AuroraMiddleware/qt5base-lts
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
62,060 Commits 4 Branches 0 Tags 339 MiB
C++ 84.2%
HTML 5.1%
C 4.2%
CMake 2.9%
Objective-C++ 2%
Other 1%
3ec24e329c
Go to file
Giuseppe D'Angelo 3ec24e329c SSL: upgrade the default DH parameters 
We have been using as default DH parameters the 1024-bit MODP group.
This is now considered insecure, and applications should use the
2048-bit at a minimum [1]. This commit therefore replaces the parameters
with the 2048-bit MODP group from [2].

To double check the data, use openssl asn1parse to verify that the prime
matches. For instance:

1) put the encoded string in a `encoded.txt` file (c&p from the source,
   removing the double quotes)
2) put the hexadecimal value of the 2048-bit group in a `reference.txt`
   file (c&p from [2])
3) compare the output of openssl asn1parse with the reference. For
   instance like this:

    $ diff <(openssl asn1parse < encoded.txt | grep -m 1 INTEGER | perl -pe 's/.*://; s/\n//') <(perl -0777 -pe 's/\s//g' reference.txt) && echo OK
    OK

[1] https://datatracker.ietf.org/doc/html/rfc8247#section-2.4
[2] https://datatracker.ietf.org/doc/html/rfc3526#section-3

[ChangeLog][QtNetwork][QSslDiffieHellmanParameters] The default
Diffie-Hellman parameters are now using the 2048-bit MODP group from
RFC 3526.

Pick-to: 6.6 6.5 6.2 5.15
Change-Id: I47133cd78ba0e954b8f93a3da09fa2c760c9f7a8
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2023-06-27 10:55:27 +02:00
.github/workflows Repair github action workflow 2021-11-10 18:57:33 +01:00
bin Add simple project generation based on existing source files 2023-02-08 12:59:19 +01:00
cmake wasm: update emscripten to 3.1.37 2023-06-26 07:58:11 +02:00
coin Add feature to disable building tests 2023-06-12 13:46:07 +00:00
config.tests Remove the mandatory x86-64 features from its feature list 2023-05-31 14:55:37 -07:00
dist Add Qt 6.0.0 changes file 2020-11-16 10:02:08 +02:00
doc QtDoc Global: Add macros for Qt Design Studio in qtdoc 2023-06-22 11:09:18 +02:00
examples Move dock widgets example to manual test 2023-06-26 23:15:02 +02:00
lib Purge all fonts 2015-08-18 19:59:14 +00:00
libexec Pass native path in qt-internal-configure-tests 2023-04-17 23:32:34 +02:00
LICENSES Clarify license of SHA-1 algorithm 2023-04-26 16:36:18 +02:00
mkspecs wasm: update emscripten to 3.1.37 2023-06-26 07:58:11 +02:00
qmake Doc: Remove \target commands from the qmake manual 2023-06-21 13:19:51 +00:00
src SSL: upgrade the default DH parameters 2023-06-27 10:55:27 +02:00
tests QStorageInfo/Linux: use readAll() with /proc/self/mountinfo 2023-06-27 02:28:21 +03:00
util Make WASM export names different across modules 2023-06-20 09:08:03 +02:00
.cmake.conf Bump version to 6.7.0 2023-06-12 14:46:07 +01:00
.gitattributes Give batch files CRLF line endings 2020-11-04 15:02:29 +00:00
.gitignore Add CMakeUserPresets.json to .gitignore 2023-06-23 12:13:08 +02:00
.lgtm.yml Skip LGTM analysis for the bootstrap library and tools 2020-07-16 01:04:34 +02:00
.tag Update the git-archive export options 2012-09-07 15:39:31 +02:00
CMakeLists.txt Introduce QT_ALLOW_SYMLINK_IN_PATHS flag 2023-05-03 19:44:45 +02:00
config_help.txt CMake: Remove the dysfunctional -testcocoon configure option 2023-06-16 23:39:01 +02:00
configure Retrieve an old -redo behavior 2023-02-07 18:51:58 +00:00
configure.bat Retrieve an old -redo behavior 2023-02-07 18:51:58 +00:00
configure.cmake Disable TEST_separate_debug_info when building with MSVC or on Apple 2023-06-17 23:21:18 +02:00
dependencies.yaml Re-add dependencies.yaml now that qt5.git wip/qt6 builds fine 2019-09-18 13:19:31 +02:00
qt_cmdline.cmake CMake: Remove the dysfunctional -testcocoon configure option 2023-06-16 23:39:01 +02:00
sync.profile rhi: Make it a QPA-style private but semi-public API 2023-05-21 15:42:58 +02:00