[Interest] Chromium build failure, SSL and Qt 5.6.3 vs 5.6.0,

Allan Sandfeld Jensen kde at carewolf.com
Tue Jul 31 11:43:40 CEST 2018

On Sonntag, 29. Juli 2018 22:58:41 CEST Christian Gagneraud wrote:
> Hi,
> We used to build Qt-5.6.3 on and for Linux-i386.
> I recently had to downgrade to Qt-5.6.0 (see below), but now the build
> fails with:
> qtwebengine/src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c:
> In function 'ssl3_ChaCha20Poly1305':
> qtwebengine/src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c:2118:15:
> error: 'CK_NSS_AEAD_PARAMS {aka struct CK_NSS_AEAD_PARAMS}' has no member
> named 'pIv'
>      aeadParams.pIv = (unsigned char *) additionalData;
>                ^
> qtwebengine/src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c:2119:15:
> error: 'CK_NSS_AEAD_PARAMS {aka struct CK_NSS_AEAD_PARAMS}' has no member
> named 'ulIvLen'
>      aeadParams.ulIvLen = 8;
>                ^
> Are there any special requirements,or actually is there a difference
> in the requirements, to build Qt5.6.0 vs Qt-5.6.3?
Yes. It is most likely NSS, it could in 5.6.0 be used for both encryption and 
certicate checking but in 5.6.3 is only used for certificate checking. You can 
try using NSS 3.21, but note it will report most Google certificates as 
broken. You can also try removing libnss-dev in which case OpenSSL will be 
used for both, but that also means most Google certicates are reported as 
broken (because they objectively are signed by a too weak root).

See https://codereview.qt-project.org/#/c/153890/ perhaps you can cherry pick 
it, though it might not be easy QtWebEngine also upgraded from Chromium 45 to 
49 in the 5.6 series.


More information about the Interest mailing list