Question about QSslCipher::protocolString

Thiago Macieira thiago at kde.org
Mon Oct 20 00:13:35 BST 2014


On Sunday 19 October 2014 18:14:36 Thomas Lübking wrote:
> On Sonntag, 19. Oktober 2014 16:35:35 CEST, Dawit A wrote:
> > protocolString: SSLv3
> > ...
> > However if one uses openssl directly, the following information is
> > returned:
> > 
> > $ openssl s_client -connect blog.mozilla.org:443
> > 
> > New, TLSv1/SSLv3, Cipher is DHE-RSA-AES128-SHA
> > ...
> > So the negotiated protocol when using openSSL directly is returned as
> > TLSv1.1 where as QSslCipher almost always returns SSLv3. My question is
> > why
> > the negotiated protocol in QSslCipher is different from the one we get
> > through openssl directly?
> 
> I get SSLv3 from blog.mozilla.org, but TLSv1.2 from mail.google.com.
> 
> Checking "qDebug() << QSslSocket::defaultCiphers();",
> "QSslCipher(name=ECDHE-RSA-AES256-GCM-SHA384, bits=256, proto=TLSv1.2)" is
> top of the list here and most SSLv3 variants on the very bottom.
> 
> --> THERE IS NO TLSv1.1 IN THAT LIST, NOR IN "::supportedCiphers()"
> 
> However, I don't know why QSslSocket doesn't provide TLSv1.1 (here)

This is looking like a Qt bug instead. Can you investigate QSslSocket instead?
-- 
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
   Software Architect - Intel Open Source Technology Center
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358





More information about the kde-core-devel mailing list