0a13522eeb
- Added 0001-Fix-exclusion-of-anonymous-ciphers.patch from upstream to disable exp-adh and aecdh ciphers. - Added disable-rc4-ciphers-bnc865241.diff to disable RC4 based ciphers which are now considered insecure (bnc#865241) - Added Add-option-to-disable-session-management-by-closing-windows.patch API adition to QSessionManager as first step in resolving kde#354724 and boo#955280 - Update to 5.5.1 (boo#954149) OBS-URL: https://build.opensuse.org/request/show/358747 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libqt5-qtbase?expand=0&rev=50
22 lines
1.1 KiB
Diff
22 lines
1.1 KiB
Diff
Index: qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
|
|
===================================================================
|
|
--- qtbase-opensource-src-5.5.1.orig/src/network/ssl/qsslsocket_openssl.cpp
|
|
+++ qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
|
|
@@ -662,10 +662,13 @@ void QSslSocketPrivate::resetDefaultCiph
|
|
// Unconditionally exclude ADH and AECDH ciphers since they offer no MITM protection
|
|
if (!ciph.name().toLower().startsWith(QLatin1String("adh")) &&
|
|
!ciph.name().toLower().startsWith(QLatin1String("exp-adh")) &&
|
|
- !ciph.name().toLower().startsWith(QLatin1String("aecdh")))
|
|
+ !ciph.name().toLower().startsWith(QLatin1String("aecdh"))) {
|
|
ciphers << ciph;
|
|
- if (ciph.usedBits() >= 128)
|
|
- defaultCiphers << ciph;
|
|
+
|
|
+ if (ciph.usedBits() >= 128 &&
|
|
+ !ciph.encryptionMethod().toLower().startsWith(QLatin1String("rc4")))
|
|
+ defaultCiphers << ciph;
|
|
+ }
|
|
}
|
|
}
|
|
}
|