qt5base-lts/tests/auto/network/ssl
Timur Pocheptsov 1158ff67b4 QSslSocket::verify: do not alter the default configuration
QSslCertificate::verify() has an undocumented and not very desirable property -
on some platorms it updates the default configuration, which can be surprising.
For example, we deprecated QSslSocket::setDefaultCaCertificates() and recommend
using QSslConfiguration::defaultConfiguration(), QSslConfiguration::setDefaultConfiguration(),
and QSslConfiguration::setCaCertificates(). If an application does this to select
CA roots it trusts explicitly, and then for some reason is calling verify, the
application can have its QSslSockets successfully connecting to a host, whose
root was not trusted by the application. Also, on Windows, defaultCaCertificates()
include system roots already, no need to have them twice.

[ChangeLog][QtCore][QtNetwork] QSslSocket::verify - do not change the default configuration

Pick-to: 5.15
Pick-to: 6.0
Pick-to: 6.0.0
Fixes: QTBUG-88639
Change-Id: I1cd40b259d0a6dcd15c78d1e7c027ff10859595c
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2020-11-30 23:11:05 +01:00
..
qasn1element CMake: Regenerate projects to use new qt_internal_ API 2020-09-23 16:59:06 +02:00
qdtls QSslConfiguration - improve code coverage 2020-11-23 18:38:53 +01:00
qdtlscookie QDtls(cookie verifier): make sure a server can re-use 'Client Hello' 2020-11-30 23:11:05 +01:00
qocsp tst_qocsp: improve code coverage 2020-11-20 14:46:33 +01:00
qpassworddigestor QPasswordDigestor - improve code coverage 2020-11-23 18:38:53 +01:00
qsslcertificate tst_QSslCertificate - improve code coverage 2020-11-30 17:16:22 +01:00
qsslcipher QSslCipher - improve its code coverage and auto-tests 2020-11-20 14:38:59 +01:00
qssldiffiehellmanparameters CMake: Regenerate projects to use new qt_internal_ API 2020-09-23 16:59:06 +02:00
qsslellipticcurve Get rid of Q_COMPILER_CONSTEXPR checks 2020-11-17 21:28:11 +01:00
qsslerror CMake: Regenerate projects to use new qt_internal_ API 2020-09-23 16:59:06 +02:00
qsslkey tst_QSslKey: remove blacklist 2020-11-30 23:11:04 +01:00
qsslsocket QSslSocket::verify: do not alter the default configuration 2020-11-30 23:11:05 +01:00
qsslsocket_onDemandCertificates_member CMake: Regenerate projects to use new qt_internal_ API 2020-09-23 16:59:06 +02:00
qsslsocket_onDemandCertificates_static CMake: Regenerate projects to use new qt_internal_ API 2020-09-23 16:59:06 +02:00
CMakeLists.txt Fix tst_qsslkey to compile when SSL is disabled 2020-10-23 11:36:48 +02:00
ssl.pro Fix tst_qsslkey to compile when SSL is disabled 2020-10-23 11:36:48 +02:00