-
-
Save mkrautz/699f3c7fb22f48b7059c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.cpp | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.cpp 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.cpp 2015-05-24 02:28:27.284623884 +0200 | |
@@ -744,6 +744,33 @@ void QSslConfiguration::setEllipticCurve | |
} | |
/*! | |
+ \internal | |
+ | |
+ \since 5.6 | |
+ | |
+ Retrieves the current set of Diffie-Hellman parameters. | |
+ The default is the 1024-bit MODP Group from RFC 2409. | |
+ */ | |
+QSslDiffieHellmanParameters QSslConfiguration::diffieHellmanParameters() const | |
+{ | |
+ return d->dhParams; | |
+} | |
+ | |
+/*! | |
+ \since 5.6 | |
+ | |
+ Sets a custom set of Diffie-Hellman parameters to be used by this socket when functioning as | |
+ a server. | |
+ | |
+ If no Diffie-Hellman parameters are set, the server will default to using the 1024-bit MODP Group | |
+ from RFC 2409. | |
+ */ | |
+void QSslConfiguration::setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams) | |
+{ | |
+ d->dhParams = dhparams; | |
+} | |
+ | |
+/*! | |
\since 5.3 | |
This function returns the protocol negotiated with the server | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.h | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration.h 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration.h 2015-05-24 02:28:27.284623884 +0200 | |
@@ -63,6 +63,7 @@ class QSslCertificate; | |
class QSslCipher; | |
class QSslKey; | |
class QSslEllipticCurve; | |
+class QSslDiffieHellmanParameters; | |
class QSslConfigurationPrivate; | |
class Q_NETWORK_EXPORT QSslConfiguration | |
@@ -127,6 +128,9 @@ public: | |
QVector<QSslEllipticCurve> ellipticCurves() const; | |
void setEllipticCurves(const QVector<QSslEllipticCurve> &curves); | |
+ QSslDiffieHellmanParameters diffieHellmanParameters() const; | |
+ void setDiffieHellmanParameters(const QSslDiffieHellmanParameters &dhparams); | |
+ | |
static QSslConfiguration defaultConfiguration(); | |
static void setDefaultConfiguration(const QSslConfiguration &configuration); | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration_p.h | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslconfiguration_p.h 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslconfiguration_p.h 2015-05-24 02:28:27.284623884 +0200 | |
@@ -67,6 +67,7 @@ | |
#include "qsslcipher.h" | |
#include "qsslkey.h" | |
#include "qsslellipticcurve.h" | |
+#include "qssldiffiehellmanparameters.h" | |
QT_BEGIN_NAMESPACE | |
@@ -81,6 +82,10 @@ public: | |
allowRootCertOnDemandLoading(true), | |
peerSessionShared(false), | |
sslOptions(QSslConfigurationPrivate::defaultSslOptions), | |
+ dhParams(QByteArray::fromBase64( | |
+ QByteArrayLiteral("MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" \ | |
+ "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" \ | |
+ "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC")), QSsl::Der), | |
sslSessionTicketLifeTimeHint(-1), | |
nextProtocolNegotiationStatus(QSslConfiguration::NextProtocolNegotiationNone) | |
{ } | |
@@ -110,6 +115,8 @@ public: | |
QVector<QSslEllipticCurve> ellipticCurves; | |
+ QSslDiffieHellmanParameters dhParams; | |
+ | |
QByteArray sslSession; | |
int sslSessionTicketLifeTimeHint; | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslcontext_openssl.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslcontext_openssl.cpp | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-05-24 02:28:27.284623884 +0200 | |
@@ -35,6 +35,7 @@ | |
#include <QtNetwork/qsslsocket.h> | |
+#include <QtNetwork/qssldiffiehellmanparameters.h> | |
#include <QtCore/qmutex.h> | |
#include "private/qssl_p.h" | |
@@ -42,6 +43,7 @@ | |
#include "private/qsslsocket_p.h" | |
#include "private/qsslsocket_openssl_p.h" | |
#include "private/qsslsocket_openssl_symbols_p.h" | |
+#include "private/qssldiffiehellmanparameters_p.h" | |
QT_BEGIN_NAMESPACE | |
@@ -49,22 +51,6 @@ QT_BEGIN_NAMESPACE | |
extern int q_X509Callback(int ok, X509_STORE_CTX *ctx); | |
extern QString getErrorsFromOpenSsl(); | |
-static DH *get_dh1024() | |
-{ | |
- // Default DH params | |
- // 1024-bit MODP Group | |
- // From RFC 2409 | |
- QByteArray params = QByteArray::fromBase64( | |
- QByteArrayLiteral("MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR" \ | |
- "Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL" \ | |
- "/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC")); | |
- | |
- const char *ptr = params.constData(); | |
- DH *dh = q_d2i_DHparams(NULL, reinterpret_cast<const unsigned char **>(&ptr), params.length()); | |
- | |
- return dh; | |
-} | |
- | |
QSslContext::QSslContext() | |
: ctx(0), | |
pkey(0), | |
@@ -316,10 +302,14 @@ init_context: | |
sslContext->setSessionASN1(configuration.sessionTicket()); | |
// Set temp DH params | |
- DH *dh = 0; | |
- dh = get_dh1024(); | |
- q_SSL_CTX_set_tmp_dh(sslContext->ctx, dh); | |
- q_DH_free(dh); | |
+ QSslDiffieHellmanParameters dhparams = configuration.diffieHellmanParameters(); | |
+ if (!dhparams.isNull()) { | |
+ const QByteArray ¶ms = dhparams.d.data()->derData; | |
+ const char *ptr = params.constData(); | |
+ DH *dh = q_d2i_DHparams(NULL, reinterpret_cast<const unsigned char **>(&ptr), params.length()); | |
+ q_SSL_CTX_set_tmp_dh(sslContext->ctx, dh); | |
+ q_DH_free(dh); | |
+ } | |
#ifndef OPENSSL_NO_EC | |
#if OPENSSL_VERSION_NUMBER >= 0x10002000L | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp 1970-01-01 01:00:00.000000000 +0100 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.cpp 2015-05-24 02:28:27.284623884 +0200 | |
@@ -0,0 +1,165 @@ | |
+/**************************************************************************** | |
+** | |
+** Copyright (C) 2015 The Qt Company Ltd. | |
+** Contact: http://www.qt.io/licensing/ | |
+** | |
+** This file is part of the QtNetwork module of the Qt Toolkit. | |
+** | |
+** $QT_BEGIN_LICENSE:LGPL21$ | |
+** Commercial License Usage | |
+** Licensees holding valid commercial Qt licenses may use this file in | |
+** accordance with the commercial license agreement provided with the | |
+** Software or, alternatively, in accordance with the terms contained in | |
+** a written agreement between you and The Qt Company. For licensing terms | |
+** and conditions see http://www.qt.io/terms-conditions. For further | |
+** information use the contact form at http://www.qt.io/contact-us. | |
+** | |
+** GNU Lesser General Public License Usage | |
+** Alternatively, this file may be used under the terms of the GNU Lesser | |
+** General Public License version 2.1 or version 3 as published by the Free | |
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and | |
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the | |
+** following information to ensure the GNU Lesser General Public License | |
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and | |
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. | |
+** | |
+** As a special exception, The Qt Company gives you certain additional | |
+** rights. These rights are described in The Qt Company LGPL Exception | |
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. | |
+** | |
+** $QT_END_LICENSE$ | |
+** | |
+****************************************************************************/ | |
+ | |
+ | |
+/*! | |
+ \class QSslDiffieHellmanParameters | |
+ \brief The QSslDiffieHellmanParameters class provides an interface for Diffie-Hellman parameters for servers. | |
+ \since 5.6 | |
+ | |
+ \reentrant | |
+ \ingroup network | |
+ \ingroup ssl | |
+ \ingroup shared | |
+ \inmodule QtNetwork | |
+ | |
+ QSslDiffieHellmanParameters provides an interface for setting Diffie-Hellman parameters to servers based on QSslSocket. | |
+ | |
+ \sa QSslSocket, QSslCipher | |
+*/ | |
+ | |
+#include "qssldiffiehellmanparameters.h" | |
+#include "qssldiffiehellmanparameters_p.h" | |
+#include "qsslsocket.h" | |
+#include "qsslsocket_p.h" | |
+ | |
+#include <QtCore/qatomic.h> | |
+#include <QtCore/qbytearray.h> | |
+#include <QtCore/qbytearraymatcher.h> | |
+#include <QtCore/qiodevice.h> | |
+#ifndef QT_NO_DEBUG_STREAM | |
+#include <QtCore/qdebug.h> | |
+#endif | |
+ | |
+QT_BEGIN_NAMESPACE | |
+ | |
+/*! | |
+ Constructs a null key. | |
+ | |
+ \sa isNull() | |
+*/ | |
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters() | |
+ : d(new QSslDiffieHellmanParametersPrivate) | |
+{ | |
+} | |
+ | |
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(const QByteArray &encoded, QSsl::EncodingFormat encoding) | |
+ : d(new QSslDiffieHellmanParametersPrivate) | |
+{ | |
+ if (encoding == QSsl::Der) | |
+ d->decodeDer(encoded); | |
+ else | |
+ d->decodePem(encoded); | |
+} | |
+ | |
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(QIODevice *device, QSsl::EncodingFormat encoding) | |
+ : d(new QSslDiffieHellmanParametersPrivate) | |
+{ | |
+ QByteArray encoded; | |
+ if (device) | |
+ encoded = device->readAll(); | |
+ if (encoding == QSsl::Der) | |
+ d->decodeDer(encoded); | |
+ else | |
+ d->decodePem(encoded); | |
+} | |
+ | |
+/*! | |
+ Constructs an identical copy of \a other. | |
+*/ | |
+QSslDiffieHellmanParameters::QSslDiffieHellmanParameters(const QSslDiffieHellmanParameters &other) : d(other.d) | |
+{ | |
+} | |
+ | |
+/*! | |
+ Destroys the QSslDiffieHellmanParameters object. | |
+*/ | |
+QSslDiffieHellmanParameters::~QSslDiffieHellmanParameters() | |
+{ | |
+} | |
+ | |
+/*! | |
+ Copies the contents of \a other into this QSslDiffieHellmanParameters, making the two QSslDiffieHellmanParameters | |
+ identical. | |
+ | |
+ Returns a reference to this QSslDiffieHellmanParameters. | |
+*/ | |
+QSslDiffieHellmanParameters &QSslDiffieHellmanParameters::operator=(const QSslDiffieHellmanParameters &other) | |
+{ | |
+ d = other.d; | |
+ return *this; | |
+} | |
+ | |
+/*! | |
+ \fn void QSslDiffieHellmanParameters::swap(QSslDiffieHellmanParameters &other) | |
+ \since 5.0 | |
+ | |
+ Swaps this QSslDiffieHellmanParameters with \a other. This function is very fast and | |
+ never fails. | |
+*/ | |
+ | |
+/*! | |
+ Returns \c true if this is a null QSslDiffieHellmanParameters; otherwise false. | |
+ | |
+ \sa clear() | |
+*/ | |
+bool QSslDiffieHellmanParameters::isNull() const | |
+{ | |
+ return d->derData.isNull(); | |
+} | |
+ | |
+/*! | |
+ Returns \c true if this key is equal to \a other; otherwise returns \c false. | |
+*/ | |
+bool QSslDiffieHellmanParameters::operator==(const QSslDiffieHellmanParameters &other) const | |
+{ | |
+ return d->derData == other.d->derData; | |
+} | |
+ | |
+/*! \fn bool QSslDiffieHellmanParameters::operator!=(const QSslDiffieHellmanParameters &other) const | |
+ | |
+ Returns \c true if this QSslDiffieHellmanParameters is not equal to \a other; otherwise | |
+ returns \c false. | |
+*/ | |
+ | |
+#ifndef QT_NO_DEBUG_STREAM | |
+QDebug operator<<(QDebug debug, const QSslDiffieHellmanParameters &) | |
+{ | |
+ QDebugStateSaver saver(debug); | |
+ debug.resetFormat().nospace(); | |
+ debug << "QSslDiffieHellmanParameters()"; | |
+ return debug; | |
+} | |
+#endif | |
+ | |
+QT_END_NAMESPACE | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.h | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters.h 1970-01-01 01:00:00.000000000 +0100 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters.h 2015-05-24 02:28:27.284623884 +0200 | |
@@ -0,0 +1,85 @@ | |
+/**************************************************************************** | |
+** | |
+** Copyright (C) 2015 The Qt Company Ltd. | |
+** Contact: http://www.qt.io/licensing/ | |
+** | |
+** This file is part of the QtNetwork module of the Qt Toolkit. | |
+** | |
+** $QT_BEGIN_LICENSE:LGPL21$ | |
+** Commercial License Usage | |
+** Licensees holding valid commercial Qt licenses may use this file in | |
+** accordance with the commercial license agreement provided with the | |
+** Software or, alternatively, in accordance with the terms contained in | |
+** a written agreement between you and The Qt Company. For licensing terms | |
+** and conditions see http://www.qt.io/terms-conditions. For further | |
+** information use the contact form at http://www.qt.io/contact-us. | |
+** | |
+** GNU Lesser General Public License Usage | |
+** Alternatively, this file may be used under the terms of the GNU Lesser | |
+** General Public License version 2.1 or version 3 as published by the Free | |
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and | |
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the | |
+** following information to ensure the GNU Lesser General Public License | |
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and | |
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. | |
+** | |
+** As a special exception, The Qt Company gives you certain additional | |
+** rights. These rights are described in The Qt Company LGPL Exception | |
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. | |
+** | |
+** $QT_END_LICENSE$ | |
+** | |
+****************************************************************************/ | |
+ | |
+ | |
+#ifndef QSSLDIFFIEHELLMANPARAMETERS_H | |
+#define QSSLDIFFIEHELLMANPARAMETERS_H | |
+ | |
+#include <QtCore/qnamespace.h> | |
+#include <QtCore/qbytearray.h> | |
+#include <QtCore/qsharedpointer.h> | |
+#include <QtNetwork/qssl.h> | |
+ | |
+QT_BEGIN_NAMESPACE | |
+ | |
+ | |
+#ifndef QT_NO_SSL | |
+ | |
+class QIODevice; | |
+ | |
+class QSslContext; | |
+class QSslDiffieHellmanParametersPrivate; | |
+class Q_NETWORK_EXPORT QSslDiffieHellmanParameters | |
+{ | |
+public: | |
+ QSslDiffieHellmanParameters(); | |
+ QSslDiffieHellmanParameters(const QByteArray &encoded, QSsl::EncodingFormat format = QSsl::Pem); | |
+ QSslDiffieHellmanParameters(QIODevice *device, QSsl::EncodingFormat format = QSsl::Pem); | |
+ QSslDiffieHellmanParameters(const QSslDiffieHellmanParameters &other); | |
+ ~QSslDiffieHellmanParameters(); | |
+ QSslDiffieHellmanParameters &operator=(const QSslDiffieHellmanParameters &other); | |
+ | |
+ inline void swap(QSslDiffieHellmanParameters &other) { qSwap(d, other.d); } | |
+ | |
+ bool isNull() const; | |
+ | |
+ bool operator==(const QSslDiffieHellmanParameters &dhparams) const; | |
+ inline bool operator!=(const QSslDiffieHellmanParameters &dhparams) const { return !operator==(dhparams); } | |
+ | |
+private: | |
+ QExplicitlySharedDataPointer<QSslDiffieHellmanParametersPrivate> d; | |
+ friend class QSslContext; | |
+}; | |
+ | |
+Q_DECLARE_SHARED(QSslDiffieHellmanParameters) | |
+ | |
+#ifndef QT_NO_DEBUG_STREAM | |
+class QDebug; | |
+Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, const QSslDiffieHellmanParameters &dhparams); | |
+#endif | |
+ | |
+#endif // QT_NO_SSL | |
+ | |
+QT_END_NAMESPACE | |
+ | |
+#endif | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp 1970-01-01 01:00:00.000000000 +0100 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_openssl.cpp 2015-05-24 02:28:27.284623884 +0200 | |
@@ -0,0 +1,117 @@ | |
+/**************************************************************************** | |
+** | |
+** Copyright (C) 2015 The Qt Company Ltd. | |
+** Contact: http://www.qt.io/licensing/ | |
+** | |
+** This file is part of the QtNetwork module of the Qt Toolkit. | |
+** | |
+** $QT_BEGIN_LICENSE:LGPL21$ | |
+** Commercial License Usage | |
+** Licensees holding valid commercial Qt licenses may use this file in | |
+** accordance with the commercial license agreement provided with the | |
+** Software or, alternatively, in accordance with the terms contained in | |
+** a written agreement between you and The Qt Company. For licensing terms | |
+** and conditions see http://www.qt.io/terms-conditions. For further | |
+** information use the contact form at http://www.qt.io/contact-us. | |
+** | |
+** GNU Lesser General Public License Usage | |
+** Alternatively, this file may be used under the terms of the GNU Lesser | |
+** General Public License version 2.1 or version 3 as published by the Free | |
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and | |
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the | |
+** following information to ensure the GNU Lesser General Public License | |
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and | |
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. | |
+** | |
+** As a special exception, The Qt Company gives you certain additional | |
+** rights. These rights are described in The Qt Company LGPL Exception | |
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. | |
+** | |
+** $QT_END_LICENSE$ | |
+** | |
+****************************************************************************/ | |
+ | |
+ | |
+#include "qssldiffiehellmanparameters.h" | |
+#include "qssldiffiehellmanparameters_p.h" | |
+#include "qsslsocket_openssl_symbols_p.h" | |
+#include "qsslsocket.h" | |
+#include "qsslsocket_p.h" | |
+ | |
+#include <QtCore/qatomic.h> | |
+#include <QtCore/qbytearray.h> | |
+#include <QtCore/qiodevice.h> | |
+#ifndef QT_NO_DEBUG_STREAM | |
+#include <QtCore/qdebug.h> | |
+#endif | |
+ | |
+QT_BEGIN_NAMESPACE | |
+ | |
+static bool isGoodDH(DH *dh) { | |
+ int status = 0; | |
+ int bad = 0; | |
+ | |
+ if (dh == NULL) { | |
+ return false; | |
+ } | |
+ | |
+ if (q_DH_check(dh, &status) != 1) { | |
+ return false; | |
+ } | |
+ | |
+ bad |= DH_CHECK_P_NOT_PRIME; | |
+ bad |= DH_CHECK_P_NOT_SAFE_PRIME; | |
+ bad |= DH_NOT_SUITABLE_GENERATOR; | |
+ | |
+ if ((status & bad) != 0) { | |
+ return false; | |
+ } | |
+ | |
+ return true; | |
+} | |
+ | |
+void QSslDiffieHellmanParametersPrivate::decodeDer(const QByteArray &der) | |
+{ | |
+ const unsigned char *data = reinterpret_cast<const unsigned char *>(der.data()); | |
+ int len = der.size(); | |
+ | |
+ DH *dh = q_d2i_DHparams(NULL, &data, len); | |
+ | |
+ if (isGoodDH(dh)) { | |
+ derData = der; | |
+ } | |
+ | |
+ q_DH_free(dh); | |
+} | |
+ | |
+void QSslDiffieHellmanParametersPrivate::decodePem(const QByteArray &pem) | |
+{ | |
+ if (pem.isEmpty()) { | |
+ return; | |
+ } | |
+ | |
+ if (!QSslSocket::supportsSsl()) { | |
+ return; | |
+ } | |
+ | |
+ BIO *bio = q_BIO_new_mem_buf(const_cast<char *>(pem.data()), pem.size()); | |
+ if (!bio) { | |
+ return; | |
+ } | |
+ | |
+ DH *dh = NULL; | |
+ q_PEM_read_bio_DHparams(bio, &dh, 0, 0); | |
+ | |
+ if (isGoodDH(dh)) { | |
+ char *buf = NULL; | |
+ int len = q_i2d_DHparams(dh, reinterpret_cast<unsigned char **>(&buf)); | |
+ if (len > 0) { | |
+ derData = QByteArray(buf, len); | |
+ } | |
+ } | |
+ | |
+ q_DH_free(dh); | |
+ q_BIO_free(bio); | |
+} | |
+ | |
+QT_END_NAMESPACE | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h 1970-01-01 01:00:00.000000000 +0100 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qssldiffiehellmanparameters_p.h 2015-05-25 06:25:56.003409816 +0200 | |
@@ -0,0 +1,77 @@ | |
+/**************************************************************************** | |
+** | |
+** Copyright (C) 2015 The Qt Company Ltd. | |
+** Contact: http://www.qt.io/licensing/ | |
+** | |
+** This file is part of the QtNetwork module of the Qt Toolkit. | |
+** | |
+** $QT_BEGIN_LICENSE:LGPL21$ | |
+** Commercial License Usage | |
+** Licensees holding valid commercial Qt licenses may use this file in | |
+** accordance with the commercial license agreement provided with the | |
+** Software or, alternatively, in accordance with the terms contained in | |
+** a written agreement between you and The Qt Company. For licensing terms | |
+** and conditions see http://www.qt.io/terms-conditions. For further | |
+** information use the contact form at http://www.qt.io/contact-us. | |
+** | |
+** GNU Lesser General Public License Usage | |
+** Alternatively, this file may be used under the terms of the GNU Lesser | |
+** General Public License version 2.1 or version 3 as published by the Free | |
+** Software Foundation and appearing in the file LICENSE.LGPLv21 and | |
+** LICENSE.LGPLv3 included in the packaging of this file. Please review the | |
+** following information to ensure the GNU Lesser General Public License | |
+** requirements will be met: https://www.gnu.org/licenses/lgpl.html and | |
+** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. | |
+** | |
+** As a special exception, The Qt Company gives you certain additional | |
+** rights. These rights are described in The Qt Company LGPL Exception | |
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. | |
+** | |
+** $QT_END_LICENSE$ | |
+** | |
+****************************************************************************/ | |
+ | |
+ | |
+#ifndef QSSLDIFFIEHELLMANPARAMETERS_P_H | |
+#define QSSLDIFFIEHELLMANPARAMETERS_P_H | |
+ | |
+#include "qsslkey.h" | |
+ | |
+// | |
+// W A R N I N G | |
+// ------------- | |
+// | |
+// This file is not part of the Qt API. It exists for the convenience | |
+// of qssldiffiehellmanparameters.cpp. This header file may change from version to version | |
+// without notice, or even be removed. | |
+// | |
+// We mean it. | |
+// | |
+ | |
+#include "qsslsocket_p.h" // includes wincrypt.h | |
+ | |
+QT_BEGIN_NAMESPACE | |
+ | |
+class QSslDiffieHellmanParametersPrivate | |
+{ | |
+public: | |
+ inline QSslDiffieHellmanParametersPrivate() | |
+ { } | |
+ | |
+ inline ~QSslDiffieHellmanParametersPrivate() | |
+ { } | |
+ | |
+ void decodeDer(const QByteArray &der); | |
+ void decodePem(const QByteArray &pem); | |
+ | |
+ QByteArray derData; | |
+ | |
+ QAtomicInt ref; | |
+ | |
+private: | |
+ Q_DISABLE_COPY(QSslDiffieHellmanParametersPrivate) | |
+}; | |
+ | |
+QT_END_NAMESPACE | |
+ | |
+#endif // QSSLDIFFIEHELLMANPARAMETERS_P_H | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-24 02:28:27.284623884 +0200 | |
@@ -189,6 +189,7 @@ DEFINEFUNC4(RSA *, PEM_read_bio_RSAPriva | |
#ifndef OPENSSL_NO_EC | |
DEFINEFUNC4(EC_KEY *, PEM_read_bio_ECPrivateKey, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return 0, return) | |
#endif | |
+DEFINEFUNC4(DH *, PEM_read_bio_DHparams, BIO *a, a, DH **b, b, pem_password_cb *c, c, void *d, d, return 0, return) | |
DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) | |
DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) | |
#ifndef OPENSSL_NO_EC | |
@@ -400,6 +401,8 @@ DEFINEFUNC3(void, SSL_get0_next_proto_ne | |
DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return 0, return) | |
DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG) | |
DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return 0, return) | |
+DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return) | |
+DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return) | |
DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return 0, return) | |
#ifndef OPENSSL_NO_EC | |
DEFINEFUNC(EC_KEY *, EC_KEY_dup, const EC_KEY *ec, ec, return 0, return) | |
@@ -789,6 +792,7 @@ bool q_resolveOpenSslSymbols() | |
#ifndef OPENSSL_NO_EC | |
RESOLVEFUNC(PEM_read_bio_ECPrivateKey) | |
#endif | |
+ RESOLVEFUNC(PEM_read_bio_DHparams) | |
RESOLVEFUNC(PEM_write_bio_DSAPrivateKey) | |
RESOLVEFUNC(PEM_write_bio_RSAPrivateKey) | |
#ifndef OPENSSL_NO_EC | |
@@ -948,6 +952,8 @@ bool q_resolveOpenSslSymbols() | |
RESOLVEFUNC(DH_new) | |
RESOLVEFUNC(DH_free) | |
RESOLVEFUNC(d2i_DHparams) | |
+ RESOLVEFUNC(i2d_DHparams) | |
+ RESOLVEFUNC(DH_check) | |
RESOLVEFUNC(BN_bin2bn) | |
#ifndef OPENSSL_NO_EC | |
RESOLVEFUNC(EC_KEY_dup) | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-24 02:28:27.288623884 +0200 | |
@@ -269,6 +269,7 @@ RSA *q_PEM_read_bio_RSAPrivateKey(BIO *a | |
#ifndef OPENSSL_NO_EC | |
EC_KEY *q_PEM_read_bio_ECPrivateKey(BIO *a, EC_KEY **b, pem_password_cb *c, void *d); | |
#endif | |
+DH *q_PEM_read_bio_DHparams(BIO *a, DH **b, pem_password_cb *c, void *d); | |
int q_PEM_write_bio_DSAPrivateKey(BIO *a, DSA *b, const EVP_CIPHER *c, unsigned char *d, | |
int e, pem_password_cb *f, void *g); | |
int q_PEM_write_bio_RSAPrivateKey(BIO *a, RSA *b, const EVP_CIPHER *c, unsigned char *d, | |
@@ -441,6 +442,8 @@ STACK_OF(X509) *q_X509_STORE_CTX_get_cha | |
DH *q_DH_new(); | |
void q_DH_free(DH *dh); | |
DH *q_d2i_DHparams(DH **a, const unsigned char **pp, long length); | |
+int q_i2d_DHparams(DH *a, unsigned char **p); | |
+int q_DH_check(DH *dh, int *codes); | |
BIGNUM *q_BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); | |
#define q_SSL_CTX_set_tmp_dh(ctx, dh) q_SSL_CTX_ctrl((ctx), SSL_CTRL_SET_TMP_DH, 0, (char *)dh) | |
@@ -484,6 +487,9 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign | |
#define q_PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \ | |
PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ | |
bp,(char *)x,enc,kstr,klen,cb,u) | |
+#define q_PEM_read_bio_DHparams(bp, dh, cb, u) \ | |
+ (DH *)q_PEM_ASN1_read_bio( \ | |
+ (void *(*)(void**, const unsigned char**, long int))q_d2i_DHparams, PEM_STRING_DHPARAMS, bp, (void **)x, cb, u) | |
#endif | |
#define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) | |
#define q_SSL_CTX_set_mode(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL) | |
diff -urNp qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/ssl.pri qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/ssl.pri | |
--- qt-everywhere-opensource-src-5.5.0-beta/qtbase/src/network/ssl/ssl.pri 2015-05-07 11:55:50.000000000 +0200 | |
+++ qt-everywhere-opensource-src-5.5.0-beta-dirty/qtbase/src/network/ssl/ssl.pri 2015-05-24 02:28:27.288623884 +0200 | |
@@ -18,7 +18,9 @@ contains(QT_CONFIG, ssl) | contains(QT_C | |
ssl/qsslpresharedkeyauthenticator.h \ | |
ssl/qsslpresharedkeyauthenticator_p.h \ | |
ssl/qsslcertificateextension.h \ | |
- ssl/qsslcertificateextension_p.h | |
+ ssl/qsslcertificateextension_p.h \ | |
+ ssl/qssldiffiehellmanparameters.h \ | |
+ ssl/qssldiffiehellmanparameters_p.h | |
SOURCES += ssl/qasn1element.cpp \ | |
ssl/qssl.cpp \ | |
ssl/qsslcertificate.cpp \ | |
@@ -29,7 +31,8 @@ contains(QT_CONFIG, ssl) | contains(QT_C | |
ssl/qsslerror.cpp \ | |
ssl/qsslsocket.cpp \ | |
ssl/qsslpresharedkeyauthenticator.cpp \ | |
- ssl/qsslcertificateextension.cpp | |
+ ssl/qsslcertificateextension.cpp \ | |
+ ssl/qssldiffiehellmanparameters.cpp | |
winrt { | |
HEADERS += ssl/qsslsocket_winrt_p.h | |
@@ -60,7 +63,8 @@ contains(QT_CONFIG, openssl) | contains( | |
ssl/qsslellipticcurve_openssl.cpp \ | |
ssl/qsslkey_openssl.cpp \ | |
ssl/qsslsocket_openssl.cpp \ | |
- ssl/qsslsocket_openssl_symbols.cpp | |
+ ssl/qsslsocket_openssl_symbols.cpp \ | |
+ ssl/qssldiffiehellmanparameters_openssl.cpp | |
android:!android-no-sdk: SOURCES += ssl/qsslsocket_openssl_android.cpp | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment