SSL/TLS sockets

[Brad Hards]

On Monday 15 October 2007 07:41:23 am Andreas Hartmetz wrote:
> I just wanted to tell you that I'm working on getting functional SSL
> support in a class called KTcpSocket that mimics QTcpSocket's and
> QSslSocket's API, but with startTls() and common KDE settings support and
> the possibility to add Fancy Stuff as needed. KSocketFactory will probably
> become obsolete. KTcpSocket is supposed to be an all-in-one stream (not
> datagram) socket where encryption is just a setting.
> Note that the scope of this undertaking is larger than having SSL work
> again (only) in KIO, for hopefully little extra effort.
> The class does not inherit QAbstractSocket, only QIODevice. Thiago
> suggested the basic design and implemented a skeleton of some hundred lines
> to give me a quick start, let's see how far I can get. Quite far I hope.
Along with most other people, I am looking forward to this happening. I'm also 
willing to lend a hand, if needed. 

> The backend aka Engine will be theoretically (and hopefully in practice,
> too) pluggable. At the moment I'm doing an engine using QCA::TLS. Justin
> Karneges, QCA main developer, told me that he is planning to maintain it
> for quite some time, and it has the features already implemented in a
> rather easy to use way.
Note that QCA is (again, at least theoretically) itself pluggable. The only 
backend we have that does TLS at the moment is OpenSSL based, but NSS and 
GnuTLS are long term possibilities. It might even be possible to back it onto 
the windows crypto API.

Brad