Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-119463

Improve QSslConfiguration::peerVerifyDepth() , setPeerVerifyDepth() documentation

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • P2: Important
    • None
    • 6.6.2
    • Documentation, Network: SSL
    • None

    Description

      QSslConfiguration::peerVerifyDepth(), QSslConfiguration::setPeerVerifyDepth() documentation could be improved:

      • The documentation says the default for peerVerifyDepth is 0, and that "0 [...] indicate[s] that the whole certificate chain should be checked." This seems not the case for the OpenSSL backend, as the OpenSSL documentation claims "The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate. ".
      • The documentation is unclear on what happens if the depth is reached. It could be derived that, in this case, a certificate is just accepted, while the OpenSSL documentation hints that an error will be raised. For the TLS backend, it seems it is ignored though .

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            tpochep Timur Pocheptsov
            kkohne Kai Köhne
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes