github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-12 16:23:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

[WebUI]: exclude insecure ciphers

Browse source
This commit is contained in:
Chocobo1 2017-02-05 15:00:58 +08:00 committed by sledgehammer999
parent 84bc011df5
commit f9c39e3dac
No known key found for this signature in database
GPG key ID: 6E4A2D025B7CC9A2
2 changed files with 29 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

26
src/base/http/server.cpp
View file

@ -47,6 +47,9 @@ Server::Server(IRequestHandler *requestHandler, QObject *parent)
#endif
{
setProxy(QNetworkProxy::NoProxy);
#ifndef QT_NO_OPENSSL
QSslSocket::setDefaultCiphers(safeCipherList());
#endif
}
Server::~Server()
@ -103,3 +106,26 @@ void Server::incomingConnection(int socketDescriptor)
serverSocket->deleteLater();
}
}
#ifndef QT_NO_OPENSSL
QList<QSslCipher> Server::safeCipherList() const
{
const QStringList badCiphers = {"idea", "rc4"};
const QList<QSslCipher> allCiphers = QSslSocket::supportedCiphers();
QList<QSslCipher> safeCiphers;
foreach (const QSslCipher &cipher, allCiphers) {
bool isSafe = true;
foreach (const QString &badCipher, badCiphers) {
if (cipher.name().contains(badCipher, Qt::CaseInsensitive)) {
isSafe = false;
break;
}
}
if (isSafe)
safeCiphers += cipher;
}
return safeCiphers;
}
#endif