diff options
author | André Klitzing <aklitzing@gmail.com> | 2018-11-28 14:03:02 +0100 |
---|---|---|
committer | André Klitzing <aklitzing@gmail.com> | 2019-01-31 10:36:50 +0000 |
commit | 93a803a6de27d9eb57931c431b5f3d074914f693 (patch) | |
tree | 0919ebaadbc551a583ad791ee1a7325d055937be /src/network/ssl/qsslsocket_openssl.cpp | |
parent | 8915904e2a56d46bdedf64f9a7a5e331ae9d00e1 (diff) |
Fix session resumption with OpenSSL 1.1
OpenSSL 1.1.0 and higher requires SSL_shutdown to mark a
session as resumable.
QHttpNetworkConnection/Channel tries to re-use one shared SSL
context (and the session) for its 'channels'. The session is
marked as non-resumable without shutdown sent/received.
This makes it useless for QHttpNetworkConnection.
See: https://github.com/openssl/openssl/issues/1550
Fixes: QTBUG-71967
Change-Id: Iaaceb18c4c5a090f997f9850981a27f04f1f8b06
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl.cpp')
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 2c6c35ef24..b5b098502d 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -418,6 +418,10 @@ bool QSslSocketBackendPrivate::initSslContext() void QSslSocketBackendPrivate::destroySslContext() { if (ssl) { + // We do not send a shutdown alert here. Just mark the session as + // resumable for qhttpnetworkconnection's "optimization", otherwise + // OpenSSL won't start a session resumption. + q_SSL_shutdown(ssl); q_SSL_free(ssl); ssl = nullptr; } |