This patch adds DTLS support to QtNetwork module (and its OpenSSL
back-end).
DTLS over UDP is defined by RFC 6347.
The new API consists of
1) QDtlsClientVerifier which checks if a client that sent us ClientHello
is a real DTLS client by generating a cookie, sending a HelloVerifyRequest
with this cookie attached, and then verifiying a cookie received back.
To be deployed in combination with a server-side QUdpSocket.
2) QDtls - initiates and proceeds with a TLS handshake (client or server
side), with certificates and/or pre-shared key (PSK), and encrypts/decrypts
datagrams after the handshake has finished.
This patch does not implement yet another UDP socket, instead
it allows use of existing QUdpSocket(s), by adding DTLS support
on top. OpenSSL back-end uses a custom BIO to make it work with
QUdpSocket and give a finer control over IO operations.
On the server side, demultiplexing is left to client code (could
be done either by connecting QUdpSocket or by extracting address/port
for an incoming datagram and then forwarding/dispatching them to
the corresponding QDtls object).
Task-number: QTPM-779
Change-Id: Ifcdf8586c70c3018b0c5549efc722e795f2c1c52
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
We were using the wrong free function in a path which was hit in an
edge case (PKCS#12 certificate without a private key attached).
Change-Id: I5335b5dea7a926b242bed0fd9b989b681a5828d8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Namespace QSsl: introduce DtlsV1_0/DtlsV1_2/DtlsV1_2OrLater enumerators
into SslProtocol. Implement QSslConfiguration::defaultDtlsConfiguration.
Make some functions shared - now not only QSslSocket needs them,
but also DTLS-related code. This patch-set also enables
protocol-specific set of ciphers (so for DTLS we are using
the correct method - 'DTLS_method').
Change-Id: I828fc898674aa3c0a471e8e5b94575bb50538601
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
If we pass nullptr as a buffer parameter, ERR_error_string uses
a local array with static storage duration, which makes ERR_error_string
non thread-safe. Instead we can use ERR_error_string_n with our
own buffer. As for the size: docs are inconsistent, sometimes
they say 'at least 120 bytes long', sometimes 'at least 256 ...'.
Their code (ERR_error_string implenented via call to ERR_error_string_n)
has buf[256] and so we do. I know this will enrage our Mr. Bot, but I've
removed a stray whitespace.
Change-Id: I4b8cc7b6b9af1a34fc87a760927a493332cdd0a5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
The Embedded Android build (Boot to Qt Android injection) is defined by
having both Q_OS_ANDROID and Q_OS_ANDROID_EMBEDDED flags defined,
as well as having Qt config android-embedded.
This commit enables the possibility to build embedded Android builds.
(i.e. Qt build for Android baselayer only, without JNI)
Change-Id: I8406e959fdf1c8d9efebbbe53f1a391fa25f336a
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Paul Olav Tvete <paul.tvete@qt.io>
Fix the 'shared' OpenSSL code for those our users who build with QSSLSOCKET_DEBUG
defined and OpenSSL 1.1 detected: the preprocessor-excluded fragment is using old
API. Also remove never used in this file (and commented out) macro.
Task-number: QTBUG-63170
Change-Id: Id24ccf2955f0a65e4f1dea1ecb06e10245105080
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Conflicts:
examples/examples.pro
qmake/library/qmakebuiltins.cpp
src/corelib/global/qglobal.cpp
Re-apply b525ec2 to qrandom.cpp(code movement in 030782e)
src/corelib/global/qnamespace.qdoc
src/corelib/global/qrandom.cpp
src/gui/kernel/qwindow.cpp
Re-apply a3d59c7 to QWindowPrivate::setVisible() (code movement in d7a9e08)
src/network/ssl/qsslkey_openssl.cpp
src/plugins/platforms/android/androidjniinput.cpp
src/plugins/platforms/xcb/qxcbconnection.cpp
src/plugins/platforms/xcb/qxcbconnection_xi2.cpp
src/widgets/widgets/qmenu.cpp
tests/auto/widgets/kernel/qwidget_window/tst_qwidget_window.cpp
Change-Id: If7ab427804408877a93cbe02079fca58e568bfd3
This patch avoids intermediate copying of the data by using a
new QIODevice::skip() API.
Change-Id: I358a83b21e2a58b59481745162fce1894549c0ac
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY(). So check for missing key and
fail the load, since the file is useless to us. Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.
Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)
Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This patch avoids intermediate copying of the data by writing SSL
decryption data directly into the outer socket's read buffer.
Change-Id: I19e5b6087595f280436a99fb2ca93cc6793c8f36
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>
This patch-set implements a new QSslSocket backend based on OpenSSL 1.1.
1. General.
The code in this patch was organized to achieve these (somewhat contradicting)
objectives:
- keep the new code free of #if-ery, as far as possible;
- make it easy to clean away dead code when we're eventually able to retire
out-dated OpenSSL versions;
- reduce the amount of code duplication.
If changes in some file/component were insignificant (~5 one-liners per file),
we still use pp-checks like: #if QT_CONFIG(opensslv11) ... #else ... #endif -
the logic is simple and it's still easy to clean the code if we remove the legacy
back-end. Where it saved #if-ery, we also introduced 'forward-compatible'
macros implementing equivalents of 1.1 functions using older OpenSSL.
In case some class contains a lot of version-specific ifdefs (particularly where
nested #if-ery was complex) we choose to split code into: "pre11" h/cpp files,
"shared" h/cpp files (they preserve their original names, e.g qsslsocket_openssl.cpp)
and "11" h/cpp files. If in future we remove the legacy back-end, "pre11" should be
removed; "shared" and "11" parts - merged.
2. Configuration.
We introduced a new feature 'opensslv11' which complements the pre-existing
'openssl' and 'openssl-linked' features. The 'opensslv11' feature is enabled
by a simple test which either compiles successfully or ends in a compilation
error, depending on a value of the OPENSSL_VERSION_NUMBER constant. If the
feature was enabled, we also append an additional compilation flag
-DOPENSSL_API_COMPAT=0x10100000L to make sure our new code does not contain
deprecated structures, function calls, macro-invocations from OpenSSL < 1.1.
Change-Id: I2064efbe9685def5d2bb2233a66f7581954fb74a
Reviewed-by: André Klitzing <aklitzing@gmail.com>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Fixes a few ugly code pieces I added over the years.
Change-Id: I5c06b73e858add04ea184120c6df71720baf9be3
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
For the windows file system engine, we add an extra macro to use
library loading if configured to do so, but avoid it on WinRT, as
none of the symbols would be found.
We also QT_REQUIRE_CONFIG(library) in the library headers and
exclude the sources from the build if library loading is disabled.
This, in turn, makes it necessary to clean up some header inclusions.
Change-Id: I2b152cb5b47a2658996b6f4702b038536a5704ec
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
In old versions of OpenSSL this function can try to access a config file
sometimes resulting in EACCES. While handling ENOENT correctly, OPENSSL_config
unconditionally calls std::exit on EACCES, which is unacceptable, especially if we
have a Qt-app which is not using SSL at all (but, for example, is using QNAM).
To workaround this, we pre-test if this file can be opened and if not and the
last error is ERR_R_SYS_LIB we just skip q_OPENSSL_add_all_algorithms call.
Task-number: QTBUG-43843
Change-Id: I309172d3b5e7847f67a87ba33c406d4751bc60ca
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
And blacklisted a few tests in tst_QUdpSocket.
Conflicts:
src/android/jar/src/org/qtproject/qt5/android/QtNative.java
src/corelib/global/qglobal.cpp
src/corelib/global/qsystemdetection.h
src/corelib/io/qfileselector.cpp
src/plugins/platforms/eglfs/deviceintegration/eglfs_kms_egldevice/qeglfskmsegldeviceintegration.cpp
tests/auto/network/socket/qudpsocket/BLACKLIST
Task-number: QTBUG-54205
Change-Id: I11dd1c90186eb1b847d45be87a26041f61d89ef6
If a user's code, attached to sslErrors signal, calls abort/close
or disconnectFromHost but our SSL socket was configured not to verify a peer,
no need to continue handshake after calling checkSslErrors
(and finally crashing on invalid 'ssl' pointer).
Task-number: QTBUG-53906
Change-Id: I7f185511d278f9d6f16e7d6c5ba424707141459c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
QSslSocket was not transmitting existing data after finishing its
handshake if it had to download a certificate on Windows.
Task-number: QTBUG-48816
Change-Id: Ie35b5f4ca0f6c3c40fe2394166eb31f9f72dac55
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Richard J. Moore <rich@kde.org>
... by replacing them with C++11 range-for loops.
This is the simplest of the patch series: Q_FOREACH took a
copy, so we do, too. Except we don't, since we're just
catching the return value that comes out of the function
(RVO). We can't feed the rvalues into range-for, because
they are non-const and would thus detach.
Change-Id: I42c9c44d948ab1512a69d42890187bc3cf2d7e58
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
[ChangeLog][QtNetwork][QSslSocket] TLS PSK ciphers are possible in server sockets.
Task-number: QTBUG-39077
Change-Id: Iaa854a6f50242deae5492f2e4759c727488995f5
Reviewed-by: Richard J. Moore <rich@kde.org>
ALPN and NPN should not be mutually exclusive, it's possible that our
peer does not support ALPN but does support a protocol we can negotiate
via NPN. So use them both.
Change-Id: Ib3c8066d89117efab55ac8435cc2c806c7a1ece0
Reviewed-by: Richard J. Moore <rich@kde.org>
For CoW types, prefer const methods to avoid needless detach()ing.
Mark predictNextRequest() as const, because this method
does not modify the object.
Change-Id: Ic94e2b31445ece46ab1423bf5b5f4e66d9a5b6ca
Reviewed-by: Edward Welbourne <edward.welbourne@theqtcompany.com>
Reviewed-by: Olivier Goffart (Woboq GmbH) <ogoffart@woboq.com>
It's been unused ever since it was added in
bba86a01c9.
Change-Id: I6d5bc27a0744d37f873245c92a4e6ba8fc90c062
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
... by replacing them with C++11 range-for loops.
To avoid detaches of these mutable Qt containers,
wrap the container in qAsConst().
Change-Id: I47c5308a6ad220b4c5495e55a3b0d38547bfa8d9
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
... (or trivially marked const) local variables or
parameters, by replacing them with C++11 range-for
loops.
Also ported one indexed loop.
Change-Id: Idddcac48ce7527b1ea674671ceb9aaf4d31fb42e
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
... with STL-style iterators or with algorithms.
Java-style iterators have overhead.
Introduce local template separate_if algorithm from kleopatra
project to simplify current code.
http://api.kde.org/4.3-api/kdepim-apidocs/kleopatra/html
Done-with: Marc Mutz <marc.mutz@kdab.com>
Change-Id: Ib154f80f46f8041d9cafd81bed0e1982b21541cf
Reviewed-by: Edward Welbourne <edward.welbourne@theqtcompany.com>
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Replace substring functions that return QString with
corresponding functions that return QStringRef where
it's possible.
Create QString from QStringRef only where necessary.
Change-Id: I697f776c60003629990cfd197534ffed63bafe2f
Reviewed-by: Marc Mutz <marc.mutz@kdab.com>
Cleaning out the workarounds for the discontinued "Embedded Android"
platform of Boot2Qt.
Change-Id: I0ff9d770e82a43457fb7e5da0428f4597ead4038
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@theqtcompany.com>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
Remove #ifdef sections for Q_OS_WINCE and wince .pro file clauses in library,
examples and tests.
Task-number: QTBUG-51673
Change-Id: I3706336395620522ceda414d7437295d9ec64f16
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
Application-Layer Protocol Negotiation (ALPN) - is a reworked revision
of Next Protocol Negotiation (NPN) we have in our OpenSSL code.
Can be used as a part of HTTP2 negotiation during TLS handshake.
Change-Id: I484ec528c81d4887a64749095ec292dfaec18330
Reviewed-by: Richard J. Moore <rich@kde.org>
There could be cases (mostly when compiled on old systems, since modern
openssl versions don't include such insecure ciphers) in which
defaultCiphers included a cipher that wasn't in the supported ciphers
list. With this patch we make sure that defaultCiphers is a subset of
supportedCiphers
Change-Id: I545ea21f5fd3a6ed13b366cdd56a1393233f9fc9
Reviewed-by: Richard J. Moore <rich@kde.org>
The SNI extension must not include the trailing dot, even though this
is legitimate for the host header.
Task-number: QTBUG-51821
Change-Id: Ib7a7d8b1f8f98bc99ae745b03d2b97e507adefaf
Reviewed-by: Daniel Molkentin (ownCloud) <danimo@owncloud.com>
A QList<QPair<int,int>> is one of the most dangerous ones, because
it fundamentally changes memory layout, and therefore performance
and invariants, when going from 32-bit platforms (array list) to
64-bit (vector-like).
Port to QVector instead, which has a consistent design across all
platforms.
Also port from QPair to a simple struct { code, depth }, because
member names such as 'first' and 'second' have no semantic value
and make code using them very hard to understand.
Change-Id: I86c95d78dbb2e82ec222d6eae8ba11568e3ff0af
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
This allows to remove a code duplication in several places.
Change-Id: I49f56e951682dbd2968923654a12cba5199a2502
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@theqtcompany.com>
It's a version of fromConfiguration() that returns the QSslContext
instance in a shared instead of a naked pointer.
Use it in QSslSocketBackend.
The idea here, of course, is to use QSharedPointer<T>::create(),
which co-locates the refcount with the payload in a single memory
allocation, instead of QSharedPointer<T>(new T), which causes
two allocations.
Change-Id: Ia5396fb3b291f2912fca5cd97e0aa1e45e065e55
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
From Qt 5.7 -> LGPL v2.1 isn't an option anymore, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/
Updated license headers to use new LGPL header instead of LGPL21 one
(in those files which will be under LGPL v3)
Change-Id: I046ec3e47b1876cd7b4b0353a576b352e3a946d9
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
When using cipher algorithms with forward secrecy an ephemeral key is
used to generate the symmetric session key. Beside the SSL certificate's
key, this ephemeral key is of cryptographic interest.
The ephemeral key is chosen by the server side - currently statically in
the Qt implementation - so it is only of interest on the client side to
check it. Therefore the ephemeral key is the null key if the connection
is set up in server mode or a cipher without forward secrecy is used.
Change-Id: If241247dbb8490a91233ae47f2b38952c6591bf4
Reviewed-by: Markus Goetz (Woboq GmbH) <markus@woboq.com>