Qt:Документация 4.3.2/qsslsocket

Материал из Wiki.crossplatform.ru

Перейти к: навигация, поиск
40px Внимание: Актуальная версия перевода документации находится здесь

__NOTOC__

Image:qt-logo.png

Главная · Все классы · Основные классы · Классы по группам · Модули · Функции

Image:trolltech-logo.png

Содержание

[править] QSslSocket Class Reference
[модуль QtNetwork ]

The QSslSocket class provides an SSL encrypted socket for both clients and servers. Далее...

 #include <QSslSocket>

Inherits QTcpSocket.

Примечание: все функции в этом классе реентерабельны.

Класс был добавлен в Qt 4.3.

[править] Открытые типы

  • enum SslMode { UnencryptedMode, SslClientMode, SslServerMode }

[править] Открытые функции

  • 27 public functions inherited from QAbstractSocket
  • 32 открытые функции, унаследованные от QIODevice
  • 29 открытых функций, унаследованных от QObject

[править] Открытые слоты

  • 1 открытый слот, унаследованный от QObject

[править] Сигналы

[править] Статические открытые члены

  • 5 статических открытых членов, унаследованных от QObject

[править] Дополнительные унаследованные члены

  • 1 свойство, унаследованное от QObject
  • 7 protected functions inherited from QAbstractSocket
  • 5 защищенных функций, унаследованных от QIODevice
  • 7 защищенных функций, унаследованных от QObject
  • 2 protected slots inherited from QAbstractSocket

[править] Подробное описание

The QSslSocket class provides an SSL encrypted socket for both clients and servers.

QSslSocket establishes a secure, encrypted TCP connection you can use for transmitting encrypted data. It can operate in both client and server mode, and it supports modern SSL protocols, including SSLv3 and TLSv1. By default, QSslSocket uses SSLv3, but you can change the SSL protocol by calling setProtocol() as long as you do it before the handshake has started.

SSL encryption operates on top of the existing TCP stream after the socket enters the ConnectedState. There are two simple ways to establish a secure connection using QSslSocket: With an immediate SSL handshake, or with a delayed SSL handshake occurring after the connection has been established in unencrypted mode.

The most common way to use QSslSocket is to construct an object and start a secure connection by calling connectToHostEncrypted(). This method starts an immediate SSL handshake once the connection has been established.

 QSslSocket *socket = new QSslSocket(this);
 connect(socket, SIGNAL(encrypted()), this, SLOT(ready()));
 
 socket->connectToHostEncrypted("imap.example.com", 993);

As with a plain QTcpSocket, QSslSocket enters the HostLookupState, ConnectingState, and finally the ConnectedState, if the connection is successful. The hand shake then starts automatically, and if it succeeds, the encrypted() signal is emitted to indicate the socket has entered the encrypted state and is ready for use.

Note that data can be written to the socket immediately after the return from connectToHostEncrypted() (i.e., before the encrypted() signal is emitted). The data is queued in QSslSocket until after the encrypted() signal is emitted.

An example of using the delayed SSL handshake to secure an existing connection is the case where an SSL server secures an incoming connection. Suppose you create an SSL server class as a subclass of QTcpServer. You would override QTcpServer::incomingConnection() with something like the example below, which first constructs an instance of QSslSocket and then calls setSocketDescriptor() to set the new socket's descriptor to the exiasting one passed in. It then initiates the SSL handshake by calling startServerEncryption().

 void SslServer::incomingConnection(int socketDescriptor)
 {
     QSslSocket *serverSocket = new QSslSocket;
     if (serverSocket->setSocketDescriptor(socketDescriptor)) {
         connect(serverSocket, SIGNAL(encrypted()), this, SLOT(ready()));
         serverSocket->startServerEncryption();
     } else {
         delete serverSocket;
     }
 }

If an error occurs, QSslSocket emits signal sslErrors. In this case, if no action is taken to ignore the error(s), the connection is dropped. To continue, despite the occurrence of an error, you can call ignoreSslErrors(), either from within this slot after the error occurs, or anytime after construction of the QSslSocket and before the connection is attempted. This will allow QSslSocket to ignore the errors it encounters when establishing the identity of the peer. Ignoring errors during an SSL handshake should be used with caution, since a fundamental characteristic of secure connections is that they should be established with a successful handshake.

Once encrypted, you use QSslSocket as a regular QTcpSocket. When readyRead() is emitted, you can call read(), canReadLine() and readLine(), or getChar() to read decrypted data from QSslSocket's internal buffer, and you can call write() or putChar() to write data back to the peer. QSslSocket will automatically encrypt the written data for you, and emit bytesWritten() once the data has been written to the peer.

As a convenience, QSslSocket supports QTcpSocket's blocking functions waitForConnected(), waitForReadyRead(), waitForBytesWritten(), and waitForDisconnected(). It also provides waitForEncrypted(), which will block the calling thread until an encrypted connection has been established.

 QSslSocket socket;
 socket.connectToHostEncrypted("http.example.com", 443);
 if (!socket.waitForEncrypted()) {
     qDebug() << socket.errorString();
     return false;
 }
 
 socket.write("GET / HTTP/1.0\r\n\r\n");
 while (socket.waitForReadyRead())
     qDebug() << socket.readAll().data();

QSslSocket provides an extensive, easy-to-use API for handling cryptographic ciphers, private keys, and local, peer, and Certification Authority (CA) certificates. It also provides an API for handling errors that occur during the handshake phase.

Customize the socket's cryptographic cipher suite before the handshake phase with setCiphers() and setDefaultCiphers(). Customize the socket's local certificate and private key before the handshake phase with setLocalCertificate() and setPrivateKey. Customize the CA certificate database with addCaCertificate(), addCaCertificates(), setCaCertificates(), addDefaultCaCertificate(), addDefaultCaCertificates(), and setDefaultCaCertificates(). For more information about ciphers and certificates, refer to QSslCipher and QSslCertificate.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

See also QSslCertificate, QSslCipher, and QSslError.


[править] Описание типов

[править]
enum QSslSocket::SslMode

Describes the connection modes available for QSslSocket.


Константа Значение Описание
QSslSocket::UnencryptedMode 0 The socket is unencrypted. Its behavior is identical to QTcpSocket.
QSslSocket::SslClientMode 1 The socket is a client-side SSL socket. It is either alreayd encrypted, or it is in the SSL handshake phase (see QSslSocket::isEncrypted()).
QSslSocket::SslServerMode 2 The socket is a client-side SSL socket. It is either already encrypted, or it is in the SSL handshake phase (see QSslSocket::isEncrypted()).

[править] Описание функций-членов

[править]
QSslSocket::QSslSocket ( QObject * parent = 0 )

Constructs a QSslSocket object. parent is passed to QObject's constructor. The new socket's cipher suite is set to the one returned by the static method defaultCiphers().

[править]
QSslSocket::~QSslSocket ()

Destroys the QSslSocket.

[править]
void QSslSocket::abort ()

Закрывает текущее соединение и перезагружает сокет. В отличие от disconnectFromHost(), эта функция немедленно закрывает сокет, очищает буфер записи.

Смотрите также disconnectFromHost() и close().

[править]
void QSslSocket::addCaCertificate ( const QSslCertificate & certificate )

Adds the certificate to this socket's CA certificate database. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate.

To add multiple certificates, use addCaCertificates().

See also caCertificates() and setCaCertificates().

[править]
bool QSslSocket::addCaCertificates ( const QString & path, QSsl::EncodingFormat format = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString )

Searches all files in the path for certificates encoded in the specified format and adds them to this socket's CA certificate database. path can be explicit, or it can contain wildcards in the format specified by syntax. Returns true if one or more certificates are added to the socket's CA certificate database; otherwise returns false.

The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate.

For more precise control, use addCaCertificate().

See also addCaCertificate() and QSslCertificate::fromPath().

[править]
void QSslSocket::addCaCertificates ( const QList< QSslCertificate> & certificates )

Эта перегруженная функция предоставлена для удобства.

Adds the certificates to this socket's CA certificate database. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate.

For more precise control, use addCaCertificate().

See also caCertificates() and addDefaultCaCertificate().

[править]
void QSslSocket::addDefaultCaCertificate ( const QSslCertificate & certificate ) [static]

Adds certificate to the default CA certificate database. Each SSL socket's CA certificate database is initialized to the default CA certificate database.

See also defaultCaCertificates() and addCaCertificates().

[править]
bool QSslSocket::addDefaultCaCertificates ( const QString & path, QSsl::EncodingFormat encoding = QSsl::Pem, QRegExp::PatternSyntax syntax = QRegExp::FixedString ) [static]

Searches all files in the path for certificates with the specified encoding and adds them to the default CA certificate database. path can be an explicit file, or it can contain wildcards in the format specified by syntax. Returns true if any CA certificates are added to the default database.

Each SSL socket's CA certificate database is initialized to the default CA certificate database.

See also defaultCaCertificates(), addCaCertificates(), and addDefaultCaCertificate().

[править]
void QSslSocket::addDefaultCaCertificates ( const QList< QSslCertificate> & certificates ) [static]

Эта перегруженная функция предоставлена для удобства.

Adds certificates to the default CA certificate database. Each SSL socket's CA certificate database is initialized to the default CA certificate database.

See also defaultCaCertificates() and addCaCertificates().

[править]
QList< QSslCertificate> QSslSocket::caCertificates () const

Returns this socket's CA certificate database. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate. It can be moodified prior to the handshake with addCaCertificate(), addCACertificates(), and setCaCertificates().

See also addCaCertificate(), addCaCertificates(), and setCaCertificates().

[править]
QList< QSslCipher> QSslSocket::ciphers () const

Returns this socket's current cryptographic cipher suite. This list is used during the socket's handshake phase for choosing a session cipher. The returned list of ciphers is ordered by descending preference. (i.e., the first cipher in the list is the most preferred cipher). The session cipher will be the first one in the list that is also supported by the peer.

By default, the handshake phase can choose any of the ciphers supported by this system's SSL libraries, which may vary from system to system. The list of ciphers supported by this system's SSL libraries is returned by supportedCiphers(). You can restrict the list of ciphers used for choosing the session cipher for this socket by calling setCiphers() with a subset of the supported ciphers. You can revert to using the entire set by calling setCiphers() with the list returned by supportedCiphers().

You can restrict the list of ciphers used for choosing the session cipher for all sockets by calling setDefaultCiphers() with a subset of the supported ciphers. You can revert to using the entire set by calling setCiphers() with the list returned by supportedCiphers().

See also setCiphers(), defaultCiphers(), setDefaultCiphers(), and supportedCiphers().

[править]
void QSslSocket::connectToHostEncrypted ( const QString & hostName, quint16 port, OpenMode mode = ReadWrite )

Starts an encrypted connection to the device hostName on port, using mode as the OpenMode. This is equivalent to calling connectToHost() to establish the connection, followed by a call to startClientEncryption().

QSslSocket first enters the HostLookupState. Then, after entering either the event loop or one of the waitFor...() functions, it enters the ConnectingState, emits connected(), and then initiates the SSL client handshake. At each state change, QSslSocket emits signal stateChanged().

After initiating the SSL client handshake, if the identity of the peer can't be established, signal sslErrors() is emitted. If you want to ignore the errors and continue connecting, you must call ignoreSslErrors(), either from inside a slot function connected to the sslErrors() signal, or prior to entering encrypted mode. If ignoreSslErrors is not called, the connection is dropped, signal disconnected() is emitted, and QSslSocket returns to the UnconnectedState.

If the SSL handshake is successful, QSslSocket emits encrypted().

 QSslSocket socket;
 connect(&amp;socket, SIGNAL(encrypted()), receiver, SLOT(socketEncrypted()));
 
 socket.connectToHostEncrypted("imap", 993);
 socket->write("1 CAPABILITY\r\n");

Note: The example above shows that text can be written to the socket immediately after requesting the encrypted connection, before the encrypted() signal has been emitted. In such cases, the text is queued in the object and written to the socket after the connection is established and the encrypted() signal has been emitted.

The default for mode is ReadWrite.

If you want to create a QSslSocket on the server side of a connection, you should instead call startServerEncryption() upon receiving the incoming connection through QTcpServer.

See also connectToHost(), startClientEncryption(), waitForConnected(), and waitForEncrypted().

[править]
QList< QSslCertificate> QSslSocket::defaultCaCertificates () [static]

Returns the current default CA certificate database. This database is originally set to your system's default CA certificate database. If no system default database is found, Qt will provide its own default database. You can override the default CA certificate database with your own CA certificate database using setDefaultCaCertificates().

Each SSL socket's CA certificate database is initialized to the default CA certificate database.

See also setDefaultCaCertificates() and caCertificates().

[править]
QList< QSslCipher> QSslSocket::defaultCiphers () [static]

Returns the default cryptographic cipher suite for all sockets in this application. This list is used during the socket's handshake phase when negotiating with the peer to choose a session cipher. The list is ordered by preference (i.e., the first cipher in the list is the most preferred cipher).

By default, the handshake phase can choose any of the ciphers supported by this system's SSL libraries, which may vary from system to system. The list of ciphers supported by this system's SSL libraries is returned by supportedCiphers().

See also setDefaultCiphers() and supportedCiphers().

[править]
void QSslSocket::encrypted () [signal]

This signal is emitted when QSslSocket enters encrypted mode. After this signal has been emitted, QSslSocket::isEncrypted() will return true, and all further transmissions on the socket will be encrypted.

See also QSslSocket::connectToHostEncrypted() and QSslSocket::isEncrypted().

[править]
bool QSslSocket::flush ()

Эта фукнция передаёт по основному сетевому сокету столько байт из внутреннего буфера записи, сколько это возможно без блокировки. Если данные были записаны, функция вернёт true; в противном случае возвращается false.

Call this function if you need QSslSocket to start sending buffered data immediately. Число переданный байт будет зависеть от операционной системы. Преимущественно нет необходимости вызывать эту функцию, так как QAbstractSocket начинает отправку данных автоматически, как только к нему переходит управление. Если этого не происходит, лучше вызывайте waitForBytesWritten() вместо текущей функции.

Смотрите также write() и waitForBytesWritten().

[править]
void QSslSocket::ignoreSslErrors () [slot]

This slot tells QSslSocket to ignore errors during QSslSocket's handshake phase and continue connecting. If you want to continue with the connection even if errors occur during the handshake phase, then you must call this slot, either from a slot connected to sslErrors(), or before the handshake phase. If you don't call this slot, either in response to errors or before the handshake, the connection will be dropped after the sslErrors() signal has been emitted.

If there are no errors during the SSL handshake phase (i.e., the identity of the peer is established with no problems), QSslSocket will not emit the sslErrors() signal, and it is unnecessary to call this function.

Ignoring errors that occur during an SSL handshake should be done with caution. A fundamental characteristic of secure connections is that they should be established with an error free handshake.

See also sslErrors().

[править]
bool QSslSocket::isEncrypted () const

Returns true if the socket is encrypted; otherwise, false is returned.

An encrypted socket encrypts all data that is written by calling write() or putChar() before the data is written to the network, and descrypts all incoming data as the data is received from the network, before you call read(), readLine() or getChar().

QSslSocket emits encrypted() when it enters encrypted mode.

You can call sessionCipher() to find which cryptographic cipher is used to encrypt and decrypt your data.

See also mode().

[править]
QSslCertificate QSslSocket::localCertificate () const

Returns the socket's local certificate, or an empty certificate if no local certificate has been assigned.

See also setLocalCertificate() and privateKey().

[править]
SslMode QSslSocket::mode () const

Returns the current mode for the socket; either UnencryptedMode, where QSslSocket behaves identially to QTcpSocket, or one of SslClientMode or SslServerMode, where the client is either negotiating or in encrypted mode.

When the mode changes, QSslSocket emits modeChanged()

See also SslMode.

[править]
void QSslSocket::modeChanged ( QSslSocket::SslMode mode ) [signal]

This signal is emitted when QSslSocket changes from QSslSocket::UnencryptedMode to either QSslSocket::SslClientMode or QSslSocket::SslServerMode. mode is the new mode.

See also QSslSocket::mode().

[править]
QSslCertificate QSslSocket::peerCertificate () const

Returns the peer's digital certificate (i.e., the immediate certificate of the host you are connected to), or a null certificate, if the peer has not assigned a certificate.

The peer certificate is checked automatically during the handshake phase, so this function is normally used to fetch the certificate for display or for connection diagnostic purposes. It contains information about the peer, including its host name, the certificate issuer, and the peer's public key.

Because the peer certificate is set during the handshake phase, it is safe to access the peer certificate from a slot connected to the sslErrors() signal or the encrypted() signal.

If a null certificate is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.

If you want to check the peer's complete chain of certificates, use peerCertificateChain() to get them all at once.

See also peerCertificateChain().

[править]
QList< QSslCertificate> QSslSocket::peerCertificateChain () const

Returns the peer's chain of digital certificates, or an empty list of certificates.

Peer certificates are checked automatically during the handshake phase. This function is normally used to fetch certificates for display, or for performing connection diagnostics. Certificates contain information about the peer and the certificate issuers, including host name, issuer names, and issuer public keys.

The peer certificates are set in QSslSocket during the handshake phase, so it is safe to call this function from a slot connected to the sslErrors() signal or the encrypted() signal.

If an empty list is returned, it can mean the SSL handshake failed, or it can mean the host you are connected to doesn't have a certificate, or it can mean there is no connection.

If you want to get only the peer's immediate certificate, use peerCertificate().

See also peerCertificate().

[править]
QSslKey QSslSocket::privateKey () const

Returns this socket's private key.

See also setPrivateKey() and localCertificate().

[править]
QSsl::SslProtocol QSslSocket::protocol () const

Returns the socket's SSL protocol. By default, QSsl::SslV3 is used.


Константа Значение
QSslSocket::setProtocol()  ?

See also setProtocol().

[править]
QSslCipher QSslSocket::sessionCipher () const

Returns the socket's cryptographic cipher, or a null cipher if the connection isn't encrypted. The socket's cipher for the session is set during the handshake phase. The cipher is used to encrypt and decrypt data transmitted through the socket.

QSslSocket also provides functions for setting the ordered list of ciphers from which the handshake phase will eventually select the session cipher. This ordered list must be in place before the handshake phase begins.

See also ciphers(), setCiphers(), setDefaultCiphers(), defaultCiphers(), and supportedCiphers().

[править]
void QSslSocket::setCaCertificates ( const QList< QSslCertificate> & certificates )

Sets this socket's CA certificate database to be certificates. The certificate database must be set prior to the SSL handshake. The CA certificate database is used by the socket during the handshake phase to validate the peer's certificate.

The CA certificate database can be reset to the current default CA certificate database by calling this function with the list of CA certificates returned by defaultCaCertificates().

See also caCertificates() and defaultCaCertificates().

[править]
void QSslSocket::setCiphers ( const QList< QSslCipher> & ciphers )

Sets the cryptographic cipher suite for this socket to ciphers, which must contain a subset of the ciphers in the list returned by supportedCiphers().

Restricting the cipher suite must be done before the handshake phase, where the session cipher is chosen.

See also ciphers(), setDefaultCiphers(), and supportedCiphers().

[править]
void QSslSocket::setCiphers ( const QString & ciphers )

Эта перегруженная функция предоставлена для удобства.

Sets the cryptographic cipher suite for this socket to ciphers, which is a colon-separated list of cipher suite names. The ciphers are listed in order of preference, starting with the most preferred cipher. Пример:

 QSslSocket socket;
 socket.setCiphers("DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA");

Each cipher name in ciphers must be the name of a cipher in the list returned by supportedCiphers(). Restricting the cipher suite must be done before the handshake phase, where the session cipher is chosen.

See also ciphers(), setDefaultCiphers(), and supportedCiphers().

[править]
void QSslSocket::setDefaultCaCertificates ( const QList< QSslCertificate> & certificates ) [static]

Sets the default CA certificate database to certificates. The default CA certificate database is originally set to your system's default CA certificate database. If no system default database is found, Qt will provide its own default database. You can override the default CA certificate database with your own CA certificate database using this function.

Each SSL socket's CA certificate database is initialized to the default CA certificate database.

See also defaultCaCertificates() and addDefaultCaCertificate().

[править]
void QSslSocket::setDefaultCiphers ( const QList< QSslCipher> & ciphers ) [static]

Sets the default cryptographic cipher suite for all sockets in this application to ciphers, which must contain a subset of the ciphers in the list returned by supportedCiphers().

Restricting the default cipher suite only affects SSL sockets that perform their handshake phase after the default cipher suite has been changed.

See also setCiphers(), defaultCiphers(), and supportedCiphers().

[править]
void QSslSocket::setLocalCertificate ( const QSslCertificate & certificate )

Sets the socket's local certificate to certificate. The local certificate is necessary if you need to confirm your identity to the peer. It is used together with the private key; if you set the local certificate, you must also set the private key.

The local certificate and private key are always necessary for server sockets, but are also rarely used by client sockets if the server requires the client to authenticate.

See also localCertificate() and setPrivateKey().

[править]
void QSslSocket::setLocalCertificate ( const QString & path, QSsl::EncodingFormat format = QSsl::Pem )

Эта перегруженная функция предоставлена для удобства.

Sets the socket's local certificate to the first one found in file path, which is parsed according to the specified format.

[править]
void QSslSocket::setPrivateKey ( const QSslKey & key )

Sets the socket's private key to key. The private key and the local certificate are used by clients and servers that must prove their identity to SSL peers.

Both the key and the local certificate are required if you are creating an SSL server socket. If you are creating an SSL client socket, the key and local certificate are required if your client must identify itself to an SSL server.

See also privateKey() and setLocalCertificate().

[править]
void QSslSocket::setPrivateKey ( const QString & fileName, QSsl::KeyAlgorithm algorithm = QSsl::Rsa, QSsl::EncodingFormat format = QSsl::Pem, const QByteArray & passPhrase = QByteArray() )

Эта перегруженная функция предоставлена для удобства.

Reads the string in file fileName and decodes it using a specified algorithm and encoding format to construct an SSL key. If the encoded key is encrypted, passPhrase is used to decrypt it.

The socket's private key is set to the constructed key. The private key and the local certificate are used by clients and servers that must prove their identity to SSL peers.

Both the key and the local certificate are required if you are creating an SSL server socket. If you are creating an SSL client socket, the key and local certificate are required if your client must identify itself to an SSL server.

See also privateKey() and setLocalCertificate().

[править]
void QSslSocket::setProtocol ( QSsl::SslProtocol protocol )

Sets the socket's SSL protocol to protocol. This will affect the next initiated handshake; calling this function on an already-encrypted socket will not affect the socket's protocol.

See also protocol().

[править]
bool QSslSocket::setSocketDescriptor ( int socketDescriptor, SocketState state = ConnectedState, OpenMode openMode = ReadWrite )

Initializes QSslSocket with the native socket descriptor socketDescriptor. Возвращает true, если socketDescriptor принят как валидный; в противном случае возвращает false. The socket is opened in the mode specified by openMode, and enters the socket state specified by state.

Note: It is not possible to initialize two sockets with the same native socket descriptor.

Смотрите также socketDescriptor().

[править]
QList< QSslError> QSslSocket::sslErrors () const

Returns a list of the last SSL errors that occurred. This is the same list as QSslSocket passes via the sslErrors() signal. If the connection has been encrypted with no errors, this function will return an empty list.

See also connectToHostEncrypted().

[править]
void QSslSocket::sslErrors ( const QList< QSslError> & errors ) [signal]

Эта перегруженная функция предоставлена для удобства.

QSslSocket emits this signal during the SSL handshake to indicate that an error has occurred while establishing the identity of the peer. The error is usually an indication that QSslSocket is unable to securely identify the peer. Unless any action is taken, the connection will be dropped after this signal has been emitted.

If you want to continue connecting despite the errors that have occurred, you must call QSslSocket::ignoreErrors() from inside a slot connected to this signal. If you need to access the error list at a later point, you can call sslErrors() (without arguments).

errors contains one or more errors that prevent QSslSocket from verifying the identity of the peer.

Note: You cannot use Qt::QueuedConnection when connecting to this signal, or calling QSslSocket::ignoreErrors() will have no effect.

[править]
void QSslSocket::startClientEncryption () [slot]

Starts a delayed SSL handshake for a client connection. This function can be called when the socket is in the ConnectedState but still in the UnencryptedMode. If it is not yet connected, or if it is already encrypted, this function has no effect.

Clients that implement STARTTLS functionality often make use of delayed SSL handshakes. Most other clients can avoid calling this function directly by using connectToHostEncrypted() instead, which automatically performs the handshake.

See also connectToHostEncrypted() and startServerEncryption().

[править]
void QSslSocket::startServerEncryption () [slot]

Starts a delayed SSL handshake for a server connection. This function can be called when the socket is in the ConnectedState but still in UnencryptedMode. If it is not connected or it is already encrypted, the function has no effect.

For server sockets, calling this function is the only way to initiate the SSL handshake. Most servers will call this function immediately upon receiving a connection, or as a result of having received a protocol-specific command to enter SSL mode (e.g, the server may respond to receiving the string "STARTTLS\r\n" by calling this function).

The most common way to implement an SSL server is to create a subclass of QTcpServer and reimplement QTcpServer::incomingConnection(). The returned socket descriptor is then passed to QSslSocket::setSocketDescriptor().

See also connectToHostEncrypted() and startClientEncryption().

[править]
QList< QSslCipher> QSslSocket::supportedCiphers () [static]

Returns the list of cryptographic ciphers supported by this system. This list is set by the system's SSL libraries and may vary from system to system.

See also defaultCiphers(), ciphers(), and setCiphers().

[править]
bool QSslSocket::supportsSsl () [static]

Returns true if this platform supports SSL; otherwise, returns false. If the platform doesn't support SSL, the socket will fail in the connection phase.

[править]
QList< QSslCertificate> QSslSocket::systemCaCertificates () [static]

Returns the system default CA certificate database for your system. This database is normally found in a standard place for your system. If it is not found there, Qt will provide its own default CA certificate database. The CA certificate database returned by this function is used to initialize the database returned by defaultCaCertificates(). You can replace that database with your own with setDefaultCaCertificates().

See also caCertificates(), defaultCaCertificates(), and setDefaultCaCertificates().

[править]
bool QSslSocket::waitForConnected ( int msecs = 30000 )

Waits until the socket is connected, or msecs milliseconds, whichever happens first. Если соединение установлено, возвращает true; если нет - false.

See also QAbstractSocket::waitForConnected().

[править]
bool QSslSocket::waitForDisconnected ( int msecs = 30000 )

Waits until the socket has disconnected or msecs milliseconds, whichever comes first. Если соединение разорвано, функция возвращает true; если нет - false.

See also QAbstractSocket::waitForDisconnected().

[править]
bool QSslSocket::waitForEncrypted ( int msecs = 30000 )

Waits until the socket has completed the SSL handshake and has emitted encrypted(), or msecs milliseconds, whichever comes first. If encrypted() has been emitted, this function returns true; otherwise (e.g., the socket is disconnected, or the SSL handshake fails), false is returned.

The following example waits up to one second for the socket to be encrypted:

 socket->connectToHostEncrypted("imap", 993);
 if (socket->waitForEncrypted(1000))
     qDebug("Encrypted!");

Если задать время таймаута как -1, таймер будет отключён.

See also startClientEncryption(), startServerEncryption(), encrypted(), and isEncrypted().



Copyright © 2007 Trolltech Trademarks
Qt 4.3.2