2 files changed, 39 insertions, 9 deletions

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index dd50c38..9a9b1b5 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -304,6 +304,7 @@ static QString _q_SubjectInfoToString(QSslCertificate::SubjectInfo info)
 */
 QString QSslCertificate::issuerInfo(SubjectInfo info) const
 {
+    // lazy init
     if (d->issuerInfo.isEmpty() && d->x509)
         d->issuerInfo =
                 _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_issuer_name(d->x509), 0, 0));
@@ -320,7 +321,11 @@ QString QSslCertificate::issuerInfo(SubjectInfo info) const
 */
 QString QSslCertificate::issuerInfo(const QByteArray &tag) const
 {
-    // ### Use a QByteArray for the keys in the map
+    // lazy init
+    if (d->issuerInfo.isEmpty() && d->x509)
+        d->issuerInfo =
+                _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_issuer_name(d->x509), 0, 0));
+
     return d->issuerInfo.value(QString::fromLatin1(tag));
 }
 
@@ -335,6 +340,7 @@ QString QSslCertificate::issuerInfo(const QByteArray &tag) const
 */
 QString QSslCertificate::subjectInfo(SubjectInfo info) const
 {
+    // lazy init
     if (d->subjectInfo.isEmpty() && d->x509)
         d->subjectInfo =
                 _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_subject_name(d->x509), 0, 0));
@@ -350,7 +356,11 @@ QString QSslCertificate::subjectInfo(SubjectInfo info) const
 */
 QString QSslCertificate::subjectInfo(const QByteArray &tag) const
 {
-    // ### Use a QByteArray for the keys in the map
+    // lazy init
+    if (d->subjectInfo.isEmpty() && d->x509)
+        d->subjectInfo =
+                _q_mapFromOnelineName(q_X509_NAME_oneline(q_X509_get_subject_name(d->x509), 0, 0));
+
     return d->subjectInfo.value(QString::fromLatin1(tag));
 }
 
@@ -686,11 +696,11 @@ QSslCertificate QSslCertificatePrivate::QSslCertificate_from_X509(X509 *x509)
 
 static bool matchLineFeed(const QByteArray &pem, int *offset)
 {
-    char ch = pem.at(*offset);
+    char ch;
 
     // ignore extra whitespace at the end of the line
-    while (ch == ' ' && *offset < pem.size())
-        ch = pem.at(++*offset);
+    while (*offset < pem.size() && (ch = pem.at(*offset)) == ' ')
+        ++*offset;
 
     if (ch == '\n') {
         *offset += 1;
@@ -722,7 +732,7 @@ QList<QSslCertificate> QSslCertificatePrivate::certificatesFromPem(const QByteAr
             break;
 
         offset = endPos + sizeof(ENDCERTSTRING) - 1;
-        if (!matchLineFeed(pem, &offset))
+        if (offset < pem.size() && !matchLineFeed(pem, &offset))
             break;
 
         QByteArray decoded = QByteArray::fromBase64(
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index de1583e..892d330 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -553,6 +553,12 @@ void QSslSocketBackendPrivate::transmit()
 #endif
                 writeBuffer.free(writtenBytes);
                 totalBytesWritten += writtenBytes;
+
+                if (writtenBytes < nextDataBlockSize) {
+                    // break out of the writing loop and try again after we had read
+                    transmitting = true;
+                    break;
+                }
             }
 
             if (totalBytesWritten > 0) {
@@ -586,12 +592,26 @@ void QSslSocketBackendPrivate::transmit()
             while ((pendingBytes = plainSocket->bytesAvailable()) > 0) {
                 // Read encrypted data from the socket into a buffer.
                 data.resize(pendingBytes);
-                int decryptedBytesRead = plainSocket->read(data.data(), pendingBytes);
+                // just peek() here because q_BIO_write could write less data than expected
+                int encryptedBytesRead = plainSocket->peek(data.data(), pendingBytes);
 #ifdef QSSLSOCKET_DEBUG
-                qDebug() << "QSslSocketBackendPrivate::transmit: read" << decryptedBytesRead << "encrypted bytes from the socket";
+                qDebug() << "QSslSocketBackendPrivate::transmit: read" << encryptedBytesRead << "encrypted bytes from the socket";
 #endif
                 // Write encrypted data from the buffer into the read BIO.
-                q_BIO_write(readBio, data.constData(), decryptedBytesRead);
+                int writtenToBio = q_BIO_write(readBio, data.constData(), encryptedBytesRead);
+
+                // do the actual read() here and throw away the results.
+                if (writtenToBio > 0) {
+                    // ### TODO: make this cheaper by not making it memcpy. E.g. make it work with data=0x0 or make it work with seek
+                    plainSocket->read(data.data(), writtenToBio);
+                } else {
+                    // ### Better error handling.
+                    q->setErrorString(QSslSocket::tr("Unable to decrypt data: %1").arg(SSL_ERRORSTR()));
+                    q->setSocketError(QAbstractSocket::UnknownSocketError);
+                    emit q->error(QAbstractSocket::UnknownSocketError);
+                    return;
+                }
+
                 transmitting = true;
             }