summaryrefslogtreecommitdiffstats
path: root/src/network/ssl/qsslcontext_openssl.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/network/ssl/qsslcontext_openssl.cpp')
-rw-r--r--src/network/ssl/qsslcontext_openssl.cpp11
1 files changed, 11 insertions, 0 deletions
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp
index 6eed354b9e..5fb7172583 100644
--- a/src/network/ssl/qsslcontext_openssl.cpp
+++ b/src/network/ssl/qsslcontext_openssl.cpp
@@ -54,6 +54,13 @@
QT_BEGIN_NAMESPACE
+Q_GLOBAL_STATIC(bool, forceSecurityLevel)
+
+Q_NETWORK_EXPORT void qt_ForceTlsSecurityLevel()
+{
+ *forceSecurityLevel() = true;
+}
+
// defined in qsslsocket_openssl.cpp:
extern int q_X509Callback(int ok, X509_STORE_CTX *ctx);
extern "C" int q_X509CallbackDirect(int ok, X509_STORE_CTX *ctx);
@@ -334,6 +341,10 @@ init_context:
return;
}
+ // A nasty hacked OpenSSL using a level that will make our auto-tests fail:
+ if (q_SSL_CTX_get_security_level(sslContext->ctx) > 1 && *forceSecurityLevel())
+ q_SSL_CTX_set_security_level(sslContext->ctx, 1);
+
const long anyVersion =
#if QT_CONFIG(dtls)
isDtls ? DTLS_ANY_VERSION : TLS_ANY_VERSION;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-04 18:42:54 +0000