Oops, forgot about that. Done. Also, ABI is not affected. We have symbols to track ABI, and there are no symbols changes for libqt5network5.
** Description changed: + [Impact] + + Qt 5 Network library does not use TLS 1.3 on armhf, and falls back to + less secure protocols. + + [Test Plan] + + 1. Create test.cpp with the following contents: + + #include <QtCore/QCoreApplication> + #include <QtCore/QDebug> + #include <QtNetwork/QSslConfiguration> + #include <QtNetwork/QSslSocket> + + int main(int argc, char **argv) { + QCoreApplication app(argc, argv); + QSslSocket s; + QSslConfiguration cfg = s.sslConfiguration(); + cfg.setProtocol(QSsl::TlsV1_3OrLater); + s.setSslConfiguration(cfg); + s.connectToHostEncrypted("www.ubuntu.com", 443); + s.waitForConnected(); + qDebug() << s.sessionProtocol(); + return 0; + } + + 2. Create test.pro with the following contents: + + CONFIG += debug warn_all + QT = core network + SOURCES = test.cpp + + 3. Install qtbase5-dev package. + + 4. Compile using `qmake && make`. + + 5. Run the generated ./test executable. It should print 15, not -1. + + [Where problems could occur] + + It is unlikely to cause issues on 64-bit platforms because long and + uint64_t are both 64 bits long. On armhf potential problems may be + related to availability of other protocols. + + [Original Description] + lsb_release Description: Ubuntu 22.04 LTS Release: 22.04 libqt5network5/jammy,now 5.15.3+dfsg-2 armhf libssl3/jammy-updates,jammy-security,now 3.0.2-0ubuntu1.6 armhf the qt5 armhf version shipped with ubuntu jammy has a regression in tls1.3 support (simply missing in runtime). openssl supports tls1.3, so the underlying library works. x86_64 is obviously not affected the short sample applications writes -1 on armhf, 15 on x86_64 (unknown protocol vs tls1.3) QSslSocket* s = new QSslSocket(); QSslConfiguration cfg = s->sslConfiguration(); cfg.setProtocol(QSsl::TlsV1_3OrLater); s->setSslConfiguration(cfg); s->connectToHostEncrypted("tls13-enabled.server",443); s->waitForConnected(); printf("%d\n",s->sessionProtocol()); marking it as security since the most secure tls protocol is not used on some platforms ** Changed in: qtbase-opensource-src (Ubuntu Jammy) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to qtbase-opensource-src in Ubuntu. https://bugs.launchpad.net/bugs/1981807 Title: qt5-network openssl3 armhf does not support tls1.3 Status in qtbase-opensource-src package in Ubuntu: Fix Released Status in qtbase-opensource-src source package in Jammy: Confirmed Bug description: [Impact] Qt 5 Network library does not use TLS 1.3 on armhf, and falls back to less secure protocols. [Test Plan] 1. Create test.cpp with the following contents: #include <QtCore/QCoreApplication> #include <QtCore/QDebug> #include <QtNetwork/QSslConfiguration> #include <QtNetwork/QSslSocket> int main(int argc, char **argv) { QCoreApplication app(argc, argv); QSslSocket s; QSslConfiguration cfg = s.sslConfiguration(); cfg.setProtocol(QSsl::TlsV1_3OrLater); s.setSslConfiguration(cfg); s.connectToHostEncrypted("www.ubuntu.com", 443); s.waitForConnected(); qDebug() << s.sessionProtocol(); return 0; } 2. Create test.pro with the following contents: CONFIG += debug warn_all QT = core network SOURCES = test.cpp 3. Install qtbase5-dev package. 4. Compile using `qmake && make`. 5. Run the generated ./test executable. It should print 15, not -1. [Where problems could occur] It is unlikely to cause issues on 64-bit platforms because long and uint64_t are both 64 bits long. On armhf potential problems may be related to availability of other protocols. [Original Description] lsb_release Description: Ubuntu 22.04 LTS Release: 22.04 libqt5network5/jammy,now 5.15.3+dfsg-2 armhf libssl3/jammy-updates,jammy-security,now 3.0.2-0ubuntu1.6 armhf the qt5 armhf version shipped with ubuntu jammy has a regression in tls1.3 support (simply missing in runtime). openssl supports tls1.3, so the underlying library works. x86_64 is obviously not affected the short sample applications writes -1 on armhf, 15 on x86_64 (unknown protocol vs tls1.3) QSslSocket* s = new QSslSocket(); QSslConfiguration cfg = s->sslConfiguration(); cfg.setProtocol(QSsl::TlsV1_3OrLater); s->setSslConfiguration(cfg); s->connectToHostEncrypted("tls13-enabled.server",443); s->waitForConnected(); printf("%d\n",s->sessionProtocol()); marking it as security since the most secure tls protocol is not used on some platforms To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1981807/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp