From 19a562a92318f417bb4dca0cae2b97f28a98a7e2 Mon Sep 17 00:00:00 2001
From: Martin Petersson <Martin.Petersson@nokia.com>
Date: Tue, 21 Feb 2012 15:28:18 +0100
Subject: QSslSocket::verify certificates when on-demand loading is used

Task-number: QTBUG-24350
Change-Id: I5a328efe6606f5d438bb4787a5c02a425ce42aca
Reviewed-by: Richard J. Moore <rich@kde.org>
---
 src/network/ssl/qsslsocket_openssl.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/network/ssl/qsslsocket_openssl.cpp')

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index f62f3c1229..20ad82407c 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1384,6 +1384,10 @@ QList<QSslError> QSslSocketBackendPrivate::verify(QList<QSslCertificate> certifi
         return errors;
     }
 
+    if (s_loadRootCertsOnDemand) {
+        setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates());
+    }
+
     QList<QSslCertificate> expiredCerts;
 
     foreach (const QSslCertificate &caCertificate, QSslSocket::defaultCaCertificates()) {
-- 
cgit v1.2.3