diff options
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qsslcertificate.cpp | 2 | ||||
-rw-r--r-- | src/network/ssl/qsslerror.h | 4 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket.h | 4 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 6 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols.cpp | 8 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl_symbols_p.h | 4 |
6 files changed, 20 insertions, 8 deletions
diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index e9353916cb..6d3a77b45f 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -245,7 +245,7 @@ bool QSslCertificate::isNull() const expiryDate() and effectiveDate() with QDateTime::currentDateTime() This function checks that the current - data-time is within the date-time range during which the + date-time is within the date-time range during which the certificate is considered valid, and checks that the certificate is not in a blacklist of fraudulent certificates. diff --git a/src/network/ssl/qsslerror.h b/src/network/ssl/qsslerror.h index a222e2c58d..1acc5cb6e5 100644 --- a/src/network/ssl/qsslerror.h +++ b/src/network/ssl/qsslerror.h @@ -122,6 +122,10 @@ Q_NETWORK_EXPORT QDebug operator<<(QDebug debug, const QSslError::SslError &erro QT_END_NAMESPACE +#ifndef QT_NO_SSL +Q_DECLARE_METATYPE(QList<QSslError>) +#endif + QT_END_HEADER #endif diff --git a/src/network/ssl/qsslsocket.h b/src/network/ssl/qsslsocket.h index 306fb636a6..37f7c484f4 100644 --- a/src/network/ssl/qsslsocket.h +++ b/src/network/ssl/qsslsocket.h @@ -223,10 +223,6 @@ private: QT_END_NAMESPACE -#ifndef QT_NO_SSL -Q_DECLARE_METATYPE(QList<QSslError>) -#endif - QT_END_HEADER #endif diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 39b49ce09e..9e0331391b 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -229,12 +229,12 @@ static int q_X509Callback(int ok, X509_STORE_CTX *ctx) { if (!ok) { // Store the error and at which depth the error was detected. - _q_sslErrorList()->errors << qMakePair<int, int>(ctx->error, ctx->error_depth); + _q_sslErrorList()->errors << qMakePair<int, int>(q_X509_STORE_CTX_get_error(ctx), q_X509_STORE_CTX_get_error_depth(ctx)); #ifdef QSSLSOCKET_DEBUG qDebug() << "verification error: dumping bad certificate"; - qDebug() << QSslCertificatePrivate::QSslCertificate_from_X509(ctx->current_cert).toPem(); + qDebug() << QSslCertificatePrivate::QSslCertificate_from_X509(q_X509_STORE_CTX_get_current_cert(ctx)).toPem(); qDebug() << "dumping chain"; - foreach (QSslCertificate cert, QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(ctx->chain)) { + foreach (QSslCertificate cert, QSslSocketBackendPrivate::STACKOFX509_to_QSslCertificates(q_X509_STORE_CTX_get_chain(ctx))) { QString certFormat(QStringLiteral("O=%1 CN=%2 L=%3 OU=%4 C=%5 ST=%6")); qDebug() << "Issuer:" << "O=" << cert.issuerInfo(QSslCertificate::Organization) << "CN=" << cert.issuerInfo(QSslCertificate::CommonName) diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index eeae9d461f..0df77b07f7 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -294,6 +294,10 @@ DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, re DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG) DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return) DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return) +DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return) +DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return) +DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return 0, return) +DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get_chain, X509_STORE_CTX *a, a, return 0, return) DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return 0, return) #ifdef SSLEAY_MACROS DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return) @@ -714,6 +718,10 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(X509_STORE_CTX_init) RESOLVEFUNC(X509_STORE_CTX_new) RESOLVEFUNC(X509_STORE_CTX_set_purpose) + RESOLVEFUNC(X509_STORE_CTX_get_error) + RESOLVEFUNC(X509_STORE_CTX_get_error_depth) + RESOLVEFUNC(X509_STORE_CTX_get_current_cert) + RESOLVEFUNC(X509_STORE_CTX_get_chain) RESOLVEFUNC(X509_cmp) #ifndef SSLEAY_MACROS RESOLVEFUNC(X509_dup) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index 40c6522d93..2be84331e3 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -398,6 +398,10 @@ int q_X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, STACK_OF(X509) *chain); X509_STORE_CTX *q_X509_STORE_CTX_new(); int q_X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); +int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); +int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); +X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); +STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); #define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) #define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) |