Add SecureTransport based SSL backend for iOS and OS X
Add support for SSL on iOS/OS X by adding a SecureTransport based backend. [ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X, implemented with Apple's Secure Transport (Security Framework). Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b Reviewed-by: Richard J. Moore <rich@kde.org>
This commit is contained in:
parent
a7fe3309d6
commit
5382312e5c
21
configure
vendored
21
configure
vendored
@ -665,6 +665,7 @@ CFG_GLIB=auto
|
|||||||
CFG_QGTKSTYLE=auto
|
CFG_QGTKSTYLE=auto
|
||||||
CFG_LARGEFILE=auto
|
CFG_LARGEFILE=auto
|
||||||
CFG_OPENSSL=auto
|
CFG_OPENSSL=auto
|
||||||
|
CFG_SECURETRANSPORT=auto
|
||||||
CFG_PRECOMPILE=auto
|
CFG_PRECOMPILE=auto
|
||||||
CFG_SEPARATE_DEBUG_INFO=no
|
CFG_SEPARATE_DEBUG_INFO=no
|
||||||
CFG_REDUCE_EXPORTS=auto
|
CFG_REDUCE_EXPORTS=auto
|
||||||
@ -1956,6 +1957,13 @@ while [ "$#" -gt 0 ]; do
|
|||||||
UNKNOWN_OPT=yes
|
UNKNOWN_OPT=yes
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
securetransport)
|
||||||
|
if [ "$VAL" = "yes" ] || [ "$VAL" = "no" ]; then
|
||||||
|
CFG_SECURETRANSPORT="$VAL"
|
||||||
|
else
|
||||||
|
UNKNOWN_OPT=yes
|
||||||
|
fi
|
||||||
|
;;
|
||||||
qml-debug)
|
qml-debug)
|
||||||
if [ "$VAL" = "yes" ]; then
|
if [ "$VAL" = "yes" ]; then
|
||||||
CFG_QML_DEBUG="yes"
|
CFG_QML_DEBUG="yes"
|
||||||
@ -5698,6 +5706,12 @@ if [ "$CFG_OPENSSL" != "no" ]; then
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ "$CFG_SECURETRANSPORT" != "no" ] && [ "$CFG_OPENSSL" = "no" ] && [ "$XPLATFORM_MAC" = "yes" ]; then
|
||||||
|
CFG_SECURETRANSPORT=yes
|
||||||
|
else
|
||||||
|
CFG_SECURETRANSPORT=no
|
||||||
|
fi
|
||||||
|
|
||||||
# detect PCRE
|
# detect PCRE
|
||||||
if [ "$CFG_PCRE" != "qt" ]; then
|
if [ "$CFG_PCRE" != "qt" ]; then
|
||||||
if compileTest unix/pcre "PCRE"; then
|
if compileTest unix/pcre "PCRE"; then
|
||||||
@ -5980,6 +5994,7 @@ fi
|
|||||||
[ "$CFG_DBUS" = "linked" ] && QT_CONFIG="$QT_CONFIG dbus-linked"
|
[ "$CFG_DBUS" = "linked" ] && QT_CONFIG="$QT_CONFIG dbus-linked"
|
||||||
[ "$CFG_OPENSSL" = "yes" ] && QT_CONFIG="$QT_CONFIG openssl"
|
[ "$CFG_OPENSSL" = "yes" ] && QT_CONFIG="$QT_CONFIG openssl"
|
||||||
[ "$CFG_OPENSSL" = "linked" ] && QT_CONFIG="$QT_CONFIG openssl-linked"
|
[ "$CFG_OPENSSL" = "linked" ] && QT_CONFIG="$QT_CONFIG openssl-linked"
|
||||||
|
[ "$CFG_SECURETRANSPORT" = "yes" ] && QT_CONFIG="$QT_CONFIG ssl securetransport"
|
||||||
[ "$CFG_XCB" != "no" ] && QT_CONFIG="$QT_CONFIG xcb"
|
[ "$CFG_XCB" != "no" ] && QT_CONFIG="$QT_CONFIG xcb"
|
||||||
[ "$CFG_XINPUT2" = "yes" ] && QT_CONFIG="$QT_CONFIG xinput2"
|
[ "$CFG_XINPUT2" = "yes" ] && QT_CONFIG="$QT_CONFIG xinput2"
|
||||||
[ "$CFG_SYSTEM_PROXIES" = "yes" ] && QT_CONFIG="$QT_CONFIG system-proxies"
|
[ "$CFG_SYSTEM_PROXIES" = "yes" ] && QT_CONFIG="$QT_CONFIG system-proxies"
|
||||||
@ -6387,8 +6402,10 @@ QMakeVar set sql-plugins "$SQL_PLUGINS"
|
|||||||
[ "$CFG_INOTIFY" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_INOTIFY"
|
[ "$CFG_INOTIFY" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_INOTIFY"
|
||||||
[ "$CFG_EVENTFD" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_EVENTFD"
|
[ "$CFG_EVENTFD" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_EVENTFD"
|
||||||
[ "$CFG_NIS" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_NIS"
|
[ "$CFG_NIS" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_NIS"
|
||||||
[ "$CFG_OPENSSL" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_OPENSSL QT_NO_SSL"
|
[ "$CFG_OPENSSL" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_OPENSSL"
|
||||||
[ "$CFG_OPENSSL" = "linked" ]&& QCONFIG_FLAGS="$QCONFIG_FLAGS QT_LINKED_OPENSSL"
|
[ "$CFG_OPENSSL" = "linked" ]&& QCONFIG_FLAGS="$QCONFIG_FLAGS QT_LINKED_OPENSSL"
|
||||||
|
[ "$CFG_OPENSSL" = "no" ] && [ "$CFG_SECURETRANSPORT" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_SSL"
|
||||||
|
[ "$CFG_SECURETRANSPORT" = "yes" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_SECURETRANSPORT"
|
||||||
|
|
||||||
[ "$CFG_SM" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_SESSIONMANAGER"
|
[ "$CFG_SM" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_SESSIONMANAGER"
|
||||||
[ "$CFG_TSLIB" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_TSLIB"
|
[ "$CFG_TSLIB" = "no" ] && QCONFIG_FLAGS="$QCONFIG_FLAGS QT_NO_TSLIB"
|
||||||
@ -6818,6 +6835,8 @@ report_support " getaddrinfo .........." "$CFG_GETADDRINFO"
|
|||||||
report_support " getifaddrs ..........." "$CFG_GETIFADDRS"
|
report_support " getifaddrs ..........." "$CFG_GETIFADDRS"
|
||||||
report_support " IPv6 ifname .........." "$CFG_IPV6IFNAME"
|
report_support " IPv6 ifname .........." "$CFG_IPV6IFNAME"
|
||||||
report_support " OpenSSL .............." "$CFG_OPENSSL" yes "loading libraries at run-time" linked "linked to the libraries"
|
report_support " OpenSSL .............." "$CFG_OPENSSL" yes "loading libraries at run-time" linked "linked to the libraries"
|
||||||
|
[ "$XPLATFORM_MAC" = "yes" ] && \
|
||||||
|
report_support " SecureTransport ......" "$CFG_SECURETRANSPORT"
|
||||||
report_support " NIS ...................." "$CFG_NIS"
|
report_support " NIS ...................." "$CFG_NIS"
|
||||||
report_support " OpenGL / OpenVG:"
|
report_support " OpenGL / OpenVG:"
|
||||||
report_support " EGL .................." "$CFG_EGL"
|
report_support " EGL .................." "$CFG_EGL"
|
||||||
|
@ -105,12 +105,16 @@
|
|||||||
\value EmailAddress The email address associated with the certificate
|
\value EmailAddress The email address associated with the certificate
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <QtCore/qglobal.h>
|
||||||
#ifndef QT_NO_OPENSSL
|
#ifndef QT_NO_OPENSSL
|
||||||
#include "qsslsocket_openssl_symbols_p.h"
|
#include "qsslsocket_openssl_symbols_p.h"
|
||||||
#endif
|
#endif
|
||||||
#ifdef Q_OS_WINRT
|
#ifdef Q_OS_WINRT
|
||||||
#include "qsslsocket_winrt_p.h"
|
#include "qsslsocket_winrt_p.h"
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef QT_SECURETRANSPORT
|
||||||
|
#include "qsslsocket_mac_p.h"
|
||||||
|
#endif
|
||||||
|
|
||||||
#include "qssl_p.h"
|
#include "qssl_p.h"
|
||||||
#include "qsslcertificate.h"
|
#include "qsslcertificate.h"
|
||||||
|
91
src/network/ssl/qsslkey_mac.cpp
Normal file
91
src/network/ssl/qsslkey_mac.cpp
Normal file
@ -0,0 +1,91 @@
|
|||||||
|
/****************************************************************************
|
||||||
|
**
|
||||||
|
** Copyright (C) 2014 Jeremy Lainé <jeremy.laine@m4x.org>
|
||||||
|
** Contact: http://www.qt-project.org/legal
|
||||||
|
**
|
||||||
|
** This file is part of the QtNetwork module of the Qt Toolkit.
|
||||||
|
**
|
||||||
|
** $QT_BEGIN_LICENSE:LGPL$
|
||||||
|
** Commercial License Usage
|
||||||
|
** Licensees holding valid commercial Qt licenses may use this file in
|
||||||
|
** accordance with the commercial license agreement provided with the
|
||||||
|
** Software or, alternatively, in accordance with the terms contained in
|
||||||
|
** a written agreement between you and Digia. For licensing terms and
|
||||||
|
** conditions see http://qt.digia.com/licensing. For further information
|
||||||
|
** use the contact form at http://qt.digia.com/contact-us.
|
||||||
|
**
|
||||||
|
** GNU Lesser General Public License Usage
|
||||||
|
** Alternatively, this file may be used under the terms of the GNU Lesser
|
||||||
|
** General Public License version 2.1 as published by the Free Software
|
||||||
|
** Foundation and appearing in the file LICENSE.LGPL included in the
|
||||||
|
** packaging of this file. Please review the following information to
|
||||||
|
** ensure the GNU Lesser General Public License version 2.1 requirements
|
||||||
|
** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
|
||||||
|
**
|
||||||
|
** In addition, as a special exception, Digia gives you certain additional
|
||||||
|
** rights. These rights are described in the Digia Qt LGPL Exception
|
||||||
|
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
|
||||||
|
**
|
||||||
|
** GNU General Public License Usage
|
||||||
|
** Alternatively, this file may be used under the terms of the GNU
|
||||||
|
** General Public License version 3.0 as published by the Free Software
|
||||||
|
** Foundation and appearing in the file LICENSE.GPL included in the
|
||||||
|
** packaging of this file. Please review the following information to
|
||||||
|
** ensure the GNU General Public License version 3.0 requirements will be
|
||||||
|
** met: http://www.gnu.org/copyleft/gpl.html.
|
||||||
|
**
|
||||||
|
**
|
||||||
|
** $QT_END_LICENSE$
|
||||||
|
**
|
||||||
|
****************************************************************************/
|
||||||
|
|
||||||
|
#include "qsslkey.h"
|
||||||
|
#include "qsslkey_p.h"
|
||||||
|
|
||||||
|
#include <CommonCrypto/CommonCrypto.h>
|
||||||
|
|
||||||
|
QT_USE_NAMESPACE
|
||||||
|
|
||||||
|
static QByteArray wrapCCCrypt(CCOperation ccOp,
|
||||||
|
QSslKeyPrivate::Cipher cipher,
|
||||||
|
const QByteArray &data,
|
||||||
|
const QByteArray &key, const QByteArray &iv)
|
||||||
|
{
|
||||||
|
int blockSize;
|
||||||
|
CCAlgorithm ccAlgorithm;
|
||||||
|
switch (cipher) {
|
||||||
|
case QSslKeyPrivate::DesCbc:
|
||||||
|
blockSize = kCCBlockSizeDES;
|
||||||
|
ccAlgorithm = kCCAlgorithmDES;
|
||||||
|
break;
|
||||||
|
case QSslKeyPrivate::DesEde3Cbc:
|
||||||
|
blockSize = kCCBlockSize3DES;
|
||||||
|
ccAlgorithm = kCCAlgorithm3DES;
|
||||||
|
break;
|
||||||
|
case QSslKeyPrivate::Rc2Cbc:
|
||||||
|
blockSize = kCCBlockSizeRC2;
|
||||||
|
ccAlgorithm = kCCAlgorithmRC2;
|
||||||
|
break;
|
||||||
|
};
|
||||||
|
size_t plainLength = 0;
|
||||||
|
QByteArray plain(data.size() + blockSize, 0);
|
||||||
|
CCCryptorStatus status = CCCrypt(
|
||||||
|
ccOp, ccAlgorithm, kCCOptionPKCS7Padding,
|
||||||
|
key.constData(), key.size(),
|
||||||
|
iv.constData(),
|
||||||
|
data.constData(), data.size(),
|
||||||
|
plain.data(), plain.size(), &plainLength);
|
||||||
|
if (status == kCCSuccess)
|
||||||
|
return plain.left(plainLength);
|
||||||
|
return QByteArray();
|
||||||
|
}
|
||||||
|
|
||||||
|
QByteArray QSslKeyPrivate::decrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv)
|
||||||
|
{
|
||||||
|
return wrapCCCrypt(kCCDecrypt, cipher, data, key, iv);
|
||||||
|
}
|
||||||
|
|
||||||
|
QByteArray QSslKeyPrivate::encrypt(Cipher cipher, const QByteArray &data, const QByteArray &key, const QByteArray &iv)
|
||||||
|
{
|
||||||
|
return wrapCCCrypt(kCCEncrypt, cipher, data, key, iv);
|
||||||
|
}
|
@ -312,6 +312,9 @@
|
|||||||
#ifdef Q_OS_WINRT
|
#ifdef Q_OS_WINRT
|
||||||
#include "qsslsocket_winrt_p.h"
|
#include "qsslsocket_winrt_p.h"
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef QT_SECURETRANSPORT
|
||||||
|
#include "qsslsocket_mac_p.h"
|
||||||
|
#endif
|
||||||
#include "qsslconfiguration_p.h"
|
#include "qsslconfiguration_p.h"
|
||||||
|
|
||||||
#include <QtCore/qdebug.h>
|
#include <QtCore/qdebug.h>
|
||||||
|
1443
src/network/ssl/qsslsocket_mac.cpp
Normal file
1443
src/network/ssl/qsslsocket_mac.cpp
Normal file
File diff suppressed because it is too large
Load Diff
125
src/network/ssl/qsslsocket_mac_p.h
Normal file
125
src/network/ssl/qsslsocket_mac_p.h
Normal file
@ -0,0 +1,125 @@
|
|||||||
|
/****************************************************************************
|
||||||
|
**
|
||||||
|
** Copyright (C) 2014 Jeremy Lainé <jeremy.laine@m4x.org>
|
||||||
|
** Contact: http://www.qt-project.org/legal
|
||||||
|
**
|
||||||
|
** This file is part of the QtNetwork module of the Qt Toolkit.
|
||||||
|
**
|
||||||
|
** $QT_BEGIN_LICENSE:LGPL$
|
||||||
|
** Commercial License Usage
|
||||||
|
** Licensees holding valid commercial Qt licenses may use this file in
|
||||||
|
** accordance with the commercial license agreement provided with the
|
||||||
|
** Software or, alternatively, in accordance with the terms contained in
|
||||||
|
** a written agreement between you and Digia. For licensing terms and
|
||||||
|
** conditions see http://qt.digia.com/licensing. For further information
|
||||||
|
** use the contact form at http://qt.digia.com/contact-us.
|
||||||
|
**
|
||||||
|
** GNU Lesser General Public License Usage
|
||||||
|
** Alternatively, this file may be used under the terms of the GNU Lesser
|
||||||
|
** General Public License version 2.1 as published by the Free Software
|
||||||
|
** Foundation and appearing in the file LICENSE.LGPL included in the
|
||||||
|
** packaging of this file. Please review the following information to
|
||||||
|
** ensure the GNU Lesser General Public License version 2.1 requirements
|
||||||
|
** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
|
||||||
|
**
|
||||||
|
** In addition, as a special exception, Digia gives you certain additional
|
||||||
|
** rights. These rights are described in the Digia Qt LGPL Exception
|
||||||
|
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
|
||||||
|
**
|
||||||
|
** GNU General Public License Usage
|
||||||
|
** Alternatively, this file may be used under the terms of the GNU
|
||||||
|
** General Public License version 3.0 as published by the Free Software
|
||||||
|
** Foundation and appearing in the file LICENSE.GPL included in the
|
||||||
|
** packaging of this file. Please review the following information to
|
||||||
|
** ensure the GNU General Public License version 3.0 requirements will be
|
||||||
|
** met: http://www.gnu.org/copyleft/gpl.html.
|
||||||
|
**
|
||||||
|
**
|
||||||
|
** $QT_END_LICENSE$
|
||||||
|
**
|
||||||
|
****************************************************************************/
|
||||||
|
|
||||||
|
#ifndef QSSLSOCKET_MAC_P_H
|
||||||
|
#define QSSLSOCKET_MAC_P_H
|
||||||
|
|
||||||
|
//
|
||||||
|
// W A R N I N G
|
||||||
|
// -------------
|
||||||
|
//
|
||||||
|
// This file is not part of the Qt API. It exists for the convenience
|
||||||
|
// of the QtNetwork library. This header file may change from
|
||||||
|
// version to version without notice, or even be removed.
|
||||||
|
//
|
||||||
|
// We mean it.
|
||||||
|
//
|
||||||
|
|
||||||
|
#include <QtCore/private/qcore_mac_p.h>
|
||||||
|
|
||||||
|
#include <QtCore/qstring.h>
|
||||||
|
#include <QtCore/qglobal.h>
|
||||||
|
#include <QtCore/qlist.h>
|
||||||
|
|
||||||
|
#include "qabstractsocket.h"
|
||||||
|
#include "qsslsocket_p.h"
|
||||||
|
|
||||||
|
#include <Security/Security.h>
|
||||||
|
#include <Security/SecureTransport.h>
|
||||||
|
|
||||||
|
QT_BEGIN_NAMESPACE
|
||||||
|
|
||||||
|
class QSslSocketBackendPrivate : public QSslSocketPrivate
|
||||||
|
{
|
||||||
|
Q_DECLARE_PUBLIC(QSslSocket)
|
||||||
|
public:
|
||||||
|
QSslSocketBackendPrivate();
|
||||||
|
virtual ~QSslSocketBackendPrivate();
|
||||||
|
|
||||||
|
// Final-overriders (QSslSocketPrivate):
|
||||||
|
void continueHandshake() Q_DECL_OVERRIDE;
|
||||||
|
void disconnected() Q_DECL_OVERRIDE;
|
||||||
|
void disconnectFromHost() Q_DECL_OVERRIDE;
|
||||||
|
QSslCipher sessionCipher() const Q_DECL_OVERRIDE;
|
||||||
|
QSsl::SslProtocol sessionProtocol() const Q_DECL_OVERRIDE;
|
||||||
|
void startClientEncryption() Q_DECL_OVERRIDE;
|
||||||
|
void startServerEncryption() Q_DECL_OVERRIDE;
|
||||||
|
void transmit() Q_DECL_OVERRIDE;
|
||||||
|
|
||||||
|
static QList<QSslError> (verify)(QList<QSslCertificate> certificateChain,
|
||||||
|
const QString &hostName);
|
||||||
|
|
||||||
|
static bool importPkcs12(QIODevice *device,
|
||||||
|
QSslKey *key, QSslCertificate *cert,
|
||||||
|
QList<QSslCertificate> *caCertificates,
|
||||||
|
const QByteArray &passPhrase);
|
||||||
|
|
||||||
|
static QSslCipher QSslCipher_from_SSLCipherSuite(SSLCipherSuite cipher);
|
||||||
|
|
||||||
|
private:
|
||||||
|
// SSL context management/properties:
|
||||||
|
bool initSslContext();
|
||||||
|
void destroySslContext();
|
||||||
|
bool setSessionCertificate(QString &errorDescription,
|
||||||
|
QAbstractSocket::SocketError &errorCode);
|
||||||
|
bool setSessionProtocol();
|
||||||
|
// Aux. functions to do a verification during handshake phase:
|
||||||
|
bool verifySessionProtocol() const;
|
||||||
|
bool verifyPeerTrust();
|
||||||
|
|
||||||
|
bool checkSslErrors();
|
||||||
|
bool startHandshake();
|
||||||
|
|
||||||
|
// Aux. function, sets:
|
||||||
|
//1) socket error code,
|
||||||
|
//2) error string (description)
|
||||||
|
//3) emits a signal.
|
||||||
|
void setError(const QString &errorString,
|
||||||
|
QAbstractSocket::SocketError errorCode);
|
||||||
|
|
||||||
|
mutable QCFType<SSLContextRef> context;
|
||||||
|
|
||||||
|
Q_DISABLE_COPY(QSslSocketBackendPrivate);
|
||||||
|
};
|
||||||
|
|
||||||
|
QT_END_NAMESPACE
|
||||||
|
|
||||||
|
#endif
|
@ -53,6 +53,8 @@
|
|||||||
#include "qsslconfiguration_p.h"
|
#include "qsslconfiguration_p.h"
|
||||||
#ifndef QT_NO_OPENSSL
|
#ifndef QT_NO_OPENSSL
|
||||||
#include <private/qsslcontext_openssl_p.h>
|
#include <private/qsslcontext_openssl_p.h>
|
||||||
|
#else
|
||||||
|
class QSslContext;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <QtCore/qstringlist.h>
|
#include <QtCore/qstringlist.h>
|
||||||
|
@ -40,6 +40,15 @@ contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, op
|
|||||||
ssl/qsslsocket_winrt.cpp \
|
ssl/qsslsocket_winrt.cpp \
|
||||||
ssl/qsslellipticcurve_dummy.cpp
|
ssl/qsslellipticcurve_dummy.cpp
|
||||||
}
|
}
|
||||||
|
|
||||||
|
contains(QT_CONFIG, securetransport) {
|
||||||
|
HEADERS += ssl/qsslsocket_mac_p.h
|
||||||
|
SOURCES += ssl/qsslcertificate_qt.cpp \
|
||||||
|
ssl/qsslkey_qt.cpp \
|
||||||
|
ssl/qsslkey_mac.cpp \
|
||||||
|
ssl/qsslsocket_mac.cpp \
|
||||||
|
ssl/qsslellipticcurve_dummy.cpp
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) {
|
contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) {
|
||||||
|
@ -32,7 +32,7 @@
|
|||||||
**
|
**
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
|
#include <QtCore/qglobal.h>
|
||||||
#include <QtCore/qthread.h>
|
#include <QtCore/qthread.h>
|
||||||
#include <QtNetwork/qhostaddress.h>
|
#include <QtNetwork/qhostaddress.h>
|
||||||
#include <QtNetwork/qhostinfo.h>
|
#include <QtNetwork/qhostinfo.h>
|
||||||
@ -992,7 +992,7 @@ void tst_QSslSocket::protocol()
|
|||||||
socket->abort();
|
socket->abort();
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
{
|
{
|
||||||
// qt-test-server allows SSLV2.
|
// qt-test-server allows SSLV2.
|
||||||
socket->setProtocol(QSsl::SslV2);
|
socket->setProtocol(QSsl::SslV2);
|
||||||
@ -1129,7 +1129,7 @@ void tst_QSslSocket::protocolServerSide_data()
|
|||||||
QTest::addColumn<QSsl::SslProtocol>("clientProtocol");
|
QTest::addColumn<QSsl::SslProtocol>("clientProtocol");
|
||||||
QTest::addColumn<bool>("works");
|
QTest::addColumn<bool>("works");
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("ssl2-ssl2") << QSsl::SslV2 << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
|
QTest::newRow("ssl2-ssl2") << QSsl::SslV2 << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("ssl3-ssl3") << QSsl::SslV3 << QSsl::SslV3 << true;
|
QTest::newRow("ssl3-ssl3") << QSsl::SslV3 << QSsl::SslV3 << true;
|
||||||
@ -1138,7 +1138,7 @@ void tst_QSslSocket::protocolServerSide_data()
|
|||||||
QTest::newRow("any-any") << QSsl::AnyProtocol << QSsl::AnyProtocol << true;
|
QTest::newRow("any-any") << QSsl::AnyProtocol << QSsl::AnyProtocol << true;
|
||||||
QTest::newRow("secure-secure") << QSsl::SecureProtocols << QSsl::SecureProtocols << true;
|
QTest::newRow("secure-secure") << QSsl::SecureProtocols << QSsl::SecureProtocols << true;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("ssl2-ssl3") << QSsl::SslV2 << QSsl::SslV3 << false;
|
QTest::newRow("ssl2-ssl3") << QSsl::SslV2 << QSsl::SslV3 << false;
|
||||||
QTest::newRow("ssl2-tls1.0") << QSsl::SslV2 << QSsl::TlsV1_0 << false;
|
QTest::newRow("ssl2-tls1.0") << QSsl::SslV2 << QSsl::TlsV1_0 << false;
|
||||||
QTest::newRow("ssl2-tls1ssl3") << QSsl::SslV2 << QSsl::TlsV1SslV3 << false;
|
QTest::newRow("ssl2-tls1ssl3") << QSsl::SslV2 << QSsl::TlsV1SslV3 << false;
|
||||||
@ -1146,33 +1146,33 @@ void tst_QSslSocket::protocolServerSide_data()
|
|||||||
QTest::newRow("ssl2-any") << QSsl::SslV2 << QSsl::AnyProtocol << false; // no idea why it does not work, but we don't care about SSL 2
|
QTest::newRow("ssl2-any") << QSsl::SslV2 << QSsl::AnyProtocol << false; // no idea why it does not work, but we don't care about SSL 2
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("ssl3-ssl2") << QSsl::SslV3 << QSsl::SslV2 << false;
|
QTest::newRow("ssl3-ssl2") << QSsl::SslV3 << QSsl::SslV2 << false;
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("ssl3-tls1.0") << QSsl::SslV3 << QSsl::TlsV1_0 << false;
|
QTest::newRow("ssl3-tls1.0") << QSsl::SslV3 << QSsl::TlsV1_0 << false;
|
||||||
QTest::newRow("ssl3-tls1ssl3") << QSsl::SslV3 << QSsl::TlsV1SslV3 << true;
|
QTest::newRow("ssl3-tls1ssl3") << QSsl::SslV3 << QSsl::TlsV1SslV3 << true;
|
||||||
QTest::newRow("ssl3-secure") << QSsl::SslV3 << QSsl::SecureProtocols << false;
|
QTest::newRow("ssl3-secure") << QSsl::SslV3 << QSsl::SecureProtocols << false;
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << false; // we won't set a SNI header here because we connect to a
|
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << false; // we won't set a SNI header here because we connect to a
|
||||||
// numerical IP, so OpenSSL will send a SSL 2 handshake
|
// numerical IP, so OpenSSL will send a SSL 2 handshake
|
||||||
#else
|
#else
|
||||||
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << true;
|
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << true;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("tls1.0-ssl2") << QSsl::TlsV1_0 << QSsl::SslV2 << false;
|
QTest::newRow("tls1.0-ssl2") << QSsl::TlsV1_0 << QSsl::SslV2 << false;
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("tls1.0-ssl3") << QSsl::TlsV1_0 << QSsl::SslV3 << false;
|
QTest::newRow("tls1.0-ssl3") << QSsl::TlsV1_0 << QSsl::SslV3 << false;
|
||||||
QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1_0 << QSsl::TlsV1SslV3 << true;
|
QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1_0 << QSsl::TlsV1SslV3 << true;
|
||||||
QTest::newRow("tls1.0-secure") << QSsl::TlsV1_0 << QSsl::SecureProtocols << true;
|
QTest::newRow("tls1.0-secure") << QSsl::TlsV1_0 << QSsl::SecureProtocols << true;
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << false; // we won't set a SNI header here because we connect to a
|
QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << false; // we won't set a SNI header here because we connect to a
|
||||||
// numerical IP, so OpenSSL will send a SSL 2 handshake
|
// numerical IP, so OpenSSL will send a SSL 2 handshake
|
||||||
#else
|
#else
|
||||||
QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << true;
|
QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << true;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("tls1ssl3-ssl2") << QSsl::TlsV1SslV3 << QSsl::SslV2 << false;
|
QTest::newRow("tls1ssl3-ssl2") << QSsl::TlsV1SslV3 << QSsl::SslV2 << false;
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("tls1ssl3-ssl3") << QSsl::TlsV1SslV3 << QSsl::SslV3 << true;
|
QTest::newRow("tls1ssl3-ssl3") << QSsl::TlsV1SslV3 << QSsl::SslV3 << true;
|
||||||
@ -1180,7 +1180,7 @@ void tst_QSslSocket::protocolServerSide_data()
|
|||||||
QTest::newRow("tls1ssl3-secure") << QSsl::TlsV1SslV3 << QSsl::SecureProtocols << true;
|
QTest::newRow("tls1ssl3-secure") << QSsl::TlsV1SslV3 << QSsl::SecureProtocols << true;
|
||||||
QTest::newRow("tls1ssl3-any") << QSsl::TlsV1SslV3 << QSsl::AnyProtocol << true;
|
QTest::newRow("tls1ssl3-any") << QSsl::TlsV1SslV3 << QSsl::AnyProtocol << true;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("secure-ssl2") << QSsl::SecureProtocols << QSsl::SslV2 << false;
|
QTest::newRow("secure-ssl2") << QSsl::SecureProtocols << QSsl::SslV2 << false;
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("secure-ssl3") << QSsl::SecureProtocols << QSsl::SslV3 << false;
|
QTest::newRow("secure-ssl3") << QSsl::SecureProtocols << QSsl::SslV3 << false;
|
||||||
@ -1188,7 +1188,7 @@ void tst_QSslSocket::protocolServerSide_data()
|
|||||||
QTest::newRow("secure-tls1ssl3") << QSsl::SecureProtocols << QSsl::TlsV1SslV3 << true;
|
QTest::newRow("secure-tls1ssl3") << QSsl::SecureProtocols << QSsl::TlsV1SslV3 << true;
|
||||||
QTest::newRow("secure-any") << QSsl::SecureProtocols << QSsl::AnyProtocol << true;
|
QTest::newRow("secure-any") << QSsl::SecureProtocols << QSsl::AnyProtocol << true;
|
||||||
|
|
||||||
#ifndef OPENSSL_NO_SSL2
|
#if !defined(OPENSSL_NO_SSL2) && !defined(QT_SECURETRANSPORT)
|
||||||
QTest::newRow("any-ssl2") << QSsl::AnyProtocol << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
|
QTest::newRow("any-ssl2") << QSsl::AnyProtocol << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
|
||||||
#endif
|
#endif
|
||||||
QTest::newRow("any-ssl3") << QSsl::AnyProtocol << QSsl::SslV3 << true;
|
QTest::newRow("any-ssl3") << QSsl::AnyProtocol << QSsl::SslV3 << true;
|
||||||
|
@ -6,7 +6,7 @@ SUBDIRS=\
|
|||||||
qsslerror \
|
qsslerror \
|
||||||
qsslkey \
|
qsslkey \
|
||||||
|
|
||||||
contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) {
|
contains(QT_CONFIG, ssl) | contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) {
|
||||||
contains(QT_CONFIG, private_tests) {
|
contains(QT_CONFIG, private_tests) {
|
||||||
SUBDIRS += \
|
SUBDIRS += \
|
||||||
qsslsocket \
|
qsslsocket \
|
||||||
|
Loading…
Reference in New Issue
Block a user