<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html><head><title>QSslSocket Class Reference</title><style>h3.fn,span.fn { margin-left: 1cm; text-indent: -1cm }
a:link { color: #004faf; text-decoration: none }
a:visited { color: #672967; text-decoration: none }
td.postheader { font-family: sans-serif }
tr.address { font-family: sans-serif }
body { background: #ffffff; color: black; }
</style></head><body><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr /><td align="left" valign="top" width="32"><img align="left" border="0" height="32" src="images/rb-logo.png" width="32" /></td><td width="1">  </td><td class="postheader" valign="center"><a href="index.html"><font color="#004faf">Home</font></a> · <a href="classes.html"><font color="#004faf">All Classes</font></a> · <a href="modules.html"><font color="#004faf">Modules</font></a></td></table><h1 align="center">QSslSocket Class Reference<br /><sup><sup>[<a href="qtnetwork.html">QtNetwork</a> module]</sup></sup></h1><p>The QSslSocket class provides an SSL encrypted socket for both
clients and servers. <a href="#details">More...</a></p>
<p>Inherits <a href="qtcpsocket.html">QTcpSocket</a>.</p><h3>Types</h3><ul><li><div class="fn" />enum <b><a href="qsslsocket.html#PeerVerifyMode-enum">PeerVerifyMode</a></b> { VerifyNone, QueryPeer, VerifyPeer, AutoVerifyPeer }</li><li><div class="fn" />enum <b><a href="qsslsocket.html#SslMode-enum">SslMode</a></b> { UnencryptedMode, SslClientMode, SslServerMode }</li></ul><h3>Methods</h3><ul><li><div class="fn" /><b><a href="qsslsocket.html#QSslSocket">__init__</a></b> (<i>self</i>, QObject <i>parent</i> = None)</li><li><div class="fn" /><b><a href="qsslsocket.html#abort">abort</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#addCaCertificate">addCaCertificate</a></b> (<i>self</i>, QSslCertificate <i>certificate</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#addCaCertificates">addCaCertificates</a></b> (<i>self</i>, QString <i>path</i>, QSsl.EncodingFormat <i>format</i> = QSsl.Pem, QRegExp.PatternSyntax <i>syntax</i> = QRegExp.FixedString)</li><li><div class="fn" /><b><a href="qsslsocket.html#addCaCertificates-2">addCaCertificates</a></b> (<i>self</i>, list-of-QSslCertificate <i>certificates</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#atEnd">atEnd</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qsslsocket.html#bytesAvailable">bytesAvailable</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qsslsocket.html#bytesToWrite">bytesToWrite</a></b> (<i>self</i>)</li><li><div class="fn" />list-of-QSslCertificate <b><a href="qsslsocket.html#caCertificates">caCertificates</a></b> (<i>self</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#canReadLine">canReadLine</a></b> (<i>self</i>)</li><li><div class="fn" />list-of-QSslCipher <b><a href="qsslsocket.html#ciphers">ciphers</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#close">close</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a></b> (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, QIODevice.OpenMode <i>mode</i> = QIODevice.ReadWrite)</li><li><div class="fn" /><b><a href="qsslsocket.html#connectToHostEncrypted-2">connectToHostEncrypted</a></b> (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, QString <i>sslPeerName</i>, QIODevice.OpenMode <i>mode</i> = QIODevice.ReadWrite)</li><li><div class="fn" /><b><a href="qsslsocket.html#connectToHostImplementation">connectToHostImplementation</a></b> (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, QIODevice.OpenMode <i>openMode</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#disconnectFromHostImplementation">disconnectFromHostImplementation</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qsslsocket.html#encryptedBytesAvailable">encryptedBytesAvailable</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qsslsocket.html#encryptedBytesToWrite">encryptedBytesToWrite</a></b> (<i>self</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#flush">flush</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#ignoreSslErrors">ignoreSslErrors</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#ignoreSslErrors-2">ignoreSslErrors</a></b> (<i>self</i>, list-of-QSslError <i>errors</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#isEncrypted">isEncrypted</a></b> (<i>self</i>)</li><li><div class="fn" />QSslCertificate <b><a href="qsslsocket.html#localCertificate">localCertificate</a></b> (<i>self</i>)</li><li><div class="fn" />SslMode <b><a href="qsslsocket.html#mode">mode</a></b> (<i>self</i>)</li><li><div class="fn" />QSslCertificate <b><a href="qsslsocket.html#peerCertificate">peerCertificate</a></b> (<i>self</i>)</li><li><div class="fn" />list-of-QSslCertificate <b><a href="qsslsocket.html#peerCertificateChain">peerCertificateChain</a></b> (<i>self</i>)</li><li><div class="fn" />int <b><a href="qsslsocket.html#peerVerifyDepth">peerVerifyDepth</a></b> (<i>self</i>)</li><li><div class="fn" />PeerVerifyMode <b><a href="qsslsocket.html#peerVerifyMode">peerVerifyMode</a></b> (<i>self</i>)</li><li><div class="fn" />QString <b><a href="qsslsocket.html#peerVerifyName">peerVerifyName</a></b> (<i>self</i>)</li><li><div class="fn" />QSslKey <b><a href="qsslsocket.html#privateKey">privateKey</a></b> (<i>self</i>)</li><li><div class="fn" />QSsl.SslProtocol <b><a href="qsslsocket.html#protocol">protocol</a></b> (<i>self</i>)</li><li><div class="fn" />str <b><a href="qsslsocket.html#readData">readData</a></b> (<i>self</i>, int <i>maxlen</i>)</li><li><div class="fn" />QSslCipher <b><a href="qsslsocket.html#sessionCipher">sessionCipher</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setCaCertificates">setCaCertificates</a></b> (<i>self</i>, list-of-QSslCertificate <i>certificates</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setCiphers">setCiphers</a></b> (<i>self</i>, list-of-QSslCipher <i>ciphers</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setCiphers-2">setCiphers</a></b> (<i>self</i>, QString <i>ciphers</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a></b> (<i>self</i>, QSslCertificate <i>certificate</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setLocalCertificate-2">setLocalCertificate</a></b> (<i>self</i>, QString <i>path</i>, QSsl.EncodingFormat <i>format</i> = QSsl.Pem)</li><li><div class="fn" /><b><a href="qsslsocket.html#setPeerVerifyDepth">setPeerVerifyDepth</a></b> (<i>self</i>, int <i>depth</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setPeerVerifyMode">setPeerVerifyMode</a></b> (<i>self</i>, PeerVerifyMode <i>mode</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setPeerVerifyName">setPeerVerifyName</a></b> (<i>self</i>, QString <i>hostName</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setPrivateKey">setPrivateKey</a></b> (<i>self</i>, QSslKey <i>key</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setPrivateKey-2">setPrivateKey</a></b> (<i>self</i>, QString <i>fileName</i>, QSsl.KeyAlgorithm <i>algorithm</i> = QSsl.Rsa, QSsl.EncodingFormat <i>format</i> = QSsl.Pem, QByteArray <i>passPhrase</i> = QByteArray())</li><li><div class="fn" /><b><a href="qsslsocket.html#setProtocol">setProtocol</a></b> (<i>self</i>, QSsl.SslProtocol <i>protocol</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setReadBufferSize">setReadBufferSize</a></b> (<i>self</i>, int <i>size</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#setSocketDescriptor">setSocketDescriptor</a></b> (<i>self</i>, int <i>socketDescriptor</i>, QAbstractSocket.SocketState <i>state</i> = QAbstractSocket.ConnectedState, QIODevice.OpenMode <i>mode</i> = QIODevice.ReadWrite)</li><li><div class="fn" /><b><a href="qsslsocket.html#setSocketOption">setSocketOption</a></b> (<i>self</i>, QAbstractSocket.SocketOption <i>option</i>, QVariant <i>value</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setSslConfiguration">setSslConfiguration</a></b> (<i>self</i>, QSslConfiguration <i>config</i>)</li><li><div class="fn" />QVariant <b><a href="qsslsocket.html#socketOption">socketOption</a></b> (<i>self</i>, QAbstractSocket.SocketOption <i>option</i>)</li><li><div class="fn" />QSslConfiguration <b><a href="qsslsocket.html#sslConfiguration">sslConfiguration</a></b> (<i>self</i>)</li><li><div class="fn" />list-of-QSslError <b><a href="qsslsocket.html#sslErrors">sslErrors</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#startClientEncryption">startClientEncryption</a></b> (<i>self</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#startServerEncryption">startServerEncryption</a></b> (<i>self</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#waitForBytesWritten">waitForBytesWritten</a></b> (<i>self</i>, int <i>msecs</i> = 30000)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#waitForConnected">waitForConnected</a></b> (<i>self</i>, int <i>msecs</i> = 30000)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#waitForDisconnected">waitForDisconnected</a></b> (<i>self</i>, int <i>msecs</i> = 30000)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#waitForEncrypted">waitForEncrypted</a></b> (<i>self</i>, int <i>msecs</i> = 30000)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#waitForReadyRead">waitForReadyRead</a></b> (<i>self</i>, int <i>msecs</i> = 30000)</li><li><div class="fn" />int <b><a href="qsslsocket.html#writeData">writeData</a></b> (<i>self</i>, str <i>data</i>)</li></ul><h3>Static Methods</h3><ul><li><div class="fn" /><b><a href="qsslsocket.html#addDefaultCaCertificate">addDefaultCaCertificate</a></b> (QSslCertificate <i>certificate</i>)</li><li><div class="fn" />bool <b><a href="qsslsocket.html#addDefaultCaCertificates">addDefaultCaCertificates</a></b> (QString <i>path</i>, QSsl.EncodingFormat <i>format</i> = QSsl.Pem, QRegExp.PatternSyntax <i>syntax</i> = QRegExp.FixedString)</li><li><div class="fn" /><b><a href="qsslsocket.html#addDefaultCaCertificates-2">addDefaultCaCertificates</a></b> (list-of-QSslCertificate <i>certificates</i>)</li><li><div class="fn" />list-of-QSslCertificate <b><a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a></b> ()</li><li><div class="fn" />list-of-QSslCipher <b><a href="qsslsocket.html#defaultCiphers">defaultCiphers</a></b> ()</li><li><div class="fn" /><b><a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a></b> (list-of-QSslCertificate <i>certificates</i>)</li><li><div class="fn" /><b><a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a></b> (list-of-QSslCipher <i>ciphers</i>)</li><li><div class="fn" />list-of-QSslCipher <b><a href="qsslsocket.html#supportedCiphers">supportedCiphers</a></b> ()</li><li><div class="fn" />bool <b><a href="qsslsocket.html#supportsSsl">supportsSsl</a></b> ()</li><li><div class="fn" />list-of-QSslCertificate <b><a href="qsslsocket.html#systemCaCertificates">systemCaCertificates</a></b> ()</li></ul><h3>Qt Signals</h3><ul><li><div class="fn" />void <b><a href="qsslsocket.html#encrypted">encrypted</a></b> ()</li><li><div class="fn" />void <b><a href="qsslsocket.html#encryptedBytesWritten">encryptedBytesWritten</a></b> (qint64)</li><li><div class="fn" />void <b><a href="qsslsocket.html#modeChanged">modeChanged</a></b> (QSslSocket::SslMode)</li><li><div class="fn" />void <b><a href="qsslsocket.html#peerVerifyError">peerVerifyError</a></b> (const QSslError&)</li><li><div class="fn" />void <b><a href="qsslsocket.html#sslErrors-2">sslErrors</a></b> (const QList<QSslError>&)</li></ul><a name="details" /><hr /><h2>Detailed Description</h2><p>The QSslSocket class provides an SSL encrypted socket for both
clients and servers.</p>
<p>QSslSocket establishes a secure, encrypted TCP connection you
can use for transmitting encrypted data. It can operate in both
client and server mode, and it supports modern SSL protocols,
including SSLv3 and TLSv1. By default, QSslSocket uses TLSv1, but
you can change the SSL protocol by calling <a href="qsslsocket.html#setProtocol">setProtocol</a>() as long as you do
it before the handshake has started.</p>
<p>SSL encryption operates on top of the existing TCP stream after
the socket enters the <a href="qabstractsocket.html#SocketState-enum">ConnectedState</a>. There
are two simple ways to establish a secure connection using
QSslSocket: With an immediate SSL handshake, or with a delayed SSL
handshake occurring after the connection has been established in
unencrypted mode.</p>
<p>The most common way to use QSslSocket is to construct an object
and start a secure connection by calling <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>().
This method starts an immediate SSL handshake once the connection
has been established.</p>
<pre class="cpp">
<span class="type">QSslSocket</span> <span class="operator">*</span>socket <span class="operator">=</span> <span class="keyword">new</span> <span class="type">QSslSocket</span>(<span class="keyword">this</span>);
<a href="qobject.html#connect">connect</a>(socket<span class="operator">,</span> SIGNAL(encrypted())<span class="operator">,</span> <span class="keyword">this</span><span class="operator">,</span> SLOT(ready()));
socket<span class="operator">-</span><span class="operator">></span><a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>(<span class="string">"imap.example.com"</span><span class="operator">,</span> <span class="number">993</span>);
</pre>
<p>As with a plain <a href="qtcpsocket.html">QTcpSocket</a>,
QSslSocket enters the <a href="qabstractsocket.html#SocketState-enum">HostLookupState</a>,
<a href="qabstractsocket.html#SocketState-enum">ConnectingState</a>, and
finally the <a href="qabstractsocket.html#SocketState-enum">ConnectedState</a>, if the
connection is successful. The handshake then starts automatically,
and if it succeeds, the <a href="qsslsocket.html#encrypted">encrypted</a>() signal is emitted to
indicate the socket has entered the encrypted state and is ready
for use.</p>
<p>Note that data can be written to the socket immediately after
the return from <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>()
(i.e., before the <a href="qsslsocket.html#encrypted">encrypted</a>() signal is emitted). The
data is queued in QSslSocket until after the <a href="qsslsocket.html#encrypted">encrypted</a>() signal is emitted.</p>
<p>An example of using the delayed SSL handshake to secure an
existing connection is the case where an SSL server secures an
incoming connection. Suppose you create an SSL server class as a
subclass of <a href="qtcpserver.html">QTcpServer</a>. You would
override <a href="qtcpserver.html#incomingConnection">QTcpServer.incomingConnection</a>()
with something like the example below, which first constructs an
instance of QSslSocket and then calls <a href="qsslsocket.html#setSocketDescriptor">setSocketDescriptor</a>() to
set the new socket's descriptor to the existing one passed in. It
then initiates the SSL handshake by calling <a href="qsslsocket.html#startServerEncryption">startServerEncryption</a>().</p>
<pre class="cpp">
<span class="type">void</span> SslServer<span class="operator">.</span>incomingConnection(<span class="type">int</span> socketDescriptor)
{
<span class="type">QSslSocket</span> <span class="operator">*</span>serverSocket <span class="operator">=</span> <span class="keyword">new</span> <span class="type">QSslSocket</span>;
<span class="keyword">if</span> (serverSocket<span class="operator">-</span><span class="operator">></span>setSocketDescriptor(socketDescriptor)) {
connect(serverSocket<span class="operator">,</span> SIGNAL(encrypted())<span class="operator">,</span> <span class="keyword">this</span><span class="operator">,</span> SLOT(ready()));
serverSocket<span class="operator">-</span><span class="operator">></span>startServerEncryption();
} <span class="keyword">else</span> {
<span class="keyword">delete</span> serverSocket;
}
}
</pre>
<p>If an error occurs, QSslSocket emits the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal. In this case,
if no action is taken to ignore the error(s), the connection is
dropped. To continue, despite the occurrence of an error, you can
call <a href="qsslsocket.html#ignoreSslErrors">ignoreSslErrors</a>(), either
from within this slot after the error occurs, or any time after
construction of the QSslSocket and before the connection is
attempted. This will allow QSslSocket to ignore the errors it
encounters when establishing the identity of the peer. Ignoring
errors during an SSL handshake should be used with caution, since a
fundamental characteristic of secure connections is that they
should be established with a successful handshake.</p>
<p>Once encrypted, you use QSslSocket as a regular <a href="qtcpsocket.html">QTcpSocket</a>. When <a href="qiodevice.html#readyRead">readyRead</a>() is emitted, you can call
<a href="qiodevice.html#read">read</a>(), <a href="qsslsocket.html#canReadLine">canReadLine</a>() and <a href="qiodevice.html#readLine">readLine</a>(), or <a href="qiodevice.html#getChar">getChar</a>() to read decrypted data from
QSslSocket's internal buffer, and you can call <a href="qiodevice.html#write">write</a>() or <a href="qiodevice.html#putChar">putChar</a>() to write data back to the
peer. QSslSocket will automatically encrypt the written data for
you, and emit <a href="qsslsocket.html#encryptedBytesWritten">encryptedBytesWritten</a>()
once the data has been written to the peer.</p>
<p>As a convenience, QSslSocket supports <a href="qtcpsocket.html">QTcpSocket</a>'s blocking functions <a href="qsslsocket.html#waitForConnected">waitForConnected</a>(), <a href="qsslsocket.html#waitForReadyRead">waitForReadyRead</a>(), <a href="qsslsocket.html#waitForBytesWritten">waitForBytesWritten</a>(),
and <a href="qsslsocket.html#waitForDisconnected">waitForDisconnected</a>(). It
also provides <a href="qsslsocket.html#waitForEncrypted">waitForEncrypted</a>(), which
will block the calling thread until an encrypted connection has
been established.</p>
<pre class="cpp">
<span class="type">QSslSocket</span> socket;
socket<span class="operator">.</span><a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>(<span class="string">"http.example.com"</span><span class="operator">,</span> <span class="number">443</span>);
<span class="keyword">if</span> (<span class="operator">!</span>socket<span class="operator">.</span>waitForEncrypted()) {
<a href="qtcore.html#qDebug">qDebug</a>() <span class="operator"><</span><span class="operator"><</span> socket<span class="operator">.</span>errorString();
<span class="keyword">return</span> <span class="keyword">false</span>;
}
socket<span class="operator">.</span><a href="qiodevice.html#write">write</a>(<span class="string">"GET / HTTP/1.0\r\n\r\n"</span>);
<span class="keyword">while</span> (socket<span class="operator">.</span>waitForReadyRead())
<a href="qtcore.html#qDebug">qDebug</a>() <span class="operator"><</span><span class="operator"><</span> socket<span class="operator">.</span><a href="qiodevice.html#readAll">readAll</a>()<span class="operator">.</span>data();
</pre>
<p>QSslSocket provides an extensive, easy-to-use API for handling
cryptographic ciphers, private keys, and local, peer, and
Certification Authority (CA) certificates. It also provides an API
for handling errors that occur during the handshake phase.</p>
<p>The following features can also be customized:</p>
<ul>
<li>The socket's cryptographic cipher suite can be customized
before the handshake phase with <a href="qsslsocket.html#setCiphers">setCiphers</a>() and <a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>().</li>
<li>The socket's local certificate and private key can be
customized before the handshake phase with <a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a>() and
<a href="qsslsocket.html#setPrivateKey">setPrivateKey</a>().</li>
<li>The CA certificate database can be extended and customized with
<a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>(),
<a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>(),
<a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>(),
<a href="qsslsocket.html#addDefaultCaCertificate">addDefaultCaCertificate</a>(),
<a href="qsslsocket.html#addDefaultCaCertificates">addDefaultCaCertificates</a>(),
and <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>().</li>
</ul>
<p><b>Note:</b> If available, root certificates on Unix (excluding
Mac OS X) will be loaded on demand from the standard certificate
directories. If you do not want to load root certificates on
demand, you need to call either the static function <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>()
before the first SSL handshake is made in your application, (e.g.
via "QSslSocket.setDefaultCaCertificates(<a href="qsslsocket.html#systemCaCertificates">QSslSocket.systemCaCertificates</a>());"),
or call <a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>() on your
QSslSocket instance prior to the SSL handshake.</p>
<p>For more information about ciphers and certificates, refer to
<a href="qsslcipher.html">QSslCipher</a> and <a href="qsslcertificate.html">QSslCertificate</a>.</p>
<p>This product includes software developed by the OpenSSL Project
for use in the OpenSSL Toolkit (<a href="http://www.openssl.org/">http://www.openssl.org/</a>).</p>
<p><b>Note:</b> Be aware of the difference between the <a href="qiodevice.html#bytesWritten">bytesWritten</a>() signal and the
<a href="qsslsocket.html#encryptedBytesWritten">encryptedBytesWritten</a>()
signal. For a <a href="qtcpsocket.html">QTcpSocket</a>, <a href="qiodevice.html#bytesWritten">bytesWritten</a>() will get emitted
as soon as data has been written to the TCP socket. For a
QSslSocket, <a href="qiodevice.html#bytesWritten">bytesWritten</a>() will get emitted
when the data is being encrypted and <a href="qsslsocket.html#encryptedBytesWritten">encryptedBytesWritten</a>()
will get emitted as soon as data has been written to the TCP
socket.</p>
<a id="symbian-platform-security-requirements" name="symbian-platform-security-requirements" />
<h3>Symbian Platform Security Requirements</h3>
<p>On Symbian, processes which use this class must have the
<tt>NetworkServices</tt> platform security capability. If the
client process lacks this capability, operations will fail.</p>
<p>Platform security capabilities are added via the <a href="qmake-variable-reference.html#target-capability">TARGET.CAPABILITY</a>
qmake variable.</p>
<hr /><h2>Type Documentation</h2><h3 class="fn"><a name="PeerVerifyMode-enum" />QSslSocket.PeerVerifyMode</h3><p>Describes the peer verification modes for <a href="qsslsocket.html">QSslSocket</a>. The default mode is
AutoVerifyPeer, which selects an appropriate mode depending on the
socket's QSocket.SslMode.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.VerifyNone</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign"><a href="qsslsocket.html">QSslSocket</a> will
not request a certificate from the peer. You can set this mode if
you are not interested in the identity of the other side of the
connection. The connection will still be encrypted, and your socket
will still send its local certificate to the peer if it's
requested.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.QueryPeer</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign"><a href="qsslsocket.html">QSslSocket</a> will
request a certificate from the peer, but does not require this
certificate to be valid. This is useful when you want to display
peer certificate details to the user without affecting the actual
SSL handshake. This mode is the default for servers.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.VerifyPeer</tt></td>
<td class="topAlign"><tt>2</tt></td>
<td class="topAlign"><a href="qsslsocket.html">QSslSocket</a> will
request a certificate from the peer during the SSL handshake phase,
and requires that this certificate is valid. On failure, <a href="qsslsocket.html">QSslSocket</a> will emit the <a href="qsslsocket.html#sslErrors">QSslSocket.sslErrors</a>() signal.
This mode is the default for clients.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.AutoVerifyPeer</tt></td>
<td class="topAlign"><tt>3</tt></td>
<td class="topAlign"><a href="qsslsocket.html">QSslSocket</a> will
automatically use QueryPeer for server sockets and VerifyPeer for
client sockets.</td>
</tr>
</table>
<p>This enum was introduced or modified in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerVerifyMode">QSslSocket.peerVerifyMode</a>().</p>
<h3 class="fn"><a name="SslMode-enum" />QSslSocket.SslMode</h3><p>Describes the connection modes available for <a href="qsslsocket.html">QSslSocket</a>.</p>
<table class="valuelist">
<tr class="odd" valign="top">
<th class="tblConst">Constant</th>
<th class="tblval">Value</th>
<th class="tbldscr">Description</th>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.UnencryptedMode</tt></td>
<td class="topAlign"><tt>0</tt></td>
<td class="topAlign">The socket is unencrypted. Its behavior is
identical to <a href="qtcpsocket.html">QTcpSocket</a>.</td>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.SslClientMode</tt></td>
<td class="topAlign"><tt>1</tt></td>
<td class="topAlign">The socket is a client-side SSL socket. It is
either alreayd encrypted, or it is in the SSL handshake phase (see
<a href="qsslsocket.html#isEncrypted">QSslSocket.isEncrypted</a>()).</td>
</tr>
<tr>
<td class="topAlign"><tt>QSslSocket.SslServerMode</tt></td>
<td class="topAlign"><tt>2</tt></td>
<td class="topAlign">The socket is a server-side SSL socket. It is
either already encrypted, or it is in the SSL handshake phase (see
<a href="qsslsocket.html#isEncrypted">QSslSocket.isEncrypted</a>()).</td>
</tr>
</table>
<hr /><h2>Method Documentation</h2><h3 class="fn"><a name="QSslSocket" />QSslSocket.__init__ (<i>self</i>, <a href="qobject.html">QObject</a> <i>parent</i> = None)</h3><p>The <i>parent</i> argument, if not None, causes <i>self</i> to be owned by Qt instead of PyQt.</p><p>Constructs a <a href="qsslsocket.html">QSslSocket</a> object.
<i>parent</i> is passed to <a href="qobject.html">QObject</a>'s
constructor. The new socket's <a href="qsslcipher.html">cipher</a>
suite is set to the one returned by the static method <a href="qsslsocket.html#defaultCiphers">defaultCiphers</a>().</p>
<h3 class="fn"><a name="abort" />QSslSocket.abort (<i>self</i>)</h3><p>Aborts the current connection and resets the socket. Unlike
<a href="qabstractsocket.html#disconnectFromHost">disconnectFromHost</a>(),
this function immediately closes the socket, clearing any pending
data in the write buffer.</p>
<p><b>See also</b> <a href="qabstractsocket.html#disconnectFromHost">disconnectFromHost</a>()
and <a href="qsslsocket.html#close">close</a>().</p>
<h3 class="fn"><a name="addCaCertificate" />QSslSocket.addCaCertificate (<i>self</i>, <a href="qsslcertificate.html">QSslCertificate</a> <i>certificate</i>)</h3><p>Adds the <i>certificate</i> to this socket's CA certificate
database. The CA certificate database is used by the socket during
the handshake phase to validate the peer's certificate.</p>
<p>To add multiple certificates, use <a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#caCertificates">caCertificates</a>() and <a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>().</p>
<h3 class="fn"><a name="addCaCertificates" />bool QSslSocket.addCaCertificates (<i>self</i>, QString <i>path</i>, <a href="qssl.html#EncodingFormat-enum">QSsl.EncodingFormat</a> <i>format</i> = QSsl.Pem, <a href="qregexp.html#PatternSyntax-enum">QRegExp.PatternSyntax</a> <i>syntax</i> = QRegExp.FixedString)</h3><p>Searches all files in the <i>path</i> for certificates encoded
in the specified <i>format</i> and adds them to this socket's CA
certificate database. <i>path</i> can be explicit, or it can
contain wildcards in the format specified by <i>syntax</i>. Returns
true if one or more certificates are added to the socket's CA
certificate database; otherwise returns false.</p>
<p>The CA certificate database is used by the socket during the
handshake phase to validate the peer's certificate.</p>
<p>For more precise control, use <a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>() and
<a href="qsslcertificate.html#fromPath">QSslCertificate.fromPath</a>().</p>
<h3 class="fn"><a name="addCaCertificates-2" />QSslSocket.addCaCertificates (<i>self</i>, list-of-QSslCertificate <i>certificates</i>)</h3><p>Adds the <i>certificates</i> to this socket's CA certificate
database. The CA certificate database is used by the socket during
the handshake phase to validate the peer's certificate.</p>
<p>For more precise control, use <a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#caCertificates">caCertificates</a>() and <a href="qsslsocket.html#addDefaultCaCertificate">addDefaultCaCertificate</a>().</p>
<h3 class="fn"><a name="addDefaultCaCertificate" />QSslSocket.addDefaultCaCertificate (<a href="qsslcertificate.html">QSslCertificate</a> <i>certificate</i>)</h3><p>Adds <i>certificate</i> to the default CA certificate database.
Each SSL socket's CA certificate database is initialized to the
default CA certificate database.</p>
<p><b>See also</b> <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>()
and <a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>().</p>
<h3 class="fn"><a name="addDefaultCaCertificates" />bool QSslSocket.addDefaultCaCertificates (QString <i>path</i>, <a href="qssl.html#EncodingFormat-enum">QSsl.EncodingFormat</a> <i>format</i> = QSsl.Pem, <a href="qregexp.html#PatternSyntax-enum">QRegExp.PatternSyntax</a> <i>syntax</i> = QRegExp.FixedString)</h3><p>Searches all files in the <i>path</i> for certificates with the
specified <i>encoding</i> and adds them to the default CA
certificate database. <i>path</i> can be an explicit file, or it
can contain wildcards in the format specified by <i>syntax</i>.
Returns true if any CA certificates are added to the default
database.</p>
<p>Each SSL socket's CA certificate database is initialized to the
default CA certificate database.</p>
<p><b>See also</b> <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>(),
<a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>(), and
<a href="qsslsocket.html#addDefaultCaCertificate">addDefaultCaCertificate</a>().</p>
<h3 class="fn"><a name="addDefaultCaCertificates-2" />QSslSocket.addDefaultCaCertificates (list-of-QSslCertificate <i>certificates</i>)</h3><p>Adds <i>certificates</i> to the default CA certificate database.
Each SSL socket's CA certificate database is initialized to the
default CA certificate database.</p>
<p><b>See also</b> <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>()
and <a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>().</p>
<h3 class="fn"><a name="atEnd" />bool QSslSocket.atEnd (<i>self</i>)</h3><p>Reimplemented from <a href="qiodevice.html#atEnd">QIODevice.atEnd</a>().</p>
<h3 class="fn"><a name="bytesAvailable" />int QSslSocket.bytesAvailable (<i>self</i>)</h3><p>Reimplemented from <a href="qiodevice.html#bytesAvailable">QIODevice.bytesAvailable</a>().</p>
<p>Returns the number of decrypted bytes that are immediately
available for reading.</p>
<h3 class="fn"><a name="bytesToWrite" />int QSslSocket.bytesToWrite (<i>self</i>)</h3><p>Reimplemented from <a href="qiodevice.html#bytesToWrite">QIODevice.bytesToWrite</a>().</p>
<p>Returns the number of unencrypted bytes that are waiting to be
encrypted and written to the network.</p>
<h3 class="fn"><a name="caCertificates" />list-of-QSslCertificate QSslSocket.caCertificates (<i>self</i>)</h3><p>Returns this socket's CA certificate database. The CA
certificate database is used by the socket during the handshake
phase to validate the peer's certificate. It can be moodified prior
to the handshake with <a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>(), <a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>(), and
<a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>().</p>
<p><b>Note:</b> On Unix, this method may return an empty list if
the root certificates are loaded on demand.</p>
<p><b>See also</b> <a href="qsslsocket.html#addCaCertificate">addCaCertificate</a>(), <a href="qsslsocket.html#addCaCertificates">addCaCertificates</a>(), and
<a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>().</p>
<h3 class="fn"><a name="canReadLine" />bool QSslSocket.canReadLine (<i>self</i>)</h3><p>Reimplemented from <a href="qiodevice.html#canReadLine">QIODevice.canReadLine</a>().</p>
<p>Returns true if you can read one while line (terminated by a
single ASCII '\n' character) of decrypted characters; otherwise,
false is returned.</p>
<h3 class="fn"><a name="ciphers" />list-of-QSslCipher QSslSocket.ciphers (<i>self</i>)</h3><p>Returns this socket's current cryptographic cipher suite. This
list is used during the socket's handshake phase for choosing a
session cipher. The returned list of ciphers is ordered by
descending preference. (i.e., the first cipher in the list is the
most preferred cipher). The session cipher will be the first one in
the list that is also supported by the peer.</p>
<p>By default, the handshake phase can choose any of the ciphers
supported by this system's SSL libraries, which may vary from
system to system. The list of ciphers supported by this system's
SSL libraries is returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>(). You can
restrict the list of ciphers used for choosing the session cipher
for this socket by calling <a href="qsslsocket.html#setCiphers">setCiphers</a>() with a subset of the
supported ciphers. You can revert to using the entire set by
calling <a href="qsslsocket.html#setCiphers">setCiphers</a>() with
the list returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<p>You can restrict the list of ciphers used for choosing the
session cipher for <i>all</i> sockets by calling <a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>() with a
subset of the supported ciphers. You can revert to using the entire
set by calling <a href="qsslsocket.html#setCiphers">setCiphers</a>() with the list
returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#setCiphers">setCiphers</a>(), <a href="qsslsocket.html#defaultCiphers">defaultCiphers</a>(), <a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>(), and
<a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="close" />QSslSocket.close (<i>self</i>)</h3><p>Reimplemented from <a href="qiodevice.html#close">QIODevice.close</a>().</p>
<h3 class="fn"><a name="connectToHostEncrypted" />QSslSocket.connectToHostEncrypted (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, <a href="qiodevice-openmode.html">QIODevice.OpenMode</a> <i>mode</i> = QIODevice.ReadWrite)</h3><p>Starts an encrypted connection to the device <i>hostName</i> on
<i>port</i>, using <i>mode</i> as the <a href="qiodevice.html#OpenModeFlag-enum">OpenMode</a>. This is equivalent
to calling <a href="qabstractsocket.html#connectToHost">connectToHost</a>() to
establish the connection, followed by a call to <a href="qsslsocket.html#startClientEncryption">startClientEncryption</a>().</p>
<p><a href="qsslsocket.html">QSslSocket</a> first enters the
<a href="qabstractsocket.html#SocketState-enum">HostLookupState</a>. Then,
after entering either the event loop or one of the waitFor...()
functions, it enters the <a href="qabstractsocket.html#SocketState-enum">ConnectingState</a>, emits
<a href="qabstractsocket.html#connected">connected</a>(), and then
initiates the SSL client handshake. At each state change, <a href="qsslsocket.html">QSslSocket</a> emits signal <a href="qabstractsocket.html#stateChanged">stateChanged</a>().</p>
<p>After initiating the SSL client handshake, if the identity of
the peer can't be established, signal <a href="qsslsocket.html#sslErrors">sslErrors</a>() is emitted. If you want
to ignore the errors and continue connecting, you must call
<a href="qsslsocket.html#ignoreSslErrors">ignoreSslErrors</a>(),
either from inside a slot function connected to the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal, or prior to
entering encrypted mode. If <a href="qsslsocket.html#ignoreSslErrors">ignoreSslErrors</a>() is not
called, the connection is dropped, signal <a href="qabstractsocket.html#disconnected">disconnected</a>() is emitted,
and <a href="qsslsocket.html">QSslSocket</a> returns to the
<a href="qabstractsocket.html#SocketState-enum">UnconnectedState</a>.</p>
<p>If the SSL handshake is successful, <a href="qsslsocket.html">QSslSocket</a> emits <a href="qsslsocket.html#encrypted">encrypted</a>().</p>
<pre class="cpp">
<span class="type"><a href="qsslsocket.html">QSslSocket</a></span> socket;
<a href="qobject.html#connect">connect</a>(<span class="operator">&</span>socket<span class="operator">,</span> SIGNAL(encrypted())<span class="operator">,</span> receiver<span class="operator">,</span> SLOT(socketEncrypted()));
socket<span class="operator">.</span>connectToHostEncrypted(<span class="string">"imap"</span><span class="operator">,</span> <span class="number">993</span>);
socket<span class="operator">-</span><span class="operator">></span><a href="qiodevice.html#write">write</a>(<span class="string">"1 CAPABILITY\r\n"</span>);
</pre>
<p><b>Note:</b> The example above shows that text can be written to
the socket immediately after requesting the encrypted connection,
before the <a href="qsslsocket.html#encrypted">encrypted</a>()
signal has been emitted. In such cases, the text is queued in the
object and written to the socket <i>after</i> the connection is
established and the <a href="qsslsocket.html#encrypted">encrypted</a>() signal has been
emitted.</p>
<p>The default for <i>mode</i> is <a href="qiodevice.html#OpenModeFlag-enum">ReadWrite</a>.</p>
<p>If you want to create a <a href="qsslsocket.html">QSslSocket</a>
on the server side of a connection, you should instead call
<a href="qsslsocket.html#startServerEncryption">startServerEncryption</a>()
upon receiving the incoming connection through <a href="qtcpserver.html">QTcpServer</a>.</p>
<p><b>See also</b> <a href="qabstractsocket.html#connectToHost">connectToHost</a>(), <a href="qsslsocket.html#startClientEncryption">startClientEncryption</a>(),
<a href="qsslsocket.html#waitForConnected">waitForConnected</a>(),
and <a href="qsslsocket.html#waitForEncrypted">waitForEncrypted</a>().</p>
<h3 class="fn"><a name="connectToHostEncrypted-2" />QSslSocket.connectToHostEncrypted (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, QString <i>sslPeerName</i>, <a href="qiodevice-openmode.html">QIODevice.OpenMode</a> <i>mode</i> = QIODevice.ReadWrite)</h3><p>This is an overloaded function.</p>
<p>In addition to the original behaviour of connectToHostEncrypted,
this overloaded method enables the usage of a different hostname
(<i>sslPeerName</i>) for the certificate validation instead of the
one used for the TCP connection (<i>hostName</i>).</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>().</p>
<h3 class="fn"><a name="connectToHostImplementation" />QSslSocket.connectToHostImplementation (<i>self</i>, QString <i>hostName</i>, int <i>port</i>, <a href="qiodevice-openmode.html">QIODevice.OpenMode</a> <i>openMode</i>)</h3><p>This method is also a Qt slot with the C++ signature <tt>void connectToHostImplementation(const QString&,quint16,QIODevice::OpenMode)</tt>.</p><h3 class="fn"><a name="defaultCaCertificates" />list-of-QSslCertificate QSslSocket.defaultCaCertificates ()</h3><p>Returns the current default CA certificate database. This
database is originally set to your system's default CA certificate
database. If no system default database is found, an empty database
will be returned. You can override the default CA certificate
database with your own CA certificate database using <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>().</p>
<p>Each SSL socket's CA certificate database is initialized to the
default CA certificate database.</p>
<p><b>Note:</b> On Unix, this method may return an empty list if
the root certificates are loaded on demand.</p>
<p><b>See also</b> <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>()
and <a href="qsslsocket.html#caCertificates">caCertificates</a>().</p>
<h3 class="fn"><a name="defaultCiphers" />list-of-QSslCipher QSslSocket.defaultCiphers ()</h3><p>Returns the default cryptographic cipher suite for all sockets
in this application. This list is used during the socket's
handshake phase when negotiating with the peer to choose a session
cipher. The list is ordered by preference (i.e., the first cipher
in the list is the most preferred cipher).</p>
<p>By default, the handshake phase can choose any of the ciphers
supported by this system's SSL libraries, which may vary from
system to system. The list of ciphers supported by this system's
SSL libraries is returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>() and
<a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="disconnectFromHostImplementation" />QSslSocket.disconnectFromHostImplementation (<i>self</i>)</h3><p>This method is also a Qt slot with the C++ signature <tt>void disconnectFromHostImplementation()</tt>.</p><h3 class="fn"><a name="encryptedBytesAvailable" />int QSslSocket.encryptedBytesAvailable (<i>self</i>)</h3><p>Returns the number of encrypted bytes that are awaiting
decryption. Normally, this function will return 0 because <a href="qsslsocket.html">QSslSocket</a> decrypts its incoming data as soon
as it can.</p>
<p>This function was introduced in Qt 4.4.</p>
<h3 class="fn"><a name="encryptedBytesToWrite" />int QSslSocket.encryptedBytesToWrite (<i>self</i>)</h3><p>Returns the number of encrypted bytes that are waiting to be
written to the network.</p>
<p>This function was introduced in Qt 4.4.</p>
<h3 class="fn"><a name="flush" />bool QSslSocket.flush (<i>self</i>)</h3><p>This function writes as much as possible from the internal write
buffer to the underlying network socket, without blocking. If any
data was written, this function returns true; otherwise false is
returned.</p>
<p>Call this function if you need <a href="qsslsocket.html">QSslSocket</a> to start sending buffered data
immediately. The number of bytes successfully written depends on
the operating system. In most cases, you do not need to call this
function, because <a href="qabstractsocket.html">QAbstractSocket</a> will start sending data
automatically once control goes back to the event loop. In the
absence of an event loop, call <a href="qsslsocket.html#waitForBytesWritten">waitForBytesWritten</a>()
instead.</p>
<p><b>See also</b> <a href="qiodevice.html#write">write</a>() and
<a href="qsslsocket.html#waitForBytesWritten">waitForBytesWritten</a>().</p>
<h3 class="fn"><a name="ignoreSslErrors" />QSslSocket.ignoreSslErrors (<i>self</i>)</h3><p>This method is also a Qt slot with the C++ signature <tt>void ignoreSslErrors()</tt>.</p><p>This slot tells <a href="qsslsocket.html">QSslSocket</a> to
ignore errors during <a href="qsslsocket.html">QSslSocket</a>'s
handshake phase and continue connecting. If you want to continue
with the connection even if errors occur during the handshake
phase, then you must call this slot, either from a slot connected
to <a href="qsslsocket.html#sslErrors">sslErrors</a>(), or before
the handshake phase. If you don't call this slot, either in
response to errors or before the handshake, the connection will be
dropped after the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal has been
emitted.</p>
<p>If there are no errors during the SSL handshake phase (i.e., the
identity of the peer is established with no problems), <a href="qsslsocket.html">QSslSocket</a> will not emit the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal, and it is
unnecessary to call this function.</p>
<p><b>Warning:</b> Be sure to always let the user inspect the
errors reported by the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal, and only call
this method upon confirmation from the user that proceeding is ok.
If there are unexpected errors, the connection should be aborted.
Calling this method without inspecting the actual errors will most
likely pose a security risk for your application. Use it with great
care!</p>
<p><b>See also</b> <a href="qsslsocket.html#sslErrors">sslErrors</a>().</p>
<h3 class="fn"><a name="ignoreSslErrors-2" />QSslSocket.ignoreSslErrors (<i>self</i>, list-of-QSslError <i>errors</i>)</h3><p>This is an overloaded function.</p>
<p>This method tells <a href="qsslsocket.html">QSslSocket</a> to
ignore only the errors given in <i>errors</i>.</p>
<p>Note that you can set the expected certificate in the SSL error:
If, for instance, you want to connect to a server that uses a
self-signed certificate, consider the following snippet:</p>
<pre class="cpp">
<span class="type"><a href="qlist.html">QList</a></span><span class="operator"><</span><span class="type"><a href="qsslcertificate.html">QSslCertificate</a></span><span class="operator">></span> cert <span class="operator">=</span> <span class="type"><a href="qsslcertificate.html">QSslCertificate</a></span><span class="operator">.</span>fromPath(QLatin1String(<span class="string">"server-certificate.pem"</span>));
<span class="type"><a href="qsslerror.html">QSslError</a></span> <a href="qabstractsocket.html#error">error</a>(<span class="type"><a href="qsslerror.html">QSslError</a></span><span class="operator">.</span>SelfSignedCertificate<span class="operator">,</span> cert<span class="operator">.</span>at(<span class="number">0</span>));
<span class="type"><a href="qlist.html">QList</a></span><span class="operator"><</span><span class="type"><a href="qsslerror.html">QSslError</a></span><span class="operator">></span> expectedSslErrors;
expectedSslErrors<span class="operator">.</span>append(error);
<span class="type"><a href="qsslsocket.html">QSslSocket</a></span> socket;
socket<span class="operator">.</span><a href="qsslsocket.html#ignoreSslErrors">ignoreSslErrors</a>(expectedSslErrors);
socket<span class="operator">.</span><a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>(<span class="string">"server.tld"</span><span class="operator">,</span> <span class="number">443</span>);
</pre>
<p>Multiple calls to this function will replace the list of errors
that were passed in previous calls. You can clear the list of
errors you want to ignore by calling this function with an empty
list.</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qsslsocket.html#sslErrors">sslErrors</a>().</p>
<h3 class="fn"><a name="isEncrypted" />bool QSslSocket.isEncrypted (<i>self</i>)</h3><p>Returns true if the socket is encrypted; otherwise, false is
returned.</p>
<p>An encrypted socket encrypts all data that is written by calling
<a href="qiodevice.html#write">write</a>() or <a href="qiodevice.html#putChar">putChar</a>() before the data is written
to the network, and decrypts all incoming data as the data is
received from the network, before you call <a href="qiodevice.html#read">read</a>(), <a href="qiodevice.html#readLine">readLine</a>() or <a href="qiodevice.html#getChar">getChar</a>().</p>
<p><a href="qsslsocket.html">QSslSocket</a> emits <a href="qsslsocket.html#encrypted">encrypted</a>() when it enters
encrypted mode.</p>
<p>You can call <a href="qsslsocket.html#sessionCipher">sessionCipher</a>() to find which
cryptographic cipher is used to encrypt and decrypt your data.</p>
<p><b>See also</b> <a href="qsslsocket.html#mode">mode</a>().</p>
<h3 class="fn"><a name="localCertificate" /><a href="qsslcertificate.html">QSslCertificate</a> QSslSocket.localCertificate (<i>self</i>)</h3><p>Returns the socket's local <a href="qsslcertificate.html">certificate</a>, or an empty certificate if
no local certificate has been assigned.</p>
<p><b>See also</b> <a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a>() and
<a href="qsslsocket.html#privateKey">privateKey</a>().</p>
<h3 class="fn"><a name="mode" /><a href="qsslsocket.html#SslMode-enum">SslMode</a> QSslSocket.mode (<i>self</i>)</h3><p>Returns the current mode for the socket; either <a href="qsslsocket.html#SslMode-enum">UnencryptedMode</a>, where <a href="qsslsocket.html">QSslSocket</a> behaves identially to <a href="qtcpsocket.html">QTcpSocket</a>, or one of <a href="qsslsocket.html#SslMode-enum">SslClientMode</a> or <a href="qsslsocket.html#SslMode-enum">SslServerMode</a>, where the client
is either negotiating or in encrypted mode.</p>
<p>When the mode changes, <a href="qsslsocket.html">QSslSocket</a>
emits <a href="qsslsocket.html#modeChanged">modeChanged</a>()</p>
<p><b>See also</b> <a href="qsslsocket.html#SslMode-enum">SslMode</a>.</p>
<h3 class="fn"><a name="peerCertificate" /><a href="qsslcertificate.html">QSslCertificate</a> QSslSocket.peerCertificate (<i>self</i>)</h3><p>Returns the peer's digital certificate (i.e., the immediate
certificate of the host you are connected to), or a null
certificate, if the peer has not assigned a certificate.</p>
<p>The peer certificate is checked automatically during the
handshake phase, so this function is normally used to fetch the
certificate for display or for connection diagnostic purposes. It
contains information about the peer, including its host name, the
certificate issuer, and the peer's public key.</p>
<p>Because the peer certificate is set during the handshake phase,
it is safe to access the peer certificate from a slot connected to
the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal or
the <a href="qsslsocket.html#encrypted">encrypted</a>() signal.</p>
<p>If a null certificate is returned, it can mean the SSL handshake
failed, or it can mean the host you are connected to doesn't have a
certificate, or it can mean there is no connection.</p>
<p>If you want to check the peer's complete chain of certificates,
use <a href="qsslsocket.html#peerCertificateChain">peerCertificateChain</a>()
to get them all at once.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerCertificateChain">peerCertificateChain</a>().</p>
<h3 class="fn"><a name="peerCertificateChain" />list-of-QSslCertificate QSslSocket.peerCertificateChain (<i>self</i>)</h3><p>Returns the peer's chain of digital certificates, or an empty
list of certificates.</p>
<p>Peer certificates are checked automatically during the handshake
phase. This function is normally used to fetch certificates for
display, or for performing connection diagnostics. Certificates
contain information about the peer and the certificate issuers,
including host name, issuer names, and issuer public keys.</p>
<p>The peer certificates are set in <a href="qsslsocket.html">QSslSocket</a> during the handshake phase, so it
is safe to call this function from a slot connected to the <a href="qsslsocket.html#sslErrors">sslErrors</a>() signal or the <a href="qsslsocket.html#encrypted">encrypted</a>() signal.</p>
<p>If an empty list is returned, it can mean the SSL handshake
failed, or it can mean the host you are connected to doesn't have a
certificate, or it can mean there is no connection.</p>
<p>If you want to get only the peer's immediate certificate, use
<a href="qsslsocket.html#peerCertificate">peerCertificate</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#peerCertificate">peerCertificate</a>().</p>
<h3 class="fn"><a name="peerVerifyDepth" />int QSslSocket.peerVerifyDepth (<i>self</i>)</h3><p>Returns the maximum number of certificates in the peer's
certificate chain to be checked during the SSL handshake phase, or
0 (the default) if no maximum depth has been set, indicating that
the whole certificate chain should be checked.</p>
<p>The certificates are checked in issuing order, starting with the
peer's own certificate, then its issuer's certificate, and so
on.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#setPeerVerifyDepth">setPeerVerifyDepth</a>() and
<a href="qsslsocket.html#peerVerifyMode">peerVerifyMode</a>().</p>
<h3 class="fn"><a name="peerVerifyMode" /><a href="qsslsocket.html#PeerVerifyMode-enum">PeerVerifyMode</a> QSslSocket.peerVerifyMode (<i>self</i>)</h3><p>Returns the socket's verify mode. This mode mode decides whether
<a href="qsslsocket.html">QSslSocket</a> should request a
certificate from the peer (i.e., the client requests a certificate
from the server, or a server requesting a certificate from the
client), and whether it should require that this certificate is
valid.</p>
<p>The default mode is <a href="qsslsocket.html#PeerVerifyMode-enum">AutoVerifyPeer</a>, which
tells <a href="qsslsocket.html">QSslSocket</a> to use <a href="qsslsocket.html#PeerVerifyMode-enum">VerifyPeer</a> for clients
and <a href="qsslsocket.html#PeerVerifyMode-enum">QueryPeer</a> for
servers.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#setPeerVerifyMode">setPeerVerifyMode</a>(),
<a href="qsslsocket.html#peerVerifyDepth">peerVerifyDepth</a>(),
and <a href="qsslsocket.html#mode">mode</a>().</p>
<h3 class="fn"><a name="peerVerifyName" />QString QSslSocket.peerVerifyName (<i>self</i>)</h3><p>Returns the different hostname for the certificate validation,
as set by setPeerVerifyName or by connectToHostEncrypted.</p>
<p>This function was introduced in Qt 4.8.</p>
<p><b>See also</b> <a href="qsslsocket.html#setPeerVerifyName">setPeerVerifyName</a>() and
<a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>().</p>
<h3 class="fn"><a name="privateKey" /><a href="qsslkey.html">QSslKey</a> QSslSocket.privateKey (<i>self</i>)</h3><p>Returns this socket's private key.</p>
<p><b>See also</b> <a href="qsslsocket.html#setPrivateKey">setPrivateKey</a>() and <a href="qsslsocket.html#localCertificate">localCertificate</a>().</p>
<h3 class="fn"><a name="protocol" /><a href="qssl.html#SslProtocol-enum">QSsl.SslProtocol</a> QSslSocket.protocol (<i>self</i>)</h3><p>Returns the socket's SSL protocol. By default, <a href="qssl.html#SslProtocol-enum">QSsl.SecureProtocols</a> is used.</p>
<p><b>See also</b> <a href="qsslsocket.html#setProtocol">setProtocol</a>().</p>
<h3 class="fn"><a name="readData" />str QSslSocket.readData (<i>self</i>, int <i>maxlen</i>)</h3><p>Reimplemented from <a href="qiodevice.html#readData">QIODevice.readData</a>().</p>
<h3 class="fn"><a name="sessionCipher" /><a href="qsslcipher.html">QSslCipher</a> QSslSocket.sessionCipher (<i>self</i>)</h3><p>Returns the socket's cryptographic <a href="qsslcipher.html">cipher</a>, or a null cipher if the connection
isn't encrypted. The socket's cipher for the session is set during
the handshake phase. The cipher is used to encrypt and decrypt data
transmitted through the socket.</p>
<p><a href="qsslsocket.html">QSslSocket</a> also provides functions
for setting the ordered list of ciphers from which the handshake
phase will eventually select the session cipher. This ordered list
must be in place before the handshake phase begins.</p>
<p><b>See also</b> <a href="qsslsocket.html#ciphers">ciphers</a>(),
<a href="qsslsocket.html#setCiphers">setCiphers</a>(), <a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>(),
<a href="qsslsocket.html#defaultCiphers">defaultCiphers</a>(), and
<a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="setCaCertificates" />QSslSocket.setCaCertificates (<i>self</i>, list-of-QSslCertificate <i>certificates</i>)</h3><p>Sets this socket's CA certificate database to be
<i>certificates</i>. The certificate database must be set prior to
the SSL handshake. The CA certificate database is used by the
socket during the handshake phase to validate the peer's
certificate.</p>
<p>The CA certificate database can be reset to the current default
CA certificate database by calling this function with the list of
CA certificates returned by <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#caCertificates">caCertificates</a>() and <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>().</p>
<h3 class="fn"><a name="setCiphers" />QSslSocket.setCiphers (<i>self</i>, list-of-QSslCipher <i>ciphers</i>)</h3><p>Sets the cryptographic cipher suite for this socket to
<i>ciphers</i>, which must contain a subset of the ciphers in the
list returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<p>Restricting the cipher suite must be done before the handshake
phase, where the session cipher is chosen.</p>
<p><b>See also</b> <a href="qsslsocket.html#ciphers">ciphers</a>(),
<a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>(), and
<a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="setCiphers-2" />QSslSocket.setCiphers (<i>self</i>, QString <i>ciphers</i>)</h3><p>Sets the cryptographic cipher suite for this socket to
<i>ciphers</i>, which is a colon-separated list of cipher suite
names. The ciphers are listed in order of preference, starting with
the most preferred cipher. For example:</p>
<pre class="cpp">
<span class="type"><a href="qsslsocket.html">QSslSocket</a></span> socket;
socket<span class="operator">.</span><a href="qsslsocket.html#setCiphers">setCiphers</a>(<span class="string">"DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA"</span>);
</pre>
<p>Each cipher name in <i>ciphers</i> must be the name of a cipher
in the list returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().
Restricting the cipher suite must be done before the handshake
phase, where the session cipher is chosen.</p>
<p><b>See also</b> <a href="qsslsocket.html#ciphers">ciphers</a>(),
<a href="qsslsocket.html#setDefaultCiphers">setDefaultCiphers</a>(), and
<a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="setDefaultCaCertificates" />QSslSocket.setDefaultCaCertificates (list-of-QSslCertificate <i>certificates</i>)</h3><p>Sets the default CA certificate database to <i>certificates</i>.
The default CA certificate database is originally set to your
system's default CA certificate database. You can override the
default CA certificate database with your own CA certificate
database using this function.</p>
<p>Each SSL socket's CA certificate database is initialized to the
default CA certificate database.</p>
<p><b>See also</b> <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>()
and <a href="qsslsocket.html#addDefaultCaCertificate">addDefaultCaCertificate</a>().</p>
<h3 class="fn"><a name="setDefaultCiphers" />QSslSocket.setDefaultCiphers (list-of-QSslCipher <i>ciphers</i>)</h3><p>Sets the default cryptographic cipher suite for all sockets in
this application to <i>ciphers</i>, which must contain a subset of
the ciphers in the list returned by <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<p>Restricting the default cipher suite only affects SSL sockets
that perform their handshake phase after the default cipher suite
has been changed.</p>
<p><b>See also</b> <a href="qsslsocket.html#setCiphers">setCiphers</a>(), <a href="qsslsocket.html#defaultCiphers">defaultCiphers</a>(), and <a href="qsslsocket.html#supportedCiphers">supportedCiphers</a>().</p>
<h3 class="fn"><a name="setLocalCertificate" />QSslSocket.setLocalCertificate (<i>self</i>, <a href="qsslcertificate.html">QSslCertificate</a> <i>certificate</i>)</h3><p>Sets the socket's local certificate to <i>certificate</i>. The
local certificate is necessary if you need to confirm your identity
to the peer. It is used together with the private key; if you set
the local certificate, you must also set the private key.</p>
<p>The local certificate and private key are always necessary for
server sockets, but are also rarely used by client sockets if the
server requires the client to authenticate.</p>
<p><b>See also</b> <a href="qsslsocket.html#localCertificate">localCertificate</a>() and
<a href="qsslsocket.html#setPrivateKey">setPrivateKey</a>().</p>
<h3 class="fn"><a name="setLocalCertificate-2" />QSslSocket.setLocalCertificate (<i>self</i>, QString <i>path</i>, <a href="qssl.html#EncodingFormat-enum">QSsl.EncodingFormat</a> <i>format</i> = QSsl.Pem)</h3><p>This is an overloaded function.</p>
<p>Sets the socket's local <a href="qsslcertificate.html">certificate</a> to the first one found in
file <i>path</i>, which is parsed according to the specified
<i>format</i>.</p>
<h3 class="fn"><a name="setPeerVerifyDepth" />QSslSocket.setPeerVerifyDepth (<i>self</i>, int <i>depth</i>)</h3><p>Sets the maximum number of certificates in the peer's
certificate chain to be checked during the SSL handshake phase, to
<i>depth</i>. Setting a depth of 0 means that no maximum depth is
set, indicating that the whole certificate chain should be
checked.</p>
<p>The certificates are checked in issuing order, starting with the
peer's own certificate, then its issuer's certificate, and so
on.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerVerifyDepth">peerVerifyDepth</a>() and
<a href="qsslsocket.html#setPeerVerifyMode">setPeerVerifyMode</a>().</p>
<h3 class="fn"><a name="setPeerVerifyMode" />QSslSocket.setPeerVerifyMode (<i>self</i>, <a href="qsslsocket.html#PeerVerifyMode-enum">PeerVerifyMode</a> <i>mode</i>)</h3><p>Sets the socket's verify mode to <i>mode</i>. This mode decides
whether <a href="qsslsocket.html">QSslSocket</a> should request a
certificate from the peer (i.e., the client requests a certificate
from the server, or a server requesting a certificate from the
client), and whether it should require that this certificate is
valid.</p>
<p>The default mode is <a href="qsslsocket.html#PeerVerifyMode-enum">AutoVerifyPeer</a>, which
tells <a href="qsslsocket.html">QSslSocket</a> to use <a href="qsslsocket.html#PeerVerifyMode-enum">VerifyPeer</a> for clients
and <a href="qsslsocket.html#PeerVerifyMode-enum">QueryPeer</a> for
servers.</p>
<p>Setting this mode after encryption has started has no effect on
the current connection.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerVerifyMode">peerVerifyMode</a>(), <a href="qsslsocket.html#setPeerVerifyDepth">setPeerVerifyDepth</a>(), and
<a href="qsslsocket.html#mode">mode</a>().</p>
<h3 class="fn"><a name="setPeerVerifyName" />QSslSocket.setPeerVerifyName (<i>self</i>, QString <i>hostName</i>)</h3><p>Sets a different host name, given by <i>hostName</i>, for the
certificate validation instead of the one used for the TCP
connection.</p>
<p>This function was introduced in Qt 4.8.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerVerifyName">peerVerifyName</a>() and <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>().</p>
<h3 class="fn"><a name="setPrivateKey" />QSslSocket.setPrivateKey (<i>self</i>, <a href="qsslkey.html">QSslKey</a> <i>key</i>)</h3><p>Sets the socket's private <a href="qsslkey.html">key</a> to
<i>key</i>. The private key and the local <a href="qsslcertificate.html">certificate</a> are used by clients and
servers that must prove their identity to SSL peers.</p>
<p>Both the key and the local certificate are required if you are
creating an SSL server socket. If you are creating an SSL client
socket, the key and local certificate are required if your client
must identify itself to an SSL server.</p>
<p><b>See also</b> <a href="qsslsocket.html#privateKey">privateKey</a>() and <a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a>().</p>
<h3 class="fn"><a name="setPrivateKey-2" />QSslSocket.setPrivateKey (<i>self</i>, QString <i>fileName</i>, <a href="qssl.html#KeyAlgorithm-enum">QSsl.KeyAlgorithm</a> <i>algorithm</i> = QSsl.Rsa, <a href="qssl.html#EncodingFormat-enum">QSsl.EncodingFormat</a> <i>format</i> = QSsl.Pem, <a href="qbytearray.html">QByteArray</a> <i>passPhrase</i> = QByteArray())</h3><p>This is an overloaded function.</p>
<p>Reads the string in file <i>fileName</i> and decodes it using a
specified <i>algorithm</i> and encoding <i>format</i> to construct
an <a href="qsslkey.html">SSL key</a>. If the encoded key is
encrypted, <i>passPhrase</i> is used to decrypt it.</p>
<p>The socket's private key is set to the constructed key. The
private key and the local <a href="qsslcertificate.html">certificate</a> are used by clients and
servers that must prove their identity to SSL peers.</p>
<p>Both the key and the local certificate are required if you are
creating an SSL server socket. If you are creating an SSL client
socket, the key and local certificate are required if your client
must identify itself to an SSL server.</p>
<p><b>See also</b> <a href="qsslsocket.html#privateKey">privateKey</a>() and <a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a>().</p>
<h3 class="fn"><a name="setProtocol" />QSslSocket.setProtocol (<i>self</i>, <a href="qssl.html#SslProtocol-enum">QSsl.SslProtocol</a> <i>protocol</i>)</h3><p>Sets the socket's SSL protocol to <i>protocol</i>. This will
affect the next initiated handshake; calling this function on an
already-encrypted socket will not affect the socket's protocol.</p>
<p><b>See also</b> <a href="qsslsocket.html#protocol">protocol</a>().</p>
<h3 class="fn"><a name="setReadBufferSize" />QSslSocket.setReadBufferSize (<i>self</i>, int <i>size</i>)</h3><p>Sets the size of <a href="qsslsocket.html">QSslSocket</a>'s
internal read buffer to be <i>size</i> bytes.</p>
<p>This function was introduced in Qt 4.4.</p>
<h3 class="fn"><a name="setSocketDescriptor" />bool QSslSocket.setSocketDescriptor (<i>self</i>, int <i>socketDescriptor</i>, <a href="qabstractsocket.html#SocketState-enum">QAbstractSocket.SocketState</a> <i>state</i> = QAbstractSocket.ConnectedState, <a href="qiodevice-openmode.html">QIODevice.OpenMode</a> <i>mode</i> = QIODevice.ReadWrite)</h3><p>Initializes <a href="qsslsocket.html">QSslSocket</a> with the
native socket descriptor <i>socketDescriptor</i>. Returns true if
<i>socketDescriptor</i> is accepted as a valid socket descriptor;
otherwise returns false. The socket is opened in the mode specified
by <i>openMode</i>, and enters the socket state specified by
<i>state</i>.</p>
<p><b>Note:</b> It is not possible to initialize two sockets with
the same native socket descriptor.</p>
<p><b>See also</b> <a href="qabstractsocket.html#socketDescriptor">socketDescriptor</a>().</p>
<h3 class="fn"><a name="setSocketOption" />QSslSocket.setSocketOption (<i>self</i>, <a href="qabstractsocket.html#SocketOption-enum">QAbstractSocket.SocketOption</a> <i>option</i>, QVariant <i>value</i>)</h3><p>Sets the given <i>option</i> to the value described by
<i>value</i>.</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qsslsocket.html#socketOption">socketOption</a>().</p>
<h3 class="fn"><a name="setSslConfiguration" />QSslSocket.setSslConfiguration (<i>self</i>, <a href="qsslconfiguration.html">QSslConfiguration</a> <i>config</i>)</h3><p>Sets the socket's SSL configuration to be the contents of
<i>configuration</i>. This function sets the local certificate, the
ciphers, the private key and the CA certificates to those stored in
<i>configuration</i>.</p>
<p>It is not possible to set the SSL-state related fields.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#sslConfiguration">sslConfiguration</a>(), <a href="qsslsocket.html#setLocalCertificate">setLocalCertificate</a>(),
<a href="qsslsocket.html#setPrivateKey">setPrivateKey</a>(),
<a href="qsslsocket.html#setCaCertificates">setCaCertificates</a>(), and
<a href="qsslsocket.html#setCiphers">setCiphers</a>().</p>
<h3 class="fn"><a name="socketOption" />QVariant QSslSocket.socketOption (<i>self</i>, <a href="qabstractsocket.html#SocketOption-enum">QAbstractSocket.SocketOption</a> <i>option</i>)</h3><p>Returns the value of the <i>option</i> option.</p>
<p>This function was introduced in Qt 4.6.</p>
<p><b>See also</b> <a href="qsslsocket.html#setSocketOption">setSocketOption</a>().</p>
<h3 class="fn"><a name="sslConfiguration" /><a href="qsslconfiguration.html">QSslConfiguration</a> QSslSocket.sslConfiguration (<i>self</i>)</h3><p>Returns the socket's SSL configuration state. The default SSL
configuration of a socket is to use the default ciphers, default CA
certificates, no local private key or certificate.</p>
<p>The SSL configuration also contains fields that can change with
time without notice.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#setSslConfiguration">setSslConfiguration</a>(),
<a href="qsslsocket.html#localCertificate">localCertificate</a>(),
<a href="qsslsocket.html#peerCertificate">peerCertificate</a>(),
<a href="qsslsocket.html#peerCertificateChain">peerCertificateChain</a>(),
<a href="qsslsocket.html#sessionCipher">sessionCipher</a>(),
<a href="qsslsocket.html#privateKey">privateKey</a>(), <a href="qsslsocket.html#ciphers">ciphers</a>(), and <a href="qsslsocket.html#caCertificates">caCertificates</a>().</p>
<h3 class="fn"><a name="sslErrors" />list-of-QSslError QSslSocket.sslErrors (<i>self</i>)</h3><p>Returns a list of the last SSL errors that occurred. This is the
same list as <a href="qsslsocket.html">QSslSocket</a> passes via
the sslErrors() signal. If the connection has been encrypted with
no errors, this function will return an empty list.</p>
<p><b>See also</b> <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>().</p>
<h3 class="fn"><a name="startClientEncryption" />QSslSocket.startClientEncryption (<i>self</i>)</h3><p>This method is also a Qt slot with the C++ signature <tt>void startClientEncryption()</tt>.</p><p>Starts a delayed SSL handshake for a client connection. This
function can be called when the socket is in the <a href="qabstractsocket.html#SocketState-enum">ConnectedState</a> but
still in the <a href="qsslsocket.html#SslMode-enum">UnencryptedMode</a>. If it is not
yet connected, or if it is already encrypted, this function has no
effect.</p>
<p>Clients that implement STARTTLS functionality often make use of
delayed SSL handshakes. Most other clients can avoid calling this
function directly by using <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>()
instead, which automatically performs the handshake.</p>
<p><b>See also</b> <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>()
and <a href="qsslsocket.html#startServerEncryption">startServerEncryption</a>().</p>
<h3 class="fn"><a name="startServerEncryption" />QSslSocket.startServerEncryption (<i>self</i>)</h3><p>This method is also a Qt slot with the C++ signature <tt>void startServerEncryption()</tt>.</p><p>Starts a delayed SSL handshake for a server connection. This
function can be called when the socket is in the <a href="qabstractsocket.html#SocketState-enum">ConnectedState</a> but
still in <a href="qsslsocket.html#SslMode-enum">UnencryptedMode</a>. If it is not
connected or it is already encrypted, the function has no
effect.</p>
<p>For server sockets, calling this function is the only way to
initiate the SSL handshake. Most servers will call this function
immediately upon receiving a connection, or as a result of having
received a protocol-specific command to enter SSL mode (e.g, the
server may respond to receiving the string "STARTTLS\r\n" by
calling this function).</p>
<p>The most common way to implement an SSL server is to create a
subclass of <a href="qtcpserver.html">QTcpServer</a> and
reimplement <a href="qtcpserver.html#incomingConnection">QTcpServer.incomingConnection</a>().
The returned socket descriptor is then passed to <a href="qsslsocket.html#setSocketDescriptor">QSslSocket.setSocketDescriptor</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>()
and <a href="qsslsocket.html#startClientEncryption">startClientEncryption</a>().</p>
<h3 class="fn"><a name="supportedCiphers" />list-of-QSslCipher QSslSocket.supportedCiphers ()</h3><p>Returns the list of cryptographic ciphers supported by this
system. This list is set by the system's SSL libraries and may vary
from system to system.</p>
<p><b>See also</b> <a href="qsslsocket.html#defaultCiphers">defaultCiphers</a>(), <a href="qsslsocket.html#ciphers">ciphers</a>(), and <a href="qsslsocket.html#setCiphers">setCiphers</a>().</p>
<h3 class="fn"><a name="supportsSsl" />bool QSslSocket.supportsSsl ()</h3><p>Returns true if this platform supports SSL; otherwise, returns
false. If the platform doesn't support SSL, the socket will fail in
the connection phase.</p>
<h3 class="fn"><a name="systemCaCertificates" />list-of-QSslCertificate QSslSocket.systemCaCertificates ()</h3><p>This function provides the CA certificate database provided by
the operating system. The CA certificate database returned by this
function is used to initialize the database returned by <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>().
You can replace that database with your own with <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>().</p>
<p><b>See also</b> <a href="qsslsocket.html#caCertificates">caCertificates</a>(), <a href="qsslsocket.html#defaultCaCertificates">defaultCaCertificates</a>(),
and <a href="qsslsocket.html#setDefaultCaCertificates">setDefaultCaCertificates</a>().</p>
<h3 class="fn"><a name="waitForBytesWritten" />bool QSslSocket.waitForBytesWritten (<i>self</i>, int <i>msecs</i> = 30000)</h3><p>Reimplemented from <a href="qiodevice.html#waitForBytesWritten">QIODevice.waitForBytesWritten</a>().</p>
<h3 class="fn"><a name="waitForConnected" />bool QSslSocket.waitForConnected (<i>self</i>, int <i>msecs</i> = 30000)</h3><p>Waits until the socket is connected, or <i>msecs</i>
milliseconds, whichever happens first. If the connection has been
established, this function returns true; otherwise it returns
false.</p>
<p><b>See also</b> <a href="qabstractsocket.html#waitForConnected">QAbstractSocket.waitForConnected</a>().</p>
<h3 class="fn"><a name="waitForDisconnected" />bool QSslSocket.waitForDisconnected (<i>self</i>, int <i>msecs</i> = 30000)</h3><p>Waits until the socket has disconnected or <i>msecs</i>
milliseconds, whichever comes first. If the connection has been
disconnected, this function returns true; otherwise it returns
false.</p>
<p><b>See also</b> <a href="qabstractsocket.html#waitForDisconnected">QAbstractSocket.waitForDisconnected</a>().</p>
<h3 class="fn"><a name="waitForEncrypted" />bool QSslSocket.waitForEncrypted (<i>self</i>, int <i>msecs</i> = 30000)</h3><p>Waits until the socket has completed the SSL handshake and has
emitted <a href="qsslsocket.html#encrypted">encrypted</a>(), or
<i>msecs</i> milliseconds, whichever comes first. If <a href="qsslsocket.html#encrypted">encrypted</a>() has been emitted, this
function returns true; otherwise (e.g., the socket is disconnected,
or the SSL handshake fails), false is returned.</p>
<p>The following example waits up to one second for the socket to
be encrypted:</p>
<pre class="cpp">
socket<span class="operator">-</span><span class="operator">></span><a href="qsslsocket.html#connectToHostEncrypted">connectToHostEncrypted</a>(<span class="string">"imap"</span><span class="operator">,</span> <span class="number">993</span>);
<span class="keyword">if</span> (socket<span class="operator">-</span><span class="operator">></span>waitForEncrypted(<span class="number">1000</span>))
<a href="qtcore.html#qDebug">qDebug</a>(<span class="string">"Encrypted!"</span>);
</pre>
<p>If msecs is -1, this function will not time out.</p>
<p><b>See also</b> <a href="qsslsocket.html#startClientEncryption">startClientEncryption</a>(),
<a href="qsslsocket.html#startServerEncryption">startServerEncryption</a>(),
<a href="qsslsocket.html#encrypted">encrypted</a>(), and <a href="qsslsocket.html#isEncrypted">isEncrypted</a>().</p>
<h3 class="fn"><a name="waitForReadyRead" />bool QSslSocket.waitForReadyRead (<i>self</i>, int <i>msecs</i> = 30000)</h3><p>Reimplemented from <a href="qiodevice.html#waitForReadyRead">QIODevice.waitForReadyRead</a>().</p>
<h3 class="fn"><a name="writeData" />int QSslSocket.writeData (<i>self</i>, str <i>data</i>)</h3><p>Reimplemented from <a href="qiodevice.html#writeData">QIODevice.writeData</a>().</p>
<hr /><h2>Qt Signal Documentation</h2><h3 class="fn"><a name="encrypted" />void encrypted ()</h3><p>This is the default overload of this signal.</p><p>This signal is emitted when <a href="qsslsocket.html">QSslSocket</a> enters encrypted mode. After this
signal has been emitted, <a href="qsslsocket.html#isEncrypted">QSslSocket.isEncrypted</a>() will
return true, and all further transmissions on the socket will be
encrypted.</p>
<p><b>See also</b> <a href="qsslsocket.html#connectToHostEncrypted">QSslSocket.connectToHostEncrypted</a>()
and <a href="qsslsocket.html#isEncrypted">QSslSocket.isEncrypted</a>().</p>
<h3 class="fn"><a name="encryptedBytesWritten" />void encryptedBytesWritten (qint64)</h3><p>This is the default overload of this signal.</p><p>This signal is emitted when <a href="qsslsocket.html">QSslSocket</a> writes its encrypted data to the
network. The <i>written</i> parameter contains the number of bytes
that were successfully written.</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qiodevice.html#bytesWritten">QIODevice.bytesWritten</a>().</p>
<h3 class="fn"><a name="modeChanged" />void modeChanged (QSslSocket::SslMode)</h3><p>This is the default overload of this signal.</p><p>This signal is emitted when <a href="qsslsocket.html">QSslSocket</a> changes from <a href="qsslsocket.html#SslMode-enum">QSslSocket.UnencryptedMode</a> to
either <a href="qsslsocket.html#SslMode-enum">QSslSocket.SslClientMode</a> or
<a href="qsslsocket.html#SslMode-enum">QSslSocket.SslServerMode</a>.
<i>mode</i> is the new mode.</p>
<p><b>See also</b> <a href="qsslsocket.html#mode">QSslSocket.mode</a>().</p>
<h3 class="fn"><a name="peerVerifyError" />void peerVerifyError (const QSslError&)</h3><p>This is the default overload of this signal.</p><p><a href="qsslsocket.html">QSslSocket</a> can emit this signal
several times during the SSL handshake, before encryption has been
established, to indicate that an error has occurred while
establishing the identity of the peer. The <i>error</i> is usually
an indication that <a href="qsslsocket.html">QSslSocket</a> is
unable to securely identify the peer.</p>
<p>This signal provides you with an early indication when
something's wrong. By connecting to this signal, you can manually
choose to tear down the connection from inside the connected slot
before the handshake has completed. If no action is taken, <a href="qsslsocket.html">QSslSocket</a> will proceed to emitting <a href="qsslsocket.html#sslErrors">QSslSocket.sslErrors</a>().</p>
<p>This function was introduced in Qt 4.4.</p>
<p><b>See also</b> <a href="qsslsocket.html#sslErrors">sslErrors</a>().</p>
<h3 class="fn"><a name="sslErrors-2" />void sslErrors (const QList<QSslError>&)</h3><p>This is the default overload of this signal.</p><p><a href="qsslsocket.html">QSslSocket</a> emits this signal after
the SSL handshake to indicate that one or more errors have occurred
while establishing the identity of the peer. The errors are usually
an indication that <a href="qsslsocket.html">QSslSocket</a> is
unable to securely identify the peer. Unless any action is taken,
the connection will be dropped after this signal has been
emitted.</p>
<p>If you want to continue connecting despite the errors that have
occurred, you must call <a href="qsslsocket.html#ignoreSslErrors">QSslSocket.ignoreSslErrors</a>()
from inside a slot connected to this signal. If you need to access
the error list at a later point, you can call <a href="qsslsocket.html#sslErrors">sslErrors</a>() (without
arguments).</p>
<p><i>errors</i> contains one or more errors that prevent <a href="qsslsocket.html">QSslSocket</a> from verifying the identity of the
peer.</p>
<p>Note: You cannot use <a href="qt.html#ConnectionType-enum">Qt.QueuedConnection</a> when
connecting to this signal, or calling <a href="qsslsocket.html#ignoreSslErrors">QSslSocket.ignoreSslErrors</a>()
will have no effect.</p>
<p><b>See also</b> <a href="qsslsocket.html#peerVerifyError">peerVerifyError</a>().</p>
<address><hr /><div align="center"><table border="0" cellspacing="0" width="100%"><tr class="address"><td align="left" width="25%">PyQt 4.10.3 for X11</td><td align="center" width="50%">Copyright © <a href="http://www.riverbankcomputing.com">Riverbank Computing Ltd</a> and <a href="http://www.qtsoftware.com">Nokia</a> 2012</td><td align="right" width="25%">Qt 4.8.5</td></tr></table></div></address></body></html>
