mumble: "QSslSocket: cannot resolve <crypto funcs>", Certificate Expiry, segfault

  • Done
  • quality assurance status badge
Details
3 participants
  • Christopher Lemmer Webber
  • Efraim Flashner
  • Ivan Vilata i Balaguer
Owner
unassigned
Submitted by
Ivan Vilata i Balaguer
Severity
normal
I
I
Ivan Vilata i Balaguer wrote on 4 Nov 2019 05:04
(address . bug-guix@gnu.org)
20191104040405.GH17621@sax.terramar.selidor.net
Hi! I'm using Mumble 1.2.19 from Guix commit 7f81cce3 on Debian Sid. On
start, it logs the following messages:

QSslSocket: cannot resolve CRYPTO_num_locks
QSslSocket: cannot resolve CRYPTO_set_id_callback
QSslSocket: cannot resolve CRYPTO_set_locking_callback
QSslSocket: cannot resolve sk_free
QSslSocket: cannot resolve sk_num
QSslSocket: cannot resolve sk_pop_free
QSslSocket: cannot resolve sk_value
QSslSocket: cannot resolve SSL_library_init
QSslSocket: cannot resolve SSL_load_error_strings
QSslSocket: cannot resolve SSLv3_client_method
QSslSocket: cannot resolve SSLv23_client_method
QSslSocket: cannot resolve SSLv3_server_method
QSslSocket: cannot resolve SSLv23_server_method
QSslSocket: cannot resolve X509_STORE_CTX_get_chain
QSslSocket: cannot resolve OPENSSL_add_all_algorithms_noconf
QSslSocket: cannot resolve OPENSSL_add_all_algorithms_conf
QSslSocket: cannot resolve SSLeay
QSslSocket: cannot call unresolved function CRYPTO_num_locks
QSslSocket: cannot call unresolved function CRYPTO_set_id_callback
QSslSocket: cannot call unresolved function CRYPTO_set_locking_callback
QSslSocket: cannot call unresolved function SSL_library_init
QSslSocket: cannot call unresolved function SSLv23_client_method
QSslSocket: cannot call unresolved function sk_num

Then it complains about "Certificate Expiry: Your certificate is about to
expire. You need to renew it, or you will no longer be able to connect to
servers you are registered on.". If I proceed to connect it goes:

OpenSSL Support: 1 (OpenSSL 1.1.1d 10 Sep 2019)
Segmentation fault

and dies. It is curious that `guix package -s openssl` reports version 1.1.1c
instead of 1.1.1d, which matches the Debian system's version of OpenSSL, so
Mumble may be trying to load system libraries instead of Guix's.

If I revert to a previous profile generation with a build of Mumble linked
against glibc 2.28 instead of 2.29, it doesn't print the errors and works
without issues.

Thank you very much!

--
Ivan Vilata i Balaguer -- https://elvil.net/
E
E
Efraim Flashner wrote on 4 Nov 2019 08:28
(name . Ivan Vilata i Balaguer)(address . ivan@selidor.net)(address . 38054@debbugs.gnu.org)
20191104072853.GB372@E5400
On Sun, Nov 03, 2019 at 11:04:05PM -0500, Ivan Vilata i Balaguer wrote:
Toggle quote (46 lines)
> Hi! I'm using Mumble 1.2.19 from Guix commit 7f81cce3 on Debian Sid. On
> start, it logs the following messages:
>
> QSslSocket: cannot resolve CRYPTO_num_locks
> QSslSocket: cannot resolve CRYPTO_set_id_callback
> QSslSocket: cannot resolve CRYPTO_set_locking_callback
> QSslSocket: cannot resolve sk_free
> QSslSocket: cannot resolve sk_num
> QSslSocket: cannot resolve sk_pop_free
> QSslSocket: cannot resolve sk_value
> QSslSocket: cannot resolve SSL_library_init
> QSslSocket: cannot resolve SSL_load_error_strings
> QSslSocket: cannot resolve SSLv3_client_method
> QSslSocket: cannot resolve SSLv23_client_method
> QSslSocket: cannot resolve SSLv3_server_method
> QSslSocket: cannot resolve SSLv23_server_method
> QSslSocket: cannot resolve X509_STORE_CTX_get_chain
> QSslSocket: cannot resolve OPENSSL_add_all_algorithms_noconf
> QSslSocket: cannot resolve OPENSSL_add_all_algorithms_conf
> QSslSocket: cannot resolve SSLeay
> QSslSocket: cannot call unresolved function CRYPTO_num_locks
> QSslSocket: cannot call unresolved function CRYPTO_set_id_callback
> QSslSocket: cannot call unresolved function CRYPTO_set_locking_callback
> QSslSocket: cannot call unresolved function SSL_library_init
> QSslSocket: cannot call unresolved function SSLv23_client_method
> QSslSocket: cannot call unresolved function sk_num
>
> Then it complains about "Certificate Expiry: Your certificate is about to
> expire. You need to renew it, or you will no longer be able to connect to
> servers you are registered on.". If I proceed to connect it goes:
>
> OpenSSL Support: 1 (OpenSSL 1.1.1d 10 Sep 2019)
> Segmentation fault
>
> and dies. It is curious that `guix package -s openssl` reports version 1.1.1c
> instead of 1.1.1d, which matches the Debian system's version of OpenSSL, so
> Mumble may be trying to load system libraries instead of Guix's.
>
> If I revert to a previous profile generation with a build of Mumble linked
> against glibc 2.28 instead of 2.29, it doesn't print the errors and works
> without issues.
>
> Thank you very much!
>
> --

I'd have to guess that the error is that it's linked against openssl-1.1
instead of openssl-1.1.

I also noticed that there's a newer version of mumble out, 1,3.0, which
builds against qt5. We should probably just go ahead and upgrade it.

--
Efraim Flashner <efraim@flashner.co.il> ????? ?????
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl2/0zIACgkQQarn3Mo9
g1GQIg//Rg+MonFQivn+quntBnCVat+tPhlxR4phVF+gkLCSg/KuAGK6Q50hAl64
3knLtA/SnTtumufJkv03Ejlj1hmhEWKKV7U8P6eryIuXKoMrBvdnMpmKQmHw8fvE
bC+/piV9A2Oelp0tDtqMi9npUT1rxCKGGGOs8LxmUzwFwFm3hYDDCz20sFlq32XG
qc3uJ7wlwcKpBrZMFH98sibsh41x3cJTfEC9uSD5+JfjA73Ma49COKTvzjGLa1bu
ne4f3Oc5OKhKIQeY3N2m/iGOp4pkAQPF7KCenXPl8UCQNNe6dpfZmf0wKlluueyC
W8xOkWMNHlR6N4EeTpfPLL2z9Q1RkUz7zZOvEpaT/4fnu+LF+ONdZLI4w/sMCyv1
ePhCyKVBj6NtQ/PtloIDxcWKUL5ki5gauTSaLRR+b8SbtH9bIdzwajXvuYj0Bgkq
ABOLz0YpTXUnSJK/wN/MqNIYm+2z5tHPuRBl2BjM8vXbooyOL97UM+rMaAOs1N0I
edUZmU1zT/uTSYkQaaJ3Bq/mJufzoFvjG0PV13RPRSm1h/x56vj8ENiBSVvteLtJ
xJjZ+Wg8wg6QQQxK3MpmVkXkWQryNA4dbWIKm7JEqMviNeUniLZb+DyKhwn6seb3
puf7MPPGcGc4isl3bCmBWKib8nBQpmBIrUHN+YzoPxA5E3H5BZw=
=GXF6
-----END PGP SIGNATURE-----


C
C
Christopher Lemmer Webber wrote on 19 Nov 2019 20:00
(address . bug-guix@gnu.org)
87pnhng08r.fsf@dustycloud.org
Efraim Flashner writes:

Toggle quote (53 lines)
> On Sun, Nov 03, 2019 at 11:04:05PM -0500, Ivan Vilata i Balaguer wrote:
>> Hi! I'm using Mumble 1.2.19 from Guix commit 7f81cce3 on Debian Sid. On
>> start, it logs the following messages:
>>
>> QSslSocket: cannot resolve CRYPTO_num_locks
>> QSslSocket: cannot resolve CRYPTO_set_id_callback
>> QSslSocket: cannot resolve CRYPTO_set_locking_callback
>> QSslSocket: cannot resolve sk_free
>> QSslSocket: cannot resolve sk_num
>> QSslSocket: cannot resolve sk_pop_free
>> QSslSocket: cannot resolve sk_value
>> QSslSocket: cannot resolve SSL_library_init
>> QSslSocket: cannot resolve SSL_load_error_strings
>> QSslSocket: cannot resolve SSLv3_client_method
>> QSslSocket: cannot resolve SSLv23_client_method
>> QSslSocket: cannot resolve SSLv3_server_method
>> QSslSocket: cannot resolve SSLv23_server_method
>> QSslSocket: cannot resolve X509_STORE_CTX_get_chain
>> QSslSocket: cannot resolve OPENSSL_add_all_algorithms_noconf
>> QSslSocket: cannot resolve OPENSSL_add_all_algorithms_conf
>> QSslSocket: cannot resolve SSLeay
>> QSslSocket: cannot call unresolved function CRYPTO_num_locks
>> QSslSocket: cannot call unresolved function CRYPTO_set_id_callback
>> QSslSocket: cannot call unresolved function CRYPTO_set_locking_callback
>> QSslSocket: cannot call unresolved function SSL_library_init
>> QSslSocket: cannot call unresolved function SSLv23_client_method
>> QSslSocket: cannot call unresolved function sk_num
>>
>> Then it complains about "Certificate Expiry: Your certificate is about to
>> expire. You need to renew it, or you will no longer be able to connect to
>> servers you are registered on.". If I proceed to connect it goes:
>>
>> OpenSSL Support: 1 (OpenSSL 1.1.1d 10 Sep 2019)
>> Segmentation fault
>>
>> and dies. It is curious that `guix package -s openssl` reports version 1.1.1c
>> instead of 1.1.1d, which matches the Debian system's version of OpenSSL, so
>> Mumble may be trying to load system libraries instead of Guix's.
>>
>> If I revert to a previous profile generation with a build of Mumble linked
>> against glibc 2.28 instead of 2.29, it doesn't print the errors and works
>> without issues.
>>
>> Thank you very much!
>>
>> --
>
> I'd have to guess that the error is that it's linked against openssl-1.1
> instead of openssl-1.1.
>
> I also noticed that there's a newer version of mumble out, 1,3.0, which
> builds against qt5. We should probably just go ahead and upgrade it.

I've also gotten this. I have an older version of Mumble installed from
a previous generation and that one does still run.

I tried updating it here, but looks like it's upset about not finding
the (un)bundled speex... weird because it must not have been bothered by
that before.

Incomplete patch attached. I'm unsure if switching from qt-4 to qtbase
is the right way to upgrade to QT 5 or not? I'm guessing so?
Toggle diff (32 lines)
diff --git a/gnu/packages/telephony.scm b/gnu/packages/telephony.scm
index 81e710a536..82ebe48931 100644
--- a/gnu/packages/telephony.scm
+++ b/gnu/packages/telephony.scm
@@ -377,15 +377,15 @@ address of one of the participants.")
(define-public mumble
(package
(name "mumble")
- (version "1.2.19")
+ (version "1.3.0")
(source (origin
(method url-fetch)
(uri (string-append "https://mumble.info/snapshot/"
name "-" version ".tar.gz"))
(sha256
(base32
- "1s60vaici3v034jzzi20x23hsj6mkjlc0glipjq4hffrg9qgnizh"))
- (patches (search-patches "mumble-1.2.19-abs.patch"))
+ "03dqg5yf6d7ilc1wydpshnv1ndssppcbadqcq20jm5j4fdaf53cs"))
+ ;; (patches (search-patches "mumble-1.2.19-abs.patch"))
(modules '((guix build utils)))
(snippet
`(begin
@@ -474,7 +474,7 @@ address of one of the participants.")
("speech-dispatcher" ,speech-dispatcher)
("libx11" ,libx11)
("libxi" ,libxi)
- ("qt-4" ,qt-4)
+ ("qt-4" ,qtbase)
("alsa-lib" ,alsa-lib)
("pulseaudio" ,pulseaudio)))
(native-inputs
I
I
Ivan Vilata i Balaguer wrote on 20 Nov 2019 06:30
(name . Christopher Lemmer Webber)(address . cwebber@dustycloud.org)
20191120053024.GZ17621@sax.terramar.selidor.net
Christopher Lemmer Webber (2019-11-19 14:00:20 -0500) wrote:

Toggle quote (15 lines)
> Efraim Flashner writes:
>
> > I also noticed that there's a newer version of mumble out, 1,3.0, which
> > builds against qt5. We should probably just go ahead and upgrade it.
>
> I've also gotten this. I have an older version of Mumble installed from
> a previous generation and that one does still run.
>
> I tried updating it here, but looks like it's upset about not finding
> the (un)bundled speex... weird because it must not have been bothered by
> that before.
>
> Incomplete patch attached. I'm unsure if switching from qt-4 to qtbase
> is the right way to upgrade to QT 5 or not? I'm guessing so?

Thanks Christopher! I'm currently working in a complete patch, it's building
and running (and it's not suffering from the errors I found!), but I still
need to locate the appropriate icons and include them in the package.

I'll get back to you real soon!

--
Ivan Vilata i Balaguer -- https://elvil.net/
I
I
Ivan Vilata i Balaguer wrote on 22 Nov 2019 07:32
(name . Ivan Vilata i Balaguer)(address . ivan@selidor.net)
20191122063238.GC17621@sax.terramar.selidor.net
Ivan Vilata i Balaguer (2019-11-20 00:30:24 -0500) wrote:

Toggle quote (7 lines)
> Thanks Christopher! I'm currently working in a complete patch, it's
> building and running (and it's not suffering from the errors I found!), but
> I still need to locate the appropriate icons and include them in the
> package.
>
> I'll get back to you real soon!

Hi there! I finally completed the update patch and managed to get the icons
working. It seems to work as expected without plugin issues.

It wasn't an easy task but I learnt some good stuff during the way… `:D`

Enjoy the new Mumble!

--
Ivan Vilata i Balaguer -- https://elvil.net/
Attachment: 0001-gnu-mumble-Update-to-1.3.0.patch
E
E
Efraim Flashner wrote on 19 Dec 2019 14:03
Re: [bug#38395] Acknowledgement ([PATCH] gnu: mumble: Update to 1.3.0.)
(name . Ivan Vilata i Balaguer)(address . ivan@selidor.net)
20191219130311.GH917@E5400
I merged the two patches together, made sure all the phases returned #t
and flushed out the commit message some more.


--
Efraim Flashner <efraim@flashner.co.il> ????? ?????
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl37dQwACgkQQarn3Mo9
g1EJHhAArIOxS6xnbUoNg6UC1Xbj3PNZtePNeN6BAa+qG/eDAw3MFsv4dH2rnZEv
dZx7RhumaYoDpuanEaceFjJYHoT7ndjwabelUEhPQc6MGcXWyAwh6jvd38xdURJi
gt+fckzi2VoTPIUZyuPeLQNcyoSEDHt4CyZ+NLmJp0HWdR+j0/MaEHWorKNpQ1eJ
UhdlIRZO2nGmHugB6FcBSFASmprOqhq5cIUmQ2V56bBZpqMCo2f4obE9LsPpNZn6
Fwy/pqLrYXvFsUWqLoeFo66vrYpsqkr46/KMNe1xNNcTD55CoLrUeY2+e/l/URRQ
BcKU7H02WMa1qIBKwEs/gmzGM6FSMyLknu2AlrEhLncWISmWUmTOFXEVUJGpRUYU
xKp43fKw7oYT7q03rHiVR+92eeb7W4i0c6DGLVtpDLdpb7X6GzeF8KMIeJ2UyrJ9
iMLmCuJo4qKS9aLiACRQnN5o7eMbCdKnk7en8Teg2T3QJK+hM9vMfcZo6h+yHG6b
WgegGU/RXhcOv4gcfgNIV4Rl4vMLlZQoJe+FcxtL9SeWn5cUyfvs/f8zY6EpqqDl
6VD4zotyXjyVHE55+uJAKT75y+ARblmmQBJmkwsHrgQY4jhXvlBYzHrhggbZv1Sm
mJO60l1OkkkRVccYqCFiragnuf3+EhGX9Rx8HRbBJhWZdCnfCDE=
=9pio
-----END PGP SIGNATURE-----


Closed
I
I
Ivan Vilata i Balaguer wrote on 19 Dec 2019 17:51
(name . Efraim Flashner)(address . efraim@flashner.co.il)
20191219165155.GF1392584@sax.terramar.selidor.net
Efraim Flashner (2019-12-19 15:03:11 +0200) wrote:

Toggle quote (3 lines)
> I merged the two patches together, made sure all the phases returned #t
> and flushed out the commit message some more.

Thanks a lot! Comparing your final patch against mine was also very
instructive.�`:)`

--
Ivan Vilata i Balaguer -- https://elvil.net/
Closed
I
I
Ivan Vilata i Balaguer wrote on 20 Dec 2019 17:07
(name . Ivan Vilata i Balaguer)(address . ivan@selidor.net)
20191220160758.GA2604844@sax.terramar.selidor.net
Ivan Vilata i Balaguer (2019-12-19 11:51:55 -0500) wrote:

Toggle quote (8 lines)
> Efraim Flashner (2019-12-19 15:03:11 +0200) wrote:
>
> > I merged the two patches together, made sure all the phases returned #t
> > and flushed out the commit message some more.
>
> Thanks a lot! Comparing your final patch against mine was also very
> instructive.�`:)`

Before you close this issue, I upgraded my `mumble` package and many icons are
missing. I didn't yet have time to further investigate it, but maybe it's
because of a difference I noticed between your patch:

(modify-phases %standard-phases

and mine:

(modify-phases (@ (guix build qt-build-system) %standard-phases)

So maybe the problem is that the final, wrapping phase of `qt-build-system` is
not being run. Actually I see that `mumble` is a plain binary while in the
output from my patch, it was a wrapper script.

Thanks!

--
Ivan Vilata i Balaguer -- https://elvil.net/
Closed
E
E
Efraim Flashner wrote on 22 Dec 2019 11:56
(name . Ivan Vilata i Balaguer)(address . ivan@selidor.net)
20191222105604.GD1115@E5400
On Fri, Dec 20, 2019 at 11:07:58AM -0500, Ivan Vilata i Balaguer wrote:
Toggle quote (25 lines)
> Ivan Vilata i Balaguer (2019-12-19 11:51:55 -0500) wrote:
>
> > Efraim Flashner (2019-12-19 15:03:11 +0200) wrote:
> >
> > > I merged the two patches together, made sure all the phases returned #t
> > > and flushed out the commit message some more.
> >
> > Thanks a lot! Comparing your final patch against mine was also very
> > instructive. `:)`
>
> Before you close this issue, I upgraded my `mumble` package and many icons are
> missing. I didn't yet have time to further investigate it, but maybe it's
> because of a difference I noticed between your patch:
>
> (modify-phases %standard-phases
>
> and mine:
>
> (modify-phases (@ (guix build qt-build-system) %standard-phases)
>
> So maybe the problem is that the final, wrapping phase of `qt-build-system` is
> not being run. Actually I see that `mumble` is a plain binary while in the
> output from my patch, it was a wrapper script.
>

I'm not sure what happened with the wrapping phase, but I changed it
back and now everything should be working as expected.

--
Efraim Flashner <efraim@flashner.co.il> ????? ?????
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAl3/S8QACgkQQarn3Mo9
g1ES3w//dkVOxofsOOeFn05eRCVyre0KA9u5L49/zkR86p7z/XxwChN5YblHramu
+kzlwhpGgUfqgIwf933+mBlaAK/7zMoFqZ/6OTxuD4uUTpT9l+crAhcHLOG/uWSD
YwkmTmJTcUdVNZ5xJlP9WY+fJgjxeYqu2pkq6vJqTK6fN5waZvU5SB3BrRIknm/c
HK87576/E4qhayEr6Dwuf0kcgrijpnH2kbTzcqUwad//UfZ67yM9fhJRTn0p82Gu
EU8+co6+69TAFYBmw8VRWfwCmxGjiDTgkQHNCbQ/uk+AR9xPs+t90wEOS1S2IsWJ
ghSibyfJdHQ0sV7UUOSaRnxDh7E0g2Ij3YeGc5ENdD1s02BQ4CmXtJ0esKQNdR1N
xwhsdCFGGjsZcZLj3E18MgpngpL+ucdWK20LYuyuQciDmb0qZAuQyjuGHGd8cckw
8GT5ZAAJlRDKce+AzQ6ulGVOpwUB33AR004y9eCrsEobsOxmC8jEJ4YKsBHpMzfe
108P03+Fid6/9r2IQkPf/php1gPzr1er7zzKS5aR9hIICcxMRqzuoPnTEG7zyeBO
Y4jiYKsRFYuLNMpGp8wrGAjTtVfmQMCCCjuTyIYMjsCHpz9i8Ot2Hvel0BvjFaIN
Exc1etBatzwvfesyDlJb6Yn84ON/AlodlP8opyUlDRkskLqbf+I=
=ra/V
-----END PGP SIGNATURE-----


Closed
I
I
Ivan Vilata i Balaguer wrote on 22 Dec 2019 19:16
(name . Efraim Flashner)(address . efraim@flashner.co.il)
20191222181638.GI1392584@sax.terramar.selidor.net
Efraim Flashner (2019-12-22 12:56:04 +0200) wrote:

Toggle quote (19 lines)
> On Fri, Dec 20, 2019 at 11:07:58AM -0500, Ivan Vilata i Balaguer wrote:
> >
> > Before you close this issue, I upgraded my `mumble` package and many icons are
> > missing. I didn't yet have time to further investigate it, but maybe it's
> > because of a difference I noticed between your patch:
> >
> > (modify-phases %standard-phases
> >
> > and mine:
> >
> > (modify-phases (@ (guix build qt-build-system) %standard-phases)
> >
> > So maybe the problem is that the final, wrapping phase of `qt-build-system` is
> > not being run. Actually I see that `mumble` is a plain binary while in the
> > output from my patch, it was a wrapper script.
>
> I'm not sure what happened with the wrapping phase, but I changed it
> back and now everything should be working as expected.

Works indeed now, than you!�`:)`

--
Ivan Vilata i Balaguer -- https://elvil.net/
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 38054@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 38054
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch