<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html><head><title>QSsl Class Reference</title><style>h3.fn,span.fn { margin-left: 1cm; text-indent: -1cm }
a:link { color: #004faf; text-decoration: none }
a:visited { color: #672967; text-decoration: none }
td.postheader { font-family: sans-serif }
tr.address { font-family: sans-serif }
body { background: #ffffff; color: black; }
</style></head><body><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr /><td align="left" valign="top" width="32"><img align="left" border="0" height="32" src="images/rb-logo.png" width="32" /></td><td width="1">  </td><td class="postheader" valign="center"><a href="index.html"><font color="#004faf">Home</font></a> · <a href="classes.html"><font color="#004faf">All Classes</font></a> · <a href="modules.html"><font color="#004faf">Modules</font></a></td></table><h1 align="center">QSsl Class Reference<br /><sup><sup>[<a href="qtnetwork.html">QtNetwork</a> module]</sup></sup></h1><p>The QSsl namespace declares enums common to all SSL classes in
<a href="qtnetwork.html">QtNetwork</a>. <a href="#details">More...</a></p>
<h3>Types</h3><ul><li><div class="fn" />enum <b><a href="qssl.html#AlternateNameEntryType-enum">AlternateNameEntryType</a></b> { EmailEntry, DnsEntry }</li><li><div class="fn" />enum <b><a href="qssl.html#EncodingFormat-enum">EncodingFormat</a></b> { Pem, Der }</li><li><div class="fn" />enum <b><a href="qssl.html#KeyAlgorithm-enum">KeyAlgorithm</a></b> { Rsa, Dsa }</li><li><div class="fn" />enum <b><a href="qssl.html#KeyType-enum">KeyType</a></b> { PrivateKey, PublicKey }</li><li><div class="fn" />enum <b><a href="qssl.html#SslOption-enum">SslOption</a></b> { SslOptionDisableEmptyFragments, SslOptionDisableSessionTickets, SslOptionDisableCompression, SslOptionDisableServerNameIndication, SslOptionDisableLegacyRenegotiation }</li><li><div class="fn" />class <b><a href="qssl-ssloptions.html">SslOptions</a></b></li><li><div class="fn" />enum <b><a href="qssl.html#SslProtocol-enum">SslProtocol</a></b> { UnknownProtocol, SslV3, SslV2, TlsV1, ..., SecureProtocols }</li></ul><a name="details" /><hr /><h2>Detailed Description</h2><p>The QSsl namespace declares enums common to all SSL classes in
<a href="qtnetwork.html">QtNetwork</a>.</p>
<hr /><h2>Type Documentation</h2><h3 class="fn"><a name="AlternateNameEntryType-enum" />QSsl.AlternateNameEntryType</h3><p>Describes the key types for alternate name entries in <a href="qsslcertificate.html">QSslCertificate</a>.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.EmailEntry</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">An email entry; the entry contains an email
address that the certificate is valid for.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.DnsEntry</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">A DNS host name entry; the entry contains a
host name entry that the certificate is valid for. The entry may
contain wildcards.</td>
</tr>
</table>
<p><b>See also</b> <a href="qsslcertificate.html#alternateSubjectNames">QSslCertificate.alternateSubjectNames</a>().</p>
<h3 class="fn"><a name="EncodingFormat-enum" />QSsl.EncodingFormat</h3><p>Describes supported encoding formats for certificates and
keys.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.Pem</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">The PEM format.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.Der</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">The DER format.</td>
</tr>
</table>
<h3 class="fn"><a name="KeyAlgorithm-enum" />QSsl.KeyAlgorithm</h3><p>Describes the different key algorithms supported by <a href="qsslkey.html">QSslKey</a>.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.Rsa</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">The RSA algorithm.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.Dsa</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">The DSA algorithm.</td>
</tr>
</table>
<h3 class="fn"><a name="KeyType-enum" />QSsl.KeyType</h3><p>Describes the two types of keys <a href="qsslkey.html">QSslKey</a> supports.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.PrivateKey</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">A private key.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.PublicKey</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">A public key.</td>
</tr>
</table>
<h3 class="fn"><a name="SslOption-enum" />QSsl.SslOption</h3><p>Describes the options that can be used to control the details of
SSL behaviour. These options are generally used to turn features
off to work around buggy servers.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign">
<tt>QSsl.SslOptionDisableEmptyFragments</tt></td>
<td class="topAlign"><tt>0x01</tt></td>
<td class="topAlign">Disables the insertion of empty fragments into
the data when using block ciphers. When enabled, this prevents some
attacks (such as the BEAST attack), however it is incompatible with
some servers.</td>
</tr>
<tr>
<td class="topAlign">
<tt>QSsl.SslOptionDisableSessionTickets</tt></td>
<td class="topAlign"><tt>0x02</tt></td>
<td class="topAlign">Disables the SSL session ticket extension.
This can cause slower connection setup, however some servers are
not compatible with the extension.</td>
</tr>
<tr>
<td class="topAlign">
<tt>QSsl.SslOptionDisableCompression</tt></td>
<td class="topAlign"><tt>0x04</tt></td>
<td class="topAlign">Disables the SSL compression extension. When
enabled, this allows the data being passed over SSL to be
compressed, however some servers are not compatible with this
extension.</td>
</tr>
<tr>
<td class="topAlign">
<tt>QSsl.SslOptionDisableServerNameIndication</tt></td>
<td class="topAlign"><tt>0x08</tt></td>
<td class="topAlign">Disables the SSL server name indication
extension. When enabled, this tells the server the virtual host
being accessed allowing it to respond with the correct
certificate.</td>
</tr>
<tr>
<td class="topAlign">
<tt>QSsl.SslOptionDisableLegacyRenegotiation</tt></td>
<td class="topAlign"><tt>0x10</tt></td>
<td class="topAlign">Disables the older insecure mechanism for
renegotiating the connection parameters. When enabled, this option
can allow connections for legacy servers, but it introduces the
possibility that an attacker could inject plaintext into the SSL
session.</td>
</tr>
</table>
<p>By default, SslOptionDisableEmptyFragments is turned on since
this causes problems with a large number of servers.
SslOptionDisableLegacyRenegotiation is also turned on, since it
introduces a security risk. SslOptionDisableCompression is turned
on to prevent the attack publicised by CRIME. The other options are
turned off.</p>
<p>Note: Availability of above options depends on the version of
the SSL backend in use.</p>
<p>The SslOptions type is a typedef for <a href="qflags.html">QFlags</a><SslOption>. It stores an OR
combination of SslOption values.</p>
<h3 class="fn"><a name="SslProtocol-enum" />QSsl.SslProtocol</h3><p>Describes the protocol of the cipher.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.SslV3</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">SSLv3</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.SslV2</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">SSLv2</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.TlsV1</tt></td>
<td class="topAlign"><tt>2</tt></td>
<td class="topAlign">TLSv1</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.UnknownProtocol</tt></td>
<td class="topAlign"><tt>-1</tt></td>
<td class="topAlign">The cipher's protocol cannot be
determined.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.AnyProtocol</tt></td>
<td class="topAlign"><tt>3</tt></td>
<td class="topAlign">The socket understands SSLv2, SSLv3, and
TLSv1. This value is used by <a href="qsslsocket.html">QSslSocket</a> only.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.TlsV1SslV3</tt></td>
<td class="topAlign"><tt>4</tt></td>
<td class="topAlign">On the client side, this will send a TLS 1.0
Client Hello, enabling TLSv1 and SSLv3 connections. On the server
side, this will enable both SSLv3 and TLSv1 connections.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSsl.SecureProtocols</tt></td>
<td class="topAlign"><tt>5</tt></td>
<td class="topAlign">The default option, using protocols known to
be secure; currently behaves like TlsV1SslV3.</td>
</tr>
</table>
<p>Note: most servers using SSL understand both versions (2 and 3),
but it is recommended to use the latest version only for security
reasons. However, SSL and TLS are not compatible with each other:
if you get unexpected handshake failures, verify that you chose the
correct setting for your protocol.</p>
<address><hr /><div align="center"><table border="0" cellspacing="0" width="100%"><tr class="address"><td align="left" width="25%">PyQt 4.10.3 for X11</td><td align="center" width="50%">Copyright © <a href="http://www.riverbankcomputing.com">Riverbank Computing Ltd</a> and <a href="http://www.qtsoftware.com">Nokia</a> 2012</td><td align="right" width="25%">Qt 4.8.5</td></tr></table></div></address></body></html>
