aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2015-07-10 14:59:49 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2015-07-10 15:00:01 +0200
commit708037fcc776838b4e3a6d0c511aeff09c15a8e9 (patch)
treeee593d21d7c480dbb2dd06902990caf560bc2f6f
parent6db53b43327552cb69daf3da7422e1f3ab4e20f1 (diff)
parent15e26a6a9afe299b9ca6fced73b876644365879b (diff)
Merge pull request #6384
15e26a6 qt: Force TLS1.0+ for SSL connections (Wladimir J. van der Laan)
-rw-r--r--src/qt/bitcoin.cpp8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/qt/bitcoin.cpp b/src/qt/bitcoin.cpp
index 8740b98b70..07250e72c2 100644
--- a/src/qt/bitcoin.cpp
+++ b/src/qt/bitcoin.cpp
@@ -48,6 +48,7 @@
#include <QThread>
#include <QTimer>
#include <QTranslator>
+#include <QSslConfiguration>
#if defined(QT_STATICPLUGIN)
#include <QtPlugin>
@@ -515,6 +516,13 @@ int main(int argc, char *argv[])
#ifdef Q_OS_MAC
QApplication::setAttribute(Qt::AA_DontShowIconsInMenus);
#endif
+#if QT_VERSION >= 0x050500
+ // Because of the POODLE attack it is recommended to disable SSLv3 (https://disablessl3.com/),
+ // so set SSL protocols to TLS1.0+.
+ QSslConfiguration sslconf = QSslConfiguration::defaultConfiguration();
+ sslconf.setProtocol(QSsl::TlsV1_0OrLater);
+ QSslConfiguration::setDefaultConfiguration(sslconf);
+#endif
// Register meta types used for QMetaObject::invokeMethod
qRegisterMetaType< bool* >();