340047 – Displaying SSL Version "SSLv3" on SSLv3-disabled host

Bug 340047 - Displaying SSL Version "SSLv3" on SSLv3-disabled host

Summary: Displaying SSL Version "SSLv3" on SSLv3-disabled host

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	konqueror
Classification:	Applications
Component:	general (show other bugs)
Version:	unspecified
Platform:	Arch Linux Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Konqueror Developers

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-10-17 09:30 UTC by belokurovdmitriy
Modified:	2014-10-22 22:21 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description belokurovdmitriy 2014-10-17 09:30:52 UTC

After disabling SSLv3 in apache Konqueror keep on displaying SSLv3 in SSL Version on Site Security window.

Reproducible: Always

Steps to Reproduce:
1. Assume we have site with SSLv3 enabled (SSLProtocol all -SSLv2 for example)
2. Open site in Konqueror, open Security details, SSL Version is SSLv3
3. Disable SSLv3 on site (SSLProtocol all -SSLv2 -SSLv3) and restart it.
4. Check if SSLv3 is disabled with script attached here: https://access.redhat.com/articles/1232123 
5. Open site in Konqueror, open Security details

Actual Results:  
SSL Version displays SSLv3

Expected Results:  
SSL Version should display TLS1.*

Comment 1 Dawit Alemayehu 2014-10-22 22:21:26 UTC

This is due to a known upstream issue that cannot be fixed in Qt 4 branch, but has already been fixed upstream for Qt 5.4. See https://bugreports.qt-project.org/browse/QTBUG-42112.

So the problem is one of cosmetic one. That is it is incorrectly displaying "SSLv3" when in reality the connection is actually "TLSv1.x".