From 3b38d252772573d46b39c7db51679d4df5ec174c Mon Sep 17 00:00:00 2001 From: David Rosca Date: Sun, 16 Nov 2014 22:42:14 +0100 Subject: [PATCH] Drop SSLV3Sites workaround It is no longer needed, but moreover it is now also not wanted due to recent SSLv3 security issues. --- src/lib/network/networkmanager.cpp | 19 ------------------- src/lib/network/networkmanager.h | 1 - tests/autotests/networktest.cpp | 29 ----------------------------- tests/autotests/networktest.h | 3 --- 4 files changed, 52 deletions(-) diff --git a/src/lib/network/networkmanager.cpp b/src/lib/network/networkmanager.cpp index 250fcbba9..649728917 100644 --- a/src/lib/network/networkmanager.cpp +++ b/src/lib/network/networkmanager.cpp @@ -100,15 +100,9 @@ void NetworkManager::loadSettings() setCache(cache); } - // Force SSLv3 for servers that doesn't understand TLSv1 handshake - QStringList sslv3Sites; - sslv3Sites << QLatin1String("centrum.sk") << QLatin1String("centrum.cz") << QLatin1String("oneaccount.com") - << QLatin1String("i0.cz") << QLatin1String("sermepa.es"); - settings.beginGroup("Web-Browser-Settings"); m_doNotTrack = settings.value("DoNotTrack", false).toBool(); m_sendReferer = settings.value("SendReferer", true).toBool(); - m_sslv3Sites = settings.value("SSLv3Sites", sslv3Sites).toStringList(); settings.endGroup(); m_acceptLanguage = AcceptLanguage::generateHeader(settings.value("Language/acceptLanguage", AcceptLanguage::defaultLanguage()).toStringList()); @@ -598,18 +592,6 @@ QNetworkReply* NetworkManager::createRequest(QNetworkAccessManager::Operation op } } - // Force SSLv3 for servers that doesn't understand TLSv1 handshake - if (req.url().scheme() == QLatin1String("https")) { - foreach (const QString &host, m_sslv3Sites) { - if (QzTools::matchDomain(host, req.url().host())) { - QSslConfiguration conf = req.sslConfiguration(); - conf.setProtocol(QSsl::SslV3); - req.setSslConfiguration(conf); - break; - } - } - } - return QNetworkAccessManager::createRequest(op, req, outgoingData); } @@ -732,7 +714,6 @@ void NetworkManager::saveSettings() settings.endGroup(); settings.beginGroup("Web-Browser-Settings"); - settings.setValue("SSLv3Sites", m_sslv3Sites); settings.endGroup(); } diff --git a/src/lib/network/networkmanager.h b/src/lib/network/networkmanager.h index bdceb2671..d84add6cb 100644 --- a/src/lib/network/networkmanager.h +++ b/src/lib/network/networkmanager.h @@ -76,7 +76,6 @@ private: AdBlockManager* m_adblockManager; NetworkProxyFactory* m_proxyFactory; - QStringList m_sslv3Sites; QStringList m_certPaths; QList m_caCerts; QList m_localCerts; diff --git a/tests/autotests/networktest.cpp b/tests/autotests/networktest.cpp index b33da160e..23949d6e9 100644 --- a/tests/autotests/networktest.cpp +++ b/tests/autotests/networktest.cpp @@ -26,38 +26,9 @@ void NetworkTest::initTestCase() { m_manager = new QNetworkAccessManager; - - QSslConfiguration conf = QSslConfiguration::defaultConfiguration(); - conf.setProtocol(QSsl::SslV3); - QSslConfiguration::setDefaultConfiguration(conf); } void NetworkTest::cleanupTestCase() { delete m_manager; } - -void NetworkTest::sslv3test_data() -{ - QTest::addColumn("url"); - - // Sites that loads only with SslV3 forced and have it forced in NetworkManager - QTest::newRow("centrum.sk") << QUrl("https://user.centrum.sk/"); - QTest::newRow("centrum.cz") << QUrl("https://user.centrum.cz/"); - QTest::newRow("oneaccount.com") << QUrl("https://service.oneaccount.com/onlineV2/OSV2?event=login&pt=3"); - QTest::newRow("i0.cz") << QUrl("https://i0.cz/6/ju/css/login/centrum.sk.css"); -} - -void NetworkTest::sslv3test() -{ - QFETCH(QUrl, url); - - QNetworkReply *reply = m_manager->get(QNetworkRequest(url)); - - QEventLoop loop; - connect(m_manager, SIGNAL(finished(QNetworkReply*)), &loop, SLOT(quit())); - loop.exec(); - - QCOMPARE(QNetworkReply::NoError, reply->error()); - QCOMPARE(false, reply->readAll().isEmpty()); -} diff --git a/tests/autotests/networktest.h b/tests/autotests/networktest.h index d0c70357a..342a84d25 100644 --- a/tests/autotests/networktest.h +++ b/tests/autotests/networktest.h @@ -30,9 +30,6 @@ private slots: void initTestCase(); void cleanupTestCase(); - void sslv3test_data(); - void sslv3test(); - private: QNetworkAccessManager *m_manager; };