- use system ca-certificates (#521911)

This commit is contained in:
Rex Dieter 2009-09-08 18:01:19 +00:00
parent 77c80ca6a7
commit 4c9bc1527d
2 changed files with 44 additions and 1 deletions

View File

@ -0,0 +1,36 @@
diff -up qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.ca_bundle qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp
--- qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.ca_bundle 2009-09-08 12:30:33.197347131 -0500
+++ qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp 2009-09-08 12:41:50.295324320 -0500
@@ -482,11 +482,11 @@ void QSslSocketPrivate::resetDefaultCiph
QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates()
{
-#ifdef QQ_OS_UNIX
+#ifdef Q_OS_UNIX
// Check known locations for the system's default bundle. ### On Windows,
// we should use CAPI to find the bundle, and not rely on default unix
// locations.
- const char *standardLocations[] = {"/etc/ssl/certs/",
+ const char *standardLocations[] = {"/etc/pki/tls/certs/",
#if 0
// KDE uses KConfig for its SSL store,
// but it also stores the bundle at
@@ -495,13 +495,16 @@ QList<QSslCertificate> QSslSocketPrivate
#endif
0};
const char **it = standardLocations;
+ QList<QSslCertificate> certs;
QStringList nameFilter;
nameFilter << QLatin1String("*.pem") << QLatin1String("*.crt");
while (*it) {
- if (QDirIterator(QLatin1String(*it), nameFilter).hasNext())
- return certificatesFromPath(QLatin1String(*it));
+ QDirIterator certfilesIt(QLatin1String(*it), nameFilter);
+ while (certfilesIt.hasNext())
+ certs += QSslCertificate::fromPath(certfilesIt.next());
++it;
}
+ return certs;
#endif
// Qt provides a default bundle when we cannot detect the system's default

View File

@ -10,7 +10,7 @@ Summary: Qt toolkit
Name: qt
Epoch: 1
Version: 4.5.2
Release: 14%{?dist}
Release: 15%{?dist}
# See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
License: LGPLv2 with exceptions or GPLv3 with exceptions
@ -41,6 +41,9 @@ Patch16: qt-x11-opensource-src-4.5.1-kde4_plugins.patch
Patch17: qt-x11-opensource-src-4.5.2-pulseaudio.patch
Patch19: qt-x11-opensource-src-4.5.1-phonon.patch
Patch21: qt-x11-opensource-src-4.5.2-gst-pulsaudio.patch
# use system ca-bundle certs, http://bugzilla.redhat.com/521911
Patch22: qt-x11-opensource-src-4.5.2-system_ca_certificates.patch
Requires: ca-certificates
## upstreamable bits
# http://bugzilla.redhat.com/485677
@ -347,6 +350,7 @@ Qt libraries used for drawing widgets and OpenGL items.
%patch17 -p1 -b .phonon-pulseaudio
%patch19 -p1 -b .servicesfile
%patch21 -p1 -b .gst-pulsaudio
%patch22 -p1 -b .system_ca_certificates
%patch51 -p1 -b .qdoc3
%patch52 -p1 -b .sparc64
%patch53 -p1 -b .qatomic-inline-asm
@ -886,6 +890,9 @@ fi
%{_datadir}/icons/hicolor/*/apps/qt4-logo.*
%changelog
* Tue Sep 08 2009 Rex Dieter <rdieter@fedoraproject.org> - 4.5.2-15
- use system ca-certificates (#521911)
* Tue Sep 01 2009 Than Ngo <than@redhat.com> - 4.5.2-14
- drop fedora < 9 support
- only apply ossl patch for fedora > 11