diff --git a/qt-everywhere-opensource-src-4.8.7-openssl-1.1.patch b/qt-everywhere-opensource-src-4.8.7-openssl-1.1.patch index 1c0d066..aa30a00 100644 --- a/qt-everywhere-opensource-src-4.8.7-openssl-1.1.patch +++ b/qt-everywhere-opensource-src-4.8.7-openssl-1.1.patch @@ -1,27 +1,7 @@ -Description: Compile with openssl-1.1.0 - * Most changes are related to openssl structures are now opaque. - * The network/ssl threading setup has been disabled because the - old openssl threading model has been removed and is apparently - no longer needed. - * A number of new functions had to be imported (see changes to - src/network/ssl/qsslsocket_openssl_symbols.cpp) -Author: Gert Wollny -Author: Dmitry Eremin-Solenikov -Last-Update: 2017-11-07 -Bug-Debian: http://bugs.debian.org/828522 - ---- - src/network/ssl/qsslcertificate.cpp | 25 +++-- - src/network/ssl/qsslkey.cpp | 11 ++ - src/network/ssl/qsslsocket_openssl.cpp | 27 ++++- - src/network/ssl/qsslsocket_openssl_p.h | 4 - src/network/ssl/qsslsocket_openssl_symbols.cpp | 118 +++++++++++++++++++++++++ - src/network/ssl/qsslsocket_openssl_symbols_p.h | 76 ++++++++++++++++ - 6 files changed, 249 insertions(+), 12 deletions(-) - ---- a/src/network/ssl/qsslcertificate.cpp -+++ b/src/network/ssl/qsslcertificate.cpp -@@ -259,10 +259,10 @@ void QSslCertificate::clear() +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslcertificate.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslcertificate.cpp 2018-01-05 12:06:06.113994377 +0100 +@@ -259,10 +259,10 @@ QByteArray QSslCertificate::version() const { QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); @@ -35,7 +15,7 @@ Bug-Debian: http://bugs.debian.org/828522 return d->versionString; } -@@ -276,7 +276,7 @@ QByteArray QSslCertificate::serialNumber +@@ -276,7 +276,7 @@ { QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); if (d->serialNumberString.isEmpty() && d->x509) { @@ -44,7 +24,7 @@ Bug-Debian: http://bugs.debian.org/828522 // if we cannot convert to a long, just output the hexadecimal number if (serialNumber->length > 4) { QByteArray hexString; -@@ -489,24 +489,33 @@ QSslKey QSslCertificate::publicKey() con +@@ -489,24 +489,33 @@ QSslKey key; key.d->type = QSsl::PublicKey; @@ -82,9 +62,10 @@ Bug-Debian: http://bugs.debian.org/828522 q_EVP_PKEY_free(pkey); return key; } ---- a/src/network/ssl/qsslkey.cpp -+++ b/src/network/ssl/qsslkey.cpp -@@ -321,8 +321,19 @@ int QSslKey::length() const +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslkey.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslkey.cpp 2018-01-05 12:06:06.335990971 +0100 +@@ -321,8 +321,19 @@ { if (d->isNull) return -1; @@ -104,9 +85,10 @@ Bug-Debian: http://bugs.debian.org/828522 } /*! ---- a/src/network/ssl/qsslsocket_openssl.cpp -+++ b/src/network/ssl/qsslsocket_openssl.cpp -@@ -93,6 +93,7 @@ bool QSslSocketPrivate::s_libraryLoaded +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl.cpp 2018-01-05 12:06:06.336990956 +0100 +@@ -93,6 +93,7 @@ bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; bool QSslSocketPrivate::s_loadRootCertsOnDemand = false; @@ -114,7 +96,7 @@ Bug-Debian: http://bugs.debian.org/828522 /* \internal From OpenSSL's thread(3) manual page: -@@ -174,6 +175,8 @@ static unsigned long id_function() +@@ -174,6 +175,8 @@ } } // extern "C" @@ -123,7 +105,7 @@ Bug-Debian: http://bugs.debian.org/828522 QSslSocketBackendPrivate::QSslSocketBackendPrivate() : ssl(0), ctx(0), -@@ -222,9 +225,12 @@ QSslCipher QSslSocketBackendPrivate::QSs +@@ -222,9 +225,12 @@ ciph.d->encryptionMethod = descriptionList.at(4).mid(4); ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export")); @@ -137,7 +119,7 @@ Bug-Debian: http://bugs.debian.org/828522 } return ciph; } -@@ -367,7 +373,7 @@ init_context: +@@ -363,7 +369,7 @@ // // See also: QSslContext::fromConfiguration() if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { @@ -146,7 +128,7 @@ Bug-Debian: http://bugs.debian.org/828522 } } -@@ -504,8 +510,10 @@ void QSslSocketBackendPrivate::destroySs +@@ -500,8 +506,10 @@ */ void QSslSocketPrivate::deinitialize() { @@ -157,7 +139,7 @@ Bug-Debian: http://bugs.debian.org/828522 } /*! -@@ -526,13 +534,17 @@ bool QSslSocketPrivate::ensureLibraryLoa +@@ -522,13 +530,17 @@ return false; // Check if the library itself needs to be initialized. @@ -175,7 +157,7 @@ Bug-Debian: http://bugs.debian.org/828522 if (q_SSL_library_init() != 1) return false; q_SSL_load_error_strings(); -@@ -571,7 +583,9 @@ bool QSslSocketPrivate::ensureLibraryLoa +@@ -567,7 +579,9 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() { @@ -186,7 +168,7 @@ Bug-Debian: http://bugs.debian.org/828522 if (s_loadedCiphersAndCerts) return; s_loadedCiphersAndCerts = true; -@@ -663,13 +677,18 @@ void QSslSocketPrivate::resetDefaultCiph +@@ -659,13 +673,18 @@ STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { @@ -206,168 +188,24 @@ Bug-Debian: http://bugs.debian.org/828522 } } ---- a/src/network/ssl/qsslsocket_openssl_symbols_p.h -+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h -@@ -213,9 +213,15 @@ int q_BIO_read(BIO *a, void *b, int c); - BIO_METHOD *q_BIO_s_mem(); - int q_BIO_write(BIO *a, const void *b, int c); - int q_BN_num_bits(const BIGNUM *a); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - int q_CRYPTO_num_locks(); - void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int)); - void q_CRYPTO_set_id_callback(unsigned long (*a)()); -+#else -+#define q_CRYPTO_num_locks() 1 -+#define q_CRYPTO_set_locking_callback(a) -+#define q_CRYPTO_set_id_callback(a) -+#endif - void q_CRYPTO_free(void *a); - void q_DSA_free(DSA *a); - #if OPENSSL_VERSION_NUMBER >= 0x00908000L -@@ -258,6 +264,7 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R - void q_RAND_seed(const void *a, int b); - int q_RAND_status(); - void q_RSA_free(RSA *a); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - int q_sk_num(STACK *a); - void q_sk_pop_free(STACK *a, void (*b)(void *)); - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -@@ -267,6 +274,16 @@ void * q_sk_value(STACK *a, int b); - void q_sk_free(STACK *a); - char * q_sk_value(STACK *a, int b); - #endif -+#else -+int q_OPENSSL_sk_num(STACK *a); -+void q_OPENSSL_sk_pop_free(STACK *a, void (*b)(void *)); -+void q_OPENSSL_sk_free(_STACK *a); -+void * q_OPENSSL_sk_value(STACK *a, int b); -+#define q_sk_num q_OPENSSL_sk_num -+#define q_sk_pop_free q_OPENSSL_sk_pop_free -+#define q_sk_free q_OPENSSL_sk_free -+#define q_sk_value q_OPENSSL_sk_value -+#endif - int q_SSL_accept(SSL *a); - int q_SSL_clear(SSL *a); - char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c); -@@ -314,8 +331,14 @@ long q_SSL_get_verify_result(const SSL * - #else - long q_SSL_get_verify_result(SSL *a); +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_p.h qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_p.h +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_p.h 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_p.h 2018-01-05 12:06:06.337990940 +0100 +@@ -84,6 +84,10 @@ + #include #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - int q_SSL_library_init(); - void q_SSL_load_error_strings(); -+#else -+int q_OPENSSL_init_ssl(uint64_t opts, void *settings); -+#define q_SSL_library_init() q_OPENSSL_init_ssl(0, NULL) -+#define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL) -+#endif - SSL *q_SSL_new(SSL_CTX *a); - #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) - long q_SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); -@@ -328,11 +351,21 @@ int q_SSL_shutdown(SSL *a); - #if OPENSSL_VERSION_NUMBER >= 0x10000000L - const SSL_METHOD *q_SSLv2_client_method(); - const SSL_METHOD *q_SSLv3_client_method(); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - const SSL_METHOD *q_SSLv23_client_method(); -+#else -+const SSL_METHOD *q_TLS_client_method(); -+#define q_SSLv23_client_method q_TLS_client_method -+#endif - const SSL_METHOD *q_TLSv1_client_method(); - const SSL_METHOD *q_SSLv2_server_method(); - const SSL_METHOD *q_SSLv3_server_method(); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - const SSL_METHOD *q_SSLv23_server_method(); -+#else -+const SSL_METHOD *q_TLS_server_method(); -+#define q_SSLv23_server_method q_TLS_server_method -+#endif - const SSL_METHOD *q_TLSv1_server_method(); - #else - SSL_METHOD *q_SSLv2_client_method(); -@@ -377,7 +410,12 @@ int q_X509_STORE_CTX_set_purpose(X509_ST - int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); - int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); - X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); -+#else -+STACK_OF(X509) *q_X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx); -+#define q_X509_STORE_CTX_get_chain q_X509_STORE_CTX_get0_chain -+#endif - #define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) - #define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) -@@ -399,7 +437,25 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign - PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) - #endif -+ -+X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx); -+ASN1_INTEGER * q_X509_get_serialNumber(X509 *x); -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) -+#define q_X509_get_version(x) X509_get_version(x) -+#else -+int q_EVP_PKEY_id(const EVP_PKEY *pkey); -+int q_EVP_PKEY_base_id(const EVP_PKEY *pkey); -+int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); -+long q_SSL_CTX_set_options(SSL_CTX *ctx, long options); -+long q_X509_get_version(X509 *x); -+X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); -+int q_RSA_bits(const RSA *rsa); -+int q_DSA_security_bits(const DSA *dsa); -+void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); -+#endif -+ - #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) - #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) - #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) -@@ -410,8 +466,17 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign - #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i)) - #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \ - q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - #define q_X509_get_notAfter(x) X509_get_notAfter(x) - #define q_X509_get_notBefore(x) X509_get_notBefore(x) -+#else -+ASN1_TIME *q_X509_getm_notAfter(X509 *x); -+ASN1_TIME *q_X509_getm_notBefore(X509 *x); -+#define q_X509_get_notAfter(x) q_X509_getm_notAfter(x) -+#define q_X509_get_notBefore(x) q_X509_getm_notBefore(x) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#define OPENSSL_NO_SSL2 +#endif + - #define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) - #define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ -@@ -421,10 +486,21 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign - #else - #define q_OpenSSL_add_all_algorithms() q_OPENSSL_add_all_algorithms_noconf() + #if OPENSSL_VERSION_NUMBER >= 0x10000000L + typedef _STACK STACK; #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - void q_OPENSSL_add_all_algorithms_noconf(); - void q_OPENSSL_add_all_algorithms_conf(); -+#else -+int q_OPENSSL_init_crypto(uint64_t opts, void *settings); -+#define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL) -+# define q_OPENSSL_add_all_algorithms_noconf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) -+#endif - int q_SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - long q_SSLeay(); -+#else -+unsigned long q_OpenSSL_version_num(); -+#define q_SSLeay q_OpenSSL_version_num -+#endif - - // Helper function - class QDateTime; ---- a/src/network/ssl/qsslsocket_openssl_symbols.cpp -+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp -@@ -117,9 +117,11 @@ DEFINEFUNC3(int, BIO_read, BIO *a, a, vo +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols.cpp 2018-01-05 12:11:43.923809321 +0100 +@@ -117,9 +117,11 @@ DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) @@ -379,7 +217,7 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) #if OPENSSL_VERSION_NUMBER < 0x00908000L -@@ -157,6 +159,7 @@ DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKE +@@ -157,6 +159,7 @@ DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG) DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return) DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG) @@ -387,7 +225,7 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return) DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG) #if OPENSSL_VERSION_NUMBER >= 0x10000000L -@@ -166,6 +169,12 @@ DEFINEFUNC2(void *, sk_value, STACK *a, +@@ -166,6 +169,12 @@ DEFINEFUNC(void, sk_free, STACK *a, a, return, DUMMYARG) DEFINEFUNC2(char *, sk_value, STACK *a, a, int b, b, return 0, return) #endif @@ -400,7 +238,7 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return) DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return) DEFINEFUNC3(char *, SSL_CIPHER_description, SSL_CIPHER *a, a, char *b, b, int c, c, return 0, return) -@@ -213,8 +222,12 @@ DEFINEFUNC(long, SSL_get_verify_result, +@@ -213,8 +222,12 @@ #else DEFINEFUNC(long, SSL_get_verify_result, SSL *a, a, return -1, return) #endif @@ -413,10 +251,10 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return 0, return) #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return) -@@ -231,7 +244,11 @@ DEFINEFUNC(const SSL_METHOD *, SSLv2_cli - #ifndef OPENSSL_NO_SSL3_METHOD - DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) +@@ -229,13 +242,21 @@ + DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) #endif + DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) +#if OPENSSL_VERSION_NUMBER < 0x10100000L DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) +#else @@ -425,10 +263,8 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) #ifndef OPENSSL_NO_SSL2 DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return) -@@ -239,7 +256,11 @@ DEFINEFUNC(const SSL_METHOD *, SSLv2_ser - #ifndef OPENSSL_NO_SSL3_METHOD - DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) #endif + DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) +#if OPENSSL_VERSION_NUMBER < 0x10100000L DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) +#else @@ -437,7 +273,7 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) #else DEFINEFUNC(SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) -@@ -278,7 +299,11 @@ DEFINEFUNC2(int, X509_STORE_CTX_set_purp +@@ -274,7 +295,11 @@ DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return) DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return) DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return 0, return) @@ -449,7 +285,7 @@ Bug-Debian: http://bugs.debian.org/828522 DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return 0, return) #ifdef SSLEAY_MACROS DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return) -@@ -286,10 +311,39 @@ DEFINEFUNC2(int, i2d_RSAPrivateKey, cons +@@ -282,10 +307,39 @@ DEFINEFUNC3(RSA *, d2i_RSAPrivateKey, RSA **a, a, unsigned char **b, b, long c, c, return 0, return) DEFINEFUNC3(DSA *, d2i_DSAPrivateKey, DSA **a, a, unsigned char **b, b, long c, c, return 0, return) #endif @@ -489,7 +325,7 @@ Bug-Debian: http://bugs.debian.org/828522 #ifdef Q_OS_SYMBIAN #define RESOLVEFUNC(func, ordinal, lib) \ -@@ -584,7 +638,11 @@ bool q_resolveOpenSslSymbols() +@@ -580,7 +634,11 @@ static volatile bool symbolsResolved = false; static volatile bool triedToResolveSymbols = false; #ifndef QT_NO_THREAD @@ -501,7 +337,7 @@ Bug-Debian: http://bugs.debian.org/828522 #endif if (symbolsResolved) return true; -@@ -618,9 +676,11 @@ bool q_resolveOpenSslSymbols() +@@ -614,9 +672,11 @@ RESOLVEFUNC(BIO_write, 269, libs.second ) RESOLVEFUNC(BN_num_bits, 387, libs.second ) RESOLVEFUNC(CRYPTO_free, 469, libs.second ) @@ -513,7 +349,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(DSA_free, 594, libs.second ) RESOLVEFUNC(ERR_error_string, 744, libs.second ) RESOLVEFUNC(ERR_get_error, 749, libs.second ) -@@ -678,8 +738,10 @@ bool q_resolveOpenSslSymbols() +@@ -674,8 +734,10 @@ RESOLVEFUNC(SSL_get_peer_cert_chain, 117, libs.first ) RESOLVEFUNC(SSL_get_peer_certificate, 118, libs.first ) RESOLVEFUNC(SSL_get_verify_result, 132, libs.first ) @@ -524,7 +360,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(SSL_new, 140, libs.first ) #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) RESOLVEFUNC(SSL_ctrl, 95, libs.first ) -@@ -751,9 +813,11 @@ bool q_resolveOpenSslSymbols() +@@ -747,9 +809,11 @@ RESOLVEFUNC(BIO_write) RESOLVEFUNC(BN_num_bits) RESOLVEFUNC(CRYPTO_free) @@ -536,7 +372,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(DSA_free) RESOLVEFUNC(ERR_error_string) RESOLVEFUNC(ERR_get_error) -@@ -783,10 +847,17 @@ bool q_resolveOpenSslSymbols() +@@ -779,10 +843,17 @@ RESOLVEFUNC(RAND_seed) RESOLVEFUNC(RAND_status) RESOLVEFUNC(RSA_free) @@ -554,7 +390,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(SSL_CIPHER_description) RESOLVEFUNC(SSL_CTX_check_private_key) RESOLVEFUNC(SSL_CTX_ctrl) -@@ -801,6 +872,7 @@ bool q_resolveOpenSslSymbols() +@@ -797,6 +868,7 @@ RESOLVEFUNC(SSL_CTX_use_PrivateKey) RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) @@ -562,7 +398,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(SSL_accept) RESOLVEFUNC(SSL_clear) RESOLVEFUNC(SSL_connect) -@@ -811,8 +883,12 @@ bool q_resolveOpenSslSymbols() +@@ -807,8 +879,12 @@ RESOLVEFUNC(SSL_get_peer_cert_chain) RESOLVEFUNC(SSL_get_peer_certificate) RESOLVEFUNC(SSL_get_verify_result) @@ -575,7 +411,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(SSL_new) #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) RESOLVEFUNC(SSL_ctrl) -@@ -823,13 +899,39 @@ bool q_resolveOpenSslSymbols() +@@ -819,17 +895,47 @@ RESOLVEFUNC(SSL_set_connect_state) RESOLVEFUNC(SSL_shutdown) RESOLVEFUNC(SSL_write) @@ -604,9 +440,7 @@ Bug-Debian: http://bugs.debian.org/828522 #ifndef OPENSSL_NO_SSL2 RESOLVEFUNC(SSLv2_client_method) #endif - #ifndef OPENSSL_NO_SSL3_METHOD RESOLVEFUNC(SSLv3_client_method) - #endif +#if OPENSSL_VERSION_NUMBER < 0x10100000L RESOLVEFUNC(SSLv23_client_method) +#else @@ -615,10 +449,8 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(TLSv1_client_method) #ifndef OPENSSL_NO_SSL2 RESOLVEFUNC(SSLv2_server_method) -@@ -837,7 +939,11 @@ bool q_resolveOpenSslSymbols() - #ifndef OPENSSL_NO_SSL3_METHOD - RESOLVEFUNC(SSLv3_server_method) #endif + RESOLVEFUNC(SSLv3_server_method) +#if OPENSSL_VERSION_NUMBER < 0x10100000L RESOLVEFUNC(SSLv23_server_method) +#else @@ -627,7 +459,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(TLSv1_server_method) RESOLVEFUNC(X509_NAME_entry_count) RESOLVEFUNC(X509_NAME_get_entry) -@@ -854,7 +960,11 @@ bool q_resolveOpenSslSymbols() +@@ -846,7 +952,11 @@ RESOLVEFUNC(X509_STORE_CTX_get_error) RESOLVEFUNC(X509_STORE_CTX_get_error_depth) RESOLVEFUNC(X509_STORE_CTX_get_current_cert) @@ -639,7 +471,7 @@ Bug-Debian: http://bugs.debian.org/828522 RESOLVEFUNC(X509_cmp) #ifndef SSLEAY_MACROS RESOLVEFUNC(X509_dup) -@@ -875,10 +985,18 @@ bool q_resolveOpenSslSymbols() +@@ -867,10 +977,18 @@ RESOLVEFUNC(d2i_DSAPrivateKey) RESOLVEFUNC(d2i_RSAPrivateKey) #endif @@ -658,16 +490,163 @@ Bug-Debian: http://bugs.debian.org/828522 #endif // Q_OS_SYMBIAN symbolsResolved = true; delete libs.first; ---- a/src/network/ssl/qsslsocket_openssl_p.h -+++ b/src/network/ssl/qsslsocket_openssl_p.h -@@ -84,6 +84,10 @@ - #include +diff -ur qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols_p.h +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-openssl-1.1/src/network/ssl/qsslsocket_openssl_symbols_p.h 2018-01-05 12:06:06.336990956 +0100 +@@ -213,9 +213,15 @@ + BIO_METHOD *q_BIO_s_mem(); + int q_BIO_write(BIO *a, const void *b, int c); + int q_BN_num_bits(const BIGNUM *a); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + int q_CRYPTO_num_locks(); + void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int)); + void q_CRYPTO_set_id_callback(unsigned long (*a)()); ++#else ++#define q_CRYPTO_num_locks() 1 ++#define q_CRYPTO_set_locking_callback(a) ++#define q_CRYPTO_set_id_callback(a) ++#endif + void q_CRYPTO_free(void *a); + void q_DSA_free(DSA *a); + #if OPENSSL_VERSION_NUMBER >= 0x00908000L +@@ -258,6 +264,7 @@ + void q_RAND_seed(const void *a, int b); + int q_RAND_status(); + void q_RSA_free(RSA *a); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + int q_sk_num(STACK *a); + void q_sk_pop_free(STACK *a, void (*b)(void *)); + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +@@ -267,6 +274,16 @@ + void q_sk_free(STACK *a); + char * q_sk_value(STACK *a, int b); + #endif ++#else ++int q_OPENSSL_sk_num(STACK *a); ++void q_OPENSSL_sk_pop_free(STACK *a, void (*b)(void *)); ++void q_OPENSSL_sk_free(_STACK *a); ++void * q_OPENSSL_sk_value(STACK *a, int b); ++#define q_sk_num q_OPENSSL_sk_num ++#define q_sk_pop_free q_OPENSSL_sk_pop_free ++#define q_sk_free q_OPENSSL_sk_free ++#define q_sk_value q_OPENSSL_sk_value ++#endif + int q_SSL_accept(SSL *a); + int q_SSL_clear(SSL *a); + char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c); +@@ -314,8 +331,14 @@ + #else + long q_SSL_get_verify_result(SSL *a); #endif ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + int q_SSL_library_init(); + void q_SSL_load_error_strings(); ++#else ++int q_OPENSSL_init_ssl(uint64_t opts, void *settings); ++#define q_SSL_library_init() q_OPENSSL_init_ssl(0, NULL) ++#define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL) ++#endif + SSL *q_SSL_new(SSL_CTX *a); + #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) + long q_SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); +@@ -328,11 +351,21 @@ + #if OPENSSL_VERSION_NUMBER >= 0x10000000L + const SSL_METHOD *q_SSLv2_client_method(); + const SSL_METHOD *q_SSLv3_client_method(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + const SSL_METHOD *q_SSLv23_client_method(); ++#else ++const SSL_METHOD *q_TLS_client_method(); ++#define q_SSLv23_client_method q_TLS_client_method ++#endif + const SSL_METHOD *q_TLSv1_client_method(); + const SSL_METHOD *q_SSLv2_server_method(); + const SSL_METHOD *q_SSLv3_server_method(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + const SSL_METHOD *q_SSLv23_server_method(); ++#else ++const SSL_METHOD *q_TLS_server_method(); ++#define q_SSLv23_server_method q_TLS_server_method ++#endif + const SSL_METHOD *q_TLSv1_server_method(); + #else + SSL_METHOD *q_SSLv2_client_method(); +@@ -377,7 +410,12 @@ + int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); + int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); + X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); ++#else ++STACK_OF(X509) *q_X509_STORE_CTX_get0_chain(X509_STORE_CTX *ctx); ++#define q_X509_STORE_CTX_get_chain q_X509_STORE_CTX_get0_chain ++#endif -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+#define OPENSSL_NO_SSL2 + #define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) + #define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) +@@ -399,7 +437,25 @@ + PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ + bp,(char *)x,enc,kstr,klen,cb,u) + #endif ++ ++X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx); ++ASN1_INTEGER * q_X509_get_serialNumber(X509 *x); ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) ++#define q_X509_get_version(x) X509_get_version(x) ++#else ++int q_EVP_PKEY_id(const EVP_PKEY *pkey); ++int q_EVP_PKEY_base_id(const EVP_PKEY *pkey); ++int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); ++long q_SSL_CTX_set_options(SSL_CTX *ctx, long options); ++long q_X509_get_version(X509 *x); ++X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); ++int q_RSA_bits(const RSA *rsa); ++int q_DSA_security_bits(const DSA *dsa); ++void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); +#endif + - #if OPENSSL_VERSION_NUMBER >= 0x10000000L - typedef _STACK STACK; + #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) + #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) + #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) +@@ -410,8 +466,17 @@ + #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i)) + #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \ + q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + #define q_X509_get_notAfter(x) X509_get_notAfter(x) + #define q_X509_get_notBefore(x) X509_get_notBefore(x) ++#else ++ASN1_TIME *q_X509_getm_notAfter(X509 *x); ++ASN1_TIME *q_X509_getm_notBefore(X509 *x); ++#define q_X509_get_notAfter(x) q_X509_getm_notAfter(x) ++#define q_X509_get_notBefore(x) q_X509_getm_notBefore(x) ++#endif ++ + #define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ + (char *)(rsa)) + #define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ +@@ -421,10 +486,21 @@ + #else + #define q_OpenSSL_add_all_algorithms() q_OPENSSL_add_all_algorithms_noconf() #endif ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + void q_OPENSSL_add_all_algorithms_noconf(); + void q_OPENSSL_add_all_algorithms_conf(); ++#else ++int q_OPENSSL_init_crypto(uint64_t opts, void *settings); ++#define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL) ++# define q_OPENSSL_add_all_algorithms_noconf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL) ++#endif + int q_SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + long q_SSLeay(); ++#else ++unsigned long q_OpenSSL_version_num(); ++#define q_SSLeay q_OpenSSL_version_num ++#endif + + // Helper function + class QDateTime;