Make QSsl::SecureProtocols also enable use of TLS1.{1,2}

Previously it was only enabling use of TLS1.0, unlike our openssl backend, which understandably caused some confusion among some of our users. Seeing as this is also the default value in QSslConfiguration it is nice to have it negotatiate more secure ciphers. Task-number: QTBUG-67112 Change-Id: Ie216703da1ec4e6b973a881040e14816ad4c0a32 Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
2018-03-20 10:00:06 +01:00 · 2018-03-20 10:00:06 +01:00 · 4a56d86ee4
commit 4a56d86ee4
parent 45c62aae4b
1 changed files with 5 additions and 1 deletions
--- a/src/network/ssl/qsslsocket_winrt.cpp
+++ b/src/network/ssl/qsslsocket_winrt.cpp
@ -238,7 +238,6 @@ void QSslSocketBackendPrivate::startClientEncryption()
    case QSsl::SslV3:
        protectionLevel = SocketProtectionLevel_Ssl; // Only use this value if weak cipher support is required
        break;
-    case QSsl::SecureProtocols:
    case QSsl::TlsV1SslV3:
    case QSsl::TlsV1_0:
        protectionLevel = SocketProtectionLevel_Tls10;
@ -257,6 +256,11 @@ void QSslSocketBackendPrivate::startClientEncryption()
        setErrorAndEmit(QAbstractSocket::SslInvalidUserDataError,
                        QStringLiteral("unsupported protocol"));
        return;
+    case QSsl::SecureProtocols:
+        // SocketProtectionLevel_Tls12 actually means "use TLS1.0, 1.1 or 1.2"
+        // https://docs.microsoft.com/en-us/uwp/api/windows.networking.sockets.socketprotectionlevel
+        protectionLevel = SocketProtectionLevel_Tls12;
+        break;
    default:
        protectionLevel = SocketProtectionLevel_Tls12; // default to highest
        protocol = QSsl::TlsV1_2;