Question about QSslCipher::protocolString
Thiago Macieira
thiago at kde.org
Mon Oct 20 00:13:35 BST 2014
On Sunday 19 October 2014 18:14:36 Thomas Lübking wrote:
> On Sonntag, 19. Oktober 2014 16:35:35 CEST, Dawit A wrote:
> > protocolString: SSLv3
> > ...
> > However if one uses openssl directly, the following information is
> > returned:
> >
> > $ openssl s_client -connect blog.mozilla.org:443
> >
> > New, TLSv1/SSLv3, Cipher is DHE-RSA-AES128-SHA
> > ...
> > So the negotiated protocol when using openSSL directly is returned as
> > TLSv1.1 where as QSslCipher almost always returns SSLv3. My question is
> > why
> > the negotiated protocol in QSslCipher is different from the one we get
> > through openssl directly?
>
> I get SSLv3 from blog.mozilla.org, but TLSv1.2 from mail.google.com.
>
> Checking "qDebug() << QSslSocket::defaultCiphers();",
> "QSslCipher(name=ECDHE-RSA-AES256-GCM-SHA384, bits=256, proto=TLSv1.2)" is
> top of the list here and most SSLv3 variants on the very bottom.
>
> --> THERE IS NO TLSv1.1 IN THAT LIST, NOR IN "::supportedCiphers()"
>
> However, I don't know why QSslSocket doesn't provide TLSv1.1 (here)
This is looking like a Qt bug instead. Can you investigate QSslSocket instead?
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Software Architect - Intel Open Source Technology Center
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
More information about the kde-core-devel
mailing list