[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
i think I have a trace where the issue is: openssl3 openssl's options is a uint64_t, but in qsslsocket_openssl.cpp the method is defined as long QSslSocketBackendPrivate::setupOpenSslOptions(QSsl::SslProtocol protocol, QSsl::SslOptions sslOptions) long on 64bit platforms is 64 bit long, but on armhf (32bit) it is 32bit. see https://www.openssl.org/docs/man3.0/man3/SSL_CTX_set_options.html vs https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_options.html is this already fixed in qt6? the qt5.15 openssl3 is a ubuntu backport, right? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
this should fix the issue this however requires openssl3.0, but that should be ok for ubuntu going forward ** Patch added: "openssl3_set_options.patch" https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603721/+files/openssl3_set_options.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
The attachment "openssl3_set_options.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
actually the first patch was missing something and did not compile ** Patch added: "openssl3_set_options.diff" https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603782/+files/openssl3_set_options.diff ** Patch removed: "openssl3_set_options.patch" https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+attachment/5603721/+files/openssl3_set_options.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
Thank you for the patch! Qt 6 still uses unsigned long: https://code.qt.io/cgit/qt/qtbase.git/tree/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp#n126 Can you please submit your patch to codereview.qt-project.org, or at least file a bug at bugreports.qt.io? We usually don't add patches that were not merged upstream. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
https://bugreports.qt.io/browse/QTBUG-105041 this however has priority low. additionally openssl1.1 and openssl3 are not compatible in this case if libssl is loaded in runtime for 32bit this is only solvable if compiletime forces openssl version to 3 OR 1.1, but then the corresponding version MUST be loaded or someone implements a version check in runtime. Using the q_SSL_CTX_set_options funcion will not work in this case since the symbol is not unique -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3
just a side node on the findings while hunting down this issue in gdb: on armhf I think the calling convention is that integers are passed on registers. uint64 is not a (32bit) integer and since the value passed to SSL_CTX_set_options was not related in any way to the value passed in q_SSL_CTX_set_options I think uint64_t are expected to be on the stack. I cannot tell what value is in that place/where it came from, but it ALWAYS had bit29 set. Bit29 means disable tls1.3. I don't know if i686 has a similar calling convention, but if not and i686 being a little endian architecture, that systems are not affected by this (probably the most important platform being 32bit windows) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
