1 files changed, 35 insertions, 2 deletions

diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp
index 3f732b4646..4697a5f90f 100644
--- a/src/network/ssl/qsslconfiguration.cpp
+++ b/src/network/ssl/qsslconfiguration.cpp
@@ -228,7 +228,8 @@ bool QSslConfiguration::operator==(const QSslConfiguration &other) const
         d->nextAllowedProtocols == other.d->nextAllowedProtocols &&
         d->nextNegotiatedProtocol == other.d->nextNegotiatedProtocol &&
         d->nextProtocolNegotiationStatus == other.d->nextProtocolNegotiationStatus &&
-        d->dtlsCookieEnabled == other.d->dtlsCookieEnabled;
+        d->dtlsCookieEnabled == other.d->dtlsCookieEnabled &&
+        d->ocspStaplingEnabled == other.d->ocspStaplingEnabled;
 }
 
 /*!
@@ -272,7 +273,8 @@ bool QSslConfiguration::isNull() const
             d->preSharedKeyIdentityHint.isNull() &&
             d->nextAllowedProtocols.isEmpty() &&
             d->nextNegotiatedProtocol.isNull() &&
-            d->nextProtocolNegotiationStatus == QSslConfiguration::NextProtocolNegotiationNone);
+            d->nextProtocolNegotiationStatus == QSslConfiguration::NextProtocolNegotiationNone &&
+            d->ocspStaplingEnabled == false);
 }
 
 /*!
@@ -1094,6 +1096,37 @@ void QSslConfiguration::setDefaultDtlsConfiguration(const QSslConfiguration &con
 
 #endif // dtls
 
+/*!
+    \since 5.13
+    If \a enabled is true, client QSslSocket will send a certificate status request
+    to its peer when initiating a handshake. During the handshake QSslSocket will
+    verify the server's response. This value must be set before the handshake
+    starts.
+
+    \sa ocspStaplingEnabled()
+*/
+void QSslConfiguration::setOcspStaplingEnabled(bool enabled)
+{
+#if QT_CONFIG(ocsp)
+    d->ocspStaplingEnabled = enabled;
+#else
+    if (enabled)
+        qCWarning(lcSsl, "Enabling OCSP-stapling requires the feature 'ocsp'");
+#endif // ocsp
+}
+
+/*!
+    \since 5.13
+    Returns true if OCSP stapling was enabled by setOCSPStaplingEnabled(),
+    otherwise false (which is the default value).
+
+    \sa setOcspStaplingEnabled()
+*/
+bool QSslConfiguration::ocspStaplingEnabled() const
+{
+    return d->ocspStaplingEnabled;
+}
+
 /*! \internal
 */
 bool QSslConfigurationPrivate::peerSessionWasShared(const QSslConfiguration &configuration) {