SUMMARY (this is the continuation of bug #400766) When exporting to Onedrive or Dropbox (not tested with others, but maybe the same), digikam crashes (Segmentation Fault). STEPS TO REPRODUCE 1. Select files > Export to Onedrive (or Dropbox) RESULT Digikam crashes. With debug, this is what happens after clicking on Export > Onedrive: Digikam::AlbumFilterModel::setSearchTextSettings: new search text settings: "" : hasResult = true , validRows = 18 Digikam::ODTalker::readSettings: Linking... Auto configuration failed 140737221753088:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:362:line 40 unknown: QMutex: destroying locked mutex [Thread 0x7ffef87f8700 (LWP 22788) exited] [Thread 0x7ffef7ff7700 (LWP 22789) exited] [Thread 0x7ffef77f6700 (LWP 22790) exited] [Thread 0x7ffef6ff5700 (LWP 22791) exited] [Thread 0x7fff62158700 (LWP 22756) exited] [Thread 0x7fffd3fff700 (LWP 22742) exited] [Thread 0x7fff61957700 (LWP 22757) exited] [Thread 0x7fff61156700 (LWP 22758) exited] [Thread 0x7fff60955700 (LWP 22759) exited] [Thread 0x7fff4bfff700 (LWP 22760) exited] [Thread 0x7fff4b7fe700 (LWP 22761) exited] [Thread 0x7fff4affd700 (LWP 22762) exited] [Thread 0x7fff4a7fc700 (LWP 22763) exited] [Thread 0x7fff49ffb700 (LWP 22764) exited] [Thread 0x7fff497fa700 (LWP 22765) exited] [Thread 0x7fff23fff700 (LWP 22767) exited] [Thread 0x7fff237fe700 (LWP 22768) exited] [Thread 0x7fff22ffd700 (LWP 22769) exited] [Thread 0x7fff48ff9700 (LWP 22766) exited] [Thread 0x7fff227fc700 (LWP 22770) exited] [Thread 0x7fff217fa700 (LWP 22772) exited] [Thread 0x7fff20ff9700 (LWP 22773) exited] [Thread 0x7fff21ffb700 (LWP 22771) exited] [Thread 0x7fff0bfff700 (LWP 22774) exited] [Thread 0x7fff0affd700 (LWP 22776) exited] [Thread 0x7fff0b7fe700 (LWP 22775) exited] [Thread 0x7fff09ffb700 (LWP 22778) exited] [Thread 0x7fff097fa700 (LWP 22779) exited] [Thread 0x7fff0a7fc700 (LWP 22777) exited] [Thread 0x7fff08ff9700 (LWP 22780) exited] [Thread 0x7ffefb7fe700 (LWP 22782) exited] [Thread 0x7ffefbfff700 (LWP 22781) exited] [Thread 0x7ffefa7fc700 (LWP 22784) exited] [Thread 0x7ffefaffd700 (LWP 22783) exited] [Thread 0x7ffef97fa700 (LWP 22786) exited] [Thread 0x7ffef9ffb700 (LWP 22785) exited] [Thread 0x7ffef8ff9700 (LWP 22787) exited] Thread 4 "Digikam::ScanCo" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffe0fba700 (LWP 22734)] 0x00000030a10a7024 in QReadWriteLock::tryLockForWrite(int) () from /tmp/.mount_digikaE5GnU5/usr/lib/libQt5Core.so.5 (gdb) (gdb) ADDITIONAL INFORMATION This seems linked to Appimage: the problem present on Fedora 29 with digikam 5.9, 6.0 beta 1, 2 and 3 with Appimage version. No problem with RPM version (5.9). Note that there was NO such problem on Fedora 28 and appimage.
Other program with the same error message: https://pixinsight.com/forum/index.php?topic=12871.0 https://github.com/Ultimaker/Cura/issues/4220#issuecomment-435629790 Maik
Strangely the problem with these other programs all occur on Fedora 29 (and for the first one at least there was no problem with Fedora 28 like me).
Some improvements: even though the error message is not clear, the following error is related to the file /etc/pki/tls/openssl.cnf > error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:362:line 40 In lines 38-40 I have: 38 [ crypto_policy ] 39 40 .include /etc/crypto-policies/back-ends/opensslcnf.config What I tried: 1) I remove the file /etc/pki/tls/openssl.cnf --> NO MORE DIGIKAM CRASH (and I can login to OneDrive) (but I suppose this file cannot be simply deleted ? So probably not a good solution) 2) I have reinstalled packages providing: /etc/pki/tls/openssl.cnf (openssl-libs-1.1.1-3.fc29, both .x86_64 and .i686) /etc/crypto-policies/back-ends/opensslcnf.config (crypto-policies-20181026-1.gitd42aaa6.fc29.noarch) but the error is still there. Note - another issue on Fedora 29: http://forums.foxitsoftware.com/forum/portable-document-format-pdf-tools/foxit-reader/169528-foxit-reader-on-fedora-29 This is probably a bug in ssl packages of Fedora ?
Hi Maik, I have asked the question on Fedora bugzilla of openssl. I have to say that I'm not familiar at all with this topic, so can you have a look at their answer: https://bugzilla.redhat.com/show_bug.cgi?id=1668916 Which version of openssl is included in appimage ? Thanks in advance
It would have to be the OpenSSL-1.0.1e. Gilles can say that more precisely because he builds the AppImage. I think the AppImage is a good thing to give users the ability to test a bugfix or new feature. It will probably never replace a native version. I also do not understand why no one builds native snapshot packages for Fedora or Ubuntu, it's not that hard. Maik
I found a workaround using LD_PRELOAD: LD_PRELOAD=/usr/lib64/libssl.so.10:/usr/lib64/libcrypto.so.10 ./digikam.appimage According to bug report in openssl, it should however be fixed in appimage (please see https://bugzilla.redhat.com/show_bug.cgi?id=1668916 for details): > Appimage packagers should package their bundled openssl in such way that it > does not depend on system-wide configuration files, because they cannot > depend on what is in them.
Git commit 45a1e29874fa7b53624300dc9e7f9b36be79a1fd by Gilles Caulier. Committed on 02/03/2019 at 21:59. Pushed by cgilles into branch 'development/dplugins'. add openssl build rules for AppImage bundle M +1 -0 project/bundles/3rdparty/CMakeLists.txt A +22 -0 project/bundles/3rdparty/ext_openssl/CMakeLists.txt M +2 -2 project/bundles/appimage/01-build-centos6.sh https://commits.kde.org/digikam/45a1e29874fa7b53624300dc9e7f9b36be79a1fd
Great, it seems to work with DK 6.1. There is another (similar ?) appimage issue: $ Downloads/digikam-6.1.0-git-20190304T120153-x86-64.appimage libfreetype.so libudev.so -- digiKam AppImage Bundle -- Use 'help' as CLI argument to know all available options for digiKam application -- Preloading shared libs: digikam: symbol lookup error: /lib64/libfontconfig.so.1: undefined symbol: FT_Done_MM_Var $ As a workaround, the appimage must be launched with LD_PRELOAD=/usr/lib64/libfreetype.so.6:/usr/lib64/libudev.so.1 Could it be solved as well ? (if you prefer, I can open a new bug report)
Good news, After 2 weeks of works, the pre-release 6.1.0 bundles are now reconstructed from scratch with: - All OpenCV options for CUDA, OPenMP, and OPenCL disabled to prevent crashes in face management. - A large upgrade of Qt5 from 5.9.7 to 5.11.3. - An upgrade to KF5 5.55. - An upgrade to Ffmpeg 3.3.9 - The fontconfig/freetype integration in the bundle to reduce system dependencies Files can be downloaded here : https://files.kde.org/digikam/ Please test and report. Gilles Caulier
After 3 weeks of work, i finally completed the compilation of AppImage using Qt 5.11.3 + QWebkit 5.212. New 6.1.0 pre-release AppImage bundle can be found here (64 bits only for the moment) : https://files.kde.org/digikam/ Please check if this bugzilla entry still valid. Thanks in advance Gilles Caulier
Created attachment 118947 [details] Failed connection to Onedrive Hi Gilles, yes the problem is still there with digikam-6.1.0-git-20190320T143140-x86-64.appimage. I would say it is back because it was solved in digikam-6.1.0-git-20190304T120153-x86-64.appimage (see comment #8) (even if that appimage had other problems). There are in fact now 2 problems: 1. running ./digikam-6.1.0-git-20190320T143140-x86-64.appimage and chosing "Export to OneDrive" crashes digikam (this is the original problem that is back): Digikam::AlbumFilterModel::setSearchTextSettings: new search text settings: "" : hasResult = true , validRows = 19 unknown: Linking... Auto configuration failed 140533010992704:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:187:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory 140533010992704:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244: 140533010992704:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf 140533010992704:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf unknown: QMutex: destroying locked mutex /tmp/.mount_digikaGNEWfx/AppRun: line 133: 4515 Segmentation fault (core dumped) digikam $@ 2. running LD_PRELOAD=/usr/lib64/libssl.so.10:/usr/lib64/libcrypto.so.10 /home/nicolas/Downloads/digikam-6.1.0-git-20190320T143140-x86-64.appimage does not crash digikam anymore while selecting "Export to Onedrive" However, the connection to Onedrive does not work. See attached printscreen. The "digikam" window remains blank during a long time (~1 minute) before displaying partial Onedrive connection page. In terminal: Digikam::AlbumFilterModel::setSearchTextSettings: new search text settings: "" : hasResult = true , validRows = 19 unknown: Linking... unknown: Received URL from webview: QUrl("https://login.live.com/oauth20_authorize.srf?client_id=4c20a541-<...>&scope=Files.ReadWrite User.Read&redirect_uri=https://login.live.com/oauth20_desktop.srf&response_type=token") unknown: LINK to Onedrive fail
It sound like the libssl_conf.so shared lib cannot be found. At least, i'm sure that the bundle do not have the .so inside. The system based .so must be used instead. Before to run the AppImage can you try to force to load libssl_conf.so from the system using this command line : export LD_PRELOAD=$LD_PRELOAD:/usr/lib64/libssl_conf.so Note : here i use /usr/lib64/... path to load the .so, but it can be at another place, this depend of the Linux used. If it do not work, try these pathes : /usr/lib/... /lib/x86_64-linux-gnu/ Gilles Caulier
Heu, I don't have libssl_conf.so on my system (Fedora 29). And "dnf provides libssl_conf.so" does not return anything. Note: under /usr/lib64, I have: $ ls /usr/lib64/libssl* /usr/lib64/libssl3.so /usr/lib64/libssl.so.1.1 /usr/lib64/libssl.so.10 /usr/lib64/libssl.so.1.1.1b /usr/lib64/libssl.so.1.0.2o
What's happen if you run this line before the appimage bundle ? export LD_PRELOAD=$LD_PRELOAD:/usr/lib64/libssl3.so Gilles Caulier
It crashes digikam: $ export LD_PRELOAD=$LD_PRELOAD:/usr/lib64/libssl3.so $ ./digikam-6.1.0-git-20190323T220709-x86-64.appimage libfontconfig.so libfreetype.so libudev.so -- digiKam AppImage Bundle -- Use 'help' as CLI argument to know all available options for digiKam application -- Preloading shared libs: :/usr/lib64/libssl3.so digikam: /tmp/.mount_digikaiuWcKX/usr/lib/libnssutil3.so: version `NSSUTIL_3.38' not found (required by /usr/lib64/libssl3.so)
This is strange because libnss is dropped for the list of bundled libraries in AppImage : https://cgit.kde.org/digikam.git/tree/project/bundles/appimage/04-build-appimage.sh#n265 This puzzle me. It's not clear to know which libraries must be used from native system or not. SSL is problematic because it require the most advanced version for security reasons. but SSL is relevant of plenty dependencies. I take a look into other AppImage project, and digiKam is the only one which require secure internet access. If you have also the libnssutils on your system, try to upload also this one with SSL library before to run digiKam. In fact, there is a combinaison to found. Note: In digiKam appimage, libssl3.so and libnssl3.so are included and must do the job without to preload files in memory from native system... Gilles
Thanks for investigating this ! I have libnssutils on my system. I just made several tests: 1) export LD_PRELOAD=/usr/lib64/libssl3.so:/usr/lib64/libnssutil3.so -> digikam crashes when I use the export to Onedrive tool. Same errors as in comment #11 (ending with : /tmp/.mount_digikaGNEWfx/AppRun: line 133: <pid> Segmentation fault (core dumped) digikam $@ 2) to not have the crash, I need to export another library (and just this one: no need to export ssl3 or ssl or nssutil): export LD_PRELOAD=/usr/lib64/libcrypto.so.10 But then I get the broken connection window (as attached in comment #11) Note: I cannot connect to Dropbox neither. I suppose this is the same issue. I don't know what kind of tests I can still do ?
Additional comments: as stated in comment #8, a previous version of your appimage (2019-03-04) worked: LD_PRELOAD=/usr/lib64/libfreetype.so.6:/usr/lib64/libudev.so.1 ./digikam-6.1.0-git-20190304T120153-x86-64.appimage (the other libs preloaded were necessary with older versions of appimage, but there is no need to preload ssl/crypto/... libs) Maybe you can check what you changed in regards to libssl/crypto in your appimage builds since 04th of March ? Note: as said, using that appimage I can connect to Onedrive. Now if I relaunch the last version of digikam (with LD_PRELOAD=/usr/lib64/libcrypto.so.10), I'm still logged in Onedrive and can transfer files. So this is "just" the login process that fails: once logged in, it works.
The differences between digikam-6.1.0-git-20190304T120153-x86-64.appimage and current AppImage must be huge. I don't have a backup of digikam-6.1.0-git-20190304T120153-x86-64.appimage. If you can share the file with me through the cloud this can help. But i can start to give some information about this files, as i work on AppImage since 3 weeks : 1/ Qt 5.9.7 to Qt 5.11.3 2/ hard linking of Centos6 openssl in Qt (configuration rules stage) 3/ rewrite of final appimage bundle script to drop unwanted shared libraries. 1/ => impossible to go back. We need to found a solution with this Qt release. 2/ Can be changed back but this will take age to recompile whole bundle. 3/ I can compare the bundle contents about tshared libraries to see if something is missing. Gilles Caulier
About SSL and Qt configuration rules we have : Network options: -ssl ................. Enable either SSL support method [auto] -no-openssl .......... Do not use OpenSSL [default on Apple and WinRT] -openssl-linked ...... Use OpenSSL and link to libssl [no] -openssl-runtime ..... Use OpenSSL and dynamically load libssl [auto] I enabled "-openssl-linked" instead... no option, which want mean "-openssl-runtime" in fact. This can be the lead problem. Gilles Caulier
At cQt configure time, the script report all the details about the target : Qt Network: getifaddrs() ........................... yes IPv6 ifname ............................ yes libproxy ............................... no Linux AF_NETLINK ....................... no OpenSSL ................................ yes Qt directly linked to OpenSSL ........ yes OpenSSL 1.1 ............................ no SCTP ................................... no Use system proxies ..................... yes OpenSSL is well linked with system libraries. Note that OpenSSL 1.1 is not used here as i use OpenSSL from Centos6 which still 1.0.x. I can forece to use OpenSSL 1.1, as script to compile OpenSSL is ready to use in bundles cmake script. This is a 4th way to explore to solve this issue. Gilles Caulier
To respond to Maik, comment #5: [gilles@localhost appimage]$ yum info openssl Modules complémentaires chargés : fastestmirror, refresh-packagekit, security Determining fastest mirrors * base: mirrors.atosworldline.com * epel: anorien.csc.warwick.ac.uk * extras: centos.quelquesmots.fr * nux-dextop: li.nux.ro * updates: mirrors.atosworldline.com Paquets installés Nom : openssl Architecture : x86_64 Version : 1.0.1e Révision : 57.el6 Taille : 4.1 M Dépôt : installed Depuis le dépôt : anaconda-CentOS-201806291108.x86_64 Résumé : A general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ Licence : OpenSSL Description : The OpenSSL toolkit provides support for secure communications between : machines. OpenSSL includes a certificate management tool and shared : libraries which provide various cryptographic algorithms and : protocols. Paquets disponibles Nom : openssl Architecture : i686 Version : 1.0.1e Révision : 57.el6 Taille : 1.5 M Dépôt : base Résumé : A general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ Licence : OpenSSL Description : The OpenSSL toolkit provides support for secure communications between : machines. OpenSSL includes a certificate management tool and shared : libraries which provide various cryptographic algorithms and : protocols. Gilles Caulier
If i read well the Fedora report : https://bugzilla.redhat.com/show_bug.cgi?id=1668916 There is a mix between : - openssl and relevant libraries from the system and the bundle. - openssl configuration file (aka /etc/pki) from the system and the bundle. I'm sure : i never copied the /etc/pki config files in the bundle. It's now done. Note : when we use export to preload libraries before to use the bundle, we force to use the configuration files from the system. If we don't do it we use the bundle libraries WITHOUT the configuration files inside : so we use system configuration which can be from a different version of openssl. The result is a big mess. Gilles
Nicofo, In 5 minutes, anew AppImage will be uploaded at the same place. I don't recompile Qt and digiKam. I just repackaged the whole bundle with /etc/pki files from Centos6. It's just for testing... Gilles Caulier
Hum i discovered another huge difference between qt 5.9.7 based AppImage and the current one : the conflict between libicu and libiconv. Both are used to manage string encoding. But older appimage use QtWebkit 5.9.1 which do not require libicu. Migrating to 5.212 for me to install libicu. Qtbase detect this change and use it instead libiconv. This has break plenty of part in Qt. In fact libicu is deprecated and libiconv (integrated in glibc) must be used instead. QtWebkit is not ported to iconv (in opposite to QtWebEngine, used in recent Qt version to replace QtWebkit). So i managed this conflict. I don't know if this have a side effect with SSL stuff, but in all cases, libicu has broken all the QProcess internal API, and this one is used in fact to call the external browser when you want to be logged in a web service. So, i compile whole AppImage again. This will be completed in few hours... Gilles Caulier
Thanks again for your work, the support for digikam is great and this is well appreciated ! 1) I have tested your last digikam-6.1.0-git-20190326T123000-x86-64.appimage: no change compared to previous one: - crash when using Export to Onedrive - need to use LD_PRELOAD=/usr/lib64/libcrypto.so.10 to avoid the crash, but then connection window is broken (see attachment in comment #11) 2) I have several libicu libs in my system (in /usr/lib64) ; trying to export them -> no effect. I have no libiconv libs (normal if in glibc ?). As they are related to all the calls to the external browser, it is well possible they are responsible for the broken connection window ... So I'll wait for your next compilation.
(if you still need digikam-6.1.0-git-20190304T120153-x86-64.appimage, tell me)
no libicu => normal => glibc Yes please share me the working appaimge file through the cloud... New AppImage will be avaialble in few hours... Compilation is under progress (75% done) Gilles Caulier
Voilà : https://1drv.ms/u/s!AhMgC9WFEqafjKEh5hMo32NTNah8MA digikam-6.1.0-git-20190304T120153-x86-64.appimage
Nicofo, Thanks for the AppImage Archive. I fixed the logging with external browser with the AppImage under uploaded this evening. Here all work as expected. Next stage is to fix your SSL problem. Note: here, under Mageia 6.1, there is no SSL problem as it use openssl 1.0 I will try under Mageia 7 beta2 to see if i can reproduce the problem. Gilles Caulier
Nicofo, I just tested Mageia7 beta2 : no problem. Official openssl is 1.1.0j, but there is also a package for compatibility named openssl 1.0.2r. Both are installed and all work fine... Gilles Caulier
OK, I have tested digikam-6.1.0-git-20190327T214651-x86-64.appimage. 1) For Onedrive there is no difference: same conclusion as in comment #26: - crash when using Export to Onedrive - need to use LD_PRELOAD=/usr/lib64/libcrypto.so.10 to avoid the crash, but then connection window is broken (see attachment in comment #11) 2) For Dropbox, it is now working ! (digikam opens an authentification page on the default web-browser. This is a difference with Onedrive where Digikam opens an independent window -> attachment in comment #11 )
Nicofo, For onedrive, the is no crash for me under Mageia 7 beta2 (openssl 1.1 with compatibility to 1.0). Please try last AppImage : digikam-6.1.0-git-20190330T125338-x86-64.appimage The broken identification page is due to use internal web browser based on QtWebkit which take age now. We must switch to QtWebEngine (Chromium) or use the external web browser instead, as DropBox identification. Gilles Caulier
For web services like Onedrive or Facebook it is no longer possible to use an external web browser. These services do not allow unsecured call back http address anymore, only https. Therefore, we have to intercept the web page in a built-in browser. The other web services will also stop this possibility at some point. Maik
So, it will be urgent to migrate from Qtwebkit to QtWebEngine. Remember that under Windows, cross compiling QtWebEngine is not yet possible, ass Google deal with Microsoft to extend Chromium with Windows dirty technology. In other words, Google don't like MinGW, and QtWebEngine require this F. M$ compiler. There is a report in Qt project about this big problem. Gilles
Nicofo, Please review the last bundle published today and look if the original problem (the crash) is always reproducible. For the QtWebEngine port of AppImage, all is mostly ready and it will be done later 6.1.0. Please open a new file in bugzilla. Gilles Caulier
Gilles, with last appimage digikam-6.1.0-git-20190330T125338-x86-64.appimage there is unfortunately no change. DK crashes when using "Export to Onedrive". The error message is exactly the same as in comment #11 (except the last line: it is now "line 142" instead of "line 133"): /tmp/.mount_digikavAoDUK/AppRun: line 142: 3255 Segmentation fault (core dumped) digikam $@
Nicofo, Look my screenshot here : https://imgur.com/MVD5GaZ It's the AppImage bundle from today, running under Mageia7 beta2, where openssl 1.1 is used by default. On the left side, you can see the list of openssl package installed. There is one name compat-openssl10 which is mandatory to run DK AppImage 6.1, as it have been compiled with opensll 1.0.1 from CentOS 6. I think your problem under Fedora 28 is relevant of this package. Gilles Caulier
I have also such a packet: $ rpm -qa|grep openssl|sort apr-util-openssl-1.6.1-8.fc29.x86_64 compat-openssl10-1.0.2o-3.fc29.x86_64 <---------- compat-openssl10-pkcs11-helper-1.22-6.fc29.x86_64 openssl-1.1.1b-3.fc29.x86_64 openssl-libs-1.1.1b-3.fc29.i686 openssl-libs-1.1.1b-3.fc29.x86_64 openssl-pkcs11-0.4.9-1.fc29.i686 openssl-pkcs11-0.4.9-1.fc29.x86_64 rubygem-openssl-2.1.2-100.fc29.x86_64 xmlsec1-openssl-1.2.25-5.fc29.x86_64
And... it's installed ? Gilles Caulier
Nicofo, Another point : under Windows, we use also QtWebkit to render OneDrive login page, and this one is perfectly suitable. https://imgur.com/VTuXi2p In AppImage, the QtWebkit is simply compiled with all options disabled. I will reactivate step by step all options to see if the render can be improved. Gilles Caulier
(In reply to caulier.gilles from comment #40) > And... it's installed ? > > Gilles Caulier Yes, these are all my installed packages containing "openssl".
Well, no idea for the moment. Gilles Caulier
Nicofo, I recompiled the 64 bits version of DK 6.1.0 AppImage with QtWebEngine instead QtWebKit. Please try the OneDrive login with this file : digikam-6.1.0-git-20190331T125411-qtwebengine-x86-64.appimage Note : here, the geo-location with GoogleMaps crash with my Nvidia video card using "Nouveau" driver. The native compilation of digiKam under this computer crash also in this use case. Maik : if geo-location is not visible, QtWebEngine do not crash. When i start OneDrive plugin, the embedded chromium web browser do not crash ! So, i can concluded that GoogleMap detect Chromium in geo-location view and enable few OpenGL features to render map which crash DK. Gilles Caulier
Gilles, this time there are some nice improvements: 1) The problem of broken connection window is solved: the login window connection is normal and I can (try to) log into my Onedrive account ! ;) 2) The crash still happens, but not at the same time as before ! - Before (=original bug, up to your appimages 20190330), Digikam crashed as soon as I launched the "Export to onedrive" tool. - Now (digikam-6.1.0-git-20190331T162849-qtwebengine-x86-64), I can launch "Export to Onedrive" tool, the connection window opens. But Digikam crashes when I login (after I enter my password) (applicable to Onedrive and Dropbox). Terminal Logs (similar to those in comment #11 , except the end) ============= Digikam::AlbumFilterModel::setSearchTextSettings: new search text settings: "" : hasResult = true , validRows = 19 unknown: Linking... unknown: Received URL from webview: QUrl("https://login.live.com/oauth20_authorize.srf?client_id=4c20a541-2ca8-<cut>&scope=Files.ReadWrite User.Read&redirect_uri=https://login.live.com/oauth20_desktop.srf&response_type=token") unknown: LINK to Onedrive fail unknown: Received URL from webview: QUrl("https://login.live.com/oauth20_desktop.srf?lc=1033#access_token=EwBoA8l6BAAURS<cut>mgbt1MdQB8YCnchF9Njk/EimdgI%3D&token_type=bearer&expires_in=3600&scope=Files.ReadWrite User.Read&user_id=AAAAAAAAAAAAAAA<cut>") unknown: Access token received unknown: LINK to Onedrive Auto configuration failed 140463680456896:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:187:filename(libssl_conf.so): libssl_conf.so: cannot open shared object file: No such file or directory 140463680456896:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244: 140463680456896:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf 140463680456896:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf unknown: QMutex: destroying locked mutex Received signal 11 SEGV_MAPERR 000000000008 #0 0x7fc04b45d31e <unknown> #1 0x7fc049e1c634 <unknown> #2 0x7fc04b45d84e <unknown> #3 0x7fc05799a030 <unknown> #4 0x7fc04815be1e QReadWriteLock::tryLockForWrite() #5 0x7fc051873e3e <unknown> #6 0x7fc0583d726a Digikam::DbEngineThreadData::closeDatabase() #7 0x7fc0583d72ec Digikam::DbEngineThreadData::~DbEngineThreadData() #8 0x7fc0583dfcfe QThreadStorage<>::deleteData() #9 0x7fc048161933 QThreadStorageData::finish() #10 0x7fc04816873d <unknown> #11 0x7fc04816946c <unknown> #12 0x7fc05798f58e start_thread #13 0x7fc0455d86a3 __GI___clone r8: 00007fc020004af0 r9: 0000000000000006 r10: 00007fc0202082f0 r11: 00007fc020000080 r12: 00007fc02a392b60 r13: 00007fc02a392b60 r14: 00007fc02a392b80 r15: 00007fc02a392ba0 di: 0000000000000008 si: 00000000ffffffff bp: 0000000000000000 bx: 0000000000000008 dx: 0000000000000002 ax: 0000000000000000 cx: 0000000000000007 sp: 00007fc02a392aa0 ip: 00007fc04815be1e efl: 0000000000010206 cgf: 002b000000000033 erf: 0000000000000006 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000008 [end of stack trace] Calling _exit(1). Core file will not be generated. As before, no crash with: export LD_PRELOAD=/usr/lib64/libcrypto.so.10 Note: concerning your crash with Google Maps: I have also crash (not always immediately) when viewing the map of geolocalised pictures (with Marple OR Google Maps). I have nvidia card (with official nvidia drivers). Like above, no crash if I "export LD_PRELOAD=/usr/lib64/libcrypto.so.10 " The Logs in Terminal are the same ! (from error:25066067:DSO support routines:DLFCN_LOAD ... ) So in my case these 2 bugs (connect to OneDrive/Dropbox and Marple/GoogleMaps) seem to be related.
Take a look to this bug report : https://github.com/drwetter/testssl.sh/issues/1117 Gilles Caulier
Nicofo, Also, with digikam-6.1.0-git-20190401T005644-qtwebkit-x86-64.appimage, OneDrive login is not broken using QtWebkiet as the QtWebEngine version. I found the right settings to use at compile time. Please let me hear if the env. variable to use with openssl as described in https://github.com/drwetter/testssl.sh/issues/1117 solve your crash problem... Best Gilles Caulier
Gilles, 1) I confirm that digikam-6.1.0-git-20190401T164941-qtwebkit-x86-64.appimage is still working (connection window OK) ;) 2) Not sure to have understood which env. variable I have to set ? 2a) I tried: export OPENSSL_CONF=/etc/pki/tls/openssl.cnf (which is my actual openssl.conf file: default file present in Fedora) -> crash (I suppose this is normal as this is the file that is probably used without that 'export') 2b) I tried: export OPENSSL_CONF=<random string> -> no crash ! (but not sure it is 'safe': it is although I by-pass (delete) openssl.conf file of Fedora I guess) Do you want me to test other 'export' ?
#2b) I tried: export OPENSSL_CONF=<random string> #-> no crash ! (but not sure it is 'safe': it is although I by-pass (delete) #openssl.conf file of Fedora I guess) ==> seriously ? This is a big step. This will proof that configuration file is problematic on your computer. Gilles Caulier
I recommend to report this problem to Fedora team. Again, here, with Mageia7 beta2, OpenSSL 1.1.0 is used with the compatibility package to OpenSSL 1.0.0. There is not crash. Also, digiKam AppImage still compiled with OpenSSL 1.0.0 from Centos 6.10. It must work under Fedora... Gilles Caulier
(In reply to caulier.gilles from comment #50) > I recommend to report this problem to Fedora team. > See https://bugzilla.redhat.com/show_bug.cgi?id=1694850
Their reply: > You need to use "supported" openssl library or use the > OPENSSL_CONF=/etc/pki/openssl10.cnf workaround (with installed > compat-openssl10 package). (and indeed with "export OPENSSL_CONF=/etc/pki/openssl10.cnf", no crash) What do you think ? I suppose you have also 2 config files ? - /etc/pki/openssl10.cnf (from compat-openssl10-1.0.2o-3 package) - /etc/pki/tls/openssl.cnf (from openssl-libs-1.1.1b-3 package) In your case the compat. config file if used ??
Nicofo, This is the contents of my /etc/pky under Mageia 7 beta 2 : [gilles@localhost etc]$ tree /etc/pki /etc/pki ├── java │ └── cacerts ├── nssdb │ ├── cert8.db │ ├── key3.db │ └── secmod.db ├── rpm-gpg │ └── RPM-GPG-KEY-Mageia └── tls ├── cert.pem -> certs/ca-bundle.crt ├── certs │ ├── ca-bundle.crt │ ├── httpd.pem │ ├── Makefile │ └── postfix.pem ├── misc ├── mozilla │ └── certdata.txt ├── openssl.cnf ├── private │ ├── httpd.pem │ └── postfix.pem └── rootcerts ├── 02265526.0 -> entrust-root-certification-authority-01.pem ├── 03179a64.0 -> staat-der-nederlanden-ev-root-ca.pem ├── 062cdee6.0 -> globalsign-01.pem ├── 064e0aa9.0 -> quovadis-root-ca-2-g3.pem ├── 06dc52d5.0 -> ssl-com-ev-root-certification-authority-00.pem ├── 080911ac.0 -> quovadis-root-certification-authority.pem ├── 09789157.0 -> starfield-services-root-certificate.pem ├── 0a775a30.0 -> gts-root-r3.pem ├── 0b1b94ef.0 -> cfca-ev-root.pem ├── 0b7c536a.0 -> d-trust-root-ca-3-2013.pem ├── 0bf05006.0 -> ssl-com-root-certification-authority-01.pem ├── 0c4c9b6c.0 -> global-chambersign-root-2008.pem ├── 0f5dc4f3.0 -> uca-extended-validation-root.pem ├── 0f6fa695.0 -> gdca-trustauth-r5-root.pem ├── 1001acf7.0 -> gts-root-r1.pem ├── 106f3e4d.0 -> entrust-root-certification-authority-02.pem ├── 116bf586.0 -> geotrust-primary-certification-02.pem ├── 128805a3.0 -> ee-certification-centre-root-ca.pem ├── 1320b215.0 -> symantec-class-2-public-primary-00.pem ├── 14bc7599.0 -> emsign-ecc-root-ca-g3.pem ├── 157753a5.0 -> addtrust-external-ca-root.pem ├── 1636090b.0 -> hellenic-academic-and-research-00.pem ├── 18856ac4.0 -> securesign-rootca11.pem ├── 1d3472b9.0 -> globalsign-03.pem ├── 1e08bfd1.0 -> identrust-public-sector-root-ca.pem ├── 1e09d511.0 -> t-telesec-globalroot-class-2.pem ├── 244b5494.0 -> digicert-high-assurance-ev-root.pem ├── 26312675.0 -> symantec-class-1-public-primary-00.pem ├── 2923b3f9.0 -> emsign-root-ca-g1.pem ├── 2ae6433e.0 -> ca-disig-root-r2.pem ├── 2b349938.0 -> affirmtrust-commercial.pem ├── 2c543cd1.0 -> geotrust-global-ca.pem ├── 2e4eed3c.0 -> thawte-primary-root-ca.pem ├── 2e5ac55d.0 -> dst-root-ca-x3.pem ├── 32888f65.0 -> hellenic-academic-and-research-01.pem ├── 349f2832.0 -> ec-acc.pem ├── 3513523f.0 -> digicert-global-root-ca.pem ├── 3bde41ac.0 -> autoridad-de-certificacion-firmaprofesional.pem ├── 3e44d2f7.0 -> trustcor-rootcert-ca-2.pem ├── 3e45d192.0 -> hongkong-post-root-ca-1.pem ├── 3efd4dc0.0 -> swisscom-root-ca-2.pem ├── 40193066.0 -> certum-trusted-network-ca-2.pem ├── 4042bcee.0 -> isrg-root-x1.pem ├── 40547a79.0 -> comodo-certification-authority.pem ├── 406c9bb1.0 -> emsign-root-ca-c1.pem ├── 4304c5e5.0 -> network-solutions-certificate-authority.pem ├── 442adcac.0 -> certum-ca.pem ├── 46f053f0.0 -> diginotar-root-ca.pem ├── 480720ec.0 -> geotrust-primary-certification-00.pem ├── 48bec511.0 -> certum-trusted-network-ca.pem ├── 4a6481c9.0 -> globalsign-00.pem ├── 4b718d9b.0 -> emsign-ecc-root-ca-c3.pem ├── 4bfab552.0 -> starfield-root-certificate-authority.pem ├── 4d4ba017.0 -> symantec-class-2-public-primary-01.pem ├── 4f316efb.0 -> swisssign-gold-ca-g2.pem ├── 5273a94c.0 -> e-tugra-certification-authority.pem ├── 5443e9e3.0 -> t-telesec-globalroot-class-3.pem ├── 54657681.0 -> buypass-class-2-root-ca.pem ├── 57bcb2da.0 -> swisssign-silver-ca-g2.pem ├── 5a4d6896.0 -> staat-der-nederlanden-root-ca-g3.pem ├── 5ad8a5d6.0 -> globalsign-root-ca.pem ├── 5c44d531.0 -> staat-der-nederlanden-root-ca-g2.pem ├── 5cd81ad7.0 -> teliasonera-root-ca-v1.pem ├── 5d3033c5.0 -> trustcor-rootcert-ca-1.pem ├── 5f15c80c.0 -> twca-global-root-ca.pem ├── 607986c7.0 -> digicert-global-root-g2.pem ├── 626dceaf.0 -> gts-root-r2.pem ├── 62744ee1.0 -> symantec-class-1-public-primary-01.pem ├── 6410666e.0 -> government-root-certification-authority.pem ├── 653b494a.0 -> baltimore-cybertrust-root.pem ├── 68dd7389.0 -> hongkong-post-root-ca-3.pem ├── 6b99d060.0 -> entrust-root-certification-authority-00.pem ├── 6d41d539.0 -> amazon-root-ca-2.pem ├── 6fa5da56.0 -> ssl-com-root-certification-authority-00.pem ├── 706f604c.0 -> xramp-global-certification-authority.pem ├── 749e9e03.0 -> quovadis-root-ca-1-g3.pem ├── 75d1b2ed.0 -> digicert-trusted-root-g4.pem ├── 76cb8f92.0 -> cybertrust-global-root.pem ├── 76faf6c0.0 -> quovadis-root-ca-3.pem ├── 7719f463.0 -> hellenic-academic-and-research-02.pem ├── 773e07ad.0 -> oiste-wisekey-global-root-gc-ca.pem ├── 7aaf71c0.0 -> trustcor-eca-1.pem ├── 7d0b38bd.0 -> verisign-class-3-public-primary-02.pem ├── 7f3d5d1d.0 -> digicert-assured-id-root-g3.pem ├── 812e17de.0 -> deutsche-telekom-root-ca-2.pem ├── 8160b96c.0 -> microsec-e-szigno-root-ca-2009.pem ├── 856583ec.0 -> diginotar-pkioverheid-ca-organisatie.pem ├── 861a399d.0 -> addtrust-class-1-ca-root.pem ├── 8867006a.0 -> geotrust-universal-ca-2.pem ├── 8cb5ee0f.0 -> amazon-root-ca-3.pem ├── 8d86cdd1.0 -> certsign-certsign-root-ca.pem ├── 930ac5d2.0 -> actalis-authentication-root-ca.pem ├── 93bc0acc.0 -> affirmtrust-networking.pem ├── 988a38cb.0 -> netlock-arany-class-gold-f-xc5.pem ├── 99d0fa06.0 -> ca-cert-signing-authority.pem ├── 9c2e7d30.0 -> sonera-class2-ca.pem ├── 9c8dfbd4.0 -> affirmtrust-premium-ecc.pem ├── 9d04f354.0 -> digicert-assured-id-root-g2.pem ├── 9f0f5fd6.0 -> certinomis-root-ca.pem ├── a3418fda.0 -> gts-root-r4.pem ├── a8dee976.0 -> swisssign-platinum-ca-g2.pem ├── a94d09e5.0 -> accvraiz1.pem ├── aaa-certificate-services.pem ├── accvraiz1.pem ├── actalis-authentication-root-ca.pem ├── ad088e1d.0 -> geotrust-universal-ca.pem ├── addtrust-class-1-ca-root.pem ├── addtrust-external-ca-root.pem ├── aee5f10d.0 -> entrust-net-certification-authority.pem ├── affirmtrust-commercial.pem ├── affirmtrust-networking.pem ├── affirmtrust-premium-ecc.pem ├── affirmtrust-premium.pem ├── amazon-root-ca-1.pem ├── amazon-root-ca-2.pem ├── amazon-root-ca-3.pem ├── amazon-root-ca-4.pem ├── atos-trustedroot-2011.pem ├── autoridad-de-certificacion-firmaprofesional.pem ├── autoridade-certificadora-raiz-brasileira.pem ├── b0e59380.0 -> globalsign-02.pem ├── b1159c4c.0 -> digicert-assured-id-root-ca.pem ├── b1b8a7f3.0 -> oiste-wisekey-global-root-ga-ca.pem ├── b204d74a.0 -> verisign-class-3-public-primary-01.pem ├── b4f0b7e7.0 -> autoridade-certificadora-raiz-brasileira.pem ├── b66938e9.0 -> secure-global-ca.pem ├── b727005e.0 -> affirmtrust-premium.pem ├── b7a5b843.0 -> twca-root-certification-authority.pem ├── ba89ed3b.0 -> thawte-primary-root-ca-g3.pem ├── baltimore-cybertrust-root.pem ├── buypass-class-2-root-ca.pem ├── buypass-class-3-root-ca.pem ├── c01cdfa2.0 -> verisign-universal-root-certification.pem ├── c01eb047.0 -> uca-global-g2-root.pem ├── c089bbbd.0 -> thawte-primary-root-ca-g2.pem ├── c0ff1f52.0 -> verisign-class-3-public-primary-00.pem ├── c28a8a30.0 -> d-trust-root-class-3-ca-2-2009.pem ├── c47d9980.0 -> chambers-of-commerce-root-2008.pem ├── c5e082db.0 -> utn-userfirst-client-authentication.pem ├── ca6e4ad9.0 -> chunghwa-telecom-co-ltd-epki-root.pem ├── ca-cert-signing-authority.pem ├── ca-disig-root-r2.pem ├── cb59f961.0 -> global-chambersign-root.pem ├── cbf06781.0 -> go-daddy-root-certificate-authority.pem ├── cc450945.0 -> izenpe-com.pem ├── cd58d51e.0 -> secom-trust-systems-co-ltd-security.pem ├── cd8c0d63.0 -> fnmt-rcm-ac-raiz-fnmt-rcm.pem ├── ce5e74ef.0 -> amazon-root-ca-1.pem ├── certigna.pem ├── certigna-root-ca.pem ├── certinomis-root-ca.pem ├── certsign-certsign-root-ca.pem ├── certum-ca.pem ├── certum-trusted-network-ca-2.pem ├── certum-trusted-network-ca.pem ├── cfca-ev-root.pem ├── chambers-of-commerce-root-2008.pem ├── chambers-of-commerce-root.pem ├── chunghwa-telecom-co-ltd-epki-root.pem ├── class-2-primary-ca.pem ├── comodo-certification-authority.pem ├── comodo-ecc-certification-authority.pem ├── comodo-rsa-certification-authority.pem ├── cybertrust-global-root.pem ├── d4dae3dd.0 -> d-trust-root-class-3-ca-2-ev-2009.pem ├── d6325660.0 -> comodo-rsa-certification-authority.pem ├── d7e8dc79.0 -> quovadis-root-ca-2.pem ├── d853d49e.0 -> trustis-limited-trustis-fps-root.pem ├── dc45b0bd.0 -> verisign-class-2-public-primary.pem ├── dc4d6a89.0 -> globalsign-04.pem ├── dd8e9d41.0 -> digicert-global-root-g3.pem ├── de6d66f3.0 -> amazon-root-ca-4.pem ├── def36a68.0 -> luxtrust-global-root-2.pem ├── deutsche-telekom-root-ca-2.pem ├── digicert-assured-id-root-ca.pem ├── digicert-assured-id-root-g2.pem ├── digicert-assured-id-root-g3.pem ├── digicert-global-root-ca.pem ├── digicert-global-root-g2.pem ├── digicert-global-root-g3.pem ├── digicert-high-assurance-ev-root.pem ├── digicert-trusted-root-g4.pem ├── diginotar-pkioverheid-ca-organisatie.pem ├── diginotar-root-ca.pem ├── dst-root-ca-x3.pem ├── d-trust-root-ca-3-2013.pem ├── d-trust-root-class-3-ca-2-2009.pem ├── d-trust-root-class-3-ca-2-ev-2009.pem ├── e113c810.0 -> certigna.pem ├── e18bfb83.0 -> quovadis-root-ca-3-g3.pem ├── e2799e36.0 -> geotrust-primary-certification-01.pem ├── e36a6752.0 -> atos-trustedroot-2011.pem ├── e73d606e.0 -> oiste-wisekey-global-root-gb-ca.pem ├── e8de2f56.0 -> buypass-class-3-root-ca.pem ├── ea4f04a5.0 -> verisign-class-3-secure-server.pem ├── ec-acc.pem ├── ee1365c0.0 -> verisign-class-1-public-primary.pem ├── ee64a828.0 -> aaa-certificate-services.pem ├── ee-certification-centre-root-ca.pem ├── eed8c118.0 -> comodo-ecc-certification-authority.pem ├── ef954a4e.0 -> identrust-commercial-root-ca-1.pem ├── emsign-ecc-root-ca-c3.pem ├── emsign-ecc-root-ca-g3.pem ├── emsign-root-ca-c1.pem ├── emsign-root-ca-g1.pem ├── entrust-net-certification-authority.pem ├── entrust-root-certification-authority-00.pem ├── entrust-root-certification-authority-01.pem ├── entrust-root-certification-authority-02.pem ├── e-tugra-certification-authority.pem ├── f060240e.0 -> class-2-primary-ca.pem ├── f081611a.0 -> the-go-daddy-group-inc-go-daddy.pem ├── f0c70a8d.0 -> ssl-com-ev-root-certification-authority-01.pem ├── f30dd6ad.0 -> usertrust-ecc-certification-authority.pem ├── f3377b1b.0 -> secom-trust-net-security-communication.pem ├── f387163d.0 -> starfield-technologies-inc-starfield.pem ├── f39fc864.0 -> securetrust-ca.pem ├── f51bb24c.0 -> certigna-root-ca.pem ├── f90208f7.0 -> chambers-of-commerce-root.pem ├── fc5a8f99.0 -> usertrust-rsa-certification-authority.pem ├── fe8a2cd8.0 -> szafir-root-ca2.pem ├── ff34af3f.0 -> tubitak-kamu-sm-ssl-kok-sertifikasi.pem ├── fnmt-rcm-ac-raiz-fnmt-rcm.pem ├── gdca-trustauth-r5-root.pem ├── geotrust-global-ca.pem ├── geotrust-primary-certification-00.pem ├── geotrust-primary-certification-01.pem ├── geotrust-primary-certification-02.pem ├── geotrust-universal-ca-2.pem ├── geotrust-universal-ca.pem ├── global-chambersign-root-2008.pem ├── global-chambersign-root.pem ├── globalsign-00.pem ├── globalsign-01.pem ├── globalsign-02.pem ├── globalsign-03.pem ├── globalsign-04.pem ├── globalsign-root-ca.pem ├── go-daddy-root-certificate-authority.pem ├── government-root-certification-authority.pem ├── gts-root-r1.pem ├── gts-root-r2.pem ├── gts-root-r3.pem ├── gts-root-r4.pem ├── hellenic-academic-and-research-00.pem ├── hellenic-academic-and-research-01.pem ├── hellenic-academic-and-research-02.pem ├── hongkong-post-root-ca-1.pem ├── hongkong-post-root-ca-3.pem ├── identrust-commercial-root-ca-1.pem ├── identrust-public-sector-root-ca.pem ├── isrg-root-x1.pem ├── izenpe-com.pem ├── luxtrust-global-root-2.pem ├── microsec-e-szigno-root-ca-2009.pem ├── netlock-arany-class-gold-f-xc5.pem ├── network-solutions-certificate-authority.pem ├── oiste-wisekey-global-root-ga-ca.pem ├── oiste-wisekey-global-root-gb-ca.pem ├── oiste-wisekey-global-root-gc-ca.pem ├── quovadis-root-ca-1-g3.pem ├── quovadis-root-ca-2-g3.pem ├── quovadis-root-ca-2.pem ├── quovadis-root-ca-3-g3.pem ├── quovadis-root-ca-3.pem ├── quovadis-root-certification-authority.pem ├── secom-trust-net-security-communication.pem ├── secom-trust-systems-co-ltd-security.pem ├── secure-global-ca.pem ├── securesign-rootca11.pem ├── securetrust-ca.pem ├── sonera-class2-ca.pem ├── ssl-com-ev-root-certification-authority-00.pem ├── ssl-com-ev-root-certification-authority-01.pem ├── ssl-com-root-certification-authority-00.pem ├── ssl-com-root-certification-authority-01.pem ├── staat-der-nederlanden-ev-root-ca.pem ├── staat-der-nederlanden-root-ca-g2.pem ├── staat-der-nederlanden-root-ca-g3.pem ├── starfield-root-certificate-authority.pem ├── starfield-services-root-certificate.pem ├── starfield-technologies-inc-starfield.pem ├── swisscom-root-ca-2.pem ├── swisssign-gold-ca-g2.pem ├── swisssign-platinum-ca-g2.pem ├── swisssign-silver-ca-g2.pem ├── symantec-class-1-public-primary-00.pem ├── symantec-class-1-public-primary-01.pem ├── symantec-class-2-public-primary-00.pem ├── symantec-class-2-public-primary-01.pem ├── szafir-root-ca2.pem ├── teliasonera-root-ca-v1.pem ├── thawte-primary-root-ca-g2.pem ├── thawte-primary-root-ca-g3.pem ├── thawte-primary-root-ca.pem ├── the-go-daddy-group-inc-go-daddy.pem ├── trustcor-eca-1.pem ├── trustcor-rootcert-ca-1.pem ├── trustcor-rootcert-ca-2.pem ├── trustis-limited-trustis-fps-root.pem ├── t-telesec-globalroot-class-2.pem ├── t-telesec-globalroot-class-3.pem ├── tubitak-kamu-sm-ssl-kok-sertifikasi.pem ├── twca-global-root-ca.pem ├── twca-root-certification-authority.pem ├── uca-extended-validation-root.pem ├── uca-global-g2-root.pem ├── usertrust-ecc-certification-authority.pem ├── usertrust-rsa-certification-authority.pem ├── utn-userfirst-client-authentication.pem ├── verisign-class-1-public-primary.pem ├── verisign-class-2-public-primary.pem ├── verisign-class-3-public-primary-00.pem ├── verisign-class-3-public-primary-01.pem ├── verisign-class-3-public-primary-02.pem ├── verisign-class-3-secure-server.pem ├── verisign-universal-root-certification.pem └── xramp-global-certification-authority.pem Gilles Caulier
OK, so you have only one config file. Provided by openssl I suppose (not compat-openssl10 ?) (what returns "rpm -q --whatprovides /etc/pki/tls/openssl.cnf" ?) And in your file, do you have also an "ssl_conf" directive ? (the culprit in my case: if I comment that line -> no more problem) I don't know how the "compat" is supposed to work, but in Fedora it does not work automatically ...
[gilles@localhost ~]$ rpm -q --whatprovides /etc/pki/tls/openssl.cnf openssl-1.1.0j-1.mga7
Created attachment 119235 [details] openssl.conf from Mageia7 beta2 (openssl version 1.1)
[gilles@localhost ~]$ rpm -q openssl openssl-1.1.0j-1.mga7 [gilles@localhost ~]$ rpm -q --list openssl /etc/pki /etc/pki/tls /etc/pki/tls/certs /etc/pki/tls/certs/Makefile /etc/pki/tls/misc /etc/pki/tls/openssl.cnf /etc/pki/tls/private /etc/pki/tls/rootcerts /usr/bin/make-dummy-cert /usr/bin/openssl /usr/bin/renew-dummy-cert /usr/lib/.build-id /usr/lib/.build-id/df /usr/lib/.build-id/df/a7eaf828f8be565b68fb242b414202b0a9c05c /usr/share/doc/openssl /usr/share/doc/openssl/FAQ /usr/share/doc/openssl/INSTALL /usr/share/doc/openssl/LICENSE /usr/share/doc/openssl/NEWS /usr/share/doc/openssl/README /usr/share/doc/openssl/README.ECC /usr/share/doc/openssl/README.ENGINE /usr/share/doc/openssl/README.FIPS /usr/share/man/man1/asn1parse.1.xz /usr/share/man/man1/blake2b.1.xz /usr/share/man/man1/blake2s.1.xz /usr/share/man/man1/ca.1.xz /usr/share/man/man1/ciphers.1.xz /usr/share/man/man1/cms.1.xz /usr/share/man/man1/crl.1.xz /usr/share/man/man1/crl2pkcs7.1.xz /usr/share/man/man1/dgst.1.xz /usr/share/man/man1/dhparam.1.xz /usr/share/man/man1/dsa.1.xz /usr/share/man/man1/dsaparam.1.xz /usr/share/man/man1/ec.1.xz /usr/share/man/man1/ecparam.1.xz /usr/share/man/man1/enc.1.xz /usr/share/man/man1/engine.1.xz /usr/share/man/man1/errstr.1.xz /usr/share/man/man1/gendsa.1.xz /usr/share/man/man1/genpkey.1.xz /usr/share/man/man1/genrsa.1.xz /usr/share/man/man1/list.1.xz /usr/share/man/man1/md4.1.xz /usr/share/man/man1/md5.1.xz /usr/share/man/man1/mdc2.1.xz /usr/share/man/man1/nseq.1.xz /usr/share/man/man1/ocsp.1.xz /usr/share/man/man1/openssl-asn1parse.1.xz /usr/share/man/man1/openssl-ca.1.xz /usr/share/man/man1/openssl-ciphers.1.xz /usr/share/man/man1/openssl-cms.1.xz /usr/share/man/man1/openssl-crl.1.xz /usr/share/man/man1/openssl-crl2pkcs7.1.xz /usr/share/man/man1/openssl-dgst.1.xz /usr/share/man/man1/openssl-dhparam.1.xz /usr/share/man/man1/openssl-dsa.1.xz /usr/share/man/man1/openssl-dsaparam.1.xz /usr/share/man/man1/openssl-ec.1.xz /usr/share/man/man1/openssl-ecparam.1.xz /usr/share/man/man1/openssl-enc.1.xz /usr/share/man/man1/openssl-engine.1.xz /usr/share/man/man1/openssl-errstr.1.xz /usr/share/man/man1/openssl-gendsa.1.xz /usr/share/man/man1/openssl-genpkey.1.xz /usr/share/man/man1/openssl-genrsa.1.xz /usr/share/man/man1/openssl-list.1.xz /usr/share/man/man1/openssl-nseq.1.xz /usr/share/man/man1/openssl-ocsp.1.xz /usr/share/man/man1/openssl-pkcs12.1.xz /usr/share/man/man1/openssl-pkcs7.1.xz /usr/share/man/man1/openssl-pkcs8.1.xz /usr/share/man/man1/openssl-pkey.1.xz /usr/share/man/man1/openssl-pkeyparam.1.xz /usr/share/man/man1/openssl-pkeyutl.1.xz /usr/share/man/man1/openssl-req.1.xz /usr/share/man/man1/openssl-rsa.1.xz /usr/share/man/man1/openssl-rsautl.1.xz /usr/share/man/man1/openssl-s_client.1.xz /usr/share/man/man1/openssl-s_server.1.xz /usr/share/man/man1/openssl-s_time.1.xz /usr/share/man/man1/openssl-sess_id.1.xz /usr/share/man/man1/openssl-smime.1.xz /usr/share/man/man1/openssl-speed.1.xz /usr/share/man/man1/openssl-spkac.1.xz /usr/share/man/man1/openssl-ts.1.xz /usr/share/man/man1/openssl-verify.1.xz /usr/share/man/man1/openssl-version.1.xz /usr/share/man/man1/openssl-x509.1.xz /usr/share/man/man1/openssl.1.xz /usr/share/man/man1/pkcs12.1.xz /usr/share/man/man1/pkcs7.1.xz /usr/share/man/man1/pkcs8.1.xz /usr/share/man/man1/pkey.1.xz /usr/share/man/man1/pkeyparam.1.xz /usr/share/man/man1/pkeyutl.1.xz /usr/share/man/man1/req.1.xz /usr/share/man/man1/ripemd160.1.xz /usr/share/man/man1/rsa.1.xz /usr/share/man/man1/rsautl.1.xz /usr/share/man/man1/s_client.1.xz /usr/share/man/man1/s_server.1.xz /usr/share/man/man1/s_time.1.xz /usr/share/man/man1/sess_id.1.xz /usr/share/man/man1/sha.1.xz /usr/share/man/man1/sha1.1.xz /usr/share/man/man1/sha224.1.xz /usr/share/man/man1/sha256.1.xz /usr/share/man/man1/sha384.1.xz /usr/share/man/man1/sha512.1.xz /usr/share/man/man1/smime.1.xz /usr/share/man/man1/speed.1.xz /usr/share/man/man1/spkac.1.xz /usr/share/man/man1/ssl-passwd.1.xz /usr/share/man/man1/ssl-rand.1.xz /usr/share/man/man1/ts.1.xz /usr/share/man/man1/verify.1.xz /usr/share/man/man1/version.1.xz /usr/share/man/man1/x509.1.xz /usr/share/man/man5/config.5.xz /usr/share/man/man5/x509v3_config.5.xz /usr/share/man/man7/crypto.7.xz /usr/share/man/man7/ct.7.xz /usr/share/man/man7/des_modes.7.xz /usr/share/man/man7/evp.7.xz /usr/share/man/man7/ssl.7.xz /usr/share/man/man7/x509.7.xz [gilles@localhost ~]$
[gilles@localhost ~]$ rpm -q compat-openssl10 compat-openssl10-1.0.2r-1.mga7 [gilles@localhost ~]$ rpm -q --list compat-openssl10 /usr/share/doc/compat-openssl10 /usr/share/doc/compat-openssl10/FAQ /usr/share/doc/compat-openssl10/NEWS /usr/share/doc/compat-openssl10/README /usr/share/licenses/compat-openssl10 /usr/share/licenses/compat-openssl10/LICENSE
With rpm --list --info, it's better : [gilles@localhost ~]$ rpm -q --list --info compat-openssl10 Name : compat-openssl10 Epoch : 1 Version : 1.0.2r Release : 1.mga7 Architecture: x86_64 Install Date: jeu. 04 avril 2019 03:49:45 CEST Group : System/Libraries Size : 47666 License : OpenSSL Signature : RSA/SHA256, mer. 27 févr. 2019 04:21:54 CET, Key ID b742fa8b80420f66 Source RPM : compat-openssl10-1.0.2r-1.mga7.src.rpm Build Date : mer. 27 févr. 2019 04:02:24 CET Build Host : localhost Relocations : (not relocatable) Packager : luigiwalser <luigiwalser> Vendor : Mageia.Org URL : http://www.openssl.org/ Summary : Compatibility version of the OpenSSL library Description : The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. /usr/share/doc/compat-openssl10 /usr/share/doc/compat-openssl10/FAQ /usr/share/doc/compat-openssl10/NEWS /usr/share/doc/compat-openssl10/README /usr/share/licenses/compat-openssl10 /usr/share/licenses/compat-openssl10/LICENSE
This one is also installed : [gilles@localhost ~]$ rpm -q --list --info lib64compat-openssl10_1.0.0 Name : lib64compat-openssl10_1.0.0 Epoch : 1 Version : 1.0.2r Release : 1.mga7 Architecture: x86_64 Install Date: jeu. 28 mars 2019 05:45:28 CET Group : System/Libraries Size : 2905691 License : OpenSSL Signature : RSA/SHA256, mer. 27 févr. 2019 04:21:53 CET, Key ID b742fa8b80420f66 Source RPM : compat-openssl10-1.0.2r-1.mga7.src.rpm Build Date : mer. 27 févr. 2019 04:02:24 CET Build Host : localhost Relocations : (not relocatable) Packager : luigiwalser <luigiwalser> Vendor : Mageia.Org URL : http://www.openssl.org/ Summary : Secure Sockets Layer communications libs Description : The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. /usr/lib/.build-id /usr/lib/.build-id/2a /usr/lib/.build-id/2a/3567880860314616f0d8bbaf0cd194da13fcc1 /usr/lib/.build-id/f3 /usr/lib/.build-id/f3/9e6e595dbb3897b6b917d2926ff71ee6088ae6 /usr/lib64/libcrypto.so.1.0.0 /usr/lib64/libssl.so.1.0.0 /usr/share/doc/lib64compat-openssl10_1.0.0 /usr/share/doc/lib64compat-openssl10_1.0.0/FAQ /usr/share/doc/lib64compat-openssl10_1.0.0/LICENSE /usr/share/doc/lib64compat-openssl10_1.0.0/NEWS /usr/share/doc/lib64compat-openssl10_1.0.0/README /usr/share/doc/lib64compat-openssl10_1.0.0/README.ASN1 /usr/share/doc/lib64compat-openssl10_1.0.0/README.ENGINE /usr/share/doc/lib64compat-openssl10_1.0.0/README.warning
This one installed too of course : [gilles@localhost ~]$ rpm -q --list --info lib64openssl1.1 Name : lib64openssl1.1 Version : 1.1.0j Release : 1.mga7 Architecture: x86_64 Install Date: sam. 02 mars 2019 09:10:42 CET Group : System/Libraries Size : 3409170 License : BSD-like Signature : RSA/SHA256, jeu. 22 nov. 2018 14:21:54 CET, Key ID b742fa8b80420f66 Source RPM : openssl-1.1.0j-1.mga7.src.rpm Build Date : jeu. 22 nov. 2018 13:54:39 CET Build Host : localhost Relocations : (not relocatable) Packager : ns80 <ns80> Vendor : Mageia.Org URL : http://www.openssl.org/ Summary : Secure Sockets Layer communications libs Description : The libraries files are needed for various cryptographic algorithms and protocols, including DES, RC4, RSA and SSL. /usr/lib/.build-id /usr/lib/.build-id/00 /usr/lib/.build-id/00/241b2605709cc38b92b95aede01653c851e443 /usr/lib/.build-id/3e /usr/lib/.build-id/3e/4877960eb451d0eafbb6eca4e4e289155941d3 /usr/lib/.build-id/43 /usr/lib/.build-id/43/1ae76805210387861795865966e906053d9cb1 /usr/lib/.build-id/a8 /usr/lib/.build-id/a8/afd7fcc887448c68d775e26b942821d5c0a639 /usr/lib/.build-id/ba /usr/lib/.build-id/ba/89f8e56c59392a3780be8932a348dda31b0ed2 /usr/lib64/engines-1.1 /usr/lib64/engines-1.1/afalg.so /usr/lib64/engines-1.1/capi.so /usr/lib64/engines-1.1/padlock.so /usr/lib64/libcrypto.so.1.1 /usr/lib64/libssl.so.1.1 /usr/share/doc/lib64openssl1.1 /usr/share/doc/lib64openssl1.1/FAQ /usr/share/doc/lib64openssl1.1/LICENSE /usr/share/doc/lib64openssl1.1/NEWS /usr/share/doc/lib64openssl1.1/README /usr/share/doc/lib64openssl1.1/README.ECC /usr/share/doc/lib64openssl1.1/README.ENGINE /usr/share/doc/lib64openssl1.1/README.FIPS
Humm, I have compared your openssl.cnf with mines: it is totally similar to the one coming from compat-openssl10-1.0.2o-3 package (which differs from the one from openssl-libs-1.1.1b-3 package, used as default on Fedora). So I understand why it works on your machine. But I don't know why this is different with Fedora (why different config files?). - I notice a slight different version between you (Maegia: 1.1.0j) and me (Fedora 1.1.1b). Probably not a problem ? - Why do you compile with openssl10 and not openssl11? - TO make appimage work with Fedora, maybe you could add in your appimage exe if
Humm, I have compared your openssl.cnf with mines: it is totally similar to the one coming from compat-openssl10-1.0.2o-3 package (which differs from the one from openssl-libs-1.1.1b-3 package, used as default on Fedora). So I understand why it works on your machine. But I don't know why this is different with Fedora (why different config files?). - I notice a slight different version between you (Maegia: 1.1.0j) and me (Fedora 1.1.1b). Probably not a problem ? - Why do you compile with openssl10 and not openssl11? - To make appimage work with Fedora, maybe you could add in your appimage exe something like: if [ -f /etc/pki/openssl10.cnf ] then export OPENSSL_CONF=/etc/pki/openssl10.cnf \ (but I could understand you don't want to add plenty of distro specific codes. But I don't know how else trying to solve this issue...)
- I notice a slight different version between you (Maegia: 1.1.0j) and me (Fedora 1.1.1b). Probably not a problem ? ==> No idea. Mageia7 beta2 is not yet finalized, but i'm sure that last openssl is used for possible security issue. - Why do you compile with openssl10 and not openssl11? ==> Because it's the last stable provided in standard in Centos6.10. It's a LTS support. There are 2 reasons also why 1.0 is used instead 1.1 : the binary compatibilty at run time, and the plenty of problems when packaging. I tried to use 1.1, but this need to package or revisite a large collection of libraries. This introduce also a double linking stage which mix 1.0 and 1.1 version. This create a mess in AppImage. - export OPENSSL_CONF=/etc/pki/openssl10.cnf : why not if this don't have a side effect. I will test here... Gilles Caulier
Nicofo, I tested your patch for AppRun script in AppImage bundle and it work fine under Mageia 6 (openssl 1.0) and Magiea7 (openssl 1.1) I restart the AppImage bundle 6.1.0 pre-release compilation now, and files will be available this evening for a final test under Fedora 29. Gilles Caulier
Git commit 8143e0c5c7475b3a90322e6868a56a806a1ba7b1 by Gilles Caulier. Committed on 06/04/2019 at 13:26. Pushed by cgilles into branch 'master'. add export rule for openssl config file if 1.1 version is used on host system M +5 -5 project/bundles/appimage/data/AppRun https://commits.kde.org/digikam/8143e0c5c7475b3a90322e6868a56a806a1ba7b1
Great, thanks ! I have tested both qtwebengine and qtwebkit versions and they are both working ! Notes: - with qtwebkit, 'google maps' map's view does not work (I realise now that this is not new: digikam-6.1.0-git-20190323T220709-x86-64 was already broken but digikam-6.1.0-git-20190304T120153-x86-64 was OK for google maps) - with qtwebengine, the mouse cursor when you hover a picture (in Thumbnails mode) has changed compared to qtwebkit (cursor like a hand) Anyway, this bug report can be closed for me. Thanks again !
Great. I can close finaly this file after few weeks of work (:=))). Note : googlemaps work here with QtWebkit as expected (from France). Perhaps it's a problem with the google cache in your country. About qtwebengine, it provided for testing only. we will not release digiKam 6.1.0 with this component. In fact i will again update Qt from 5.11.3 to next 5.12.3 when it will be available in few weeks. QtWebengine still not completely finalized for me, as i can see in Qt bugzilla. Gilles Caulier
(In reply to caulier.gilles from comment #68) > > Note : googlemaps work here with QtWebkit as expected (from France). Perhaps > it's a problem with the google cache in your country. OK, probably a cache problem indeed. I have rebooted the PC -> now it's working. > Great. I can close finaly this file after few weeks of work (:=))). Yeess ! Great job !