From 474bee61e4a1c6797ff876bd0ae25ba87d33a4ec Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Fri, 23 Oct 2015 16:32:59 +0200 Subject: QtNetwork: convert some QDateTime::currentDateTime() to currentDateTimeUtc() The latter is much faster as it doesn't have to deal with time zones. This change is safe, because the QDateTimes are only used for comparison with other QDateTimes, which, from a quick glance around, seem to be mostly, if not exclusively, in UTC. Comparsions work across time zones, but the comparison between UTC date-times is fastest. Credits to Milian Wolff, from whose QtWS15 talk this advice is taken. Change-Id: I6859d886d8dc8e0a52fbe394fbb7b93a87b4739a Reviewed-by: Milian Wolff Reviewed-by: Friedemann Kleint Reviewed-by: Lars Knoll --- src/network/access/qnetworkcookiejar.cpp | 4 ++-- src/network/ssl/qsslcertificate.h | 2 +- src/network/ssl/qsslcontext_openssl.cpp | 4 +++- src/network/ssl/qsslsocket_openssl.cpp | 3 ++- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 3cefb28f68..39f94a451f 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -216,7 +216,7 @@ QList QNetworkCookieJar::cookiesForUrl(const QUrl &url) const // It does not implement a very good cross-domain verification yet. Q_D(const QNetworkCookieJar); - QDateTime now = QDateTime::currentDateTime(); + const QDateTime now = QDateTime::currentDateTimeUtc(); QList result; bool isEncrypted = url.scheme().toLower() == QLatin1String("https"); @@ -265,7 +265,7 @@ QList QNetworkCookieJar::cookiesForUrl(const QUrl &url) const bool QNetworkCookieJar::insertCookie(const QNetworkCookie &cookie) { Q_D(QNetworkCookieJar); - QDateTime now = QDateTime::currentDateTime(); + const QDateTime now = QDateTime::currentDateTimeUtc(); bool isDeletion = !cookie.isSessionCookie() && cookie.expirationDate() < now; diff --git a/src/network/ssl/qsslcertificate.h b/src/network/ssl/qsslcertificate.h index af605b0629..d58cfcf5d1 100644 --- a/src/network/ssl/qsslcertificate.h +++ b/src/network/ssl/qsslcertificate.h @@ -97,7 +97,7 @@ public: bool isNull() const; #if QT_DEPRECATED_SINCE(5,0) QT_DEPRECATED inline bool isValid() const { - const QDateTime currentTime = QDateTime::currentDateTime(); + const QDateTime currentTime = QDateTime::currentDateTimeUtc(); return currentTime >= effectiveDate() && currentTime <= expiryDate() && !isBlacklisted(); diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index b88ab54038..68caaeb6dc 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -215,6 +215,8 @@ init_context: return sslContext; } + const QDateTime now = QDateTime::currentDateTimeUtc(); + // Add all our CAs to this store. foreach (const QSslCertificate &caCertificate, sslContext->sslConfiguration.caCertificates()) { // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: @@ -228,7 +230,7 @@ init_context: // certificates mixed with valid ones. // // See also: QSslSocketBackendPrivate::verify() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { + if (caCertificate.expiryDate() >= now) { q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(sslContext->ctx), (X509 *)caCertificate.handle()); } } diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index a8e4c61e9a..dd47dfc45f 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1660,6 +1660,7 @@ QList QSslSocketBackendPrivate::verify(const QList & setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates()); } + const QDateTime now = QDateTime::currentDateTimeUtc(); foreach (const QSslCertificate &caCertificate, QSslConfiguration::defaultConfiguration().caCertificates()) { // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: // @@ -1672,7 +1673,7 @@ QList QSslSocketBackendPrivate::verify(const QList & // certificates mixed with valid ones. // // See also: QSslContext::fromConfiguration() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { + if (caCertificate.expiryDate() >= now) { q_X509_STORE_add_cert(certStore, reinterpret_cast(caCertificate.handle())); } } -- cgit v1.2.3