--- /dev/null +++ b/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp @@ -0,0 +1,80 @@ +--- src/network/ssl/qsslcertificate.cpp.orig 2015-05-07 16:14:44.000000000 +0200 ++++ src/network/ssl/qsslcertificate.cpp 2016-11-20 16:02:24.965306656 +0100 +@@ -260,8 +260,13 @@ + { + QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); + if (d->versionString.isEmpty() && d->x509) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ d->versionString = ++ QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1); ++#else + d->versionString = + QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1); ++#endif + + return d->versionString; + } +@@ -276,7 +281,11 @@ + { + QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); + if (d->serialNumberString.isEmpty() && d->x509) { ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509); ++#else + ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; ++#endif + // if we cannot convert to a long, just output the hexadecimal number + if (serialNumber->length > 4) { + QByteArray hexString; +@@ -489,19 +498,37 @@ + QSslKey key; + + key.d->type = QSsl::PublicKey; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_PKEY *pkey = q_X509_get_pubkey(d->x509); ++#else + X509_PUBKEY *xkey = d->x509->cert_info->key; + EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); ++#endif + Q_ASSERT(pkey); + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ int keyType = q_EVP_PKEY_type(q_EVP_PKEY_base_id(pkey)); ++ ++ if (keyType == EVP_PKEY_RSA) { ++#else + if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) { ++#endif + key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); + key.d->algorithm = QSsl::Rsa; + key.d->isNull = false; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ } else if (keyType == EVP_PKEY_DSA) { ++#else + } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { ++#endif + key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); + key.d->algorithm = QSsl::Dsa; + key.d->isNull = false; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ } else if (keyType == EVP_PKEY_DH) { ++#else + } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) { ++#endif + // DH unsupported + } else { + // error? +@@ -698,8 +725,13 @@ + if (!x509 || !QSslSocket::supportsSsl()) + return certificate; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ const ASN1_TIME *nbef = q_X509_get0_notBefore(x509); ++ const ASN1_TIME *naft = q_X509_get0_notAfter(x509); ++#else + ASN1_TIME *nbef = q_X509_get_notBefore(x509); + ASN1_TIME *naft = q_X509_get_notAfter(x509); ++#endif + certificate.d->notValidBefore = q_getTimeFromASN1(nbef); + certificate.d->notValidAfter = q_getTimeFromASN1(naft); + certificate.d->null = false; --- /dev/null +++ b/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp @@ -0,0 +1,16 @@ +--- src/network/ssl/qsslkey.cpp.orig 2015-05-07 16:14:44.000000000 +0200 ++++ src/network/ssl/qsslkey.cpp 2016-11-20 01:56:53.051067435 +0100 +@@ -321,8 +321,13 @@ + { + if (d->isNull) + return -1; ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 ++ return (d->algorithm == QSsl::Rsa) ++ ? q_RSA_bits(d->rsa) : q_DSA_bits(d->dsa); ++#else + return (d->algorithm == QSsl::Rsa) + ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p); ++#endif + } + + /*! --- b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp +++ b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp @@ -1,6 +1,27 @@ ---- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC -+++ src/network/ssl/qsslsocket_openssl.cpp -@@ -267,15 +267,14 @@ init_context: +--- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 16:14:44.000000000 +0200 ++++ src/network/ssl/qsslsocket_openssl.cpp 2016-11-20 14:12:20.918759010 +0100 +@@ -222,8 +222,12 @@ + ciph.d->encryptionMethod = descriptionList.at(4).mid(4); + ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export")); + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + ciph.d->bits = cipher->strength_bits; + ciph.d->supportedBits = cipher->alg_bits; ++#else ++ ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits); ++#endif + + } + return ciph; +@@ -260,22 +264,21 @@ + init_context: + switch (configuration.protocol) { + case QSsl::SslV2: +-#ifndef OPENSSL_NO_SSL2 ++#if OPENSSL_VERSION_NUMBER <= 0x1010000L && !defined(OPENSSL_NO_SSL2) + ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method()); + #else + ctx = 0; // SSL 2 not supported by the system, but chosen deliberately -> error #endif break; case QSsl::SslV3: @@ -19,3 +40,31 @@ ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method()); break; } +@@ -363,7 +366,7 @@ + // + // See also: QSslContext::fromConfiguration() + if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { +- q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle()); ++ q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle()); + } + } + +@@ -659,13 +662,11 @@ + STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); + for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { + if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { +- if (cipher->valid) { +- QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); +- if (!ciph.isNull()) { +- if (!ciph.name().toLower().startsWith(QLatin1String("adh"))) +- ciphers << ciph; +- } +- } ++ QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); ++ if (!ciph.isNull()) { ++ if (!ciph.name().toLower().startsWith(QLatin1String("adh"))) ++ ciphers << ciph; ++ } + } + } + --- b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp +++ b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp @@ -1,6 +1,98 @@ ---- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2015-05-07 14:14:44 UTC -+++ src/network/ssl/qsslsocket_openssl_symbols.cpp -@@ -511,9 +511,9 @@ static QPair loadO +--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2015-05-07 16:14:44.000000000 +0200 ++++ src/network/ssl/qsslsocket_openssl_symbols.cpp 2016-11-20 15:56:03.945333563 +0100 +@@ -122,6 +122,9 @@ + DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG) + DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) + DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) ++#if OPENSSL_VERSION_NUMBER >= 0x1010000L ++DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return) ++#endif + #if OPENSSL_VERSION_NUMBER < 0x00908000L + DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return) + #else // 0.9.8 broke SC and BC by changing this signature. +@@ -130,6 +133,9 @@ + DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return 0, return) + DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return) + DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return 0, return) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return 0, return) ++#endif + DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return) + DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return) + DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY *a, a, DSA *b, b, return -1, return) +@@ -138,6 +144,9 @@ + DEFINEFUNC(RSA *, EVP_PKEY_get1_RSA, EVP_PKEY *a, a, return 0, return) + DEFINEFUNC(EVP_PKEY *, EVP_PKEY_new, DUMMYARG, DUMMYARG, return 0, return) + DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return) ++#endif + DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return) + DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return 0, return) + DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT *a, a, return NID_undef, return) +@@ -156,6 +165,9 @@ + DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO *a, a, RSA *b, b, return 0, return) + DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG) + DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return) ++#endif + DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG) + DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return) + DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG) +@@ -169,6 +181,9 @@ + DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return) + DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return) + DEFINEFUNC3(char *, SSL_CIPHER_description, SSL_CIPHER *a, a, char *b, b, int c, c, return 0, return) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC2(int, SSL_CIPHER_get_bits, SSL_CIPHER *a, a, int *b, b, return 0, return) ++#endif + DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return) + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + // 0.9.8 broke SC and BC by changing this function's signature. +@@ -183,6 +198,9 @@ + #else + DEFINEFUNC(SSL_CTX *, SSL_CTX_new, SSL_METHOD *a, a, return 0, return) + #endif ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return) ++#endif + DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return) + DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return) + DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX *a, a, int b, b, int (*c)(int, X509_STORE_CTX *), c, return, DUMMYARG) +@@ -192,6 +210,7 @@ + DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -1, return) + DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return) + DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) ++DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return 0, return) + DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG) + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + // 0.9.8 broke SC and BC by changing this function's signature. +@@ -252,6 +271,9 @@ + #ifndef SSLEAY_MACROS + DEFINEFUNC(X509 *, X509_dup, X509 *a, a, return 0, return) + #endif ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC4(int, X509_digest, const X509 *x509, x509, const EVP_MD *type, type, unsigned char *md, md, unsigned int *len, len, return -1, return) ++#endif + DEFINEFUNC(ASN1_OBJECT *, X509_EXTENSION_get_object, X509_EXTENSION *a, a, return 0, return) + DEFINEFUNC(void, X509_free, X509 *a, a, return, DUMMYARG) + DEFINEFUNC2(X509_EXTENSION *, X509_get_ext, X509 *a, a, int b, b, return 0, return) +@@ -259,6 +281,13 @@ + DEFINEFUNC4(void *, X509_get_ext_d2i, X509 *a, a, int b, b, int *c, c, int *d, d, return 0, return) + DEFINEFUNC(X509_NAME *, X509_get_issuer_name, X509 *a, a, return 0, return) + DEFINEFUNC(X509_NAME *, X509_get_subject_name, X509 *a, a, return 0, return) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++DEFINEFUNC(long, X509_get_version, X509 *a, a, return -1, return) ++DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *a, a, return 0, return) ++DEFINEFUNC(EVP_PKEY *, X509_get_pubkey, X509 *a, a, return 0, return) ++DEFINEFUNC(const ASN1_TIME *, X509_get0_notBefore, X509 *a, a, return 0, return) ++DEFINEFUNC(const ASN1_TIME *, X509_get0_notAfter, X509 *a, a, return 0, return) ++#endif + DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX *a, a, return -1, return) + DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME *a, a, return 0, return) + DEFINEFUNC2(X509_NAME_ENTRY *, X509_NAME_get_entry, X509_NAME *a, a, int b, b, return 0, return) +@@ -511,9 +540,9 @@ libcrypto->setLoadHints(libcrypto->loadHints() | QLibrary::ImprovedSearchHeuristics); #elif defined(SHLIB_VERSION_NUMBER) // first attempt: the canonical name is libssl.so. @@ -12,7 +104,7 @@ libcrypto->setLoadHints(libcrypto->loadHints() | QLibrary::ImprovedSearchHeuristics); if (libcrypto->load() && libssl->load()) { // libssl.so. and libcrypto.so. found -@@ -525,8 +525,8 @@ static QPair loadO +@@ -525,8 +554,8 @@ #endif // second attempt: find the development files libssl.so and libcrypto.so @@ -23,3 +115,59 @@ if (libcrypto->load() && libssl->load()) { // libssl.so.0 and libcrypto.so.0 found return pair; +@@ -618,9 +647,15 @@ + RESOLVEFUNC(CRYPTO_set_id_callback, 513, libs.second ) + RESOLVEFUNC(CRYPTO_set_locking_callback, 516, libs.second ) + RESOLVEFUNC(DSA_free, 594, libs.second ) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RESOLVEFUNC(DSA_bits, 695, libs.second ) ++#endif + RESOLVEFUNC(ERR_error_string, 744, libs.second ) + RESOLVEFUNC(ERR_get_error, 749, libs.second ) + RESOLVEFUNC(EVP_des_ede3_cbc, 919, libs.second ) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RESOLVEFUNC(EVP_sha1, 920, libs.second ) ++#endif + RESOLVEFUNC(EVP_PKEY_assign, 859, libs.second ) + RESOLVEFUNC(EVP_PKEY_set1_RSA, 880, libs.second ) + RESOLVEFUNC(EVP_PKEY_set1_DSA, 879, libs.second ) +@@ -646,11 +681,17 @@ + RESOLVEFUNC(RAND_seed, 1426, libs.second ) + RESOLVEFUNC(RAND_status, 1429, libs.second ) + RESOLVEFUNC(RSA_free, 1450, libs.second ) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RESOLVEFUNC(RSA_bits, 1451, libs.second ) ++#endif + RESOLVEFUNC(sk_free, 2571, libs.second ) + RESOLVEFUNC(sk_num, 2576, libs.second ) + RESOLVEFUNC(sk_pop_free, 2578, libs.second ) + RESOLVEFUNC(sk_value, 2585, libs.second ) + RESOLVEFUNC(SSL_CIPHER_description, 11, libs.first ) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RESOLVEFUNC(SSL_CIPHER_get_bits, 12, libs.first ) ++#endif + RESOLVEFUNC(SSL_CTX_check_private_key, 21, libs.first ) + RESOLVEFUNC(SSL_CTX_ctrl, 22, libs.first ) + RESOLVEFUNC(SSL_CTX_free, 24, libs.first ) +@@ -664,6 +705,7 @@ + RESOLVEFUNC(SSL_CTX_use_PrivateKey, 58, libs.first ) + RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey, 61, libs.first ) + RESOLVEFUNC(SSL_CTX_use_PrivateKey_file, 60, libs.first ) ++ RESOLVEFUNC(SSL_CTX_get_cert_store, 62, libs.first ) + RESOLVEFUNC(SSL_accept, 82, libs.first ) + RESOLVEFUNC(SSL_clear, 92, libs.first ) + RESOLVEFUNC(SSL_connect, 93, libs.first ) +@@ -718,6 +760,13 @@ + RESOLVEFUNC(X509_get_ext_d2i, 2017, libs.second ) + RESOLVEFUNC(X509_get_issuer_name, 2018, libs.second ) + RESOLVEFUNC(X509_get_subject_name, 2022, libs.second ) ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ RESOLVEFUNC(X509_get_version, 2023, libs.second ) ++ RESOLVEFUNC(X509_get_serialNumber, 2024, libs.second ) ++ RESOLVEFUNC(X509_get_pubkey, 2025, libs.second ) ++ RESOLVEFUNC(X509_get0_notBefore, 2026, libs.second ) ++ RESOLVEFUNC(X509_get0_notAfter, 2027, libs.second ) ++#endif + RESOLVEFUNC(X509_verify_cert, 2069, libs.second ) + RESOLVEFUNC(d2i_X509, 2309, libs.second ) + RESOLVEFUNC(i2d_X509, 2489, libs.second ) --- /dev/null +++ b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h @@ -0,0 +1,95 @@ +--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2015-05-07 16:14:44.000000000 +0200 ++++ src/network/ssl/qsslsocket_openssl_symbols_p.h 2016-11-20 15:56:29.239328552 +0100 +@@ -218,6 +218,9 @@ + void q_CRYPTO_set_id_callback(unsigned long (*a)()); + void q_CRYPTO_free(void *a); + void q_DSA_free(DSA *a); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++int q_DSA_bits(DSA *a); ++#endif + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + // 0.9.8 broke SC and BC by changing this function's signature. + X509 *q_d2i_X509(X509 **a, const unsigned char **b, long c); +@@ -227,12 +230,18 @@ + char *q_ERR_error_string(unsigned long a, char *b); + unsigned long q_ERR_get_error(); + const EVP_CIPHER *q_EVP_des_ede3_cbc(); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++const EVP_MD *q_EVP_sha1(); ++#endif + int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c); + int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b); + int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b); + void q_EVP_PKEY_free(EVP_PKEY *a); + RSA *q_EVP_PKEY_get1_RSA(EVP_PKEY *a); + DSA *q_EVP_PKEY_get1_DSA(EVP_PKEY *a); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++int q_EVP_PKEY_base_id(EVP_PKEY *a); ++#endif + int q_EVP_PKEY_type(int a); + EVP_PKEY *q_EVP_PKEY_new(); + int q_i2d_X509(X509 *a, unsigned char **b); +@@ -258,6 +267,9 @@ + void q_RAND_seed(const void *a, int b); + int q_RAND_status(); + void q_RSA_free(RSA *a); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++int q_RSA_bits(RSA *a); ++#endif + int q_sk_num(STACK *a); + void q_sk_pop_free(STACK *a, void (*b)(void *)); + #if OPENSSL_VERSION_NUMBER >= 0x10000000L +@@ -270,6 +282,9 @@ + int q_SSL_accept(SSL *a); + int q_SSL_clear(SSL *a); + char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c); ++#if OPENSSL_VERSION_NUMBER >= 0x10000000L ++int q_SSL_CIPHER_get_bits(SSL_CIPHER *a, int *b); ++#endif + int q_SSL_connect(SSL *a); + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + // 0.9.8 broke SC and BC by changing this function's signature. +@@ -293,6 +308,7 @@ + int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b); + int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b); + int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c); ++X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a); + void q_SSL_free(SSL *a); + #if OPENSSL_VERSION_NUMBER >= 0x00908000L + // 0.9.8 broke SC and BC by changing this function's signature. +@@ -353,6 +369,9 @@ + #else + X509 *q_X509_dup(X509 *a); + #endif ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++int q_X509_digest(const X509 *x509, const EVP_MD *type, unsigned char *md, unsigned int *len); ++#endif + ASN1_OBJECT *q_X509_EXTENSION_get_object(X509_EXTENSION *a); + void q_X509_free(X509 *a); + X509_EXTENSION *q_X509_get_ext(X509 *a, int b); +@@ -360,6 +379,13 @@ + void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d); + X509_NAME *q_X509_get_issuer_name(X509 *a); + X509_NAME *q_X509_get_subject_name(X509 *a); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++long q_X509_get_version(X509 *a); ++ASN1_INTEGER *q_X509_get_serialNumber(X509 *a); ++EVP_PKEY *q_X509_get_pubkey(X509 *a); ++const ASN1_TIME *q_X509_get0_notBefore(X509 *a); ++const ASN1_TIME *q_X509_get0_notAfter(X509 *a); ++#endif + int q_X509_verify_cert(X509_STORE_CTX *ctx); + int q_X509_NAME_entry_count(X509_NAME *a); + X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b); +@@ -399,7 +425,11 @@ + PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ + bp,(char *)x,enc,kstr,klen,cb,u) + #endif ++#if OPENSSL_VERSION_NUMBER <= 0x10100000L + #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) ++#else ++unsigned long q_SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op); ++#endif + #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) + #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) + #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))