rpm/libqt5-qtbase
SHA256
1
0
Fork 0
forked from pool/libqt5-qtbase
Code Pull Requests Activity
26d10f1197
libqt5-qtbase/disable-rc4-ciphers-bnc865241.diff

22 lines
1.1 KiB
Diff
Raw Normal View History

Accepting request 358747 from KDE:Qt5 - Added 0001-Fix-exclusion-of-anonymous-ciphers.patch from upstream to disable exp-adh and aecdh ciphers. - Added disable-rc4-ciphers-bnc865241.diff to disable RC4 based ciphers which are now considered insecure (bnc#865241) - Added Add-option-to-disable-session-management-by-closing-windows.patch API adition to QSessionManager as first step in resolving kde#354724 and boo#955280 - Update to 5.5.1 (boo#954149) OBS-URL: https://build.opensuse.org/request/show/358747 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libqt5-qtbase?expand=0&rev=50
2016-02-17 10:29:56 +01:00
Index: qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
===================================================================
--- qtbase-opensource-src-5.5.1.orig/src/network/ssl/qsslsocket_openssl.cpp
+++ qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
@@ -662,10 +662,13 @@ void QSslSocketPrivate::resetDefaultCiph
// Unconditionally exclude ADH and AECDH ciphers since they offer no MITM protection
if (!ciph.name().toLower().startsWith(QLatin1String("adh")) &&
!ciph.name().toLower().startsWith(QLatin1String("exp-adh")) &&
- !ciph.name().toLower().startsWith(QLatin1String("aecdh")))
+ !ciph.name().toLower().startsWith(QLatin1String("aecdh"))) {
ciphers << ciph;
- if (ciph.usedBits() >= 128)
- defaultCiphers << ciph;
+
+ if (ciph.usedBits() >= 128 &&
+ !ciph.encryptionMethod().toLower().startsWith(QLatin1String("rc4")))
+ defaultCiphers << ciph;
+ }
}
}
}
Copy Permalink