Changeset 561 for trunk/src/network/ssl

trunk

Property svn:mergeinfo set to (toggle deleted branches)
/branches/vendor/nokia/qt/4.6.1 merged eligible
/branches/vendor/nokia/qt/current merged eligible
/branches/vendor/trolltech/qt/current 3-149

trunk/src/network/ssl/qssl.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \since 4.3
+    \ingroup io
+    \ingroup network
+    \ingroup ssl
     \inmodule QtNetwork
 */

trunk/src/network/ssl/qssl.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **

trunk/src/network/ssl/qsslcertificate.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 …
     certificate, its subject, and its issuer, by calling one of the
     many accessor functions, including version(), serialNumber(),
+    issuerInfo() and subjectInfo(). You can call notValidBefore() and
+    notValidAfter() to check when the certificate was issued, and when
+    it expires. The publicKey() function returns the certificate
+    issuerInfo() and subjectInfo(). You can call effectiveDate() and
+    expiryDate() to check when the certificate starts being
+    effective and when it expires.
+    The publicKey() function returns the certificate
     subject's public key as a QSslKey. You can call issuerInfo() or
     subjectInfo() to get detailed information about the certificate
 …
 QT_BEGIN_NAMESPACE
+// forward declaration
+static QMap<QString, QString> _q_mapFromOnelineName(char *name);
 /*!
     Constructs a QSslCertificate by reading \a format encoded data
 …
 QSslCertificate::QSslCertificate(const QSslCertificate &other) : d(other.d)
+{
-    d->ref.ref();
+}
 …
 QSslCertificate::~QSslCertificate()
+{
-    if (!d->ref.deref())
-        delete d;
+}
 …
 QSslCertificate &QSslCertificate::operator=(const QSslCertificate &other)
+{
     qAtomicAssign(d, other.d);
+    d = other.d;
     return *this;
+}
 …
     if (isNull())
         return;
-    if (d->ref == 1)
-        delete d;
-    else
-        d->ref.deref();
     d = new QSslCertificatePrivate;
+}
 …
 QByteArray QSslCertificate::version() const
+{
+    if (d->versionString.isEmpty() && d->x509)
+        d->versionString =
+            QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
     return d->versionString;
+}
 /*!
     Returns the certificate's serial number string.
+    Returns the certificate's serial number string in decimal format.
 */
 QByteArray QSslCertificate::serialNumber() const
+{
+    if (d->serialNumberString.isEmpty() && d->x509)
+        d->serialNumberString =
+            QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->serialNumber)));
     return d->serialNumberString;
+}
 …
 /*!
     Returns a cryptographic digest of this certificate. By default,
     and MD5 digest will be generated, but you can also specify a
+    an MD5 digest will be generated, but you can also specify a
     custom \a algorithm.
 */
 …
 QString QSslCertificate::issuerInfo(SubjectInfo info) const
+{
+    if (d->issuerInfo.isEmpty() && d->x509)
+        d->issuerInfo =
+                _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_issuer_name(d->x509), 0, 0));
     return d->issuerInfo.value(_q_SubjectInfoToString(info));
+}
 …
 QString QSslCertificate::subjectInfo(SubjectInfo info) const
+{
+    if (d->subjectInfo.isEmpty() && d->x509)
+        d->subjectInfo =
+                _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_subject_name(d->x509), 0, 0));
     return d->subjectInfo.value(_q_SubjectInfoToString(info));
+}
 …
         return result;
     STACK *altNames = (STACK *)q_X509_get_ext_d2i(d->x509, NID_subject_alt_name, 0, 0);
+    STACK_OF(GENERAL_NAME) *altNames = (STACK_OF(GENERAL_NAME)*)q_X509_get_ext_d2i(d->x509, NID_subject_alt_name, 0, 0);
     if (altNames) {
 …
             const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5));
             const QString altName = QLatin1String(QByteArray(altNameStr, len));
+            const QString altName = QString::fromLatin1(altNameStr, len);
             if (genName->type == GEN_DNS)
                 result.insert(QSsl::DnsEntry, altName);
 …
                 result.insert(QSsl::EmailEntry, altName);
+        }
         q_sk_free(altNames);
+        q_sk_pop_free((STACK*)altNames, reinterpret_cast<void(*)(void*)>(q_sk_free));
+    }
 …
     array = array.toBase64();
     QByteArray tmp;
     for (int i = 0; i < array.size() - 64; i += 64) {
+    for (int i = 0; i <= array.size() - 64; i += 64) {
         tmp += QByteArray::fromRawData(array.data() + i, 64);
         tmp += "\n";
 …
     if (!x509 || !QSslSocket::supportsSsl())
         return certificate;
-    certificate.d->issuerInfo =
-        _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_issuer_name(x509), 0, 0));
-    certificate.d->subjectInfo =
-        _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_subject_name(x509), 0, 0));
     ASN1_TIME *nbef = q_X509_get_notBefore(x509);
 …
     if (ch == '\n') {
         *offset++;
+        *offset += 1;
         return true;
+    }
 …
     debug << "QSslCertificate("
           << certificate.version()
           << "," << certificate.serialNumber()
           << "," << certificate.digest().toBase64()
           << "," << certificate.issuerInfo(QSslCertificate::Organization)
           << "," << certificate.subjectInfo(QSslCertificate::Organization)
           << "," << certificate.alternateSubjectNames()
+          << ',' << certificate.serialNumber()
+          << ',' << certificate.digest().toBase64()
+          << ',' << certificate.issuerInfo(QSslCertificate::Organization)
+          << ',' << certificate.subjectInfo(QSslCertificate::Organization)
+          << ',' << certificate.alternateSubjectNames()
 #ifndef QT_NO_TEXTSTREAM
           << "," << certificate.effectiveDate()
           << "," << certificate.expiryDate()
+          << ',' << certificate.effectiveDate()
+          << ',' << certificate.expiryDate()
 #endif
           << ")";
+          << ')';
     return debug;
+}

trunk/src/network/ssl/qsslcertificate.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 #include <QtCore/qcryptographichash.h>
 #include <QtCore/qregexp.h>
+#include <QtCore/qsharedpointer.h>
 #include <QtNetwork/qssl.h>
 …
 private:
     QSslCertificatePrivate *d;
+    QExplicitlySharedDataPointer<QSslCertificatePrivate> d;
     friend class QSslCertificatePrivate;
     friend class QSslSocketBackendPrivate;

trunk/src/network/ssl/qsslcertificate_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
+    {
         QSslSocketPrivate::ensureInitialized();
-        ref = 1;
+    }

trunk/src/network/ssl/qsslcipher.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 …
 #ifndef QT_NO_DEBUG_STREAM
 #include <QtCore/qdebug.h>
+#endif
 QT_BEGIN_NAMESPACE
-#endif
 /*!
 …
     : d(new QSslCipherPrivate)
+{
     *d = *other.d;
+    *d.data() = *other.d.data();
+}
 …
 QSslCipher::~QSslCipher()
+{
-    delete d;
+}
 …
 QSslCipher &QSslCipher::operator=(const QSslCipher &other)
+{
     *d = *other.d;
+    *d.data() = *other.d.data();
     return *this;
+}
 …
           << ", bits=" << cipher.usedBits()
           << ", proto=" << qPrintable(cipher.protocolString())
           << ")";
+          << ')';
     return debug;
+}

trunk/src/network/ssl/qsslcipher.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 #include <QtCore/qstring.h>
+#include <QtCore/qscopedpointer.h>
 #include <QtNetwork/qssl.h>
 …
 private:
     QSslCipherPrivate *d;
+    QScopedPointer<QSslCipherPrivate> d;
     friend class QSslSocketBackendPrivate;
 };

trunk/src/network/ssl/qsslcipher_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **

trunk/src/network/ssl/qsslconfiguration.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \inmodule QtNetwork
     \ingroup io
+    \ingroup network
     \ingroup ssl

trunk/src/network/ssl/qsslconfiguration.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 /****************************************************************************
 **
 ** In addition, as a special exception, Trolltech gives permission to link
+** In addition, as a special exception, Nokia gives permission to link
 ** the code of its release of Qt with the OpenSSL project's "OpenSSL" library
 ** (or modified versions of the "OpenSSL" library that use the same license

trunk/src/network/ssl/qsslconfiguration_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 /****************************************************************************
 **
 ** In addition, as a special exception, Trolltech gives permission to link
+** In addition, as a special exception, Nokia gives permission to link
 ** the code of its release of Qt with the OpenSSL project's "OpenSSL" library
 ** (or modified versions of the "OpenSSL" library that use the same license

trunk/src/network/ssl/qsslerror.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 …
 #include "qsslerror.h"
+#include "qsslsocket.h"
 #ifndef QT_NO_DEBUG_STREAM
 #include <QtCore/qdebug.h>
 …
 /*!
+    Constructs a QSslError object. The two optional arguments specify the \a
+    Constructs a QSslError object with no error and default certificate.
+*/
+// RVCT compiler in debug build does not like about default values in const-
+// So as an workaround we define all constructor overloads here explicitly
+QSslError::QSslError()
+    : d(new QSslErrorPrivate)
+{
+    d->error = QSslError::NoError;
+    d->certificate = QSslCertificate();
+}
+/*!
+    Constructs a QSslError object. The argument specifies the \a
+    error that occurred.
+*/
+QSslError::QSslError(SslError error)
+    : d(new QSslErrorPrivate)
+{
+    d->error = error;
+    d->certificate = QSslCertificate();
+}
+/*!
+    Constructs a QSslError object. The two arguments specify the \a
     error that occurred, and which \a certificate the error relates to.
 …
     : d(new QSslErrorPrivate)
+{
     *d = *other.d;
+    *d.data() = *other.d.data();
+}
 …
 QSslError::~QSslError()
+{
-    delete d;
+}
 …
 QSslError &QSslError::operator=(const QSslError &other)
+{
     *d = *other.d;
+    *d.data() = *other.d.data();
     return *this;
+}
 …
     switch (d->error) {
     case NoError:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "No error"));
+        errStr = QSslSocket::tr("No error");
         break;
     case UnableToGetIssuerCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The issuer certificate could not be found"));
+        errStr = QSslSocket::tr("The issuer certificate could not be found");
         break;
     case UnableToDecryptCertificateSignature:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate signature could not be decrypted"));
+        errStr = QSslSocket::tr("The certificate signature could not be decrypted");
         break;
     case UnableToDecodeIssuerPublicKey:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The public key in the certificate could not be read"));
+        errStr = QSslSocket::tr("The public key in the certificate could not be read");
         break;
     case CertificateSignatureFailed:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The signature of the certificate is invalid"));
+        errStr = QSslSocket::tr("The signature of the certificate is invalid");
         break;
     case CertificateNotYetValid:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate is not yet valid"));
+        errStr = QSslSocket::tr("The certificate is not yet valid");
         break;
     case CertificateExpired:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate has expired"));
+        errStr = QSslSocket::tr("The certificate has expired");
         break;
     case InvalidNotBeforeField:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate's notBefore field contains an invalid time"));
+        errStr = QSslSocket::tr("The certificate's notBefore field contains an invalid time");
         break;
     case InvalidNotAfterField:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate's notAfter field contains an invalid time"));
+        errStr = QSslSocket::tr("The certificate's notAfter field contains an invalid time");
         break;
     case SelfSignedCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The certificate is self-signed, and untrusted"));
+        errStr = QSslSocket::tr("The certificate is self-signed, and untrusted");
         break;
     case SelfSignedCertificateInChain:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root certificate of the certificate chain is self-signed, and untrusted"));
+        errStr = QSslSocket::tr("The root certificate of the certificate chain is self-signed, and untrusted");
         break;
     case UnableToGetLocalIssuerCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The issuer certificate of a locally looked up certificate could not be found"));
+        errStr = QSslSocket::tr("The issuer certificate of a locally looked up certificate could not be found");
         break;
     case UnableToVerifyFirstCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "No certificates could be verified"));
+        errStr = QSslSocket::tr("No certificates could be verified");
         break;
     case InvalidCaCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "One of the CA certificates is invalid"));
+        errStr = QSslSocket::tr("One of the CA certificates is invalid");
         break;
     case PathLengthExceeded:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The basicConstraints pathlength parameter has been exceeded"));
+        errStr = QSslSocket::tr("The basicConstraints path length parameter has been exceeded");
         break;
     case InvalidPurpose:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The supplied certificate is unsuited for this purpose"));
+        errStr = QSslSocket::tr("The supplied certificate is unsuitable for this purpose");
         break;
     case CertificateUntrusted:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root CA certificate is not trusted for this purpose"));
+        errStr = QSslSocket::tr("The root CA certificate is not trusted for this purpose");
         break;
     case CertificateRejected:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The root CA certificate is marked to reject the specified purpose"));
+        errStr = QSslSocket::tr("The root CA certificate is marked to reject the specified purpose");
         break;
     case SubjectIssuerMismatch: // hostname mismatch
+        errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError,
+                                               "The current candidate issuer certificate was rejected because its"
+                                               " subject name did not match the issuer name of the current certificate"));
+        errStr = QSslSocket::tr("The current candidate issuer certificate was rejected because its"
+                                " subject name did not match the issuer name of the current certificate");
         break;
     case AuthorityIssuerSerialNumberMismatch:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The current candidate issuer certificate was rejected because"
                                                " its issuer name and serial number was present and did not match the"
                                                " authority key identifier of the current certificate"));
+        errStr = QSslSocket::tr("The current candidate issuer certificate was rejected because"
+                             " its issuer name and serial number was present and did not match the"
+                             " authority key identifier of the current certificate");
         break;
     case NoPeerCertificate:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "The peer did not present any certificate"));
+        errStr = QSslSocket::tr("The peer did not present any certificate");
         break;
     case HostNameMismatch:
+        errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError,
+                                               "The host name did not match any of the valid hosts"
+                                               " for this certificate"));
+        errStr = QSslSocket::tr("The host name did not match any of the valid hosts"
+                             " for this certificate");
         break;
     case NoSslSupport:
         break;
     default:
         errStr = QObject::tr(QT_TRANSLATE_NOOP(QSslError, "Unknown error"));
+        errStr = QSslSocket::tr("Unknown error");
         break;
+    }

trunk/src/network/ssl/qsslerror.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     };
+    QSslError(SslError error = NoError, const QSslCertificate &certificate = QSslCertificate());
+    // RVCT compiler in debug build does not like about default values in const-
+    // So as an workaround we define all constructor overloads here explicitly
+    QSslError();
+    QSslError(SslError error);
+    QSslError(SslError error, const QSslCertificate &certificate);
     QSslError(const QSslError &other);
     ~QSslError();
     QSslError &operator=(const QSslError &other);
 …
 private:
     QSslErrorPrivate *d;
+    QScopedPointer<QSslErrorPrivate> d;
 };

trunk/src/network/ssl/qsslkey.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 …
 QSslKey::QSslKey(const QSslKey &other) : d(other.d)
+{
-    d->ref.ref();
+}
 …
 QSslKey::~QSslKey()
+{
-    if (!d->ref.deref())
-        delete d;
+}
 …
 QSslKey &QSslKey::operator=(const QSslKey &other)
+{
     qAtomicAssign(d, other.d);
+    d = other.d;
     return *this;
+}
 …
 void QSslKey::clear()
+{
+    if (!d->ref.deref()) {
+        delete d;
+        d = new QSslKeyPrivate;
+    }
+    d = new QSslKeyPrivate;
+}
 …
           << ", " << (key.algorithm() == QSsl::Rsa ? "RSA" : "DSA")
           << ", " << key.length()
           << ")";
+          << ')';
     return debug;
+}

trunk/src/network/ssl/qsslkey.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 #include <QtCore/qnamespace.h>
 #include <QtCore/qbytearray.h>
+#include <QtCore/qsharedpointer.h>
 #include <QtNetwork/qssl.h>
 …
 class QIODevice;
 class QSslKeyPrivate;
 class Q_NETWORK_EXPORT QSslKey
 …
 private:
     QSslKeyPrivate *d;
+    QExplicitlySharedDataPointer<QSslKeyPrivate> d;
     friend class QSslCertificate;
 };

trunk/src/network/ssl/qsslkey_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
+    {
         clear();
-        ref = 1;
+    }
 …
     QAtomicInt ref;
+private:
+    Q_DISABLE_COPY(QSslKeyPrivate)
 };

trunk/src/network/ssl/qsslsocket.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     \reentrant
     \ingroup io
+    \ingroup network
     \ingroup ssl
     \inmodule QtNetwork
 …
     internal buffer, and you can call write() or putChar() to write
     data back to the peer. QSslSocket will automatically encrypt the
     written data for you, and emit bytesWritten() once the data has
     been written to the peer.
+    written data for you, and emit encryptedBytesWritten() once
+    the data has been written to the peer.
     As a convenience, QSslSocket supports QTcpSocket's blocking
 …
     for use in the OpenSSL Toolkit (\l{http://www.openssl.org/}).
+    \note Be aware of the difference between the bytesWritten() signal and
+    the encryptedBytesWritten() signal. For a QTcpSocket, bytesWritten()
+    will get emitted as soon as data has been written to the TCP socket.
+    For a QSslSocket, bytesWritten() will get emitted when the data
+    is being encrypted and encryptedBytesWritten()
+    will get emitted as soon as data has been written to the TCP socket.
     \sa QSslCertificate, QSslCipher, QSslError
 */
 …
     ignoreSslErrors(), either from inside a slot function connected to
     the sslErrors() signal, or prior to entering encrypted mode. If
     ignoreSslErrors is not called, the connection is dropped, signal
+    ignoreSslErrors() is not called, the connection is dropped, signal
     disconnected() is emitted, and QSslSocket returns to the
     UnconnectedState.
 …
 /*!
+    \since 4.6
+    \overload
+    In addition to the original behaviour of connectToHostEncrypted,
+    this overloaded method enables the usage of a different hostname
+    (\a sslPeerName) for the certificate validation instead of
+    the one used for the TCP connection (\a hostName).
+    \sa connectToHostEncrypted()
+*/
+void QSslSocket::connectToHostEncrypted(const QString &hostName, quint16 port,
+                                        const QString &sslPeerName, OpenMode mode)
+{
+    Q_D(QSslSocket);
+    if (d->state == ConnectedState || d->state == ConnectingState) {
+        qWarning("QSslSocket::connectToHostEncrypted() called when already connecting/connected");
+        return;
+    }
+    d->init();
+    d->autoStartHandshake = true;
+    d->initialized = true;
+    d->verificationPeerName = sslPeerName;
+    // Note: When connecting to localhost, some platforms (e.g., HP-UX and some BSDs)
+    // establish the connection immediately (i.e., first attempt).
+    connectToHost(hostName, port, mode);
+}
+/*!
     Initializes QSslSocket with the native socket descriptor \a
     socketDescriptor. Returns true if \a socketDescriptor is accepted
 …
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ","
              << state << "," << openMode << ")";
+    qDebug() << "QSslSocket::setSocketDescriptor(" << socketDescriptor << ','
+             << state << ',' << openMode << ')';
 #endif
     if (!d->plainSocket)
 …
 /*!
+    \since 4.6
+    Sets the given \a option to the value described by \a value.
+    \sa socketOption()
+*/
+void QSslSocket::setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value)
+{
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        d->plainSocket->setSocketOption(option, value);
+}
+/*!
+    \since 4.6
+    Returns the value of the \a option option.
+    \sa setSocketOption()
+*/
+QVariant QSslSocket::socketOption(QAbstractSocket::SocketOption option)
+{
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        return d->plainSocket->socketOption(option);
+    else
+        return QVariant();
+}
+/*!
     Returns the current mode for the socket; either UnencryptedMode, where
     QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or
 …
     An encrypted socket encrypts all data that is written by calling write()
     or putChar() before the data is written to the network, and descrypts all
+    or putChar() before the data is written to the network, and decrypts all
     incoming data as the data is received from the network, before you call
     read(), readLine() or getChar().
 …
     qDebug() << "QSslSocket::close()";
 #endif
+    Q_D(QSslSocket);
+    if (d->plainSocket)
+        d->plainSocket->close();
     QTcpSocket::close();
+    // must be cleared, reading/writing not possible on closed socket:
+    d->readBuffer.clear();
+    d->writeBuffer.clear();
+    // for QTcpSocket this is already done because it uses the readBuffer/writeBuffer
+    // if the QIODevice it is based on
+    // ### FIXME QSslSocket should probably do similar instead of having
+    // its own readBuffer/writeBuffer
+}
 …
 /*!
+    Returns the system default CA certificate database for your
+    system. This database is normally found in a standard place for
+    your system. If it is not found there, Qt will provide its own
+    default CA certificate database. The CA certificate database
+    This function provides a default CA certificate database
+    shipped together with Qt. The CA certificate database
     returned by this function is used to initialize the database
     returned by defaultCaCertificates(). You can replace that database
 …
     Q_D(QSslSocket);
     if (d->mode != UnencryptedMode) {
         qWarning("QSslSocket::startClientEncryption: cannot start handshake on non-plain connection");
+        qWarning("QSslSocket::startServerEncryption: cannot start handshake on non-plain connection");
         return;
+    }
 …
+{
     Q_D(QSslSocket);
+    d->ignoreSslErrors = true;
+    d->ignoreAllSslErrors = true;
+}
+/*!
+    \overload
+    \since 4.6
+    This method tells QSslSocket to ignore only the errors given in \a
+    errors.
+    Note that you can set the expected certificate in the SSL error:
+    If, for instance, you want to connect to a server that uses
+    a self-signed certificate, consider the following snippet:
+    \snippet doc/src/snippets/code/src_network_ssl_qsslsocket.cpp 6
+    Multiple calls to this function will replace the list of errors that
+    were passed in previous calls.
+    You can clear the list of errors you want to ignore by calling this
+    function with an empty list.
+    \sa sslErrors()
+*/
+void QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
+{
+    Q_D(QSslSocket);
+    d->ignoreErrorsList = errors;
+}
 …
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::connectToHostImplementation("
              << hostName << "," << port << "," << openMode << ")";
+             << hostName << ',' << port << ',' << openMode << ')';
 #endif
     if (!d->plainSocket) {
 …
+    }
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::readData(" << (void *)data << "," << maxlen << ") ==" << readBytes;
+    qDebug() << "QSslSocket::readData(" << (void *)data << ',' << maxlen << ") ==" << readBytes;
 #endif
+    // possibly trigger another transmit() to decrypt more data from the socket
+    if (d->readBuffer.isEmpty() && d->plainSocket->bytesAvailable())
+        QMetaObject::invokeMethod(this, "_q_flushReadBuffer", Qt::QueuedConnection);
     return readBytes;
+}
 …
     Q_D(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::writeData(" << (void *)data << "," << len << ")";
+    qDebug() << "QSslSocket::writeData(" << (void *)data << ',' << len << ')';
 #endif
     if (d->mode == UnencryptedMode && !d->autoStartHandshake)
 …
 */
 QSslSocketPrivate::QSslSocketPrivate()
+    : initialized(false), readyReadEmittedPointer(0), plainSocket(0)
+    : initialized(false)
+    , mode(QSslSocket::UnencryptedMode)
+    , autoStartHandshake(false)
+    , connectionEncrypted(false)
+    , ignoreAllSslErrors(false)
+    , readyReadEmittedPointer(0)
+    , plainSocket(0)
+{
     QSslConfigurationPrivate::deepCopyDefaultConfiguration(&configuration);
 …
     autoStartHandshake = false;
     connectionEncrypted = false;
+    ignoreSslErrors = false;
+    ignoreAllSslErrors = false;
+    // we don't want to clear the ignoreErrorsList, so
+    // that it is possible setting it before connecting
+//    ignoreErrorsList.clear();
     readBuffer.clear();
 …
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ")";
+    qDebug() << "QSslSocket::_q_stateChangedSlot(" << state << ')';
 #endif
     q->setSocketState(state);
 …
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::_q_errorSlot(" << error << ")";
+    qDebug() << "QSslSocket::_q_errorSlot(" << error << ')';
     qDebug() << "\tstate =" << q->state();
     qDebug() << "\terrorString =" << q->errorString();
 …
     Q_Q(QSslSocket);
 #ifdef QSSLSOCKET_DEBUG
     qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ")";
+    qDebug() << "QSslSocket::_q_bytesWrittenSlot(" << written << ')';
 #endif
 …
+}
+/*!
+    \internal
+*/
+void QSslSocketPrivate::_q_flushReadBuffer()
+{
+    // trigger a read from the plainSocket into SSL
+    if (mode != QSslSocket::UnencryptedMode)
+        transmit();
+}
 QT_END_NAMESPACE

trunk/src/network/ssl/qsslsocket.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     // Autostarting the SSL client handshake.
     void connectToHostEncrypted(const QString &hostName, quint16 port, OpenMode mode = ReadWrite);
+    void connectToHostEncrypted(const QString &hostName, quint16 port, const QString &sslPeerName, OpenMode mode = ReadWrite);
     bool setSocketDescriptor(int socketDescriptor, SocketState state = ConnectedState,
                              OpenMode openMode = ReadWrite);
+    // ### Qt 5: Make virtual
+    void setSocketOption(QAbstractSocket::SocketOption option, const QVariant &value);
+    QVariant socketOption(QAbstractSocket::SocketOption option);
     SslMode mode() const;
 …
     static bool supportsSsl();
+    void ignoreSslErrors(const QList<QSslError> &errors);
 public Q_SLOTS:
 …
     Q_PRIVATE_SLOT(d_func(), void _q_bytesWrittenSlot(qint64))
     Q_PRIVATE_SLOT(d_func(), void _q_flushWriteBuffer())
+    Q_PRIVATE_SLOT(d_func(), void _q_flushReadBuffer())
     friend class QSslSocketBackendPrivate;
 };

trunk/src/network/ssl/qsslsocket_openssl.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
             first = false;
         else
             cipherString.append(":");
+            cipherString.append(':');
         cipherString.append(cipher.name().toLatin1());
+    }
 …
         // Check if the certificate matches the private key.
         if (!q_SSL_CTX_check_private_key(ctx)) {
             q->setErrorString(QSslSocket::tr("Private key does not certificate public key, %1").arg(SSL_ERRORSTR()));
+            q->setErrorString(QSslSocket::tr("Private key does not certify public key, %1").arg(SSL_ERRORSTR()));
             emit q->error(QAbstractSocket::UnknownSocketError);
             return false;
 …
 QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates()
+{
+#ifdef QQ_OS_UNIX
+    // Check known locations for the system's default bundle.  ### On Windows,
+    // we should use CAPI to find the bundle, and not rely on default unix
+    // locations.
+    const char *standardLocations[] = {"/etc/ssl/certs/",
+#if 0
+                                       // KDE uses KConfig for its SSL store,
+                                       // but it also stores the bundle at
+                                       // this location
+                                       "$HOME/.kde/share/apps/kssl/ca-bundle.crt",
+#endif
+};
+    const char **it = standardLocations;
+    QStringList nameFilter;
+    nameFilter << QLatin1String("*.pem") << QLatin1String("*.crt");
+    while (*it) {
+        if (QDirIterator(QLatin1String(*it), nameFilter).hasNext())
+            return certificatesFromPath(QLatin1String(*it));
+        ++it;
+    }
+#endif
+    // Qt provides a default bundle when we cannot detect the system's default
+    // bundle.
+    // Qt provides a default bundle of certificates
     QFile caBundle(QLatin1String(":/trolltech/network/ssl/qt-ca-bundle.crt"));
     if (caBundle.open(QIODevice::ReadOnly | QIODevice::Text))
 …
     // Start connecting. This will place outgoing data in the BIO, so we
     // follow up with calling transmit().
     testConnection();
+    startHandshake();
     transmit();
+}
 …
     // Start connecting. This will place outgoing data in the BIO, so we
     // follow up with calling transmit().
     testConnection();
+    startHandshake();
     transmit();
+}
 …
             qDebug() << "QSslSocketBackendPrivate::transmit: testing encryption";
 #endif
             if (testConnection()) {
+            if (startHandshake()) {
 #ifdef QSSLSOCKET_DEBUG
                 qDebug() << "QSslSocketBackendPrivate::transmit: encryption established";
 …
         // If the request is small and the remote host closes the transmission
         // after sending, there's a chance that testConnection() will already
+        // after sending, there's a chance that startHandshake() will already
         // have triggered a shutdown.
         if (!ssl)
 …
+}
 bool QSslSocketBackendPrivate::testConnection()
+bool QSslSocketBackendPrivate::startHandshake()
+{
     Q_Q(QSslSocket);
 …
             q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
 #ifdef QSSLSOCKET_DEBUG
             qDebug() << "QSslSocketBackendPrivate::testConnection: error!" << q->errorString();
+            qDebug() << "QSslSocketBackendPrivate::startHandshake: error!" << q->errorString();
 #endif
             emit q->error(QAbstractSocket::SslHandshakeFailedError);
 …
         // if we're the server, don't check CN
         if (mode == QSslSocket::SslClientMode) {
             QString peerName = q->peerName();
+            QString peerName = (verificationPeerName.isEmpty () ? q->peerName() : verificationPeerName);
             QString commonName = configuration.peerCertificate.subjectInfo(QSslCertificate::CommonName);
 …
         sslErrors = errors;
         emit q->sslErrors(errors);
+        if (doVerifyPeer && !ignoreSslErrors) {
+        bool doEmitSslError;
+        if (!ignoreErrorsList.empty()) {
+            // check whether the errors we got are all in the list of expected errors
+            // (applies only if the method QSslSocket::ignoreSslErrors(const QList<QSslError> &errors)
+            // was called)
+            doEmitSslError = false;
+            for (int a = 0; a < errors.count(); a++) {
+                if (!ignoreErrorsList.contains(errors.at(a))) {
+                    doEmitSslError = true;
+                    break;
+                }
+            }
+        } else {
+            // if QSslSocket::ignoreSslErrors(const QList<QSslError> &errors) was not called and
+            // we get an SSL error, emit a signal unless we ignored all errors (by calling
+            // QSslSocket::ignoreSslErrors() )
+            doEmitSslError = !ignoreAllSslErrors;
+        }
+        // check whether we need to emit an SSL handshake error
+        if (doVerifyPeer && doEmitSslError) {
             q->setErrorString(sslErrors.first().errorString());
             q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
 …
     if (!ssl || !ctx)
         return QSslCipher();
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+    // FIXME This is fairly evil, but needed to keep source level compatibility
+    // with the OpenSSL 0.9.x implementation at maximum -- some other functions
+    // don't take a const SSL_CIPHER* when they should
+    SSL_CIPHER *sessionCipher = const_cast<SSL_CIPHER *>(q_SSL_get_current_cipher(ssl));
+#else
     SSL_CIPHER *sessionCipher = q_SSL_get_current_cipher(ssl);
+#endif
     return sessionCipher ? QSslCipher_from_SSL_CIPHER(sessionCipher) : QSslCipher();
+}

trunk/src/network/ssl/qsslsocket_openssl_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 #ifdef Q_OS_WIN
 #include <windows.h>
+#include <qt_windows.h>
 #if defined(OCSP_RESPONSE)
 #undef OCSP_RESPONSE
 …
 #include <openssl/x509v3.h>
 #include <openssl/x509_vfy.h>
+#include <openssl/dsa.h>
+#include <openssl/rsa.h>
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+typedef _STACK STACK;
+#endif
 QT_BEGIN_NAMESPACE
 …
     void startServerEncryption();
     void transmit();
     bool testConnection();
+    bool startHandshake();
     void disconnectFromHost();
     void disconnected();

trunk/src/network/ssl/qsslsocket_openssl_symbols.cpp

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 DEFINEFUNC3(void *, ASN1_dup, i2d_of_void *a, a, d2i_of_void *b, b, char *c, c, return 0, return)
 #endif
+DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER *a, a, return 0, return)
 DEFINEFUNC(unsigned char *, ASN1_STRING_data, ASN1_STRING *a, a, return 0, return)
 DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING *a, a, return 0, return)
 …
 DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return)
 DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG)
+DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
+DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+DEFINEFUNC(void, sk_free, _STACK *a, a, return, DUMMYARG)
+DEFINEFUNC2(void *, sk_value, STACK *a, a, int b, b, return 0, return)
+#else
 DEFINEFUNC(void, sk_free, STACK *a, a, return, DUMMYARG)
-DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
 DEFINEFUNC2(char *, sk_value, STACK *a, a, int b, b, return 0, return)
+#endif
 DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return)
 DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return)
 …
 DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return)
 DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+DEFINEFUNC(SSL_CTX *, SSL_CTX_new, const SSL_METHOD *a, a, return 0, return)
+#else
 DEFINEFUNC(SSL_CTX *, SSL_CTX_new, SSL_METHOD *a, a, return 0, return)
+#endif
 DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return)
 DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return)
 …
 DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, SSL *a, a, return 0, return)
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return 0, return)
+#else
 DEFINEFUNC(SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return 0, return)
+#endif
 DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return)
 DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return 0, return)
 …
 DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG)
 DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return)
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+#else
 DEFINEFUNC(SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
 DEFINEFUNC(SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
 …
 DEFINEFUNC(SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
 DEFINEFUNC(SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+#endif
 DEFINEFUNC3(int, SSL_write, SSL *a, a, const void *b, b, int c, c, return -1, return)
 DEFINEFUNC2(int, X509_cmp, X509 *a, a, X509 *b, b, return -1, return)
 …
 DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG)
+#ifdef Q_OS_SYMBIAN
+#define RESOLVEFUNC(func, ordinal, lib) \
+    if (!(_q_##func = _q_PTR_##func(lib->resolve(#ordinal)))) \
+        qWarning("QSslSocket: cannot resolve "#func);
+#else
 #define RESOLVEFUNC(func) \
     if (!(_q_##func = _q_PTR_##func(libs.first->resolve(#func)))     \
         && !(_q_##func = _q_PTR_##func(libs.second->resolve(#func)))) \
         qWarning("QSslSocket: cannot resolve "#func);
+#endif
 #if !defined QT_LINKED_OPENSSL
 …
     pair.second = libeay32;
     return pair;
+# elif defined(Q_OS_SYMBIAN)
+     QLibrary *libssl = new QLibrary(QLatin1String("libssl"));
+    if (!libssl->load()) {
+        // Cannot find ssleay32.dll
+        delete libssl;
+        return pair;
+    }
+    QLibrary *libcrypto = new QLibrary(QLatin1String("libcrypto"));
+    if (!libcrypto->load()) {
+        delete libcrypto;
+        delete libssl;
+        return pair;
+    }
+    pair.first = libssl;
+    pair.second = libcrypto;
+    return pair;
 # elif defined(Q_OS_UNIX)
     QLibrary *&libssl = pair.first;
 …
     // paths. See the man page for dlopen(3) on your system for more information.
+#ifdef Q_OS_OPENBSD
+    libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
+#endif
 #ifdef SHLIB_VERSION_NUMBER
     // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
     libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
     libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
     if (libssl->load() && libcrypto->load()) {
+    if (libcrypto->load() && libssl->load()) {
         // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
         return pair;
 …
     libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
     libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
     if (libssl->load() && libcrypto->load()) {
+    if (libcrypto->load() && libssl->load()) {
         // libssl.so.0 and libcrypto.so.0 found
         return pair;
 …
         libssl->setFileNameAndVersion(ssl, -1);
         libcrypto->setFileNameAndVersion(crypto, -1);
         if (libssl->load() && libcrypto->load()) {
+        if (libcrypto->load() && libssl->load()) {
             // libssl.so.0 and libcrypto.so.0 found
             return pair;
 …
         return false;
+#ifdef Q_OS_SYMBIAN
+#ifdef SSLEAY_MACROS
+    RESOLVEFUNC(ASN1_dup, 125, libs.second )
+#endif
+    RESOLVEFUNC(ASN1_INTEGER_get, 48, libs.second )
+    RESOLVEFUNC(ASN1_STRING_data, 71, libs.second )
+    RESOLVEFUNC(ASN1_STRING_length, 76, libs.second )
+    RESOLVEFUNC(BIO_ctrl, 184, libs.second )
+    RESOLVEFUNC(BIO_free, 209, libs.second )
+    RESOLVEFUNC(BIO_new, 222, libs.second )
+    RESOLVEFUNC(BIO_new_mem_buf, 230, libs.second )
+    RESOLVEFUNC(BIO_read, 244, libs.second )
+    RESOLVEFUNC(BIO_s_mem, 251, libs.second )
+    RESOLVEFUNC(BIO_write, 269, libs.second )
+    RESOLVEFUNC(BN_num_bits, 387, libs.second )
+    RESOLVEFUNC(CRYPTO_free, 469, libs.second )
+    RESOLVEFUNC(CRYPTO_num_locks, 500, libs.second )
+    RESOLVEFUNC(CRYPTO_set_id_callback, 513, libs.second )
+    RESOLVEFUNC(CRYPTO_set_locking_callback, 516, libs.second )
+    RESOLVEFUNC(DSA_free, 594, libs.second )
+    RESOLVEFUNC(ERR_error_string, 744, libs.second )
+    RESOLVEFUNC(ERR_get_error, 749, libs.second )
+    RESOLVEFUNC(EVP_des_ede3_cbc, 919, libs.second )
+    RESOLVEFUNC(EVP_PKEY_assign, 859, libs.second )
+    RESOLVEFUNC(EVP_PKEY_free, 867, libs.second )
+    RESOLVEFUNC(EVP_PKEY_get1_DSA, 869, libs.second )
+    RESOLVEFUNC(EVP_PKEY_get1_RSA, 870, libs.second )
+    RESOLVEFUNC(EVP_PKEY_new, 876, libs.second )
+    RESOLVEFUNC(EVP_PKEY_type, 882, libs.second )
+    RESOLVEFUNC(OBJ_nid2sn, 1036, libs.second )
+    RESOLVEFUNC(OBJ_obj2nid, 1037, libs.second )
+#ifdef SSLEAY_MACROS // ### verify
+    RESOLVEFUNC(PEM_ASN1_read_bio, 1180, libs.second )
+#else
+    RESOLVEFUNC(PEM_read_bio_DSAPrivateKey, 1219, libs.second )
+    RESOLVEFUNC(PEM_read_bio_RSAPrivateKey, 1228, libs.second )
+    RESOLVEFUNC(PEM_write_bio_DSAPrivateKey, 1260, libs.second )
+    RESOLVEFUNC(PEM_write_bio_RSAPrivateKey, 1271, libs.second )
+#endif
+    RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY, 1220, libs.second )
+    RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY, 1230, libs.second )
+    RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY, 1261, libs.second )
+    RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY, 1273, libs.second )
+    RESOLVEFUNC(RAND_seed, 1426, libs.second )
+    RESOLVEFUNC(RAND_status, 1429, libs.second )
+    RESOLVEFUNC(RSA_free, 1450, libs.second )
+    RESOLVEFUNC(sk_free, 2571, libs.second )
+    RESOLVEFUNC(sk_num, 2576, libs.second )
+    RESOLVEFUNC(sk_pop_free, 2578, libs.second )
+    RESOLVEFUNC(sk_value, 2585, libs.second )
+    RESOLVEFUNC(SSL_CIPHER_description, 11, libs.first )
+    RESOLVEFUNC(SSL_CTX_check_private_key, 21, libs.first )
+    RESOLVEFUNC(SSL_CTX_ctrl, 22, libs.first )
+    RESOLVEFUNC(SSL_CTX_free, 24, libs.first )
+    RESOLVEFUNC(SSL_CTX_new, 35, libs.first )
+    RESOLVEFUNC(SSL_CTX_set_cipher_list, 40, libs.first )
+    RESOLVEFUNC(SSL_CTX_set_default_verify_paths, 44, libs.first )
+    RESOLVEFUNC(SSL_CTX_set_verify, 56, libs.first )
+    RESOLVEFUNC(SSL_CTX_set_verify_depth, 57, libs.first )
+    RESOLVEFUNC(SSL_CTX_use_certificate, 64, libs.first )
+    RESOLVEFUNC(SSL_CTX_use_certificate_file, 67, libs.first )
+    RESOLVEFUNC(SSL_CTX_use_PrivateKey, 58, libs.first )
+    RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey, 61, libs.first )
+    RESOLVEFUNC(SSL_CTX_use_PrivateKey_file, 60, libs.first )
+    RESOLVEFUNC(SSL_accept, 82, libs.first )
+    RESOLVEFUNC(SSL_clear, 92, libs.first )
+    RESOLVEFUNC(SSL_connect, 93, libs.first )
+    RESOLVEFUNC(SSL_free, 99, libs.first )
+    RESOLVEFUNC(SSL_get_ciphers, 104, libs.first )
+    RESOLVEFUNC(SSL_get_current_cipher, 106, libs.first )
+    RESOLVEFUNC(SSL_get_error, 110, libs.first )
+    RESOLVEFUNC(SSL_get_peer_cert_chain, 117, libs.first )
+    RESOLVEFUNC(SSL_get_peer_certificate, 118, libs.first )
+    RESOLVEFUNC(SSL_get_verify_result, 132, libs.first )
+    RESOLVEFUNC(SSL_library_init, 137, libs.first )
+    RESOLVEFUNC(SSL_load_error_strings, 139, libs.first )
+    RESOLVEFUNC(SSL_new, 140, libs.first )
+    RESOLVEFUNC(SSL_read, 143, libs.first )
+    RESOLVEFUNC(SSL_set_accept_state, 148, libs.first )
+    RESOLVEFUNC(SSL_set_bio, 149, libs.first )
+    RESOLVEFUNC(SSL_set_connect_state, 152, libs.first )
+    RESOLVEFUNC(SSL_shutdown, 173, libs.first )
+    RESOLVEFUNC(SSL_write, 188, libs.first )
+    RESOLVEFUNC(SSLv2_client_method, 192, libs.first )
+    RESOLVEFUNC(SSLv3_client_method, 195, libs.first )
+    RESOLVEFUNC(SSLv23_client_method, 189, libs.first )
+    RESOLVEFUNC(TLSv1_client_method, 198, libs.first )
+    RESOLVEFUNC(SSLv2_server_method, 194, libs.first )
+    RESOLVEFUNC(SSLv3_server_method, 197, libs.first )
+    RESOLVEFUNC(SSLv23_server_method, 191, libs.first )
+    RESOLVEFUNC(TLSv1_server_method, 200, libs.first )
+    RESOLVEFUNC(X509_NAME_oneline, 1830, libs.second )
+    RESOLVEFUNC(X509_PUBKEY_get, 1844, libs.second )
+    RESOLVEFUNC(X509_STORE_free, 1939, libs.second )
+    RESOLVEFUNC(X509_STORE_new, 1942, libs.second )
+    RESOLVEFUNC(X509_STORE_add_cert, 1936, libs.second )
+    RESOLVEFUNC(X509_STORE_CTX_free, 1907, libs.second )
+    RESOLVEFUNC(X509_STORE_CTX_init, 1919, libs.second )
+    RESOLVEFUNC(X509_STORE_CTX_new, 1920, libs.second )
+    RESOLVEFUNC(X509_STORE_CTX_set_purpose, 1931, libs.second )
+    RESOLVEFUNC(X509_cmp, 1992, libs.second )
+#ifndef SSLEAY_MACROS
+    RESOLVEFUNC(X509_dup, 1997, libs.second )
+#endif
+    RESOLVEFUNC(X509_EXTENSION_get_object, 1785, libs.second )
+    RESOLVEFUNC(X509_free, 2001, libs.second )
+    RESOLVEFUNC(X509_get_ext, 2012, libs.second )
+    RESOLVEFUNC(X509_get_ext_count, 2016, libs.second )
+    RESOLVEFUNC(X509_get_ext_d2i, 2017, libs.second )
+    RESOLVEFUNC(X509_get_issuer_name, 2018, libs.second )
+    RESOLVEFUNC(X509_get_subject_name, 2022, libs.second )
+    RESOLVEFUNC(X509_verify_cert, 2069, libs.second )
+    RESOLVEFUNC(d2i_X509, 2309, libs.second )
+    RESOLVEFUNC(i2d_X509, 2489, libs.second )
+#ifdef SSLEAY_MACROS
+    RESOLVEFUNC(i2d_DSAPrivateKey, 2395, libs.second )
+    RESOLVEFUNC(i2d_RSAPrivateKey, 2476, libs.second )
+    RESOLVEFUNC(d2i_DSAPrivateKey, 2220, libs.second )
+    RESOLVEFUNC(d2i_RSAPrivateKey, 2296, libs.second )
+#endif
+    RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf, 1153, libs.second )
+    RESOLVEFUNC(OPENSSL_add_all_algorithms_conf, 1152, libs.second )
+#else // Q_OS_SYMBIAN
 #ifdef SSLEAY_MACROS
     RESOLVEFUNC(ASN1_dup)
 #endif
+    RESOLVEFUNC(ASN1_INTEGER_get)
     RESOLVEFUNC(ASN1_STRING_data)
     RESOLVEFUNC(ASN1_STRING_length)
 …
     RESOLVEFUNC(sk_free)
     RESOLVEFUNC(sk_num)
+    RESOLVEFUNC(sk_pop_free)
     RESOLVEFUNC(sk_value)
     RESOLVEFUNC(SSL_CIPHER_description)
 …
     RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf)
     RESOLVEFUNC(OPENSSL_add_all_algorithms_conf)
+#endif // Q_OS_SYMBIAN
     symbolsResolved = true;
     delete libs.first;

trunk/src/network/ssl/qsslsocket_openssl_symbols_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
 bool q_resolveOpenSslSymbols();
+long q_ASN1_INTEGER_get(ASN1_INTEGER *a);
 unsigned char * q_ASN1_STRING_data(ASN1_STRING *a);
 int q_ASN1_STRING_length(ASN1_STRING *a);
 …
 int q_RAND_status();
 void q_RSA_free(RSA *a);
+int q_sk_num(STACK *a);
+void q_sk_pop_free(STACK *a, void (*b)(void *));
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+void q_sk_free(_STACK *a);
+void * q_sk_value(STACK *a, int b);
+#else
 void q_sk_free(STACK *a);
-int q_sk_num(STACK *a);
 char * q_sk_value(STACK *a, int b);
+#endif
 int q_SSL_accept(SSL *a);
 int q_SSL_clear(SSL *a);
 …
 long q_SSL_CTX_ctrl(SSL_CTX *a, int b, long c, void *d);
 void q_SSL_CTX_free(SSL_CTX *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+SSL_CTX *q_SSL_CTX_new(const SSL_METHOD *a);
+#else
 SSL_CTX *q_SSL_CTX_new(SSL_METHOD *a);
+#endif
 int q_SSL_CTX_set_cipher_list(SSL_CTX *a, const char *b);
 int q_SSL_CTX_set_default_verify_paths(SSL_CTX *a);
 …
 STACK_OF(SSL_CIPHER) *q_SSL_get_ciphers(SSL *a);
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+const SSL_CIPHER *q_SSL_get_current_cipher(SSL *a);
+#else
 SSL_CIPHER *q_SSL_get_current_cipher(SSL *a);
+#endif
 int q_SSL_get_error(SSL *a, int b);
 STACK_OF(X509) *q_SSL_get_peer_cert_chain(SSL *a);
 …
 void q_SSL_set_connect_state(SSL *a);
 int q_SSL_shutdown(SSL *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+const SSL_METHOD *q_SSLv2_client_method();
+const SSL_METHOD *q_SSLv3_client_method();
+const SSL_METHOD *q_SSLv23_client_method();
+const SSL_METHOD *q_TLSv1_client_method();
+const SSL_METHOD *q_SSLv2_server_method();
+const SSL_METHOD *q_SSLv3_server_method();
+const SSL_METHOD *q_SSLv23_server_method();
+const SSL_METHOD *q_TLSv1_server_method();
+#else
 SSL_METHOD *q_SSLv2_client_method();
 SSL_METHOD *q_SSLv3_client_method();
 …
 SSL_METHOD *q_SSLv23_server_method();
 SSL_METHOD *q_TLSv1_server_method();
+#endif
 int q_SSL_write(SSL *a, const void *b, int c);
 int q_X509_cmp(X509 *a, X509 *b);

trunk/src/network/ssl/qsslsocket_p.h

-              r2
+              r561
 **
 ** Copyright (C) 2009 Nokia Corporation and/or its subsidiary(-ies).
+** Contact: Qt Software Information (qt-info@nokia.com)
+** All rights reserved.
+** Contact: Nokia Corporation (qt-info@nokia.com)
 **
 ** This file is part of the QtNetwork module of the Qt Toolkit.
 …
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
+** In addition, as a special exception, Nokia gives you certain
+** additional rights. These rights are described in the Nokia Qt LGPL
+** Exception version 1.0, included in the file LGPL_EXCEPTION.txt in this
+** package.
+** In addition, as a special exception, Nokia gives you certain additional
+** rights.  These rights are described in the Nokia Qt LGPL Exception
+** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 …
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 ** If you are unsure which license is appropriate for your use, please
 ** contact the sales department at qt-sales@nokia.com.
+** If you have questions regarding the use of this file, please contact
+** Nokia at qt-info@nokia.com.
 ** $QT_END_LICENSE$
 **
 …
     bool autoStartHandshake;
     bool connectionEncrypted;
+    bool ignoreSslErrors;
+    bool ignoreAllSslErrors;
+    QList<QSslError> ignoreErrorsList;
     bool* readyReadEmittedPointer;
 …
     QSslConfigurationPrivate configuration;
     QList<QSslError> sslErrors;
+    // if set, this hostname is used for certificate validation instead of the hostname
+    // that was used for connecting to.
+    QString verificationPeerName;
     static bool ensureInitialized();
 …
     void _q_bytesWrittenSlot(qint64);
     void _q_flushWriteBuffer();
+    void _q_flushReadBuffer();
     // Platform specific functions

trunk/src/network/ssl/ssl.pri

-              r2
+              r561
 # OpenSSL support; compile in QSslSocket.
 contains(QT_CONFIG, openssl) | contains(QT_CONFIG, openssl-linked) {
+    include($$QT_SOURCE_TREE/config.tests/unix/openssl/openssl.pri)
+symbian {
+        INCLUDEPATH *= $$OS_LAYER_SSL_SYSTEMINCLUDE
+} else {
+        include($$QT_SOURCE_TREE/config.tests/unix/openssl/openssl.pri)
+}
     HEADERS += ssl/qssl.h \
 …
     # Add optional SSL libs
     LIBS += $$OPENSSL_LIBS
+    LIBS_PRIVATE += $$OPENSSL_LIBS
+}

Context Navigation

Legend:

trunk

trunk/src/network/ssl/qssl.cpp

trunk/src/network/ssl/qssl.h

trunk/src/network/ssl/qsslcertificate.cpp

trunk/src/network/ssl/qsslcertificate.h

trunk/src/network/ssl/qsslcertificate_p.h

trunk/src/network/ssl/qsslcipher.cpp

trunk/src/network/ssl/qsslcipher.h

trunk/src/network/ssl/qsslcipher_p.h

trunk/src/network/ssl/qsslconfiguration.cpp

trunk/src/network/ssl/qsslconfiguration.h

trunk/src/network/ssl/qsslconfiguration_p.h

trunk/src/network/ssl/qsslerror.cpp

trunk/src/network/ssl/qsslerror.h

trunk/src/network/ssl/qsslkey.cpp

trunk/src/network/ssl/qsslkey.h

trunk/src/network/ssl/qsslkey_p.h

trunk/src/network/ssl/qsslsocket.cpp

trunk/src/network/ssl/qsslsocket.h

trunk/src/network/ssl/qsslsocket_openssl.cpp

trunk/src/network/ssl/qsslsocket_openssl_p.h

trunk/src/network/ssl/qsslsocket_openssl_symbols.cpp

trunk/src/network/ssl/qsslsocket_openssl_symbols_p.h

trunk/src/network/ssl/qsslsocket_p.h

trunk/src/network/ssl/ssl.pri

Download in other formats:

/branches/vendor/nokia/qt/4.6.1	merged	eligible
/branches/vendor/nokia/qt/current	merged	eligible
/branches/vendor/trolltech/qt/current	3-149