Bug#818943: possibly add -openssl-linked ./conifugre option for building Qt (issue with Mumble)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#818943: possibly add -openssl-linked ./conifugre option for building Qt (issue with Mumble)
From: Chris Knadle <Chris.Knadle@coredump.us>
Date: Tue, 22 Mar 2016 00:12:18 +0000
Message-id: <[🔎] 56F08DE2.8010108@coredump.us>
Reply-to: Chris Knadle <Chris.Knadle@coredump.us>, 818943@bugs.debian.org

Source: qt4-x11
Severity: normal

I'd like to know whether it would be possible to add the -openssl-linked
./configure option for building Qt.

   https://doc.qt.io/qt-4.8/ssl.html

I have a rather complicated problem concerning mumble (#804363) which
concerns Mumble breaking during OpenSSL transitions that have library
renames.  With the patch I'm currently using to mitigated the bug, due to Qt
using dlopen() to load libssl/libcrypto during these transitions two copies
of libssl/libcrypto with ABI differences between them both get loaded and we
believe both get initialized, so figuring out what will happen is
nontrivial.  The Debian OpenSSL maintainer says that this shold work but
that OpenSSL upstream is not likely to guarantee that it will.  Mumble
upstream wants to implement a patch which would cause Mumble to quit with an
error if it finds two copies of libssl/libcrypto loaded to ban this
possibility.  (https://github.com/mumble-voip/mumble/pull/2124)

Mumble has broken in a similar way before, and at the time it was thought
that linking Qt with libssl/libcrytpo would have licensing issues:

   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623596#94

We've tried to find other possible mitigation methods and during this the
release team said they aren't sure that having Qt linked with OpenSSL would
cause further licensing issues:

   https://lists.debian.org/debian-release/2016/03/msg00409.html

Mumble upstream and the OpenSSL maintainer think that if Qt used the
-openssl-linked option it may handle the problem in (#804363) better:

   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=804487#102


So... I'm writing this bug to get input from the Qt maintainers as to
whether using the -openssl-linked ./configure option when building Qt is
possible (and whether it would help).

Thanks much.
  -- Chris

-- 
Chris Knadle
Chris.Knadle@coredump.us

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (150,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored:
LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Reply to:

Follow-Ups:
- Bug#818943: possibly add -openssl-linked ./conifugre option for building Qt (issue with Mumble)
  - From: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>

Prev by Date: Bug#818923: kde-l10n-de: Wrong Translation in Softwareverwaltung
Next by Date: Bug#818943: possibly add -openssl-linked ./conifugre option for building Qt (issue with Mumble)
Previous by thread: Bug#818923: kde-l10n-de: Wrong Translation in Softwareverwaltung
Next by thread: Bug#818943: possibly add -openssl-linked ./conifugre option for building Qt (issue with Mumble)
Index(es):
- Date
- Thread