diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-01-27 14:11:08 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-01-29 19:38:43 +0100 |
commit | b36b7abb40f04f265c0453a2f4beb466ed462976 (patch) | |
tree | 2353834692f75f65c9dfdace5dbe83f205bfe783 /src/network/ssl/qsslconfiguration.cpp | |
parent | 33c9a1e0bcf9c7ced67d5ec62225d6295671d33b (diff) |
Implement/fix session resumption with TLS 1.3
The session we cache at the end of a handshake is non-resumable
in TLS 1.3, since NewSessionTicket message appears quite some time
after the handshake was complete. OpenSSL has a callback where
we can finally obtain a resumable session and inform an application
about session ticket updated by emitting a signal. Truism: OpenSSL-only.
[ChangeLog][QtNetwork] A new signal introduced to report when a valid session ticket received (TLS 1.3)
Fixes: QTBUG-81591
Change-Id: I4d22fad5cc082e431577e20ddbda2835e864b511
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslconfiguration.cpp')
-rw-r--r-- | src/network/ssl/qsslconfiguration.cpp | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index d0674042b8..f5ce02807f 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -782,7 +782,7 @@ bool QSslConfiguration::testSslOption(QSsl::SslOption option) const knowledge of the session allows for eavesdropping on data encrypted with the session parameters. - \sa setSessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption() + \sa setSessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption(), QSslSocket::newSessionTicketReceived() */ QByteArray QSslConfiguration::sessionTicket() const { @@ -797,7 +797,7 @@ QByteArray QSslConfiguration::sessionTicket() const for this to work, and \a sessionTicket must be in ASN.1 format as returned by sessionTicket(). - \sa sessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption() + \sa sessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption(), QSslSocket::newSessionTicketReceived() */ void QSslConfiguration::setSessionTicket(const QByteArray &sessionTicket) { @@ -815,7 +815,7 @@ void QSslConfiguration::setSessionTicket(const QByteArray &sessionTicket) QSsl::SslOptionDisableSessionPersistence was not turned off, this function returns -1. - \sa sessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption() + \sa sessionTicket(), QSsl::SslOptionDisableSessionPersistence, setSslOption(), QSslSocket::newSessionTicketReceived() */ int QSslConfiguration::sessionTicketLifeTimeHint() const { |