aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--src/client/QXmppOutgoingClient.cpp5
-rw-r--r--src/server/QXmppOutgoingServer.cpp5
3 files changed, 11 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 6e98cce2..fe4f1450 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@ QXmpp 0.7.2 (Unreleased)
* Add QXmppMucRoom::ban() to ban users.
* Add QXmppMucRoom::name() to get the room's human-readable name.
* Add QXmppMucRoom::participantFullJid() to lookup an occupant full JID.
+ - With Qt >= 4.8, verify peer SSL certificate against domain name as specified by RFC 3920.
QXmpp 0.7.1 (Sep 3, 2012)
-------------------------
diff --git a/src/client/QXmppOutgoingClient.cpp b/src/client/QXmppOutgoingClient.cpp
index d6b41202..bb6f0740 100644
--- a/src/client/QXmppOutgoingClient.cpp
+++ b/src/client/QXmppOutgoingClient.cpp
@@ -120,6 +120,11 @@ void QXmppOutgoingClientPrivate::connectToHost(const QString &host, quint16 port
// respect proxy
q->socket()->setProxy(config.networkProxy());
+#if (QT_VERSION >= QT_VERSION_CHECK(4, 8, 0))
+ // set the name the SSL certificate should match
+ q->socket()->setPeerVerifyName(config.domain());
+#endif
+
// connect to host
q->socket()->connectToHost(host, port);
}
diff --git a/src/server/QXmppOutgoingServer.cpp b/src/server/QXmppOutgoingServer.cpp
index 77315e8b..3c57d18f 100644
--- a/src/server/QXmppOutgoingServer.cpp
+++ b/src/server/QXmppOutgoingServer.cpp
@@ -137,6 +137,11 @@ void QXmppOutgoingServer::_q_dnsLookupFinished()
port = 5269;
}
+#if (QT_VERSION >= QT_VERSION_CHECK(4, 8, 0))
+ // set the name the SSL certificate should match
+ socket()->setPeerVerifyName(d->remoteDomain);
+#endif
+
// connect to server
info(QString("Connecting to %1:%2").arg(host, QString::number(port)));
socket()->connectToHost(host, port);