diff options
Diffstat (limited to 'src/network/ssl/qsslcontext_openssl.cpp')
-rw-r--r-- | src/network/ssl/qsslcontext_openssl.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index 6eed354b9e..5fb7172583 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -54,6 +54,13 @@ QT_BEGIN_NAMESPACE +Q_GLOBAL_STATIC(bool, forceSecurityLevel) + +Q_NETWORK_EXPORT void qt_ForceTlsSecurityLevel() +{ + *forceSecurityLevel() = true; +} + // defined in qsslsocket_openssl.cpp: extern int q_X509Callback(int ok, X509_STORE_CTX *ctx); extern "C" int q_X509CallbackDirect(int ok, X509_STORE_CTX *ctx); @@ -334,6 +341,10 @@ init_context: return; } + // A nasty hacked OpenSSL using a level that will make our auto-tests fail: + if (q_SSL_CTX_get_security_level(sslContext->ctx) > 1 && *forceSecurityLevel()) + q_SSL_CTX_set_security_level(sslContext->ctx, 1); + const long anyVersion = #if QT_CONFIG(dtls) isDtls ? DTLS_ANY_VERSION : TLS_ANY_VERSION; |