From 23173c725ce8b1c5b03498c9fa2bb334d40ec6f4 Mon Sep 17 00:00:00 2001
From: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
Date: Thu, 9 Jun 2016 10:36:50 +0200
Subject: QSslSocket (OpenSSL) - handle abort/close on sslErrors emitted

If a user's code, attached to sslErrors signal, calls abort/close
or disconnectFromHost but our SSL socket was configured not to verify a peer,
no need to continue handshake after calling checkSslErrors
(and finally crashing on invalid 'ssl' pointer).

Task-number: QTBUG-53906
Change-Id: I7f185511d278f9d6f16e7d6c5ba424707141459c
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@theqtcompany.com>
---
 src/network/ssl/qsslsocket_openssl.cpp | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 57cedf2c22..82644c155c 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1240,6 +1240,11 @@ bool QSslSocketBackendPrivate::startHandshake()
 #endif
         if (!checkSslErrors())
             return false;
+        // A slot, attached to sslErrors signal can call
+        // abort/close/disconnetFromHost/etc; no need to
+        // continue handshake then.
+        if (q->state() != QAbstractSocket::ConnectedState)
+            return false;
     } else {
         sslErrors.clear();
     }
-- 
cgit v1.2.3