qt: Force TLS1.0+ for SSL connections
This commit is contained in:
parent
086cb336cd
commit
15e26a6a9a
1 changed files with 8 additions and 0 deletions
|
@ -48,6 +48,7 @@
|
|||
#include <QThread>
|
||||
#include <QTimer>
|
||||
#include <QTranslator>
|
||||
#include <QSslConfiguration>
|
||||
|
||||
#if defined(QT_STATICPLUGIN)
|
||||
#include <QtPlugin>
|
||||
|
@ -515,6 +516,13 @@ int main(int argc, char *argv[])
|
|||
#ifdef Q_OS_MAC
|
||||
QApplication::setAttribute(Qt::AA_DontShowIconsInMenus);
|
||||
#endif
|
||||
#if QT_VERSION >= 0x050500
|
||||
// Because of the POODLE attack it is recommended to disable SSLv3 (https://disablessl3.com/),
|
||||
// so set SSL protocols to TLS1.0+.
|
||||
QSslConfiguration sslconf = QSslConfiguration::defaultConfiguration();
|
||||
sslconf.setProtocol(QSsl::TlsV1_0OrLater);
|
||||
QSslConfiguration::setDefaultConfiguration(sslconf);
|
||||
#endif
|
||||
|
||||
// Register meta types used for QMetaObject::invokeMethod
|
||||
qRegisterMetaType< bool* >();
|
||||
|
|
Loading…
Reference in a new issue