diff options
| author | Lars Schmertmann <Lars.Schmertmann@governikus.de> | 2020-07-13 12:43:44 +0200 |
|---|---|---|
| committer | Lars Schmertmann <Lars.Schmertmann@governikus.de> | 2020-08-06 19:49:02 +0200 |
| commit | af1544bda242d02690bd092f1d1ed7ca57659529 (patch) | |
| tree | 5918f1270b246dc4a14d76d32f0ed44d9377bf9d | |
| parent | 3938d932220e70e2dccb81786135acfcf9ea187b (diff) | |
Mark QSslError(SslError error) as explicit
Currently it is possible to compare a QSslError with a
QSslError::SslError because QSslError has an implicit
constructor. But the comparison often fails because
a QSslError received from the system contains a
certificate.
[ChangeLog][QtNetwork][QSslError] The constructor
QSslError(QSslError::SslError error) is now explicit.
Change-Id: I36cc5895245d3b43ab4b8d65a9635893d6b0e6a4
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
| -rw-r--r-- | src/network/ssl/qsslerror.h | 2 | ||||
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 10 |
2 files changed, 6 insertions, 6 deletions
diff --git a/src/network/ssl/qsslerror.h b/src/network/ssl/qsslerror.h index 6c4dabde96..f135dd10b7 100644 --- a/src/network/ssl/qsslerror.h +++ b/src/network/ssl/qsslerror.h @@ -100,7 +100,7 @@ public: // RVCT compiler in debug build does not like about default values in const- // So as an workaround we define all constructor overloads here explicitly QSslError(); - QSslError(SslError error); + explicit QSslError(SslError error); QSslError(SslError error, const QSslCertificate &certificate); QSslError(const QSslError &other); diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 99b7a77b4d..f421df875c 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -468,7 +468,7 @@ QSslErrorEntry QSslErrorEntry::fromStoreContext(X509_STORE_CTX *ctx) #if QT_CONFIG(ocsp) -QSslError qt_OCSP_response_status_to_QSslError(long code) +QSslError::SslError qt_OCSP_response_status_to_SslError(long code) { switch (code) { case OCSP_RESPONSE_STATUS_MALFORMEDREQUEST: @@ -1827,7 +1827,7 @@ bool QSslSocketBackendPrivate::checkOcspStatus() const unsigned char *responseData = nullptr; const long responseLength = q_SSL_get_tlsext_status_ocsp_resp(ssl, &responseData); if (responseLength <= 0 || !responseData) { - ocspErrors.push_back(QSslError::OcspNoResponseFound); + ocspErrors.push_back(QSslError(QSslError::OcspNoResponseFound)); return false; } @@ -1842,7 +1842,7 @@ bool QSslSocketBackendPrivate::checkOcspStatus() const int ocspStatus = q_OCSP_response_status(response); if (ocspStatus != OCSP_RESPONSE_STATUS_SUCCESSFUL) { // It's not a definitive response, it's an error message (not signed by the responder). - ocspErrors.push_back(qt_OCSP_response_status_to_QSslError(ocspStatus)); + ocspErrors.push_back(QSslError(qt_OCSP_response_status_to_SslError(ocspStatus))); return false; } @@ -1884,10 +1884,10 @@ bool QSslSocketBackendPrivate::checkOcspStatus() const unsigned long verificationFlags = 0; const int success = q_OCSP_basic_verify(basicResponse, peerChain, store, verificationFlags); if (success <= 0) - ocspErrors.push_back(QSslError::OcspResponseCannotBeTrusted); + ocspErrors.push_back(QSslError(QSslError::OcspResponseCannotBeTrusted)); if (q_OCSP_resp_count(basicResponse) != 1) { - ocspErrors.push_back(QSslError::OcspMalformedResponse); + ocspErrors.push_back(QSslError(QSslError::OcspMalformedResponse)); return false; } |