Date: Friday, March 4, 2016 @ 22:21:20 Author: bpiotrowski Revision: 164854
Disable SSLv3 Added: lib32-qt4/trunk/disable-sslv3.patch Modified: lib32-qt4/trunk/PKGBUILD ---------------------+ PKGBUILD | 10 +++++++-- disable-sslv3.patch | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+), 2 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-03-04 21:16:25 UTC (rev 164853) +++ PKGBUILD 2016-03-04 21:21:20 UTC (rev 164854) @@ -24,12 +24,15 @@ conflicts=(lib32-qtwebkit lib32-qt) _pkgfqn="qt-everywhere-opensource-src-${pkgver}" source=("http://download.qt-project.org/official_releases/qt/4.8/${pkgver}/${_pkgfqn}.tar.gz" - "kubuntu_14_systemtrayicon.diff") + "kubuntu_14_systemtrayicon.diff" + "disable-sslv3.patch") md5sums=('d990ee66bf7ab0c785589776f35ba6ad' - 'a523644faa8f98a73f55c4aa23c114a6') + 'a523644faa8f98a73f55c4aa23c114a6' + '1803ab6313df762d807678e58fc85f53') export CC='clang' export CXX='clang++' + prepare() { cd $srcdir/$_pkgfqn @@ -40,6 +43,9 @@ # http://blog.martin-graesslin.com/blog/2014/06/where-are-my-systray-icons/ patch -p1 -i "${srcdir}"/kubuntu_14_systemtrayicon.diff + # disable SSLv3 + patch -p1 -i "${srcdir}"/disable-sslv3.patch + # some of those are likely unnecessary, but I'm too lazy to find and remove them sed -i "/^QMAKE_LINK\s/s|g++|g++ -m32|g" mkspecs/common/g++-base.conf sed -i "s|-O2|${CXXFLAGS} -m32|" mkspecs/common/g++-base.conf Added: disable-sslv3.patch =================================================================== --- disable-sslv3.patch (rev 0) +++ disable-sslv3.patch 2016-03-04 21:21:20 UTC (rev 164854) @@ -0,0 +1,54 @@ +diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp 2016-03-04 11:29:17.119300898 +0100 +@@ -267,7 +267,11 @@ + #endif + break; + case QSsl::SslV3: ++#ifndef OPENSSL_NO_SSL3 + ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method()); ++#else ++ ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error ++#endif + break; + case QSsl::SecureProtocols: // SslV2 will be disabled below + case QSsl::TlsV1SslV3: // SslV2 will be disabled below +diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp +--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 16:14:44.000000000 +0200 ++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp 2016-03-04 11:28:52.806050135 +0100 +@@ -228,13 +228,17 @@ + #ifndef OPENSSL_NO_SSL2 + DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) + #endif ++#ifndef OPENSSL_NO_SSL3 + DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return) ++#endif + DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) + DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) + #ifndef OPENSSL_NO_SSL2 + DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return) + #endif ++#ifndef OPENSSL_NO_SSL3 + DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return) ++#endif + DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) + DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) + #else +@@ -822,13 +826,17 @@ + #ifndef OPENSSL_NO_SSL2 + RESOLVEFUNC(SSLv2_client_method) + #endif ++#ifndef OPENSSL_NO_SSL3 + RESOLVEFUNC(SSLv3_client_method) ++#endif + RESOLVEFUNC(SSLv23_client_method) + RESOLVEFUNC(TLSv1_client_method) + #ifndef OPENSSL_NO_SSL2 + RESOLVEFUNC(SSLv2_server_method) + #endif ++#ifndef OPENSSL_NO_SSL3 + RESOLVEFUNC(SSLv3_server_method) ++#endif + RESOLVEFUNC(SSLv23_server_method) + RESOLVEFUNC(TLSv1_server_method) + RESOLVEFUNC(X509_NAME_entry_count)