For anyone following this, the change is now at: https://codereview.qt-project.org/#/c/113070
On Tue, May 26, 2015 at 12:11 PM, Mikkel Krautz <[email protected]> wrote: > Hi Rich, > > Sorry for the clash of work -- I had this sketch done on Saturday, and > thought I would have more time during the weekend to hack on it. > However that turned out not to be the case, so I threw this out here. > I'll strive to be more communicative in the future. :-) > > WRT tests and docs: I'm aware that they're lacking, this was mainly a > sketch of the API. > > I will upload it as-is to Gerrit and get back to you, so I can get > people's comments early. > > Thanks, > Mikkel > > On Tue, May 26, 2015 at 11:34 AM, Richard Moore <[email protected]> wrote: >> Hi Mikkel, >> >> Please could you upload your change to gerrit so I can review it properly? I >> was actually implementing this yesterday, but since you've got it done I'll >> abandon my change. If you add me as the reviewer then I'll add the other >> relevant people. The change seems mainly okay, but there are a few minor >> things need fixing (some incorrect \since statements, missing autotest >> etc.). >> >> Cheers >> >> Rich. >> >> On 25 May 2015 at 23:16, Mikkel Krautz <[email protected]> wrote: >>> >>> Hi, >>> >>> I've been working on adding the ability to set custom DH parameters >>> for QSslSocket and I want to start discussing an API for the feature, >>> rather than jumping directly to a code review. >>> >>> I have a preliminary patch that adds a sketch of the API I'm envisioning: >>> https://gist.github.com/mkrautz/699f3c7fb22f48b7059c >>> (It's untested, but it builds...) >>> >>> Basically, what I'm envisioning is >>> >>> - An opaque (for the user) QSslDiffieHellmanParameters class. >>> - It loads DH parameters either as PEM or DER via a constructor that >>> takes a QByteArray or a QIODevice (like QSslKey). >>> - After loading, isNull() can be used to check if the DH parameters >>> were loaded, and were valid (OpenSSL backend uses DH_check -- not sure >>> what should be done on SecureTransport, if anything?). >>> - Internally, the QSslDiffieHellmanParameters object stores a >>> DER-encoded version of the parameters. (This makes it easily loadable >>> in both OpenSSL and SecureTransport) >>> - A public QSslConfiguration::setDiffieHellmanParameters() to set the >>> DH parameters. >>> - A public (but not in the public headers) >>> QSslConfiguration::diffieHellmanParameters() for internal use by the >>> backends. >>> - QSslDiffieHellmanParametersPrivate will befriend QSslContext (for >>> OpenSSL) and an equivalent for SecureTransport to allow the >>> implementations to access the DER encoded data of the >>> QSslDiffieHellmanParameters. >>> >>> I did a cursory web search for the ability to set DH parameters for >>> WinRT listeners, but I don't think that's possible -- so I haven't >>> considered that, for now... >>> >>> Let me know what you think. >>> >>> Thanks, >>> Mikkel >>> _______________________________________________ >>> Development mailing list >>> [email protected] >>> http://lists.qt-project.org/mailman/listinfo/development >> >> _______________________________________________ Development mailing list [email protected] http://lists.qt-project.org/mailman/listinfo/development
