diff options
| author | Marc Mutz <marc.mutz@kdab.com> | 2014-04-09 08:04:57 +0200 |
|---|---|---|
| committer | Marc Mutz <marc.mutz@kdab.com> | 2016-01-19 21:38:19 +0000 |
| commit | 7a17340636d8c338f687aa2a904c49a5cbc15526 (patch) | |
| tree | 4707fb3b409d9828cd83749b4437cf79cf29ff5c | |
| parent | 71be92c1d0aad7d86b53de37cd2df021b736cb4e (diff) | |
QSslContext: separate creation and initialization
This is in preparation of providing a named constructor that returns
a shared instead of a naked pointer.
Change-Id: I23aed950facac9d0b053321e75b61df7df8a6605
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
| -rw-r--r-- | src/network/ssl/qsslcontext_openssl.cpp | 23 | ||||
| -rw-r--r-- | src/network/ssl/qsslcontext_openssl_p.h | 4 |
2 files changed, 17 insertions, 10 deletions
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index 6a93770900..05f2f8f769 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -97,9 +97,9 @@ static inline QString msgErrorSettingEllipticCurves(const QString &why) return QSslSocket::tr("Error when setting the elliptic curves (%1)").arg(why); } -QSslContext* QSslContext::fromConfiguration(QSslSocket::SslMode mode, const QSslConfiguration &configuration, bool allowRootCertOnDemandLoading) +// static +void QSslContext::initSslContext(QSslContext *sslContext, QSslSocket::SslMode mode, const QSslConfiguration &configuration, bool allowRootCertOnDemandLoading) { - QSslContext *sslContext = new QSslContext(); sslContext->sslConfiguration = configuration; sslContext->errorCode = QSslError::NoError; @@ -187,7 +187,7 @@ init_context: unsupportedProtocol ? QSslSocket::tr("unsupported protocol") : QSslSocketBackendPrivate::getErrorsFromOpenSsl() ); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } // Enable bug workarounds. @@ -218,7 +218,7 @@ init_context: if (!q_SSL_CTX_set_cipher_list(sslContext->ctx, cipherString.data())) { sslContext->errorStr = QSslSocket::tr("Invalid or empty cipher list (%1)").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } const QDateTime now = QDateTime::currentDateTimeUtc(); @@ -253,14 +253,14 @@ init_context: if (sslContext->sslConfiguration.privateKey().isNull()) { sslContext->errorStr = QSslSocket::tr("Cannot provide a certificate with no key, %1").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } // Load certificate if (!q_SSL_CTX_use_certificate(sslContext->ctx, (X509 *)sslContext->sslConfiguration.localCertificate().handle())) { sslContext->errorStr = QSslSocket::tr("Error loading local certificate, %1").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } if (configuration.d->privateKey.algorithm() == QSsl::Opaque) { @@ -284,7 +284,7 @@ init_context: if (!q_SSL_CTX_use_PrivateKey(sslContext->ctx, sslContext->pkey)) { sslContext->errorStr = QSslSocket::tr("Error loading private key, %1").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } if (configuration.d->privateKey.algorithm() == QSsl::Opaque) sslContext->pkey = 0; // Don't free the private key, it belongs to QSslKey @@ -293,7 +293,7 @@ init_context: if (!q_SSL_CTX_check_private_key(sslContext->ctx)) { sslContext->errorStr = QSslSocket::tr("Private key does not certify public key, %1").arg(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; + return; } // If we have any intermediate certificates then we need to add them to our chain @@ -357,7 +357,6 @@ init_context: const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())))) { sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; } } else #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) @@ -365,10 +364,14 @@ init_context: // specific curves requested, but not possible to set -> error sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocket::tr("OpenSSL version too old, need at least v1.0.2")); sslContext->errorCode = QSslError::UnspecifiedError; - return sslContext; } } +} +QSslContext* QSslContext::fromConfiguration(QSslSocket::SslMode mode, const QSslConfiguration &configuration, bool allowRootCertOnDemandLoading) +{ + QSslContext *sslContext = new QSslContext(); + initSslContext(sslContext, mode, configuration, allowRootCertOnDemandLoading); return sslContext; } diff --git a/src/network/ssl/qsslcontext_openssl_p.h b/src/network/ssl/qsslcontext_openssl_p.h index c4f5152074..41800d01f9 100644 --- a/src/network/ssl/qsslcontext_openssl_p.h +++ b/src/network/ssl/qsslcontext_openssl_p.h @@ -101,6 +101,10 @@ protected: QSslContext(); private: + static void initSslContext(QSslContext* sslContext, QSslSocket::SslMode mode, const QSslConfiguration &configuration, + bool allowRootCertOnDemandLoading); + +private: SSL_CTX* ctx; EVP_PKEY *pkey; SSL_SESSION *session; |