qt: Force TLS1.0+ for SSL connections

This commit is contained in:
Wladimir J. van der Laan 2015-07-06 20:06:16 +02:00
parent 086cb336cd
commit 15e26a6a9a

View file

@ -48,6 +48,7 @@
#include <QThread>
#include <QTimer>
#include <QTranslator>
#include <QSslConfiguration>
#if defined(QT_STATICPLUGIN)
#include <QtPlugin>
@ -515,6 +516,13 @@ int main(int argc, char *argv[])
#ifdef Q_OS_MAC
QApplication::setAttribute(Qt::AA_DontShowIconsInMenus);
#endif
#if QT_VERSION >= 0x050500
// Because of the POODLE attack it is recommended to disable SSLv3 (https://disablessl3.com/),
// so set SSL protocols to TLS1.0+.
QSslConfiguration sslconf = QSslConfiguration::defaultConfiguration();
sslconf.setProtocol(QSsl::TlsV1_0OrLater);
QSslConfiguration::setDefaultConfiguration(sslconf);
#endif
// Register meta types used for QMetaObject::invokeMethod
qRegisterMetaType< bool* >();