diff options
author | MÃ¥rten Nordheim <marten.nordheim@qt.io> | 2023-02-16 16:50:48 +0100 |
---|---|---|
committer | Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> | 2023-02-17 13:16:12 +0000 |
commit | 376b33addf9d32514e1f953c0376e39de9342a7c (patch) | |
tree | fec6b017b7c9a12d220e0bb955f5141153b3c832 | |
parent | 66af62b2eb22ae775f3a5e2b3c7b8b8eb291a54e (diff) | |
download | qtbase-376b33addf9d32514e1f953c0376e39de9342a7c.tar.gz |
TLS[openssl]: Use optional<> for CA cert we are fetching
The QSslCertificate ctor is somewhat expensive, especially when we are
shutting down. By using optional<> we simply reset() it and no longer
need to create a new, valid, certificate.
Task-number: QTBUG-102474
Change-Id: I514433b0d380dd3ceabbed3a6164f7e3efc490c7
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Konrad Kujawa <konrad.kujawa@qt.io>
(cherry picked from commit 61bfe87a64ca322de0ebf9bf61a0a0a81ee5bf7d)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
-rw-r--r-- | src/plugins/tls/openssl/qtls_openssl.cpp | 6 | ||||
-rw-r--r-- | src/plugins/tls/openssl/qtls_openssl_p.h | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/plugins/tls/openssl/qtls_openssl.cpp b/src/plugins/tls/openssl/qtls_openssl.cpp index 53380a9824..031ccd9d15 100644 --- a/src/plugins/tls/openssl/qtls_openssl.cpp +++ b/src/plugins/tls/openssl/qtls_openssl.cpp @@ -490,7 +490,7 @@ void TlsCryptographOpenSSL::init(QSslSocket *qObj, QSslSocketPrivate *dObj) handshakeInterrupted = false; fetchAuthorityInformation = false; - caToFetch = QSslCertificate{}; + caToFetch.reset(); } void TlsCryptographOpenSSL::checkSettingSslContext(std::shared_ptr<QSslContext> tlsContext) @@ -749,7 +749,7 @@ void TlsCryptographOpenSSL::enableHandshakeContinuation() void TlsCryptographOpenSSL::cancelCAFetch() { fetchAuthorityInformation = false; - caToFetch = QSslCertificate{}; + caToFetch.reset(); } void TlsCryptographOpenSSL::continueHandshake() @@ -1803,7 +1803,7 @@ void TlsCryptographOpenSSL::caRootLoaded(QSslCertificate cert, QSslCertificate t Q_ASSERT(q); //Done, fetched already: - caToFetch = QSslCertificate{}; + caToFetch.reset(); if (fetchAuthorityInformation) { if (!q->sslConfiguration().caCertificates().contains(trustedRoot)) diff --git a/src/plugins/tls/openssl/qtls_openssl_p.h b/src/plugins/tls/openssl/qtls_openssl_p.h index 31fede2ace..65d21a395b 100644 --- a/src/plugins/tls/openssl/qtls_openssl_p.h +++ b/src/plugins/tls/openssl/qtls_openssl_p.h @@ -120,7 +120,7 @@ private: bool handshakeInterrupted = false; bool fetchAuthorityInformation = false; - QSslCertificate caToFetch; + std::optional<QSslCertificate> caToFetch; bool inSetAndEmitError = false; bool pendingFatalAlert = false; |