The current build machines for Linux are based on Ubuntu 11.10, which only features openssl 1.0.0e. The effect is that support for TLSv1.1, TLSv1.2, as well as the nextprotoneg extension is not compiled into Qt5Network.
This is visible to the user in that:
- QSslSocket cannot make use of TLSv1.1, TLSv1.2.
- calling either QSslSocket::setProtocol(QSsl::TlsV1_1) or QSslSocket::setProtocol(QSsl::TlsV1_2) prevents the openssl socket to open
- QSslConfiguration::[set]AllowedNextProtocols, QSslConfiguration::nextNegotiatedProtocol, nextProtocolNegotiationStatus are non-functional
- The SPDY protocol is therefore not supported
I suggest we upgrade the build machines to use a newer openssl version. The effect however will be that, if the runtime version of openssl is too old (older than 1.0.1), using qsslsocket will print qWarnings:
This is IMO acceptable.
To compile Qt with a custom openssl you need to set two environment variables, e.g.
(passing -I, -L to configure does taint the resulting SDK with the build paths)