diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-10-29 14:26:15 +0100 |
---|---|---|
committer | Jani Heikkinen <jani.heikkinen@qt.io> | 2018-11-07 10:32:35 +0000 |
commit | b3ae87fe765fe6ad005760d6370f2674873fead7 (patch) | |
tree | ef73aaf7015c20c87639dfed243a8203b60ad8f8 /src/network/ssl/qssl.cpp | |
parent | ac4d954cfba98b1a6abb5c8cabed6ee32a43560c (diff) |
Add missing protocol enumerators, report TLS 1.3 if negotiated
1. Remove the conditional inclusion of DTLS versions, they made difficult
and unnecessary ugly adding new protocols (something like TlsV1_2OrLater + 4).
2. OpenSSL 1.1.1 first introduced TLS 1.3 support. OpenSSL 1.1 back-end is
compatible with OpenSSL 1.1.1, but would fail to extract/report protocol
versions and set versions like 'TLS 1.3 only' or 'TLS 1.3 or better' on a
new context. Given 1.1.1 is deployed/adapted fast by different distros,
and 5.12 is LTS, we fix this issue by introducing QSsl::Tls1_3 and
QSsl::Tls1_3OrLater.
SecureTransport, WinRT and OpenSSL below 1.1.1 will report an error in case
the application requests this protocol (SecureTransport in future will
probably enable TLS 1.3).
Saying all that, TLS 1.3 support is experimental in QSslSocket.
Done-by: Albert Astals Cid <albert.astals.cid@kdab.com>
Done-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Change-Id: I4a97cc789b62763763cf41c44157ef0a9fd6cbec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Diffstat (limited to 'src/network/ssl/qssl.cpp')
-rw-r--r-- | src/network/ssl/qssl.cpp | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp index 3a0983e8b5..19d99bc489 100644 --- a/src/network/ssl/qssl.cpp +++ b/src/network/ssl/qssl.cpp @@ -129,6 +129,8 @@ Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); \value DtlsV1_0OrLater DTLSv1.0 and later versions. \value DtlsV1_2 DTLSv1.2 \value DtlsV1_2OrLater DTLSv1.2 and later versions. + \value TlsV1_3 TLSv1.3. (Since Qt 5.12) + \value TlsV1_3OrLater TLSv1.3 and later versions. (Since Qt 5.12) \value UnknownProtocol The cipher's protocol cannot be determined. \value AnyProtocol The socket understands SSLv2, SSLv3, TLSv1.0 and all supported later versions of TLS. This value is used by QSslSocket only. |