diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2019-01-25 15:11:34 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2019-01-27 10:41:51 +0000 |
commit | 315969725da24c336b5dd5c5463c605ee679781d (patch) | |
tree | 9c70ad83df5116ad95a7ce146d549c790cf03cb7 /src/network/ssl/qocspresponse.cpp | |
parent | 5ae8fcd17bda45177ae7f65bf1c9f25f30706bb4 (diff) |
QSslSocket - make ocsp response into ... ocsp responseS
If later we try to introduce multiple ocsp support, the API returning
a single response will be somewhat broken and illogical/not clear
how to use at all. Let's return a vector of responses (for now it's
one, can change in future). This makes isNull() redundant on a
response, also, we now need 'subject' - a cert that response was for.
Change-Id: Ibbd9dec163b53906b2fd61fa31c43db7d08adc4d
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/network/ssl/qocspresponse.cpp')
-rw-r--r-- | src/network/ssl/qocspresponse.cpp | 53 |
1 files changed, 17 insertions, 36 deletions
diff --git a/src/network/ssl/qocspresponse.cpp b/src/network/ssl/qocspresponse.cpp index acc24047e7..1466364af2 100644 --- a/src/network/ssl/qocspresponse.cpp +++ b/src/network/ssl/qocspresponse.cpp @@ -53,11 +53,10 @@ QT_BEGIN_NAMESPACE The QOcspResponse class represents the revocation status of a server's certficate, received by the client-side socket during the TLS handshake. QSslSocket must be - configured with OCSP stapling enabled. A non-empty response corresponds to the - certificate that can be obtained from QSslConfiguration::peerCertificate(). + configured with OCSP stapling enabled. - \sa QSslSocket, QSslSocket::ocspResponse(), isNull(), clear(), certificateStatus(), - revocationReason(), responder(), OcspCertificateStatus, OcspRevocationReason, + \sa QSslSocket, QSslSocket::ocspResponse(), certificateStatus(), + revocationReason(), responder(), subject(), OcspCertificateStatus, OcspRevocationReason, QSslConfiguration::setOcspStaplingEnabled(), QSslConfiguration::ocspStaplingEnabled(), QSslConfiguration::peerCertificate() */ @@ -110,9 +109,10 @@ QT_BEGIN_NAMESPACE /*! \since 5.13 - Creates a new, null OCSP response. + Creates a new response with status OcspCertificateStatus::Unknown + and revocation reason OcspRevocationReason::None. - \sa isNull() + \sa OcspCertificateStatus */ QOcspResponse::QOcspResponse() : d(new QOcspResponsePrivate) @@ -132,7 +132,7 @@ QOcspResponse::QOcspResponse(const QOcspResponse &other) /*! \since 5.13 - Move-constructs a QOcspResponse instance. + Move-constructs a QOcspResponse instance from \a other. */ QOcspResponse::QOcspResponse(QOcspResponse &&other) Q_DECL_NOTHROW { @@ -177,35 +177,6 @@ QOcspResponse &QOcspResponse::operator=(QOcspResponse &&other) Q_DECL_NOTHROW /*! \since 5.13 - Returns \c true for default-constructed OCSP responses and also if during a - handshake no definitive OCSP response, or no response was received at all. - - \sa QOcspResponse(), QSslSocket::ocspResponse() -*/ -bool QOcspResponse::isNull() const -{ - return d->isNull; -} - -/*! - \since 5.13 - - Resets this QOcspResponse to its default, null state. - - \sa QOcspResponse(), isNull() -*/ -void QOcspResponse::clear() -{ - - d->certificateStatus = OcspCertificateStatus::Unknown; - d->revocationReason = OcspRevocationReason::None; - d->isNull = true; - d->signerCert.clear(); -} - -/*! - \since 5.13 - Returns the certificate status. \sa OcspCertificateStatus @@ -235,4 +206,14 @@ QSslCertificate QOcspResponse::responder() const return d->signerCert; } +/*! + \since 5.13 + + This function returns a certificate, for which this response was issued. +*/ +QSslCertificate QOcspResponse::subject() const +{ + return d->subjectCert; +} + QT_END_NAMESPACE |