From 93a803a6de27d9eb57931c431b5f3d074914f693 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Klitzing?= <aklitzing@gmail.com>
Date: Wed, 28 Nov 2018 14:03:02 +0100
Subject: Fix session resumption with OpenSSL 1.1

OpenSSL 1.1.0 and higher requires SSL_shutdown to mark a
session as resumable.

QHttpNetworkConnection/Channel tries to re-use one shared SSL
context (and the session) for its 'channels'. The session is
marked as non-resumable without shutdown sent/received.
This makes it useless for QHttpNetworkConnection.

See: https://github.com/openssl/openssl/issues/1550
Fixes: QTBUG-71967
Change-Id: Iaaceb18c4c5a090f997f9850981a27f04f1f8b06
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
---
 src/network/ssl/qsslsocket_openssl.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/network')

diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
index 2c6c35ef24..b5b098502d 100644
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -418,6 +418,10 @@ bool QSslSocketBackendPrivate::initSslContext()
 void QSslSocketBackendPrivate::destroySslContext()
 {
     if (ssl) {
+        // We do not send a shutdown alert here. Just mark the session as
+        // resumable for qhttpnetworkconnection's "optimization", otherwise
+        // OpenSSL won't start a session resumption.
+        q_SSL_shutdown(ssl);
         q_SSL_free(ssl);
         ssl = nullptr;
     }
-- 
cgit v1.2.3