diff options
author | Andreas Kling <andreas.kling@nokia.com> | 2010-06-28 11:00:56 (GMT) |
---|---|---|
committer | Andreas Kling <andreas.kling@nokia.com> | 2010-06-28 11:44:20 (GMT) |
commit | 94e7b873ed5c04d4850a9e36970906113f12cd55 (patch) | |
tree | fcd541ac3fd2c7a198d410642a58d7101ba7166e /src/network/ssl | |
parent | 8f3cbe7e844ee49b1e25544d9b90218b00efa548 (diff) | |
download | Qt-94e7b873ed5c04d4850a9e36970906113f12cd55.zip Qt-94e7b873ed5c04d4850a9e36970906113f12cd55.tar.gz Qt-94e7b873ed5c04d4850a9e36970906113f12cd55.tar.bz2 |
Don't load ciphers and system certificates for QSslSocket::supportsSsl()
Loading these uses about 1 MB of memory and can be be deferred until
it's actually needed.
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 2 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 50 | ||||
-rw-r--r-- | src/network/ssl/qsslsocket_p.h | 10 |
3 files changed, 50 insertions, 12 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index a8c602a..f85fa84 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -1556,7 +1556,7 @@ QList<QSslError> QSslSocket::sslErrors() const */ bool QSslSocket::supportsSsl() { - return QSslSocketPrivate::ensureInitialized(); + return QSslSocketPrivate::supportsSsl(); } /*! diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 9bd93a2..fa26fe8 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -72,6 +72,9 @@ QT_BEGIN_NAMESPACE +bool QSslSocketPrivate::s_libraryLoaded = false; +bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; + // Useful defines #define SSL_ERRORSTR() QString::fromLocal8Bit(q_ERR_error_string(q_ERR_get_error(), NULL)) @@ -398,19 +401,24 @@ void QSslSocketPrivate::deinitialize() /*! \internal - Declared static in QSslSocketPrivate, makes sure the SSL libraries have - been initialized. + Does the minimum amount of initialization to determine whether SSL + is supported or not. */ -bool QSslSocketPrivate::ensureInitialized() + +bool QSslSocketPrivate::supportsSsl() +{ + return ensureLibraryLoaded(); +} + +bool QSslSocketPrivate::ensureLibraryLoaded() { if (!q_resolveOpenSslSymbols()) return false; // Check if the library itself needs to be initialized. QMutexLocker locker(openssl_locks()->initLock()); - static int q_initialized = false; - if (!q_initialized) { - q_initialized = true; + if (!s_libraryLoaded) { + s_libraryLoaded = true; // Initialize OpenSSL. q_CRYPTO_set_id_callback(id_function); @@ -447,10 +455,33 @@ bool QSslSocketPrivate::ensureInitialized() if (!attempts) return false; } - - resetDefaultCiphers(); - setDefaultCaCertificates(systemCaCertificates()); } + return true; +} + +void QSslSocketPrivate::ensureCiphersAndCertsLoaded() +{ + if (s_loadedCiphersAndCerts) + return; + s_loadedCiphersAndCerts = true; + + resetDefaultCiphers(); + setDefaultCaCertificates(systemCaCertificates()); +} + +/*! + \internal + + Declared static in QSslSocketPrivate, makes sure the SSL libraries have + been initialized. +*/ + +void QSslSocketPrivate::ensureInitialized() +{ + if (!supportsSsl()) + return; + + ensureCiphersAndCertsLoaded(); //load symbols needed to receive certificates from system store #if defined(Q_OS_MAC) @@ -481,7 +512,6 @@ bool QSslSocketPrivate::ensureInitialized() qWarning("could not load crypt32 library"); // should never happen } #endif - return true; } /*! diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h index d3c3858..09775bc 100644 --- a/src/network/ssl/qsslsocket_p.h +++ b/src/network/ssl/qsslsocket_p.h @@ -108,7 +108,8 @@ public: // that was used for connecting to. QString verificationPeerName; - static bool ensureInitialized(); + static bool supportsSsl(); + static void ensureInitialized(); static void deinitialize(); static QList<QSslCipher> defaultCiphers(); static QList<QSslCipher> supportedCiphers(); @@ -154,6 +155,13 @@ public: virtual void disconnectFromHost() = 0; virtual void disconnected() = 0; virtual QSslCipher sessionCipher() const = 0; + +private: + static bool ensureLibraryLoaded(); + static void ensureCiphersAndCertsLoaded(); + + static bool s_libraryLoaded; + static bool s_loadedCiphersAndCerts; }; QT_END_NAMESPACE |