diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-01-27 14:11:08 +0100 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2020-01-29 19:38:43 +0100 |
commit | b36b7abb40f04f265c0453a2f4beb466ed462976 (patch) | |
tree | 2353834692f75f65c9dfdace5dbe83f205bfe783 /src/network/ssl/qsslsocket.cpp | |
parent | 33c9a1e0bcf9c7ced67d5ec62225d6295671d33b (diff) |
Implement/fix session resumption with TLS 1.3
The session we cache at the end of a handshake is non-resumable
in TLS 1.3, since NewSessionTicket message appears quite some time
after the handshake was complete. OpenSSL has a callback where
we can finally obtain a resumable session and inform an application
about session ticket updated by emitting a signal. Truism: OpenSSL-only.
[ChangeLog][QtNetwork] A new signal introduced to report when a valid session ticket received (TLS 1.3)
Fixes: QTBUG-81591
Change-Id: I4d22fad5cc082e431577e20ddbda2835e864b511
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket.cpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket.cpp b/src/network/ssl/qsslsocket.cpp index 19be48a656..8fa9f914a2 100644 --- a/src/network/ssl/qsslsocket.cpp +++ b/src/network/ssl/qsslsocket.cpp @@ -322,6 +322,22 @@ \sa QSslPreSharedKeyAuthenticator */ +/*! + \fn void QSslSocket::newSessionTicketReceived() + \since 5.15 + + If TLS 1.3 protocol was negotiated during a handshake, QSslSocket + emits this signal after receiving NewSessionTicket message. Session + and session ticket's lifetime hint are updated in the socket's + configuration. The session can be used for session resumption (and + a shortened handshake) in future TLS connections. + + \note This functionality enabled only with OpenSSL backend and requires + OpenSSL v 1.1.1 or above. + + \sa QSslSocket::sslConfiguration(), QSslConfiguration::sessionTicket(), QSslConfiguration::sessionTicketLifeTimeHint() +*/ + #include "qssl_p.h" #include "qsslsocket.h" #include "qsslcipher.h" |