Fix session resumption with OpenSSL 1.1

OpenSSL 1.1.0 and higher requires SSL_shutdown to mark a session as resumable. QHttpNetworkConnection/Channel tries to re-use one shared SSL context (and the session) for its 'channels'. The session is marked as non-resumable without shutdown sent/received. This makes it useless for QHttpNetworkConnection. See: https://github.com/openssl/openssl/issues/1550 Fixes: QTBUG-71967 Change-Id: Iaaceb18c4c5a090f997f9850981a27f04f1f8b06 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io> Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
author: André Klitzing <aklitzing@gmail.com> 2018-11-28 14:03:02 +0100
committer: André Klitzing <aklitzing@gmail.com> 2019-01-31 10:36:50 +0000
commit: 93a803a6de27d9eb57931c431b5f3d074914f693 (patch)
tree: 0919ebaadbc551a583ad791ee1a7325d055937be /src/network/ssl/qsslsocket_openssl.cpp
parent: 8915904e2a56d46bdedf64f9a7a5e331ae9d00e1 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 2c6c35ef24..b5b098502d 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -418,6 +418,10 @@ bool QSslSocketBackendPrivate::initSslContext()
 void QSslSocketBackendPrivate::destroySslContext()
 {
     if (ssl) {
+        // We do not send a shutdown alert here. Just mark the session as
+        // resumable for qhttpnetworkconnection's "optimization", otherwise
+        // OpenSSL won't start a session resumption.
+        q_SSL_shutdown(ssl);
         q_SSL_free(ssl);
         ssl = nullptr;
     }
author	André Klitzing <aklitzing@gmail.com>	2018-11-28 14:03:02 +0100
committer	André Klitzing <aklitzing@gmail.com>	2019-01-31 10:36:50 +0000
commit	93a803a6de27d9eb57931c431b5f3d074914f693 (patch)
tree	0919ebaadbc551a583ad791ee1a7325d055937be /src/network/ssl/qsslsocket_openssl.cpp
parent	8915904e2a56d46bdedf64f9a7a5e331ae9d00e1 (diff)