diff options
author | Edward Welbourne <edward.welbourne@qt.io> | 2016-07-04 15:58:39 +0200 |
---|---|---|
committer | Edward Welbourne <edward.welbourne@qt.io> | 2016-07-04 15:58:39 +0200 |
commit | b5695bd5be908970244919bcd7c19cbf7ccca2c4 (patch) | |
tree | 29f1e2895bef25db5b47e7e2cf01414f6b32ac8d /src/network/ssl | |
parent | 840729a931a7d3fefbc4b4a8e01f8b1bd69a427e (diff) | |
parent | b7744e0b05255fc468db2af215ba94eca4b7757b (diff) |
Merge remote-tracking branch 'origin/5.6' into 5.7
Change-Id: Ibd81cd1df4a0650d93fcb556a57be90be2e1f569
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 3 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 9 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 472db3aa81..591d635162 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -55,7 +55,8 @@ QSslSocket establishes a secure, encrypted TCP connection you can use for transmitting encrypted data. It can operate in both client and server mode, and it supports modern SSL protocols, including - SSLv3 and TLSv1_0. By default, QSslSocket uses TLSv1_0, but you can + SSL 3 and TLS 1.2. By default, QSslSocket uses only SSL protocols + which are considered to be secure (QSsl::SecureProtocols), but you can change the SSL protocol by calling setProtocol() as long as you do it before the handshake has started. diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index c164342166..3845a3d455 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -617,7 +617,7 @@ void QSslSocketBackendPrivate::transmit() if (connectionEncrypted && !writeBuffer.isEmpty()) { qint64 totalBytesWritten = 0; - while (writeBuffer.nextDataBlockSize() > 0) { + while (writeBuffer.nextDataBlockSize() > 0 && context) { const size_t nextDataBlockSize = writeBuffer.nextDataBlockSize(); size_t writtenBytes = 0; const OSStatus err = SSLWrite(context, writeBuffer.readPointer(), nextDataBlockSize, &writtenBytes); @@ -652,7 +652,7 @@ void QSslSocketBackendPrivate::transmit() if (connectionEncrypted) { QVarLengthArray<char, 4096> data; - while (true) { + while (context) { size_t readBytes = 0; data.resize(4096); const OSStatus err = SSLRead(context, data.data(), data.size(), &readBytes); @@ -1296,7 +1296,10 @@ bool QSslSocketBackendPrivate::verifyPeerTrust() // report errors if (!errors.isEmpty() && !canIgnoreVerify) { sslErrors = errors; - if (!checkSslErrors()) + // checkSslErrors unconditionally emits sslErrors: + // a user's slot can abort/close/disconnect on this + // signal, so we also test the socket's state: + if (!checkSslErrors() || q->state() != QAbstractSocket::ConnectedState) return false; } else { sslErrors.clear(); |