On 3 March 2017 at 11:33, Marc Mutz <marc.m...@kdab.com> wrote: > On Friday 03 March 2017 10:43:56 Richard Moore wrote: > [...] > > QSslCipher should be an integer index into a table. The > > fact that it isn't is a poor workaround for weak API from openssl > > Would you mind to expand on that? I don't see any a-priori reason why > QSslCipher can't be fixed to contain an index (qintptr), from a BC pov. > What > in OpenSSL prevents this? > > In order to present info to the user, QSslCipher lets you see things like the cipher, key length, key exchange method etc. etc. however in SSL these are all bundled together as a cipher suite - this is just a 16 bit number (24 bits in SSLv2). What we'd ideally do is just store the number and then look up the other info as needed. Ideally we'd just query the openssl in use for the list of available ciphers which we could store as a list/vector globally. Unfortunately openssl doesn't provide any API for looking up the info given the id (though i've at least partially got this addressed in openssl 1.1). At the moment the code has to do some horrendous parsing of a text representation. Cheers
Rich. > > and poor > > design choices when SSL supported was added to Qt. > > Since it was intended as an example for poor design choices, I feel I > picked > the correct example :) > > Thanks, > Marc > > -- > Marc Mutz <marc.m...@kdab.com> | Senior Software Engineer > KDAB (Deutschland) GmbH & Co.KG, a KDAB Group Company > Tel: +49-30-521325470 > KDAB - The Qt, C++ and OpenGL Experts >
_______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
