AuroraMiddleware/qt5base-lts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

QSslSocket::addCaCertificates - do not duplicate certs

Browse Source 
If we already know the certificate, there is no need in adding it again.
This function is deprecated, but will stay forever in 5.15.

Pick-to: 5.15
Change-Id: I760f5bcffea78ac02c5643ee1112725edd32f15a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
This commit is contained in:
Timur Pocheptsov 2020-05-14 12:58:15 +02:00
parent c86e54fb17
commit e7ca98f40f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/network/ssl/qsslsocket_openssl.cpp
View File

@ -1709,14 +1709,14 @@ void QSslSocketBackendPrivate::fetchCaRootForCert(const QSslCertificate &cert)
//This is the callback from QWindowsCaRootFetcher, trustedRoot will be invalid (default constructed) if it failed.
void QSslSocketBackendPrivate::_q_caRootLoaded(QSslCertificate cert, QSslCertificate trustedRoot)
{
Q_Q(QSslSocket);
if (!trustedRoot.isNull() && !trustedRoot.isBlacklisted()) {
if (s_loadRootCertsOnDemand) {
//Add the new root cert to default cert list for use by future sockets
QSslSocket::addDefaultCaCertificate(trustedRoot);
}
//Add the new root cert to this socket for future connections
q->addCaCertificate(trustedRoot);
if (!configuration.caCertificates.contains(trustedRoot))
configuration.caCertificates += trustedRoot;
//Remove the broken chain ssl errors (as chain is verified by windows)
for (int i=sslErrors.count() - 1; i >= 0; --i) {
if (sslErrors.at(i).certificate() == cert) {