From 2d521002ca024b71525036a0a6f5d02bb09b3ed7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A5rten=20Nordheim?= <marten.nordheim@qt.io>
Date: Mon, 11 Mar 2024 16:58:24 +0100
Subject: [PATCH] Schannel: fix handling of empty ciphers list

Contrary to OpenSSL the new ciphers support in Schannel
would disallow all ciphers when the list was empty.
The pre-existing behavior was to use the default list.

Amends f7792d2b6d3d1e5dd47a8f6429b817b793bcfb9b

Pick-to: 6.7
Change-Id: I0e79013ac86261c4afa4affb28cb1838177c12de
Reviewed-by: Tobias Koenig <tobias.koenig@kdab.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
---
 src/plugins/tls/schannel/qtls_schannel.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/plugins/tls/schannel/qtls_schannel.cpp b/src/plugins/tls/schannel/qtls_schannel.cpp
index eba152d1590..a244a90ebc2 100644
--- a/src/plugins/tls/schannel/qtls_schannel.cpp
+++ b/src/plugins/tls/schannel/qtls_schannel.cpp
@@ -1145,10 +1145,12 @@ bool TlsCryptographSchannel::acquireCredentialsHandle()
     }
 
     const QList<QSslCipher> ciphers = configuration.ciphers();
-    if (!containsTls13Cipher(ciphers))
+    if (!ciphers.isEmpty() && !containsTls13Cipher(ciphers))
         protocols &= ~SP_PROT_TLS1_3;
 
-    QList<CRYPTO_SETTINGS> cryptoSettings = cryptoSettingsForCiphers(ciphers);
+    QList<CRYPTO_SETTINGS> cryptoSettings;
+    if (!ciphers.isEmpty())
+        cryptoSettings = cryptoSettingsForCiphers(ciphers);
 
     TLS_PARAMETERS tlsParameters = {
         0,