QSslSocket
Alon Bar-Lev
alon.barlev at gmail.com
Thu Jun 7 07:01:17 BST 2007
Hello all,
After the discussion of smartcards support in KDE, I've opened a few
feature requests in Trolltech.
---
165594 - QSslKey Suggestion to Add interface to allow override
http://trolltech.com/developer/task-tracker/index_html?method=entry&id=165594
Current state of QSslKey don't even allow setting OpenSSL RSA/DSA
keys, it has no extension and no abstraction.
Smartcard support can be added if a default constructor and
setHandle() are added, or better a key interface is added, or best if
they provide proper abstraction so that no OpenSSL interface be used
(remove the undocumented handle stuff).
165235 - Suggestion: QSslSocket - Differ client certificate/key set
http://trolltech.com/developer/task-tracker/index_html?method=entry&id=165235
This is important for browsers. Currently you must know in advanced if
the peer require client certificate. This is not the case in many
scenarios. I don't know how you planned to use this class with
konqueror without this one.
165234 - Suggestion: QSslSocket - Add verifyPeer signal
http://trolltech.com/developer/task-tracker/index_html?method=entry&id=165234
This is missing feature, TLS/SSL should verify peer before the socket
is opened for business. This is important in term of security.
Reopen
157892 - Allow OpenSSL to be located in non-default include and lib
paths on Windows
http://trolltech.com/developer/task-tracker/index_html?method=entry&id=157892
They are loading OpenSSL shared library dynamically!!! I don't want to
guess why.
As long as they are doing so, the need at least not use hardcoded
library names, so different versions and locations may be specified.
I asked to reopen the Windows bug in order to provide getenv () with
QT_SSL_XXXX variables to specify which library to load. Of course the
hardcoded may remain as defaults.
---
It is so fun to work with their task tracker... You may discuss the
problem freely and watch for changes... And have a complete
description of a what required. Well... at least I wish this was the
case.
So if anyone can push these forward...
Best Regards,
Alon Bar-Lev.
More information about the kde-core-devel
mailing list