diff options
-rw-r--r-- | src/network/ssl/qsslcertificate_qt.cpp | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/network/ssl/qsslcertificate_qt.cpp b/src/network/ssl/qsslcertificate_qt.cpp index c0f3710a9a..f17d1500c5 100644 --- a/src/network/ssl/qsslcertificate_qt.cpp +++ b/src/network/ssl/qsslcertificate_qt.cpp @@ -402,10 +402,18 @@ bool QSslCertificatePrivate::parse(const QByteArray &data) QSslCertificateExtension extension; if (!parseExtension(elem.value(), &extension)) return false; - extensions << extension; if (extension.oid() == QLatin1String("2.5.29.17")) { // subjectAltName + + // Note, parseExtension() returns true for this extensions, + // but considers it to be unsupported and assignes a useless + // value. OpenSSL also treats this extension as unsupported, + // but properly creates a map with 'name' and 'value' taken + // from the extension. We only support 'email', 'IP' and 'DNS', + // but this is what our subjectAlternativeNames map can contain + // anyway. + QVariantMap extValue; QAsn1Element sanElem; if (sanElem.read(extension.value().toByteArray()) && sanElem.type() == QAsn1Element::SequenceType) { QDataStream nameStream(sanElem.value()); @@ -414,9 +422,11 @@ bool QSslCertificatePrivate::parse(const QByteArray &data) switch (nameElem.type()) { case QAsn1Element::Rfc822NameType: subjectAlternativeNames.insert(QSsl::EmailEntry, nameElem.toString()); + extValue[QStringLiteral("email")] = nameElem.toString(); break; case QAsn1Element::DnsNameType: subjectAlternativeNames.insert(QSsl::DnsEntry, nameElem.toString()); + extValue[QStringLiteral("DNS")] = nameElem.toString(); break; case QAsn1Element::IpAddressType: { QHostAddress ipAddress; @@ -431,16 +441,22 @@ bool QSslCertificatePrivate::parse(const QByteArray &data) default: // Unknown IP address format break; } - if (!ipAddress.isNull()) + if (!ipAddress.isNull()) { subjectAlternativeNames.insert(QSsl::IpAddressEntry, ipAddress.toString()); + extValue[QStringLiteral("IP")] = ipAddress.toString(); + } break; } default: break; } } + extension.d->value = extValue; + extension.d->supported = true; } } + + extensions << extension; } } } |