]>
Commit | Line | Data |
---|---|---|
28e099cc AM |
1 | Description: Compile with openssl-1.1.0 |
2 | * Most changes are related to openssl structures are now opaque. | |
3 | * The network/ssl threading setup has been disabled because the | |
4 | old openssl threading model has been removed and is apparently | |
5 | no longer needed. | |
6 | * A number of new functions had to be imported (see changes to | |
7 | src/network/ssl/qsslsocket_openssl_symbols.cpp) | |
8 | Author: Gert Wollny <gw.fossdev@gmail.com> | |
9 | Last-Update: 2016-06-28 | |
10 | Bug-Debian: http://bugs.debian.org/828522 | |
11 | ||
12 | --- a/src/network/ssl/qsslcertificate.cpp | |
13 | +++ b/src/network/ssl/qsslcertificate.cpp | |
14 | @@ -259,10 +259,10 @@ | |
15 | QByteArray QSslCertificate::version() const | |
16 | { | |
17 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | |
18 | - if (d->versionString.isEmpty() && d->x509) | |
19 | + if (d->versionString.isEmpty() && d->x509) { | |
20 | d->versionString = | |
21 | - QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1); | |
22 | - | |
23 | + QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1); | |
24 | + } | |
25 | return d->versionString; | |
26 | } | |
27 | ||
28 | @@ -276,7 +276,7 @@ | |
29 | { | |
30 | QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); | |
31 | if (d->serialNumberString.isEmpty() && d->x509) { | |
32 | - ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; | |
33 | + ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509); | |
34 | // if we cannot convert to a long, just output the hexadecimal number | |
35 | if (serialNumber->length > 4) { | |
36 | QByteArray hexString; | |
37 | @@ -489,24 +489,33 @@ | |
38 | QSslKey key; | |
39 | ||
40 | key.d->type = QSsl::PublicKey; | |
41 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
42 | X509_PUBKEY *xkey = d->x509->cert_info->key; | |
43 | +#else | |
44 | + X509_PUBKEY *xkey = q_X509_get_X509_PUBKEY(d->x509); | |
45 | +#endif | |
46 | EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); | |
47 | Q_ASSERT(pkey); | |
48 | ||
49 | - if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) { | |
50 | + int key_id; | |
51 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
52 | + key_id = q_EVP_PKEY_type(pkey->type); | |
53 | +#else | |
54 | + key_id = q_EVP_PKEY_base_id(pkey); | |
55 | +#endif | |
56 | + if (key_id == EVP_PKEY_RSA) { | |
57 | key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); | |
58 | key.d->algorithm = QSsl::Rsa; | |
59 | key.d->isNull = false; | |
60 | - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { | |
61 | + } else if (key_id == EVP_PKEY_DSA) { | |
62 | key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); | |
63 | key.d->algorithm = QSsl::Dsa; | |
64 | key.d->isNull = false; | |
65 | - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) { | |
66 | + } else if (key_id == EVP_PKEY_DH) { | |
67 | // DH unsupported | |
68 | } else { | |
69 | // error? | |
70 | } | |
71 | - | |
72 | q_EVP_PKEY_free(pkey); | |
73 | return key; | |
74 | } | |
75 | --- a/src/network/ssl/qsslkey.cpp | |
76 | +++ b/src/network/ssl/qsslkey.cpp | |
77 | @@ -321,8 +321,19 @@ | |
78 | { | |
79 | if (d->isNull) | |
80 | return -1; | |
81 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
82 | return (d->algorithm == QSsl::Rsa) | |
83 | ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p); | |
84 | +#else | |
85 | + if (d->algorithm == QSsl::Rsa) { | |
86 | + return q_RSA_bits(d->rsa); | |
87 | + }else{ | |
88 | + BIGNUM *p = NULL; | |
89 | + q_DSA_get0_pqg(d->dsa, &p, NULL, NULL); | |
90 | + return q_BN_num_bits(p); | |
91 | + } | |
92 | +#endif | |
93 | + | |
94 | } | |
95 | ||
96 | /*! | |
97 | --- a/src/network/ssl/qsslsocket_openssl.cpp | |
98 | +++ b/src/network/ssl/qsslsocket_openssl.cpp | |
99 | @@ -93,6 +93,7 @@ | |
100 | bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; | |
101 | bool QSslSocketPrivate::s_loadRootCertsOnDemand = false; | |
102 | ||
103 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
104 | /* \internal | |
105 | ||
106 | From OpenSSL's thread(3) manual page: | |
107 | @@ -174,6 +175,8 @@ | |
108 | } | |
109 | } // extern "C" | |
110 | ||
111 | +#endif //OPENSSL_VERSION_NUMBER >= 0x10100000L | |
112 | + | |
113 | QSslSocketBackendPrivate::QSslSocketBackendPrivate() | |
114 | : ssl(0), | |
115 | ctx(0), | |
116 | @@ -222,9 +225,12 @@ | |
117 | ciph.d->encryptionMethod = descriptionList.at(4).mid(4); | |
118 | ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export")); | |
119 | ||
120 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
121 | ciph.d->bits = cipher->strength_bits; | |
122 | ciph.d->supportedBits = cipher->alg_bits; | |
123 | - | |
124 | +#else | |
125 | + ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits); | |
126 | +#endif | |
127 | } | |
128 | return ciph; | |
129 | } | |
130 | @@ -367,7 +373,7 @@ | |
131 | // | |
132 | // See also: QSslContext::fromConfiguration() | |
133 | if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { | |
134 | - q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle()); | |
135 | + q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle()); | |
136 | } | |
137 | } | |
138 | ||
139 | @@ -504,8 +510,10 @@ | |
140 | */ | |
141 | void QSslSocketPrivate::deinitialize() | |
142 | { | |
143 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
144 | q_CRYPTO_set_id_callback(0); | |
145 | q_CRYPTO_set_locking_callback(0); | |
146 | +#endif | |
147 | } | |
148 | ||
149 | /*! | |
150 | @@ -526,13 +534,17 @@ | |
151 | return false; | |
152 | ||
153 | // Check if the library itself needs to be initialized. | |
154 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
155 | QMutexLocker locker(openssl_locks()->initLock()); | |
156 | +#endif | |
157 | if (!s_libraryLoaded) { | |
158 | s_libraryLoaded = true; | |
159 | ||
160 | // Initialize OpenSSL. | |
161 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
162 | q_CRYPTO_set_id_callback(id_function); | |
163 | q_CRYPTO_set_locking_callback(locking_function); | |
164 | +#endif | |
165 | if (q_SSL_library_init() != 1) | |
166 | return false; | |
167 | q_SSL_load_error_strings(); | |
168 | @@ -571,7 +583,9 @@ | |
169 | ||
170 | void QSslSocketPrivate::ensureCiphersAndCertsLoaded() | |
171 | { | |
172 | - QMutexLocker locker(openssl_locks()->initLock()); | |
173 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
174 | + QMutexLocker locker(openssl_locks()->initLock()); | |
175 | +#endif | |
176 | if (s_loadedCiphersAndCerts) | |
177 | return; | |
178 | s_loadedCiphersAndCerts = true; | |
179 | @@ -663,13 +677,18 @@ | |
180 | STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); | |
181 | for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { | |
182 | if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { | |
183 | - if (cipher->valid) { | |
184 | + | |
185 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
186 | + if (cipher->valid) { | |
187 | +#endif | |
188 | QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); | |
189 | if (!ciph.isNull()) { | |
190 | if (!ciph.name().toLower().startsWith(QLatin1String("adh"))) | |
191 | ciphers << ciph; | |
192 | } | |
193 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
194 | } | |
195 | +#endif | |
196 | } | |
197 | } | |
198 | ||
199 | --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h | |
200 | +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h | |
201 | @@ -399,7 +399,25 @@ | |
202 | PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ | |
203 | bp,(char *)x,enc,kstr,klen,cb,u) | |
204 | #endif | |
205 | + | |
206 | +X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx); | |
207 | +ASN1_INTEGER * q_X509_get_serialNumber(X509 *x); | |
208 | + | |
209 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
210 | #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) | |
211 | +#define q_X509_get_version(x) X509_get_version(x) | |
212 | +#else | |
213 | +int q_EVP_PKEY_id(const EVP_PKEY *pkey); | |
214 | +int q_EVP_PKEY_base_id(const EVP_PKEY *pkey); | |
215 | +int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); | |
216 | +long q_SSL_CTX_set_options(SSL_CTX *ctx, long options); | |
217 | +long q_X509_get_version(X509 *x); | |
218 | +X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); | |
219 | +int q_RSA_bits(const RSA *rsa); | |
220 | +int q_DSA_security_bits(const DSA *dsa); | |
221 | +void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); | |
222 | +#endif | |
223 | + | |
224 | #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) | |
225 | #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) | |
226 | #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) | |
227 | @@ -410,8 +428,15 @@ | |
228 | #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i)) | |
229 | #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \ | |
230 | q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) | |
231 | + | |
232 | +#if OPENSSL_VERSION_NUMBER < 0x10100000L | |
233 | #define q_X509_get_notAfter(x) X509_get_notAfter(x) | |
234 | #define q_X509_get_notBefore(x) X509_get_notBefore(x) | |
235 | +#else | |
236 | +ASN1_TIME *q_X509_get_notAfter(X509 *x); | |
237 | +ASN1_TIME *q_X509_get_notBefore(X509 *x); | |
238 | +#endif | |
239 | + | |
240 | #define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ | |
241 | (char *)(rsa)) | |
242 | #define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ | |
243 | --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp | |
244 | +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp | |
245 | @@ -290,6 +290,22 @@ | |
246 | DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG) | |
247 | DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return) | |
248 | DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return) | |
249 | +DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *ctx, ctx, return 0, return) | |
250 | + | |
251 | +DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *x, x, return 0, return) | |
252 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
253 | +DEFINEFUNC(int, EVP_PKEY_id, const EVP_PKEY *pkey, pkey, return 0, return) | |
254 | +DEFINEFUNC(int, EVP_PKEY_base_id, const EVP_PKEY *pkey, pkey, return 0, return) | |
255 | +DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *cipher, cipher, int *alg_bits, alg_bits, return 0, return) | |
256 | +DEFINEFUNC2(long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, long options, options, return 0, return) | |
257 | +DEFINEFUNC(long, X509_get_version, X509 *x, x, return 0, return) | |
258 | +DEFINEFUNC(X509_PUBKEY *, X509_get_X509_PUBKEY, X509 *x, x, return 0, return) | |
259 | +DEFINEFUNC(int, RSA_bits, const RSA *rsa, rsa, return 0, return) | |
260 | +DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return) | |
261 | +DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return) | |
262 | +DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return) | |
263 | +DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return) | |
264 | +#endif | |
265 | ||
266 | #ifdef Q_OS_SYMBIAN | |
267 | #define RESOLVEFUNC(func, ordinal, lib) \ | |
268 | @@ -801,6 +817,7 @@ | |
269 | RESOLVEFUNC(SSL_CTX_use_PrivateKey) | |
270 | RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) | |
271 | RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) | |
272 | + RESOLVEFUNC(SSL_CTX_get_cert_store) | |
273 | RESOLVEFUNC(SSL_accept) | |
274 | RESOLVEFUNC(SSL_clear) | |
275 | RESOLVEFUNC(SSL_connect) | |
276 | @@ -823,6 +840,23 @@ | |
277 | RESOLVEFUNC(SSL_set_connect_state) | |
278 | RESOLVEFUNC(SSL_shutdown) | |
279 | RESOLVEFUNC(SSL_write) | |
280 | + | |
281 | + RESOLVEFUNC(X509_get_serialNumber) | |
282 | +#if OPENSSL_VERSION_NUMBER >= 0x10100000L | |
283 | + RESOLVEFUNC(SSL_CTX_ctrl) | |
284 | + RESOLVEFUNC(EVP_PKEY_id) | |
285 | + RESOLVEFUNC(EVP_PKEY_base_id) | |
286 | + RESOLVEFUNC(SSL_CIPHER_get_bits) | |
287 | + RESOLVEFUNC(SSL_CTX_set_options) | |
288 | + RESOLVEFUNC(X509_get_version) | |
289 | + RESOLVEFUNC(X509_get_X509_PUBKEY) | |
290 | + RESOLVEFUNC(RSA_bits) | |
291 | + RESOLVEFUNC(DSA_security_bits) | |
292 | + RESOLVEFUNC(DSA_get0_pqg) | |
293 | + RESOLVEFUNC(X509_get_notAfter) | |
294 | + RESOLVEFUNC(X509_get_notBefore) | |
295 | +#endif | |
296 | + | |
297 | #ifndef OPENSSL_NO_SSL2 | |
298 | RESOLVEFUNC(SSLv2_client_method) | |
299 | #endif | |
300 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp.0131~ 2017-03-15 02:22:37.053244125 +0100 | |
301 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp 2017-03-15 02:22:37.055244057 +0100 | |
302 | @@ -328,7 +328,7 @@ int QSslKey::length() const | |
303 | if (d->algorithm == QSsl::Rsa) { | |
304 | return q_RSA_bits(d->rsa); | |
305 | }else{ | |
306 | - BIGNUM *p = NULL; | |
307 | + const BIGNUM *p = NULL; | |
308 | q_DSA_get0_pqg(d->dsa, &p, NULL, NULL); | |
309 | return q_BN_num_bits(p); | |
310 | } | |
311 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp.0131~ 2017-03-15 02:22:37.054244091 +0100 | |
312 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2017-03-15 02:29:41.155236836 +0100 | |
313 | @@ -111,16 +111,16 @@ DEFINEFUNC(int, ASN1_STRING_length, ASN1 | |
314 | DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return); | |
315 | DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return) | |
316 | DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return) | |
317 | -DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return 0, return) | |
318 | +DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return 0, return) | |
319 | DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return 0, return) | |
320 | DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return) | |
321 | -DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) | |
322 | +DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) | |
323 | DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) | |
324 | DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) | |
325 | DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return) | |
326 | DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG) | |
327 | DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG) | |
328 | -DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) | |
329 | +DEFINEFUNC(void, OPENSSL_free, void *a, a, return, DUMMYARG) | |
330 | DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) | |
331 | #if OPENSSL_VERSION_NUMBER < 0x00908000L | |
332 | DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return) | |
333 | @@ -300,7 +300,7 @@ DEFINEFUNC(int, RSA_bits, const RSA *rs | |
334 | DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return) | |
335 | DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return) | |
336 | DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return) | |
337 | -DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return) | |
338 | +DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, return) | |
339 | #endif | |
340 | ||
341 | #ifdef Q_OS_SYMBIAN | |
342 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h.0131~ 2017-03-15 02:22:37.054244091 +0100 | |
343 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h 2017-03-15 02:29:50.192986268 +0100 | |
344 | @@ -59,6 +59,12 @@ | |
345 | QT_BEGIN_NAMESPACE | |
346 | ||
347 | #define DUMMYARG | |
348 | +#ifndef OPENSSL_NO_SSL2 | |
349 | +#define OPENSSL_NO_SSL2 1 | |
350 | +#endif | |
351 | +#ifndef OPENSSL_NO_SSL3 | |
352 | +#define OPENSSL_NO_SSL3 1 | |
353 | +#endif | |
354 | ||
355 | #if !defined QT_LINKED_OPENSSL | |
356 | // **************** Shared declarations ****************** | |
357 | @@ -207,16 +213,16 @@ int q_ASN1_STRING_length(ASN1_STRING *a) | |
358 | int q_ASN1_STRING_to_UTF8(unsigned char **a, ASN1_STRING *b); | |
359 | long q_BIO_ctrl(BIO *a, int b, long c, void *d); | |
360 | int q_BIO_free(BIO *a); | |
361 | -BIO *q_BIO_new(BIO_METHOD *a); | |
362 | +BIO *q_BIO_new(const BIO_METHOD *a); | |
363 | BIO *q_BIO_new_mem_buf(void *a, int b); | |
364 | int q_BIO_read(BIO *a, void *b, int c); | |
365 | -BIO_METHOD *q_BIO_s_mem(); | |
366 | +const BIO_METHOD *q_BIO_s_mem(); | |
367 | int q_BIO_write(BIO *a, const void *b, int c); | |
368 | int q_BN_num_bits(const BIGNUM *a); | |
369 | int q_CRYPTO_num_locks(); | |
370 | void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int)); | |
371 | void q_CRYPTO_set_id_callback(unsigned long (*a)()); | |
372 | -void q_CRYPTO_free(void *a); | |
373 | +void q_OPENSSL_free(void *a); | |
374 | void q_DSA_free(DSA *a); | |
375 | #if OPENSSL_VERSION_NUMBER >= 0x00908000L | |
376 | // 0.9.8 broke SC and BC by changing this function's signature. | |
377 | @@ -326,7 +332,6 @@ void q_SSL_set_accept_state(SSL *a); | |
378 | void q_SSL_set_connect_state(SSL *a); | |
379 | int q_SSL_shutdown(SSL *a); | |
380 | #if OPENSSL_VERSION_NUMBER >= 0x10000000L | |
381 | -const SSL_METHOD *q_SSLv2_client_method(); | |
382 | const SSL_METHOD *q_SSLv3_client_method(); | |
383 | const SSL_METHOD *q_SSLv23_client_method(); | |
384 | const SSL_METHOD *q_TLSv1_client_method(); | |
385 | @@ -335,7 +340,6 @@ const SSL_METHOD *q_SSLv3_server_method( | |
386 | const SSL_METHOD *q_SSLv23_server_method(); | |
387 | const SSL_METHOD *q_TLSv1_server_method(); | |
388 | #else | |
389 | -SSL_METHOD *q_SSLv2_client_method(); | |
390 | SSL_METHOD *q_SSLv3_client_method(); | |
391 | SSL_METHOD *q_SSLv23_client_method(); | |
392 | SSL_METHOD *q_TLSv1_client_method(); | |
393 | @@ -415,7 +419,7 @@ long q_X509_get_version(X509 *x); | |
394 | X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); | |
395 | int q_RSA_bits(const RSA *rsa); | |
396 | int q_DSA_security_bits(const DSA *dsa); | |
397 | -void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); | |
398 | +void q_DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); | |
399 | #endif | |
400 | ||
401 | #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) | |
402 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp.omv~ 2017-03-15 02:27:18.143322736 +0100 | |
403 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp 2017-03-15 02:29:56.215819741 +0100 | |
404 | @@ -696,7 +696,7 @@ | |
405 | unsigned char *data = 0; | |
406 | int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e)); | |
407 | info[QString::fromUtf8(obj)] = QString::fromUtf8((char*)data, size); | |
408 | - q_CRYPTO_free(data); | |
409 | + q_OPENSSL_free(data); | |
410 | } | |
411 | return info; | |
412 | } | |
413 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp~ 2018-09-15 19:28:24.000000000 +0200 | |
414 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2018-09-15 22:33:03.704329933 +0200 | |
415 | @@ -228,13 +228,17 @@ DEFINEFUNC(int, SSL_shutdown, SSL *a, a, | |
416 | #ifndef OPENSSL_NO_SSL2 | |
417 | DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) | |
418 | #endif | |
419 | +#ifndef OPENSSL_NO_SSL3 | |
420 | DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) | |
421 | +#endif | |
422 | DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) | |
423 | DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) | |
424 | #ifndef OPENSSL_NO_SSL2 | |
425 | DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return) | |
426 | #endif | |
427 | +#ifndef OPENSSL_NO_SSL3 | |
428 | DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) | |
429 | +#endif | |
430 | DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) | |
431 | DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) | |
432 | #else | |
433 | --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp~ 2018-09-15 22:34:31.000000000 +0200 | |
434 | +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2018-09-15 23:31:05.798009957 +0200 | |
435 | @@ -273,7 +273,11 @@ init_context: | |
436 | #endif | |
437 | break; | |
438 | case QSsl::SslV3: | |
439 | +#ifndef OPENSSL_NO_SSL3 | |
440 | ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method()); | |
441 | +#else | |
442 | + ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error | |
443 | +#endif | |
444 | break; | |
445 | case QSsl::SecureProtocols: // SslV2 will be disabled below | |
446 | case QSsl::TlsV1SslV3: // SslV2 will be disabled below |