Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-119463

Improve QSslConfiguration::peerVerifyDepth() , setPeerVerifyDepth() documentation

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Out of scope
    • Icon: P2: Important P2: Important
    • None
    • 6.6.2
    • Documentation, Network: SSL
    • None

      QSslConfiguration::peerVerifyDepth(), QSslConfiguration::setPeerVerifyDepth() documentation could be improved:

      • The documentation says the default for peerVerifyDepth is 0, and that "0 [...] indicate[s] that the whole certificate chain should be checked." This seems not the case for the OpenSSL backend, as the OpenSSL documentation claims "The default depth limit is 100, allowing for the peer certificate, at most 100 intermediate CA certificates and a final trust anchor certificate. ".
      • The documentation is unclear on what happens if the depth is reached. It could be derived that, in this case, a certificate is just accepted, while the OpenSSL documentation hints that an error will be raised. For the TLS backend, it seems it is ignored though .

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            tpochep Timur Pocheptsov
            kkohne Kai Köhne
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes