SSL code: introduce new error value for blacklisted certificates

improve error reporting by introducing a new enum value in case the
peer certificate is blacklisted.

Reviewed-by: Markus Goetz
Task-number: QTBUG-18338

1 files changed, 7 insertions, 6 deletions

diff --git a/tests/auto/qsslsocket/tst_qsslsocket.cpp b/tests/auto/qsslsocket/tst_qsslsocket.cpp
index 9c32c2b2c5..5b30a39eaf 100644
--- a/tests/auto/qsslsocket/tst_qsslsocket.cpp
+++ b/tests/auto/qsslsocket/tst_qsslsocket.cpp
@@ -188,7 +188,7 @@ private slots:
     void ignoreSslErrorsListWithSlot();
     void readFromClosedSocket();
     void writeBigChunk();
-    void blacklist();
+    void blacklistedCertificates();
     void setEmptyDefaultConfiguration();
 
     static void exitLoop()
@@ -1983,7 +1983,7 @@ void tst_QSslSocket::writeBigChunk()
     socket->close();
 }
 
-void tst_QSslSocket::blacklist()
+void tst_QSslSocket::blacklistedCertificates()
 {
     QFETCH_GLOBAL(bool, setProxy);
     if (setProxy)
@@ -2004,14 +2004,15 @@ void tst_QSslSocket::blacklist()
     QVERIFY(sender->state() == QAbstractSocket::ConnectedState);
     receiver->setObjectName("receiver");
     sender->setObjectName("sender");
-    receiver->ignoreSslErrors();
     receiver->startClientEncryption();
 
-    connect(receiver, SIGNAL(error(QAbstractSocket::SocketError)), SLOT(exitLoop()));
+    connect(receiver, SIGNAL(sslErrors(QList<QSslError>)), SLOT(exitLoop()));
     connect(receiver, SIGNAL(encrypted()), SLOT(exitLoop()));
     enterLoop(1);
-    QCOMPARE(receiver->error(), QAbstractSocket::SslHandshakeFailedError);
-    QCOMPARE(receiver->errorString(), QString("The peer certificate is blacklisted"));
+    QList<QSslError> sslErrors = receiver->sslErrors();
+    QVERIFY(sslErrors.count() > 0);
+    // there are more errors (self signed cert and hostname mismatch), but we only care about the blacklist error
+    QCOMPARE(sslErrors.at(0).error(), QSslError::CertificateBlacklisted);
 }
 
 void tst_QSslSocket::setEmptyDefaultConfiguration()