[Development] DTLS support in Qt
Thiago Macieira
thiago.macieira at intel.com
Fri Aug 18 20:57:09 CEST 2017
Hello
Last year at QCS, I joined the Networking discussions and one of my requests
was DTLS support. Everything else needed to support IoT was already in place,
in flight (the QNetworkDatagram class) or I could do it myself (new API for
QNetworkInterface coming soon).
DTLS was the only thing I wasn't allowed to contribute and no one else has
stepped up in the last year.
So I decided to implement it myself. I've now got a proof of concept to
support DTLS over QUdpSocket and it already manages to connect one client and
server, verify the certificate (haven't tested failure) and communicate with
itself, with the "openssl" binary and with "gnutls-serv" binary. I've got
approval from Intel to contribute it.
I'd like Qt to have DTLS support. Should *I* contribute it? This question is
important because there used to be restrictions on "US persons" contributing
cryptography-related code. I need an answer from the Qt Project.
If NO:
Then who will write it? When? Can you finish it by Qt 5.11 feature freeze?
If YES:
Then what module should it be in?
a) QtNetwork
Would be ideal, as there are quite a few changes to QSslSocketBackend,
QSslContext, etc. that are required. We'd also reuse the dynamic OpenSSL
loading. If I can implement DTLS support in QtNetwork, I can make these
changes myself.
b) another module, outside of qtbase
This module would be licenced LGPLv3, no commercial.
Not ideal, but workable. The changes I mentioned above would still need to
be implemented, so we'd need a volunteer to implement them and work with
me. It shouldn't be too difficult.
c) not in Qt
Really not ideal. Would make for a crappy API and would increase the
development time at least threefold, probably more.
I'll be really disappointed if the answer is "no, we won't accept this
contribution and we won't develop it for 5.11 either".
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
More information about the Development
mailing list