rpms/qt
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rediff the openssl-1.1 patch against unpatched Qt

Browse Source 
(The Debian patch only applies on top of their no-SSL3 patch.)
This commit is contained in:
Kevin Kofler 2018-01-05 12:14:02 +01:00
parent d749d06c3e
commit dc6c779515
1 changed files with 211 additions and 232 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

443
qt-everywhere-opensource-src-4.8.7-openssl-1.1.patch
View File

@ -1,27 +1,7 @@
Description: Compile with openssl-1.1.0
* Most changes are related to openssl structures are now opaque.
* The network/ssl threading setup has been disabled because the
old openssl threading model has been removed and is apparently
no longer needed.
* A number of new functions had to be imported (see changes to
src/network/ssl/qsslsocket_openssl_symbols.cpp)
Author: Gert Wollny <gw.fossdev@gmail.com>
Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Last-Update: 2017-11-07
Bug-Debian: http://bugs.debian.org/828522
---
src/network/ssl/qsslcertificate.cpp | 25 +++--
src/network/ssl/qsslkey.cpp | 11 ++
src/network/ssl/qsslsocket_openssl.cpp | 27 ++++-
src/network/ssl/qsslsocket_openssl_p.h | 4
src/network/ssl/qsslsocket_openssl_symbols.cpp | 118 +++++++++++++++++++++++++
src/network/ssl/qsslsocket_openssl_symbols_p.h | 76 ++++++++++++++++
6 files changed, 249 insertions(+), 12 deletions(-)
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -259,10 +259,10 @@ void QSslCertificate::clear()
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslcertificate.cpp
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslcertificate.cpp 2018-01-05 12:06:06.113994377 +0100
@@ -259,10 +259,10 @@
QByteArray QSslCertificate::version() const
{
QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
@ -35,7 +15,7 @@ Bug-Debian: http://bugs.debian.org/828522
return d->versionString;
}
@@ -276,7 +276,7 @@ QByteArray QSslCertificate::serialNumber
@@ -276,7 +276,7 @@
{
QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
if (d->serialNumberString.isEmpty() && d->x509) {
@ -44,7 +24,7 @@ Bug-Debian: http://bugs.debian.org/828522
// if we cannot convert to a long, just output the hexadecimal number
if (serialNumber->length > 4) {
QByteArray hexString;
@@ -489,24 +489,33 @@ QSslKey QSslCertificate::publicKey() con
@@ -489,24 +489,33 @@
QSslKey key;
key.d->type = QSsl::PublicKey;
@ -82,9 +62,10 @@ Bug-Debian: http://bugs.debian.org/828522
q_EVP_PKEY_free(pkey);
return key;
}
--- a/src/network/ssl/qsslkey.cpp
+++ b/src/network/ssl/qsslkey.cpp
@@ -321,8 +321,19 @@ int QSslKey::length() const
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslkey.cpp
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslkey.cpp 2018-01-05 12:06:06.335990971 +0100
@@ -321,8 +321,19 @@
{
if (d->isNull)
return -1;
@ -104,9 +85,10 @@ Bug-Debian: http://bugs.debian.org/828522
}
/*!
--- a/src/network/ssl/qsslsocket_openssl.cpp
+++ b/src/network/ssl/qsslsocket_openssl.cpp
@@ -93,6 +93,7 @@ bool QSslSocketPrivate::s_libraryLoaded
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl.cpp
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl.cpp 2018-01-05 12:06:06.336990956 +0100
@@ -93,6 +93,7 @@
bool QSslSocketPrivate::s_loadedCiphersAndCerts = false;
bool QSslSocketPrivate::s_loadRootCertsOnDemand = false;
@ -114,7 +96,7 @@ Bug-Debian: http://bugs.debian.org/828522
/* \internal
From OpenSSL's thread(3) manual page:
@@ -174,6 +175,8 @@ static unsigned long id_function()
@@ -174,6 +175,8 @@
}
} // extern "C"
@ -123,7 +105,7 @@ Bug-Debian: http://bugs.debian.org/828522
QSslSocketBackendPrivate::QSslSocketBackendPrivate()
: ssl(0),
ctx(0),
@@ -222,9 +225,12 @@ QSslCipher QSslSocketBackendPrivate::QSs
@@ -222,9 +225,12 @@
ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
@ -137,7 +119,7 @@ Bug-Debian: http://bugs.debian.org/828522
}
return ciph;
}
@@ -367,7 +373,7 @@ init_context:
@@ -363,7 +369,7 @@
//
// See also: QSslContext::fromConfiguration()
if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
@ -146,7 +128,7 @@ Bug-Debian: http://bugs.debian.org/828522
}
}
@@ -504,8 +510,10 @@ void QSslSocketBackendPrivate::destroySs
@@ -500,8 +506,10 @@
*/
void QSslSocketPrivate::deinitialize()
{
@ -157,7 +139,7 @@ Bug-Debian: http://bugs.debian.org/828522
}
/*!
@@ -526,13 +534,17 @@ bool QSslSocketPrivate::ensureLibraryLoa
@@ -522,13 +530,17 @@
return false;
// Check if the library itself needs to be initialized.
@ -175,7 +157,7 @@ Bug-Debian: http://bugs.debian.org/828522
if (q_SSL_library_init() != 1)
return false;
q_SSL_load_error_strings();
@@ -571,7 +583,9 @@ bool QSslSocketPrivate::ensureLibraryLoa
@@ -567,7 +579,9 @@
void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
{
@ -186,7 +168,7 @@ Bug-Debian: http://bugs.debian.org/828522
if (s_loadedCiphersAndCerts)
return;
s_loadedCiphersAndCerts = true;
@@ -663,13 +677,18 @@ void QSslSocketPrivate::resetDefaultCiph
@@ -659,13 +673,18 @@
STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
@ -206,168 +188,24 @@ Bug-Debian: http://bugs.debian.org/828522
}
}
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
@@ -213,9 +213,15 @@ int q_BIO_read(BIO *a, void *b, int c);
BIO_METHOD *q_BIO_s_mem();
int q_BIO_write(BIO *a, const void *b, int c);
int q_BN_num_bits(const BIGNUM *a);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_CRYPTO_num_locks();
void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int));
void q_CRYPTO_set_id_callback(unsigned long (*a)());
+#else
+#define q_CRYPTO_num_locks() 1
+#define q_CRYPTO_set_locking_callback(a)
+#define q_CRYPTO_set_id_callback(a)
+#endif
void q_CRYPTO_free(void *a);
void q_DSA_free(DSA *a);
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
@@ -258,6 +264,7 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R
void q_RAND_seed(const void *a, int b);
int q_RAND_status();
void q_RSA_free(RSA *a);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_sk_num(STACK *a);
void q_sk_pop_free(STACK *a, void (*b)(void *));
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
@@ -267,6 +274,16 @@ void * q_sk_value(STACK *a, int b);
void q_sk_free(STACK *a);
char * q_sk_value(STACK *a, int b);
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_p.h qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_p.h
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_p.h 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_p.h 2018-01-05 12:06:06.337990940 +0100
@@ -84,6 +84,10 @@
#include <openssl/tls1.h>
#endif
+#else
+int q_OPENSSL_sk_num(STACK *a);
+void q_OPENSSL_sk_pop_free(STACK *a, void (*b)(void *));
+void q_OPENSSL_sk_free(_STACK *a);
+void * q_OPENSSL_sk_value(STACK *a, int b);
+#define q_sk_num q_OPENSSL_sk_num
+#define q_sk_pop_free q_OPENSSL_sk_pop_free
+#define q_sk_free q_OPENSSL_sk_free
+#define q_sk_value q_OPENSSL_sk_value
+#endif
int q_SSL_accept(SSL *a);
int q_SSL_clear(SSL *a);
char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c);
@@ -314,8 +331,14 @@ long q_SSL_get_verify_result(const SSL *
#else
long q_SSL_get_verify_result(SSL *a);
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_SSL_library_init();
void q_SSL_load_error_strings();
+#else
+int q_OPENSSL_init_ssl(uint64_t opts, void *settings);
+#define q_SSL_library_init() q_OPENSSL_init_ssl(0, NULL)
+#define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#endif
SSL *q_SSL_new(SSL_CTX *a);
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
long q_SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
@@ -328,11 +351,21 @@ int q_SSL_shutdown(SSL *a);
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
const SSL_METHOD *q_SSLv2_client_method();
const SSL_METHOD *q_SSLv3_client_method();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
const SSL_METHOD *q_SSLv23_client_method();
+#else
+const SSL_METHOD *q_TLS_client_method();
+#define q_SSLv23_client_method q_TLS_client_method
+#endif
const SSL_METHOD *q_TLSv1_client_method();
const SSL_METHOD *q_SSLv2_server_method();
const SSL_METHOD *q_SSLv3_server_method();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
const SSL_METHOD *q_SSLv23_server_method();
+#else
+const SSL_METHOD *q_TLS_server_method();
+#define q_SSLv23_server_method q_TLS_server_method
+#endif
const SSL_METHOD *q_TLSv1_server_method();
#else
SSL_METHOD *q_SSLv2_client_method();
@@ -377,7 +410,12 @@ int q_X509_STORE_CTX_set_purpose(X509_ST
int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+#else
+STACK_OF(X509) *q_X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
+#define q_X509_STORE_CTX_get_chain q_X509_STORE_CTX_get0_chain
+#endif
#define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
#define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
@@ -399,7 +437,25 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
bp,(char *)x,enc,kstr,klen,cb,u)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#define OPENSSL_NO_SSL2
+#endif
+
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
typedef _STACK STACK;
#endif
+
+X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx);
+ASN1_INTEGER * q_X509_get_serialNumber(X509 *x);
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+#define q_X509_get_version(x) X509_get_version(x)
+#else
+int q_EVP_PKEY_id(const EVP_PKEY *pkey);
+int q_EVP_PKEY_base_id(const EVP_PKEY *pkey);
+int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+long q_SSL_CTX_set_options(SSL_CTX *ctx, long options);
+long q_X509_get_version(X509 *x);
+X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x);
+int q_RSA_bits(const RSA *rsa);
+int q_DSA_security_bits(const DSA *dsa);
+void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g);
+#endif
+
#define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
#define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i)
#define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))
@@ -410,8 +466,17 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
#define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
#define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define q_X509_get_notAfter(x) X509_get_notAfter(x)
#define q_X509_get_notBefore(x) X509_get_notBefore(x)
+#else
+ASN1_TIME *q_X509_getm_notAfter(X509 *x);
+ASN1_TIME *q_X509_getm_notBefore(X509 *x);
+#define q_X509_get_notAfter(x) q_X509_getm_notAfter(x)
+#define q_X509_get_notBefore(x) q_X509_getm_notBefore(x)
+#endif
+
#define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
#define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
@@ -421,10 +486,21 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
#else
#define q_OpenSSL_add_all_algorithms() q_OPENSSL_add_all_algorithms_noconf()
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
void q_OPENSSL_add_all_algorithms_noconf();
void q_OPENSSL_add_all_algorithms_conf();
+#else
+int q_OPENSSL_init_crypto(uint64_t opts, void *settings);
+#define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL)
+# define q_OPENSSL_add_all_algorithms_noconf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+#endif
int q_SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
long q_SSLeay();
+#else
+unsigned long q_OpenSSL_version_num();
+#define q_SSLeay q_OpenSSL_version_num
+#endif
// Helper function
class QDateTime;
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -117,9 +117,11 @@ DEFINEFUNC3(int, BIO_read, BIO *a, a, vo
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols.cpp
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols.cpp 2018-01-05 12:11:43.923809321 +0100
@@ -117,9 +117,11 @@
DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return)
DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return)
@ -379,7 +217,7 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG)
DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG)
#if OPENSSL_VERSION_NUMBER < 0x00908000L
@@ -157,6 +159,7 @@ DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKE
@@ -157,6 +159,7 @@
DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG)
DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return)
DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG)
@ -387,7 +225,7 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
@@ -166,6 +169,12 @@ DEFINEFUNC2(void *, sk_value, STACK *a,
@@ -166,6 +169,12 @@
DEFINEFUNC(void, sk_free, STACK *a, a, return, DUMMYARG)
DEFINEFUNC2(char *, sk_value, STACK *a, a, int b, b, return 0, return)
#endif
@ -400,7 +238,7 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return)
DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return)
DEFINEFUNC3(char *, SSL_CIPHER_description, SSL_CIPHER *a, a, char *b, b, int c, c, return 0, return)
@@ -213,8 +222,12 @@ DEFINEFUNC(long, SSL_get_verify_result,
@@ -213,8 +222,12 @@
#else
DEFINEFUNC(long, SSL_get_verify_result, SSL *a, a, return -1, return)
#endif
@ -413,10 +251,10 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return 0, return)
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return)
@@ -231,7 +244,11 @@ DEFINEFUNC(const SSL_METHOD *, SSLv2_cli
#ifndef OPENSSL_NO_SSL3_METHOD
DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
@@ -229,13 +242,21 @@
DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
#endif
DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+#else
@ -425,10 +263,8 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
#ifndef OPENSSL_NO_SSL2
DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
@@ -239,7 +256,11 @@ DEFINEFUNC(const SSL_METHOD *, SSLv2_ser
#ifndef OPENSSL_NO_SSL3_METHOD
DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
#endif
DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+#else
@ -437,7 +273,7 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
#else
DEFINEFUNC(SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
@@ -278,7 +299,11 @@ DEFINEFUNC2(int, X509_STORE_CTX_set_purp
@@ -274,7 +295,11 @@
DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return)
DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return)
DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return 0, return)
@ -449,7 +285,7 @@ Bug-Debian: http://bugs.debian.org/828522
DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return 0, return)
#ifdef SSLEAY_MACROS
DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return)
@@ -286,10 +311,39 @@ DEFINEFUNC2(int, i2d_RSAPrivateKey, cons
@@ -282,10 +307,39 @@
DEFINEFUNC3(RSA *, d2i_RSAPrivateKey, RSA **a, a, unsigned char **b, b, long c, c, return 0, return)
DEFINEFUNC3(DSA *, d2i_DSAPrivateKey, DSA **a, a, unsigned char **b, b, long c, c, return 0, return)
#endif
@ -489,7 +325,7 @@ Bug-Debian: http://bugs.debian.org/828522
#ifdef Q_OS_SYMBIAN
#define RESOLVEFUNC(func, ordinal, lib) \
@@ -584,7 +638,11 @@ bool q_resolveOpenSslSymbols()
@@ -580,7 +634,11 @@
static volatile bool symbolsResolved = false;
static volatile bool triedToResolveSymbols = false;
#ifndef QT_NO_THREAD
@ -501,7 +337,7 @@ Bug-Debian: http://bugs.debian.org/828522
#endif
if (symbolsResolved)
return true;
@@ -618,9 +676,11 @@ bool q_resolveOpenSslSymbols()
@@ -614,9 +672,11 @@
RESOLVEFUNC(BIO_write, 269, libs.second )
RESOLVEFUNC(BN_num_bits, 387, libs.second )
RESOLVEFUNC(CRYPTO_free, 469, libs.second )
@ -513,7 +349,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(DSA_free, 594, libs.second )
RESOLVEFUNC(ERR_error_string, 744, libs.second )
RESOLVEFUNC(ERR_get_error, 749, libs.second )
@@ -678,8 +738,10 @@ bool q_resolveOpenSslSymbols()
@@ -674,8 +734,10 @@
RESOLVEFUNC(SSL_get_peer_cert_chain, 117, libs.first )
RESOLVEFUNC(SSL_get_peer_certificate, 118, libs.first )
RESOLVEFUNC(SSL_get_verify_result, 132, libs.first )
@ -524,7 +360,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(SSL_new, 140, libs.first )
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
RESOLVEFUNC(SSL_ctrl, 95, libs.first )
@@ -751,9 +813,11 @@ bool q_resolveOpenSslSymbols()
@@ -747,9 +809,11 @@
RESOLVEFUNC(BIO_write)
RESOLVEFUNC(BN_num_bits)
RESOLVEFUNC(CRYPTO_free)
@ -536,7 +372,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(DSA_free)
RESOLVEFUNC(ERR_error_string)
RESOLVEFUNC(ERR_get_error)
@@ -783,10 +847,17 @@ bool q_resolveOpenSslSymbols()
@@ -779,10 +843,17 @@
RESOLVEFUNC(RAND_seed)
RESOLVEFUNC(RAND_status)
RESOLVEFUNC(RSA_free)
@ -554,7 +390,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(SSL_CIPHER_description)
RESOLVEFUNC(SSL_CTX_check_private_key)
RESOLVEFUNC(SSL_CTX_ctrl)
@@ -801,6 +872,7 @@ bool q_resolveOpenSslSymbols()
@@ -797,6 +868,7 @@
RESOLVEFUNC(SSL_CTX_use_PrivateKey)
RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
@ -562,7 +398,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(SSL_accept)
RESOLVEFUNC(SSL_clear)
RESOLVEFUNC(SSL_connect)
@@ -811,8 +883,12 @@ bool q_resolveOpenSslSymbols()
@@ -807,8 +879,12 @@
RESOLVEFUNC(SSL_get_peer_cert_chain)
RESOLVEFUNC(SSL_get_peer_certificate)
RESOLVEFUNC(SSL_get_verify_result)
@ -575,7 +411,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(SSL_new)
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
RESOLVEFUNC(SSL_ctrl)
@@ -823,13 +899,39 @@ bool q_resolveOpenSslSymbols()
@@ -819,17 +895,47 @@
RESOLVEFUNC(SSL_set_connect_state)
RESOLVEFUNC(SSL_shutdown)
RESOLVEFUNC(SSL_write)
@ -604,9 +440,7 @@ Bug-Debian: http://bugs.debian.org/828522
#ifndef OPENSSL_NO_SSL2
RESOLVEFUNC(SSLv2_client_method)
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
RESOLVEFUNC(SSLv3_client_method)
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
RESOLVEFUNC(SSLv23_client_method)
+#else
@ -615,10 +449,8 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(TLSv1_client_method)
#ifndef OPENSSL_NO_SSL2
RESOLVEFUNC(SSLv2_server_method)
@@ -837,7 +939,11 @@ bool q_resolveOpenSslSymbols()
#ifndef OPENSSL_NO_SSL3_METHOD
RESOLVEFUNC(SSLv3_server_method)
#endif
RESOLVEFUNC(SSLv3_server_method)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
RESOLVEFUNC(SSLv23_server_method)
+#else
@ -627,7 +459,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(TLSv1_server_method)
RESOLVEFUNC(X509_NAME_entry_count)
RESOLVEFUNC(X509_NAME_get_entry)
@@ -854,7 +960,11 @@ bool q_resolveOpenSslSymbols()
@@ -846,7 +952,11 @@
RESOLVEFUNC(X509_STORE_CTX_get_error)
RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
@ -639,7 +471,7 @@ Bug-Debian: http://bugs.debian.org/828522
RESOLVEFUNC(X509_cmp)
#ifndef SSLEAY_MACROS
RESOLVEFUNC(X509_dup)
@@ -875,10 +985,18 @@ bool q_resolveOpenSslSymbols()
@@ -867,10 +977,18 @@
RESOLVEFUNC(d2i_DSAPrivateKey)
RESOLVEFUNC(d2i_RSAPrivateKey)
#endif
@ -658,16 +490,163 @@ Bug-Debian: http://bugs.debian.org/828522
#endif // Q_OS_SYMBIAN
symbolsResolved = true;
delete libs.first;
--- a/src/network/ssl/qsslsocket_openssl_p.h
+++ b/src/network/ssl/qsslsocket_openssl_p.h
@@ -84,6 +84,10 @@
#include <openssl/tls1.h>
diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols_p.h
--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-07 16:14:44.000000000 +0200
+++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols_p.h 2018-01-05 12:06:06.336990956 +0100
@@ -213,9 +213,15 @@
BIO_METHOD *q_BIO_s_mem();
int q_BIO_write(BIO *a, const void *b, int c);
int q_BN_num_bits(const BIGNUM *a);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_CRYPTO_num_locks();
void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int));
void q_CRYPTO_set_id_callback(unsigned long (*a)());
+#else
+#define q_CRYPTO_num_locks() 1
+#define q_CRYPTO_set_locking_callback(a)
+#define q_CRYPTO_set_id_callback(a)
+#endif
void q_CRYPTO_free(void *a);
void q_DSA_free(DSA *a);
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
@@ -258,6 +264,7 @@
void q_RAND_seed(const void *a, int b);
int q_RAND_status();
void q_RSA_free(RSA *a);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_sk_num(STACK *a);
void q_sk_pop_free(STACK *a, void (*b)(void *));
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
@@ -267,6 +274,16 @@
void q_sk_free(STACK *a);
char * q_sk_value(STACK *a, int b);
#endif
+#else
+int q_OPENSSL_sk_num(STACK *a);
+void q_OPENSSL_sk_pop_free(STACK *a, void (*b)(void *));
+void q_OPENSSL_sk_free(_STACK *a);
+void * q_OPENSSL_sk_value(STACK *a, int b);
+#define q_sk_num q_OPENSSL_sk_num
+#define q_sk_pop_free q_OPENSSL_sk_pop_free
+#define q_sk_free q_OPENSSL_sk_free
+#define q_sk_value q_OPENSSL_sk_value
+#endif
int q_SSL_accept(SSL *a);
int q_SSL_clear(SSL *a);
char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c);
@@ -314,8 +331,14 @@
#else
long q_SSL_get_verify_result(SSL *a);
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
int q_SSL_library_init();
void q_SSL_load_error_strings();
+#else
+int q_OPENSSL_init_ssl(uint64_t opts, void *settings);
+#define q_SSL_library_init() q_OPENSSL_init_ssl(0, NULL)
+#define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
+#endif
SSL *q_SSL_new(SSL_CTX *a);
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
long q_SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg);
@@ -328,11 +351,21 @@
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
const SSL_METHOD *q_SSLv2_client_method();
const SSL_METHOD *q_SSLv3_client_method();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
const SSL_METHOD *q_SSLv23_client_method();
+#else
+const SSL_METHOD *q_TLS_client_method();
+#define q_SSLv23_client_method q_TLS_client_method
+#endif
const SSL_METHOD *q_TLSv1_client_method();
const SSL_METHOD *q_SSLv2_server_method();
const SSL_METHOD *q_SSLv3_server_method();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
const SSL_METHOD *q_SSLv23_server_method();
+#else
+const SSL_METHOD *q_TLS_server_method();
+#define q_SSLv23_server_method q_TLS_server_method
+#endif
const SSL_METHOD *q_TLSv1_server_method();
#else
SSL_METHOD *q_SSLv2_client_method();
@@ -377,7 +410,12 @@
int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+#else
+STACK_OF(X509) *q_X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx);
+#define q_X509_STORE_CTX_get_chain q_X509_STORE_CTX_get0_chain
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#define OPENSSL_NO_SSL2
#define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
#define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
@@ -399,7 +437,25 @@
PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
bp,(char *)x,enc,kstr,klen,cb,u)
#endif
+
+X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx);
+ASN1_INTEGER * q_X509_get_serialNumber(X509 *x);
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+#define q_X509_get_version(x) X509_get_version(x)
+#else
+int q_EVP_PKEY_id(const EVP_PKEY *pkey);
+int q_EVP_PKEY_base_id(const EVP_PKEY *pkey);
+int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+long q_SSL_CTX_set_options(SSL_CTX *ctx, long options);
+long q_X509_get_version(X509 *x);
+X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x);
+int q_RSA_bits(const RSA *rsa);
+int q_DSA_security_bits(const DSA *dsa);
+void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g);
+#endif
+
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
typedef _STACK STACK;
#define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
#define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i)
#define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))
@@ -410,8 +466,17 @@
#define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
#define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define q_X509_get_notAfter(x) X509_get_notAfter(x)
#define q_X509_get_notBefore(x) X509_get_notBefore(x)
+#else
+ASN1_TIME *q_X509_getm_notAfter(X509 *x);
+ASN1_TIME *q_X509_getm_notBefore(X509 *x);
+#define q_X509_get_notAfter(x) q_X509_getm_notAfter(x)
+#define q_X509_get_notBefore(x) q_X509_getm_notBefore(x)
+#endif
+
#define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
#define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
@@ -421,10 +486,21 @@
#else
#define q_OpenSSL_add_all_algorithms() q_OPENSSL_add_all_algorithms_noconf()
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
void q_OPENSSL_add_all_algorithms_noconf();
void q_OPENSSL_add_all_algorithms_conf();
+#else
+int q_OPENSSL_init_crypto(uint64_t opts, void *settings);
+#define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL)
+# define q_OPENSSL_add_all_algorithms_noconf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL)
+#endif
int q_SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
long q_SSLeay();
+#else
+unsigned long q_OpenSSL_version_num();
+#define q_SSLeay q_OpenSSL_version_num
+#endif
// Helper function
class QDateTime;