Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-82876

[Windows]: Switch default builds to use Secure Channel for SSL sockets

    XMLWordPrintable

    Details

    • Type: User Story
    • Status: Open
    • Priority: P2: Important
    • Resolution: Unresolved
    • Affects Version/s: 6.1
    • Fix Version/s: 6.1
    • Component/s: Network: SSL
    • Labels:
      None
    • Platform/s:
      Windows
    • Story Points:
      5

      Description

      Switch the default builds to use -schannel configure flag, instead of relying on openssl.

      This would allow users of the default Qt builds that need basic SSL/TLS functionality - like Qt Creator - to not ship OpenSSL libraries.

      This would have following advantages

      • Less issues with packaging
      • Less need to follow up upstream releases for security issues
      • No need to separately declare OpenSSL in export classification documents etc

       

      Anyhow, there are also some loss in functionality (quoting from https://bugreports.qt.io/browse/QTBUG-62637?focusedCommentId=471900):

      • PSK support is not available (documentation from Microsoft is lacking and it seems to be a binary choice (i.e. you either have to use PSK for the connection or PSK is completely unavailable)).
      • TLS 1.3 is not available (there's an enum value for it, but it errors out if you use it).
      • ALPN / HTTP2 is only available for windows 8.1 and up but not available if you compile with MinGW because it doesn't have all the necessary things available.
      • DTLS support is not implemented (can be done, but hasn't been a priority outside of having it work for openssl)
      • Specifying ciphers is not available.
      • this issue

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              Assignee:
              cnn Qt Core & Network
              Reporter:
              kkohne Kai Köhne
              PM Owner:
              Maurice Kalinowski
              RnD Owner:
              Alex Blasche
              Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

                Dates

                Created:
                Updated:

                  Gerrit Reviews

                  There are no open Gerrit changes