diff options
| author | Marc Mutz <marc.mutz@kdab.com> | 2015-10-23 16:32:59 +0200 |
|---|---|---|
| committer | Marc Mutz <marc.mutz@kdab.com> | 2015-10-27 18:27:59 +0000 |
| commit | 474bee61e4a1c6797ff876bd0ae25ba87d33a4ec (patch) | |
| tree | b2dd1bf81432d38ea5c35d8e90fdb772688c212c /src/network/ssl/qsslsocket_openssl.cpp | |
| parent | 1e32ade79ced64597ef4148f16e0d8a329733c4e (diff) | |
QtNetwork: convert some QDateTime::currentDateTime() to currentDateTimeUtc()
The latter is much faster as it doesn't have to deal with
time zones.
This change is safe, because the QDateTimes are only used for
comparison with other QDateTimes, which, from a quick glance around,
seem to be mostly, if not exclusively, in UTC. Comparsions work
across time zones, but the comparison between UTC date-times is
fastest.
Credits to Milian Wolff, from whose QtWS15 talk this advice is
taken.
Change-Id: I6859d886d8dc8e0a52fbe394fbb7b93a87b4739a
Reviewed-by: Milian Wolff <milian.wolff@kdab.com>
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@theqtcompany.com>
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index a8e4c61e9a..dd47dfc45f 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1660,6 +1660,7 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> & setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates()); } + const QDateTime now = QDateTime::currentDateTimeUtc(); foreach (const QSslCertificate &caCertificate, QSslConfiguration::defaultConfiguration().caCertificates()) { // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: // @@ -1672,7 +1673,7 @@ QList<QSslError> QSslSocketBackendPrivate::verify(const QList<QSslCertificate> & // certificates mixed with valid ones. // // See also: QSslContext::fromConfiguration() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { + if (caCertificate.expiryDate() >= now) { q_X509_STORE_add_cert(certStore, reinterpret_cast<X509 *>(caCertificate.handle())); } } |