[Development] DTLS support in Qt

Timur Pocheptsov timur.pocheptsov at qt.io
Fri Aug 18 22:07:13 CEST 2017


> Should *I* contribute it?


Well, yes, please, otherwise I'll do it myself 😊


> If NO:
Then who will write it? When?


I will, 5.11.


> Then what module should it be in?


Option 'a' is optimal.

________________________________
From: Development <development-bounces+timur.pocheptsov=qt.io at qt-project.org> on behalf of Thiago Macieira <thiago.macieira at intel.com>
Sent: Friday, August 18, 2017 8:57:09 PM
To: development at qt-project.org
Subject: [Development] DTLS support in Qt

Hello

Last year at QCS, I joined the Networking discussions and one of my requests
was DTLS support. Everything else needed to support IoT was already in place,
in flight (the QNetworkDatagram class) or I could do it myself (new API for
QNetworkInterface coming soon).

DTLS was the only thing I wasn't allowed to contribute and no one else has
stepped up in the last year.

So I decided to implement it myself. I've now got a proof of concept to
support DTLS over QUdpSocket and it already manages to connect one client and
server, verify the certificate (haven't tested failure) and communicate with
itself, with the "openssl" binary and with "gnutls-serv" binary. I've got
approval from Intel to contribute it.

I'd like Qt to have DTLS support. Should *I* contribute it? This question is
important because there used to be restrictions on "US persons" contributing
cryptography-related code. I need an answer from the Qt Project.

If NO:
Then who will write it? When? Can you finish it by Qt 5.11 feature freeze?

If YES:
Then what module should it be in?
 a) QtNetwork
        Would be ideal, as there are quite a few changes to QSslSocketBackend,
        QSslContext, etc. that are required. We'd also reuse the dynamic OpenSSL
        loading. If I can implement DTLS support in QtNetwork, I can make these
        changes myself.
 b) another module, outside of qtbase
        This module would be licenced LGPLv3, no commercial.
        Not ideal, but workable. The changes I mentioned above would still need to
        be implemented, so we'd need a volunteer to implement them and work with
        me. It shouldn't be too difficult.
 c) not in Qt
        Really not ideal. Would make for a crappy API and would increase the
        development time at least threefold, probably more.

I'll be really disappointed if the answer is "no, we won't accept this
contribution and we won't develop it for 5.11 either".

--
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center

_______________________________________________
Development mailing list
Development at qt-project.org
http://lists.qt-project.org/mailman/listinfo/development
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.qt-project.org/pipermail/development/attachments/20170818/f53230a4/attachment.html>


More information about the Development mailing list