svn commit: r481493 - in head/net/qt4-network: . files
Adriaan de Groot
adridg at FreeBSD.org
Sun Oct 7 20:39:14 UTC 2018
Author: adridg
Date: Sun Oct 7 20:39:11 2018
New Revision: 481493
URL: https://svnweb.freebsd.org/changeset/ports/481493
Log:
Fix build of legacy Qt4-network port with OpenSSL 1.1.1 for future
changes in base. (Tested in a 12-CURRENT VM with ^/projects/openssl111
worls, and in an 11-STABLE VM with the old situation).
Thanks to brnrd@ for chasing this for a long time, and the original submitter.
Specific credits for obtained-from are in the PR.
PR: 214691
Submitted by: Melvyn Sopacua
Reviewed by: brnrd
Obtained from: richmoore
Added:
head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp (contents, props changed)
head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp (contents, props changed)
head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (contents, props changed)
Modified:
head/net/qt4-network/Makefile
head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
Modified: head/net/qt4-network/Makefile
==============================================================================
--- head/net/qt4-network/Makefile Sun Oct 7 20:25:16 2018 (r481492)
+++ head/net/qt4-network/Makefile Sun Oct 7 20:39:11 2018 (r481493)
@@ -3,7 +3,7 @@
PORTNAME= network
DISTVERSION= ${QT4_VERSION}
-PORTREVISION= 3
+PORTREVISION= 4
CATEGORIES= net ipv6
PKGNAMEPREFIX= qt4-
@@ -12,9 +12,6 @@ COMMENT= Qt network module
LICENSE= GPLv3 LGPL21 LGPL3 GFDL
LICENSE_COMB= dual
-
-BROKEN_SSL= openssl-devel
-BROKEN_SSL_REASON_openssl-devel= error: member access into incomplete type 'RSA' (aka 'rsa_st')
RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
Added: head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp Sun Oct 7 20:39:11 2018 (r481493)
@@ -0,0 +1,80 @@
+--- src/network/ssl/qsslcertificate.cpp.orig 2015-05-07 14:14:44 UTC
++++ src/network/ssl/qsslcertificate.cpp
+@@ -260,8 +260,13 @@ QByteArray QSslCertificate::version() co
+ {
+ QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+ if (d->versionString.isEmpty() && d->x509)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ d->versionString =
++ QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1);
++#else
+ d->versionString =
+ QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
++#endif
+
+ return d->versionString;
+ }
+@@ -276,7 +281,11 @@ QByteArray QSslCertificate::serialNumber
+ {
+ QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+ if (d->serialNumberString.isEmpty() && d->x509) {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509);
++#else
+ ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
++#endif
+ // if we cannot convert to a long, just output the hexadecimal number
+ if (serialNumber->length > 4) {
+ QByteArray hexString;
+@@ -489,19 +498,37 @@ QSslKey QSslCertificate::publicKey() con
+ QSslKey key;
+
+ key.d->type = QSsl::PublicKey;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ EVP_PKEY *pkey = q_X509_get_pubkey(d->x509);
++#else
+ X509_PUBKEY *xkey = d->x509->cert_info->key;
+ EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
++#endif
+ Q_ASSERT(pkey);
+
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ int keyType = q_EVP_PKEY_type(q_EVP_PKEY_base_id(pkey));
++
++ if (keyType == EVP_PKEY_RSA) {
++#else
+ if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
++#endif
+ key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
+ key.d->algorithm = QSsl::Rsa;
+ key.d->isNull = false;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ } else if (keyType == EVP_PKEY_DSA) {
++#else
+ } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
++#endif
+ key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
+ key.d->algorithm = QSsl::Dsa;
+ key.d->isNull = false;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ } else if (keyType == EVP_PKEY_DH) {
++#else
+ } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
++#endif
+ // DH unsupported
+ } else {
+ // error?
+@@ -698,8 +725,13 @@ QSslCertificate QSslCertificatePrivate::
+ if (!x509 || !QSslSocket::supportsSsl())
+ return certificate;
+
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ const ASN1_TIME *nbef = q_X509_get0_notBefore(x509);
++ const ASN1_TIME *naft = q_X509_get0_notAfter(x509);
++#else
+ ASN1_TIME *nbef = q_X509_get_notBefore(x509);
+ ASN1_TIME *naft = q_X509_get_notAfter(x509);
++#endif
+ certificate.d->notValidBefore = q_getTimeFromASN1(nbef);
+ certificate.d->notValidAfter = q_getTimeFromASN1(naft);
+ certificate.d->null = false;
Added: head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp Sun Oct 7 20:39:11 2018 (r481493)
@@ -0,0 +1,16 @@
+--- src/network/ssl/qsslkey.cpp.orig 2015-05-07 14:14:44 UTC
++++ src/network/ssl/qsslkey.cpp
+@@ -321,8 +321,13 @@ int QSslKey::length() const
+ {
+ if (d->isNull)
+ return -1;
++#if OPENSSL_VERSION_NUMBER >= 0x10100000
++ return (d->algorithm == QSsl::Rsa)
++ ? q_RSA_bits(d->rsa) : q_DSA_bits(d->dsa);
++#else
+ return (d->algorithm == QSsl::Rsa)
+ ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
++#endif
+ }
+
+ /*!
Modified: head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
==============================================================================
--- head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp Sun Oct 7 20:25:16 2018 (r481492)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp Sun Oct 7 20:39:11 2018 (r481493)
@@ -1,8 +1,31 @@
* Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols
*
+
--- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslsocket_openssl.cpp
-@@ -267,9 +267,13 @@ init_context:
+@@ -222,9 +222,12 @@ QSslCipher QSslSocketBackendPrivate::QSs
+ ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
+ ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
+
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ ciph.d->bits = cipher->strength_bits;
+ ciph.d->supportedBits = cipher->alg_bits;
+-
++#else
++ ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits);
++#endif
+ }
+ return ciph;
+ }
+@@ -260,16 +263,20 @@ bool QSslSocketBackendPrivate::initSslCo
+ init_context:
+ switch (configuration.protocol) {
+ case QSsl::SslV2:
+-#ifndef OPENSSL_NO_SSL2
++#if OPENSSL_VERSION_NUMBER <= 0x1010000L && !defined(OPENSSL_NO_SSL2)
+ ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method());
+ #else
+ ctx = 0; // SSL 2 not supported by the system, but chosen deliberately -> error
#endif
break;
case QSsl::SslV3:
@@ -17,7 +40,7 @@
case QSsl::TlsV1SslV3: // SslV2 will be disabled below
case QSsl::AnyProtocol:
default:
-@@ -297,8 +301,10 @@ init_context:
+@@ -297,8 +304,10 @@ init_context:
// Enable bug workarounds.
long options;
@@ -28,4 +51,32 @@
+ options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3;
else
options = SSL_OP_ALL;
+
+@@ -363,7 +372,7 @@ init_context:
+ //
+ // See also: QSslContext::fromConfiguration()
+ if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
+- q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
++ q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle());
+ }
+ }
+
+@@ -659,13 +668,11 @@ void QSslSocketPrivate::resetDefaultCiph
+ STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
+ for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
+ if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
+- if (cipher->valid) {
+- QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
+- if (!ciph.isNull()) {
+- if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
+- ciphers << ciph;
+- }
+- }
++ QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
++ if (!ciph.isNull()) {
++ if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
++ ciphers << ciph;
++ }
+ }
+ }
Added: head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h Sun Oct 7 20:39:11 2018 (r481493)
@@ -0,0 +1,95 @@
+--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2015-05-07 14:14:44 UTC
++++ src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -218,6 +218,9 @@ void q_CRYPTO_set_locking_callback(void
+ void q_CRYPTO_set_id_callback(unsigned long (*a)());
+ void q_CRYPTO_free(void *a);
+ void q_DSA_free(DSA *a);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++int q_DSA_bits(DSA *a);
++#endif
+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ // 0.9.8 broke SC and BC by changing this function's signature.
+ X509 *q_d2i_X509(X509 **a, const unsigned char **b, long c);
+@@ -227,12 +230,18 @@ X509 *q_d2i_X509(X509 **a, unsigned char
+ char *q_ERR_error_string(unsigned long a, char *b);
+ unsigned long q_ERR_get_error();
+ const EVP_CIPHER *q_EVP_des_ede3_cbc();
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++const EVP_MD *q_EVP_sha1();
++#endif
+ int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c);
+ int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b);
+ int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b);
+ void q_EVP_PKEY_free(EVP_PKEY *a);
+ RSA *q_EVP_PKEY_get1_RSA(EVP_PKEY *a);
+ DSA *q_EVP_PKEY_get1_DSA(EVP_PKEY *a);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++int q_EVP_PKEY_base_id(EVP_PKEY *a);
++#endif
+ int q_EVP_PKEY_type(int a);
+ EVP_PKEY *q_EVP_PKEY_new();
+ int q_i2d_X509(X509 *a, unsigned char **b);
+@@ -258,6 +267,9 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R
+ void q_RAND_seed(const void *a, int b);
+ int q_RAND_status();
+ void q_RSA_free(RSA *a);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++int q_RSA_bits(RSA *a);
++#endif
+ int q_sk_num(STACK *a);
+ void q_sk_pop_free(STACK *a, void (*b)(void *));
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+@@ -270,6 +282,9 @@ char * q_sk_value(STACK *a, int b);
+ int q_SSL_accept(SSL *a);
+ int q_SSL_clear(SSL *a);
+ char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c);
++#if OPENSSL_VERSION_NUMBER >= 0x10000000L
++int q_SSL_CIPHER_get_bits(SSL_CIPHER *a, int *b);
++#endif
+ int q_SSL_connect(SSL *a);
+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ // 0.9.8 broke SC and BC by changing this function's signature.
+@@ -293,6 +308,7 @@ int q_SSL_CTX_use_certificate_file(SSL_C
+ int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b);
+ int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b);
+ int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c);
++X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a);
+ void q_SSL_free(SSL *a);
+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ // 0.9.8 broke SC and BC by changing this function's signature.
+@@ -353,6 +369,9 @@ void *q_ASN1_dup(i2d_of_void *i2d, d2i_o
+ #else
+ X509 *q_X509_dup(X509 *a);
+ #endif
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++int q_X509_digest(const X509 *x509, const EVP_MD *type, unsigned char *md, unsigned int *len);
++#endif
+ ASN1_OBJECT *q_X509_EXTENSION_get_object(X509_EXTENSION *a);
+ void q_X509_free(X509 *a);
+ X509_EXTENSION *q_X509_get_ext(X509 *a, int b);
+@@ -360,6 +379,13 @@ int q_X509_get_ext_count(X509 *a);
+ void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
+ X509_NAME *q_X509_get_issuer_name(X509 *a);
+ X509_NAME *q_X509_get_subject_name(X509 *a);
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++long q_X509_get_version(X509 *a);
++ASN1_INTEGER *q_X509_get_serialNumber(X509 *a);
++EVP_PKEY *q_X509_get_pubkey(X509 *a);
++const ASN1_TIME *q_X509_get0_notBefore(X509 *a);
++const ASN1_TIME *q_X509_get0_notAfter(X509 *a);
++#endif
+ int q_X509_verify_cert(X509_STORE_CTX *ctx);
+ int q_X509_NAME_entry_count(X509_NAME *a);
+ X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
+@@ -399,7 +425,11 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
+ PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
+ bp,(char *)x,enc,kstr,klen,cb,u)
+ #endif
++#if OPENSSL_VERSION_NUMBER <= 0x10100000L
+ #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
++#else
++unsigned long q_SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
++#endif
+ #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
+ #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i)
+ #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))
More information about the svn-ports-head
mailing list