diff options
| author | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-09-10 03:48:37 +0300 |
|---|---|---|
| committer | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-09-10 03:48:37 +0300 |
| commit | 82b14995f69b7302292629cb1756f2d188c2bc51 (patch) | |
| tree | cc4b23b84ee439d550ce442a6836874a799c8d51 | |
| parent | 5689383cef5a2229839af77691f4cd67afd00635 (diff) | |
mumble: force tls12, stronger default ciphers
| -rw-r--r-- | media-sound/mumble/files/tls12_strong_ciphers.patch | 29 | ||||
| -rw-r--r-- | media-sound/mumble/mumble-scm.ebuild | 1 |
2 files changed, 30 insertions, 0 deletions
diff --git a/media-sound/mumble/files/tls12_strong_ciphers.patch b/media-sound/mumble/files/tls12_strong_ciphers.patch new file mode 100644 index 0000000..0a1adde --- /dev/null +++ b/media-sound/mumble/files/tls12_strong_ciphers.patch @@ -0,0 +1,29 @@ +diff --git a/src/Connection.cpp b/src/Connection.cpp +index 3b67c2c2..cee57657 100644 +--- a/src/Connection.cpp ++++ b/src/Connection.cpp +@@ -25,6 +25,10 @@ HANDLE Connection::hQoS = NULL; + Connection::Connection(QObject *p, QSslSocket *qtsSock) : QObject(p) { + qtsSocket = qtsSock; + qtsSocket->setParent(this); ++#if QT_VERSION >= 0x050500 ++ qtsSocket->setProtocol(QSsl::TlsV1_2OrLater); ++#endif ++ + iPacketLength = -1; + bDisconnectedEmitted = false; + +diff --git a/src/SSL.cpp b/src/SSL.cpp +index 9c372569..fe1e5cdb 100644 +--- a/src/SSL.cpp ++++ b/src/SSL.cpp +@@ -40,7 +40,8 @@ void MumbleSSL::destroy() { + } + + QString MumbleSSL::defaultOpenSSLCipherString() { +- return QLatin1String("EECDH+AESGCM:EDH+aRSA+AESGCM:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-SHA:AES128-SHA"); ++ return QLatin1String("DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:DHE-RSA-CAMELLIA256-SHA256:\ ++DHE-RSA-AES128-GCM-SHA256:AES256-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256"); + } + + QList<QSslCipher> MumbleSSL::ciphersFromOpenSSLCipherString(QString cipherString) { diff --git a/media-sound/mumble/mumble-scm.ebuild b/media-sound/mumble/mumble-scm.ebuild index 03c9098..81ebc89 100644 --- a/media-sound/mumble/mumble-scm.ebuild +++ b/media-sound/mumble/mumble-scm.ebuild @@ -53,6 +53,7 @@ DEPEND="${RDEPEND} PATCHES=( "${FILESDIR}"/gcc.patch + "${FILESDIR}"/tls12_strong_ciphers.patch ) #S="${WORKDIR}/${MY_P}" |