summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket_openssl.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
-rw-r--r--src/network/ssl/qsslsocket_openssl.cpp59
1 files changed, 0 insertions, 59 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index f869039687..dc08954d6e 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1552,65 +1552,6 @@ QList<QSslCertificate> QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates
return certificates;
}
-bool QSslSocketBackendPrivate::isMatchingHostname(const QSslCertificate &cert, const QString &peerName)
-{
- QStringList commonNameList = cert.subjectInfo(QSslCertificate::CommonName);
-
- foreach (const QString &commonName, commonNameList) {
- if (isMatchingHostname(commonName.toLower(), peerName.toLower())) {
- return true;
- }
- }
-
- foreach (const QString &altName, cert.subjectAlternativeNames().values(QSsl::DnsEntry)) {
- if (isMatchingHostname(altName.toLower(), peerName.toLower())) {
- return true;
- }
- }
-
- return false;
-}
-
-bool QSslSocketBackendPrivate::isMatchingHostname(const QString &cn, const QString &hostname)
-{
- int wildcard = cn.indexOf(QLatin1Char('*'));
-
- // Check this is a wildcard cert, if not then just compare the strings
- if (wildcard < 0)
- return cn == hostname;
-
- int firstCnDot = cn.indexOf(QLatin1Char('.'));
- int secondCnDot = cn.indexOf(QLatin1Char('.'), firstCnDot+1);
-
- // Check at least 3 components
- if ((-1 == secondCnDot) || (secondCnDot+1 >= cn.length()))
- return false;
-
- // Check * is last character of 1st component (ie. there's a following .)
- if (wildcard+1 != firstCnDot)
- return false;
-
- // Check only one star
- if (cn.lastIndexOf(QLatin1Char('*')) != wildcard)
- return false;
-
- // Check characters preceding * (if any) match
- if (wildcard && (hostname.leftRef(wildcard) != cn.leftRef(wildcard)))
- return false;
-
- // Check characters following first . match
- if (hostname.midRef(hostname.indexOf(QLatin1Char('.'))) != cn.midRef(firstCnDot))
- return false;
-
- // Check if the hostname is an IP address, if so then wildcards are not allowed
- QHostAddress addr(hostname);
- if (!addr.isNull())
- return false;
-
- // Ok, I guess this was a wildcard CN and the hostname matches.
- return true;
-}
-
QList<QSslError> QSslSocketBackendPrivate::verify(QList<QSslCertificate> certificateChain, const QString &hostName)
{
QList<QSslError> errors;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-24 14:44:54 +0000