summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslsocket_openssl_symbols.cpp
diff options
context:
space:
mode:
authorMårten Nordheim <marten.nordheim@qt.io>2018-12-13 15:39:26 +0100
committerJani Heikkinen <jani.heikkinen@qt.io>2019-06-13 04:16:09 +0000
commit2e7b7e4c90882cef50b293fe8048205a9ca7e5a9 (patch)
tree32ee784ab947d958d1855766b67b76941f71fbeb /src/network/ssl/qsslsocket_openssl_symbols.cpp
parent90aefe0843a50aede26b8d411f46f3828dae25f1 (diff)
QSslSocket: add and set the TLSv1.3-specific PSK callback
If this callback is not set then OpenSSL will call the callback used for <= TLS 1.2 unconditionally when connecting. If using PSK it will call it again later once the preshared key is needed. We don't currently handle the TLSv1.3 PSK, but we definitely should. But for now we can work around it - when psk_use_session_callback is called we simply change the PSK callback to a dummy function whose only purpose is to restore the old callback. This is mostly done to keep behavior the same as it is now for users (and to keep our tests running). Later we can add a new signal and handle this new feature properly. Reviewed-by: Simo Fält <simo.falt@qt.io> (cherry picked from commit d8efc8d718e3b3a0464f321e740541f5b221a5d6) Task-number: QTBUG-67463 Change-Id: I4aca4ae73ec4be7c4f82a85e8864de103f35a834 Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Diffstat (limited to 'src/network/ssl/qsslsocket_openssl_symbols.cpp')
-rw-r--r--src/network/ssl/qsslsocket_openssl_symbols.cpp2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
index aa1dc681e0..93b54aaa67 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -163,6 +163,7 @@ DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return)
DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return)
#ifdef TLS1_3_VERSION
DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return)
+DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG)
#endif
DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return)
DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return)
@@ -967,6 +968,7 @@ bool q_resolveOpenSslSymbols()
RESOLVEFUNC(SSL_CTX_set_options)
#ifdef TLS1_3_VERSION
RESOLVEFUNC(SSL_CTX_set_ciphersuites)
+ RESOLVEFUNC(SSL_set_psk_use_session_callback)
#endif // TLS 1.3 or OpenSSL > 1.1.1
RESOLVEFUNC(SSL_get_client_random)
RESOLVEFUNC(SSL_SESSION_get_master_key)
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 05:41:55 +0000