From f3cae1bf1c8199557e2943b33baeec98d656106c Mon Sep 17 00:00:00 2001
From: Jeremy Lainé <jeremy.laine@m4x.org>
Date: Thu, 6 Sep 2012 09:31:24 +0200
Subject: With Qt >= 4.8, verify peer SSL certificate against domain name as
 specified by RFC 3920.

---
 src/client/QXmppOutgoingClient.cpp | 5 +++++
 src/server/QXmppOutgoingServer.cpp | 5 +++++
 2 files changed, 10 insertions(+)

(limited to 'src')

diff --git a/src/client/QXmppOutgoingClient.cpp b/src/client/QXmppOutgoingClient.cpp
index d6b41202..bb6f0740 100644
--- a/src/client/QXmppOutgoingClient.cpp
+++ b/src/client/QXmppOutgoingClient.cpp
@@ -120,6 +120,11 @@ void QXmppOutgoingClientPrivate::connectToHost(const QString &host, quint16 port
     // respect proxy
     q->socket()->setProxy(config.networkProxy());
 
+#if (QT_VERSION >= QT_VERSION_CHECK(4, 8, 0))
+    // set the name the SSL certificate should match
+    q->socket()->setPeerVerifyName(config.domain());
+#endif
+
     // connect to host
     q->socket()->connectToHost(host, port);
 }
diff --git a/src/server/QXmppOutgoingServer.cpp b/src/server/QXmppOutgoingServer.cpp
index 77315e8b..3c57d18f 100644
--- a/src/server/QXmppOutgoingServer.cpp
+++ b/src/server/QXmppOutgoingServer.cpp
@@ -137,6 +137,11 @@ void QXmppOutgoingServer::_q_dnsLookupFinished()
         port = 5269;
     }
 
+#if (QT_VERSION >= QT_VERSION_CHECK(4, 8, 0))
+    // set the name the SSL certificate should match
+    socket()->setPeerVerifyName(d->remoteDomain);
+#endif
+
     // connect to server
     info(QString("Connecting to %1:%2").arg(host, QString::number(port)));
     socket()->connectToHost(host, port);
-- 
cgit v1.2.3