This reverts commit 24c52bd44b and makes
the Qt unit tests requiring DNS zones to use the temporary test zone in
macieira.org (Thiago's domain).
Change-Id: Ia0aac2f09e9245339951ffff13c6d3752c83b773
Reviewed-by: Jani Heikkinen <jani.heikkinen@theqtcompany.com>
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@digia.com>
Actually, it tests the buffered QTcpSocket. Place it in
tst_qtcpsocket.cpp instead of tst_qabstractsocket.cpp.
Change-Id: I3055c4773d0de74c238be4f11b2d1c07ddad4485
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Secure Transport relies on keychains, both client/server are constantly
updating default keychain and as a result tests are failing: when
verification is expected to fail, it succeeds; when the number of certificates
is expected to be 1 - it's 2 (Secure Transport can find certificates in a keychain).
This makes verifyClientCertificate test quite useless at the moment - QSKIP it.
Change-Id: I578398b4912a86dc60f585ac5a1bdd0098914005
Reviewed-by: Richard J. Moore <rich@kde.org>
There are more than 1000 new entries since the table has been
generated the last time.
Some auto tests needed to be adjusted, because some entries in
the TLD table were removed while others were added.
Change-Id: I4ceec392836d2031dfef49a0c5a857c31b36bb4c
Reviewed-by: Richard J. Moore <rich@kde.org>
QAbstractSocket::close() always calls QIODevice::close(), which resets
QIODevice's internal read buffer. So it makes no sense to make same calls
from disconnectFromHost(). This made the closeCalled private member
superfluous.
Change-Id: I4ec64e9711490e44e737763e4ed7fb41bffe2556
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.
Outdated header.LGPL removed (use header.LGPL21 instead)
Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)
Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination
Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
This adds tests to check the behavior of a QSslSocket-based server when
presented with various client certificates.
Change-Id: I431157e46cfb00880ae8b7a33015cce50e56b6bb
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Move these types to QAsn1Element so that they can use the toString()
method which guards against malicious ASN.1.
Change-Id: I7d6155147a6fc2d41da6f3ae87551b6cb75aa9ce
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
We don't currently use this class for critical things like hostname
verification however we still want to ensure that it is not possible
to trick it using ASN.1 strings with embedded NUL characters. This will
avoid problems in the future.
Change-Id: Ibf3bc142a94fc9cad5f06db50f375399a087f9dc
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Add support for SSL on iOS/OS X by adding a SecureTransport based
backend.
[ChangeLog][QtNetwork][QSslSocket] A new SSL backend for iOS and OS X,
implemented with Apple's Secure Transport (Security Framework).
Change-Id: I7466db471be2a8a2170f9af9d6ad4c7b6425738b
Reviewed-by: Richard J. Moore <rich@kde.org>
Mainly because of a change in certificates which is causing failing
tests.
Change-Id: I8304e5ac4107428a250b71be5df7b5399a811017
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@digia.com>
Mainly because of a change in certificates which is causing failing
tests. This patch is cherry-picked from
https://codereview.qt-project.org/104619/
Change-Id: I8304e5ac4107428a250b71be5df7b5399a811017
Reviewed-by: Richard J. Moore <rich@kde.org>
[ChangeLog][QtNetwork][QSslSocket] It is now possible to use TLS PSK
ciphersuites in client sockets.
Task-number: QTBUG-39077
Change-Id: I5523a2be33d46230c6f4106c322fab8a5afa37b4
Reviewed-by: Richard J. Moore <rich@kde.org>
The documentation says that QUdpSocket emits readyRead() only for one
datagram and that if you don't read it, the class will not emit again.
That should be implemented by disabling of the socket notifier once we
have the datagram already read, but was broken.
In turn, that breakage caused a live-lock of the event loop: since we
didn't disable the notifier nor read the pending datagram, the event
loop would fire every time for the same datagram.
The re-enabling of the notifier was already working.
Task-number: QTBUG-43857
Change-Id: Ic5d393bfd36e48a193fcffff13bb32ad390b5fe8
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Since the conversion to a long name was already there, also support
creation from a long name.
Change-Id: Iad712db7447fb0a0a18f600b7db54da5b5b87154
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Change-Id: Ie6c659f6d8e8b3eeaf2453f0cba6189d56f86581
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Add possibility to get length and other information of EC based
certificates. Also it is possible to parse those public/private
keys from PEM and DER encoded files.
Based on patch by Remco Bloemen
[ChangeLog][QtNetwork][SSL/TLS support] It is now possible to
parse elliptic curve certificates.
Change-Id: I4b11f726296aecda89c3cbd195d7c817ae6fc47b
Task-number: QTBUG-18972
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
tst_collections.cpp
tst_collections.cpp(3138) : warning C4305: 'argument' : truncation from 'size_t' to 'bool'
tst_collections.cpp(3190) : see reference to function template instantiation 'void testContainerTypedefs<QVector<int>>(Container)' being compiled
with[Container=QVector<int>]
(repeated)
tst_qringbuffer.cpp(297) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
tst_qringbuffer.cpp(300) : warning C4309: '=' : truncation of constant value
tst_qringbuffer.cpp(306) : warning C4267: 'argument' : conversion from 'size_t' to 'int', possible loss of data
tst_qrawfont.cpp(947) : warning C4309: 'argument' : truncation of constant value
tst_qsslsocket_onDemandCertificates_member.cpp(217) : warning C4189: 'rootCertLoadingAllowed' : local variable is initialized but not referenced
Change-Id: I6143d4ad121088a0d5bdd6dd2637eb3641a26096
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
Some of these tests are verifying things that are not supported
on Android, so we XFAIL these cases when we see the appropriate
error message.
Change-Id: I8245266f061c902515bb12251521159a8e19bfb7
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Linux gracefully allows us to do that and treat the v6 socket as if it
were v4. Other OS (notably OS X) aren't so forgiving.
Change-Id: I13dd3274be2a4b13e8b1eef93cbc2dd17b648f96
Reviewed-by: Richard J. Moore <rich@kde.org>
We want to use "localhost" if the server's address is "any", as some OS
can't send datagrams to "any" (e.g., OS X and FreeBSD).
Change-Id: I1004bc2282e7f930cdb7ed394aa9f4b5a1cfcf82
Reviewed-by: Richard J. Moore <rich@kde.org>
On my Mac Mini, port 5000 is in use, which means the broadcasting test
fails.
Change-Id: Ifb0883263e277f388342430349ea7315d42f324a
Reviewed-by: Richard J. Moore <rich@kde.org>
It was unconditional. Someone forgot to check for IPv6 support before
skipping IPv6 tests.
Change-Id: I7b11528ad02560f0db9defde3c64f76f48a6c1f8
Reviewed-by: Richard J. Moore <rich@kde.org>
QUdpSocket doesn't support binding to QHostAddress::Any and then joining
an IPv4 multicat group since QHostAddress::Any is really an IPv6 socket
with v6only = false. The test did check this case, but failed to ignore
the warning.
Change-Id: I62d782408319a6e566e0ff1a6081b706ac1f669c
Reviewed-by: Richard J. Moore <rich@kde.org>
With IPv6, you cannot bind to a multicast address. You need to bind to a
local address only. The previous tests either checked this or didn't
check the result of bind().
Change-Id: Ief70887d8988fc1bc4394cf6ff34b5d560e5748e
Reviewed-by: Richard J. Moore <rich@kde.org>
Sending 100*8 packets of each type of message is WAY overkill. That's a
stress test without limiting. My Linux system starts reporting EAGAIN on
the socket, so reduce the amount of data sent.
Change-Id: I153f44cf3b91d37526dac580b400114cc80b1769
Reviewed-by: Richard J. Moore <rich@kde.org>
IPv6 has no such thing, so don't try to bind to an IPv6 address to send
broadcasts (even though that works) and it's a poor idea to bind to IPv6
to receive broadcasts. Moreover, skip any IPv6 network addresses
(broadcast() is invalid).
Change-Id: I2829b042c000158565adfd92db682f37d67dacae
Reviewed-by: Richard J. Moore <rich@kde.org>
If you don't have /etc/lsb-release, you'd get
sh: line 0: [: =: unary operator expected
Change-Id: Idb5c79f799879e4d32cd640ef74fb388227f831e
Reviewed-by: Richard J. Moore <rich@kde.org>
It doesn't make sense because there is no command to ask the proxy
server to join a multicast group. At best, we could write a datagram via
proxy without joining, but we definitely can't receive.
Change-Id: Icc6b54572a053fb7821dfca1f4111f2046ff8686
Reviewed-by: Richard J. Moore <rich@kde.org>
The Qt bug tracker URL changes as part of the qt.io transition
Change-Id: Icb4ab198943b93639b5e3a8d99262303785c6459
Reviewed-by: Kai Koehne <kai.koehne@theqtcompany.com>
The setEmptyDefaultConfiguration test creates a socket and connects its
sslErrors signal to tst_QSslSocket's ignoreErrorSlot slot. This slot
expects the socket to have been stored in tst_QsslSocket's "socket"
member, which was not being done. This patch fixes this problem.
It does beg the question of whether having a "socket" member in the
tst_QSslSocket class is a good idea as it is error prone.
Change-Id: Ic59d1789c5f1ed240c3f0c37981f6ecc35572f0d
Reviewed-by: Richard J. Moore <rich@kde.org>
The sslErrors and peerVerifyError test the same situation: connect to a
server which is using the fluke certificate, using the incorrect host name.
They connect respectively to qt-test-server:993 and the.server.ip.address:443.
The sslErrors is prone to backend-dependent failures concerning the order
in which SSL errors are received, just like the peerVerifyError test was
until recently.
This change merges these two tests into one, which is run against the same
two servers as previously. It also adds a check to ensure that sslErrors
and peerVerifyError emit the same SSL errors (regardless of order).
This also fixes the included headers for non-OpenSSL backends.
Change-Id: Ibd5f60d24f1682989378e87729389e4b8f9efac5
Reviewed-by: Richard J. Moore <rich@kde.org>
Conflicts:
dist/changes-5.4.0
7231e1fbe2 went into 5.4 instead of the
5.4.0 branch, thus the conflict.
Change-Id: I70b8597ab52506490dcaf700427183950d42cbd1
[ChangeLog][QtNetwork][QtSSL] It is now possible to choose which elliptic
curves should be used by an elliptic curve cipher.
Change-Id: If5d0d58922768b6f1375836489180e576f5a015a
Done-with: Marc Mutz <marc.mutz@kdab.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This makes it follow the coding style, which says to camel case acronyms too,
and makes it consistent with the rest of the class.
Change-Id: I4a1b21de1815530e476fc5aa8a0d41c724fc8021
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: hjk <hjk121@nokiamail.com>
This patch is cherry-picked from
c38f1f19b8 and
d29d727d72
Task-number: QTBUG-32435
Change-Id: I6dbbb668b96737a5791bc688949a00bc09f1357f
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@theqtcompany.com>
This patch is cherry-picked from
63ae74f365 and
07f234d2a8
Task-number: QTBUG-42528
Change-Id: I5f86679e62a4be48ce25afa5a4987a2b6678a357
Reviewed-by: Frederik Gladhorn <frederik.gladhorn@theqtcompany.com>
After the poodle vulnerability SSLv3 should like SSLv2 no longer be
considered safe, so when a user request a safe protocol we should
only allow TLS versions.
[ChangeLog][QtNetwork][QSsl] QSsl::SecureProtocols now also excludes SSLv3
Change-Id: If825f6beb599294b028d706903b39db6b20be519
Reviewed-by: Richard J. Moore <rich@kde.org>
QNetworkDiskCache don't handle to set CookieHeader. so All Set-Cookie's value is invalid.
The root of cause is that metaDataChanged() don't work because of no slot for it.
Add the slot for it and renamed to _q_metaDataChanged.
Task-number: QTBUG-41514
Change-Id: I5cec017e59a1de69c6e89c0bc7209a73dcdc11da
Reviewed-by: Jeongmin Kim <jm86.kim@lge.com>
Reviewed-by: Jung Dong-Heon <clamp03@gmail.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslError), so
make it public.
Also included both .error() and .certificate() in the hash, as
both of these are used to determine equality (the WinRT version
only used .error()).
[ChangeLog][QtNetwork][QSslError] Can now be used in QSet/QHash.
Change-Id: Ieb7995bed491ff011d4be9dad544248b56fd4f73
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslCertificate), so
make it public.
Also, the implementation in qsslsocket_winrt.cpp simply hashed
the handle(), which violates the principle that equal instances
must hash to the same value. Also, for some platforms, the
implementation returns nullptr unconditionally, which, while not
violating the above-mentioned principle, will make all users of
the hash have worst-case complexity.
To calculate a meaningful hash, therefore, the certificate needs
to be inspected deeper than just the handle.
For OpenSSL, we use X509::sha1_hash, which also X509_cmp uses
internally to determine inequality (it checks more stuff, but
if X059::sha1_hash is different, X509_cmp() returns non-zero,
which is sufficient for the purposes of qHash()). sha1_hash may
not be up-to-date, though, so we call X509_cmp to make it valid.
Ugh.
For WinRT/Qt, we use the DER encoding, as that is the native
storage format used in QSslCertificate. This is not equivalent
to the implementation used in qsslsocket_winrt.cpp before, but
since handle() == handle() => toDer() == toDer(), it should not
be a problem.
[ChangeLog][QtNetwork][QSslCertificate] Can now be used as a key in QSet/QHash.
Change-Id: I10858fe648c70fc9535af6913dd3b7f3b2cf0eba
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
... so that a user can have more fine-grained uploadProgress signal
emissions if desired.
Change-Id: I9f77fd80c100dbe249beaf3057e6e8974680ec59
Reviewed-by: Markus Goetz <markus@woboq.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
My previous fix for CPU load issues between HTTP thread
and user thread was fragile if the upload QIODevice
emitted readyRead() multiple times.
[ChangeLog][QtNetwork][QNetworkAccessManager] Fix behavior of upload QIODevice
that generate data on readyRead() for HTTP PUT/POST
Change-Id: Idb1c2d5a382a704d8cc08fe03c55c883bfc95aa7
Reviewed-by: Christian Kamm <kamm@incasoftware.de>
Reviewed-by: Richard J. Moore <rich@kde.org>
Remove an useless check which spontaneously allow direct reads from the
socket engine.
Change-Id: Ia3d2a572d6f1563d613fe2f00d0d6849df259827
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@digia.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
tst_qcolumnview fails on OS X # QTBUG-41341
tst_qaccessibility fails on OS X # QTBUG-41340
tst_qnetworkreply fails on OS X # QTBUG-41320
tst_qfontcombobox fails on OS X # QTBUG-41318
tst_macplist fails on OS X # QTBUG-41314
tst_qgraphicsitem fails on OS X # QTBUG-41342
tst_qmdiarea fails on OS X # QTBUG-41343
tst_qtableview fails on OS X # QTBUG-41344
Change-Id: I2626aa61417336805872a807c4a6065b7e0ddb02
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
device is private, always null and class has no friends, so no need to have it at all
Change-Id: I320d47f1a712a3202c08b494563533e29d185501
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
Heuristic with last-modified time in Qt has some problems.
1) Remove redundant expirationDate.isInvalid() check
expirationDate.isInvalid is already checked. So I removed.
2) Add dateHeader.isInvalid() check
The dateHeader is used in expiration calculation.
I add invalid check for the dateHeader.
*. The dateHeader is the origin server's Date
3) Change diff time calculation.
The expirationDate is calculated with time diff.
Previous calculation is
// The lastModified is earlier than the currentDateTime.
// The diff has negative value.
int diff = currentDateTime.secsTo(lastModified);
// The expirationDate is earlier than lastModified
// , currentDateTime and dateHeader.
expirationDate = lastModified.addSecs(diff / 10);
*. currentDateTime: current time
*. lastModified: last modified date in server
It means that files are not cached with the heuristic.
I changed diff calculation.
int diff = lastModified.secsTo(dateHeader);
freshness_lifetime = diff / 10; // RFC 2616 13.2.4
4) httpRequest.headerField setting
If current_age is larger than 1 day, the cache MUST attach Warning 113.
*. The current_age is value of age in header
or elapsed time from dateHeader in Qt source code.
Previous code does not check current_age is larger than 1 day correctly.
// dt = 1970-01-01T00:00:00 + current_age
dt.setTime_t(current_age);
// currentDateTime is much bigger than 1970-01-01T00:00:00
if (dt.daysTo(currentDateTime) > 1)
Task-number: QTBUG-40836
Change-Id: I4b00c3b287e6fafeea6b02681533fe75a198247e
Reviewed-by: Jung Dong-Heon <dongheon.jung@lge.com>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
In some cases, e.g. when bad credentials are provided in an ftp URI,
QNetworkAccessAuthenticationManager::cacheCredentials is called with a
null authenticator. This authenticator should not be cached, because
it is useless, and leads to inconsistencies in the use of the cache
Task-number: QTBUG-40622
Change-Id: If2a0a422b915f268648f5eef1d68601446123371
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
This makes non-OpenSSL backends able to handle to certificate
extensions.
This also converts the Q_OS_WINRT #ifdef's in the unit test to
QT_NO_OPENSSL as the behavior is the same for any non-OpenSSL
backend.
Change-Id: I6a8306dc5c97a659ec96063d5a59cee2ee9a63a9
Reviewed-by: Richard J. Moore <rich@kde.org>
Currently the peerVerifyError test for QSslSocket makes an assumption
about the order in which SSL errors are emitted by peerVerifyError. This
assumption does not necessarily hold for non-OpenSSL backends.
This change fixes this assumption, and also checks that HostNameMismatch
was found both in the errors emitted by peerVerifyError and by sslErrors.
Change-Id: I856d1ea43b36332db0f178d35fc14a4bb18ad673
Reviewed-by: Richard J. Moore <rich@kde.org>
Some of the QSslSocket tests use OpenSSL-specific symbols. This
change fixes this issue.
Change-Id: Ib67efa42a15facaf0ad34fc0466341a37d945d1e
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This adds support for reading and writing ASN.1 boolean
values. It also adds an operator to test two ASN.1 elements
for equality.
Change-Id: I4a22cbf9808533d593fc59d27b63caaf650b1f57
Reviewed-by: Richard J. Moore <rich@kde.org>
This adds a test for a QSslCertificate containing extensions which
are marked as critical.
Change-Id: I314e1f5c9943bcad5d43129a97f9f834882dc6fb
Reviewed-by: Richard J. Moore <rich@kde.org>
This tightens tests performed on a certificate's extensions by checking
isCritical() and isSupported() for all extensions. It also explicitly
checks the keys when value() returns a QVariantMap.
Change-Id: If51c55be25bbcd09cc3a6712ddfea2bf9a01360f
Reviewed-by: Richard J. Moore <rich@kde.org>
This adds the infrastructure for reading and writing encrypted private keys
when using non-OpenSSL backends. Each platform must provide its cryptographic
encrypt / decrypt functions.
As WinRT already uses the common parser, this commit includes an
implementation for that platform.
Done-with: Andrew Knight <andrew.knight@digia.com>
Task-number: QTBUG-40688
Change-Id: I0d153425ce63601ff03b784a111e13962061025f
Reviewed-by: Richard J. Moore <rich@kde.org>
This change adds the ability to decode ASN.1 INTEGER fields,
provided they represent a positive number of less than 64-bit.
This is needed for PKCS#12 decoding.
Change-Id: Iafb76f22383278d6773b9e879a8f3ef43c8d2c8f
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
QSslKey currently has methods which supposedly allow decoding and
encoding private keys as DER protected by a passphrase. This is
broken by design as explained in QTBUG-41038, as storing the encrypted
DER data alone makes no sense: such a file lacks the necessary
information about the encryption algorithm and initialization vector.
This change:
- explicitly stops using the passphrase when decoding DER in the
constructor. The behavior is unchanged, it is not possible to
read the encrypted DER alone.
- refuses to honor the passphrase to DER encode a private key. The toDer
method now outputs an empty QByteArray instead of garbage.
Task-number: QTBUG-41038
Change-Id: I4281050cf1104f12d154db201a173633bfe22bd9
Reviewed-by: Richard J. Moore <rich@kde.org>
This adds a test for 3DES encrypted keys in addition to the
current DES encrypted keys.
Change-Id: I229e3ef710e9ee23efa2a3275b89d958491de4a2
Reviewed-by: Richard J. Moore <rich@kde.org>
The native handle and import functions are now available for use in other
parts of the winrt backend.
Change-Id: I07e6f95b3411c3dc7c1a7a164544b18e5e435d01
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This internal implementation of QSslKey can be used when OpenSSL is not
available. Encrypted keys are not supported, as the cryptography must
be supplied by a separate library.
With this commit, WinRT is migrated to the new implementation,
but qsslkey_winrt.cpp is left in place so that the missing crypto
implementation can be added later. This also means most of the expected
failures for that platform can be removed from the autotest.
Change-Id: I24a3ad1053bb72311613b28b3ae845aa1645a321
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
This changes tests which use QSslCertificate::handle() to determine
if a certificate is null to use QSslCertificate::isNull() instead.
This is required for non-OpenSSL backends which do not actually
expose a private handle.
Change-Id: I9523ba0dd00d47ba337b543ad34840125db99bfb
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
This moves the socket backend's host name matching functions up to
QSslSocketPrivate so that they can be shared between backends. This
works, as there is no OpenSSL-specific code here.
Change-Id: I73c2081fdc2e60a44c90e90800d1e1877391a626
Reviewed-by: Richard J. Moore <rich@kde.org>
This element can be used for backends that do not offer all the
information that is needed when implementing a ssl certificate backend.
WinRT and the SecureTransport lack functionality in this area for
example.
The sources and tests are added for ssl and openssl configurations in order
to be tested. The condition for adding these can be changed as soon
as they are used by an actual implementation
Change-Id: I2b836133105afdc178bf3b1ee7d732bea069effa
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
In cases where a cached ftp connection fails to connect, or a file
transfer has failed, we should removed the cached connection. Since qnam
has an idea of a single internal QFtp per full operation, when file
transfers failed previously the cached connection would be reused for
subsequent connections and thus fail.
[ChangeLog][QtNetwork][QNetworkAccessManager] QNetworkAccessManager now
properly handles FTP transfer failures by removing failed cached ftp
connections.
Task-number: QTBUG-40797
Change-Id: Ie090a39ceddd7e58a0d8baf7d01f2a08c70162e5
Reviewed-by: Richard J. Moore <rich@kde.org>
This allows for opening of public key files. It does not, however,
support opening private keys (or decrypting/encrypting them). This is
due to limitations in the native API.
Nearly all public key tests pass (the native API doesn't support the
40-bit key in the test set). The private key tests are expected to fail.
Task-number: QTBUG-40688
Change-Id: Id8f2f1ae6526540736ceb2e5371f6a5d80c4ba7b
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
This fixes high CPU load for upload devices that don't generate
a constant stream of data. Their readData() function was called all the
time without returning actual data.
This was noticed when implementing an upload device that emits data in
a limited way for bandwidth limiting.
[ChangeLog][QtNetwork][QNetworkAccessManager] Fixed high CPU load when handling
POST/upload QIODevice that generates data on readyRead().
Change-Id: Iefbcb1a21d8aedef1eb11761232dd16a049018dc
Reviewed-by: Richard J. Moore <rich@kde.org>
At the moment, there is no stream information in the cache file. This
can lead to a problem when current stream version differs from version
cache file written with.
As an example, if file written with Qt 5.1.1, QTimeDate in the metadata
stored as 13-bytes value, but Qt 5.2 and later can read additional 4
bytes which breaks following data, leading to network request just hangs
forever.
Adding stream version fixes this problem.
As cache format changed, cache version bumped.
Task-number: QTBUG-36219
Change-Id: I467d8c9fda82bcf9302192f51e7a00d2f6a9ff66
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
