Static linked openssl causes segfault in Qt application on https requests

adnan · wrote on 28 Apr 2018, 07:05

I have Qt 4.8 app which had been working fine so far on all Linux distros. It dynamically links with system installed the Qt libs on Ubuntu and other Linux distro.

Recently, I added a libcurl dependency to my project, since I needed https, I statically compiled libcurl with openssl 1.1.0h support (to avoid openssl version lock). Now after linking libcurl.a, libcrypto.a and libssl.a with my app the curl functions work fine.

But the existing code which uses QNetworkAccessManager starting seg faulting suddenly. Following is the stacktrace:

(gdb) backtrace
#0  __GI___libc_free (mem=0x55) at malloc.c:2951
#1  0x00000000006916d4 in X509_VERIFY_PARAM_free ()
#2  0x00007fffca7e1ee9 in SSL_free ()
   from /lib/x86_64-linux-gnu/libssl.so.1.0.0
#3  0x00007ffff6e7fd54 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#4  0x00007ffff6e81627 in ?? ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#5  0x00007ffff6e7889c in ?? ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#6  0x00007ffff6e7381d in QSslConfiguration::defaultConfiguration() ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#7  0x00007ffff6e09e53 in QNetworkRequest::sslConfiguration() const ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#8  0x00007ffff6df2143 in QNetworkAccessManager::createRequest(QNetworkAccessManager::Operation, QNetworkRequest const&, QIODevice*) ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4
#9  0x00007ffff6deefc4 in QNetworkAccessManager::get(QNetworkRequest const&) ()
   from /usr/lib/x86_64-linux-gnu/libQtNetwork.so.4

If I use openssl 1.0.0 it starts runnig fine on Linux distros like Ubuntu which have default openssl version as 1.0.0 but segfaults on Fedora 27 which uses openssl version 1.1.0.

It seems Qt tries to load system installed openssl lib and crashes if the version doesn't match with the one linked statically.

Any possible solution, I am stuck with this for days now.

SGaist · wrote on 28 Apr 2018, 21:57

Hi,

Qt uses the 1.0.X branch of OpenSSL. Since 5.10, the support for OpenSSt 1.1 is available but you have to re-build Qt yourself.

adnan · wrote on 29 Apr 2018, 07:31

I tried linking Opens SSL 1.0.0 with my app and it doesn't interfere with Qt on Ubuntu. But on Fedora 27 openssl version is 1.1.0 and Qt is seemingly trying to load the 1.1 version even for Qt 4.8, which is causing a segfault.

Since 5.10, the support for OpenSSt 1.1 is available but you have to re-build Qt yourself.
Even openssl 1.0.0 is segfaulting on Fedora 27

SGaist · wrote on 29 Apr 2018, 11:56

The stack trace you show is using your distribution provided Qt.
So which are you currently using ?
If you built it, how did you do it ?

adnan · wrote on 30 Apr 2018, 07:13

I am using the Qt4.8 provided by Linux Distribution. Additionally, I am statically linking OpenSSL 1.1.0 with my app.

SGaist · wrote on 30 Apr 2018, 07:17

How are you using OpenSSL in your application ?

adnan · wrote on 1 May 2018, 05:14

I am using libcurl and libcurl uses openssl for https requests. So I am linking openssl only because it is a libcurl dependency.

SGaist · wrote on 2 May 2018, 21:06

From the looks of your error, in seems to come from QtNetwork in Qt 4. Isn't there already a problem there ?