From 66a5f9fdd40485a4e64d447f84046698b7cacae3 Mon Sep 17 00:00:00 2001 From: Timur Pocheptsov Date: Tue, 5 Dec 2023 13:09:50 +0100 Subject: [PATCH] QSslConfiguration: remove example MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It uses the ciphersuite name which smart tools one day will mark as weak (i.e. https://ciphersuite.info/cs/TLS_DHE_DSS_WITH_AES_256_CBC_SHA/ in our example), names in the example are not in the standard notation, + it is and always was OpenSSL-specific example. Pick-to: 6.6 6.5 6.2 Fixes: QTBUG-119464 Change-Id: Ic6f095ff2c861582de756bf220e2e74106b88e83 Reviewed-by: MÃ¥rten Nordheim --- .../snippets/code/src_network_ssl_qsslconfiguration.cpp | 7 ------- src/network/ssl/qsslconfiguration.cpp | 5 +---- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/src/network/doc/snippets/code/src_network_ssl_qsslconfiguration.cpp b/src/network/doc/snippets/code/src_network_ssl_qsslconfiguration.cpp index edc542ac3f5..d9a493d1ce4 100644 --- a/src/network/doc/snippets/code/src_network_ssl_qsslconfiguration.cpp +++ b/src/network/doc/snippets/code/src_network_ssl_qsslconfiguration.cpp @@ -6,10 +6,3 @@ QSslConfiguration config = sslSocket.sslConfiguration(); config.setProtocol(QSsl::TlsV1_2); sslSocket.setSslConfiguration(config); //! [0] - - -//! [1] -QSslConfiguration tlsConfig = QSslConfiguration::defaultConfiguration(); -tlsConfig.setCiphers(QStringLiteral("DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA")); -//! [1] - diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp index bc7f1fb3f42..76905a1098d 100644 --- a/src/network/ssl/qsslconfiguration.cpp +++ b/src/network/ssl/qsslconfiguration.cpp @@ -577,10 +577,7 @@ void QSslConfiguration::setCiphers(const QList &ciphers) Sets the cryptographic cipher suite for this configuration to \a ciphers, which is a colon-separated list of cipher suite names. The ciphers are listed - in order of preference, starting with the most preferred cipher. For example: - - \snippet code/src_network_ssl_qsslconfiguration.cpp 1 - + in order of preference, starting with the most preferred cipher. Each cipher name in \a ciphers must be the name of a cipher in the list returned by supportedCiphers(). Restricting the cipher suite must be done before the handshake phase, where the session cipher