diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2018-10-16 07:03:45 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2018-10-16 07:04:22 +0200 |
commit | 2468471e13987b1be377e1b33fe9c5cdb7a7a3e3 (patch) | |
tree | 7c2ca494016d1198ebcb02db8f783b83a08e4b1a /src/qt | |
parent | 9bd3ff430b4e4e862b319a899825c51f3d18285e (diff) | |
parent | 7d173c4cd1885ff5bcf9e5f8f7f712138dd8a445 (diff) |
Merge #14403: qt: Revert "Force TLS1.0+ for SSL connections"
7d173c4cd1885ff5bcf9e5f8f7f712138dd8a445 qt: Revert "Force TLS1.0+ for SSL connections" (Tim Ruffing)
Pull request description:
This reverts commit 15e26a6a9afe299b9ca6fced73b876644365879b, whose
purpose was to tweak the Qt configuration to force TLS, i.e., to
disable SSLv3, in Qt versions >= 5.5. However, the default behavior
of Qt >= 5.4 is to disable SSLv3 anyway [1], so the configuration
tweak is redundant.
With Qt 5.11.2, the configuration tweak is not only redundant but in
fact provokes a deadlock due to a bug in Qt 5.11.2. Since the deadlock
occurs at the early startup stage of bitcoin-qt, it renders bitcoin-qt
entirely non-functional when compiled against Qt 5.11.2 (and maybe
other Qt versions).
Fixes #14359.
[1] https://code.qt.io/cgit/qt/qtbase.git/commit/?id=3fd2d9eff8c1f948306ee5fbfe364ccded1c4b84
Tree-SHA512: 9dd86557b8d265dfa56592924778a736590f2e6a0b2acf77d4f9f4200206a9edaa79b144b0085ea59ac0cc1bc66d9740402fd02f9298ff74c8d6f526f3f725d6
Diffstat (limited to 'src/qt')
-rw-r--r-- | src/qt/bitcoin.cpp | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/src/qt/bitcoin.cpp b/src/qt/bitcoin.cpp index 61a9f390e9..a014ad4b28 100644 --- a/src/qt/bitcoin.cpp +++ b/src/qt/bitcoin.cpp @@ -51,7 +51,6 @@ #include <QThread> #include <QTimer> #include <QTranslator> -#include <QSslConfiguration> #if defined(QT_STATICPLUGIN) #include <QtPlugin> @@ -577,13 +576,6 @@ int main(int argc, char *argv[]) #ifdef Q_OS_MAC QApplication::setAttribute(Qt::AA_DontShowIconsInMenus); #endif -#if QT_VERSION >= 0x050500 - // Because of the POODLE attack it is recommended to disable SSLv3 (https://disablessl3.com/), - // so set SSL protocols to TLS1.0+. - QSslConfiguration sslconf = QSslConfiguration::defaultConfiguration(); - sslconf.setProtocol(QSsl::TlsV1_0OrLater); - QSslConfiguration::setDefaultConfiguration(sslconf); -#endif // Register meta types used for QMetaObject::invokeMethod qRegisterMetaType< bool* >(); |