Details
-
Bug
-
Resolution: Out of scope
-
P2: Important
-
None
-
4.6.3, 4.7.0
-
None
Description
How to reproduce (pseudocode):
1. QNetworkAccessManager d 2. /* set default configuration without certificates at all */ QSslConfiguration::setDefaultConfiguration(QSslConfiguration::defaultConfiguration().setCaCertificates(QList<QSslCertificate>)) 3. d.get(QNetworkRequest("https://evil.com")) 4. ( as, the CaCerts are emty, we will go to QNetworkAccessManager::sslErrors signal connected with our slot in which we will add certificate) 5. in slot: QSslConfiguration sc= QSslConfiguration::defaultConfiguration(); sc.setCaCertificates(QList<QSslCertificate>() << reply->sslConfiguration()->peerCertificateChain().last() ) ; QSslConfiguration::setDefaultConfiguration(sc); /* slot complete */ 6. QNetworkRequest * xxx=QNetworkRequest("https://evil2.com"); 7. xxx->sslConfiguration().caCertificates().size() will be 0 !!! but should not !!!
Attachments
Issue Links
- relates to
-
QTBUG-13418 QNetworkRequest does not use SslConfiguration set by QSSlConfiguration::setDefaultConfiguration()
-
- Closed
-