Added code to work around a security vulnerability discovered in SSL (as recommended by Digia). 5_2_x

Sat, 29 Sep 2012 11:09:02 +0200

author
Detlev Offenbach <detlev@die-offenbachs.de>
date
Sat, 29 Sep 2012 11:09:02 +0200
branch
5_2_x
changeset 2068
81f7aecc6599
parent 2066
5c8c46109e0e
child 2069
836d44aea98c

Added code to work around a security vulnerability discovered in SSL (as recommended by Digia).
(grafted from 778e254ad4ee7ead7c551987ebe42fc383b56dd5)

Helpviewer/Network/NetworkAccessManager.py file | annotate | diff | comparison | revisions
--- a/Helpviewer/Network/NetworkAccessManager.py	Fri Sep 28 18:19:01 2012 +0200
+++ b/Helpviewer/Network/NetworkAccessManager.py	Sat Sep 29 11:09:02 2012 +0200
@@ -83,6 +83,10 @@
             sslCfg = QSslConfiguration.defaultConfiguration()
             sslCfg.setCaCertificates(caList)
             sslCfg.setProtocol(QSsl.AnyProtocol)
+            try:
+                sslCfg.setSslOption(QSsl.SslOptionDisableCompression, True)
+            except AttributeError:
+                pass
             QSslConfiguration.setDefaultConfiguration(sslCfg)
             
             self.sslErrors.connect(self.__sslErrors)

eric ide

mercurial