Make QSsl::SecureProtocols also enable use of TLS1.{1,2}

Previously it was only enabling use of TLS1.0, unlike our openssl
backend, which understandably caused some confusion among some of our
users.

Seeing as this is also the default value in QSslConfiguration it is nice
to have it negotatiate more secure ciphers.

Task-number: QTBUG-67112
Change-Id: Ie216703da1ec4e6b973a881040e14816ad4c0a32
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>

1 files changed, 5 insertions, 1 deletions

diff --git a/src/network/ssl/qsslsocket_winrt.cpp b/src/network/ssl/qsslsocket_winrt.cpp
index f64ae2e020..ff9dccc734 100644
--- a/src/network/ssl/qsslsocket_winrt.cpp
+++ b/src/network/ssl/qsslsocket_winrt.cpp
@@ -238,7 +238,6 @@ void QSslSocketBackendPrivate::startClientEncryption()
     case QSsl::SslV3:
         protectionLevel = SocketProtectionLevel_Ssl; // Only use this value if weak cipher support is required
         break;
-    case QSsl::SecureProtocols:
     case QSsl::TlsV1SslV3:
     case QSsl::TlsV1_0:
         protectionLevel = SocketProtectionLevel_Tls10;
@@ -257,6 +256,11 @@ void QSslSocketBackendPrivate::startClientEncryption()
         setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError,
                         QStringLiteral("unsupported protocol"));
         return;
+    case QSsl::SecureProtocols:
+        // SocketProtectionLevel_Tls12 actually means "use TLS1.0, 1.1 or 1.2"
+        // https://docs.microsoft.com/en-us/uwp/api/windows.networking.sockets.socketprotectionlevel
+        protectionLevel = SocketProtectionLevel_Tls12;
+        break;
     default:
         protectionLevel = SocketProtectionLevel_Tls12; // default to highest
         protocol = QSsl::TlsV1_2;