Closed peterclemenko closed 11 years ago
jonnenauha
commented
11 years ago Probably is ok but it needs to be tested properly with 1) QtNetwork/QWebView https requests 2) Mumble voip. Also this retriggers a Qt and everything Qt dependent to need a rebuild in the deps.
1.x.x OpenSSL cannot be used according to my testing, it does not seem to work well with 4.7.x series Qt.
jonnenauha
commented
11 years ago @cadaver This would be a trivial merge but its not trivial to test. As noted before full qt and other dep rebuild is needed. Test some https pages on a QWebView and use AssetAPI to fetch https refs on a QNetworkAccessManager. Mumble is a bit more tricky to test, but if those two work I suspect mumble will as well as it uses QSslSocket that Is probably what https code does in other places as well (?!).
cadaver
commented
11 years ago Testing this now.
cadaver
commented
11 years ago Use cases of OpenSSL (assets, webview, Mumble) seem to work just as well as with old version.
The currently built version of OpenSSL has vulnerabilities and is outdated. This pull updates to the newest version of OpenSSL (of the 0.9.8 series), and should not break compatibility.