From a149659c5c028d4049c60c4f9a30b481a79cfe08 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Fri, 29 Jun 2018 11:33:36 +0200 Subject: Provide access to QSslCertificate on OpenSSL free Windows builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The QSslCertificate class can parse and provide details about SSL certificates without a proper backend, this can for instance be used by QtWebEngine to provide metadata about certificates, even on Windows builds without OpenSSL, as QtWebEngine does not use Qt's SSL stack. Change-Id: Ib48f1ed7315c5bc66721ec87ee651d8372f07f71 Reviewed-by: Timur Pocheptsov Reviewed-by: MÃ¥rten Nordheim --- src/network/ssl/qsslcertificate.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src/network/ssl/qsslcertificate.cpp') diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp index 6433b84e80..135dc9f7a9 100644 --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -125,7 +125,9 @@ #include "qssl_p.h" #include "qsslcertificate.h" #include "qsslcertificate_p.h" +#ifndef QT_NO_SSL #include "qsslkey_p.h" +#endif #include #include @@ -142,8 +144,12 @@ QT_BEGIN_NAMESPACE QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) : d(new QSslCertificatePrivate) { +#ifndef QT_NO_OPENSSL QSslSocketPrivate::ensureInitialized(); if (device && QSslSocket::supportsSsl()) +#else + if (device) +#endif d->init(device->readAll(), format); } @@ -156,8 +162,10 @@ QSslCertificate::QSslCertificate(QIODevice *device, QSsl::EncodingFormat format) QSslCertificate::QSslCertificate(const QByteArray &data, QSsl::EncodingFormat format) : d(new QSslCertificatePrivate) { +#ifndef QT_NO_OPENSSL QSslSocketPrivate::ensureInitialized(); if (QSslSocket::supportsSsl()) +#endif d->init(data, format); } @@ -557,6 +565,8 @@ QList QSslCertificate::fromData(const QByteArray &data, QSsl::E : QSslCertificatePrivate::certificatesFromDer(data); } +#ifndef QT_NO_SSL + /*! Verifies a certificate chain. The chain to be verified is passed in the \a certificateChain parameter. The first certificate in the list should @@ -600,6 +610,8 @@ bool QSslCertificate::importPkcs12(QIODevice *device, return QSslSocketBackendPrivate::importPkcs12(device, key, certificate, caCertificates, passPhrase); } +#endif + // These certificates are known to be fraudulent and were created during the comodo // compromise. See http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html static const char *const certificate_blacklist[] = { -- cgit v1.2.3