[Solved] QSslSocket Error (SSLv2)



  • Hello,

    I'm trying to test my coworkers code on my Debian Testing (Wheezy) Virtual Machine, but keep getting the following errors when creating a new QNetworkRequest and then sending an HTTP post request to an SSL protected URL (https://......)

    Code:
    @QNetworkReply *reply = m_network->post(request,data);@

    bq. QSslSocket: cannot resolve SSLv2_client_method
    QSslSocket: cannot resolve SSLv2_server_method

    So I tried to force SSLv3 on the request:
    @QSslConfiguration config; //after this, above error pops up
    config.setProtocol(QSsl::SslV3);
    request.setSslConfiguration(config);@

    What happens now is, when the debugger gets to the first line to create QSslConfiguration config, I get the same errors as above, but this time when the program keeps going it actually tries to connect but the SSL handshake fails. This is what the output looks like after attempting to force SSLv3 and sending the post request:

    bq. QSslSocket: cannot resolve SSLv2_client_method
    QSslSocket: cannot resolve SSLv2_server_method
    SSL handshake failed

    I get the last string out from QNetworkReply's errorString(), in the network reply slot

    Since my coworker uses Ubuntu Oneiric on his machine, and I'm using Debian Testing on my VM, it leads me to believe that there's some problem in Debian's libssl and libssl-dev libraries, but I don't know.

    I'm currently setting up an Ubuntu VM to test this, if it works then I'll be sure it's a Debian issue.
    Any help on this would be appreciated, thanks!



  • Okay, so apparently all I had to do was install libssl-0.98 and it worked. weird stuff.

    Coworker had it installed, along with libssl-1.0.0, from the Ubuntu repositories, so i installed it on Ubuntu and it worked.

    In Debian, libssl-0.98 is available in all repositories except Testing (Wheezy), so I had grab the .deb package of it from the Debian Stable (Squeeze) repository and "dpkg" install it: http://packages.debian.org/squeeze/libssl0.9.8

    I'll mark this as solved :)



  • SSLv2 is broken, so some linux distributions configure it out of openssl 1.0.0 builds.
    You can use QSsl::SecureProtocols to enable the SSL versions which are considered secure as of the Qt release.
    If the web server is configured to use SSLv2, it may need a security upgrade.


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.