diff options
| -rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 949b5097c9..e305822d84 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -264,7 +264,13 @@ init_context: } // Enable all bug workarounds. +#ifdef SSL_OP_NO_COMPRESSION + // If compression is available, then disable it to avoid the CRIME attack + // if it is not available then we're not vulnerable anyway. + q_SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_COMPRESSION); +#else q_SSL_CTX_set_options(ctx, SSL_OP_ALL); +#endif // Initialize ciphers QByteArray cipherString; |