Commit Graph

402 Commits

Author SHA1 Message Date
Mikkel Krautz
55f8d7dfe5 qsslsocket_mac: handle 'OrLater' SslProtocols in verifySessionProtocol()
The verifySessionProtocol() method in the SecureTransport backend did not
properly handle TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater.

This commit teaches verifySessionProtocol() about them.
It also adds TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater to the
protocolServerSide() test in tst_qsslsocket.

Backport from 5.10 to 5.9 (LTS).

Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
(cherry picked from commit 9c765522d1)
Change-Id: I58c53bdf43e0f19b4506f3696d793f657eb4dc6f
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-11-15 21:06:49 +00:00
Liang Qi
d0a0a3c041 Merge remote-tracking branch 'origin/5.10' into dev
Conflicts:
	examples/network/fortuneclient/client.cpp
	examples/network/fortuneserver/server.cpp
	src/platformsupport/platformcompositor/qopenglcompositorbackingstore_p.h
	src/plugins/platforms/cocoa/qcocoabackingstore.h
	src/plugins/platforms/cocoa/qcocoaintegration.h
	src/plugins/platforms/cocoa/qcocoascreen.h
	src/plugins/platforms/ios/qiosbackingstore.h
	src/plugins/sqldrivers/oci/qsql_oci.cpp
	src/widgets/kernel/qwidgetwindow.cpp

Change-Id: Ia6dd2c52d4a691b671cf9a2ffca70deccece8f10
2017-10-17 10:34:24 +02:00
Liang Qi
bc5f45052f Merge remote-tracking branch 'origin/5.9' into 5.10
Conflicts:
	src/corelib/global/qconfig-bootstrapped.h
	src/corelib/global/qglobal.h
	src/corelib/tools/qcryptographichash.cpp
	src/corelib/tools/qcryptographichash.h
	src/corelib/tools/qmessageauthenticationcode.cpp
	src/plugins/platforms/windows/qwindowswindow.h
	tests/auto/gui/kernel/qwindow/BLACKLIST
	tests/auto/widgets/itemviews/qitemdelegate/BLACKLIST

Change-Id: Ib68112de985a3d714c2071f47c10e907e4f0229a
2017-10-04 13:41:04 +02:00
Timur Pocheptsov
3faf8f4d48 tst_QSsl(longlongnamefollows) - fix a flakey auto-test
The original test was using QSslSocket::waitForEncrypted function, which
is apparently a bad idea on Windows: connecting to 'www.qt.io' we have
to verify certs and there is no guarantee a given Windows VM has the required
CA certificate ready in its cert store. In such cases we start a background
thread (aka CA fetcher's thread) and it calls a (potentially blocking for
a significant amount of time) function (CryptoAPI). When finished, this
thread reports the results via queued connection, which does not work
if we are sitting in a tiny-loop inside waitForEncrypted. Re-factor
the test to use signals/slots and a normally running event loop.
Also, the last test makes a wrong assumption about Windows - fixed.

Task-number: QTBUG-63481
Change-Id: I4abe9cda2a6c52d841ac858cccb6bf068e550cb8
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-10-03 16:37:30 +00:00
Samuel Gaist
b6f6920654 Change qrand() to QRandomGenerator in the SSL backend
Change-Id: I631649b2ad8d9c2c766e99a12f7ff3a39c79cc7d
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-09-30 18:08:13 +00:00
Mårten Nordheim
b29cc512f8 Granularize blacklist of qsslsocket for Windows
Using the information from grafana we can unblacklist all the things
which are consistently passing.

Change-Id: I79917ca9c40e1df2dab46bb54cc0a2bd4a1a4621
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-05-10 13:09:19 +00:00
Ryan Chu
658f12d735 Expose docker test server as an internal config to all modules
Before testserver becomes a stable feature, let's keep testserver.prf in
"mkspecs/features/unsupported". The test server's shared files will be
stored in "mkspecs/features/data/testserver".

Because the path of testserver has been changed, all the tests relying
on the docker servers should be updated as well.

Change-Id: Id2494d2b58ee2a9522d99ae61c6236021506b876
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-04-25 15:33:06 +00:00
Liang Qi
29f01b32f5 Merge remote-tracking branch 'origin/5.13' into dev
Conflicts:
	src/corelib/configure.json

Change-Id: I93ac67f3bf4844bc7c691183e94bceb922b7b919
2019-03-31 12:39:42 +02:00
Mårten Nordheim
e79b1dcdf5 tst_qsslsocket: fix racy test
In this threaded setup the server can sometimes have the data before it
calls "waitForReadyRead", what happens then is that we fail the wait and
as a result the test fails overall.

Let's check if we actually got some data after all and then continue if
we did. Since both the client and the server currently wait the same
amount of time (2s) the max timeout for the client was increased by
0.5s so it has some time to notice that the server got the message.

Change-Id: Ib5915958853413047aa5a7574712585bcae28f79
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-26 13:08:18 +00:00
Mårten Nordheim
a06dfed4cc tst_qsslkey: test AES encryption in the 'encrypt' test
And export the required symbols in OpenSSL so we can run the test there
as well even if it's not needed for any functionality.

Change-Id: I4246d2b0bbdd42079d255f97f3c66ce8bb37390b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-26 13:08:16 +00:00
Mårten Nordheim
03ada0217c WinRT: Add support for AES-encrypted keys
Task-number: QTBUG-54422
Change-Id: Icbf2b153edacb348e475d6adb9aecb63519874de
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-03-26 13:08:14 +00:00
Liang Qi
8cc8eb8f24 Merge "Merge remote-tracking branch 'origin/5.13' into dev" into refs/staging/dev 2019-03-15 19:04:30 +00:00
Mårten Nordheim
7111ba1736 Schannel: support for AES-encrypted keys
Task-number: QTBUG-54422
Change-Id: I7387cdf9ca927c91cccf3dab7d2deb577ce71802
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-03-15 17:46:58 +00:00
Qt Forward Merge Bot
32084b0733 Merge remote-tracking branch 'origin/5.13' into dev
Conflicts:
	src/corelib/tools/qcollator_win.cpp

Change-Id: I6d806d7c58b2057ebde3ad915bb5551f34b700e5
2019-03-14 10:49:29 +01:00
Timur Pocheptsov
8d4e8217fd Convert tst_QSslSocket to work with Docker
Change-Id: Ifb075763e3a0c6c08677dd2ae7febbbc8e4e48a9
Reviewed-by: Ryan Chu <ryan.chu@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-11 15:38:58 +00:00
Timur Pocheptsov
01a5434252 QSslKey - add a support for AES encrypted keys
for SecureTransport backend. OpenSSL, while reading
RSA/DSA, is internally calling EVP_BytesToKey that
essentially does the same thing this patch does in
'deriveAesKey' and thus able to correctly decrypt
whatever it first encrypted (while generating/
encrypting keys).

Fixes: QTBUG-54422
Change-Id: Ia9f7599c5b19bf364c179f2abd2aab7ea5359a65
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2019-03-08 05:36:14 +00:00
Timur Pocheptsov
ef840bef5c SecureTransport - make 'securetransport' feature public
Given the current feature disparity, it makes sense to give our users
ability to detect if they can use some feature or not in their application
code, using our 'modern' QT_CONFIG(securetransport). Accordingly, use this
new syntax in our own auto-tests.

Change-Id: Ib33b03e7e602e9f8b0db8251377c89dbaada1049
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-07 02:56:21 +00:00
Lars Schmertmann
c6153660e4 Extend the test for QSslKey
Check if QSslKey::handle() returns data representing the
same key information as that passed to the constructor.

Task-number: QTBUG-64495
Change-Id: I1a91264e6f6d92d259b51fca9de00fcbfd5cc845
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-02 14:26:59 +00:00
Timur Pocheptsov
703ca2606f Convert tst_qsslsocket_*_static/member auto-tests
To work with docker test server.

Change-Id: I50a1c7b632748d7648dafd70356aa849614e4e12
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2019-03-01 10:20:07 +00:00
Liang Qi
19dd2ca93b Merge remote-tracking branch 'origin/5.9' into 5.10
Conflicts:
	examples/opengl/qopenglwidget/main.cpp
	src/3rdparty/pcre2/src/pcre2_printint.c
	src/plugins/platforms/cocoa/qnsview.mm
	src/widgets/widgets/qcombobox.cpp

Change-Id: I37ced9da1e8056f95851568bcc52cd5dc34f56af
2017-09-06 13:26:31 +02:00
Albert Astals Cid
6e18293299 Forward the readChannelFinished from the plain socket to the ssl socket
Task-number: QTBUG-62257
Change-Id: I12632b7ffd2012adc99b4784892cbb6f79e065f7
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
2017-09-01 15:09:14 +00:00
Liang Qi
112a4af107 Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	examples/examples.pro
	qmake/library/qmakebuiltins.cpp
	src/corelib/global/qglobal.cpp
		Re-apply b525ec2 to qrandom.cpp(code movement in 030782e)
	src/corelib/global/qnamespace.qdoc
	src/corelib/global/qrandom.cpp
	src/gui/kernel/qwindow.cpp
		Re-apply a3d59c7 to QWindowPrivate::setVisible() (code movement in d7a9e08)
	src/network/ssl/qsslkey_openssl.cpp
	src/plugins/platforms/android/androidjniinput.cpp
	src/plugins/platforms/xcb/qxcbconnection.cpp
	src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
	src/widgets/widgets/qmenu.cpp
	tests/auto/widgets/kernel/qwidget_window/tst_qwidget_window.cpp

Change-Id: If7ab427804408877a93cbe02079fca58e568bfd3
2017-08-31 14:31:31 +02:00
Edward Welbourne
b9557296cb Fix crash when reading a PKCS12 file with no private key
The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY().  So check for missing key and
fail the load, since the file is useless to us.  Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.

Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)

Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-08-17 06:43:49 +00:00
Timur Pocheptsov
410148ef1e tst_QSslSocket::ephemeralServerKey - fix for OpenSSL 1.1
The original test is quite unfortunate - it has cipher names hardcoded,
and it fails with OpenSSL 1.1 - no matching cipher found for 'RC4-SHA'
and QSslContext::initSsl fails with 'Invalid or empty cipher list'.
We skip this test entry for 1.1.

Change-Id: I810b80a62d9e27a60db71fd412af0c80630d976c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-07-25 13:29:32 +00:00
Simon Hausmann
407302fb1b Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	src/corelib/io/qwindowspipewriter.cpp
	src/widgets/styles/qcommonstyle.cpp

Change-Id: I0d33efdc4dc256e234abc490a18ccda72cd1d9e6
2017-07-19 09:47:29 +02:00
Timur Pocheptsov
07c0e0fdcf QAsn1Element - fix toDateTime function
ASN UTCTime uses two characters to encode a year (YY). When converting it
into QDate, it's quite naive to just add 2000. According to RFC 2459,
these YY represent dates in the range [1950, 2049].
This patch also introduces a helper function doing the checked conversion
from a string to int (to be reused in the following-up patches).

Task-number: QTBUG-61934
Change-Id: I3f6f471d24e8357b83b2f5973023b2b842751389
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-07-18 13:09:16 +00:00
Timur Pocheptsov
3e3466d28c tst_QSslSocket::protocolServerSide - fixes for OpenSSL 1.1
Several tests are not valid for 1.1 anymore:

1. SSL2 was removed, but there is no OPENSSL_NO_SSL2 and the 'protocolServerSide'
   test is trying to use QSsl::SSLv2 and thus is failing.
2. We now use the generic TLS_server/client_method instead of version specific
   methods we have in pre-1.1 back-end. So, for example, a client socket with
   QSsl::TLS_V1_0 in its SSL configuration will be able to negotiate
   TLS 1.2 if our server socket wants it, while with TLSv1_client_method
   (OpenSSL < 1.1) our test was expecting SSL handshake to fail.

Change-Id: I18efd5921c79b189e4d9529be09299a361a8a81d
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-07-11 10:44:08 +00:00
Liang Qi
7f269a5db8 Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	.qmake.conf

Change-Id: I43531e087bb810889d5c1fbfcdffb29b78804839
2017-07-06 13:54:25 +02:00
Friedemann Kleint
9656e972d1 Remove remains of wince in .pro files
Task-number: QTBUG-52590
Change-Id: I444fc9eedc8a8e4ad2ede224d66e7c410bedbb48
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@qt.io>
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
2017-07-03 05:32:51 +00:00
Albert Astals Cid
f78a189da5 QSSLSocket::readData return -1 when socket is not connected
As QAbstractSocket::readData does and as the documentation of QIODevice says
"this function returns -1 in those cases (that is, reading on a closed
socket..."

Change-Id: I1e64673f6a6d792a640bd6cb28b2bb5a0f18dc36
Reviewed-by: Aleix Pol
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-06-08 04:00:54 +00:00
Liang Qi
d1ea481345 Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	src/network/access/qnetworkreply.cpp
	tests/auto/corelib/kernel/qmetaobject/tst_qmetaobject.cpp

Change-Id: Iadf766269454087e69fb216fc3857d85b0ddfaad
2017-05-07 13:08:18 +02:00
Timur Pocheptsov
b6968f508c Revert "Blacklist tst_QSslSocket::protocolServerSide on OS X 10.11"
This reverts commit 96c27f0dfa.
We now use a custom keychain that should fix the original
problem with the test.

Change-Id: I52e4105f34a46ad7080750d9a62480ebe3a56e68
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-04-27 12:25:51 +00:00
Timur Pocheptsov
5218a80bd1 Revert "tst_qsslsocket::protocolServeSide - fix for macOS 10.11"
The fix is outdated - the tests it was fixing - pass on 10.11.

Change-Id: I8b42c1d3d2f1279382b15c20587dcc93cf1b6b40
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-04-26 13:18:20 +00:00
Liang Qi
9419dfe8ee Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	src/platformsupport/fontdatabases/mac/qcoretextfontdatabase_p.h
	src/plugins/platforms/xcb/qxcbwindow.cpp

Change-Id: Ic747c3c50e68c005b425e7a1ec2a90965527c8bd
2017-04-04 18:09:33 +02:00
Timur Pocheptsov
8bd67f61a6 tst_qsslsocket::protocolServeSide - fix for macOS 10.11
Mixing different protocols on client-server sockets works differently
on 10.11, making previously successful handshakes failing now.
Failure is specific to 10.11 with SecureTransport.

Change-Id: I35374b40fa3d167802775b526cf6465ae78749cf
Task-number: QTBUG-48860
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-03-30 17:01:35 +00:00
Tony Sarajärvi
96c27f0dfa Blacklist tst_QSslSocket::protocolServerSide on OS X 10.11
Task-number: QTBUG-48860
Change-Id: Ia352378f48b9ab404d06ac5ef9bf53afa8f192fd
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-03-30 12:10:16 +00:00
Liang Qi
b48a13fd68 Merge remote-tracking branch 'origin/5.9' into dev
Conflicts:
	examples/examples.pro
	tests/auto/corelib/tools/qchar/tst_qchar.cpp
	tests/auto/other/qaccessibility/accessiblewidgets.h

Change-Id: I426696c40ab57d14dc295b8103152cede79f244c
2017-03-28 09:28:31 +02:00
Liang Qi
7702fe8602 Merge remote-tracking branch 'origin/5.8' into 5.9
Change-Id: Icdd71e9713725bda9c305e338f5c8b41a92ed8e8
2017-03-27 10:42:08 +02:00
Olivier Goffart
d82d2f6716 QSslSocket: fix connection to a international domain name
RFC6125 section 6.4.2 specify we need to convert the IDN to ascii
before comparison. Note that we don't need to toLower anymore
because toAce takes care of it.

Section 7.2 recommands that we dod not attempt to check for wildcard
character embedded within the A-labels or U-labels of an
internationalized domain name. So we reject names that contiains a
'*' but starts with 'xn--'.

Change-Id: Ib0830520a1f82bbf9fd11818718277a479527ee3
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-03-23 16:11:15 +00:00
Liang Qi
71264bae08 Merge remote-tracking branch 'origin/5.9' into dev
Change-Id: I84097f8e7b3b2128028bd7693c913d6968b82bfe
2017-03-02 09:04:38 +01:00
Kai Koehne
a64c766a3d Network: Use canonical license headers
Replace outdated LGPL21 with LGPL license header.
Use GPL-EXCEPT for all autotests.
Also use canonical contact url.

Change-Id: I6e5cc8a4285569c4f862730a980f492b8a933a72
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
2017-02-28 15:34:01 +00:00
Oswald Buddenhagen
5e2367aaa5 use regular configure mechanism for openssl library references
don't attempt to hand-craft a library export any more. instead, use the
configure system's built-in mechanism, and refer to it via QMAKE_USE.
this also allows us to rely on transitive dependencies in the autotest.

as a side effect, this makes the openssl-linked feature imply the
openssl one.

Change-Id: I5dd209b63bc8fbbc62852f6ffc472d4452ea2e68
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2017-02-22 07:45:59 +00:00
Mikkel Krautz
9c765522d1 qsslsocket_mac: handle 'OrLater' SslProtocols in verifySessionProtocol()
The verifySessionProtocol() method in the SecureTransport backend did not
properly handle TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater.

This commit teaches verifySessionProtocol() about them.
It also adds TlsV1_0OrLater, TlsV1_1OrLater and TlsV1_2OrLater to the
protocolServerSide() test in tst_qsslsocket.

Change-Id: I394766c75dbea4d89bf3d6b9c3f3c89530ac0749
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-02-13 21:44:05 +00:00
Mikkel Krautz
19a1a0871d QSslDiffieHellmanParameters: simplify defaultParameters() construction
This commit simplifies defaultParameters() to simply construct an empty
QSslDiffieHellmanParameters and assigning the DER-form of the DH parameters
to QSslDiffieHellmanParametersPrivate's derData field.

This creates a valid QSslDiffieHellmanParameters instance, but skips any
potentially expensive verification steps.

The previous implementation of defaultParameters() would use the public
fromEncoded() method to construct an instance of the default parameters.
This triggers a verification of the passed-in data, which can be expensive.

To ensure our defaultParameters() QSslDiffieHellmanParameters instance does
pass verification, this commit adds an autotest to verify that.

Fixes QTBUG-57815.

Change-Id: I6b1d9dbbfde526b232c319195ddbad42326be27c
Task-number: QTBUG-57815
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-01-18 11:32:02 +00:00
Oswald Buddenhagen
4a561c6baf remove redundant conditionals regarding ssl
this actually fixes the build when ssl is not enabled, as the openssl
features are in the not included network-private module.

Change-Id: Ibafae9867af493da184a45cf3981628d475d37a6
Reviewed-by: Jake Petroules <jake.petroules@qt.io>
2016-10-04 08:25:24 +00:00
Liang Qi
cdb56c42fc Merge remote-tracking branch 'origin/5.7' into 5.8
Conflicts:
	mkspecs/features/uikit/xcodebuild.mk
	tests/auto/other/lancelot/tst_lancelot.cpp
	tests/auto/widgets/widgets/qmdisubwindow/tst_qmdisubwindow.cpp
	tests/auto/widgets/widgets/qmenubar/tst_qmenubar.cpp

Change-Id: Ia0ae2de86094120281abd445138877c2cc3e882c
2016-09-29 00:38:01 +02:00
Liang Qi
e918334045 Merge remote-tracking branch 'origin/5.6' into 5.7
Conflicts:
	src/widgets/dialogs/qcolordialog.cpp
	src/widgets/dialogs/qfiledialog.cpp
	tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp

Change-Id: I34bc8a990f8f526889a95a5c7099ef557b9681ad
2016-09-28 11:51:35 +02:00
Timur Pocheptsov
158781ff25 QSslSocket: respect read buffer's max size (SecureTransport)
1. QSslSocketBackendPrivate::transmit was ignoring 'readBufferMaxSize';
as a result, we can have a user trying to set read buffer's size
to a small value (and more important - reading slowly in a small
chunks from this socket), but SSL itself socket reading 'too fast',
potentially growing its internal buffer to a huge size. This also
results in auto-tests failing - whenever we're trying to limit read
rate in some test.

2. Update qsslsocket auto-test.

Task-number: QTBUG-43388
Task-number: QTBUG-55170
Change-Id: Iedece26df0ac5b3b7cad62cc8c98aedc28e7ca5b
Reviewed-by: Richard J. Moore <rich@kde.org>
2016-09-27 10:27:58 +00:00
Lars Knoll
2d3c73fcfe Modularize configure.json/.pri
Move the different parts of configure.json/.pri into the libraries where
they belong.

Gui is not yet fully modularized, and contains many things related to
the different QPA plugins.

Done-with: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Change-Id: I6659bb29354ed1f36b95b8c69e7fce58f642053f
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2016-09-15 08:23:53 +00:00
Marc Mutz
2f108fafe9 tst_QSslSocket: clean up
- port Q_FOREACH to C++11 range-for
- port use of inefficient QLists to QVector
- port from QSharedPointer to auto variables except where the
  payload is returned from a function (there ported to
  QSharedPointer::create())

Fixes errors pointed out by my tree's static checks.

In sslErrors(), fixed an unwanted double-detach problem by
adding a strategic qAsConst().

Change-Id: I8148e23b73337f6f1a721e009f2974536d8447cc
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-08-19 19:03:54 +00:00
Lars Knoll
60985aa42b Use qtConfig throughout in qtbase
Use the new qtConfig macro in all pro/pri files.

This required adding some feature entries, and adding
{private,public}Feature to every referenced already existing entry.

Change-Id: I164214dad1154df6ad84e86d99ed14994ef97cf4
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
2016-08-19 04:28:05 +00:00
Liang Qi
17198e03ab Merge remote-tracking branch 'origin/5.7' into dev
Conflicts:
	qmake/doc/src/qmake-manual.qdoc
	src/corelib/global/qglobal.cpp
	src/corelib/tools/qstring.cpp
	src/network/socket/qabstractsocket.cpp
	src/network/socket/qnativesocketengine_unix.cpp
	src/plugins/platforms/eglfs/api/qeglfsglobal.h

Change-Id: Id5dfdbd30fa996f9b4b66a0b030b7d3b8c0ef288
2016-08-16 07:58:32 +02:00
Liang Qi
6b8f422c5e Merge remote-tracking branch 'origin/5.6' into 5.7
Conflicts:
	src/corelib/global/qglobal.cpp
	src/corelib/io/qsettings.cpp
	src/corelib/itemmodels/qstringlistmodel.cpp
	tests/auto/gui/image/qimagewriter/tst_qimagewriter.cpp

Change-Id: I1c6c306ef42c3c0234b19907914b19da706b4a03
2016-08-13 01:05:02 +02:00
Marc Mutz
033ebfae21 QSslDiffieHellmanParameters: make fit for release
- add missing \since 5.8 on free functions
- fix \relates of qHash to point to QSslDHP, not QHash, which is in another module
- API fix: use named instead of unnamed ctors
- share code between ctors
- API fix: add inline move ctor (for now, this requires using a naked d pointer,
  which isn't much of a problem, since the class is immutable).

Change-Id: Ic30f9c3c03b8a3798e0676e38991ead85c587214
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-08-12 12:33:07 +00:00
Marc Mutz
3b0ea78603 tst_QSslSocket::setLocalCertificateChain(): fix resource leak when test fail
The deleteLater() call wasn't reliably reached when tests fail,
so use a QScopedPointer with QScopedPointerDeleteLater deleter.

Change-Id: Ica73bc73c2a0ac1e9b77e4804f2aedcad9b662a0
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2016-08-11 04:34:19 +00:00
Lars Schmertmann
7f77dc84fb Store QSslKey in specific key format to provide more details for key
In a TLS handshake the ephemeral server key is saved in the ssl
configuration. Clients who want to get the length or algorithm of the
key only get "Opaque" and "-1" as a result because the key is always
stored as "Opaque". This change converts the key to specific type so
more details are available and the client don't need to convert the
handle by hand.

Change-Id: I60f90fc2c1805e528640d391b20c676b6eeeb49e
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-07-28 14:32:05 +00:00
Timur Pocheptsov
72adb7f00c tst_qsslsocket::protocolServerSide - try to fix failing ssl3-* *-ssl3
Test is strangely failing on Ubuntu 16.04 with OpenSSL 1.0.2g-fips.

Change-Id: I1498dee4c1d6db0702da3d3689787aed1e3a633f
Reviewed-by: Richard J. Moore <rich@kde.org>
2016-06-24 18:29:48 +00:00
Liang Qi
ea438b2508 Merge remote-tracking branch 'origin/5.7' into dev
Conflicts:
	src/corelib/global/qglobal.cpp
	src/corelib/global/qsysinfo.h
	src/corelib/kernel/qcoreapplication_win.cpp
	src/gui/text/qdistancefield.cpp
	src/gui/text/qdistancefield_p.h
	src/plugins/platforms/windows/qwindowsglcontext.cpp
	src/plugins/platforms/windows/qwindowsglcontext.h

Change-Id: Ib3500acc2b28553bde06758cd9a2e19eb7fe2978
2016-06-21 08:39:41 +02:00
Liang Qi
e32f1a4d61 Merge remote-tracking branch 'origin/5.6' into 5.7
And blacklisted a few tests in tst_QUdpSocket.

Conflicts:
	src/android/jar/src/org/qtproject/qt5/android/QtNative.java
	src/corelib/global/qglobal.cpp
	src/corelib/global/qsystemdetection.h
	src/corelib/io/qfileselector.cpp
	src/plugins/platforms/eglfs/deviceintegration/eglfs_kms_egldevice/qeglfskmsegldeviceintegration.cpp
	tests/auto/network/socket/qudpsocket/BLACKLIST

Task-number: QTBUG-54205
Change-Id: I11dd1c90186eb1b847d45be87a26041f61d89ef6
2016-06-20 08:00:26 +02:00
Timur Pocheptsov
23173c725c QSslSocket (OpenSSL) - handle abort/close on sslErrors emitted
If a user's code, attached to sslErrors signal, calls abort/close
or disconnectFromHost but our SSL socket was configured not to verify a peer,
no need to continue handshake after calling checkSslErrors
(and finally crashing on invalid 'ssl' pointer).

Task-number: QTBUG-53906
Change-Id: I7f185511d278f9d6f16e7d6c5ba424707141459c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-06-14 07:29:01 +00:00
Liang Qi
511790fd1a Merge remote-tracking branch 'origin/5.7' into dev
Conflicts:
	config_help.txt
	configure
	mkspecs/features/uikit/sdk.prf
	src/corelib/global/qhooks.cpp
	src/corelib/io/qfilesystemwatcher.cpp
	src/corelib/io/qlockfile_unix.cpp
	src/corelib/tools/qalgorithms.h
	src/gui/kernel/qwindowsysteminterface.h
	src/gui/text/qtextdocument_p.cpp
	src/network/access/access.pri
	src/network/access/qnetworkaccessmanager.cpp
	src/network/access/qnetworkreplynsurlconnectionimpl.mm
	src/src.pro
	src/testlib/qtestcase.cpp
	src/widgets/kernel/qwidgetbackingstore_p.h
	src/widgets/styles/qwindowscestyle.cpp
	src/widgets/styles/qwindowsmobilestyle.cpp
	tests/auto/corelib/io/qdiriterator/qdiriterator.pro
	tests/auto/corelib/io/qfileinfo/qfileinfo.pro
	tests/auto/gui/kernel/qwindow/BLACKLIST
	tests/auto/widgets/dialogs/qfilesystemmodel/tst_qfilesystemmodel.cpp
	tools/configure/configureapp.cpp

Change-Id: Ibf7fb9c8cf263a810ade82f821345d0725c57c67
2016-06-13 12:46:46 +02:00
André Klitzing
9466d0e633 Disable QSslDiffieHellmanParameters tests for QT_NO_SSL builds
Change-Id: Ie0b7e9c819ddd1627709f64c30c8d2374bf50c9b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-06-10 13:18:03 +00:00
Timur Pocheptsov
f9b7385e24 tst_qsslsocket::protocolServerSide - blacklist on RHEL 7.2
protocolServerSide test fails with 'ssl3-any' and 'tls1.0-any' combo
on RHEL 7.2 with OpenSSL v1.0.1e-fips, it would work as OPENSSL_NO_SSL2
code-path, but OPENSSL_NO_SSL2 is not defined, so socket is in state
connected while it's expected to be unconnected.

Task-number: QTBUG-53608
Change-Id: Ib321b95129a6ab5b0691b40cb4acc612125633b2
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
2016-05-26 10:47:42 +00:00
Timur Pocheptsov
84f8203e38 tst_qsslsocket - re-structure the code
setEmptyDefaultConfiguration - this test (and this was stated explicitly
in comments!) must be the last test to run, otherwise, it can make subsequent
tests fail.

-exitLoop must be in 'protected slots' section not to be executed as a test,
since ... it's aux function, not a test.

Task-number: QTBUG-53608
Task-number: QTBUG-53603
Change-Id: I49d6d57ba927ecc4f20ae2d9325ad02fa46b0922
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
2016-05-26 09:40:08 +00:00
Mikkel Krautz
2cf63c71eb Add settable QSslDiffieHellmanParameters for QSslSocket-based servers.
Only the OpenSSL backend is supported right now.

[ChangeLog][QtNetwork][SSL/TLS support] It is now possible to
set custom Diffie-Hellman parameters for QSslSocket-based servers.

Change-Id: I50148873132cd0ec7e414250b107b6b4cbde02ea
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
2016-05-25 20:00:12 +00:00
André Klitzing
0eaac0a3a9 Add support for PSK on server side
[ChangeLog][QtNetwork][QSslSocket] TLS PSK ciphers are possible in server sockets.

Task-number: QTBUG-39077
Change-Id: Iaa854a6f50242deae5492f2e4759c727488995f5
Reviewed-by: Richard J. Moore <rich@kde.org>
2016-05-02 20:33:00 +00:00
Friedemann Kleint
04aa760711 QtNetwork: Remove Windows CE.
Remove #ifdef sections for Q_OS_WINCE and wince .pro file clauses in library,
examples and tests.

Task-number: QTBUG-51673
Change-Id: I3706336395620522ceda414d7437295d9ec64f16
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2016-03-29 20:28:18 +00:00
Timur Pocheptsov
765eab5103 qsslsocket/qsslcontext - add ALPN (OpenSSL only)
Application-Layer Protocol Negotiation (ALPN) - is a reworked revision
of Next Protocol Negotiation (NPN) we have in our OpenSSL code.
Can be used as a part of HTTP2 negotiation during TLS handshake.

Change-Id: I484ec528c81d4887a64749095ec292dfaec18330
Reviewed-by: Richard J. Moore <rich@kde.org>
2016-03-21 15:01:12 +00:00
Jani Heikkinen
f776595cc1 Updated license headers
From Qt 5.7 -> tools & applications are lisenced under GPL v3 with some
exceptions, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/

Updated license headers to use new GPL-EXCEPT header instead of LGPL21 one
(in those files which will be under GPL 3 with exceptions)

Change-Id: I42a473ddc97101492a60b9287d90979d9eb35ae1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2016-01-21 18:55:18 +00:00
Sebastian Lösch
73ad2bf32f Make ephemeral server key available
When using cipher algorithms with forward secrecy an ephemeral key is
used to generate the symmetric session key. Beside the SSL certificate's
key, this ephemeral key is of cryptographic interest.

The ephemeral key is chosen by the server side - currently statically in
the Qt implementation - so it is only of interest on the client side to
check it. Therefore the ephemeral key is the null key if the connection
is set up in server mode or a cipher without forward secrecy is used.

Change-Id: If241247dbb8490a91233ae47f2b38952c6591bf4
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
2016-01-04 18:10:14 +00:00
Liang Qi
beb65dcd79 Merge remote-tracking branch 'origin/5.6' into dev
Conflicts:
	src/gui/painting/painting.pri
	src/plugins/platforms/xcb/qxcbconnection.cpp
	tests/auto/corelib/thread/qthreadstorage/qthreadstorage.pro
	tests/auto/corelib/tools/qlocale/test/test.pro
	tests/auto/gui/kernel/qwindow/tst_qwindow.cpp
	tools/configure/environment.cpp

Change-Id: I9c40f458b89b2c206de2d2c24e90b5f679c93495
2015-12-18 08:37:31 +01:00
Maurice Kalinowski
acdd57cb43 Fix compilation for WinRT
TEST_HELPER_INSTALLS cannot be used on platforms with no
QProcess support.

Change-Id: I2a6a283d94ca4487fc628449c53fc37140dd291d
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
2015-12-14 08:43:15 +00:00
Friedemann Kleint
1289bc8172 Tests: Remove empty init/cleanup slots, constructors and destructors.
Move some code (like registrations of meta types) from init() to
initTestCase() in the process.

Change-Id: I57db5156647cfadab554fbed853b2e68b2815f3b
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@theqtcompany.com>
2015-12-10 05:26:05 +00:00
Louai Al-Khanji
dbb7817e13 Remove remaining support for Blackberry
The platform is no longer supported or actively maintained, and is
in the way for improvements to the Unix event dispatcher and QProcess
implementations.

Change-Id: I3935488ca12e2139ea5f46068d7665a453e20526
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2015-11-21 15:38:39 +00:00
Liang Qi
4159ee8405 Merge remote-tracking branch 'origin/5.6' into dev
Conflicts:
	config.tests/unix/ptrsize.test
	configure
	src/corelib/global/qnamespace.h
	src/network/socket/qabstractsocket.cpp
	tests/auto/other/networkselftest/networkselftest.pro

Change-Id: Ic78abb4a34f9068567cea876861d4220f5a07672
2015-11-04 20:18:14 +01:00
Frederik Gladhorn
0667ba3f24 Disable tst_QSslCertificate::subjectAndIssuerAttributes completely
As a follow-up for 5c1b9bbdf1 disable the
test on all platforms, since it fails on newer openssl. This was now
also happening on Windows, so until a fix is there, skip the test.

Change-Id: I6c8822c0ac5411b1114e9cd426219574ab1c9b54
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-29 10:13:57 +00:00
Friedemann Kleint
240d768ca6 tests/auto/network: Remove some placeholder formatting.
Use QByteArray/QString addition instead in loops and for
test row names.

Change-Id: I7974ace5b34f2da43e7511044e80de1e733245ac
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-19 12:38:28 +00:00
Friedemann Kleint
f0a559f1c8 Tests: Use QCOMPARE() with QLatin1String() for QString values.
Prefer QCOMPARE over QVERIFY for equality and use QLatin1String().

Change-Id: If226a0fc7b25be3e6774c7e36ca1e6f99234e5dd
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-14 08:32:42 +00:00
Friedemann Kleint
a2a00eb044 Tests: Fix single-character string literals.
Use character literals where applicable.

Change-Id: I1a026c320079ee5ca6f70be835d5a541deee2dd1
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
2015-10-13 18:14:27 +00:00
Friedemann Kleint
76cf88157f Tests: Remove CONFIG += parallel_test.
The keyword no longer has a meaning for the new CI.

Change-Id: Ibcea4c7a82fb7f982cf4569fdff19f82066543d1
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
2015-09-05 07:16:50 +00:00
Timur Pocheptsov
5bfac9d653 Merge "Merge remote-tracking branch 'origin/5.5' into dev" into refs/staging/dev 2015-08-09 07:06:52 +00:00
Timur Pocheptsov
9861d2bf14 QSslCertificate - skip tests failing with generic QSslCertificatePrivate
SecureTransport does not implement QSslCertificatePrivate thus some
tests relying on generic version fail. Skip them for now.

Change-Id: I483340b37786a8a556e954b2c538e4f48a342be9
Reviewed-by: Morten Johan Sørvig <morten.sorvig@theqtcompany.com>
2015-08-08 22:50:50 +00:00
Frederik Gladhorn
77da617dc8 Merge remote-tracking branch 'origin/5.5' into dev
Conflicts:
	doc/global/qt-cpp-defines.qdocconf
	src/3rdparty/forkfd/forkfd.c
	src/corelib/codecs/qtextcodec.cpp
	src/corelib/kernel/qmetatype.cpp
	src/corelib/tools/qset.qdoc
	src/gui/accessible/qaccessible.cpp
	src/gui/image/qpixmapcache.cpp
	src/opengl/qgl.cpp
	src/tools/qdoc/generator.cpp
	src/widgets/kernel/qwidget.cpp
	tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp

Change-Id: I4fbe1fa756a54c6843aa75f4ef70a1069ba7b085
2015-08-06 10:54:01 +02:00
Simon Hausmann
5c1b9bbdf1 Blacklist test failing due to too new OpenSSL version
As advised by Rich :)

Change-Id: I76c425e840419bc68762628e401b3e51c62c8da9
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-08-06 06:17:15 +00:00
Friedemann Kleint
57dbdcd92f tests/auto/network: Replace Q[TRY]_VERIFY(a == b) by Q[TRY]_COMPARE(a, b).
- Replace Q[TRY]_VERIFY(pointer == 0) by Q[TRY]_VERIFY(!pointer).
- Replace Q[TRY]_VERIFY(smartPointer == 0)  by
          Q[TRY]_VERIFY(smartPointer.isNull()).
- Replace Q[TRY]_VERIFY(a == b) by  Q[TRY]_COMPARE(a, b) and
  add casts where necessary. The values will then be logged
  should a test fail.

Change-Id: Icaa1edafcc6e2779fbd6dbc2c058544d6e07f1e9
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-31 04:29:33 +00:00
Jeremy Lainé
d113073203 ssl: add test certificates with DSA and EC keys
The QSslCertificate tests only covered certificates with RSA keys, this
extends the test coverage to DSA and EC keys.

Change-Id: Ibee26f449cf6c1d97cbac6b511972eb44d6f0bd2
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-30 11:31:40 +00:00
Jeremy Lainé
ce87d82d4a ssl: fix comment typo in QSslSocket tests
The comment about non-OpenSSL backends not reproting a specific error
for self-signed certificates contained a typo, this fixes it.

Change-Id: I3010981d5d87d68ebf5e984c003b8bbbfb019b96
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
2015-07-28 19:06:05 +00:00
Friedemann Kleint
c067c012dc Tests: Replace Q[TRY]_VERIFY(v == true|false) by QVERIFY(v)|QVERIFY(!v).
Preparing the replacement of Q[TRY]_VERIFY(a == b) by
Q[TRY]_COMPARE(a, b) for non-boolean types.

Change-Id: Iab6ec2f0a89a3adc79e18304573994965013dab5
Reviewed-by: Mitch Curtis <mitch.curtis@theqtcompany.com>
2015-07-27 12:09:19 +00:00
Jeremy Lainé
49fee77ccc ssl: add openssl-based QSslKeyPrivate::encrypt / decrypt
This adds an OpenSSL-based implementation of the QSslKeyPrivate encrypt
and decrypt method. This puts both the OpenSSL-based and non-OpenSSL
backends (WinRT for now) on par.

Change-Id: I18a75ee5f1c223601e51ebf0933f4430e7c5c29b
Reviewed-by: Andrew Knight <andrew.knight@intopalo.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-20 15:51:02 +00:00
Liang Qi
0aa2d318b1 Merge remote-tracking branch 'origin/5.5' into dev
Conflicts:
	src/corelib/global/qglobal.cpp
	src/corelib/global/qglobal.h
	src/corelib/global/qsysinfo.h
	src/corelib/global/qsystemdetection.h
	src/corelib/kernel/qobjectdefs.h
	src/plugins/plugins.pro
	tests/auto/widgets/itemviews/qlistview/qlistview.pro

Change-Id: Ib55aa79d707c4c1453fb9d697f6cf92211ed665c
2015-07-01 11:05:26 +02:00
Liang Qi
4dd8a63fc1 Merge remote-tracking branch 'origin/5.5.0' into 5.5
Conflicts:
	src/plugins/platforms/cocoa/qcocoafiledialoghelper.h

Manually fixed src/testlib/qtestcase.cpp to return the right type.

Change-Id: Id1634dbe3d73fefe9431b9f5378846cb187624e4
2015-06-27 13:54:35 +02:00
Simon Hausmann
f3939d943e Blacklist and skip various tests that are flakey
They didn't show up in the "old" CI runs because they usually pass the second
time they are executed - which the testrunner does. The new CI doesn't do that
anymore, instead we now mark those tests explicitly and will track their record
of passing and failing in the new metrics database.

Change-Id: Id34dd6f792f38995b07b6fec88f833df64de2f8b
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
2015-06-14 10:50:45 +00:00
Giuseppe D'Angelo
92cda94742 QSslSocket: move default cipher, EC and default CA APIs to QSslConfiguration
QSslConfiguration is better suited for these APIs. The ones
in QSslSocket that already have a counterpart have been deprecated.

[ChangeLog][QtNetwork][SSL/TLS Support] Most of the QSslSocket
functions to deal with ciphersuites, certification authorities
as well as elliptic curves have been deprecated in favor of the
corresponding counterparts in QSslConfiguration.

Task-number: QTBUG-46558
Change-Id: I1de03379efcbcab931c20e876e252769fe4279e0
Reviewed-by: Liang Qi <liang.qi@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
2015-06-11 04:18:37 +00:00
Oswald Buddenhagen
d32f47b703 fix usage of wince scope
Fix style issues along the way.

Change-Id: Ic6a6de28e198eb0b14c198b802e78845703909b9
Reviewed-by: Joerg Bornemann <joerg.bornemann@theqtcompany.com>
2015-06-05 10:29:10 +00:00
Simon Hausmann
e2f66f9215 Merge remote-tracking branch 'origin/5.5' into dev
Conflicts:
	src/corelib/global/qnamespace.qdoc
	src/corelib/io/qwindowspipereader.cpp
	src/corelib/io/qwindowspipereader_p.h
	src/corelib/statemachine/qstatemachine.cpp
	src/corelib/statemachine/qstatemachine_p.h
	src/plugins/platforms/xcb/qxcbconnection.h
	tests/auto/network/access/qnetworkreply/tst_qnetworkreply.cpp
	tests/auto/tools/qmake/tst_qmake.cpp
	tests/manual/touch/main.cpp

Change-Id: I917d694890e79ee3da7d65134b5b085e23e0dd62
2015-06-03 10:23:56 +02:00
Friedemann Kleint
06de0da1e8 Make warnings of QIODevice more verbose.
Include class name, object name and file name when available.
For the bug in question:

QIODevice::read: device not open

becomes

QIODevice::read (QTcpSocket, "QFtpDTP Passive state socket"): device not open

Adding a static function also makes it easier to set a breakpoint
and find the culprit.

Task-number: QTBUG-46112
Change-Id: Ic181d8ab292912d1acbcc3cb84d9679fe4842ca0
Reviewed-by: Laszlo Papp <lpapp@kde.org>
Reviewed-by: Alex Trotsenko <alex1973tr@gmail.com>
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
2015-05-23 08:59:20 +00:00
Richard J. Moore
00f0a4119c Add the ability to prefer the cipher preferences specified by the server.
Currently the cipher preferred by the client will always be used for SSL
connections. This change makes it so that by default the ciphers
specified by the server will be used (like the Apache SSLHonorCipherOrder
option). This behavior can be disabled using a new SslOption.

[ChangeLog][QtNetwork][QSslSocket] QSslSocket will now default to using
the cipher preferences of the server socket when used as an SSL server.
This can be disabled using the QSslConfiguration.

Change-Id: I2d16d10145cf88a7412f30ef960d87024777de1c
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
2015-04-25 12:10:50 +00:00
Thiago Macieira
699e7a0869 Remove the tests for Ubuntu Oneiric (11.10)
This system is no longer in the CI rotation and we haven't had reports
of the same issues happening on later versions. Either the issues have
since been fixed or they were never an issue in Qt in the first place.

This commit has the additional benefit of getting rid of the following
shell error when qmake was run:
	sh: line 0: [: =: unary operator expected
as /etc/lsb-release hasn't contained DISTRIB_CODENAME for some time and
proper quoting was never implemented (not even qtcpsocket.pro).

Change-Id: Ia0aac2f09e9245339951ffff13c829e910ee64e9
Reviewed-by: Albert Astals Cid <albert.astals@canonical.com>
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2015-03-17 01:26:13 +00:00
Timur Pocheptsov
63e017ee77 QSslSocket test - adapt 'verifyClientCertificate' for Secure Transport
Secure Transport relies on keychains, both client/server are constantly
updating default keychain and as a result tests are failing: when
verification is expected to fail, it succeeds; when the number of certificates
is expected to be 1 - it's 2 (Secure Transport can find certificates in a keychain).
This makes verifyClientCertificate test quite useless at the moment - QSKIP it.

Change-Id: I578398b4912a86dc60f585ac5a1bdd0098914005
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-02-13 20:43:09 +00:00
Jani Heikkinen
83a5694dc2 Update copyright headers
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.

Outdated header.LGPL removed (use header.LGPL21 instead)

Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)

Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination

Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
2015-02-11 06:49:51 +00:00
Frederik Gladhorn
fc35f71434 Merge remote-tracking branch 'origin/5.4' into dev
Conflicts:
	src/3rdparty/harfbuzz-ng/harfbuzz-ng.pro
	src/gui/image/qimage_conversions.cpp
	src/gui/opengl/qopenglextensions_p.h
	src/gui/text/qtextengine.cpp
	src/network/ssl/qsslsocket_openssl.cpp
	src/plugins/platforms/eglfs/qeglfshooks_stub.cpp
	src/plugins/platforms/eglfs/qeglfsscreen.cpp
	src/plugins/platforms/eglfs/qeglfswindow.cpp
	src/plugins/platforms/windows/qwindowsfontdatabase.cpp
	src/plugins/platforms/windows/qwindowsfontdatabase_ft.cpp
	src/plugins/platforms/windows/qwindowsnativeinterface.cpp
	src/plugins/platforms/windows/qwindowsscreen.cpp
	src/plugins/platforms/windows/qwindowswindow.cpp
	src/plugins/platforms/windows/qwindowswindow.h
	src/plugins/platforms/xcb/qxcbdrag.h
	src/widgets/itemviews/qabstractitemview.cpp
	src/widgets/kernel/qwidget.cpp
	src/widgets/util/qsystemtrayicon_p.h
	tests/auto/corelib/itemmodels/qsortfilterproxymodel/tst_qsortfilterproxymodel.cpp

Thanks to Friedemann Kleint for resolving the qwindowsfontdatabase.cpp
conflicts.

Change-Id: I937232c30523d5121c195d947d92aec6f129b03e
2015-02-10 09:42:25 +01:00
Jeremy Lainé
06524c11dc ssl: add test for server-side QSslSocket::PeerVerifyMode
This adds tests to check the behavior of a QSslSocket-based server when
presented with various client certificates.

Change-Id: I431157e46cfb00880ae8b7a33015cce50e56b6bb
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
2015-02-07 06:51:05 +00:00
Richard J. Moore
91a48160d6 Move Rfc822NameType, DnsNameType and UniformResourceIdentifierType.
Move these types to QAsn1Element so that they can use the toString()
method which guards against malicious ASN.1.

Change-Id: I7d6155147a6fc2d41da6f3ae87551b6cb75aa9ce
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
2015-02-04 15:49:50 +00:00
Richard J. Moore
3bc5f8c081 Harden QAsn1Element against malicious ASN.1 strings.
We don't currently use this class for critical things like hostname
verification however we still want to ensure that it is not possible
to trick it using ASN.1 strings with embedded NUL characters. This will
avoid problems in the future.

Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
2015-02-04 15:49:35 +00:00
Jeremy Lainé
5382312e5c Add SecureTransport based SSL backend for iOS and OS X
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.

[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).

Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-02-02 14:02:56 +00:00
Frederik Gladhorn
55162dae7e Merge remote-tracking branch 'origin/5.4.1' into 5.4
Change-Id: Idadb5639da6e55e7ac8cc30eedf76d147d8d5d23
2015-01-29 10:05:01 +01:00
Shawn Rutledge
fe8900405d Use qt.io rather than qt-project.org for network tests
Mainly because of a change in certificates which is causing failing
tests.

Change-Id: I8304e5ac4107428a250b71be5df7b5399a811017
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@digia.com>
2015-01-28 12:50:32 +00:00
Shawn Rutledge
6430d6e3ec Use qt.io rather than qt-project.org for network tests
Mainly because of a change in certificates which is causing failing
tests.  This patch is cherry-picked from
https://codereview.qt-project.org/104619/

Change-Id: I8304e5ac4107428a250b71be5df7b5399a811017
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-01-28 11:10:19 +00:00
Giuseppe D'Angelo
bd26defd9b QSslSocket: introduce support for TLS PSK (client side)
[ChangeLog][QtNetwork][QSslSocket] It is now possible to use TLS PSK
ciphersuites in client sockets.

Task-number: QTBUG-39077
Change-Id: I5523a2be33d46230c6f4106c322fab8a5afa37b4
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-01-23 00:35:21 +01:00
Giuseppe D'Angelo
2ec2dbed67 QSslEllipticCurve: add fromLongName
Since the conversion to a long name was already there, also support
creation from a long name.

Change-Id: Iad712db7447fb0a0a18f600b7db54da5b5b87154
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
2015-01-21 10:41:39 +01:00
Rainer Keller
668a3a4da1 Autotest: Use QFINDTESTDATA to find test data
Change-Id: Ie6c659f6d8e8b3eeaf2453f0cba6189d56f86581
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-01-19 15:53:51 +01:00
André Klitzing
962ea5690c Add elliptic curve support to QSsl
Add possibility to get length and other information of EC based
certificates. Also it is possible to parse those public/private
keys from PEM and DER encoded files.

Based on patch by Remco Bloemen

[ChangeLog][QtNetwork][SSL/TLS support] It is now possible to
parse elliptic curve certificates.

Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b
Task-number: QTBUG-18972
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2015-01-18 10:18:43 +01:00
Friedemann Kleint
205f68f8ad Fix assorted MSVC warnings in tests.
tst_collections.cpp
tst_collections.cpp(3138) : warning C4305: 'argument' : truncation from 'size_t' to 'bool'
        tst_collections.cpp(3190) : see reference to function template instantiation 'void testContainerTypedefs<QVector<int>>(Container)' being compiled
        with[Container=QVector<int>]
(repeated)
tst_qringbuffer.cpp(297) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
tst_qringbuffer.cpp(300) : warning C4309: '=' : truncation of constant value
tst_qringbuffer.cpp(306) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
tst_qrawfont.cpp(947) : warning C4309: 'argument' : truncation of constant value
tst_qsslsocket_onDemandCertificates_member.cpp(217) : warning C4189: 'rootCertLoadingAllowed' : local variable is initialized but not referenced

Change-Id: I6143d4ad121088a0d5bdd6dd2637eb3641a26096
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
2015-01-17 12:06:59 +01:00
Jeremy Lainé
14d1097f45 ssl: store socket in setEmptyDefaultConfiguration
The setEmptyDefaultConfiguration test creates a socket and connects its
sslErrors signal to tst_QSslSocket's ignoreErrorSlot slot. This slot
expects the socket to have been stored in tst_QsslSocket's "socket"
member, which was not being done. This patch fixes this problem.

It does beg the question of whether having a "socket" member in the
tst_QSslSocket class is a good idea as it is error prone.

Change-Id: Ic59d1789c5f1ed240c3f0c37981f6ecc35572f0d
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-12-13 08:32:19 +01:00
Simon Hausmann
015002fec9 Merge remote-tracking branch 'origin/5.4' into dev
Conflicts:
	doc/global/template/style/online.css
	mkspecs/android-g++/qmake.conf

Change-Id: Ib39ea7bd42f5ae12e82a3bc59a66787a16bdfc61
2014-12-10 07:58:06 +01:00
Jeremy Lainé
0a1d7f6151 ssl: merge and tighten sslErrors and peerVerifyError tests
The sslErrors and peerVerifyError test the same situation: connect to a
server which is using the fluke certificate, using the incorrect host name.
They connect respectively to qt-test-server:993 and the.server.ip.address:443.

The sslErrors is prone to backend-dependent failures concerning the order
in which SSL errors are received, just like the peerVerifyError test was
until recently.

This change merges these two tests into one, which is run against the same
two servers as previously. It also adds a check to ensure that sslErrors
and peerVerifyError emit the same SSL errors (regardless of order).

This also fixes the included headers for non-OpenSSL backends.

Change-Id: Ibd5f60d24f1682989378e87729389e4b8f9efac5
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-12-09 16:58:08 +01:00
Frederik Gladhorn
3de7382044 Merge remote-tracking branch 'origin/5.4.0' into 5.4
Conflicts:
	dist/changes-5.4.0

7231e1fbe2 went into 5.4 instead of the
5.4.0 branch, thus the conflict.

Change-Id: I70b8597ab52506490dcaf700427183950d42cbd1
2014-11-27 18:12:10 +01:00
Giuseppe D'Angelo
ffbfd8eda6 SSL: Add support for selecting which curves should be used by an elliptic cipher
[ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic
curves should be used by an elliptic curve cipher.

Change-Id: If5d0d58922768b6f1375836489180e576f5a015a
Done-with: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-11-26 22:07:56 +01:00
Tony Sarajärvi
aed71b6832 Blacklist one tst_qsslsocket test
Task-number: QTBUG-29941
Change-Id: Ieb3418a2d6d88ebd399964b5df20d9fe4d6ca37b
Reviewed-by: Simo Fält <simo.falt@digia.com>
2014-11-26 10:47:08 +01:00
Alejandro Exojo
f88ab80c8a Use camel case in PKCS#12 function
This makes it follow the coding style, which says to camel case acronyms too,
and makes it consistent with the rest of the class.

Change-Id: I4a1b21de1815530e476fc5aa8a0d41c724fc8021
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: hjk <hjk121@nokiamail.com>
2014-11-24 08:50:05 +01:00
Paul Olav Tvete
85a4aaa5ce Fix invalid qmake syntax
Task-number: QTBUG-42549
Change-Id: I57ba3150e3a3b915faf0356d8a3f89801eb4963e
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Reviewed-by: Timur Pocheptsov <Timur.Pocheptsov@digia.com>
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@theqtcompany.com>
2014-11-19 10:34:24 +01:00
Allan Sandfeld Jensen
3fd2d9eff8 Update QSsl::SecureProtocols to not include Sslv3
After the poodle vulnerability SSLv3 should like SSLv2 no longer be
considered safe, so when a user request a safe protocol we should
only allow TLS versions.

[ChangeLog][QtNetwork][QSsl] QSsl::SecureProtocols now also excludes SSLv3

Change-Id: If825f6beb599294b028d706903b39db6b20be519
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-10-24 12:46:26 +02:00
Marc Mutz
32dfbd6dbf Add qHash(QSslError) overload
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslError), so
make it public.

Also included both .error() and .certificate() in the hash, as
both of these are used to determine equality (the WinRT version
only used .error()).

[ChangeLog][QtNetwork][QSslError] Can now be used in QSet/QHash.

Change-Id: Ieb7995bed491ff011d4be9dad544248b56fd4f73
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-10-19 07:32:41 +02:00
Marc Mutz
e8bdc949fc Add qHash(QSslCertificate) overload
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslCertificate), so
make it public.

Also, the implementation in qsslsocket_winrt.cpp simply hashed
the handle(), which violates the principle that equal instances
must hash to the same value. Also, for some platforms, the
implementation returns nullptr unconditionally, which, while not
violating the above-mentioned principle, will make all users of
the hash have worst-case complexity.

To calculate a meaningful hash, therefore, the certificate needs
to be inspected deeper than just the handle.

For OpenSSL, we use X509::sha1_hash, which also X509_cmp uses
internally to determine inequality (it checks more stuff, but
if X059::sha1_hash is different, X509_cmp() returns non-zero,
which is sufficient for the purposes of qHash()). sha1_hash may
not be up-to-date, though, so we call X509_cmp to make it valid.
Ugh.

For WinRT/Qt, we use the DER encoding, as that is the native
storage format used in QSslCertificate. This is not equivalent
to the implementation used in qsslsocket_winrt.cpp before, but
since handle() == handle() => toDer() == toDer(), it should not
be a problem.

[ChangeLog][QtNetwork][QSslCertificate] Can now be used as a key in QSet/QHash.

Change-Id: I10858fe648c70fc9535af6913dd3b7f3b2cf0eba
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
2014-10-19 07:32:37 +02:00
Marc Mutz
10e5bcf9d0 tst_QSslError: cleanup unused functions
Change-Id: I4db7399e533805e1dddaa76d5a609d2006a97da6
Reviewed-by: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
2014-09-26 00:39:37 +02:00
Matti Paaso
974c210835 Update license headers and add new license files
- Renamed LICENSE.LGPL to LICENSE.LGPLv21
- Added LICENSE.LGPLv3
- Removed LICENSE.GPL

Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2
Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
2014-09-24 12:26:19 +02:00
Jeremy Lainé
070fcf9ce1 ssl: common certificate parser support for extensions
This makes non-OpenSSL backends able to handle to certificate
extensions.

This also converts the Q_OS_WINRT #ifdef's in the unit test to
QT_NO_OPENSSL as the behavior is the same for any non-OpenSSL
backend.

Change-Id: I6a8306dc5c97a659ec96063d5a59cee2ee9a63a9
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-05 14:20:44 +02:00
Jeremy Lainé
863f598b65 ssl: make peerVerifyError test agnostic of error order
Currently the peerVerifyError test for QSslSocket makes an assumption
about the order in which SSL errors are emitted by peerVerifyError. This
assumption does not necessarily hold for non-OpenSSL backends.

This change fixes this assumption, and also checks that HostNameMismatch
was found both in the errors emitted by peerVerifyError and by sslErrors.

Change-Id: I856d1ea43b36332db0f178d35fc14a4bb18ad673
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-05 12:20:25 +02:00
Jeremy Lainé
7b1dad8021 ssl: enable non-OpenSSL backends to compile QSslSocket tests
Some of the QSslSocket tests use OpenSSL-specific symbols. This
change fixes this issue.

Change-Id: Ib67efa42a15facaf0ad34fc0466341a37d945d1e
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-09-05 12:20:02 +02:00
Jeremy Lainé
bdb30abcd2 ssl: add support for ASN.1 boolean values
This adds support for reading and writing ASN.1 boolean
values. It also adds an operator to test two ASN.1 elements
for equality.

Change-Id: I4a22cbf9808533d593fc59d27b63caaf650b1f57
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-03 17:28:02 +02:00
Jeremy Lainé
f750979b70 ssl: check critical certificate extensions
This adds a test for a QSslCertificate containing extensions which
are marked as critical.

Change-Id: I314e1f5c9943bcad5d43129a97f9f834882dc6fb
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-03 16:10:45 +02:00
Jeremy Lainé
a02d798bbd ssl: tighten QSslCertificateExtension tests
This tightens tests performed on a certificate's extensions by checking
isCritical() and isSupported() for all extensions. It also explicitly
checks the keys when value() returns a QVariantMap.

Change-Id: If51c55be25bbcd09cc3a6712ddfea2bf9a01360f
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-03 15:07:49 +02:00
Jeremy Lainé
cd3dece750 ssl: common key parser support for encrypted keys
This adds the infrastructure for reading and writing encrypted private keys
when using non-OpenSSL backends. Each platform must provide its cryptographic
encrypt / decrypt functions.

As WinRT already uses the common parser, this commit includes an
implementation for that platform.

Done-with: Andrew Knight <andrew.knight@digia.com>
Task-number: QTBUG-40688
Change-Id: I0d153425ce63601ff03b784a111e13962061025f
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-02 23:16:25 +02:00
Jeremy Lainé
31938846ae qasn1element: add QAsn1Element::toInteger
This change adds the ability to decode ASN.1 INTEGER fields,
provided they represent a positive number of less than 64-bit.

This is needed for PKCS#12 decoding.

Change-Id: Iafb76f22383278d6773b9e879a8f3ef43c8d2c8f
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
2014-09-02 09:52:08 +02:00
Jeremy Lainé
5c3a499c9f ssl: disable (broken) i/o on DER encoded keys
QSslKey currently has methods which supposedly allow decoding and
encoding private keys as DER protected by a passphrase. This is
broken by design as explained in QTBUG-41038, as storing the encrypted
DER data alone makes no sense: such a file lacks the necessary
information about the encryption algorithm and initialization vector.

This change:

- explicitly stops using the passphrase when decoding DER in the
  constructor. The behavior is unchanged, it is not possible to
  read the encrypted DER alone.

- refuses to honor the passphrase to DER encode a private key. The toDer
  method now outputs an empty QByteArray instead of garbage.

Task-number: QTBUG-41038
Change-Id: I4281050cf1104f12d154db201a173633bfe22bd9
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-30 17:36:23 +02:00
Jeremy Lainé
2fd0afc1f8 ssl: add a test for 3DES encrypted keys
This adds a test for 3DES encrypted keys in addition to the
current DES encrypted keys.

Change-Id: I229e3ef710e9ee23efa2a3275b89d958491de4a2
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-30 17:24:05 +02:00
Oliver Wolff
5328ec7e10 winrt: complete QSslCertificate implementation
The native handle and import functions are now available for use in other
parts of the winrt backend.

Change-Id: I07e6f95b3411c3dc7c1a7a164544b18e5e435d01
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-08-30 08:20:51 +02:00
Jeremy Lainé
6a4cb8d62b ssl: Add common key parser for backends
This internal implementation of QSslKey can be used when OpenSSL is not
available. Encrypted keys are not supported, as the cryptography must
be supplied by a separate library.

With this commit, WinRT is migrated to the new implementation,
but qsslkey_winrt.cpp is left in place so that the missing crypto
implementation can be added later. This also means most of the expected
failures for that platform can be removed from the autotest.

Change-Id: I24a3ad1053bb72311613b28b3ae845aa1645a321
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-29 23:18:22 +02:00
Jeremy Lainé
d4dc3159c7 Check certificate nullity instead of handle
This changes tests which use QSslCertificate::handle() to determine
if a certificate is null to use QSslCertificate::isNull() instead.

This is required for non-OpenSSL backends which do not actually
expose a private handle.

Change-Id: I9523ba0dd00d47ba337b543ad34840125db99bfb
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-08-28 13:33:46 +02:00
Andrew Knight
ecbf6dfbf5 ssl: Share the host name matching utilities
This moves the socket backend's host name matching functions up to
QSslSocketPrivate so that they can be shared between backends. This
works, as there is no OpenSSL-specific code here.

Change-Id: I73c2081fdc2e60a44c90e90800d1e1877391a626
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-08-27 15:03:58 +02:00
Jeremy Lainé
4040bc21ab Added QAsn1Element
This element can be used for backends that do not offer all the
information that is needed when implementing a ssl certificate backend.
WinRT and the SecureTransport lack functionality in this area for
example.

The sources and tests are added for ssl and openssl configurations in order
to be tested. The condition for adding these can be changed as soon
as they are used by an actual implementation

Change-Id: I2b836133105afdc178bf3b1ee7d732bea069effa
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-08-24 06:01:05 +02:00
Andrew Knight
8c864ac498 winrt: Add partial SSL key support
This allows for opening of public key files. It does not, however,
support opening private keys (or decrypting/encrypting them). This is
due to limitations in the native API.

Nearly all public key tests pass (the native API doesn't support the
40-bit key in the test set). The private key tests are expected to fail.

Task-number: QTBUG-40688
Change-Id: Id8f2f1ae6526540736ceb2e5371f6a5d80c4ba7b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
2014-08-13 21:09:51 +02:00
Frederik Gladhorn
f035786021 Merge remote-tracking branch 'origin/5.3' into dev
Change-Id: Ia12ffdb27ecdf25c2a2bdb0eed1945387502108a
2014-07-10 10:11:11 +02:00
Peter Hartmann
916c9d469b QSslCertificate: blacklist NIC certificates from India
Those intermediate certificates were used to issue "unauthorized"
certificates according to
http://googleonlinesecurity.blogspot.de/2014/07/maintaining-digital-certificate-security.html
, and are by default trusted on Windows, so to be safe we blacklist
them here.

Change-Id: I9891c5bee2dd82c22eb0f45e9b04abd25efeb596
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-07-09 21:30:11 +02:00
Richard J. Moore
1a8788d966 Move the PKCS#12 support from QSslSocket to QSslCertificate.
Discussed with Peter and agreed that it's a slightly better fit there.

Change-Id: If8db777336e2273670a23d75d8542b30c07e0d7b
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-14 11:08:01 +02:00
Frederik Gladhorn
ff334fd574 Merge "Merge remote-tracking branch 'origin/stable' into dev" into refs/staging/dev 2014-05-13 16:08:01 +02:00
Frederik Gladhorn
b5552bab40 Merge remote-tracking branch 'origin/stable' into dev
Manually changed enum to LibGL in
    src/plugins/platforms/xcb/qglxintegration.cpp

Change-Id: If34ee6cce3d1d51fb4bb1fdfa59c30389ea0d207
2014-05-13 14:21:22 +02:00
Richard J. Moore
50e8e95385 Add support for loading PKCS#12 bundles.
Add support for loading certificates and keys from PKCS#12 bundles
(also known as pfx files).

Task-number: QTBUG-1565

[ChangeLog][QtNetwork][QSslSocket] Support for loading PKCS#12
bundles was added. These are often used to transport keys and
certificates conveniently, particularly when making use of
client certificates.

Change-Id: Idaeb2cb4dac4b19881a5c99c7c0a7eea00c2b207
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
2014-05-11 23:50:03 +02:00
Frederik Gladhorn
1326cd15f7 Merge remote-tracking branch 'origin/stable' into dev
Conflicts:
	mkspecs/qnx-x86-qcc/qplatformdefs.h
	src/corelib/global/qglobal.h
	src/opengl/gl2paintengineex/qpaintengineex_opengl2.cpp
	src/opengl/qgl.cpp
	src/opengl/qglpixelbuffer.cpp
	src/opengl/qglshaderprogram.cpp
	tests/auto/opengl/qglthreads/tst_qglthreads.cpp

Change-Id: Iaba137884d3526a139000ca26fee02bb27b5cdb5
2014-05-06 16:50:03 +02:00
Richard J. Moore
9b1746c499 Add autotest for the QSslCertificate QIODevice constructor.
Change-Id: I92fa083665509932b75ff1037904a6f78a950fd6
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-06 16:35:56 +02:00
Richard J. Moore
1d6695451f Add an autotest the QSslCertificate::version() method works.
Change-Id: Ife5b7206fd3d7af57cfca3c0f28f56bb53ede7a7
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-06 16:35:56 +02:00
Daniel Molkentin
ae7bbe3400 Provide new API: QSslCertificate::isSelfSigned()
Change-Id: I382a017a0b865b849667301aff8b2f87b676ecc6
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-04-30 01:30:08 +02:00
Frederik Gladhorn
dda9b5325f Add missing #ifndef QT_NO_SSL
Change-Id: I2912dcca77270582f6e989b8b3fb72b82f6f70d6
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-04-25 10:55:31 +02:00
Richard J. Moore
814a1c7b2b Support for DH and ECDH key exchange for QSslSocket servers
Despite supporting DH and ECDH key exchange as a client, Qt did not provide
any default parameters which prevented them being used as a server. A
future change should allow the user to control the parameters used, but
these defaults should be okay for most users.

[ChangeLog][Important Behavior Changes] Support for DH and ECDH key exchange
cipher suites when acting as an SSL server has been made possible. This
change means the you can now implement servers that offer forward-secrecy
using Qt.

Task-number: QTBUG-20666
Change-Id: I469163900e4313da9d2d0c3e1e5e47ef46320b17
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-04-09 20:53:06 +02:00
Friedemann Kleint
5b00bb39f2 Polish tst_qsslsocket a bit.
Output the SSL library version, output socket error string on connection
failure consistently, silence numerous warnings about QIODevice not
being open in tst_QSslSocket::constructing.

Change-Id: Ia23d42de5b2daca55b2f6f50af025d61e99c52a0
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-03-26 07:22:35 +01:00
Sergio Ahumada
699ba50744 QtNetwork tests: Remove DEFINES += QT_DISABLE_DEPRECATED_BEFORE=0
Change-Id: If1cc5fafddc41ed19dd818caf294c69cd4969216
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-02-25 16:47:13 +01:00
Frederik Gladhorn
46791c08e1 Merge "Merge remote-tracking branch 'origin/stable' into dev" into refs/staging/dev 2014-01-21 17:57:54 +01:00
Richard J. Moore
5c19fad8c1 Ensure weak ciphers are not part of the default SSL configuration.
Any cipher that is < 128 bits is excluded from the default SSL
configuration. These ciphers are still included in the list
of availableCiphers() and can be used by applications if required.
Calling QSslSocket::setDefaultCiphers(QSslSocket::availableCiphers())
will restore the old behavior.

Note that in doing so I spotted that calling defaultCiphers() before
doing other actions with SSL had an existing bug that I've addressed
as part of the change.

[ChangeLog][Important Behavior Changes] The default set of
ciphers used by QSslSocket has been changed to exclude ciphers that are
using key lengths smaller than 128 bits. These ciphers are still available
and can be enabled by applications if required.

Change-Id: If2241dda67b624e5febf788efa1369f38c6b1dba
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2014-01-21 03:41:34 +01:00
Frederik Gladhorn
9033977d39 Merge remote-tracking branch 'origin/stable' into dev
Conflicts:
	src/corelib/global/qglobal.h
	src/corelib/tools/qstring.cpp
	src/gui/image/image.pri
	src/gui/image/qimage.cpp
	src/plugins/platforms/cocoa/qcocoawindow.h
	src/plugins/platforms/cocoa/qcocoawindow.mm
	src/plugins/platforms/eglfs/qeglfshooks_stub.cpp
	tests/auto/corelib/io/qstandardpaths/tst_qstandardpaths.cpp

Change-Id: I3b9ba029c8f2263b011f204fdf68c3231c6d4ce5
2014-01-20 18:18:59 +01:00
Richard J. Moore
7c8131763d Prevent spurious SSL errors from local certificates.
Qt since approximately 4.4 has set the verify callback on both the SSL
store and the SSL context. Only the latter is actually needed. This is
normally not a problem, but openssl prior to 1.0.2 uses the verify
code to find the intermediate certificates for any local certificate
that has been set which can lead to verification errors for the local
certificate to be emitted.

Task-number: QTBUG-33228
Task-number: QTBUG-7200
Task-number: QTBUG-24234
Change-Id: Ie4115e7f7faa1267ea9b807c01b1ed6604c4a16c
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
2014-01-16 21:57:06 +01:00
Frederik Gladhorn
3f3be55835 Merge remote-tracking branch 'origin/stable' into dev
Conflicts:
	src/gui/kernel/qplatformtheme.h
	tests/auto/network/socket/qudpsocket/tst_qudpsocket.cpp
	tests/auto/widgets/widgets/qspinbox/tst_qspinbox.cpp

Change-Id: Iecd3343d6a050b8764f78d809c4a1532aeba69e5
2013-12-16 16:59:33 +01:00
Peter Hartmann
7eecbb0718 SSL: blacklist ANSSI intermediate certificate
... because it was used to operate a man-in-the-middle proxy.

Task-number: QTBUG-35474
Change-Id: Ic7f19708b278b866e4f06533cbd84e0ff43357e9
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-12-10 15:14:22 +01:00
Oliver Wolff
1efe5d4b41 WinRT: Fixed compilation of network autotests and benchmarks
Change-Id: Id689f199cfb22dce231cec36faba57ab958b1bac
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
2013-12-06 15:06:47 +01:00
Sergio Ahumada
7978cef796 tests: Make the QT assignments more explicit
Remove unused 'QT -= gui' and replace some others with
'QT = core ...'

Change-Id: I2d14fae963afc21dbd21a4acdbba2c30cdf8fa61
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
2013-08-21 19:05:52 +02:00
Sergio Ahumada
b0b754632e test: Skip some more qsslsocket flaky tests [part 2]
Task-number: QTBUG-29941
Change-Id: I28e71f952fcade6ab0aa76db71a1e2f408952830
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-08-16 17:08:24 +02:00
Sergio Ahumada
983fa9b5cb test: Skip some more qsslsocket flaky tests
Task-number: QTBUG-29941
Change-Id: Iaf1c4834ef36db284464184639a1ab00928510cf
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2013-08-13 17:08:13 +02:00
Sergio Ahumada
d6522b70ad test: Skip some flaky tests, but only if they are expected to fail
Task-number: QTBUG-29941
Change-Id: Ieca736c26711fa292855b3281229282628dce608
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-08-10 22:31:42 +02:00
Peter Hartmann
e145b67fbd SSL internals: do not write after shutting down the socket
... but rather throw an error, so the HTTP layer can recover from a SSL
shutdown gracefully. In case the other side sent us a shutdown, we should
not send one as well, as it results in an error.

Change-Id: Ie7a56cf3008b6ead912aade18dbec67846e2a87e
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-04-23 23:22:43 +02:00
Samuel Rødal
2ab9b747fc Merge remote-tracking branch 'gerrit/release' into stable
Conflicts:
	configure
	mkspecs/features/qt_module_headers.prf
	mkspecs/features/qt_tool.prf
	src/angle/angle.pro
	src/tools/bootstrap/bootstrap.pro
	tests/auto/widgets/kernel/qwidget/tst_qwidget.cpp

Change-Id: Ide5759fe419a50f1c944211a48f7c66f662684e0
2013-03-21 08:49:01 +01:00
Samuel Rødal
678320788e Skip unstable tst_QSslSocket test case.
The connection to qt-project.org seems to be the one that causes this
particular test case to fail.

Task-number: QTBUG-29941
Change-Id: Ie5e430646997e86e3acb04132cd90a1773a091da
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2013-03-20 16:11:40 +01:00
Oswald Buddenhagen
76c0be34cd Merge branch 'dev' into stable
This starts Qt 5.1 release cycle

Conflicts:
	src/gui/text/qfontdatabase.cpp
	src/gui/text/qharfbuzz_copy_p.h
	src/widgets/kernel/qapplication.cpp
	src/widgets/kernel/qcoreapplication.cpp

Change-Id: I72fbf83ab3c2206aeea1b089428b0fc2a89bd62b
2013-03-20 13:49:28 +01:00
Axel Waggershauser
b11317a643 Whitespace cleanup: remove trailing whitespace
Remove all trailing whitespace from the following list of files:
*.cpp *.h *.conf *.qdoc *.pro *.pri *.mm *.rc *.pl *.qps *.xpm *.txt *README
excluding 3rdparty, test-data and auto generated code.

Note A): the only non 3rdparty c++-files that still
have trailing whitespace after this change are:
* src/corelib/codecs/cp949codetbl_p.h
* src/corelib/codecs/qjpunicode.cpp
* src/corelib/codecs/qbig5codec.cpp
* src/corelib/xml/qxmlstream_p.h
* src/tools/qdoc/qmlparser/qqmljsgrammar.cpp
* src/tools/uic/ui4.cpp
* tests/auto/other/qtokenautomaton/tokenizers/*
* tests/benchmarks/corelib/tools/qstring/data.cpp
* util/lexgen/tokenizer.cpp

Note B): in about 30 files some overlapping 'leading tab' and
'TAB character in non-leading whitespace' issues have been fixed
to make the sanity bot happy. Plus some general ws-fixes here
and there as asked for during review.

Change-Id: Ia713113c34d82442d6ce4d93d8b1cf545075d11d
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
2013-03-16 20:22:50 +01:00
Stephen Kelly
ff84d2258f Don't fail on tst_QSslSocket::setReadBufferSize_task_250027
It is flakey and often blocks integration.

Task-number: QTBUG-29730

Change-Id: I8acfc243ec6a6782b7f7d78fc27827f3fdc1ce52
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
2013-03-15 10:04:03 +01:00
Richard Moore
7898080ca7 Add support for intermediate certificates to server sockets.
Add intermediate certificates to our server sockets, and to our client
certs.

Change-Id: Ib5aa575473f9e84f337bebe35099506dd7d7e2ba
Task-Number: QTBUG-19825
Task-Number: QTBUG-13281
Reviewed-by: Peter Hartmann <phartmann@rim.com>
2013-02-19 21:37:24 +01:00
Richard Moore
4a07519877 Store the local certificate in a QList.
Instead of storing a single QSslCertificate for a the local cert, store
a list of them. This will allow us to handle server sockets that use a
certificate that is not issued directly from the CA root in future.

Change-Id: I9a36b9a99daa9c0bdd17f61b4ce1a7da746f2e96
Reviewed-by: Peter Hartmann <phartmann@rim.com>
2013-02-19 21:37:14 +01:00
Frederik Gladhorn
f4900d340a Merge remote-tracking branch 'origin/stable' into dev
Conflicts:
	src/widgets/styles/qmacstyle_mac.mm

Change-Id: If8326db9e7da3cbf45dbf7475fdff9915c7723b1
2013-02-18 16:14:52 +01:00
Giuseppe D'Angelo
e88011357e Merge "Merge remote-tracking branch 'origin/stable' into dev" into refs/staging/dev 2013-02-17 20:31:38 +01:00
Tor Arne Vestbø
2df8884bc6 Skip tst_QSslSocket::setReadBufferSize_task_250027()
It's flakey and is blocking integration. Tracked in QTBUG-29730.

Change-Id: Ia5b8f952314bf2e1aa6dbb5c5c0a97e32e68d0f6
Reviewed-by: Tor Arne Vestbø <tor.arne.vestbo@digia.com>
2013-02-17 20:31:31 +01:00
Frederik Gladhorn
e432d53883 Only compile SSL tests when openssl is available.
Change-Id: I79fc705f30fb84e86bd7d674d90fbbe2d1a124ba
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-02-13 23:56:41 +01:00
Friedemann Kleint
9a74bbf34f Fix developer-build of qsslsocket_onDemandCertificates_member.
Do not include qsslsocket_p.h unless SSL is present.

Change-Id: I7e56b7758729907892d85f97d5a9d3ccaf7a3314
Reviewed-by: Peter Hartmann <phartmann@rim.com>
2013-02-12 17:56:10 +01:00
BogDan Vatra
934afb5c57 Fix loading of SSL certificate of DER files.
DER certificates should not be opened as text files, so we
only pass the QIODevice::Text flag when the format is
QSsl::Pem.

Change-Id: I4bad98023c397b967d5beeec0aaa6c414e06fd9c
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-02-08 17:37:51 +01:00
Peter Hartmann
7d757fc8fe QSslSocket tests: use qt-project.org as test server instd of codereview
Change-Id: I1f3a860bf1ab24c30001059b7bcbb19fba7cbc1d
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
2013-01-29 13:00:38 +01:00
Sze Howe Koh
7bb43454b8 Fix minor typos in docs, printed messages & comments
Missing apostrophes

Change-Id: I3ef5e9d494fb7a37f8e6075f24cd3a274e572c23
Reviewed-by: Jerome Pasion <jerome.pasion@digia.com>
2013-01-28 18:12:41 +01:00
Peter Hartmann
ce35c0db0d QSslConfiguration: toggle on demand loading of root certs properly
make sure we keep track of when we can load root certs and when we
cannot (we cannot when the developer set the certs explicitly). This is
implemented the same way for QSslSocket already, and needs to be
duplicated because we have 2 methods for setting CA certificates: one in
QSslSocket and one in QSslConfiguration.
In addition, adapt the auto test which checks whether setting a default
QSslConfiguration works: There is no way to set on demand loading
through the API, so it should be enabled by default.

Task-number: QTBUG-29103
Change-Id: I5146128aaa385dfcc0ad1e0ef81a92d9350ec5f2
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-01-23 19:36:07 +01:00
Sergio Ahumada
48e0c4df23 Update copyright year in Digia's license headers
Change-Id: Ic804938fc352291d011800d21e549c10acac66fb
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
2013-01-18 09:07:35 +01:00
Peter Hartmann
bf5e7fb265 SSL certificates: blacklist mis-issued Turktrust certificates
Those certificates have erroneously set the CA attribute to true,
meaning everybody in possesion of their keys can issue certificates on
their own.

Task-number: QTBUG-28937

Change-Id: Iff351e590ad3e6ab802e6fa1d65a9a9a9f7683de
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2013-01-04 15:19:17 +01:00
Sergio Ahumada
83188c6499 test: Change trolltech.com:443 to qt-project.org:443
trolltech.com seems to be shut down already

Change-Id: Ic90ce01aeb51b6f154b9bbf4762c365a398c9e3d
Reviewed-by: Simo Fält <simo.falt@digia.com>
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
2013-01-03 11:32:17 +01:00
Stephen Kelly
348c5bd19a Fix some typos in QProcess and QSslSocket unit tests.
The QSslSocket one is both wrong and redundant as there is a
Q_DECLARE_METATYPE for it already.

Change-Id: I63d065abfb3d0e3d82a8b1f29a6752b7676db847
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
2012-12-04 14:41:43 +01:00
Janne Anttila
0c1bbf0386 SSL certificate printing: Fix auto test for OpenSSL 1.0.1 version.
Different OpenSSL versions  produce slightly different output when
dumping a certificate.

Change-Id: Ida98b24422302e287641be074d6740ca292cf203
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-11-02 03:58:16 +01:00
Marc Mutz
a4ffbfefe7 normalise signal/slot signatures [QtNetwork tests]
Change-Id: I2491cfe421a811d00759224da03580b3dcc2a091
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2012-10-19 00:44:54 +02:00
Iikka Eklund
be15856f61 Change copyrights from Nokia to Digia
Change copyrights and license headers from Nokia to Digia

Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
2012-09-22 19:20:11 +02:00
Richard Moore
5ea896fbc6 Disable SSL compression by default.
Disable SSL compression by default since this appears to be the a likely
cause of the currently hyped CRIME attack.

Change-Id: I515fcc46f5199acf938e9e880a4345f2d405b2a3
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Peter Hartmann <phartmann@rim.com>
2012-09-18 14:12:17 +02:00
Brendan Long
860f95946b Add support for explicit TLS 1.1 and 1.2
Add SslProtocol enums TlsV1_1 and TlsV1_2 and use the appropriate OpenSSL
methods when they're selected (TLSv1_1_client_method, TLSv1_2_client_method,
TLSv1_1_server_method and TLSv1_2_server_method). This allows us to
explicitly use TLS 1.1 or 1.2.

Task-number: QTBUG-26866
Change-Id: I159da548546fa746c20e9e96bc0e5b785e4e761b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2012-08-29 14:22:54 +02:00
Thiago Macieira
672b5b7ab6 Set the Qt API level to compatibility mode in all tests.
Qt 5.0 beta requires changing the default to the 5.0 API, disabling
the deprecated code. However, tests should test (and often do) the
compatibility API too, so turn it back on.

Task-number: QTBUG-25053
Change-Id: I8129c3ef3cb58541c95a32d083850d9e7f768927
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
2012-08-01 15:37:46 +02:00
Marc Mutz
79b742b7e0 QtNetwork: use nullary version of qRegisterMetaType<T>("T")
Using the nullary version has the advantage that multiple calls
during a program run are much more efficient, since an inlined
atomic is used to store the result. It also ensures that
Q_DECLARE_METATYPE(T) has been used, whereas qRegisterMetaType<T>("T")
will happily register anything. So I've added the macro where it
was missing, or moved it to a central place when it existed
hidden.

In tst_qnetworkreply, this became a bit tricky, because a private
header is conditionally included, so moved the Q_DECLARE_METATYPE()
into a conditional section, too.

Change-Id: I71484523e4277f4697b7d4b2ddc3505375162727
Reviewed-by: Stephen Kelly <stephen.kelly@kdab.com>
2012-07-25 19:32:41 +02:00
Martin Petersson
6c59cdecee QSslCertificate::fromPath fix wildcard handling
The reqExp used to handle wildcards in the path was broken. So we
always searched the working directory and not the specified path.
Autotest where passing because of a hack used for Windows paths
where we removed the first two chars in the path string.

This fix will not use nativeSeparators thus removing the Windows hack
and fix the regExp to match wildcard chars.

Task-number: QTBUG-23573
Change-Id: I56fadbb67f25b8ce9c0f17cb6232e0bdb9148b1c
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2012-07-03 01:09:33 +02:00
Rohan McGovern
f4dd033f41 Fixed qsslsocket_onDemandCertificates_{static,member}
This test had been XFAILing since August 2011, but recently started to
XPASS, possibly due to changes in the SSL setup on the tested host
(qt.nokia.com).

Removed QEXPECT_FAIL and replaced qt.nokia.com with
codereview.qt-project.org as a host expected to have working SSL.  (If
SSL on the latter were broken, it would immediately be detected by
any attempts at git over HTTPS.)

SSL setup can be verified as working by:

  openssl s_client -CApath /etc/ssl/certs \
    -connect codereview.qt-project.org:443 </dev/null

Task-number: QTBUG-20983
Change-Id: I9b4146da6545ab4115d6308044b1d242dd52b7f9
Reviewed-by: Kalle Lehtonen <kalle.ju.lehtonen@nokia.com>
2012-06-28 02:18:42 +02:00
Mitch Curtis
05d980664f Make QIODevice::seek() return false for sequential files.
Task-number: QTBUG-18173
Change-Id: Ie3a96d3a6f60995b8ba7823153778869d0c2dc58
Reviewed-by: Andy Shaw <andy.shaw@digia.com>
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@nokia.com>
2012-06-05 13:12:58 +02:00
Rohan McGovern
dd3e4f1dbe Set explicit testcase.timeout for slow tests
We'd like to decrease the default timeout for tests in the Qt Project CI
so that we waste less time waiting for hanging tests.

Tests which genuinely take a long time to run, such as these, should
have their timeout explicitly set in their .pro file.

Change-Id: I4fe6249e9efa764b230251d73a1115c24411e168
Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com>
Reviewed-by: Kalle Lehtonen <kalle.ju.lehtonen@nokia.com>
2012-05-29 09:39:18 +02:00
Rohan McGovern
177070cb7b Add CONFIG+=parallel_test to suspected parallel-safe tests.
These tests have passed a parallel stress test on all three of Linux,
Mac, Windows.  Mark them with CONFIG+=parallel_test to allow CI to run
them in parallel, saving time.

Change-Id: I19fd333c3c645a67374ca998f6c8530dd236b0f8
Reviewed-by: Toby Tomkins <toby.tomkins@nokia.com>
2012-05-28 07:33:01 +02:00