Skip to content

Instantly share code, notes, and snippets.

@mkrautz

mkrautz/qt5-dhparams-support.patch Secret

Last active August 29, 2015 14:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mkrautz/699f3c7fb22f48b7059c to your computer and use it in GitHub Desktop.
Save mkrautz/699f3c7fb22f48b7059c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
qt5-dhparams-support.patch
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.cpp
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.cpp 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.cpp 2015-05-24 02:28:27.284623884 +0200
@@ -744,6 +744,33 @@ void QSslConfiguration::setEllipticCurve
}
/*!
+ \internal
+
+ \since 5.6
+
+ Retrieves the current set of Diffie-Hellman parameters.
+ The default is the 1024-bit MODP Group from RFC 2409.
+ */
+QSslDiffieHellmanParameters QSslConfiguration::diffieHellmanParameters() const
+{
+ return d->dhParams;
+}
+
+/*!
+ \since 5.6
+
+ Sets a custom set of Diffie-Hellman parameters to be used by this socket when functioning as
+ a server.
+
+ If no Diffie-Hellman parameters are set, the server will default to using the 1024-bit MODP Group
+ from RFC 2409.
+ */
+void QSslConfiguration::setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams)
+{
+ d->dhParams = dhparams;
+}
+
+/*!
\since 5.3
This function returns the protocol negotiated with the server
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.h
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.h 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.h 2015-05-24 02:28:27.284623884 +0200
@@ -63,6 +63,7 @@ class QSslCertificate;
class QSslCipher;
class QSslKey;
class QSslEllipticCurve;
+class QSslDiffieHellmanParameters;
class QSslConfigurationPrivate;
class Q_NETWORK_EXPORT QSslConfiguration
@@ -127,6 +128,9 @@ public:
QVector<QSslEllipticCurve> ellipticCurves() const;
void setEllipticCurves(const QVector<QSslEllipticCurve> &curves);
+ QSslDiffieHellmanParameters diffieHellmanParameters() const;
+ void setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams);
+
static QSslConfiguration defaultConfiguration();
static void setDefaultConfiguration(const QSslConfiguration &configuration);
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration_p.h
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration_p.h 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration_p.h 2015-05-24 02:28:27.284623884 +0200
@@ -67,6 +67,7 @@
#include "qsslcipher.h"
#include "qsslkey.h"
#include "qsslellipticcurve.h"
+#include "qssldiffiehellmanparameters.h"
QT_BEGIN_NAMESPACE
@@ -81,6 +82,10 @@ public:
allowRootCertOnDemandLoading(true),
peerSessionShared(false),
sslOptions(QSslConfigurationPrivate::defaultSslOptions),
+ dhParams(QByteArray::fromBase64(
+ QByteArrayLiteral("MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" \
+ "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" \
+ "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC")), QSsl::Der),
sslSessionTicketLifeTimeHint(-1),
nextProtocolNegotiationStatus(QSslConfiguration::NextProtocolNegotiationNone)
{ }
@@ -110,6 +115,8 @@ public:
QVector<QSslEllipticCurve> ellipticCurves;
+ QSslDiffieHellmanParameters dhParams;
+
QByteArray sslSession;
int sslSessionTicketLifeTimeHint;
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslcontext_openssl.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslcontext_openssl.cpp
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-05-24 02:28:27.284623884 +0200
@@ -35,6 +35,7 @@
#include <QtNetwork/qsslsocket.h>
+#include <QtNetwork/qssldiffiehellmanparameters.h>
#include <QtCore/qmutex.h>
#include "private/qssl_p.h"
@@ -42,6 +43,7 @@
#include "private/qsslsocket_p.h"
#include "private/qsslsocket_openssl_p.h"
#include "private/qsslsocket_openssl_symbols_p.h"
+#include "private/qssldiffiehellmanparameters_p.h"
QT_BEGIN_NAMESPACE
@@ -49,22 +51,6 @@ QT_BEGIN_NAMESPACE
extern int q_X509Callback(int ok, X509_STORE_CTX *ctx);
extern QString getErrorsFromOpenSsl();
-static DH *get_dh1024()
-{
- // Default DH params
- // 1024-bit MODP Group
- // From RFC 2409
- QByteArray params = QByteArray::fromBase64(
- QByteArrayLiteral("MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" \
- "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" \
- "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC"));
-
- const char *ptr = params.constData();
- DH *dh = q_d2i_DHparams(NULL, reinterpret_cast<const unsigned char **>(&ptr), params.length());
-
- return dh;
-}
-
QSslContext::QSslContext()
: ctx(0),
pkey(0),
@@ -316,10 +302,14 @@ init_context:
sslContext->setSessionASN1(configuration.sessionTicket());
// Set temp DH params
- DH *dh = 0;
- dh = get_dh1024();
- q_SSL_CTX_set_tmp_dh(sslContext->ctx, dh);
- q_DH_free(dh);
+ QSslDiffieHellmanParameters dhparams = configuration.diffieHellmanParameters();
+ if (!dhparams.isNull()) {
+ const QByteArray &params = dhparams.d.data()->derData;
+ const char *ptr = params.constData();
+ DH *dh = q_d2i_DHparams(NULL, reinterpret_cast<const unsigned char **>(&ptr), params.length());
+ q_SSL_CTX_set_tmp_dh(sslContext->ctx, dh);
+ q_DH_free(dh);
+ }
#ifndef OPENSSL_NO_EC
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp 1970-01-01 01:00:00.000000000 +0100
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp 2015-05-24 02:28:27.284623884 +0200
@@ -0,0 +1,165 @@
+/****************************************************************************
+**
+** Copyright (C) 2015 The Qt Company Ltd.
+** Contact: http://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL21$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see http://www.qt.io/terms-conditions. For further
+** information use the contact form at http://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** As a special exception, The Qt Company gives you certain additional
+** rights. These rights are described in The Qt Company LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+
+/*!
+ \class QSslDiffieHellmanParameters
+ \brief The QSslDiffieHellmanParameters class provides an interface for Diffie-Hellman parameters for servers.
+ \since 5.6
+
+ \reentrant
+ \ingroup network
+ \ingroup ssl
+ \ingroup shared
+ \inmodule QtNetwork
+
+ QSslDiffieHellmanParameters provides an interface for setting Diffie-Hellman parameters to servers based on QSslSocket.
+
+ \sa QSslSocket, QSslCipher
+*/
+
+#include "qssldiffiehellmanparameters.h"
+#include "qssldiffiehellmanparameters_p.h"
+#include "qsslsocket.h"
+#include "qsslsocket_p.h"
+
+#include <QtCore/qatomic.h>
+#include <QtCore/qbytearray.h>
+#include <QtCore/qbytearraymatcher.h>
+#include <QtCore/qiodevice.h>
+#ifndef QT_NO_DEBUG_STREAM
+#include <QtCore/qdebug.h>
+#endif
+
+QT_BEGIN_NAMESPACE
+
+/*!
+ Constructs a null key.
+
+ \sa isNull()
+*/
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters()
+ : d(new QSslDiffieHellmanParametersPrivate)
+{
+}
+
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(const QByteArray &encoded, QSsl::EncodingFormat encoding)
+ : d(new QSslDiffieHellmanParametersPrivate)
+{
+ if (encoding == QSsl::Der)
+ d->decodeDer(encoded);
+ else
+ d->decodePem(encoded);
+}
+
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(QIODevice *device, QSsl::EncodingFormat encoding)
+ : d(new QSslDiffieHellmanParametersPrivate)
+{
+ QByteArray encoded;
+ if (device)
+ encoded = device->readAll();
+ if (encoding == QSsl::Der)
+ d->decodeDer(encoded);
+ else
+ d->decodePem(encoded);
+}
+
+/*!
+ Constructs an identical copy of \a other.
+*/
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(const QSslDiffieHellmanParameters &other) : d(other.d)
+{
+}
+
+/*!
+ Destroys the QSslDiffieHellmanParameters object.
+*/
+QSslDiffieHellmanParameters::~QSslDiffieHellmanParameters()
+{
+}
+
+/*!
+ Copies the contents of \a other into this QSslDiffieHellmanParameters, making the two QSslDiffieHellmanParameters
+ identical.
+
+ Returns a reference to this QSslDiffieHellmanParameters.
+*/
+QSslDiffieHellmanParameters &QSslDiffieHellmanParameters::operator=(const QSslDiffieHellmanParameters &other)
+{
+ d = other.d;
+ return *this;
+}
+
+/*!
+ \fn void QSslDiffieHellmanParameters::swap(QSslDiffieHellmanParameters &other)
+ \since 5.0
+
+ Swaps this QSslDiffieHellmanParameters with \a other. This function is very fast and
+ never fails.
+*/
+
+/*!
+ Returns \c true if this is a null QSslDiffieHellmanParameters; otherwise false.
+
+ \sa clear()
+*/
+bool QSslDiffieHellmanParameters::isNull() const
+{
+ return d->derData.isNull();
+}
+
+/*!
+ Returns \c true if this key is equal to \a other; otherwise returns \c false.
+*/
+bool QSslDiffieHellmanParameters::operator==(const QSslDiffieHellmanParameters &other) const
+{
+ return d->derData == other.d->derData;
+}
+
+/*! \fn bool QSslDiffieHellmanParameters::operator!=(const QSslDiffieHellmanParameters &other) const
+
+ Returns \c true if this QSslDiffieHellmanParameters is not equal to \a other; otherwise
+ returns \c false.
+*/
+
+#ifndef QT_NO_DEBUG_STREAM
+QDebug operator<<(QDebug debug, const QSslDiffieHellmanParameters &)
+{
+ QDebugStateSaver saver(debug);
+ debug.resetFormat().nospace();
+ debug << "QSslDiffieHellmanParameters()";
+ return debug;
+}
+#endif
+
+QT_END_NAMESPACE
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.h
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.h 1970-01-01 01:00:00.000000000 +0100
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.h 2015-05-24 02:28:27.284623884 +0200
@@ -0,0 +1,85 @@
+/****************************************************************************
+**
+** Copyright (C) 2015 The Qt Company Ltd.
+** Contact: http://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL21$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see http://www.qt.io/terms-conditions. For further
+** information use the contact form at http://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** As a special exception, The Qt Company gives you certain additional
+** rights. These rights are described in The Qt Company LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+
+#ifndef QSSLDIFFIEHELLMANPARAMETERS_H
+#define QSSLDIFFIEHELLMANPARAMETERS_H
+
+#include <QtCore/qnamespace.h>
+#include <QtCore/qbytearray.h>
+#include <QtCore/qsharedpointer.h>
+#include <QtNetwork/qssl.h>
+
+QT_BEGIN_NAMESPACE
+
+
+#ifndef QT_NO_SSL
+
+class QIODevice;
+
+class QSslContext;
+class QSslDiffieHellmanParametersPrivate;
+class Q_NETWORK_EXPORT QSslDiffieHellmanParameters
+{
+public:
+ QSslDiffieHellmanParameters();
+ QSslDiffieHellmanParameters(const QByteArray &encoded, QSsl::EncodingFormat format = QSsl::Pem);
+ QSslDiffieHellmanParameters(QIODevice *device, QSsl::EncodingFormat format = QSsl::Pem);
+ QSslDiffieHellmanParameters(const QSslDiffieHellmanParameters &other);
+ ~QSslDiffieHellmanParameters();
+ QSslDiffieHellmanParameters &operator=(const QSslDiffieHellmanParameters &other);
+
+ inline void swap(QSslDiffieHellmanParameters &other) { qSwap(d, other.d); }
+
+ bool isNull() const;
+
+ bool operator==(const QSslDiffieHellmanParameters &dhparams) const;
+ inline bool operator!=(const QSslDiffieHellmanParameters &dhparams) const { return !operator==(dhparams); }
+
+private:
+ QExplicitlySharedDataPointer<QSslDiffieHellmanParametersPrivate> d;
+ friend class QSslContext;
+};
+
+Q_DECLARE_SHARED(QSslDiffieHellmanParameters)
+
+#ifndef QT_NO_DEBUG_STREAM
+class QDebug;
+Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, const QSslDiffieHellmanParameters &dhparams);
+#endif
+
+#endif // QT_NO_SSL
+
+QT_END_NAMESPACE
+
+#endif
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp 1970-01-01 01:00:00.000000000 +0100
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp 2015-05-24 02:28:27.284623884 +0200
@@ -0,0 +1,117 @@
+/****************************************************************************
+**
+** Copyright (C) 2015 The Qt Company Ltd.
+** Contact: http://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL21$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see http://www.qt.io/terms-conditions. For further
+** information use the contact form at http://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** As a special exception, The Qt Company gives you certain additional
+** rights. These rights are described in The Qt Company LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+
+#include "qssldiffiehellmanparameters.h"
+#include "qssldiffiehellmanparameters_p.h"
+#include "qsslsocket_openssl_symbols_p.h"
+#include "qsslsocket.h"
+#include "qsslsocket_p.h"
+
+#include <QtCore/qatomic.h>
+#include <QtCore/qbytearray.h>
+#include <QtCore/qiodevice.h>
+#ifndef QT_NO_DEBUG_STREAM
+#include <QtCore/qdebug.h>
+#endif
+
+QT_BEGIN_NAMESPACE
+
+static bool isGoodDH(DH *dh) {
+ int status = 0;
+ int bad = 0;
+
+ if (dh == NULL) {
+ return false;
+ }
+
+ if (q_DH_check(dh, &status) != 1) {
+ return false;
+ }
+
+ bad |= DH_CHECK_P_NOT_PRIME;
+ bad |= DH_CHECK_P_NOT_SAFE_PRIME;
+ bad |= DH_NOT_SUITABLE_GENERATOR;
+
+ if ((status & bad) != 0) {
+ return false;
+ }
+
+ return true;
+}
+
+void QSslDiffieHellmanParametersPrivate::decodeDer(const QByteArray &der)
+{
+ const unsigned char *data = reinterpret_cast<const unsigned char *>(der.data());
+ int len = der.size();
+
+ DH *dh = q_d2i_DHparams(NULL, &data, len);
+
+ if (isGoodDH(dh)) {
+ derData = der;
+ }
+
+ q_DH_free(dh);
+}
+
+void QSslDiffieHellmanParametersPrivate::decodePem(const QByteArray &pem)
+{
+ if (pem.isEmpty()) {
+ return;
+ }
+
+ if (!QSslSocket::supportsSsl()) {
+ return;
+ }
+
+ BIO *bio = q_BIO_new_mem_buf(const_cast<char *>(pem.data()), pem.size());
+ if (!bio) {
+ return;
+ }
+
+ DH *dh = NULL;
+ q_PEM_read_bio_DHparams(bio, &dh, 0, 0);
+
+ if (isGoodDH(dh)) {
+ char *buf = NULL;
+ int len = q_i2d_DHparams(dh, reinterpret_cast<unsigned char **>(&buf));
+ if (len > 0) {
+ derData = QByteArray(buf, len);
+ }
+ }
+
+ q_DH_free(dh);
+ q_BIO_free(bio);
+}
+
+QT_END_NAMESPACE
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h 1970-01-01 01:00:00.000000000 +0100
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h 2015-05-25 06:25:56.003409816 +0200
@@ -0,0 +1,77 @@
+/****************************************************************************
+**
+** Copyright (C) 2015 The Qt Company Ltd.
+** Contact: http://www.qt.io/licensing/
+**
+** This file is part of the QtNetwork module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL21$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and The Qt Company. For licensing terms
+** and conditions see http://www.qt.io/terms-conditions. For further
+** information use the contact form at http://www.qt.io/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 2.1 or version 3 as published by the Free
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the
+** following information to ensure the GNU Lesser General Public License
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
+**
+** As a special exception, The Qt Company gives you certain additional
+** rights. These rights are described in The Qt Company LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+
+#ifndef QSSLDIFFIEHELLMANPARAMETERS_P_H
+#define QSSLDIFFIEHELLMANPARAMETERS_P_H
+
+#include "qsslkey.h"
+
+//
+// W A R N I N G
+// -------------
+//
+// This file is not part of the Qt API. It exists for the convenience
+// of qssldiffiehellmanparameters.cpp. This header file may change from version to version
+// without notice, or even be removed.
+//
+// We mean it.
+//
+
+#include "qsslsocket_p.h" // includes wincrypt.h
+
+QT_BEGIN_NAMESPACE
+
+class QSslDiffieHellmanParametersPrivate
+{
+public:
+ inline QSslDiffieHellmanParametersPrivate()
+ { }
+
+ inline ~QSslDiffieHellmanParametersPrivate()
+ { }
+
+ void decodeDer(const QByteArray &der);
+ void decodePem(const QByteArray &pem);
+
+ QByteArray derData;
+
+ QAtomicInt ref;
+
+private:
+ Q_DISABLE_COPY(QSslDiffieHellmanParametersPrivate)
+};
+
+QT_END_NAMESPACE
+
+#endif // QSSLDIFFIEHELLMANPARAMETERS_P_H
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-24 02:28:27.284623884 +0200
@@ -189,6 +189,7 @@ DEFINEFUNC4(RSA *, PEM_read_bio_RSAPriva
#ifndef OPENSSL_NO_EC
DEFINEFUNC4(EC_KEY *, PEM_read_bio_ECPrivateKey, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
#endif
+DEFINEFUNC4(DH *, PEM_read_bio_DHparams, BIO *a, a, DH **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
#ifndef OPENSSL_NO_EC
@@ -400,6 +401,8 @@ DEFINEFUNC3(void, SSL_get0_next_proto_ne
DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return 0, return)
DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG)
DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return 0, return)
+DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return)
+DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return)
DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return 0, return)
#ifndef OPENSSL_NO_EC
DEFINEFUNC(EC_KEY *, EC_KEY_dup, const EC_KEY *ec, ec, return 0, return)
@@ -789,6 +792,7 @@ bool q_resolveOpenSslSymbols()
#ifndef OPENSSL_NO_EC
RESOLVEFUNC(PEM_read_bio_ECPrivateKey)
#endif
+ RESOLVEFUNC(PEM_read_bio_DHparams)
RESOLVEFUNC(PEM_write_bio_DSAPrivateKey)
RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
#ifndef OPENSSL_NO_EC
@@ -948,6 +952,8 @@ bool q_resolveOpenSslSymbols()
RESOLVEFUNC(DH_new)
RESOLVEFUNC(DH_free)
RESOLVEFUNC(d2i_DHparams)
+ RESOLVEFUNC(i2d_DHparams)
+ RESOLVEFUNC(DH_check)
RESOLVEFUNC(BN_bin2bn)
#ifndef OPENSSL_NO_EC
RESOLVEFUNC(EC_KEY_dup)
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-24 02:28:27.288623884 +0200
@@ -269,6 +269,7 @@ RSA *q_PEM_read_bio_RSAPrivateKey(BIO *a
#ifndef OPENSSL_NO_EC
EC_KEY *q_PEM_read_bio_ECPrivateKey(BIO *a, EC_KEY **b, pem_password_cb *c, void *d);
#endif
+DH *q_PEM_read_bio_DHparams(BIO *a, DH **b, pem_password_cb *c, void *d);
int q_PEM_write_bio_DSAPrivateKey(BIO *a, DSA *b, const EVP_CIPHER *c, unsigned char *d,
int e, pem_password_cb *f, void *g);
int q_PEM_write_bio_RSAPrivateKey(BIO *a, RSA *b, const EVP_CIPHER *c, unsigned char *d,
@@ -441,6 +442,8 @@ STACK_OF(X509) *q_X509_STORE_CTX_get_cha
DH *q_DH_new();
void q_DH_free(DH *dh);
DH *q_d2i_DHparams(DH **a, const unsigned char **pp, long length);
+int q_i2d_DHparams(DH *a, unsigned char **p);
+int q_DH_check(DH *dh, int *codes);
BIGNUM *q_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
#define q_SSL_CTX_set_tmp_dh(ctx, dh) q_SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TMP_DH, 0, (char *)dh)
@@ -484,6 +487,9 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
#define q_PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \
PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
bp,(char *)x,enc,kstr,klen,cb,u)
+#define q_PEM_read_bio_DHparams(bp, dh, cb, u) \
+ (DH *)q_PEM_ASN1_read_bio( \
+ (void *(*)(void**, const unsigned char**, long int))q_d2i_DHparams, PEM_STRING_DHPARAMS, bp, (void **)x, cb, u)
#endif
#define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
#define q_SSL_CTX_set_mode(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/ssl.pri qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/ssl.pri
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/ssl.pri 2015-05-07 11:55:50.000000000 +0200
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/ssl.pri 2015-05-24 02:28:27.288623884 +0200
@@ -18,7 +18,9 @@ contains(QT_CONFIG, ssl) | contains(QT_C
ssl/qsslpresharedkeyauthenticator.h \
ssl/qsslpresharedkeyauthenticator_p.h \
ssl/qsslcertificateextension.h \
- ssl/qsslcertificateextension_p.h
+ ssl/qsslcertificateextension_p.h \
+ ssl/qssldiffiehellmanparameters.h \
+ ssl/qssldiffiehellmanparameters_p.h
SOURCES += ssl/qasn1element.cpp \
ssl/qssl.cpp \
ssl/qsslcertificate.cpp \
@@ -29,7 +31,8 @@ contains(QT_CONFIG, ssl) | contains(QT_C
ssl/qsslerror.cpp \
ssl/qsslsocket.cpp \
ssl/qsslpresharedkeyauthenticator.cpp \
- ssl/qsslcertificateextension.cpp
+ ssl/qsslcertificateextension.cpp \
+ ssl/qssldiffiehellmanparameters.cpp
winrt {
HEADERS += ssl/qsslsocket_winrt_p.h
@@ -60,7 +63,8 @@ contains(QT_CONFIG, openssl) | contains(
ssl/qsslellipticcurve_openssl.cpp \
ssl/qsslkey_openssl.cpp \
ssl/qsslsocket_openssl.cpp \
- ssl/qsslsocket_openssl_symbols.cpp
+ ssl/qsslsocket_openssl_symbols.cpp \
+ ssl/qssldiffiehellmanparameters_openssl.cpp
android:!android-no-sdk: SOURCES += ssl/qsslsocket_openssl_android.cpp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment