diff options
author | Konstantin Shegunov <kshegunov@gmail.com> | 2019-02-19 23:53:58 +0200 |
---|---|---|
committer | Konstantin Shegunov <kshegunov@gmail.com> | 2019-03-05 18:39:34 +0000 |
commit | c212128a676aa906fdef79c3e5ccecf0d942e68c (patch) | |
tree | 3867702f3f07af9ddab6f3b2d4c574a66fc9970b /src/network | |
parent | 6bb22c12a6396d3bae2715936ca570bb57cae669 (diff) |
Add input check for QSslSocket::setPrivateKey
[ChangeLog][QtNetwork][QSslSocket] Added runtime validation of the SSL
private key when it is loaded through a file path.
Task-number: QTBUG-72016
Change-Id: Ie92c3a2fbf3ba896c4c838e03d677426be56a5db
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Samuel Gaist <samuel.gaist@idiap.ch>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index cf8a472606..fa012866e6 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -1209,12 +1209,21 @@ void QSslSocket::setPrivateKey(const QSslKey &key) void QSslSocket::setPrivateKey(const QString &fileName, QSsl::KeyAlgorithm algorithm, QSsl::EncodingFormat format, const QByteArray &passPhrase) { - Q_D(QSslSocket); QFile file(fileName); - if (file.open(QIODevice::ReadOnly)) { - d->configuration.privateKey = QSslKey(file.readAll(), algorithm, - format, QSsl::PrivateKey, passPhrase); + if (!file.open(QIODevice::ReadOnly)) { + qCWarning(lcSsl, "QSslSocket::setPrivateKey: Couldn't open file for reading"); + return; + } + + QSslKey key(file.readAll(), algorithm, format, QSsl::PrivateKey, passPhrase); + if (key.isNull()) { + qCWarning(lcSsl, "QSslSocket::setPrivateKey: " + "The specified file does not contain a valid key"); + return; } + + Q_D(QSslSocket); + d->configuration.privateKey = key; } /*! |