Qt-Security-QSslConfigurationSetMissingCertificateIsFatal

Check QSslConfiguration::setMissingCertificateIsFatal

Required inputs: IR

In case of a missing certificate, the method void QSslConfiguration::setMissingCertificateIsFatal(bool cannotRecover) can be called beforehand, to squelch the error and continue with the connection. This should not be done, since it can allow for man-in-the-middle attacks to go unnoticed. By Default, the QSslSocket will choose the correct mode for client or server code automatically. That is, if the QSslSocket is in server mode, the peer will be queried (QSslSocket::QueryPeer) without affecting the handshake. If the QSslSocket is in client mode, the handshake will be aborted, should the peer not be able to provide a certificate.

Possible Messages

Key	Text	Severity	Disabled
suspicious_call	Found suspicious call to {}.	None	False

Options

• This rule shares the following common options: exclude_in_macros, exclude_messages_in_system_headers, excludes, extend_exclude_to_macro_invocations, includes, justification_checker, languages, post_processing, provider, report_at, severity

• The following places define options that affect this rule: Stylechecks, Analysis-GlobalOptions

• This rule has no individual options.