April 24, 2012

mushroom mushroom
Lab Rat
4 posts

[Solved] QSslSocket Error (SSLv2)

 

Hello,

I’m trying to test my coworkers code on my Debian Testing (Wheezy) Virtual Machine, but keep getting the following errors when creating a new QNetworkRequest and then sending an HTTP post request to an SSL protected URL (https://……)

Code:

  1. QNetworkReply *reply = m_network->post(request,data);

QSslSocket: cannot resolve SSLv2_client_method
QSslSocket: cannot resolve SSLv2_server_method

So I tried to force SSLv3 on the request:

  1. QSslConfiguration config; //after this, above error pops up
  2. config.setProtocol(QSsl::SslV3);
  3. request.setSslConfiguration(config);

What happens now is, when the debugger gets to the first line to create QSslConfiguration config, I get the same errors as above, but this time when the program keeps going it actually tries to connect but the SSL handshake fails. This is what the output looks like after attempting to force SSLv3 and sending the post request:

QSslSocket: cannot resolve SSLv2_client_method
QSslSocket: cannot resolve SSLv2_server_method
SSL handshake failed

I get the last string out from QNetworkReply’s errorString(), in the network reply slot

Since my coworker uses Ubuntu Oneiric on his machine, and I’m using Debian Testing on my VM, it leads me to believe that there’s some problem in Debian’s libssl and libssl-dev libraries, but I don’t know.

I’m currently setting up an Ubuntu VM to test this, if it works then I’ll be sure it’s a Debian issue.
Any help on this would be appreciated, thanks!

2 replies

April 24, 2012

mushroom mushroom
Lab Rat
4 posts

Okay, so apparently all I had to do was install libssl-0.98 and it worked. weird stuff.

Coworker had it installed, along with libssl-1.0.0, from the Ubuntu repositories, so i installed it on Ubuntu and it worked.

In Debian, libssl-0.98 is available in all repositories except Testing (Wheezy), so I had grab the .deb package of it from the Debian Stable (Squeeze) repository and “dpkg” install it: http://packages.debian.org/squeeze/libssl0.9.8

I’ll mark this as solved :)

April 24, 2012

Shane Kearns Shane Kearns
Lab Rat
25 posts

SSLv2 is broken, so some linux distributions configure it out of openssl 1.0.0 builds.
You can use QSsl::SecureProtocols to enable the SSL versions which are considered secure as of the Qt release.
If the web server is configured to use SSLv2, it may need a security upgrade.

 
  ‹‹ Qt/MFC Event Loop - stop MFC receiving event?      [SOLVED] PostgreSQL linker error ››

You must log in to post a reply. Not a member yet? Register here!