QT5 and SSL: cannot start handshake on non-plain connection



  • Hello everyone

    I'm trying to create a small aplication using QSslSocket but the application doesn't connect with the pop3 server, the code always finish with the errors:

    @
    QSslSocket::startClientEncryption: cannot start handshake on non-plain connection
    Could not encrypted: The remote host closed the connection
    @

    Now, I'm just trying to connect on "pop.mail.yahoo.com:995" and I tryed almost all solutions on google.

    It's my class Pop3Client ( class from "here":http://qt-apps.org/content/show.php/Pop3Retriever?content=91315 ):
    @
    #define _ERROR(s) std::cerr << s << m_sock->errorString().toStdString() << std::endl
    Pop3Client::Pop3Client(bool readOnly, bool useSsl, bool ignoreRFC1939)
    {
    this->readOnly = readOnly;
    this->useSsl = useSsl;
    this->ignoreRFC1939 = ignoreRFC1939; // according to RFC1939 the response can only be 512 chars
    state = NotConnected;

    m_sock = (useSsl ? new QSslSocket : new QTcpSocket);
    m_sock->blockSignals(true);
    

    }

    bool Pop3Client::Connect(QString host,short unsigned int port)
    {
    if (state == Authorization)
    return true;

    _ERROR("pt1");
    
    if (this->useSsl)
    {
        qobject_cast<QSslSocket *>(m_sock)->connectToHostEncrypted(host,port);
        _ERROR("pt2");
    }
    else
    {
        m_sock->connectToHost(host,port);
    }
    
    if (!m_sock->waitForConnected(-1))
    {
        //qtdebug() << m_sock->error();
        _ERROR("Could not connect: ");
        return false;
    }
    
    _ERROR("pt3");
    
    if(useSsl)
    {
        QList<QSslError> errors = qobject_cast<QSslSocket *>(m_sock)->sslErrors();
    
        std::cerr << "handleSslErrors: ";
        foreach (QSslError e, errors)
        {
            std::cerr << "ssl error: " << e.errorString().toStdString();
        }
    
        qobject_cast<QSslSocket *>(m_sock)->startClientEncryption();
        if(!qobject_cast<QSslSocket *>(m_sock)->waitForEncrypted())
        {
            _ERROR("Could not encrypted: ");
        }
    }
    
    QString response;
    ReadResponse(false,response);
    if (response.startsWith("+OK"))
        state = Authorization;
    else
        return false;
    return true;
    

    }
    @

    The mainwindow:
    @
    #include "mainwindow.h"
    #include "ui_mainwindow.h"
    #include "POP3/Pop3Client.h"
    #include <QSslConfiguration>
    #include <QSslSocket>
    #include <iostream>

    //#include <QWebPage>

    MainWindow::MainWindow(QWidget *parent) :
    QMainWindow(parent),
    ui(new Ui::MainWindow)
    {
    ui->setupUi(this);

    if (!QSslSocket::supportsSsl())
    {
        ui->statusBar->showMessage(tr("This system does not support OpenSSL."));
    }
    
    if(ui->chbSSL->isChecked())
    {
        this->emailClient = new Pop3Client(false, true);
    }
    else
    {
        this->emailClient = new Pop3Client(false, true);
    
    }
    
    ui->webView->load(QUrl("https://qt.gitorious.org/")); //Doesn't work
    ui->webView->show();
    
    ui->webView_2->load(QUrl("http://google.com")); // work
    ui->webView_2->show();
    
    connect(ui->btnConnect, SIGNAL(clicked()), this, SLOT(connectEmail()));
    

    }

    void MainWindow::connectEmail()
    {
    #ifdef QT_NO_SSL
    ui->statusBar->showMessage(tr("No SSL Suport"));
    #endif // MAINWINDOW_H

    ui->statusBar->showMessage(tr("Connecting..."));
    
    if (!this->emailClient->Connect(ui->txtHost->text(),ui->spnPort->value())) //pop.mail.yahoo.com:995
    {
        ui->statusBar->showMessage(tr("Could not connect!!!"));
        return;
    }
    
    ui->statusBar->showMessage(tr("Loging In..."));
    
    if (!this->emailClient->Login("xxx@xxx.com","xxx"))
    {
        ui->statusBar->showMessage(tr("Could not log in!!!"));
        return;
    }
    
    ui->statusBar->showMessage(tr("Connected"));
    

    }

    MainWindow::~MainWindow()
    {
    delete ui;
    }
    @

    Some infos:

    • I'm working with QT 5.0.1 on Windows 7 64bits, but I'm using QT and OpenSSL 32bits
    • I compiled QT 5.0.1 from source with OpenSSL 1.0.1c, everything with Mingw32.
    • QWebView doesn't connect with https pages too
    • supportsSsl() always return true and QT_NO_SSL isn't declared
    • The cmd command works:
      @
      openssl s_client -connect pop.mail.yahoo.com:995 -ssl3
      @

    I'm really needing help with it, I tryed to made it work almost all the week.
    Thanks



  • Finally I found a solution after a lot of research.

    @
    QSslConfiguration sslCfg = QSslConfiguration::defaultConfiguration();
    QList<QSslCertificate> ca_list = sslCfg.caCertificates();
    QList<QSslCertificate> ca_new = QSslCertificate::fromData("CaCertificates");
    ca_list += ca_new;

    sslCfg.setCaCertificates(ca_list);
    
    sslCfg.setProtocol( QSsl::SslV3 );
    
    QSslConfiguration::setDefaultConfiguration(sslCfg);
    

    @

    Just used this after all connections, if I tryed to use QSsl::TlsV1SslV3 or QSsl::AnyProtocol the code ended with "The remote host closed the connection" but if you force to use just the SslV3 the codes works but still showing the error:

    @
    QSslSocket::startClientEncryption: cannot start handshake on non-plain connection
    @


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.