Details
-
Task
-
Resolution: Unresolved
-
P2: Important
-
None
-
None
-
All
-
5
Description
The way these function are now they are very limited, since they don't indicate the peer which is causing these errors.
peerVerifyError in particular could be used to check and then either ignore or react to errors during the handshake with a connecting client.
sslErrors could, for example, be used to track and block (somehow) repeatedly connecting clients which are always failing.
But without peer info none of this doable.
Moreover the documentation even hints that it's possible to do continue or abort, but doesn't show how.
To summarize:
1. peerVerifyError must have some way to abort the in-progress handshake. peerVerifyError can be expected (and should probably be documented) to be connected as a direct connection.
2. sslErrors must have peer information available so that actions can be taken based on the signal. Even if it's just for logging.
3. Following sslErrors, the user should have support for continuing/finishing the handshake and ignoring the errors presented (similar to QSslSocket's ignoreSslErrors). This might require pause/resume logic (QAbstractSocket::setPauseMode) to be taken into account, and there must be a way to set the pause mode for the server.
4. handshakeInterruptedOnError must be functional, like it would be on QSslSocket
Attachments
Issue Links
- relates to
-
QTBUG-103780 QWebSocket::ignoreSslErrors(const QList<QSslError> &) not working
-
- Closed
-