From ebf69d862ad816bf9b00e27adc2b6f0d74331338 Mon Sep 17 00:00:00 2001
From: Markus Goetz <Markus.Goetz@nokia.com>
Date: Thu, 27 Aug 2009 15:29:54 +0200
Subject: QSslSocket: Clarified doc about QSslSocket::systemCaCertificates

This function only returns the certificates bundled with Qt.

Reviewed-by: TrustMe
---
 src/network/ssl/qsslsocket.cpp | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'src/network')

diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index 1acd88b89f..a064c2fe49 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -1267,10 +1267,8 @@ QList<QSslCertificate> QSslSocket::defaultCaCertificates()
 }
 
 /*!
-    Returns the system default CA certificate database for your
-    system. This database is normally found in a standard place for
-    your system. If it is not found there, Qt will provide its own
-    default CA certificate database. The CA certificate database
+    This function provides a default CA certificate database
+    shipped together with Qt. The CA certificate database
     returned by this function is used to initialize the database
     returned by defaultCaCertificates(). You can replace that database
     with your own with setDefaultCaCertificates().
-- 
cgit v1.2.3


From 802d8c02eaa0aa9cd8d0c6cbd18cd814e6337bc6 Mon Sep 17 00:00:00 2001
From: Thiago Macieira <thiago.macieira@nokia.com>
Date: Mon, 24 Aug 2009 11:33:34 +0200
Subject: Fix parsing of Subject Alternate Names in Qt.

Simple misuse of QLatin1String. Use QString::fromLatin1 instead and
avoid the QByteArray temporary.

Reviewed-by: Andreas Aardal Hanssen
Tracking: CVE-2009-2700
---
 src/network/ssl/qsslcertificate.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/network')

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index d62c9112e3..b5df35ce35 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -377,7 +377,7 @@ QMultiMap<QSsl::AlternateNameEntryType, QString> QSslCertificate::alternateSubje
             }
 
             const char *altNameStr = reinterpret_cast<const char *>(q_ASN1_STRING_data(genName->d.ia5));
-            const QString altName = QLatin1String(QByteArray(altNameStr, len));
+            const QString altName = QString::fromLatin1(altNameStr, len);
             if (genName->type == GEN_DNS)
                 result.insert(QSsl::DnsEntry, altName);
             else if (genName->type == GEN_EMAIL)
-- 
cgit v1.2.3