From 06d4cb580e46a7aee2bbfe253431602b981c2077 Mon Sep 17 00:00:00 2001
From: Albert Vaca <albertvaka@gmail.com>
Date: Wed, 7 Nov 2018 16:28:26 +0100
Subject: [PATCH] Disable bad cipher suites now that we dropped support for
 Android<14

BUG: 400722
---
 core/backends/lan/lanlinkprovider.cpp | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index a59943523..5094cf6f3 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -421,16 +421,11 @@ void LanLinkProvider::deviceLinkDestroyed(QObject* destroyedDeviceLink)
 
 void LanLinkProvider::configureSslSocket(QSslSocket* socket, const QString& deviceId, bool isDeviceTrusted)
 {
-    // Setting supported ciphers manually
-    // Top 3 ciphers are for new Android devices, bottom two are for old Android devices
-    // FIXME : These cipher suites should be checked whether they are supported or not on device
+    // Setting supported ciphers manually, to match those on Android (FIXME: Test if this can be left unconfigured and still works for Android 4)
     QList<QSslCipher> socketCiphers;
     socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-ECDSA-AES256-GCM-SHA384")));
     socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-ECDSA-AES128-GCM-SHA256")));
     socketCiphers.append(QSslCipher(QStringLiteral("ECDHE-RSA-AES128-SHA")));
-    socketCiphers.append(QSslCipher(QStringLiteral("RC4-SHA")));
-    socketCiphers.append(QSslCipher(QStringLiteral("RC4-MD5")));
-    socketCiphers.append(QSslCipher(QStringLiteral("DHE-RSA-AES256-SHA")));
 
     // Configure for ssl
     QSslConfiguration sslConfig;