add a correct system_ca_certificates patch
This commit is contained in:
parent
4c9bc1527d
commit
838fb663b7
|
@ -1,36 +1,42 @@
|
|||
diff -up qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.ca_bundle qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp
|
||||
--- qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.ca_bundle 2009-09-08 12:30:33.197347131 -0500
|
||||
+++ qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp 2009-09-08 12:41:50.295324320 -0500
|
||||
@@ -482,11 +482,11 @@ void QSslSocketPrivate::resetDefaultCiph
|
||||
diff -up qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.me qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp
|
||||
--- qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp.me 2009-09-09 14:28:38.000000000 +0200
|
||||
+++ qt-x11-opensource-src-4.5.2/src/network/ssl/qsslsocket_openssl.cpp 2009-09-09 15:00:07.000000000 +0200
|
||||
@@ -482,31 +482,20 @@ void QSslSocketPrivate::resetDefaultCiph
|
||||
|
||||
QList<QSslCertificate> QSslSocketPrivate::systemCaCertificates()
|
||||
{
|
||||
-#ifdef QQ_OS_UNIX
|
||||
+ QFile caBundle;
|
||||
+
|
||||
+#ifdef Q_OS_UNIX
|
||||
// Check known locations for the system's default bundle. ### On Windows,
|
||||
// we should use CAPI to find the bundle, and not rely on default unix
|
||||
// locations.
|
||||
- const char *standardLocations[] = {"/etc/ssl/certs/",
|
||||
+ const char *standardLocations[] = {"/etc/pki/tls/certs/",
|
||||
#if 0
|
||||
// KDE uses KConfig for its SSL store,
|
||||
// but it also stores the bundle at
|
||||
@@ -495,13 +495,16 @@ QList<QSslCertificate> QSslSocketPrivate
|
||||
#endif
|
||||
0};
|
||||
const char **it = standardLocations;
|
||||
+ QList<QSslCertificate> certs;
|
||||
QStringList nameFilter;
|
||||
nameFilter << QLatin1String("*.pem") << QLatin1String("*.crt");
|
||||
while (*it) {
|
||||
-#if 0
|
||||
- // KDE uses KConfig for its SSL store,
|
||||
- // but it also stores the bundle at
|
||||
- // this location
|
||||
- "$HOME/.kde/share/apps/kssl/ca-bundle.crt",
|
||||
-#endif
|
||||
- 0};
|
||||
- const char **it = standardLocations;
|
||||
- QStringList nameFilter;
|
||||
- nameFilter << QLatin1String("*.pem") << QLatin1String("*.crt");
|
||||
- while (*it) {
|
||||
- if (QDirIterator(QLatin1String(*it), nameFilter).hasNext())
|
||||
- return certificatesFromPath(QLatin1String(*it));
|
||||
+ QDirIterator certfilesIt(QLatin1String(*it), nameFilter);
|
||||
+ while (certfilesIt.hasNext())
|
||||
+ certs += QSslCertificate::fromPath(certfilesIt.next());
|
||||
++it;
|
||||
}
|
||||
+ return certs;
|
||||
- ++it;
|
||||
- }
|
||||
+ caBundle.setFileName(QLatin1String("/etc/pki/tls/certs/ca-bundle.crt"));
|
||||
+ if (caBundle.open(QIODevice::ReadOnly | QIODevice::Text))
|
||||
+ return QSslCertificate::fromDevice(&caBundle);
|
||||
#endif
|
||||
|
||||
// Qt provides a default bundle when we cannot detect the system's default
|
||||
// bundle.
|
||||
- QFile caBundle(QLatin1String(":/trolltech/network/ssl/qt-ca-bundle.crt"));
|
||||
+ caBundle.setFileName(QLatin1String(":/trolltech/network/ssl/qt-ca-bundle.crt"));
|
||||
if (caBundle.open(QIODevice::ReadOnly | QIODevice::Text))
|
||||
return QSslCertificate::fromDevice(&caBundle);
|
||||
|
||||
|
|
5
qt.spec
5
qt.spec
|
@ -10,7 +10,7 @@ Summary: Qt toolkit
|
|||
Name: qt
|
||||
Epoch: 1
|
||||
Version: 4.5.2
|
||||
Release: 15%{?dist}
|
||||
Release: 16%{?dist}
|
||||
|
||||
# See LGPL_EXCEPTIONS.txt, LICENSE.GPL3, respectively, for exception details
|
||||
License: LGPLv2 with exceptions or GPLv3 with exceptions
|
||||
|
@ -890,6 +890,9 @@ fi
|
|||
%{_datadir}/icons/hicolor/*/apps/qt4-logo.*
|
||||
|
||||
%changelog
|
||||
* Wed Sep 09 2009 Than Ngo <than@redhat.com> - 4.5.2-16
|
||||
- add a correct system_ca_certificates patch
|
||||
|
||||
* Tue Sep 08 2009 Rex Dieter <rdieter@fedoraproject.org> - 4.5.2-15
|
||||
- use system ca-certificates (#521911)
|
||||
|
||||
|
|
Loading…
Reference in New Issue