qt5base-lts/tests/manual/qssloptions/main.cpp
Richard Moore 75b2a4960b Add the ability to do unsafe SSL renegotiation as a fallback.
This commit adds the ability to perform legacy SSL renegotiation as
a fallback via QSsl::SslOptions. This is something that used to work,
but has been disabled by default in newer versions of openssl. The
need for this has been reported by users (eg. in QTBUG-14983).

Change-Id: I5b80f3ffd07e0c5faddc469f6a8f857bac5740f7
Reviewed-by: Corentin Chary <corentin.chary@gmail.com>
Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
2011-11-15 11:53:44 +01:00

96 lines
3.6 KiB
C++

/****************************************************************************
**
** Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
** All rights reserved.
** Contact: Nokia Corporation (qt-info@nokia.com)
**
** This file is part of the test suite of the Qt Toolkit.
**
** $QT_BEGIN_LICENSE:LGPL$
** GNU Lesser General Public License Usage
** This file may be used under the terms of the GNU Lesser General Public
** License version 2.1 as published by the Free Software Foundation and
** appearing in the file LICENSE.LGPL included in the packaging of this
** file. Please review the following information to ensure the GNU Lesser
** General Public License version 2.1 requirements will be met:
** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
**
** In addition, as a special exception, Nokia gives you certain additional
** rights. These rights are described in the Nokia Qt LGPL Exception
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
**
** GNU General Public License Usage
** Alternatively, this file may be used under the terms of the GNU General
** Public License version 3.0 as published by the Free Software Foundation
** and appearing in the file LICENSE.GPL included in the packaging of this
** file. Please review the following information to ensure the GNU General
** Public License version 3.0 requirements will be met:
** http://www.gnu.org/copyleft/gpl.html.
**
** Other Usage
** Alternatively, this file may be used in accordance with the terms and
** conditions contained in a signed written agreement between you and Nokia.
**
**
**
**
**
** $QT_END_LICENSE$
**
****************************************************************************/
#include <QtNetwork/qsslconfiguration.h>
#include <QtCore/QCoreApplication>
#include <QtCore/QTextStream>
#include <stdio.h>
int main(int argc, char **argv)
{
QCoreApplication app(argc, argv);
if (argc < 3) {
QTextStream out(stdout);
out << "Usage: " << argv[0] << " host port [options]" << endl;
out << "The options can be one or more of the following:" << endl;
out << "enable_empty_fragments" << endl;
out << "disable_session_tickets" << endl;
out << "disable_compression" << endl;
out << "disable_sni" << endl;
out << "enable_unsafe_reneg" << endl;
return 1;
}
QString host = QString::fromLocal8Bit(argv[1]);
int port = QString::fromLocal8Bit(argv[2]).toInt();
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
for (int i=3; i < argc; i++) {
QString option = QString::fromLocal8Bit(argv[i]);
if (option == QStringLiteral("enable_empty_fragments"))
config.setSslOption(QSsl::SslOptionDisableEmptyFragments, false);
else if (option == QStringLiteral("disable_session_tickets"))
config.setSslOption(QSsl::SslOptionDisableSessionTickets, true);
else if (option == QStringLiteral("disable_compression"))
config.setSslOption(QSsl::SslOptionDisableCompression, true);
else if (option == QStringLiteral("disable_sni"))
config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
else if (option == QStringLiteral("enable_unsafe_reneg"))
config.setSslOption(QSsl::SslOptionDisableLegacyRenegotiation, false);
}
QSslConfiguration::setDefaultConfiguration(config);
QSslSocket socket;
//socket.setSslConfiguration(config);
socket.connectToHostEncrypted(host, port);
if ( !socket.waitForEncrypted() ) {
qDebug() << socket.errorString();
return 1;
}
return 0;
}