Closed peterclemenko closed 11 years ago
Probably is ok but it needs to be tested properly with 1) QtNetwork/QWebView https requests 2) Mumble voip. Also this retriggers a Qt and everything Qt dependent to need a rebuild in the deps.
1.x.x OpenSSL cannot be used according to my testing, it does not seem to work well with 4.7.x series Qt.
@cadaver This would be a trivial merge but its not trivial to test. As noted before full qt and other dep rebuild is needed. Test some https pages on a QWebView and use AssetAPI to fetch https refs on a QNetworkAccessManager. Mumble is a bit more tricky to test, but if those two work I suspect mumble will as well as it uses QSslSocket that Is probably what https code does in other places as well (?!).
Testing this now.
Use cases of OpenSSL (assets, webview, Mumble) seem to work just as well as with old version.
The currently built version of OpenSSL has vulnerabilities and is outdated. This pull updates to the newest version of OpenSSL (of the 0.9.8 series), and should not break compatibility.