diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-05-14 12:58:15 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-05-20 19:46:16 +0200 |
commit | e7ca98f40f83bb012002b69226d3c27c02271d31 (patch) | |
tree | 1dc56f9621572e614466aad39c92912bd0d94a25 /src | |
parent | c86e54fb170345703e7e8d3b75f6ee25c964aff5 (diff) |
QSslSocket::addCaCertificates - do not duplicate certs
If we already know the certificate, there is no need in adding it again.
This function is deprecated, but will stay forever in 5.15.
Pick-to: 5.15
Change-Id: I760f5bcffea78ac02c5643ee1112725edd32f15a
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src')
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 324ca6eea6..4c96c02ade 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1709,14 +1709,14 @@ void QSslSocketBackendPrivate::fetchCaRootForCert(const QSslCertificate &cert) //This is the callback from QWindowsCaRootFetcher, trustedRoot will be invalid (default constructed) if it failed. void QSslSocketBackendPrivate::_q_caRootLoaded(QSslCertificate cert, QSslCertificate trustedRoot) { - Q_Q(QSslSocket); if (!trustedRoot.isNull() && !trustedRoot.isBlacklisted()) { if (s_loadRootCertsOnDemand) { //Add the new root cert to default cert list for use by future sockets QSslSocket::addDefaultCaCertificate(trustedRoot); } //Add the new root cert to this socket for future connections - q->addCaCertificate(trustedRoot); + if (!configuration.caCertificates.contains(trustedRoot)) + configuration.caCertificates += trustedRoot; //Remove the broken chain ssl errors (as chain is verified by windows) for (int i=sslErrors.count() - 1; i >= 0; --i) { if (sslErrors.at(i).certificate() == cert) { |