Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-12338

Enhance QSsl::Protocol enumeration to enable selection of SslV3 and TlsV1 - leaving SslV2 out

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Done
    • Icon: P2: Important P2: Important
    • 4.8.0
    • 4.6.3
    • Network: SSL
    • None

    • Tested on OpenSuSE 11.2 - using Qt 4.6.3

    • b2c8421ff95ad62cbd67843ad5cd3edf72ecda31

      With the insecurities in SslV2 it would be handy to be able to select to not use it but instead use SslV3 or TlsV1.

      What I propose is adding a NoSslV2 element to the QSsl::Protocol enumeration so someone can set the protocol on a QSslSocket to use the secure protocols.
      This is possible using the openssl option for setting the SSL_OP_NO_SSLv2.

      I have attached a patch that appears to do the job in the testing that I have done.
      The patch touches
      src/network/ssl/qssl.h to add the enum element
      src/network/ssl/qsslsocket_openssl.cpp to set the ssl CTX option if the NoSslV2 is desired.

        1. qt-4.6.3-ssl-patch-nosslv2-option.diff
          2 kB
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            phartman Peter Hartmann (closed Nokia identity) (Inactive)
            dlissimore Darren Lissimore
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes