Merge pull request #6384

15e26a6 qt: Force TLS1.0+ for SSL connections (Wladimir J. van der Laan)
This commit is contained in:
Wladimir J. van der Laan 2015-07-10 14:59:49 +02:00
commit 708037fcc7
No known key found for this signature in database
GPG Key ID: 74810B012346C9A6

View File

@ -48,6 +48,7 @@
#include <QThread> #include <QThread>
#include <QTimer> #include <QTimer>
#include <QTranslator> #include <QTranslator>
#include <QSslConfiguration>
#if defined(QT_STATICPLUGIN) #if defined(QT_STATICPLUGIN)
#include <QtPlugin> #include <QtPlugin>
@ -515,6 +516,13 @@ int main(int argc, char *argv[])
#ifdef Q_OS_MAC #ifdef Q_OS_MAC
QApplication::setAttribute(Qt::AA_DontShowIconsInMenus); QApplication::setAttribute(Qt::AA_DontShowIconsInMenus);
#endif #endif
#if QT_VERSION >= 0x050500
// Because of the POODLE attack it is recommended to disable SSLv3 (https://disablessl3.com/),
// so set SSL protocols to TLS1.0+.
QSslConfiguration sslconf = QSslConfiguration::defaultConfiguration();
sslconf.setProtocol(QSsl::TlsV1_0OrLater);
QSslConfiguration::setDefaultConfiguration(sslconf);
#endif
// Register meta types used for QMetaObject::invokeMethod // Register meta types used for QMetaObject::invokeMethod
qRegisterMetaType< bool* >(); qRegisterMetaType< bool* >();