SSL, KDE and Qt
winter at kde.org
Mon Dec 31 00:31:58 CET 2007
On Sunday 30 December 2007 18:22:11 Richard Moore wrote:
> On 12/30/07, Allen Winter <winter at kde.org> wrote:
> > Note that Andreas committed a hack to KTcpSocket that makes https work
> > without the qt-copy patch.
> > An app that bypasses KTcpSocket and uses QSslSocket directly will still be broken.
> > I don't know if there are apps which use QSslSocket directly.
> > So we could conceivably go back to requiring Qt 4.3.3 instead of qt-copy+patches.
> > Comments?
> I think relying on the stock qt is likely to get us much more installs
> than requiring our own patched version. We can add a note to the API
> docs for KTcpSocket specifying how to work around the issue until it
> is addressed properly.
The KTcpSocket API is private. It can only be accessed via kio, which means
a kioslave must be involved somewhere.
So, we are ok with Andreas' hackery inside KTcpSocket. The only problem
occurs if someone tries to use QSslSocket directly. But I don't think we
need to worry about that much.. or do we?
Or, maybe Qt4.3.4 we be released in the next 1-2 days, including this patch,
and we can require that.
So... long story short.. I think we are safe to put the requirement back to Qt4.3.3.
Unless there are objections?
More information about the release-team