summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket_openssl.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
-rw-r--r--src/network/ssl/qsslsocket_openssl.cpp7
1 files changed, 7 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 0866534..2427193 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -1193,6 +1193,13 @@ bool QSslSocketBackendPrivate::startHandshake()
X509 *x509 = q_SSL_get_peer_certificate(ssl);
configuration.peerCertificate = QSslCertificatePrivate::QSslCertificate_from_X509(x509);
q_X509_free(x509);
+ if (QSslCertificatePrivate::isBlacklisted(configuration.peerCertificate)) {
+ q->setErrorString(QSslSocket::tr("The peer certificate is blacklisted"));
+ q->setSocketError(QAbstractSocket::SslHandshakeFailedError);
+ emit q->error(QAbstractSocket::SslHandshakeFailedError);
+ plainSocket->disconnectFromHost();
+ return false;
+ }
// Start translating errors.
QList<QSslError> errors;
generated by cgit v0.12 at 2024-12-28 14:34:17 (GMT)