1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TLS[openssl]: Use optional<> for CA cert we are fetching

Browse Source 
The QSslCertificate ctor is somewhat expensive, especially when we are
shutting down. By using optional<> we simply reset() it and no longer
need to create a new, valid, certificate.

Task-number: QTBUG-102474
Change-Id: I514433b0d380dd3ceabbed3a6164f7e3efc490c7
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Konrad Kujawa <konrad.kujawa@qt.io>
(cherry picked from commit 61bfe87a64ca322de0ebf9bf61a0a0a81ee5bf7d)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Mårten Nordheim 2023-02-16 16:50:48 +01:00 committed by Qt Cherry-pick Bot
parent 66af62b2eb
commit 376b33addf
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/plugins/tls/openssl/qtls_openssl.cpp
View File

@ -490,7 +490,7 @@ void TlsCryptographOpenSSL::init(QSslSocket *qObj, QSslSocketPrivate *dObj)
handshakeInterrupted = false; handshakeInterrupted = false;
fetchAuthorityInformation = false; fetchAuthorityInformation = false;
caToFetch = QSslCertificate{}; caToFetch.reset();
} }
void TlsCryptographOpenSSL::checkSettingSslContext(std::shared_ptr<QSslContext> tlsContext) void TlsCryptographOpenSSL::checkSettingSslContext(std::shared_ptr<QSslContext> tlsContext)
@ -749,7 +749,7 @@ void TlsCryptographOpenSSL::enableHandshakeContinuation()
void TlsCryptographOpenSSL::cancelCAFetch() void TlsCryptographOpenSSL::cancelCAFetch()
{ {
fetchAuthorityInformation = false; fetchAuthorityInformation = false;
caToFetch = QSslCertificate{}; caToFetch.reset();
} }
void TlsCryptographOpenSSL::continueHandshake() void TlsCryptographOpenSSL::continueHandshake()
@ -1803,7 +1803,7 @@ void TlsCryptographOpenSSL::caRootLoaded(QSslCertificate cert, QSslCertificate t
Q_ASSERT(q); Q_ASSERT(q);
//Done, fetched already: //Done, fetched already:
caToFetch = QSslCertificate{}; caToFetch.reset();
if (fetchAuthorityInformation) { if (fetchAuthorityInformation) {
if (!q->sslConfiguration().caCertificates().contains(trustedRoot)) if (!q->sslConfiguration().caCertificates().contains(trustedRoot))

2
src/plugins/tls/openssl/qtls_openssl_p.h
View File

@ -120,7 +120,7 @@ private:
bool handshakeInterrupted = false; bool handshakeInterrupted = false;
bool fetchAuthorityInformation = false; bool fetchAuthorityInformation = false;
QSslCertificate caToFetch; std::optional<QSslCertificate> caToFetch;
bool inSetAndEmitError = false; bool inSetAndEmitError = false;
bool pendingFatalAlert = false; bool pendingFatalAlert = false;