From ad1296e170a62f292831609cd929ad76d9328661 Mon Sep 17 00:00:00 2001
From: nowrep <nowrep@gmail.com>
Date: Sat, 1 Feb 2014 21:07:42 +0100
Subject: [PATCH] [NetworkManager] SSL workaround: use correct domain matching

---
 src/lib/network/networkmanager.cpp | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/src/lib/network/networkmanager.cpp b/src/lib/network/networkmanager.cpp
index 27b371314..3a374227e 100644
--- a/src/lib/network/networkmanager.cpp
+++ b/src/lib/network/networkmanager.cpp
@@ -85,7 +85,8 @@ NetworkManager::NetworkManager(QObject* parent)
     setProxyFactory(m_proxyFactory);
     loadSettings();
 
-    m_sslv3Sites << QLatin1String("centrum.sk") << QLatin1String("oneaccount.com") << QLatin1String("www.hdi.de")
+    // Force SSLv3 for servers that doesn't understand TLSv1 handshake
+    m_sslv3Sites << QLatin1String("centrum.sk") << QLatin1String("oneaccount.com") << QLatin1String("hdi.de")
                  << QLatin1String("live.com");
 }
 
@@ -105,17 +106,6 @@ void NetworkManager::loadSettings()
     settings.endGroup();
     m_acceptLanguage = AcceptLanguage::generateHeader(settings.value("Language/acceptLanguage", AcceptLanguage::defaultLanguage()).toStringList());
 
-    // Falling back to Qt 4.7 default behavior, use SslV3 by default
-    // Fixes issue with some older servers closing the connection
-
-    // However, it also makes some servers requesting TLS ClientHello
-    // not working, or showing invalid certificates.
-    // See #921
-
-    // QSslConfiguration config = QSslConfiguration::defaultConfiguration();
-    // config.setProtocol(QSsl::SslV3);
-    // QSslConfiguration::setDefaultConfiguration(config);
-
 #if defined(Q_OS_WIN) || defined(Q_OS_HAIKU) || defined(Q_OS_OS2)
     QString certDir = mApp->PROFILEDIR + "certificates";
     QString bundlePath = certDir + "/ca-bundle.crt";
@@ -577,7 +567,7 @@ QNetworkReply* NetworkManager::createRequest(QNetworkAccessManager::Operation op
     // Force SSLv3 for servers that doesn't understand TLSv1 handshake
     if (req.url().scheme() == QLatin1String("https")) {
         foreach (const QString &host, m_sslv3Sites) {
-            if (req.url().host().endsWith(host)) {
+            if (QzTools::matchDomain(host, req.url().host())) {
                 QSslConfiguration conf = req.sslConfiguration();
                 conf.setProtocol(QSsl::SslV3);
                 req.setSslConfiguration(conf);