On 9/17/19 5:00 AM, Thiago Macieira wrote:
It's believed the Stuxnet attack
against Iran's nuclear energy labs was started by dropping USB flash drives in
the parking lot.
While there are hacker groups who operate that way, I'm not buying the
story. Mainly I don't buy it because the
On Monday, 16 September 2019 11:48:20 PDT Giuseppe D'Angelo via Interest
wrote:
> And this again just mentions that earlier SSL versions had security
> vulnerabilities. It does not sustain the claim that there is NO version
> which is secure.
>
> (As Thiago has already reminded, we're way past
On 16/09/2019 18:51, Roland Hughes wrote:
On 9/16/19 10:41 AM, Giuseppe D'Angelo wrote:
On 16/09/2019 14:44, Roland Hughes wrote:
On 9/16/19 5:00 AM,interest-requ...@qt-project.org wrote:
Il 14/09/19 14:53, Roland Hughes ha scritto:
Please keep in mind there is no version of SSL which is
On 9/16/19 10:41 AM, Giuseppe D'Angelo wrote:
On 16/09/2019 14:44, Roland Hughes wrote:
On 9/16/19 5:00 AM,interest-requ...@qt-project.org wrote:
Il 14/09/19 14:53, Roland Hughes ha scritto:
Please keep in mind there is no version of SSL which is secure.
Do you have any reference/source
Il 14/09/19 14:53, Roland Hughes ha scritto:
Please keep in mind there is no version of SSL which is secure.
Do you have any reference/source for this (quite extraordinary) claim?
Please also keep in mind the big systems are moving towards a TCP/IP
software appliance within the OS. No
On 9/14/19 5:00 AM, Thiago Macieira wrote:
On Friday, 13 September 2019 00:12:44 PDT René J. V. Bertin wrote:
Ideally qt should be compatible for both. I understand this is not
doable ?
It's not doable.
Technically it seems that it should be possible when loading the SSL
libraries at
On Friday September 13 2019 18:26:53 Konstantin Tokarev wrote:
>FWIW, you can find patches for LibreSSL support at
>https://bugs.gentoo.org/562050
Interesting, thanks.
R.
___
Interest mailing list
Interest@qt-project.org
13.09.2019, 10:14, "René J. V. Bertin" :
> I finally got around to upgrading OpenSSL and getting to work Qt 5.9 with it.
> It
> required an additional change that I hadn't found in the 5.10 branch:
> accepting
> the newer version during the configure phase :)
>
>
On Friday, 13 September 2019 00:12:44 PDT René J. V. Bertin wrote:
> >> Ideally qt should be compatible for both. I understand this is not
> >> doable ?
> >
> > It's not doable.
>
> Technically it seems that it should be possible when loading the SSL
> libraries at runtime, no?
No. Loading the
I finally got around to upgrading OpenSSL and getting to work Qt 5.9 with it.
It
required an additional change that I hadn't found in the 5.10 branch: accepting
the newer version during the configure phase :)
On Saturday, 23 March 2019 02:16:41 PDT René J. V. Bertin wrote:
> About that: is there a way to get the detection to use pkg-config to
> determine the location of the openssl headers?
Yes, if someone submits that. 1.1 has it, so we may be able to make this
change for 5.13.
--
Thiago Macieira
Thiago Macieira wrote:
> Qt 5.10 and up do have a detection to see if you have 1.0 or 1.1. OpenSUSE has
> no need for that, since they know which version their distro has.
About that: is there a way to get the detection to use pkg-config to determine
the location of the openssl headers?
Interesting exchange but can someone summarize?
I distribute an app compiled with qt 5.11.1, and I cannot go immediately
to 5.12
I deliver the libs for ssl 1.0 a bit the way creator is doing it.
It works in 99% of the cases, but some rare linux distributions just
crash.
The solution would
On Friday, 22 March 2019 10:46:28 PDT René J. V. Bertin wrote:
> Could make it risky to use their patch, if they don't take particular care
> for the OpenSSL 1.0 paths.
Right. But why are you interested in supporting both? If your systems have
OpenSSL 1.1, use that.
If you haven't upgraded
Thiago Macieira wrote:
> Qt 5.10 and up do have a detection to see if you have 1.0 or 1.1. OpenSUSE has
> no need for that, since they know which version their distro has.
I was thinking it might be something like that.
Could make it risky to use their patch, if they don't take particular care
On Friday, 22 March 2019 03:15:45 PDT René J. V. Bertin wrote:
> Curious patch I see in Leap:
> https://build.opensuse.org/package/view_file/openSUSE:Leap:15.1:Update/libqt
> 5-qtbase/0001-Revert-Fail-faster-on-OpenSSL-1.1.patch?expand=1
>
> Isn't there a specific
> -Original Message-
> From: Tuukka Turunen
> Sent: perjantai 22. maaliskuuta 2019 11.54
> To: Jani Heikkinen ; Thiago Macieira
> ; interest@qt-project.org
> Subject: Re: [Interest] Qt 5.9 and OpenSSL 1.1?
>
>
> Hi,
>
> Let's create (if not yet creat
Thiago Macieira wrote:
> openSUSE has it:
> https://build.opensuse.org/package/show/openSUSE:Leap:15.1:Update/libqt5-qtbase
>
> But I recommend finding the other ones to see if any of them missed any
> backported fix.
Thanks, will try to see if Arch has one too (their equivalent for Qt4 didn't
Jani Heikkinen"
wrote:
> -Original Message-
> From: Interest On Behalf Of Thiago
> Macieira
> Sent: perjantai 22. maaliskuuta 2019 4.12
> To: interest@qt-project.org
> Subject: Re: [Interest] Qt 5.9 and OpenSSL 1.1?
>
> On Wed
On Wednesday, 20 March 2019 23:45:38 PDT Roland Winklmeier wrote:
> Wouldn’t it be good then if official binaries from newer releases build
> against OpenSSL 1.1?
Yes and no. For future compatibility, we should do that and should have done
that for 5.12 already. But doing so means the binaries
On Thursday, 21 March 2019 09:08:22 PDT René J. V. Bertin wrote:
> Thiago Macieira wrote:
> >> 5.9's support ends in May 2019 (probably a bit later because we are able
> >> to
> >> make the 5.9.9 release).
>
> Where then are 5.9.8 and 5.9.9?
> http://download.qt.io/official_releases/qt/5.9/ still
On Thursday, 21 March 2019 13:47:40 PDT René J.V. Bertin wrote:
> On Thursday March 21 2019 20:49:21 Allan Sandfeld Jensen wrote:
> > Just find the patch from one of the distros that did already did the
> > backporting. There are at least two, but probably more.
>
> Hah, thanks - that would have
On Thursday March 21 2019 20:49:21 Allan Sandfeld Jensen wrote:
> Just find the patch from one of the distros that did already did the
> backporting. There are at least two, but probably more.
Hah, thanks - that would have been a great answer to my initial question! ;)
You don't happen to
On Donnerstag, 21. März 2019 10:16:35 CET René J. V. Bertin wrote:
> >> Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec
> >> 2019.>
> > You're off by one year. 5.9.0 was released May 29, 2017.
> >
> > (probably a bit later because we are able to
> > make the 5.9.9
Thiago Macieira wrote:
>> 5.9's support ends in May 2019 (probably a bit later because we are able to
>> make the 5.9.9 release).
Where then are 5.9.8 and 5.9.9? http://download.qt.io/official_releases/qt/5.9/
still goes to 5.9.7 only.
R.
___
>> Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec 2019.
>
> You're off by one year. 5.9.0 was released May 29, 2017.
>
> (probably a bit later because we are able to
> make the 5.9.9 release).
That means some of the dates in the wikipedia article are wrong... but not the
Thiago Macieira schrieb am Mi. 20. März 2019 um
19:36:
> On Wednesday, 20 March 2019 11:14:52 PDT René J. V. Bertin wrote:
> > See my other email: for now this is for MacPorts, but I'm guessing Qt may
> > not want to depend only on an OpenSSL variant that's EOL.
>
> Except that it's not EOL.
On Wednesday, 20 March 2019 11:41:37 PDT Thiago Macieira wrote:
> On Wednesday, 20 March 2019 11:31:39 PDT Giuseppe D'Angelo via Interest
wrote:
> > > Qt 5.9's lifetime ends before OpenSSL 1.0's.
> >
> > Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec
> > 2019.
> You're
On Wednesday, 20 March 2019 14:59:39 PDT René J.V. Bertin wrote:
> >Because it is a major rewrite of QtNetwork code interfacing with OpenSSL.
> >Such change cannot go to LTS branch [1]
>
> Now maybe (though I'd argue this is a bug fix; OSSL 1.0 will go EOL 5 months
> before Qt 5.9). But that was
>Because it is a major rewrite of QtNetwork code interfacing with OpenSSL. Such
>change
>cannot go to LTS branch [1]
Now maybe (though I'd argue this is a bug fix; OSSL 1.0 will go EOL 5 months
before Qt 5.9). But that was not the question.
5.9.0 was released on May 31st 2017
Il 20/03/19 19:41, Thiago Macieira ha scritto:
Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec 2019.
You're off by one year. 5.9.0 was released May 29, 2017.
5.9's support ends in May 2019 (probably a bit later because we are able to
make the 5.9.9 release).
Isn't the
On Wednesday, 20 March 2019 11:31:39 PDT Giuseppe D'Angelo via Interest wrote:
> > Qt 5.9's lifetime ends before OpenSSL 1.0's.
>
> Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec 2019.
You're off by one year. 5.9.0 was released May 29, 2017.
5.9's support ends in May
Il 20/03/19 19:29, Thiago Macieira ha scritto:
Qt 5.9's lifetime ends before OpenSSL 1.0's.
Actually, it doesn't: 5.9 support ends in May 2020, OpenSSL 1.0 in Dec 2019.
The reality is that if your software depends on multiple libraries, your
deadline is the whichever EOL for those libraries
On Wednesday, 20 March 2019 11:14:52 PDT René J. V. Bertin wrote:
> See my other email: for now this is for MacPorts, but I'm guessing Qt may
> not want to depend only on an OpenSSL variant that's EOL.
Except that it's not EOL. OpenSSL 1.0.2 is still officially supported until
2019-12-31. See
20.03.2019, 21:17, "René J. V. Bertin" :
>> Which distribution already stopped shipping OpenSSL 1.0?
>
> See my other email: for now this is for MacPorts, but I'm guessing Qt may not
> want to depend only on an OpenSSL variant that's EOL.
>
> Moving to 5.10 may be relatively trivial on Linux
On Wednesday, 20 March 2019 03:15:38 PDT René J.V. Bertin wrote:
> Hi,
>
> I just learned that Qt 5.9 apparently doesn't build against OpenSSL 1.1 .
> Does anyone already have a fix for this?
Forklift the support from 5.10. A couple of Linux distributions did that for a
while (notably,
Konstantin Tokarev wrote:
> It would be better to upgrade Qt in MacPorts
MacPorts provides the latest and also a whole range of older Qt versions (down
to Qt 5.5 I think). It has to, because Qt doesn't support a sufficient range of
OS versions for our purposes.
> Which distribution already stopped shipping OpenSSL 1.0?
See my other email: for now this is for MacPorts, but I'm guessing Qt may not
want to depend only on an OpenSSL variant that's EOL.
Moving to 5.10 may be relatively trivial on Linux but not on Mac, if you want
to
keep supporting OS
20.03.2019, 21:03, "René J.V. Bertin" :
>> You should either use Qt >= 5.10 or build against OpenSSL 1.0.2
>
> Wrong answer :P
>
> If Qt 5.9 is still in LTS it should get commit
> cfbe03a6e035ab3cce5f04962cddd06bd414dcea cherry picked from the dev branch
> before 1.0 reaches EOL later this
>You should either use Qt >= 5.10 or build against OpenSSL 1.0.2
Wrong answer :P
If Qt 5.9 is still in LTS it should get commit
cfbe03a6e035ab3cce5f04962cddd06bd414dcea cherry picked from the dev branch
before 1.0 reaches EOL later this year.
Is that commit sufficient? Getting it to apply to
Hi,
Il 20/03/19 18:23, David M. Cotter ha scritto:
I understand LibreSSL has some advantages, is that worth checking out?
Qt does not work with LibreSSL.
Cheers,
--
Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Senior Software Engineer
KDAB (France) S.A.S., a KDAB Group company
Tel. France
Il 20/03/19 11:15, René J.V. Bertin ha scritto:
I just learned that Qt 5.9 apparently doesn't build against OpenSSL 1.1 . Does
anyone already have a fix for this?
Which distribution already stopped shipping OpenSSL 1.0?
Cheers,
--
Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Senior
20.03.2019, 13:18, "René J.V. Bertin" :
> Hi,
>
> I just learned that Qt 5.9 apparently doesn't build against OpenSSL 1.1 .
> Does anyone already have a fix for this?
You should either use Qt >= 5.10 or build against OpenSSL 1.0.2
>
> If not I'll try to adapt Debian's OSSL 1.1 support patch
I understand LibreSSL has some advantages, is that worth checking out?
> On Mar 20, 2019, at 3:15 AM, René J.V. Bertin wrote:
>
> Hi,
>
> I just learned that Qt 5.9 apparently doesn't build against OpenSSL 1.1 .
> Does anyone already have a fix for this?
>
> If not I'll try to adapt Debian's
44 matches
Mail list logo
