[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: [kdeconnect-kde/sslrefactor] core/backends/lan: Changed protocol version to TLS 1.0, as TLS 1.2 not
From: Vineet Garg <grgvineet () gmail ! com>
Date: 2016-04-30 15:12:38
Message-ID: E1awWZS-00026U-36 () scm ! kde ! org
[Download RAW message or body]
Git commit b96227ae75ef34605092f22e80d7fc50b94fe0e1 by Vineet Garg.
Committed on 30/04/2016 at 15:09.
Pushed by vineetgarg into branch 'sslrefactor'.
Changed protocol version to TLS 1.0, as TLS 1.2 not supported on many Andro=
id device
Choosing cipher suites manually, same as of Android
M +15 -1 core/backends/lan/lanlinkprovider.cpp
http://commits.kde.org/kdeconnect-kde/b96227ae75ef34605092f22e80d7fc50b94fe=
0e1
diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanl=
inkprovider.cpp
index dcba29f..d6e7642 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -409,10 +409,24 @@ void LanLinkProvider::configureSocket(QSslSocket* soc=
ket)
=
socket->setSocketOption(QAbstractSocket::KeepAliveOption, QVariant(1));
=
+ // Setting supported ciphers manually
+ // Top 3 ciphers are for new Android devices, botton two are for old A=
ndroid devices
+ // FIXME : These cipher suites should be checked whether they are supp=
orted or not on device
+ QList<QSslCipher> socketCiphers;
+ socketCiphers.append(QSslCipher("ECDHE-ECDSA-AES256-GCM-SHA384"));
+ socketCiphers.append(QSslCipher("ECDHE-ECDSA-AES128-GCM-SHA256"));
+ socketCiphers.append(QSslCipher("ECDHE-RSA-AES128-SHA"));
+ socketCiphers.append(QSslCipher("RC4-SHA"));
+ socketCiphers.append(QSslCipher("RC4-MD5"));
+
// Configure for ssl
+ QSslConfiguration sslConfig;
+ sslConfig.setCiphers(socketCiphers);
+ sslConfig.setProtocol(QSsl::TlsV1_0);
+
+ socket->setSslConfiguration(sslConfig);
socket->setLocalCertificate(KdeConnectConfig::instance()->certificate(=
));
socket->setPrivateKey(KdeConnectConfig::instance()->privateKeyPath());
- socket->setProtocol(QSsl::AnyProtocol);
=
#ifdef TCP_KEEPIDLE
// time to start sending keepalive packets (seconds)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic