This eliminates some code (header parsing) that can be done by
zlib already.
Add support for 'deflate' encoding.
Also do less memory copying while uncompressing.
Change-Id: I94de21e3c58b904dd91d004c375ed8cbea56cb0b
Task-Number: QTBUG-13191
Reviewed-on: http://codereview.qt.nokia.com/1314
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-by: Markus Goetz
Currently it is only possible to verify a certificate chain when
connecting to a server. This change makes it possible to verify a
chain at any time.
Change-Id: Ib70ad7b81418f880e995f391b82ce59561ededb8
Merge-request: 11
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1509
RFC 2459 "Internet X.509 Public Key Infrastructure" uses the word
"attribute" for fields in a certificate like common name, organization
etc.
Change-Id: I51e595acbe3e146acf81af21cf48e554fa9490e4
Reviewed-on: http://codereview.qt.nokia.com/1453
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Moves the code for extracting the name of an ASN1_OBJECT to a function.
We're going to need this again for implementing support for X509
extensions.
Change-Id: I43276eb375b37f5fef0d981f4003220d7e7b81ba
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1452
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Add methods that return a list of the tags in use in a certificate
issuer or subject. This means that unknown elements of these fields can
be accessed.
Change-Id: I588989e34f541b1d31cc9e97f5a85d1624ece1b1
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1451
The internals of QSslCertificate were using QString but the API used
QByteArray, this commit unifies the code. This means that we don't keep
converting things.
Change-Id: I29fc149a85b77e786a6e90e5154c62f713476599
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1450
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Previously, x509 name entries that didn't have a shortname would all be
(accidentally) stored with the tag 'UNDEF'. This commit changes things
so that they are stored using the string form of their OID.
Change-Id: I667306cc4f91b1ca84f29b986bc21daadeb089b6
Merge-request: 18
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1449
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
This commit adds accessors for both the openssl version number and the
version string. The intention here is to aid debugging by making it
possible for applications to know which version of the openssl library
has been found by the runtime linking code.
Since the version of openssl in use will depend on the installation of
the developer, the test cases merely display the version string and
number rather than verifying that any particular version is in use.
Change-Id: Ieec44f0941f99887c85c2858bab0481722d739e5
Merge-request: 12
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/1406
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
QHostInfo was leaking in the code path where it removes duplicate
name lookups after one has completed.
Task-number: QT-5121
Reviewed-by: Markus Goetz
(cherry picked from commit 73df7890923f377f19147466d9317fe1ec064b1d)
Change-Id: I26cc6a168ef8ea6cc18940300ca2eddd6777071d
Reviewed-on: http://codereview.qt.nokia.com/1363
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
AF_INET6 needs to be defined on Windows. This got undefined when
QT_NO_IPV6 was removed in 85869920bb
Change-Id: I1b4904f9561286b884324882f0f11dc29ba01416
Reviewed-on: http://codereview.qt.nokia.com/1169
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
In the cases where a DNS lookup will give you both an IPv4 and IPv6
address, this will start two connection channels at the same time.
One trying to connect using IPv4 and one on IPv6. This is done so
that we can use the fastest one for the connection. To do this we
have to do the hostlookup in the connection. The result is then
in the cache for the individual socket so it will not need to do
another lookup.
Task-number: QTBUG-16458
Change-Id: I806c20168d9c5edc2831b80f82a2bd570b36d5fa
Reviewed-on: http://codereview.qt.nokia.com/1003
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
As it turns out some test cases in QtWebKit rely on this.
Task-number: QTBUG-19556
Change-Id: I84c8abca5e9a018a4057c827fca973b8ebb39df6
Reviewed-on: http://codereview.qt.nokia.com/795
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
SSL_ctrl's prototype has changed slightly in openssl 1.0.0x - the 4th
argument is now a void* as opposed to a const void*.
gcc 4.6 doesn't allow this as an implicit cast.
Merge-request: 1239
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 007f01a7e801d5409708e4b8de8b3ead1481cf7d)
Change-Id: I4f41af981cf0762383b3fc867ec5d726e2b1e5c6
Reviewed-on: http://codereview.qt.nokia.com/821
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
THIS COMMIT BREAKS SOURCE COMPATIBILITY BETWEEN Qt 4 AND Qt 5
Qt4 assumed that there was only one entry of each type in the subject
and issuer of a certificate. This is incorrect (eg. you can have many
common names). In addition, some of the fields required by RFC3280
were not suppport. This change modifiers the API to return a list of
entries of each type and adds support for the missing fields. It also
updates the commonname matching code for SSL connections to handle
multiple entries.
Change-Id: I9457266a205def0a07c13de47094ff56ead42845
Merge-request: 5
Reviewed-on: http://codereview.qt.nokia.com/796
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@nokia.com>
Adds support for binding "dual stack" sockets (via QUdpSocket or
QTcpServer). A dual stack socket will accept incoming connections on
either IPv4 or IPv6 interfaces.
QHostAddress::Any - use this to bind a dual stack socket
QHostAddress::AnyIPv6 - use this to bind a socket for IPv6 only
QHostAddress::AnyIPv4 - use this to bind a socket for IPv4 only
Binding to a specific address rather than one of the "any" addresses
is restricting you to a protocol anyway so no behaviour change there.
IPv6 sockets were previously dual stack on some OS and v6 only on others
Any previously meant IPv4 only
This commit implemented & tested on Windows 7, Linux (Ubuntu 10.04)
and Mac OS 10.6.7.
Windows XP and server 2003 do not support dual stack sockets, even though
they can support IPv6. On those versions, QHostAddress::Any will still
bind to IPv4 0.0.0.0 (which is also the behaviour anywhere QT_NO_IPV6 is
defined)
Autotests run:
qudpsocket (includes a new test case)
qtcpserver (includes a new test case)
qtcpsocket
qnetworkreply
qhostaddress
Task-number: QTBUG-17080
Change-Id: Id486677c4f832e18dc0ff1a86c5f5fc422c9eb4f
Reviewed-on: http://codereview.qt.nokia.com/421
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Thiago Macieira <thiago.macieira@nokia.com>
Reviewed-by: Markus Goetz
apparently there are really big certificates around, so 4k might not
always be enough.
Change-Id: I84df82d117469a14b4c6db81e0ceecc1a8ba47b3
Reviewed-on: http://codereview.qt.nokia.com/554
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
Adds a function that will convert a certificate to human readable text
format using the openssl print function. This is useful for debugging
and for displaying the full details of a certificate (including those
parts not supported by the Qt API).
Change-Id: I27238d05df37f8b15ad09f8e761b06344631a9ce
Merge-request: 2
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Reviewed-on: http://codereview.qt.nokia.com/551
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Regression was introduced by 8d4cd52b6981a4e6deea7fdb77f56e40c4f3e6ba
when it failed to check when msecs == -1. This manifested visibly in KDE
failing to connect to any SSL site -- kioslaves are synchronous and use
waitForXXX(-1) (in this particular case, waitForEncrypted, which calls
waitForReadyRead).
Also, take the opportunity to convert these tests in QTcpSocket to use
port 80 (a defined service in the test server) instead of port 22.
Reviewed-by: Martin Petersson
(cherry picked from commit cb5b6799333794496269aa7e6515f96c2ac96d37)
Change-Id: I256a1e138e43fd45844976fe84cd2bc938552e47
Reviewed-on: http://codereview.qt.nokia.com/359
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
This enables external modules to also make use of them without having
access to the complete QtBase source code.
Change-Id: I056e45cba6c6798b76670b8d238dadb2d9f9c092
Task: QTBUG-19585
Reviewed-on: http://codereview.qt.nokia.com/234
Reviewed-by: Marius Storm-Olsen <marius.storm-olsen@nokia.com>
The application can normally control the amount of buffering of a
socket or QNetworkReply by using the setReadBufferSize API.
This allows the application to flow control the TCP connection, and
avoids out of memory errors when the data being downloaded is received
faster than the application can process it.
However when using a proxy, the proxy socket engine has an internal
socket which is used to communicate with the proxy server. It is not
visible to the user, and does not have awareness of the buffer size of
the external socket.
To solve this, we limit the internal sockets' buffer size to 64k bytes.
Under normal operation, the data is swiftly copied to the external
socket where the buffer can grow (or not) based on the application's
set value for read buffer size.
Task-number: QT-4966
Reviewed-by: Markus Goetz
(cherry picked from commit c4727a85eed57a4db698326a1bed4aa75b6e5284)
Change-Id: I29e6628e38b79b41c4464ba8cb772a0f03717043
Reviewed-on: http://codereview.qt.nokia.com/153
Reviewed-by: Qt Sanity Bot <qt_sanity_bot@ovi.com>
Reviewed-by: Markus Goetz
Changes in 4.8 led to a timer being created in the wrong thread.
I have restored the invokeMethod used to call startPolling() to solve
this problem.
Reviewed-By: mread
(cherry picked from commit e9e95f75e7c1e8325c2acce0087ff8677d773779)
Change-Id: I8b89fa89766679beb2d469f9bbd1f5e2233f061b
Reviewed-on: http://codereview.qt.nokia.com/138
Reviewed-by: Markus Goetz
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-staging: (21 commits)
Fixed line endings.
Update licenseheader text in source files for qtbase Qt module
New configure.exe binary
Add -qpa option on Windows
Use qglobal.h's VERSION number instead of hardcoded current version
More examples adjusted to Symbian and Maemo5. (cherry picked from commit a97b9620a584c9b1a2e006873183526b3d7e001e)
Doc: Added some details to the accessibility events API documentation.
Doc: Fixed qdoc warnings.
Doc: Fixed qdoc warnings.
Doc: Made an additional change for clarity.
Doc: Noted that the example will not work as expected with a mouse.
Doc: Fixed qdoc warnings.
Doc: Applying a pending change from previous merges.
Doc: Fixed qdoc warning.
Doc: Fixed qdoc warnings.
Doc: Applied pending fixes to API documentation.
Doc: Various fixes to documentation, some based on changes in master.
Doc: Added missing project and desktop files.
Doc: Documented the value returned when no field can be found.
Squashed commit of changes from the 4.8-temp branch.
...
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-earth-staging:
QUrl auto test: include core-private headers
QUrl TLD: fix documentation file for "Add QUrl::topLevelDomain() ..."
Add QUrl::topLevelDomain() and move TLD table from QtNetwork to QtCore
Move Qt's copy of the Mozilla public suffix list from QtNetwork
to QtCore and use it to expose a new API function QUrl::topLevelDomain().
This function returns the section of the url that is a registrar-controlled
top level domain.
QtCore now exports a couple of functions to the other Qt modules: qTopLevelDomain,
a helper function for QUrl::topLevelDomain(); and qIsEffectiveTLD(), a helper
function for QNetworkCookeieJar.
The motivation for this new API is to allow QtWebKit implement a Third-Party
Cookie blocking policy. For this QtWebKit needs to know the element of the url
that is the registry-controlled TLD. Without this knowledge it would end up
blocking third-party cookies per host rather than per registry-controlled domain.
See also https://bugs.webkit.org/show_bug.cgi?id=45455
Merge-request: 1205
Task-number: QTBUG-13601
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 154402f56dcf8303a6ce601a52215226af8d31ba)
* 'master' of git://scm.dev.nokia.troll.no/qt/qtbase-earth-staging:
add auto test for SSL certificates containing utf8 characters
fix coding style for merge request re. utf8 characters in SSL certs
Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerName
fixes minor coding issues for
"Use OpenSSL X509_NAME_ENTRY API to parse UTF8 subjectName/issuerName"
Task-number: QTBUG-7912
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit 2e8d206fd9f656cd88b797c059ef83ed3df32881)
... to be able to display non-ASCII names from subject and issuerInfo.
Task-number: QTBUG-7912
Merge-request: 922
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
(cherry picked from commit e5d94256be2525c24a8b61edd771662b7f2b8be3)
On unix systems for which QT_NO_GETIFADDRS is defined, the way that the
hardware address field is extracted from the result of a call to
qt_safe_ioctl() is incorrect. The address of the ifreq.ifr_addr struct
is taken rather than the appropriate member within that struct, sa_data,
resulting in a memory offset and subsequently the hardware address has
garbage in the first two of six fields. This commit modifies the code
to pass the sa_data member instead of the address of the struct as a
whole.
Task-number: QTBUG-19165
Merge-request: 2614
Reviewed-by: Martin Petersson
(cherry picked from commit 004ad12669ef696eeba70fd57d1eb0c67c806d1d)