Re: [Development] Incorrect TLS Session Verification on macOS with OrLater Options

2017-01-28 Thread Mikkel Krautz
On Sat, Jan 28, 2017 at 12:16 AM, Jason A. Donenfeld wrote: > Hi, > > The file src/network/ssl/qsslsocket_mac.cpp contains a nasty bug > preventing the use of setProtocol(QSsl::TlsV1_2OrLater): > > bool QSslSocketBackendPrivate::verifySessionProtocol() const > { >bool protocolOk = false; >

[Development] Incorrect TLS Session Verification on macOS with OrLater Options

2017-01-27 Thread Jason A. Donenfeld
Hi, The file src/network/ssl/qsslsocket_mac.cpp contains a nasty bug preventing the use of setProtocol(QSsl::TlsV1_2OrLater): bool QSslSocketBackendPrivate::verifySessionProtocol() const { bool protocolOk = false; if (configuration.protocol == QSsl::AnyProtocol) protocolOk = true;