Hello community, here is the log from the commit of package libqt4 for openSUSE:Factory checked in at 2017-12-16 20:44:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libqt4 (Old) and /work/SRC/openSUSE:Factory/.libqt4.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libqt4" Sat Dec 16 20:44:45 2017 rev:224 rq:554902 version:4.8.7 Changes: -------- libqt4-sql-plugins.changes: same change --- /work/SRC/openSUSE:Factory/libqt4/libqt4.changes 2017-10-23 16:21:46.641193196 +0200 +++ /work/SRC/openSUSE:Factory/.libqt4.new/libqt4.changes 2017-12-16 20:44:49.930280056 +0100 @@ -1,0 +2,18 @@ +Wed Dec 6 16:56:06 UTC 2017 - fab...@ritter-vogt.de + +- Add proper patch headers to: + * no-ssl3.patch + * qt4-openssl-1.1.0pre-3.patch +- Remove patch, not needed: + * qt-everywhere-opensource-src-4.8.7-gcc7.patch + +------------------------------------------------------------------- +Tue Dec 5 01:45:40 CET 2017 - r...@suse.de + +- add patches from mageia to fix build with openssl-1.1 +- add no-ssl3.patch +- add qt4-openssl-1.1.0pre-3.patch +- add qt-everywhere-opensource-src-4.8.7-openssl.patch +- add qt-everywhere-opensource-src-4.8.7-gcc7.patch + +------------------------------------------------------------------- New: ---- no-ssl3.patch qt-everywhere-opensource-src-4.8.7-openssl.patch qt4-openssl-1.1.0pre-3.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ libqt4-sql-plugins.spec: same change ++++++ libqt4.spec ++++++ --- /var/tmp/diff_new_pack.zbTnrd/_old 2017-12-16 20:44:57.009938291 +0100 +++ /var/tmp/diff_new_pack.zbTnrd/_new 2017-12-16 20:44:57.013938098 +0100 @@ -35,7 +35,7 @@ BuildRequires: libjpeg-devel BuildRequires: libmng-devel %if 0%{?suse_version} >= 1330 -BuildRequires: libopenssl-1_0_0-devel +BuildRequires: libopenssl-1_1_0-devel # libnsl has been split out of glibc for CODE15 BuildRequires: libnsl-devel %else @@ -154,6 +154,12 @@ Patch170: fix-build-icu59.patch # PATCH-FIX-UPSTREAM fix bolder fonts in qt4 apps [boo#956357] [QTBUG#27301] Patch171: fix-medium-font.diff +# PATCH-FIX-OPENSUSE no-ssl3.patch +Patch200: no-ssl3.patch +# PATCH-FIX-OPENSUSE qt4-openssl-1.1.0pre-3.patch +Patch201: qt4-openssl-1.1.0pre-3.patch +# PATCH-FIX-OPENSUSE qt-everywhere-opensource-src-4.8.7-openssl.patch +Patch202: qt-everywhere-opensource-src-4.8.7-openssl.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %define common_options --opensource -fast -no-separate-debug-info -shared -xkb -openssl-linked -xrender -xcursor -dbus-linked -xfixes -xrandr -xinerama -sm -no-nas-sound -no-rpath -system-libjpeg -system-libpng -accessibility -cups -stl -nis -system-zlib -prefix /usr -L %{_libdir} -libdir %{_libdir} -docdir %_docdir/%{base_name} -examplesdir %{_libdir}/qt4/examples -demosdir %{_libdir}/qt4/demos -plugindir %plugindir -translationdir %{_datadir}/qt4/translations -iconv -sysconfdir /etc/settings -datadir %{_datadir}/qt4/ -no-pch -reduce-relocations -exceptions -system-libtiff -glib -optimized-qmake -no-webkit -no-xmlpatterns -system-sqlite -qt3support -no-sql-mysql -importdir %plugindir/imports -xsync -xinput -gtkstyle @@ -193,7 +199,7 @@ Requires: glib2-devel Requires: libmng-devel %if 0%{?suse_version} >= 1330 -Requires: libopenssl-1_0_0-devel +Requires: libopenssl-1_1_0-devel %else Requires: openssl-devel %endif @@ -473,6 +479,11 @@ %patch169 -p1 %patch170 -p1 %patch171 -p1 +%if 0%{?suse_version} >= 1330 +%patch200 -p1 +%patch201 -p1 +%patch202 -p1 +%endif # be sure not to use them rm -rf src/3rdparty/{libjpeg,freetype,libpng,zlib,libtiff,fonts} @@ -485,8 +496,13 @@ %ifarch ppc64 RPM_OPT_FLAGS="$RPM_OPT_FLAGS -mminimal-toc" %endif -export CXXFLAGS="$CXXFLAGS $RPM_OPT_FLAGS -DOPENSSL_LOAD_CONF -std=gnu++98" -export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -DOPENSSL_LOAD_CONF" +%if 0%{?suse_version} >= 1330 +NO_SSL2="-DOPENSSL_NO_SSL2" +%else +NO_SSL2="" +%endif +export CXXFLAGS="$CXXFLAGS $RPM_OPT_FLAGS -DOPENSSL_LOAD_CONF $NO_SSL2 -std=gnu++98" +export CFLAGS="$CFLAGS $RPM_OPT_FLAGS -DOPENSSL_LOAD_CONF $NO_SSL2" export MAKEFLAGS="%{?_smp_mflags}" touch translations/qt_de.qm %ifarch sparc64 ++++++ no-ssl3.patch ++++++ From: Jon DeVree <n...@vault24.org> Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806505 Reviewed-by: Lisandro Damián Nicanor Pérez Meyer <lisan...@debian.org> Last-Update: 2015-11-30 Description: Do not use SSLv3 methods in Qt4 >From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806505 This patch makes the use of SSLv3 methods optional at compile time. On Debian this means they will not be used and will return a null ctx if the SSLv3 method is deliberately selected. --- diff -Nru qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl.cpp qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl.cpp --- qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 10:14:44.000000000 -0400 +++ qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl.cpp 2015-11-27 20:49:36.768826857 -0500 @@ -267,7 +267,11 @@ #endif break; case QSsl::SslV3: +#ifndef OPENSSL_NO_SSL3_METHOD ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method()); +#else + ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error +#endif break; case QSsl::SecureProtocols: // SslV2 will be disabled below case QSsl::TlsV1SslV3: // SslV2 will be disabled below diff -Nru qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl_symbols.cpp qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl_symbols.cpp --- qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 10:14:44.000000000 -0400 +++ qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-11-27 20:49:48.061023402 -0500 @@ -228,13 +228,17 @@ #ifndef OPENSSL_NO_SSL2 DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) #endif +#ifndef OPENSSL_NO_SSL3_METHOD DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) +#endif DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) #ifndef OPENSSL_NO_SSL2 DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return) #endif +#ifndef OPENSSL_NO_SSL3_METHOD DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) +#endif DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) #else @@ -822,13 +826,17 @@ #ifndef OPENSSL_NO_SSL2 RESOLVEFUNC(SSLv2_client_method) #endif +#ifndef OPENSSL_NO_SSL3_METHOD RESOLVEFUNC(SSLv3_client_method) +#endif RESOLVEFUNC(SSLv23_client_method) RESOLVEFUNC(TLSv1_client_method) #ifndef OPENSSL_NO_SSL2 RESOLVEFUNC(SSLv2_server_method) #endif +#ifndef OPENSSL_NO_SSL3_METHOD RESOLVEFUNC(SSLv3_server_method) +#endif RESOLVEFUNC(SSLv23_server_method) RESOLVEFUNC(TLSv1_server_method) RESOLVEFUNC(X509_NAME_entry_count) ++++++ qt-everywhere-opensource-src-4.8.7-openssl.patch ++++++ --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp.gcc7 2017-10-10 01:48:46.293207220 +0200 +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp 2017-10-10 02:39:33.577822717 +0200 @@ -696,7 +696,7 @@ static QMap<QString, QString> _q_mapFrom unsigned char *data = 0; int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e)); info[QString::fromUtf8(obj)] = QString::fromUtf8((char*)data, size); - q_CRYPTO_free(data); + q_CRYPTO_free(data, OPENSSL_FILE, OPENSSL_LINE); } return info; } --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2017-10-10 02:40:09.200573999 +0200 +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2017-10-10 03:28:42.002259271 +0200 @@ -111,16 +111,16 @@ DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return); DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return) DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return) -DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return 0, return) +DEFINEFUNC(BIO *, BIO_new, BIO_METHOD const *a, a, return 0, return) DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return 0, return) DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return) -DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) +DEFINEFUNC(BIO_METHOD const *, BIO_s_mem, void, DUMMYARG, return 0, return) DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG) DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG) -DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) +DEFINEFUNC3(void, CRYPTO_free, void *a, a, const char *file, file, int line, line, return, DUMMYARG) DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) #if OPENSSL_VERSION_NUMBER < 0x00908000L DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return) @@ -300,7 +300,7 @@ DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return) DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return) DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return) -DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return) +DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM const **p, p, BIGNUM const **q, q, BIGNUM const **g, g, return, return) #endif #ifdef Q_OS_SYMBIAN --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h 2017-10-10 02:37:43.856588477 +0200 +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h 2017-10-10 03:29:20.388003594 +0200 @@ -207,16 +207,16 @@ int q_ASN1_STRING_to_UTF8(unsigned char **a, ASN1_STRING *b); long q_BIO_ctrl(BIO *a, int b, long c, void *d); int q_BIO_free(BIO *a); -BIO *q_BIO_new(BIO_METHOD *a); +BIO *q_BIO_new(BIO_METHOD const *a); BIO *q_BIO_new_mem_buf(void *a, int b); int q_BIO_read(BIO *a, void *b, int c); -BIO_METHOD *q_BIO_s_mem(); +BIO_METHOD const *q_BIO_s_mem(); int q_BIO_write(BIO *a, const void *b, int c); int q_BN_num_bits(const BIGNUM *a); int q_CRYPTO_num_locks(); void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int)); void q_CRYPTO_set_id_callback(unsigned long (*a)()); -void q_CRYPTO_free(void *a); +void q_CRYPTO_free(void *a, const char *file, int line); void q_DSA_free(DSA *a); #if OPENSSL_VERSION_NUMBER >= 0x00908000L // 0.9.8 broke SC and BC by changing this function's signature. @@ -415,7 +415,7 @@ X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); int q_RSA_bits(const RSA *rsa); int q_DSA_security_bits(const DSA *dsa); -void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); +void q_DSA_get0_pqg(const DSA *d, BIGNUM const **p, BIGNUM const **q, BIGNUM const **g); #endif #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) --- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp.gcc7 2017-10-10 02:59:26.063849950 +0200 +++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp 2017-10-10 03:30:35.751501362 +0200 @@ -328,7 +328,7 @@ int QSslKey::length() const if (d->algorithm == QSsl::Rsa) { return q_RSA_bits(d->rsa); }else{ - BIGNUM *p = NULL; + BIGNUM const *p = NULL; q_DSA_get0_pqg(d->dsa, &p, NULL, NULL); return q_BN_num_bits(p); } ++++++ qt4-openssl-1.1.0pre-3.patch ++++++ From: Gert Wollny <gw.foss...@gmail.com> Last-Update: 2016-06-28 Bug-Debian: http://bugs.debian.org/828522 Subject: Compile with openssl-1.1.0 * Most changes are related to openssl structures are now opaque. * The network/ssl threading setup has been disabled because the old openssl threading model has been removed and is apparently no longer needed. * A number of new functions had to be imported (see changes to src/network/ssl/qsslsocket_openssl_symbols.cpp) --- a/src/network/ssl/qsslcertificate.cpp +++ b/src/network/ssl/qsslcertificate.cpp @@ -259,10 +259,10 @@ QByteArray QSslCertificate::version() const { QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); - if (d->versionString.isEmpty() && d->x509) + if (d->versionString.isEmpty() && d->x509) { d->versionString = - QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1); - + QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1); + } return d->versionString; } @@ -276,7 +276,7 @@ { QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); if (d->serialNumberString.isEmpty() && d->x509) { - ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; + ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509); // if we cannot convert to a long, just output the hexadecimal number if (serialNumber->length > 4) { QByteArray hexString; @@ -489,24 +489,33 @@ QSslKey key; key.d->type = QSsl::PublicKey; +#if OPENSSL_VERSION_NUMBER < 0x10100000L X509_PUBKEY *xkey = d->x509->cert_info->key; +#else + X509_PUBKEY *xkey = q_X509_get_X509_PUBKEY(d->x509); +#endif EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); Q_ASSERT(pkey); - if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) { + int key_id; +#if OPENSSL_VERSION_NUMBER < 0x10100000L + key_id = q_EVP_PKEY_type(pkey->type); +#else + key_id = q_EVP_PKEY_base_id(pkey); +#endif + if (key_id == EVP_PKEY_RSA) { key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); key.d->algorithm = QSsl::Rsa; key.d->isNull = false; - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { + } else if (key_id == EVP_PKEY_DSA) { key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); key.d->algorithm = QSsl::Dsa; key.d->isNull = false; - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) { + } else if (key_id == EVP_PKEY_DH) { // DH unsupported } else { // error? } - q_EVP_PKEY_free(pkey); return key; } --- a/src/network/ssl/qsslkey.cpp +++ b/src/network/ssl/qsslkey.cpp @@ -321,8 +321,19 @@ { if (d->isNull) return -1; +#if OPENSSL_VERSION_NUMBER < 0x10100000L return (d->algorithm == QSsl::Rsa) ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p); +#else + if (d->algorithm == QSsl::Rsa) { + return q_RSA_bits(d->rsa); + }else{ + BIGNUM *p = NULL; + q_DSA_get0_pqg(d->dsa, &p, NULL, NULL); + return q_BN_num_bits(p); + } +#endif + } /*! --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -93,6 +93,7 @@ bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; bool QSslSocketPrivate::s_loadRootCertsOnDemand = false; +#if OPENSSL_VERSION_NUMBER < 0x10100000L /* \internal From OpenSSL's thread(3) manual page: @@ -174,6 +175,8 @@ } } // extern "C" +#endif //OPENSSL_VERSION_NUMBER >= 0x10100000L + QSslSocketBackendPrivate::QSslSocketBackendPrivate() : ssl(0), ctx(0), @@ -222,9 +225,12 @@ ciph.d->encryptionMethod = descriptionList.at(4).mid(4); ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export")); +#if OPENSSL_VERSION_NUMBER < 0x10100000L ciph.d->bits = cipher->strength_bits; ciph.d->supportedBits = cipher->alg_bits; - +#else + ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits); +#endif } return ciph; } @@ -367,7 +373,7 @@ // // See also: QSslContext::fromConfiguration() if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { - q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle()); + q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle()); } } @@ -504,8 +510,10 @@ */ void QSslSocketPrivate::deinitialize() { +#if OPENSSL_VERSION_NUMBER < 0x10100000L q_CRYPTO_set_id_callback(0); q_CRYPTO_set_locking_callback(0); +#endif } /*! @@ -526,13 +534,17 @@ return false; // Check if the library itself needs to be initialized. +#if OPENSSL_VERSION_NUMBER < 0x10100000L QMutexLocker locker(openssl_locks()->initLock()); +#endif if (!s_libraryLoaded) { s_libraryLoaded = true; // Initialize OpenSSL. +#if OPENSSL_VERSION_NUMBER < 0x10100000L q_CRYPTO_set_id_callback(id_function); q_CRYPTO_set_locking_callback(locking_function); +#endif if (q_SSL_library_init() != 1) return false; q_SSL_load_error_strings(); @@ -571,7 +583,9 @@ void QSslSocketPrivate::ensureCiphersAndCertsLoaded() { - QMutexLocker locker(openssl_locks()->initLock()); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + QMutexLocker locker(openssl_locks()->initLock()); +#endif if (s_loadedCiphersAndCerts) return; s_loadedCiphersAndCerts = true; @@ -678,7 +678,9 @@ STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L if (cipher->valid) { +#endif QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); if (!ciph.isNull()) { // Unconditionally exclude ADH and AECDH ciphers since they offer no MITM protection @@ -692,7 +694,9 @@ defaultCiphers << ciph; } } +#if OPENSSL_VERSION_NUMBER < 0x10100000L } +#endif } } --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -399,7 +399,25 @@ PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ bp,(char *)x,enc,kstr,klen,cb,u) #endif + +X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx); +ASN1_INTEGER * q_X509_get_serialNumber(X509 *x); + +#if OPENSSL_VERSION_NUMBER < 0x10100000L #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) +#define q_X509_get_version(x) X509_get_version(x) +#else +int q_EVP_PKEY_id(const EVP_PKEY *pkey); +int q_EVP_PKEY_base_id(const EVP_PKEY *pkey); +int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits); +long q_SSL_CTX_set_options(SSL_CTX *ctx, long options); +long q_X509_get_version(X509 *x); +X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x); +int q_RSA_bits(const RSA *rsa); +int q_DSA_security_bits(const DSA *dsa); +void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g); +#endif + #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) @@ -410,8 +428,15 @@ #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i)) #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \ q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) + +#if OPENSSL_VERSION_NUMBER < 0x10100000L #define q_X509_get_notAfter(x) X509_get_notAfter(x) #define q_X509_get_notBefore(x) X509_get_notBefore(x) +#else +ASN1_TIME *q_X509_get_notAfter(X509 *x); +ASN1_TIME *q_X509_get_notBefore(X509 *x); +#endif + #define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ (char *)(rsa)) #define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -290,6 +290,22 @@ DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG) DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return) DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return) +DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *ctx, ctx, return 0, return) + +DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *x, x, return 0, return) +#if OPENSSL_VERSION_NUMBER >= 0x10100000L +DEFINEFUNC(int, EVP_PKEY_id, const EVP_PKEY *pkey, pkey, return 0, return) +DEFINEFUNC(int, EVP_PKEY_base_id, const EVP_PKEY *pkey, pkey, return 0, return) +DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *cipher, cipher, int *alg_bits, alg_bits, return 0, return) +DEFINEFUNC2(long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, long options, options, return 0, return) +DEFINEFUNC(long, X509_get_version, X509 *x, x, return 0, return) +DEFINEFUNC(X509_PUBKEY *, X509_get_X509_PUBKEY, X509 *x, x, return 0, return) +DEFINEFUNC(int, RSA_bits, const RSA *rsa, rsa, return 0, return) +DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return) +DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return) +DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return) +DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return) +#endif #ifdef Q_OS_SYMBIAN #define RESOLVEFUNC(func, ordinal, lib) \ @@ -801,6 +817,7 @@ RESOLVEFUNC(SSL_CTX_use_PrivateKey) RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) + RESOLVEFUNC(SSL_CTX_get_cert_store) RESOLVEFUNC(SSL_accept) RESOLVEFUNC(SSL_clear) RESOLVEFUNC(SSL_connect) @@ -823,6 +840,23 @@ RESOLVEFUNC(SSL_set_connect_state) RESOLVEFUNC(SSL_shutdown) RESOLVEFUNC(SSL_write) + + RESOLVEFUNC(X509_get_serialNumber) +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + RESOLVEFUNC(SSL_CTX_ctrl) + RESOLVEFUNC(EVP_PKEY_id) + RESOLVEFUNC(EVP_PKEY_base_id) + RESOLVEFUNC(SSL_CIPHER_get_bits) + RESOLVEFUNC(SSL_CTX_set_options) + RESOLVEFUNC(X509_get_version) + RESOLVEFUNC(X509_get_X509_PUBKEY) + RESOLVEFUNC(RSA_bits) + RESOLVEFUNC(DSA_security_bits) + RESOLVEFUNC(DSA_get0_pqg) + RESOLVEFUNC(X509_get_notAfter) + RESOLVEFUNC(X509_get_notBefore) +#endif + #ifndef OPENSSL_NO_SSL2 RESOLVEFUNC(SSLv2_client_method) #endif