summaryrefslogtreecommitdiffstats
path: root/src/network/ssl
diff options
context:
space:
mode:
authorAndreas Kling <andreas.kling@nokia.com>2010-06-28 11:00:56 (GMT)
committerAndreas Kling <andreas.kling@nokia.com>2010-06-28 11:44:20 (GMT)
commit94e7b873ed5c04d4850a9e36970906113f12cd55 (patch)
treefcd541ac3fd2c7a198d410642a58d7101ba7166e /src/network/ssl
parent8f3cbe7e844ee49b1e25544d9b90218b00efa548 (diff)
downloadQt-94e7b873ed5c04d4850a9e36970906113f12cd55.zip
Qt-94e7b873ed5c04d4850a9e36970906113f12cd55.tar.gz
Qt-94e7b873ed5c04d4850a9e36970906113f12cd55.tar.bz2
Don't load ciphers and system certificates for QSslSocket::supportsSsl()
Loading these uses about 1 MB of memory and can be be deferred until it's actually needed. Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
Diffstat (limited to 'src/network/ssl')
-rw-r--r--src/network/ssl/qsslsocket.cpp2
-rw-r--r--src/network/ssl/qsslsocket_openssl.cpp50
-rw-r--r--src/network/ssl/qsslsocket_p.h10
3 files changed, 50 insertions, 12 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp
index a8c602a..f85fa84 100644
--- a/src/network/ssl/qsslsocket.cpp
+++ b/src/network/ssl/qsslsocket.cpp
@@ -1556,7 +1556,7 @@ QList<QSslError> QSslSocket::sslErrors() const
*/
bool QSslSocket::supportsSsl()
{
- return QSslSocketPrivate::ensureInitialized();
+ return QSslSocketPrivate::supportsSsl();
}
/*!
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 9bd93a2..fa26fe8 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -72,6 +72,9 @@
QT_BEGIN_NAMESPACE
+bool QSslSocketPrivate::s_libraryLoaded = false;
+bool QSslSocketPrivate::s_loadedCiphersAndCerts = false;
+
// Useful defines
#define SSL_ERRORSTR() QString::fromLocal8Bit(q_ERR_error_string(q_ERR_get_error(), NULL))
@@ -398,19 +401,24 @@ void QSslSocketPrivate::deinitialize()
/*!
\internal
- Declared static in QSslSocketPrivate, makes sure the SSL libraries have
- been initialized.
+ Does the minimum amount of initialization to determine whether SSL
+ is supported or not.
*/
-bool QSslSocketPrivate::ensureInitialized()
+
+bool QSslSocketPrivate::supportsSsl()
+{
+ return ensureLibraryLoaded();
+}
+
+bool QSslSocketPrivate::ensureLibraryLoaded()
{
if (!q_resolveOpenSslSymbols())
return false;
// Check if the library itself needs to be initialized.
QMutexLocker locker(openssl_locks()->initLock());
- static int q_initialized = false;
- if (!q_initialized) {
- q_initialized = true;
+ if (!s_libraryLoaded) {
+ s_libraryLoaded = true;
// Initialize OpenSSL.
q_CRYPTO_set_id_callback(id_function);
@@ -447,10 +455,33 @@ bool QSslSocketPrivate::ensureInitialized()
if (!attempts)
return false;
}
-
- resetDefaultCiphers();
- setDefaultCaCertificates(systemCaCertificates());
}
+ return true;
+}
+
+void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
+{
+ if (s_loadedCiphersAndCerts)
+ return;
+ s_loadedCiphersAndCerts = true;
+
+ resetDefaultCiphers();
+ setDefaultCaCertificates(systemCaCertificates());
+}
+
+/*!
+ \internal
+
+ Declared static in QSslSocketPrivate, makes sure the SSL libraries have
+ been initialized.
+*/
+
+void QSslSocketPrivate::ensureInitialized()
+{
+ if (!supportsSsl())
+ return;
+
+ ensureCiphersAndCertsLoaded();
//load symbols needed to receive certificates from system store
#if defined(Q_OS_MAC)
@@ -481,7 +512,6 @@ bool QSslSocketPrivate::ensureInitialized()
qWarning("could not load crypt32 library"); // should never happen
}
#endif
- return true;
}
/*!
diff --git a/src/network/ssl/qsslsocket_p.h b/src/network/ssl/qsslsocket_p.h
index d3c3858..09775bc 100644
--- a/src/network/ssl/qsslsocket_p.h
+++ b/src/network/ssl/qsslsocket_p.h
@@ -108,7 +108,8 @@ public:
// that was used for connecting to.
QString verificationPeerName;
- static bool ensureInitialized();
+ static bool supportsSsl();
+ static void ensureInitialized();
static void deinitialize();
static QList<QSslCipher> defaultCiphers();
static QList<QSslCipher> supportedCiphers();
@@ -154,6 +155,13 @@ public:
virtual void disconnectFromHost() = 0;
virtual void disconnected() = 0;
virtual QSslCipher sessionCipher() const = 0;
+
+private:
+ static bool ensureLibraryLoaded();
+ static void ensureCiphersAndCertsLoaded();
+
+ static bool s_libraryLoaded;
+ static bool s_loadedCiphersAndCerts;
};
QT_END_NAMESPACE