Details
-
Bug
-
Resolution: Done
-
P2: Important
-
5.3.1, 5.4.0 Beta
-
None
-
Qt 5.3.1 32 bit form qt-project.org
(K)Ubuntu 14.04 32bit & 12.04 32bit
OpenSSL 1.0.1f (with all security updates issued by Canonical)
Description
Setting protocol to QSsl::TlsV1_1 or TlsV1_2 results in the following error:
Network error: 21 - Error creating SSL context ()
Network error: 20 - Unable to init SSL Context:
20 and 21 correspond to QAbstractSocket::SslInternalError and QAbstractSocket::SslInvalidUserDataError respectively.
Looking at the source code of SSL related classes, it seems that TLS 1.1 and 1.2 functions are not resolved in QSslContext::fromConfiguration() (qtbase/src/network/ssl/qsslcontext.cpp:156-169). Therefore context pointer is set to 0, hence the first error message above at qsslcontext.cpp:180 and the second one due to the emitted signal at qsslsocket_openssl.cpp:337.
Not setting any protocol is OK, but Tls1.1 or Tls1.2 is not used then.
These errors do not occur in Windows 7 with the latest OpenSSL version and the same Qt version (5.3.1 32 bit MSVC2101 OpenGL).
The same errors also occur when QSslSocket is used in server mode.
The attached test project reproduces the error. To get the error messages above, enable one of the setProtocol() lines in Test::connectToHost().
OpenSSL's test server is used as follows to test Tls.
Create a server certificate:
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
Run test server:
openssl s_server -cert mycert.pem -accept 4443
Attached test application must be given the server ip and port as command line argumants.
OpenSSL in Ubuntu 14.04 supports TLS1.2:
http://askubuntu.com/a/447930
Attachments
Issue Links
- depends on
-
-
- Closed
-
- relates to
-
-
- Closed
-