[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    [kdeconnect-kde/sslrefactor] core/backends/lan: Changed protocol version to TLS 1.0, as TLS 1.2 not 
From:       Vineet Garg <grgvineet () gmail ! com>
Date:       2016-04-30 15:12:38
Message-ID: E1awWZS-00026U-36 () scm ! kde ! org
[Download RAW message or body]

Git commit b96227ae75ef34605092f22e80d7fc50b94fe0e1 by Vineet Garg.
Committed on 30/04/2016 at 15:09.
Pushed by vineetgarg into branch 'sslrefactor'.

Changed protocol version to TLS 1.0, as TLS 1.2 not supported on many Andro=
id device
Choosing cipher suites manually, same as of Android

M  +15   -1    core/backends/lan/lanlinkprovider.cpp

http://commits.kde.org/kdeconnect-kde/b96227ae75ef34605092f22e80d7fc50b94fe=
0e1

diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanl=
inkprovider.cpp
index dcba29f..d6e7642 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -409,10 +409,24 @@ void LanLinkProvider::configureSocket(QSslSocket* soc=
ket)
 =

     socket->setSocketOption(QAbstractSocket::KeepAliveOption, QVariant(1));
 =

+    // Setting supported ciphers manually
+    // Top 3 ciphers are for new Android devices, botton two are for old A=
ndroid devices
+    // FIXME : These cipher suites should be checked whether they are supp=
orted or not on device
+    QList<QSslCipher> socketCiphers;
+    socketCiphers.append(QSslCipher("ECDHE-ECDSA-AES256-GCM-SHA384"));
+    socketCiphers.append(QSslCipher("ECDHE-ECDSA-AES128-GCM-SHA256"));
+    socketCiphers.append(QSslCipher("ECDHE-RSA-AES128-SHA"));
+    socketCiphers.append(QSslCipher("RC4-SHA"));
+    socketCiphers.append(QSslCipher("RC4-MD5"));
+
     // Configure for ssl
+    QSslConfiguration sslConfig;
+    sslConfig.setCiphers(socketCiphers);
+    sslConfig.setProtocol(QSsl::TlsV1_0);
+
+    socket->setSslConfiguration(sslConfig);
     socket->setLocalCertificate(KdeConnectConfig::instance()->certificate(=
));
     socket->setPrivateKey(KdeConnectConfig::instance()->privateKeyPath());
-    socket->setProtocol(QSsl::AnyProtocol);
 =

     #ifdef TCP_KEEPIDLE
         // time to start sending keepalive packets (seconds)
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic