[Touch-packages] [Bug 1981807] Re: qt5-network openssl3 armhf does not support tls1.3

Wed, 10 Aug 2022 05:31:00 -0700 

I was not able to test it on Ubuntu because I don't have armhf hardware,
but I have just tested it on a Debian porterbox. The only difference
between Debian bookworm and sid versions of Qt is presence of this
patch.

I used this test code and complied it with qmake && make.

mitya57@harris:~/test$ cat test.pro
CONFIG += debug warn_all
QT = core network
SOURCES = test.cpp

mitya57@harris:~/test$ cat test.cpp
#include <QtCore/QCoreApplication>
#include <QtCore/QDebug>
#include <QtNetwork/QSslConfiguration>
#include <QtNetwork/QSslSocket>

int main(int argc, char **argv) {
    QCoreApplication app(argc, argv);
    QSslSocket s;
    QSslConfiguration cfg = s.sslConfiguration();
    cfg.setProtocol(QSsl::TlsV1_3OrLater);
    s.setSslConfiguration(cfg);
    s.connectToHostEncrypted("www.ubuntu.com", 443);
    s.waitForConnected();
    qDebug() << s.sessionProtocol();
    return 0;
}

Without patch:

(bookworm_armhf-dchroot)mitya57@harris:~/test$ ./test 
-1

With patch:

(sid_armhf-dchroot)mitya57@harris:~/test$ ./test 
15

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1981807

Title:
  qt5-network openssl3 armhf does not support tls1.3

Status in qtbase-opensource-src package in Ubuntu:
  Fix Released
Status in qtbase-opensource-src source package in Jammy:
  Confirmed

Bug description:
  lsb_release
  Description:    Ubuntu 22.04 LTS
  Release:        22.04

  libqt5network5/jammy,now 5.15.3+dfsg-2 armhf
  libssl3/jammy-updates,jammy-security,now 3.0.2-0ubuntu1.6 armhf

  the qt5 armhf version shipped with ubuntu jammy has a regression in
  tls1.3 support (simply missing in runtime).

  openssl supports tls1.3, so the underlying library works.
  x86_64 is obviously not affected
  the short sample applications writes -1 on armhf, 15 on x86_64 (unknown 
protocol vs tls1.3)

          QSslSocket* s = new QSslSocket();
          QSslConfiguration cfg = s->sslConfiguration();
          cfg.setProtocol(QSsl::TlsV1_3OrLater);
          s->setSslConfiguration(cfg);
          s->connectToHostEncrypted("tls13-enabled.server",443);
          s->waitForConnected();
          printf("%d\n",s->sessionProtocol());

  marking it as security since the most secure tls protocol is not used
  on some platforms

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to