[Development] QWebSockets: Advice wanted on API
Kurt Pattyn
pattyn.kurt at gmail.com
Sun Oct 27 11:07:39 CET 2013
Hi,
I would like to add secure sockets support to the QWebSocket class (see QtWebSockets add-on at https://qt.gitorious.org/qtplayground/websockets).
Currently, a connection is made to a web socket server, as follows:
QWebSocket webSocket;
webSocket.open(QUrl(“ws://someserver”));
Internally, a QTcpSocket is created to set up the connection.
Now, I have 3 options to add secure web sockets:
1. Use a QSslSocket internally when the scheme of the URL is wss.
This would imply that all or most of the SSL related functionality of QSslSocket should be exposed from the QWebSockets class (addCaCertificate(), …), making the QWebSocket API quite humongous.
2. Create a QSslWebSocket subclass
Create a subclass of QWebSockets, analogous to QSslSocket.
In this case, the open() method should accept a QHostAddress and a port number instead of a QUrl (and maybe the open() should be rename to connectToHost()).
Q: Should QWebSocket derive from QIODevice or even QAbstractSocket?
3. Use an IOC principle
Supply a QTcpSocket or a QSslSocket to the constructor of QWebSocket.
Example:
QTcpSocket *pTcpSocket = new QTcpSocket(…);
QWebSocket webSocket(*pTcpSocket);
…
QSslSocket *pSslSocket = new QSslSocket(…);
QList<QSslCertificate> cert = QSslCertificate::fromPath(QStringLiteral("./server.crt"));
QList<QSslError> expectedSslErrors;
expectedSslErrors.append(QSslError(QSslError::SelfSignedCertificate, cert.at(0)));
expectedSslErrors.append(QSslError(QSslError::HostNameMismatch, cert.at(0)));
m_sslSocket->ignoreSslErrors(expectedSslErrors);
QWebSocket webSocket(*pSslSocket);
Personally, I find this approach ‘tricky’, as the QWebSocket class doesn’t have absolute control over the socket anymore.
Your advice is welcome.
More information about the Development
mailing list