subject:"unbreak tls in Qt4"

Re: unbreak tls in Qt4

2019-11-13 Thread Theo Buehler

On Wed, Nov 13, 2019 at 12:14:38PM +, Stuart Henderson wrote:
> On 2019/11/12 10:37, Rafael Sadowski wrote:
> > 
> > The diff is part of qtnetwork which is part of -main, so we just need
> > the bump -main. With this, OK rsadowski@
> 
> As long as you are certain nothing else pulls in this header.
> (If in doubt, bump)

I think we're good with just a bump of -main. It's a private header of
qtnetwork and there are no occurrences of the string qsslsocket_openssl
outside of it (except from translations and the changelog):

$ ag -l qsslsocket_openssl 
/usr/ports/pobj/qt4-4.8.7/qt-everywhere-opensource-src-4.8.7
include/QtNetwork/headers.pri
include/QtNetwork/private/qsslsocket_openssl_symbols_p.h
include/QtNetwork/private/qsslsocket_openssl_p.h
translations/qt_sv.ts
translations/qt_da.ts
translations/qt_hu.ts
translations/qt_zh_CN.ts
translations/qt_pt.ts
translations/qt_zh_TW.ts
translations/qt_es.ts
src/network/ssl/qsslcertificate.cpp
src/network/ssl/qsslsocket_openssl.cpp
src/network/ssl/qsslsocket_openssl_symbols_p.h
src/network/ssl/ssl.pri
src/network/ssl/qsslkey.cpp
src/network/ssl/qsslsocket_openssl_symbols.cpp
src/network/ssl/qsslsocket.cpp
src/network/ssl/qsslsocket_openssl_p.h
changes-4.8.7

> 
> 
> > Thanks!
> > 
> > >  
> > >  # XXX qmake include parser is bogus
> > >  DPB_PROPERTIES = parallelnojunk
> > > Index: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> > > ===
> > > RCS file: 
> > > /var/cvs/ports/x11/qt4/patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h,v
> > > retrieving revision 1.1
> > > diff -u -p -r1.1 patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> > > --- patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h  27 Aug 
> > > 2018 03:54:57 -  1.1
> > > +++ patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h  11 Nov 
> > > 2019 20:07:24 -
> > > @@ -3,14 +3,23 @@ $OpenBSD: patch-src_network_ssl_qsslsock
> > >  Index: src/network/ssl/qsslsocket_openssl_symbols_p.h
> > >  --- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig
> > >  +++ src/network/ssl/qsslsocket_openssl_symbols_p.h
> > > -@@ -410,8 +410,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char 
> > > **pp, 
> > > +@@ -360,6 +360,8 @@ int q_X509_get_ext_count(X509 *a);
> > > + void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
> > > + X509_NAME *q_X509_get_issuer_name(X509 *a);
> > > + X509_NAME *q_X509_get_subject_name(X509 *a);
> > > ++ASN1_TIME *q_X509_getm_notBefore(const X509 *x);
> > > ++ASN1_TIME *q_X509_getm_notAfter(const X509 *x);
> > > + int q_X509_verify_cert(X509_STORE_CTX *ctx);
> > > + int q_X509_NAME_entry_count(X509_NAME *a);
> > > + X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
> > > +@@ -410,8 +412,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char 
> > > **pp, 
> > >   #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), 
> > > (i))
> > >   #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
> > >   q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
> > >  -#define q_X509_get_notAfter(x) X509_get_notAfter(x)
> > >  -#define q_X509_get_notBefore(x) X509_get_notBefore(x)
> > > -+#define q_X509_getm_notAfter(x) X509_getm_notAfter(x)
> > > -+#define q_X509_getm_notBefore(x) X509_getm_notBefore(x)
> > > ++#define q_X509_getm_notAfter(x) q_X509_getm_notAfter(x)
> > > ++#define q_X509_getm_notBefore(x) q_X509_getm_notBefore(x)
> > >   #define q_EVP_PKEY_assign_RSA(pkey,rsa) 
> > > q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
> > >   (char *)(rsa))
> > >   #define q_EVP_PKEY_assign_DSA(pkey,dsa) 
> > > q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
> >

Re: unbreak tls in Qt4

2019-11-13 Thread Stuart Henderson

On 2019/11/12 10:37, Rafael Sadowski wrote:
> 
> The diff is part of qtnetwork which is part of -main, so we just need
> the bump -main. With this, OK rsadowski@

As long as you are certain nothing else pulls in this header.
(If in doubt, bump)


> Thanks!
> 
> >  
> >  # XXX qmake include parser is bogus
> >  DPB_PROPERTIES =   parallelnojunk
> > Index: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> > ===
> > RCS file: 
> > /var/cvs/ports/x11/qt4/patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h,v
> > retrieving revision 1.1
> > diff -u -p -r1.1 patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> > --- patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h27 Aug 
> > 2018 03:54:57 -  1.1
> > +++ patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h11 Nov 
> > 2019 20:07:24 -
> > @@ -3,14 +3,23 @@ $OpenBSD: patch-src_network_ssl_qsslsock
> >  Index: src/network/ssl/qsslsocket_openssl_symbols_p.h
> >  --- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig
> >  +++ src/network/ssl/qsslsocket_openssl_symbols_p.h
> > -@@ -410,8 +410,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
> > +@@ -360,6 +360,8 @@ int q_X509_get_ext_count(X509 *a);
> > + void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
> > + X509_NAME *q_X509_get_issuer_name(X509 *a);
> > + X509_NAME *q_X509_get_subject_name(X509 *a);
> > ++ASN1_TIME *q_X509_getm_notBefore(const X509 *x);
> > ++ASN1_TIME *q_X509_getm_notAfter(const X509 *x);
> > + int q_X509_verify_cert(X509_STORE_CTX *ctx);
> > + int q_X509_NAME_entry_count(X509_NAME *a);
> > + X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
> > +@@ -410,8 +412,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
> >   #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
> >   #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
> >   q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
> >  -#define q_X509_get_notAfter(x) X509_get_notAfter(x)
> >  -#define q_X509_get_notBefore(x) X509_get_notBefore(x)
> > -+#define q_X509_getm_notAfter(x) X509_getm_notAfter(x)
> > -+#define q_X509_getm_notBefore(x) X509_getm_notBefore(x)
> > ++#define q_X509_getm_notAfter(x) q_X509_getm_notAfter(x)
> > ++#define q_X509_getm_notBefore(x) q_X509_getm_notBefore(x)
> >   #define q_EVP_PKEY_assign_RSA(pkey,rsa) 
> > q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
> > (char *)(rsa))
> >   #define q_EVP_PKEY_assign_DSA(pkey,dsa) 
> > q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
>

Re: unbreak tls in Qt4

2019-11-12 Thread Jeremie Courreges-Anglas

On Tue, Nov 12 2019, Rafael Sadowski  wrote:
> Yeah, the issue is gone. Tested with net/psi. Thanks for taking care of
> it. One commit below.
>
> On Mon Nov 11, 2019 at 11:47:12PM +0200, Theo Buehler wrote:
>> The SSL/TLS support in Qt4 was broken during the notBefore/notAfter
>> reshuffling way back in August last year. You'd get an error such as
>> 
>> [21:54:10] W:QSslSocket: cannot call unresolved function X509_getm_notBefore
>> Segmentation fault (core dumped)
>> 
>> No one complained until rsadowski showed it to me here in Bucharest.
>> Once this has seen more testing it should probably land in -stable,
>> I would appreciate some help with that.
>> 
>> Index: Makefile
>> ===
>> RCS file: /var/cvs/ports/x11/qt4/Makefile,v
>> retrieving revision 1.158
>> diff -u -p -r1.158 Makefile
>> --- Makefile 12 Jul 2019 20:51:20 -  1.158
>> +++ Makefile 11 Nov 2019 21:40:26 -
>> @@ -25,14 +25,14 @@ PKGNAME-main =   qt4-${PKGVERSION}
>>  PKGNAME-debug = qt4-debug-${PKGVERSION}
>>  FULLPKGNAME-html =  qt4-html-${PKGVERSION}
>>  FULLPKGPATH-html =  ${BASE_PKGPATH},-html
>> -REVISION-main = 19
>> -REVISION-mysql =6
>> -REVISION-postgresql =   6
>> -REVISION-sqlite2 =  6
>> -REVISION-tds =  6
>> +REVISION-main = 20
>> +REVISION-mysql =7
>> +REVISION-postgresql =   7
>> +REVISION-sqlite2 =  7
>> +REVISION-tds =  7
>>  REVISION-debug =3
>> -REVISION-examples = 7
>> -REVISION-html = 3
>> +REVISION-examples = 8
>> +REVISION-html = 4
>
> The diff is part of qtnetwork which is part of -main, so we just need
> the bump -main. With this, OK rsadowski@

Makes sense to me, ok jca@

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: unbreak tls in Qt4

2019-11-12 Thread Rafael Sadowski

Yeah, the issue is gone. Tested with net/psi. Thanks for taking care of
it. One commit below.

On Mon Nov 11, 2019 at 11:47:12PM +0200, Theo Buehler wrote:
> The SSL/TLS support in Qt4 was broken during the notBefore/notAfter
> reshuffling way back in August last year. You'd get an error such as
> 
> [21:54:10] W:QSslSocket: cannot call unresolved function X509_getm_notBefore
> Segmentation fault (core dumped)
> 
> No one complained until rsadowski showed it to me here in Bucharest.
> Once this has seen more testing it should probably land in -stable,
> I would appreciate some help with that.
> 
> Index: Makefile
> ===
> RCS file: /var/cvs/ports/x11/qt4/Makefile,v
> retrieving revision 1.158
> diff -u -p -r1.158 Makefile
> --- Makefile  12 Jul 2019 20:51:20 -  1.158
> +++ Makefile  11 Nov 2019 21:40:26 -
> @@ -25,14 +25,14 @@ PKGNAME-main =qt4-${PKGVERSION}
>  PKGNAME-debug =  qt4-debug-${PKGVERSION}
>  FULLPKGNAME-html =   qt4-html-${PKGVERSION}
>  FULLPKGPATH-html =   ${BASE_PKGPATH},-html
> -REVISION-main =  19
> -REVISION-mysql = 6
> -REVISION-postgresql =6
> -REVISION-sqlite2 =   6
> -REVISION-tds =   6
> +REVISION-main =  20
> +REVISION-mysql = 7
> +REVISION-postgresql =7
> +REVISION-sqlite2 =   7
> +REVISION-tds =   7
>  REVISION-debug = 3
> -REVISION-examples =  7
> -REVISION-html =  3
> +REVISION-examples =  8
> +REVISION-html =  4

The diff is part of qtnetwork which is part of -main, so we just need
the bump -main. With this, OK rsadowski@

Thanks!

>  
>  # XXX qmake include parser is bogus
>  DPB_PROPERTIES = parallelnojunk
> Index: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> ===
> RCS file: 
> /var/cvs/ports/x11/qt4/patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h,v
> retrieving revision 1.1
> diff -u -p -r1.1 patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
> --- patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h  27 Aug 
> 2018 03:54:57 -  1.1
> +++ patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h  11 Nov 
> 2019 20:07:24 -
> @@ -3,14 +3,23 @@ $OpenBSD: patch-src_network_ssl_qsslsock
>  Index: src/network/ssl/qsslsocket_openssl_symbols_p.h
>  --- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig
>  +++ src/network/ssl/qsslsocket_openssl_symbols_p.h
> -@@ -410,8 +410,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
> +@@ -360,6 +360,8 @@ int q_X509_get_ext_count(X509 *a);
> + void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
> + X509_NAME *q_X509_get_issuer_name(X509 *a);
> + X509_NAME *q_X509_get_subject_name(X509 *a);
> ++ASN1_TIME *q_X509_getm_notBefore(const X509 *x);
> ++ASN1_TIME *q_X509_getm_notAfter(const X509 *x);
> + int q_X509_verify_cert(X509_STORE_CTX *ctx);
> + int q_X509_NAME_entry_count(X509_NAME *a);
> + X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
> +@@ -410,8 +412,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
>   #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
>   #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
>   q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
>  -#define q_X509_get_notAfter(x) X509_get_notAfter(x)
>  -#define q_X509_get_notBefore(x) X509_get_notBefore(x)
> -+#define q_X509_getm_notAfter(x) X509_getm_notAfter(x)
> -+#define q_X509_getm_notBefore(x) X509_getm_notBefore(x)
> ++#define q_X509_getm_notAfter(x) q_X509_getm_notAfter(x)
> ++#define q_X509_getm_notBefore(x) q_X509_getm_notBefore(x)
>   #define q_EVP_PKEY_assign_RSA(pkey,rsa) 
> q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
>   (char *)(rsa))
>   #define q_EVP_PKEY_assign_DSA(pkey,dsa) 
> q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\

unbreak tls in Qt4

2019-11-11 Thread Theo Buehler

The SSL/TLS support in Qt4 was broken during the notBefore/notAfter
reshuffling way back in August last year. You'd get an error such as

[21:54:10] W:QSslSocket: cannot call unresolved function X509_getm_notBefore
Segmentation fault (core dumped)

No one complained until rsadowski showed it to me here in Bucharest.
Once this has seen more testing it should probably land in -stable,
I would appreciate some help with that.

Index: Makefile
===
RCS file: /var/cvs/ports/x11/qt4/Makefile,v
retrieving revision 1.158
diff -u -p -r1.158 Makefile
--- Makefile12 Jul 2019 20:51:20 -  1.158
+++ Makefile11 Nov 2019 21:40:26 -
@@ -25,14 +25,14 @@ PKGNAME-main =  qt4-${PKGVERSION}
 PKGNAME-debug =qt4-debug-${PKGVERSION}
 FULLPKGNAME-html = qt4-html-${PKGVERSION}
 FULLPKGPATH-html = ${BASE_PKGPATH},-html
-REVISION-main =19
-REVISION-mysql =   6
-REVISION-postgresql =  6
-REVISION-sqlite2 = 6
-REVISION-tds = 6
+REVISION-main =20
+REVISION-mysql =   7
+REVISION-postgresql =  7
+REVISION-sqlite2 = 7
+REVISION-tds = 7
 REVISION-debug =   3
-REVISION-examples =7
-REVISION-html =3
+REVISION-examples =8
+REVISION-html =4
 
 # XXX qmake include parser is bogus
 DPB_PROPERTIES =   parallelnojunk
Index: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
===
RCS file: 
/var/cvs/ports/x11/qt4/patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h,v
retrieving revision 1.1
diff -u -p -r1.1 patch-src_network_ssl_qsslsocket_openssl_symbols_p_h
--- patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h27 Aug 
2018 03:54:57 -  1.1
+++ patches/patch-src_network_ssl_qsslsocket_openssl_symbols_p_h11 Nov 
2019 20:07:24 -
@@ -3,14 +3,23 @@ $OpenBSD: patch-src_network_ssl_qsslsock
 Index: src/network/ssl/qsslsocket_openssl_symbols_p.h
 --- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig
 +++ src/network/ssl/qsslsocket_openssl_symbols_p.h
-@@ -410,8 +410,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
+@@ -360,6 +360,8 @@ int q_X509_get_ext_count(X509 *a);
+ void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
+ X509_NAME *q_X509_get_issuer_name(X509 *a);
+ X509_NAME *q_X509_get_subject_name(X509 *a);
++ASN1_TIME *q_X509_getm_notBefore(const X509 *x);
++ASN1_TIME *q_X509_getm_notAfter(const X509 *x);
+ int q_X509_verify_cert(X509_STORE_CTX *ctx);
+ int q_X509_NAME_entry_count(X509_NAME *a);
+ X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
+@@ -410,8 +412,8 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsigned char **pp, 
  #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
  #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
  q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
 -#define q_X509_get_notAfter(x) X509_get_notAfter(x)
 -#define q_X509_get_notBefore(x) X509_get_notBefore(x)
-+#define q_X509_getm_notAfter(x) X509_getm_notAfter(x)
-+#define q_X509_getm_notBefore(x) X509_getm_notBefore(x)
++#define q_X509_getm_notAfter(x) q_X509_getm_notAfter(x)
++#define q_X509_getm_notBefore(x) q_X509_getm_notBefore(x)
  #define q_EVP_PKEY_assign_RSA(pkey,rsa) 
q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
(char *)(rsa))
  #define q_EVP_PKEY_assign_DSA(pkey,dsa) 
q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\

Re: unbreak tls in Qt4

Re: unbreak tls in Qt4

Re: unbreak tls in Qt4

Re: unbreak tls in Qt4

unbreak tls in Qt4

5 matches

Site Navigation

Mail list logo

Footer information