Details
-
Suggestion
-
Resolution: Done
-
P2: Important
-
5.0.0
-
None
-
92ce431d06e0b53ee5de2aeb67435e73c8bff681
Description
OpenSSL supports TLS 1.1 and 1.2 since version 1.0.1 (the default on Ubuntu 12.04), and Qt seems to use TLS 1.1 by default (since the various OpenSSL methods include support for high protocols than the one you specify).
I have a situation where I need to use TLS 1.2 and I need to guarantee that my client will never use a lower SSL version, so I need a QSsl::TlsV1_2 enum, and support for it.
A patch is included, plus a patch to the QtTestBrowser in WebKit which I used to test it (if you're interested).
There are two things I still need to figure out:
- Are any other changes required to fully support TLS 1.2? This patch works but I'm going to do a little more research to make sure I'm not missing anything.
- What should we do when TLS 1.1 and 1.2 aren't available (OpenSSL < 1.0.1)? It won't break the build, but SSL connections will fail when they try to resolve the function.
Anyway, let me know if you need me to do anything else to get this in.