diff options
| author | Peter Hartmann <peter.hartmann@nokia.com> | 2011-02-22 09:49:39 (GMT) |
|---|---|---|
| committer | Peter Hartmann <peter.hartmann@nokia.com> | 2011-02-23 14:07:05 (GMT) |
| commit | 60d972c8a39a691ea5a7afb79138fcd77a529605 (patch) | |
| tree | 90d1b67a536d3758a2ce8a92cc7d2f13d03a7d01 /src/network/ssl/qsslsocket_p.h | |
| parent | 9741b5c067496e24fbf37395e954003d0803c72e (diff) | |
| download | Qt-60d972c8a39a691ea5a7afb79138fcd77a529605.zip Qt-60d972c8a39a691ea5a7afb79138fcd77a529605.tar.gz Qt-60d972c8a39a691ea5a7afb79138fcd77a529605.tar.bz2 | |
SSL backend: loat root certificates on demand on Unix (excluding Mac)
Previously, on initializing the first QSslSocket, we read all root
certificates into memory (~ 150 files).
Now, we tell OpenSSL where to find the root certificates, so that they
can be loaded on demand (if supported, see 'man c_rehash' for details).
Reviewed-by: Markus Goetz
Task-number: QTBUG-14016
Diffstat (limited to 'src/network/ssl/qsslsocket_p.h')
| -rw-r--r-- | src/network/ssl/qsslsocket_p.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index 3a14488..7b92f95 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -112,6 +112,8 @@ public: // that was used for connecting to. QString verificationPeerName; + bool allowRootCertOnDemandLoading; + static bool supportsSsl(); static void ensureInitialized(); static void deinitialize(); @@ -168,6 +170,9 @@ private: static bool s_libraryLoaded; static bool s_loadedCiphersAndCerts; +protected: + static bool s_loadRootCertsOnDemand; + static QList<QByteArray> unixRootCertDirectories(); }; QT_END_NAMESPACE |