Fix supportsSsl() to make it more consistent

Attempts to use QSslSocket and its OpenSSL 1.1 back-end with OpenSSL 1.1.1
in a very peculiar way (for some reason the reporter calls  OPENSSL_no_config())
combined with a bug in OpenSSL 1.1.1 resulted in a QSslSocket dead-locking
in initialization. This was happening because supportsSsl() first reported
false (OpenSSL internally fails to initialize after OPENSSL_no_config()),
but we have s_libraryLoaded set to true too early, thus the first supportsSsl()
returns false, the second - true.

Move setting of s_libraryLoaded later so that we don't claim to support
OpenSSL when an earlier ensureLibraryLoaded() attempt failed.

Task-number: QTBUG-70956
Task-number: QTBUG-71446
Change-Id: I8ad8763d357c84fc38c62e2ce914366367c2b445
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>

1 files changed, 5 insertions, 0 deletions

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 64501a75e8..37bb3e4933 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -474,7 +474,12 @@ void QSslSocketPrivate::resetDefaultCiphers()
 #else
     SSL_CTX *myCtx = q_SSL_CTX_new(q_SSLv23_client_method());
 #endif
+    // Note, we assert, not just silently return/bail out early:
+    // this should never happen and problems with OpenSSL's initialization
+    // must be caught before this (see supportsSsl()).
+    Q_ASSERT(myCtx);
     SSL *mySsl = q_SSL_new(myCtx);
+    Q_ASSERT(mySsl);
 
     QList<QSslCipher> ciphers;
     QList<QSslCipher> defaultCiphers;