key, the local certificate,
the SSL protocol (SSLv2, SSLv3, TLSv1 where applicable), the CA
the SSL protocol (SSLv2, SSLv3, TLSv1.0 where applicable), the CA
certificates and the ciphers that the SSL backend is allowed to
use.

8
src/network/ssl/qssl.cpp
View File

@ -103,13 +103,13 @@ QT_BEGIN_NAMESPACE
\value SslV3 SSLv3
\value SslV2 SSLv2
\value TlsV1 TLSv1
\value TlsV1_0 TLSv1.0
\value UnknownProtocol The cipher's protocol cannot be determined.
\value AnyProtocol The socket understands SSLv2, SSLv3, and TLSv1. This
\value AnyProtocol The socket understands SSLv2, SSLv3, and TLSv1.0. This
value is used by QSslSocket only.
\value TlsV1SslV3 On the client side, this will send
a TLS 1.0 Client Hello, enabling TLSv1 and SSLv3 connections.
On the server side, this will enable both SSLv3 and TLSv1 connections.
a TLS 1.0 Client Hello, enabling TLSv1_0 and SSLv3 connections.
On the server side, this will enable both SSLv3 and TLSv1_0 connections.
\value SecureProtocols The default option, using protocols known to be secure;
currently behaves like TlsV1SslV3.

5
src/network/ssl/qssl.h
View File

@ -81,7 +81,10 @@ namespace QSsl {
enum SslProtocol {
SslV3,
SslV2,
TlsV1, // ### Qt 5: rename to TlsV1_0 or so
TlsV1_0,
#if QT_DEPRECATED_SINCE(5,0)
TlsV1 = TlsV1_0,
#endif
AnyProtocol,
TlsV1SslV3,
SecureProtocols,

2
src/network/ssl/qsslconfiguration.cpp
View File

@ -97,7 +97,7 @@ QT_BEGIN_NAMESPACE
change the settings in the related SSL connection. You must call
setSslConfiguration on a modified QSslConfiguration object to
achieve that. The following example illustrates how to change the
protocol to TLSv1 in a QSslSocket object:
protocol to TLSv1_0 in a QSslSocket object:
\snippet doc/src/snippets/code/src_network_ssl_qsslconfiguration.cpp 0

2
src/network/ssl/qsslsocket.cpp
View File

@ -56,7 +56,7 @@
QSslSocket establishes a secure, encrypted TCP connection you can
use for transmitting encrypted data. It can operate in both client
and server mode, and it supports modern SSL protocols, including
SSLv3 and TLSv1. By default, QSslSocket uses TLSv1, but you can
SSLv3 and TLSv1_0. By default, QSslSocket uses TLSv1_0, but you can
change the SSL protocol by calling setProtocol() as long as you do
it before the handshake has started.

8
src/network/ssl/qsslsocket_openssl.cpp
View File

@ -195,7 +195,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(SSL_CIPHER *ciph
else if (protoString == QLatin1String("SSLv2"))
ciph.d->protocol = QSsl::SslV2;
else if (protoString == QLatin1String("TLSv1"))
ciph.d->protocol = QSsl::TlsV1;
ciph.d->protocol = QSsl::TlsV1_0;
if (descriptionList.at(2).startsWith(QLatin1String("Kx=")))
ciph.d->keyExchangeMethod = descriptionList.at(2).mid(3);
@ -236,7 +236,7 @@ bool QSslSocketBackendPrivate::initSslContext()
{
Q_Q(QSslSocket);
// Create and initialize SSL context. Accept SSLv2, SSLv3 and TLSv1.
// Create and initialize SSL context. Accept SSLv2, SSLv3 and TLSv1_0.
bool client = (mode == QSslSocket::SslClientMode);
bool reinitialized = false;
@ -254,7 +254,7 @@ init_context:
default:
ctx = q_SSL_CTX_new(client ? q_SSLv23_client_method() : q_SSLv23_server_method());
break;
case QSsl::TlsV1:
case QSsl::TlsV1_0:
ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method());
break;
}
@ -430,7 +430,7 @@ init_context:
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
if ((configuration.protocol == QSsl::TlsV1SslV3 ||
configuration.protocol == QSsl::TlsV1 ||
configuration.protocol == QSsl::TlsV1_0 ||
configuration.protocol == QSsl::SecureProtocols ||
configuration.protocol == QSsl::AnyProtocol) &&
client && q_SSLeay() >= 0x00090806fL) {

34
tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
View File

@ -823,18 +823,18 @@ void tst_QSslSocket::protocol()
}
{
// Fluke allows TLSV1.
socket->setProtocol(QSsl::TlsV1);
QCOMPARE(socket->protocol(), QSsl::TlsV1);
socket->setProtocol(QSsl::TlsV1_0);
QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
QCOMPARE(socket->protocol(), QSsl::TlsV1);
QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->abort();
QCOMPARE(socket->protocol(), QSsl::TlsV1);
QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->connectToHost(QtNetworkSettings::serverName(), 443);
QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString()));
socket->startClientEncryption();
QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
QCOMPARE(socket->protocol(), QSsl::TlsV1);
QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->abort();
}
{
@ -892,7 +892,7 @@ class SslServer : public QTcpServer
public:
SslServer(const QString &keyFile = SRCDIR "certs/fluke.key", const QString &certFile = SRCDIR "certs/fluke.cert")
: socket(0),
protocol(QSsl::TlsV1),
protocol(QSsl::TlsV1_0),
m_keyFile(keyFile),
m_certFile(certFile) { }
QSslSocket *socket;
@ -943,46 +943,46 @@ void tst_QSslSocket::protocolServerSide_data()
QTest::newRow("ssl2-ssl2") << QSsl::SslV2 << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("ssl3-ssl3") << QSsl::SslV3 << QSsl::SslV3 << true;
QTest::newRow("tls1-tls1") << QSsl::TlsV1 << QSsl::TlsV1 << true;
QTest::newRow("tls1.0-tls1.0") << QSsl::TlsV1_0 << QSsl::TlsV1_0 << true;
QTest::newRow("tls1ssl3-tls1ssl3") << QSsl::TlsV1SslV3 << QSsl::TlsV1SslV3 << true;
QTest::newRow("any-any") << QSsl::AnyProtocol << QSsl::AnyProtocol << true;
QTest::newRow("secure-secure") << QSsl::SecureProtocols << QSsl::SecureProtocols << true;
QTest::newRow("ssl2-ssl3") << QSsl::SslV2 << QSsl::SslV3 << false;
QTest::newRow("ssl2-tls1") << QSsl::SslV2 << QSsl::TlsV1 << false;
QTest::newRow("ssl2-tls1.0") << QSsl::SslV2 << QSsl::TlsV1_0 << false;
QTest::newRow("ssl2-tls1ssl3") << QSsl::SslV2 << QSsl::TlsV1SslV3 << false;
QTest::newRow("ssl2-secure") << QSsl::SslV2 << QSsl::SecureProtocols << false;
QTest::newRow("ssl2-any") << QSsl::SslV2 << QSsl::AnyProtocol << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("ssl3-ssl2") << QSsl::SslV3 << QSsl::SslV2 << false;
QTest::newRow("ssl3-tls1") << QSsl::SslV3 << QSsl::TlsV1 << false;
QTest::newRow("ssl3-tls1.0") << QSsl::SslV3 << QSsl::TlsV1_0 << false;
QTest::newRow("ssl3-tls1ssl3") << QSsl::SslV3 << QSsl::TlsV1SslV3 << true;
QTest::newRow("ssl3-secure") << QSsl::SslV3 << QSsl::SecureProtocols << true;
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
// numerical IP, so OpenSSL will send a SSL 2 handshake
QTest::newRow("tls1-ssl2") << QSsl::TlsV1 << QSsl::SslV2 << false;
QTest::newRow("tls1-ssl3") << QSsl::TlsV1 << QSsl::SslV3 << false;
QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1 << QSsl::TlsV1SslV3 << true;
QTest::newRow("tls1-secure") << QSsl::TlsV1 << QSsl::SecureProtocols << true;
QTest::newRow("tls1-any") << QSsl::TlsV1 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
QTest::newRow("tls1.0-ssl2") << QSsl::TlsV1_0 << QSsl::SslV2 << false;
QTest::newRow("tls1.0-ssl3") << QSsl::TlsV1_0 << QSsl::SslV3 << false;
QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1_0 << QSsl::TlsV1SslV3 << true;
QTest::newRow("tls1.0-secure") << QSsl::TlsV1_0 << QSsl::SecureProtocols << true;
QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
// numerical IP, so OpenSSL will send a SSL 2 handshake
QTest::newRow("tls1ssl3-ssl2") << QSsl::TlsV1SslV3 << QSsl::SslV2 << false;
QTest::newRow("tls1ssl3-ssl3") << QSsl::TlsV1SslV3 << QSsl::SslV3 << true;
QTest::newRow("tls1ssl3-tls1") << QSsl::TlsV1SslV3 << QSsl::TlsV1 << true;
QTest::newRow("tls1ssl3-tls1.0") << QSsl::TlsV1SslV3 << QSsl::TlsV1_0 << true;
QTest::newRow("tls1ssl3-secure") << QSsl::TlsV1SslV3 << QSsl::SecureProtocols << true;
QTest::newRow("tls1ssl3-any") << QSsl::TlsV1SslV3 << QSsl::AnyProtocol << true;
QTest::newRow("secure-ssl2") << QSsl::SecureProtocols << QSsl::SslV2 << false;
QTest::newRow("secure-ssl3") << QSsl::SecureProtocols << QSsl::SslV3 << true;
QTest::newRow("secure-tls1") << QSsl::SecureProtocols << QSsl::TlsV1 << true;
QTest::newRow("secure-tls1.0") << QSsl::SecureProtocols << QSsl::TlsV1_0 << true;
QTest::newRow("secure-tls1ssl3") << QSsl::SecureProtocols << QSsl::TlsV1SslV3 << true;
QTest::newRow("secure-any") << QSsl::SecureProtocols << QSsl::AnyProtocol << true;
QTest::newRow("any-ssl2") << QSsl::AnyProtocol << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("any-ssl3") << QSsl::AnyProtocol << QSsl::SslV3 << true;
QTest::newRow("any-tls1") << QSsl::AnyProtocol << QSsl::TlsV1 << true;
QTest::newRow("any-tls1.0") << QSsl::AnyProtocol << QSsl::TlsV1_0 << true;
QTest::newRow("any-tls1ssl3") << QSsl::AnyProtocol << QSsl::TlsV1SslV3 << true;
QTest::newRow("any-secure") << QSsl::AnyProtocol << QSsl::SecureProtocols << true;
}

6
tests/manual/network_remote_stresstest/tst_network_remote_stresstest.cpp
View File

@ -253,7 +253,7 @@ void tst_NetworkRemoteStressTest::blockingSequentialRemoteHosts()
QVERIFY2(socket->waitForConnected(10000), "Timeout connecting to " + url.encodedHost());
if (isHttps) {
static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1);
static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket.data())->startClientEncryption();
static_cast<QSslSocket *>(socket.data())->ignoreSslErrors();
QVERIFY2(static_cast<QSslSocket *>(socket.data())->waitForEncrypted(10000), "Timeout starting TLS with " + url.encodedHost());
@ -306,7 +306,7 @@ void tst_NetworkRemoteStressTest::sequentialRemoteHosts()
socket = QSharedPointer<QTcpSocket>(new QTcpSocket);
}
if (isHttps) {
static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1);
static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket.data())->connectToHostEncrypted(url.host(), url.port(443));
static_cast<QSslSocket *>(socket.data())->ignoreSslErrors();
} else {
@ -377,7 +377,7 @@ void tst_NetworkRemoteStressTest::parallelRemoteHosts()
else
socket = new QTcpSocket;
if (isHttps) {
static_cast<QSslSocket *>(socket)->setProtocol(QSsl::TlsV1);
static_cast<QSslSocket *>(socket)->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket)->connectToHostEncrypted(url.host(), url.port(443));
static_cast<QSslSocket *>(socket)->ignoreSslErrors();
} else {