QSslSocket::setSslSonfiguration - set d.configuration properly

We end up with an absurd situation: QSslConfiguration conf; //we set CA certs so that on demand loading is disabled: conf.setCaCertificates({...}); QSslSocket s; s.setSslConfiguration(conf); Q_ASSERT(conf == s.sslConfiguration); // this assert fails. Pick-to: 5.15 Change-Id: I272bed145434082acc6ead95fe3640d222b21131 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2020-05-08 12:52:25 +02:00 · 2020-05-08 12:52:25 +02:00 · 920487bf6b
parent f579be96f7
commit 920487bf6b
2 changed files with 23 additions and 1 deletions
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@ -1111,8 +1111,10 @@ void QSslSocket::setSslConfiguration(const QSslConfiguration &configuration)
    // if the CA certificates were set explicitly (either via
    // QSslConfiguration::setCaCertificates() or QSslSocket::setCaCertificates(),
    // we cannot load the certificates on demand
-    if (!configuration.d->allowRootCertOnDemandLoading)
+    if (!configuration.d->allowRootCertOnDemandLoading) {
        d->allowRootCertOnDemandLoading = false;
+        d->configuration.allowRootCertOnDemandLoading = false;
+    }
 }

 /*!
--- a/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
+++ b/tests/auto/network/ssl/qsslsocket/tst_qsslsocket.cpp
@ -151,6 +151,7 @@ public slots:
 #ifndef QT_NO_SSL
 private slots:
    void constructing();
+    void configNoOnDemandLoad();
    void simpleConnect();
    void simpleConnectWithIgnore();

@ -590,6 +591,25 @@ void tst_QSslSocket::constructing()
    QSslConfiguration::setDefaultConfiguration(savedDefault);
 }

+void tst_QSslSocket::configNoOnDemandLoad()
+{
+    QFETCH_GLOBAL(bool, setProxy);
+    if (setProxy)
+        return; // NoProxy is enough.
+
+    // We noticed a peculiar situation, where a configuration
+    // set on a socket is not equal to the configuration we
+    // get back from the socket afterwards.
+    auto customConfig = QSslConfiguration::defaultConfiguration();
+    // Setting CA certificates disables loading root certificates
+    // during verification:
+    customConfig.setCaCertificates(customConfig.caCertificates());
+
+    QSslSocket socket;
+    socket.setSslConfiguration(customConfig);
+    QCOMPARE(customConfig, socket.sslConfiguration());
+}
+
 void tst_QSslSocket::simpleConnect()
 {
    if (!QSslSocket::supportsSsl())