Update to 5.7.1 fails with --- .obj/qsslsocket_openssl.o --- ssl/qsslsocket_openssl.cpp:1593:13: error: use of undeclared identifier 'SSL_CTRL_GET_SERVER_TMP_KEY' if (q_SSL_get_server_tmp_key(ssl, &key)) ^ ssl/qsslsocket_openssl_symbols_p.h:493:62: note: expanded from macro 'q_SSL_get_server_tmp_key' #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key) ^ 1 error generated. *** [.obj/qsslsocket_openssl.o] Error code 1 make[1]: stopped in /usr/ports/net/qt5-network/work/qtbase-opensource-src-5.7.1/src/network 1 error make[1]: stopped in /usr/ports/net/qt5-network/work/qtbase-opensource-src-5.7.1/src/network ===> Compilation failed unexpectedly. Try to set MAKE_JOBS_UNSAFE=yes and rebuild before reporting the failure to the maintainer. *** Error code 1 (I have libressl, but don't know if this is related to libressl).
This seems related to it (if I am righT) https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=33a8de69dc092285fce9a3db4aae2b0df8852427
Sorry, the link is an old one.
Compiles if I add #define SSL_CTRL_SET_CURVES 109 to src/network/ssl/qsslcontext_openssl.cpp, src/network/ssl/qsslsocket_openssl.cpp and src/network/ssl/qsslsocket_openssl_symbols.cpp. But that's surely not correct. This should be in a header-file (but which?).
src/network/ssl/qsslsocket_openssl_symbols_p.h seems the right header-file.
Created attachment 180153 [details] possible_patch-qsslsocket__openssl__symbols__p_h If I am right and it is nothing more to do, there is a patch.
See libressl commits: https://github.com/libressl-portable/openbsd/commit/bbf43a1c3c7aee2dfc78aaeaccffff0bbe01384d https://github.com/libressl-portable/openbsd/commit/676a3bea74630dc3e2f43902650947a37f656db9 Have compiled qt5 (5.7.1)-network in my poudriere with these additions to security/libressl-devel. Assume can patch security/libressl with same.
s3_lib.c looks different in libressl (2.4.5) Don't find the place to insert the case statements. Adding libressl mantainer to CC.
(In reply to w.schwarzenfeld from comment #7) Looking at the 2.4.5 version of s3_lib.c, lots of stuff has changed. I think the first set of case statements will slot in around line 2314 after the "case SSL_CTRL_SET_ECDH_AUTO:" statement I think the second set of case statements will slot in around original line 2485 after the "case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:" statement
Thanks! But no, whatever I did I got error messages. Seems there is need for more work.
Created attachment 180210 [details] svn-diff_qt5-network
I attach the patch again. I was a little bit uncertain about the patch for libressl-devel. But I think this is a complete other problem.
Should be: uncertain cause of the patch for libressl-devel
Poudriere testbuilds with 103amd64 and 103i386 ok.
Created attachment 180236 [details] patch-src_network_ssl_qsslsocket__openssl__symbols__p.h Change patch after r434635.
It still fails after r434635 with the same error.
I have the same issue. Proposed patch helps.
Can you please have a look at https://github.com/gentoo/libressl/blob/87834014d5517cae68190498b9c77702372e887a/dev-qt/qtnetwork/files/qtnetwork-5.7.1-libressl.patch and see if that solves issues with both libressl and libressl-devel?
No => --- .obj/qsslsocket_openssl.o --- ssl/qsslsocket_openssl.cpp:1593:13: error: use of undeclared identifier 'SSL_CTRL_GET_SERVER_TMP_KEY' if (q_SSL_get_server_tmp_key(ssl, &key)) ^ ssl/qsslsocket_openssl_symbols_p.h:495:62: note: expanded from macro 'q_SSL_get_server_tmp_key' #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key) ^ 1 error generated. *** [.obj/qsslsocket_openssl.o] Error code 1 make[1]: stopped in /ram/usr/ports/net/qt5-network/work/qtbase-opensource-src-5.7.1/src/network 1 error
Sorry, I hat to remove all patches from the files directory. Yes, this is working, thanks!
Created attachment 180274 [details] svn-diff_qt5-network
Update the patch following the contents of the link. (Named the patch in the files directory simple patch-libressl).
A commit references this bug: Author: rezny Date: Tue Mar 7 02:45:47 UTC 2017 New revision: 435579 URL: https://svnweb.freebsd.org/changeset/ports/435579 Log: Fix to build with libressl as well as libressl-devel and simplify patch PR: 217220 Reported by: w.schwarzenfeld@utanet.at Approved by: swills (mentor) Differential Revision: https://reviews.freebsd.org/D9914 Changes: head/net/qt5-network/Makefile head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
This should now be fixed, I confirmed the build with openssl, libressl, and libressl-devel this time. Confirmation with openssl-devel is not possible at this time because due to the dependency on python27 which doesn't build with openssl-devel. Sorry I missed this the last time around. I had prepared a patch for Qt 5.6.2 to build with libressl-devel after its update to 2.5.1, and tested that with all three SSL libs. Qt 5.7.1 landed in ports at the same time, so the patch was revised and quickly retested, but not with libressl 2.4.5 so the issue setting temporal keys was missed. Henceforth I'll be sure to test building against all possible SSL libs.