Closed NoraCodes closed 2 years ago
Looks like you have some kind of DPI/MiTM system in your network that hijack HTTPS connections, and you get this SSL certificate error. Please try to open https://update.flipperzero.one/builds/firmware/ in your browser. qFlipper downloads firmware from this address.
I am able to access that page without issue.
Looks like you have some kind of DPI/MiTM system in your network that hijack HTTPS connections, and you get this SSL certificate error.
Unless my ISP is doing this (and I don't think they are), I don't. I run my own home network and didn't set up anything like that, and I don't see this issue elsewhere.
Aww, looks i'm wrong
[qt.network.ssl] QSslSocket: cannot call unresolved function SSL_get_peer_certificate
means error with libs @gsurkov
@NoraCodes You seem to be using the yet unreleased Ubuntu 22.04. As far as I can see, they are switching to OpenSSL 3.0. qFlipper requires OpenSSL 1.1 which is not (yet) shipped by default with your distro.
As of now, the libssl-1.1
package is missing in 22.04, but it's possible to take it from the current stable release and install it manually, this should fix it.
Not only do I appear to be, I am! :) I'll install libssl-1.1 later to day and let you know if this solves the issue.
Out of curiosity, do you know why the SSL library isn't packaged in the AppImage?
Short answer: it's on the AppImage exclusion list. Long(ish) answer: Shipping every possible library within the AppImage would massively increase its size and introduce security issues because of outdated library versions. Certain libraries are considered unconditionally present on all Linux systems, and therefore not necessary to include. It works more or less well until a distro decides to break some dependencies. In this particular case, I was completely unaware of this change until you pointed it out.
I hope that Ubuntu devs will add libssl-1.1 in the final version because many programs still do depend on it, otherwise we will have to include it in the AppImage indeed.
That entirely makes sense! I will file an issue against the 22.04 beta.
Thanks! It would be nice if they at least added it in the main repository so it would be installable through apt-get.
Apparently openssl upstream is dropping support for 1.1 next year, so I doubt it will be included in 22.04, as it's an LTS release. Perhaps it would be possible to support 3.0 instead? (Or maybe package this as a .deb?)
Sorry for the hassle!
Distributions dropping stuff suddenly at will is becoming an increasing issue. Maybe we should just bundle all libraries in the AppImage (=empty excludelist) and call it a day. Tools like https://github.com/AppImageCrafters/appimage-builder and https://github.com/probonopd/go-appimage/tree/master/src/appimagetool -s deploy
are going that route.
Thanks! It would be nice if they at least added it in the main repository so it would be installable through apt-get.
Please do open an issue analog to this one:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1965636
@NoraCodes It won't be possible to easily transition to 3.0 now because the build is done on Ubuntu 18.04 lts for compatibility reasons, and the Qt packages there rely on openssl 1.1. Ubuntu .deb packages are discussed, but we are currenly lacking maintainers for that.
@probonopd As a quick fix, I probably will have to add openssl-1.1 to the AppImage, but bundling everything might not be a good idea depending on the resulting binary size and performance. I have already ran into issues with bundling some libs (e.g. libusb) which led to many weird bugs on different systems. I will experiment with that nevertheless of course and provide a working solution before or shortly after 22.04 release.
Fixed in 1.0.2. Ended up including libssl inside of AppImage bundle.
Describe the bug I was trying to update my Flipper from 0.50 to 0.53. When I opened qFlipper, I got the error message: "Cannot connect to update server."
To Reproduce Steps to reproduce the behavior:
Expected behavior qFlipper can contact the update server.
Actual behavior qFlipper could not contact the update server.
Additional troubleshooting
Additional context I'm using the Ubuntu 22.04 beta, but I seriously doubt this is an issue with that.
I was able to update by manually downloading the firmware file.