D16344: Do not try to fallback to "less secure" protocols

2018-10-30 Thread Albert Astals Cid
This revision was automatically updated to reflect the committed changes. Closed by commit R241:e11d4d18f66a: Do not try to fallback to "less secure" protocols (authored by aacid). CHANGED PRIOR TO COMMIT https://phabricator.kde.org/D16344?vs=43997&id=44509#toc REPOSITORY R241 KIO CHANGES S

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Andrius Štikonas
stikonas accepted this revision. stikonas added a comment. This revision is now accepted and ready to land. In D16344#349054 , @aacid wrote: > In D16344#348985 , @stikonas wrote: > > > Can you

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Albert Astals Cid
aacid added a comment. In D16344#348985 , @stikonas wrote: > Can you confirm that it works with TLSv1.2 only sites? (e.g. https://stikonas.eu:5281/admin/). Ideally we should test with TLSv1.3 too. Yes, it works. And https://tls13.crypto.

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Albert Astals Cid
aacid added a comment. In D16344#348886 , @jtamate wrote: > What protocol does KTcpSocket::SecureProtocols implement (I can't guess it)? If it is the same as QSsl:SecureProtocols Yes, see ./src/core/ktcps

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Andrius Štikonas
stikonas added a comment. Line 89 in https://api.kde.org/frameworks/kio/html/ktcpsocket_8cpp_source.html suggests that it is the same as QSsl:SecureProtocols. Can you confirm that it works with TLSv1.2 only sites? (e.g. https://stikonas.eu:5281/admin/). Ideally we should test with TLSv

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Jaime Torres Amate
jtamate added a comment. What protocol does KTcpSocket::SecureProtocols implement (I can't guess it)? If it is the same as QSsl:SecureProtocols it does: On the client side, this will send a TLS 1.0 Client Hello, enabling TLSv1_0 and SSLv3 connections. On

D16344: Do not try to fallback to "less secure" protocols

2018-10-26 Thread Albert Astals Cid
aacid added a comment. I'll commit this next tuesday unless someone disagrees. REPOSITORY R241 KIO REVISION DETAIL https://phabricator.kde.org/D16344 To: aacid Cc: carewolf, dfaure, stikonas, kde-frameworks-devel, michaelh, ngraham, bruns

D16344: Do not try to fallback to "less secure" protocols

2018-10-20 Thread Albert Astals Cid
aacid added subscribers: stikonas, dfaure, carewolf. REPOSITORY R241 KIO REVISION DETAIL https://phabricator.kde.org/D16344 To: aacid Cc: carewolf, dfaure, stikonas, kde-frameworks-devel, michaelh, ngraham, bruns

D16344: Do not try to fallback to "less secure" protocols

2018-10-20 Thread Albert Astals Cid
aacid created this revision. Herald added a project: Frameworks. Herald added a subscriber: kde-frameworks-devel. aacid requested review of this revision. REVISION SUMMARY Both Firefox and Chrom[e|ium] do this for a while so most sites have already make sure they are better compliant than wh