diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-05-11 12:06:38 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-05-11 14:18:44 +0200 |
commit | 479c3bd93be061fab5753940fbc64b514e29615b (patch) | |
tree | fa51eea4e7f401ee4dd01193aef7a1f336c545e1 /src/network/ssl/qsslsocket.cpp | |
parent | b428e98052aa1b97a42f31ed52b1266d17e186ee (diff) |
CA fetcher - do not add CA root if it's already present
As it was found recently CA fetcher, while building a chain with a missing
intermediary, may return the root we are already aware of (had in the "ROOT"
store). While this is in general harmless, it can be a bit surprising if
some code is analyzing the list of CA certificates after a handshake.
Pick-to: 5.15
Change-Id: I1df3b537e2a812de17e2c94ad4643cf36e7e946f
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 5252f3348b..667a2e7267 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -2467,6 +2467,8 @@ void QSslSocketPrivate::addDefaultCaCertificate(const QSslCertificate &cert) { QSslSocketPrivate::ensureInitialized(); QMutexLocker locker(&globalData()->mutex); + if (globalData()->config->caCertificates.contains(cert)) + return; globalData()->config.detach(); globalData()->config->caCertificates += cert; globalData()->dtlsConfig.detach(); |