Merge remote-tracking branch 'origin/4.7' into HEAD

Conflicts:
	configure
	mkspecs/symbian-gcce/qmake.conf
	qmake/generators/metamakefile.cpp
	qmake/generators/win32/mingw_make.cpp
	src/corelib/global/global.pri
	src/corelib/global/qglobal.h
	src/opengl/qgl.cpp
	src/opengl/qwindowsurface_gl.cpp
	src/plugins/platforms/wayland/qwaylandbuffer.h
	tests/auto/qnetworkreply/tst_qnetworkreply.cpp
	tools/designer/src/components/formeditor/qdesigner_resource.cpp

1 files changed, 11 insertions, 2 deletions

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 3d7612a..c1b1712 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -325,9 +325,18 @@ init_context:
             q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
         }
     }
+
+    bool addExpiredCerts = true;
+#if defined(Q_OS_MAC) && (MAC_OS_X_VERSION_MAX_ALLOWED == MAC_OS_X_VERSION_10_5)
+    //On Leopard SSL does not work if we add the expired certificates.
+    if (QSysInfo::MacintoshVersion == QSysInfo::MV_10_5)
+       addExpiredCerts = false;
+#endif
     // now add the expired certs
-    foreach (const QSslCertificate &caCertificate, expiredCerts) {
-        q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
+    if (addExpiredCerts) {
+        foreach (const QSslCertificate &caCertificate, expiredCerts) {
+            q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
+        }
     }
 
     if (s_loadRootCertsOnDemand && allowRootCertOnDemandLoading) {