75b2a4960b
This commit adds the ability to perform legacy SSL renegotiation as a fallback via QSsl::SslOptions. This is something that used to work, but has been disabled by default in newer versions of openssl. The need for this has been reported by users (eg. in QTBUG-14983). Change-Id: I5b80f3ffd07e0c5faddc469f6a8f857bac5740f7 Reviewed-by: Corentin Chary <corentin.chary@gmail.com> Reviewed-by: Peter Hartmann <peter.hartmann@nokia.com>
96 lines
3.6 KiB
C++
96 lines
3.6 KiB
C++
/****************************************************************************
|
|
**
|
|
** Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
|
|
** All rights reserved.
|
|
** Contact: Nokia Corporation (qt-info@nokia.com)
|
|
**
|
|
** This file is part of the test suite of the Qt Toolkit.
|
|
**
|
|
** $QT_BEGIN_LICENSE:LGPL$
|
|
** GNU Lesser General Public License Usage
|
|
** This file may be used under the terms of the GNU Lesser General Public
|
|
** License version 2.1 as published by the Free Software Foundation and
|
|
** appearing in the file LICENSE.LGPL included in the packaging of this
|
|
** file. Please review the following information to ensure the GNU Lesser
|
|
** General Public License version 2.1 requirements will be met:
|
|
** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
|
|
**
|
|
** In addition, as a special exception, Nokia gives you certain additional
|
|
** rights. These rights are described in the Nokia Qt LGPL Exception
|
|
** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
|
|
**
|
|
** GNU General Public License Usage
|
|
** Alternatively, this file may be used under the terms of the GNU General
|
|
** Public License version 3.0 as published by the Free Software Foundation
|
|
** and appearing in the file LICENSE.GPL included in the packaging of this
|
|
** file. Please review the following information to ensure the GNU General
|
|
** Public License version 3.0 requirements will be met:
|
|
** http://www.gnu.org/copyleft/gpl.html.
|
|
**
|
|
** Other Usage
|
|
** Alternatively, this file may be used in accordance with the terms and
|
|
** conditions contained in a signed written agreement between you and Nokia.
|
|
**
|
|
**
|
|
**
|
|
**
|
|
**
|
|
** $QT_END_LICENSE$
|
|
**
|
|
****************************************************************************/
|
|
|
|
#include <QtNetwork/qsslconfiguration.h>
|
|
#include <QtCore/QCoreApplication>
|
|
#include <QtCore/QTextStream>
|
|
#include <stdio.h>
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
QCoreApplication app(argc, argv);
|
|
|
|
if (argc < 3) {
|
|
QTextStream out(stdout);
|
|
out << "Usage: " << argv[0] << " host port [options]" << endl;
|
|
out << "The options can be one or more of the following:" << endl;
|
|
out << "enable_empty_fragments" << endl;
|
|
out << "disable_session_tickets" << endl;
|
|
out << "disable_compression" << endl;
|
|
out << "disable_sni" << endl;
|
|
out << "enable_unsafe_reneg" << endl;
|
|
return 1;
|
|
}
|
|
|
|
QString host = QString::fromLocal8Bit(argv[1]);
|
|
int port = QString::fromLocal8Bit(argv[2]).toInt();
|
|
|
|
QSslConfiguration config = QSslConfiguration::defaultConfiguration();
|
|
|
|
for (int i=3; i < argc; i++) {
|
|
QString option = QString::fromLocal8Bit(argv[i]);
|
|
|
|
if (option == QStringLiteral("enable_empty_fragments"))
|
|
config.setSslOption(QSsl::SslOptionDisableEmptyFragments, false);
|
|
else if (option == QStringLiteral("disable_session_tickets"))
|
|
config.setSslOption(QSsl::SslOptionDisableSessionTickets, true);
|
|
else if (option == QStringLiteral("disable_compression"))
|
|
config.setSslOption(QSsl::SslOptionDisableCompression, true);
|
|
else if (option == QStringLiteral("disable_sni"))
|
|
config.setSslOption(QSsl::SslOptionDisableServerNameIndication, true);
|
|
else if (option == QStringLiteral("enable_unsafe_reneg"))
|
|
config.setSslOption(QSsl::SslOptionDisableLegacyRenegotiation, false);
|
|
}
|
|
|
|
QSslConfiguration::setDefaultConfiguration(config);
|
|
|
|
QSslSocket socket;
|
|
//socket.setSslConfiguration(config);
|
|
socket.connectToHostEncrypted(host, port);
|
|
|
|
if ( !socket.waitForEncrypted() ) {
|
|
qDebug() << socket.errorString();
|
|
return 1;
|
|
}
|
|
|
|
return 0;
|
|
}
|