diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-04-16 11:38:46 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-04-17 17:10:12 +0000 |
commit | c555c8b9f5c5bb1f390d94cf43d249e74ecb86f6 (patch) | |
tree | 467b82e7d4347a114697f06d08fe787b923eb0fe /src | |
parent | 3ac029f674edea1cc91014345f445a9a8d1fc89f (diff) |
Add QSsl::Dtls1_0OrLater enumerator
... to make DTLS protocols work more like TLS protocol versions.
Also, handle (as 'unsupported' for now) those new constants in
a switch statement, when creating SSL_CTX (fixing build errors).
Change-Id: Ia444184ca191d8665e37046b0b9120e43ec5893a
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Diffstat (limited to 'src')
-rw-r--r-- | src/network/ssl/qssl.cpp | 1 | ||||
-rw-r--r-- | src/network/ssl/qssl.h | 1 | ||||
-rw-r--r-- | src/network/ssl/qsslcontext_openssl11.cpp | 7 | ||||
-rw-r--r-- | src/network/ssl/qsslcontext_opensslpre11.cpp | 7 |
4 files changed, 16 insertions, 0 deletions
diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp index ee6e64706a..3a0983e8b5 100644 --- a/src/network/ssl/qssl.cpp +++ b/src/network/ssl/qssl.cpp @@ -126,6 +126,7 @@ Q_LOGGING_CATEGORY(lcSsl, "qt.network.ssl"); \value TlsV1_2 TLSv1.2. When using the WinRT backend this option will also enable TLSv1.0 and TLSv1.1. \value TlsV1_2OrLater TLSv1.2 and later versions. This option is not available when using the WinRT backend due to platform limitations. \value DtlsV1_0 DTLSv1.0 + \value DtlsV1_0OrLater DTLSv1.0 and later versions. \value DtlsV1_2 DTLSv1.2 \value DtlsV1_2OrLater DTLSv1.2 and later versions. \value UnknownProtocol The cipher's protocol cannot be determined. diff --git a/src/network/ssl/qssl.h b/src/network/ssl/qssl.h index 7d688e27fc..0f091b181a 100644 --- a/src/network/ssl/qssl.h +++ b/src/network/ssl/qssl.h @@ -92,6 +92,7 @@ namespace QSsl { TlsV1_2OrLater, DtlsV1_0, + DtlsV1_0OrLater, DtlsV1_2, DtlsV1_2OrLater, diff --git a/src/network/ssl/qsslcontext_openssl11.cpp b/src/network/ssl/qsslcontext_openssl11.cpp index 5c68ed41db..0f4878c98d 100644 --- a/src/network/ssl/qsslcontext_openssl11.cpp +++ b/src/network/ssl/qsslcontext_openssl11.cpp @@ -139,6 +139,13 @@ init_context: minVersion = TLS1_2_VERSION; maxVersion = TLS_MAX_VERSION; break; + case QSsl::DtlsV1_0: + case QSsl::DtlsV1_0OrLater: + case QSsl::DtlsV1_2: + case QSsl::DtlsV1_2OrLater: + sslContext->errorStr = QSslSocket::tr("unsupported protocol"); + sslContext->errorCode = QSslError::UnspecifiedError; + return; case QSsl::SslV2: // This protocol is not supported by OpenSSL 1.1 and we handle // it as an error (see the code above). diff --git a/src/network/ssl/qsslcontext_opensslpre11.cpp b/src/network/ssl/qsslcontext_opensslpre11.cpp index eea821804f..7994892cfc 100644 --- a/src/network/ssl/qsslcontext_opensslpre11.cpp +++ b/src/network/ssl/qsslcontext_opensslpre11.cpp @@ -73,6 +73,13 @@ void QSslContext::initSslContext(QSslContext *sslContext, QSslSocket::SslMode mo bool unsupportedProtocol = false; init_context: switch (sslContext->sslConfiguration.protocol()) { + case QSsl::DtlsV1_0: + case QSsl::DtlsV1_0OrLater: + case QSsl::DtlsV1_2: + case QSsl::DtlsV1_2OrLater: + sslContext->ctx = 0; + unsupportedProtocol = true; + break; case QSsl::SslV2: #ifndef OPENSSL_NO_SSL2 sslContext->ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method()); |