Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2
libqt4
disable-rc4-ciphers-bnc865241.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File disable-rc4-ciphers-bnc865241.diff of Package libqt4
Index: qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp =================================================================== --- qt-everywhere-opensource-src-4.8.7.orig/src/network/ssl/qsslsocket_openssl.cpp +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp @@ -655,6 +655,7 @@ void QSslSocketPrivate::resetDefaultCiph SSL *mySsl = q_SSL_new(myCtx); QList<QSslCipher> ciphers; + QList<QSslCipher> defaultCiphers; STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { @@ -665,8 +666,13 @@ void QSslSocketPrivate::resetDefaultCiph // Unconditionally exclude ADH and AECDH ciphers since they offer no MITM protection if (!ciph.name().toLower().startsWith(QLatin1String("adh")) && !ciph.name().toLower().startsWith(QLatin1String("exp-adh")) && - !ciph.name().toLower().startsWith(QLatin1String("aecdh"))) + !ciph.name().toLower().startsWith(QLatin1String("aecdh"))) { ciphers << ciph; + + if (ciph.usedBits() >= 128 && + !ciph.encryptionMethod().toLower().startsWith(QLatin1String("rc4"))) + defaultCiphers << ciph; + } } } } @@ -676,7 +682,7 @@ void QSslSocketPrivate::resetDefaultCiph q_SSL_free(mySsl); setDefaultSupportedCiphers(ciphers); - setDefaultCiphers(ciphers); + setDefaultCiphers(defaultCiphers); } #if defined(Q_OS_SYMBIAN)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor