This is a source-incompatible change.
TlsV1 is ambiguous; what is actually meant is TLS version 1.0. There are
also TLS versions 1.1 and 1.2; we might want to add options for these
once OpenSSL supports them (apparently they will be with OpenSSL version
1.0.1).
Change-Id: I940d020b181b5fa528788ef0c3c47e8ef873796a
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
only the current data row of a data-driven test function. Every skipped
data row is now reported in the test log.
+- The QSsl::TlsV1 enum value was renamed to QSsl::TlsV1_0 .
+
****************************************************************************
* General *
****************************************************************************
//! [0]
QSslConfiguration config = sslSocket.sslConfiguration();
-config.setProtocol(QSsl::TlsV1);
+config.setProtocol(QSsl::TlsV1_0);
sslSocket.setSslConfiguration(config);
//! [0]
/*!
Sets this network request's SSL configuration to be \a config. The
settings that apply are the private key, the local certificate,
- the SSL protocol (SSLv2, SSLv3, TLSv1 where applicable), the CA
+ the SSL protocol (SSLv2, SSLv3, TLSv1.0 where applicable), the CA
certificates and the ciphers that the SSL backend is allowed to
use.
\value SslV3 SSLv3
\value SslV2 SSLv2
- \value TlsV1 TLSv1
+ \value TlsV1_0 TLSv1.0
\value UnknownProtocol The cipher's protocol cannot be determined.
- \value AnyProtocol The socket understands SSLv2, SSLv3, and TLSv1. This
+ \value AnyProtocol The socket understands SSLv2, SSLv3, and TLSv1.0. This
value is used by QSslSocket only.
\value TlsV1SslV3 On the client side, this will send
- a TLS 1.0 Client Hello, enabling TLSv1 and SSLv3 connections.
- On the server side, this will enable both SSLv3 and TLSv1 connections.
+ a TLS 1.0 Client Hello, enabling TLSv1_0 and SSLv3 connections.
+ On the server side, this will enable both SSLv3 and TLSv1_0 connections.
\value SecureProtocols The default option, using protocols known to be secure;
currently behaves like TlsV1SslV3.
enum SslProtocol {
SslV3,
SslV2,
- TlsV1, // ### Qt 5: rename to TlsV1_0 or so
+ TlsV1_0,
+#if QT_DEPRECATED_SINCE(5,0)
+ TlsV1 = TlsV1_0,
+#endif
AnyProtocol,
TlsV1SslV3,
SecureProtocols,
change the settings in the related SSL connection. You must call
setSslConfiguration on a modified QSslConfiguration object to
achieve that. The following example illustrates how to change the
- protocol to TLSv1 in a QSslSocket object:
+ protocol to TLSv1_0 in a QSslSocket object:
\snippet doc/src/snippets/code/src_network_ssl_qsslconfiguration.cpp 0
QSslSocket establishes a secure, encrypted TCP connection you can
use for transmitting encrypted data. It can operate in both client
and server mode, and it supports modern SSL protocols, including
- SSLv3 and TLSv1. By default, QSslSocket uses TLSv1, but you can
+ SSLv3 and TLSv1_0. By default, QSslSocket uses TLSv1_0, but you can
change the SSL protocol by calling setProtocol() as long as you do
it before the handshake has started.
else if (protoString == QLatin1String("SSLv2"))
ciph.d->protocol = QSsl::SslV2;
else if (protoString == QLatin1String("TLSv1"))
- ciph.d->protocol = QSsl::TlsV1;
+ ciph.d->protocol = QSsl::TlsV1_0;
if (descriptionList.at(2).startsWith(QLatin1String("Kx=")))
ciph.d->keyExchangeMethod = descriptionList.at(2).mid(3);
{
Q_Q(QSslSocket);
- // Create and initialize SSL context. Accept SSLv2, SSLv3 and TLSv1.
+ // Create and initialize SSL context. Accept SSLv2, SSLv3 and TLSv1_0.
bool client = (mode == QSslSocket::SslClientMode);
bool reinitialized = false;
default:
ctx = q_SSL_CTX_new(client ? q_SSLv23_client_method() : q_SSLv23_server_method());
break;
- case QSsl::TlsV1:
+ case QSsl::TlsV1_0:
ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method());
break;
}
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
if ((configuration.protocol == QSsl::TlsV1SslV3 ||
- configuration.protocol == QSsl::TlsV1 ||
+ configuration.protocol == QSsl::TlsV1_0 ||
configuration.protocol == QSsl::SecureProtocols ||
configuration.protocol == QSsl::AnyProtocol) &&
client && q_SSLeay() >= 0x00090806fL) {
}
{
// Fluke allows TLSV1.
- socket->setProtocol(QSsl::TlsV1);
- QCOMPARE(socket->protocol(), QSsl::TlsV1);
+ socket->setProtocol(QSsl::TlsV1_0);
+ QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->connectToHostEncrypted(QtNetworkSettings::serverName(), 443);
QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
- QCOMPARE(socket->protocol(), QSsl::TlsV1);
+ QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->abort();
- QCOMPARE(socket->protocol(), QSsl::TlsV1);
+ QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->connectToHost(QtNetworkSettings::serverName(), 443);
QVERIFY2(socket->waitForConnected(), qPrintable(socket->errorString()));
socket->startClientEncryption();
QVERIFY2(socket->waitForEncrypted(), qPrintable(socket->errorString()));
- QCOMPARE(socket->protocol(), QSsl::TlsV1);
+ QCOMPARE(socket->protocol(), QSsl::TlsV1_0);
socket->abort();
}
{
public:
SslServer(const QString &keyFile = SRCDIR "certs/fluke.key", const QString &certFile = SRCDIR "certs/fluke.cert")
: socket(0),
- protocol(QSsl::TlsV1),
+ protocol(QSsl::TlsV1_0),
m_keyFile(keyFile),
m_certFile(certFile) { }
QSslSocket *socket;
QTest::newRow("ssl2-ssl2") << QSsl::SslV2 << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("ssl3-ssl3") << QSsl::SslV3 << QSsl::SslV3 << true;
- QTest::newRow("tls1-tls1") << QSsl::TlsV1 << QSsl::TlsV1 << true;
+ QTest::newRow("tls1.0-tls1.0") << QSsl::TlsV1_0 << QSsl::TlsV1_0 << true;
QTest::newRow("tls1ssl3-tls1ssl3") << QSsl::TlsV1SslV3 << QSsl::TlsV1SslV3 << true;
QTest::newRow("any-any") << QSsl::AnyProtocol << QSsl::AnyProtocol << true;
QTest::newRow("secure-secure") << QSsl::SecureProtocols << QSsl::SecureProtocols << true;
QTest::newRow("ssl2-ssl3") << QSsl::SslV2 << QSsl::SslV3 << false;
- QTest::newRow("ssl2-tls1") << QSsl::SslV2 << QSsl::TlsV1 << false;
+ QTest::newRow("ssl2-tls1.0") << QSsl::SslV2 << QSsl::TlsV1_0 << false;
QTest::newRow("ssl2-tls1ssl3") << QSsl::SslV2 << QSsl::TlsV1SslV3 << false;
QTest::newRow("ssl2-secure") << QSsl::SslV2 << QSsl::SecureProtocols << false;
QTest::newRow("ssl2-any") << QSsl::SslV2 << QSsl::AnyProtocol << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("ssl3-ssl2") << QSsl::SslV3 << QSsl::SslV2 << false;
- QTest::newRow("ssl3-tls1") << QSsl::SslV3 << QSsl::TlsV1 << false;
+ QTest::newRow("ssl3-tls1.0") << QSsl::SslV3 << QSsl::TlsV1_0 << false;
QTest::newRow("ssl3-tls1ssl3") << QSsl::SslV3 << QSsl::TlsV1SslV3 << true;
QTest::newRow("ssl3-secure") << QSsl::SslV3 << QSsl::SecureProtocols << true;
QTest::newRow("ssl3-any") << QSsl::SslV3 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
// numerical IP, so OpenSSL will send a SSL 2 handshake
- QTest::newRow("tls1-ssl2") << QSsl::TlsV1 << QSsl::SslV2 << false;
- QTest::newRow("tls1-ssl3") << QSsl::TlsV1 << QSsl::SslV3 << false;
- QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1 << QSsl::TlsV1SslV3 << true;
- QTest::newRow("tls1-secure") << QSsl::TlsV1 << QSsl::SecureProtocols << true;
- QTest::newRow("tls1-any") << QSsl::TlsV1 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
+ QTest::newRow("tls1.0-ssl2") << QSsl::TlsV1_0 << QSsl::SslV2 << false;
+ QTest::newRow("tls1.0-ssl3") << QSsl::TlsV1_0 << QSsl::SslV3 << false;
+ QTest::newRow("tls1-tls1ssl3") << QSsl::TlsV1_0 << QSsl::TlsV1SslV3 << true;
+ QTest::newRow("tls1.0-secure") << QSsl::TlsV1_0 << QSsl::SecureProtocols << true;
+ QTest::newRow("tls1.0-any") << QSsl::TlsV1_0 << QSsl::AnyProtocol << false; // we wont set a SNI header here because we connect to a
// numerical IP, so OpenSSL will send a SSL 2 handshake
QTest::newRow("tls1ssl3-ssl2") << QSsl::TlsV1SslV3 << QSsl::SslV2 << false;
QTest::newRow("tls1ssl3-ssl3") << QSsl::TlsV1SslV3 << QSsl::SslV3 << true;
- QTest::newRow("tls1ssl3-tls1") << QSsl::TlsV1SslV3 << QSsl::TlsV1 << true;
+ QTest::newRow("tls1ssl3-tls1.0") << QSsl::TlsV1SslV3 << QSsl::TlsV1_0 << true;
QTest::newRow("tls1ssl3-secure") << QSsl::TlsV1SslV3 << QSsl::SecureProtocols << true;
QTest::newRow("tls1ssl3-any") << QSsl::TlsV1SslV3 << QSsl::AnyProtocol << true;
QTest::newRow("secure-ssl2") << QSsl::SecureProtocols << QSsl::SslV2 << false;
QTest::newRow("secure-ssl3") << QSsl::SecureProtocols << QSsl::SslV3 << true;
- QTest::newRow("secure-tls1") << QSsl::SecureProtocols << QSsl::TlsV1 << true;
+ QTest::newRow("secure-tls1.0") << QSsl::SecureProtocols << QSsl::TlsV1_0 << true;
QTest::newRow("secure-tls1ssl3") << QSsl::SecureProtocols << QSsl::TlsV1SslV3 << true;
QTest::newRow("secure-any") << QSsl::SecureProtocols << QSsl::AnyProtocol << true;
QTest::newRow("any-ssl2") << QSsl::AnyProtocol << QSsl::SslV2 << false; // no idea why it does not work, but we don't care about SSL 2
QTest::newRow("any-ssl3") << QSsl::AnyProtocol << QSsl::SslV3 << true;
- QTest::newRow("any-tls1") << QSsl::AnyProtocol << QSsl::TlsV1 << true;
+ QTest::newRow("any-tls1.0") << QSsl::AnyProtocol << QSsl::TlsV1_0 << true;
QTest::newRow("any-tls1ssl3") << QSsl::AnyProtocol << QSsl::TlsV1SslV3 << true;
QTest::newRow("any-secure") << QSsl::AnyProtocol << QSsl::SecureProtocols << true;
}
QVERIFY2(socket->waitForConnected(10000), "Timeout connecting to " + url.encodedHost());
if (isHttps) {
- static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1);
+ static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket.data())->startClientEncryption();
static_cast<QSslSocket *>(socket.data())->ignoreSslErrors();
QVERIFY2(static_cast<QSslSocket *>(socket.data())->waitForEncrypted(10000), "Timeout starting TLS with " + url.encodedHost());
socket = QSharedPointer<QTcpSocket>(new QTcpSocket);
}
if (isHttps) {
- static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1);
+ static_cast<QSslSocket *>(socket.data())->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket.data())->connectToHostEncrypted(url.host(), url.port(443));
static_cast<QSslSocket *>(socket.data())->ignoreSslErrors();
} else {
else
socket = new QTcpSocket;
if (isHttps) {
- static_cast<QSslSocket *>(socket)->setProtocol(QSsl::TlsV1);
+ static_cast<QSslSocket *>(socket)->setProtocol(QSsl::TlsV1_0);
static_cast<QSslSocket *>(socket)->connectToHostEncrypted(url.host(), url.port(443));
static_cast<QSslSocket *>(socket)->ignoreSslErrors();
} else {