diff options
| author | Shane Kearns <dbgshane@gmail.com> | 2012-12-06 17:03:18 +0000 |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2012-12-10 20:48:10 +0100 |
| commit | eb2688c4c4f257d0a4d978ba4bf57d6347b15252 (patch) | |
| tree | 565d289155ca323418e6e057a5b5396f9c9fe08e /src/network/ssl/qsslsocket_openssl.cpp | |
| parent | 5809485dbed884d937e01a8d6e27e9b32eed32cb (diff) | |
Fix binary incompatibility between openssl versions
OpenSSL changed the layout of X509_STORE_CTX between 0.9 and 1.0
So we have to consider this struct as private implementation, and use
the access functions instead.
This bug would cause certificate verification problems if a different
version of openssl is loaded at runtime to the headers Qt was compiled
against.
Task-number: QTBUG-28343
Change-Id: I47fc24336f7d9c80f08f9c8ba6debc51a5591258
Reviewed-by: Richard J. Moore <rich@kde.org>
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 39b49ce09e..9e0331391b 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -229,12 +229,12 @@ static int q_X509Callback(int ok, X509_STORE_CTX *ctx) { if (!ok) { // Store the error and at which depth the error was detected. - _q_sslErrorList()->errors << qMakePair<int, int>(ctx->error, ctx->error_depth); + _q_sslErrorList()->errors << qMakePair<int, int>(q_X509_STORE_CTX_get_error(ctx), q_X509_STORE_CTX_get_error_depth(ctx)); #ifdef QSSLSOCKET_DEBUG qDebug() << "verification error: dumping bad certificate"; - qDebug() << QSslCertificatePrivate::QSslCertificate_from_X509(ctx->current_cert).toPem(); + qDebug() << QSslCertificatePrivate::QSslCertificate_from_X509(q_X509_STORE_CTX_get_current_cert(ctx)).toPem(); qDebug() << "dumping chain"; - foreach (QSslCertificate cert, QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(ctx->chain)) { + foreach (QSslCertificate cert, QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(q_X509_STORE_CTX_get_chain(ctx))) { QString certFormat(QStringLiteral("O=%1 CN=%2 L=%3 OU=%4 C=%5 ST=%6")); qDebug() << "Issuer:" << "O=" << cert.issuerInfo(QSslCertificate::Organization) << "CN=" << cert.issuerInfo(QSslCertificate::CommonName) |