diff --git a/src/network/access/qnetworkcookiejar.cpp b/src/network/access/qnetworkcookiejar.cpp index 3cefb28f682..39f94a451fb 100644 --- a/src/network/access/qnetworkcookiejar.cpp +++ b/src/network/access/qnetworkcookiejar.cpp @@ -216,7 +216,7 @@ QList QNetworkCookieJar::cookiesForUrl(const QUrl &url) const // It does not implement a very good cross-domain verification yet. Q_D(const QNetworkCookieJar); - QDateTime now = QDateTime::currentDateTime(); + const QDateTime now = QDateTime::currentDateTimeUtc(); QList result; bool isEncrypted = url.scheme().toLower() == QLatin1String("https"); @@ -265,7 +265,7 @@ QList QNetworkCookieJar::cookiesForUrl(const QUrl &url) const bool QNetworkCookieJar::insertCookie(const QNetworkCookie &cookie) { Q_D(QNetworkCookieJar); - QDateTime now = QDateTime::currentDateTime(); + const QDateTime now = QDateTime::currentDateTimeUtc(); bool isDeletion = !cookie.isSessionCookie() && cookie.expirationDate() < now; diff --git a/src/network/ssl/qsslcertificate.h b/src/network/ssl/qsslcertificate.h index af605b06293..d58cfcf5d16 100644 --- a/src/network/ssl/qsslcertificate.h +++ b/src/network/ssl/qsslcertificate.h @@ -97,7 +97,7 @@ public: bool isNull() const; #if QT_DEPRECATED_SINCE(5,0) QT_DEPRECATED inline bool isValid() const { - const QDateTime currentTime = QDateTime::currentDateTime(); + const QDateTime currentTime = QDateTime::currentDateTimeUtc(); return currentTime >= effectiveDate() && currentTime <= expiryDate() && !isBlacklisted(); diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index b88ab540386..68caaeb6dc2 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -215,6 +215,8 @@ init_context: return sslContext; } + const QDateTime now = QDateTime::currentDateTimeUtc(); + // Add all our CAs to this store. foreach (const QSslCertificate &caCertificate, sslContext->sslConfiguration.caCertificates()) { // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: @@ -228,7 +230,7 @@ init_context: // certificates mixed with valid ones. // // See also: QSslSocketBackendPrivate::verify() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { + if (caCertificate.expiryDate() >= now) { q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(sslContext->ctx), (X509 *)caCertificate.handle()); } } diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index a8e4c61e9a8..dd47dfc45f6 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -1660,6 +1660,7 @@ QList QSslSocketBackendPrivate::verify(const QList & setDefaultCaCertificates(defaultCaCertificates() + systemCaCertificates()); } + const QDateTime now = QDateTime::currentDateTimeUtc(); foreach (const QSslCertificate &caCertificate, QSslConfiguration::defaultConfiguration().caCertificates()) { // From https://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html: // @@ -1672,7 +1673,7 @@ QList QSslSocketBackendPrivate::verify(const QList & // certificates mixed with valid ones. // // See also: QSslContext::fromConfiguration() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { + if (caCertificate.expiryDate() >= now) { q_X509_STORE_add_cert(certStore, reinterpret_cast(caCertificate.handle())); } }