Attachment #194302 for bug #214691

Lines 13-20 Link Here

(-)net/qt4-network/Makefile (-2 / +2 lines)
13	LICENSE= GPLv3 LGPL21 LGPL3 GFDL	13	LICENSE= GPLv3 LGPL21 LGPL3 GFDL
14	LICENSE_COMB= dual	14	LICENSE_COMB= dual
15		15
16	BROKEN_SSL= openssl-devel	16	#BROKEN_SSL= openssl-devel
17	BROKEN_SSL_REASON_openssl-devel= error: member access into incomplete type 'RSA' (aka 'rsa_st')	17	#BROKEN_SSL_REASON_openssl-devel= error: member access into incomplete type 'RSA' (aka 'rsa_st')
18		18
19	RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss	19	RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
20		20




--- src/network/ssl/qsslcertificate.cpp.orig	2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslcertificate.cpp
@@ -260,8 +260,13 @@ QByteArray QSslCertificate::version() co
 {
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
     if (d->versionString.isEmpty() && d->x509)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	d->versionString =
+	    QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1);
+#else
         d->versionString =
             QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
+#endif
 
     return d->versionString;
 }
@@ -276,7 +281,11 @@ QByteArray QSslCertificate::serialNumber
 {
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
     if (d->serialNumberString.isEmpty() && d->x509) {
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509);
+#else
         ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
+#endif
         // if we cannot convert to a long, just output the hexadecimal number
         if (serialNumber->length > 4) {
             QByteArray hexString;
@@ -489,19 +498,37 @@ QSslKey QSslCertificate::publicKey() con
     QSslKey key;
 
     key.d->type = QSsl::PublicKey;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    EVP_PKEY *pkey = q_X509_get_pubkey(d->x509);
+#else
     X509_PUBKEY *xkey = d->x509->cert_info->key;
     EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
+#endif
     Q_ASSERT(pkey);
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    int keyType = q_EVP_PKEY_type(q_EVP_PKEY_base_id(pkey));
+
+    if (keyType == EVP_PKEY_RSA) {
+#else
     if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
+#endif
         key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
         key.d->algorithm = QSsl::Rsa;
         key.d->isNull = false;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    } else if (keyType == EVP_PKEY_DSA) {
+#else
     } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
+#endif
         key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
         key.d->algorithm = QSsl::Dsa;
         key.d->isNull = false;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    } else if (keyType == EVP_PKEY_DH) {
+#else
     } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
+#endif
         // DH unsupported
     } else {
         // error?
@@ -698,8 +725,13 @@ QSslCertificate QSslCertificatePrivate::
     if (!x509 || !QSslSocket::supportsSsl())
         return certificate;
 
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+    const ASN1_TIME *nbef = q_X509_get0_notBefore(x509);
+    const ASN1_TIME *naft = q_X509_get0_notAfter(x509);
+#else
     ASN1_TIME *nbef = q_X509_get_notBefore(x509);
     ASN1_TIME *naft = q_X509_get_notAfter(x509);
+#endif
     certificate.d->notValidBefore = q_getTimeFromASN1(nbef);
     certificate.d->notValidAfter = q_getTimeFromASN1(naft);
     certificate.d->null = false;




--- src/network/ssl/qsslkey.cpp.orig	2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslkey.cpp
@@ -321,8 +321,13 @@ int QSslKey::length() const
 {
     if (d->isNull)
         return -1;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+    return (d->algorithm == QSsl::Rsa)
+	   ? q_RSA_bits(d->rsa) : q_DSA_bits(d->dsa);
+#else
     return (d->algorithm == QSsl::Rsa)
            ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
+#endif
 }
 
 /*!




* Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols
*
 
--- src/network/ssl/qsslsocket_openssl.cpp.orig	2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslsocket_openssl.cpp
@@ -222,9 +222,12 @@ QSslCipher QSslSocketBackendPrivate::QSs
             ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
         ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
         ciph.d->bits = cipher->strength_bits;
         ciph.d->supportedBits = cipher->alg_bits;
-
+#else
+        ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits);
+#endif
     }
     return ciph;
 }
@@ -260,16 +263,20 @@ bool QSslSocketBackendPrivate::initSslCo
 init_context:
     switch (configuration.protocol) {
     case QSsl::SslV2:
-#ifndef OPENSSL_NO_SSL2
+#if OPENSSL_VERSION_NUMBER <= 0x1010000L && !defined(OPENSSL_NO_SSL2)
         ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method());
 #else
         ctx = 0; // SSL 2 not supported by the system, but chosen deliberately -> error
 #endif
         break;
     case QSsl::SslV3:

     case QSsl::TlsV1SslV3: // SslV2 will be disabled below
     case QSsl::AnyProtocol:
     default:
@@ -297,8 +304,10 @@ init_context:
 
     // Enable bug workarounds.
     long options;

     else
         options = SSL_OP_ALL;
 
@@ -363,7 +372,7 @@ init_context:
         //
         // See also: QSslContext::fromConfiguration()
         if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
-            q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
+            q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle());
         }
     }
 
@@ -659,13 +668,11 @@ void QSslSocketPrivate::resetDefaultCiph
     STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
     for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
         if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
-            if (cipher->valid) {
-                QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
-                if (!ciph.isNull()) {
-                    if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
-                        ciphers << ciph;
-                }
-            }
+	    QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
+	    if (!ciph.isNull()) {
+               if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
+		    ciphers << ciph;
+	    }
         }
     }
 




--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig	2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslsocket_openssl_symbols_p.h
@@ -218,6 +218,9 @@ void q_CRYPTO_set_locking_callback(void 
 void q_CRYPTO_set_id_callback(unsigned long (*a)());
 void q_CRYPTO_free(void *a);
 void q_DSA_free(DSA *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+int q_DSA_bits(DSA *a);
+#endif
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
 // 0.9.8 broke SC and BC by changing this function's signature.
 X509 *q_d2i_X509(X509 **a, const unsigned char **b, long c);
@@ -227,12 +230,18 @@ X509 *q_d2i_X509(X509 **a, unsigned char
 char *q_ERR_error_string(unsigned long a, char *b);
 unsigned long q_ERR_get_error();
 const EVP_CIPHER *q_EVP_des_ede3_cbc();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+const EVP_MD *q_EVP_sha1();
+#endif
 int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c);
 int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b);
 int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b);
 void q_EVP_PKEY_free(EVP_PKEY *a);
 RSA *q_EVP_PKEY_get1_RSA(EVP_PKEY *a);
 DSA *q_EVP_PKEY_get1_DSA(EVP_PKEY *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+int q_EVP_PKEY_base_id(EVP_PKEY *a);
+#endif
 int q_EVP_PKEY_type(int a);
 EVP_PKEY *q_EVP_PKEY_new();
 int q_i2d_X509(X509 *a, unsigned char **b);
@@ -258,6 +267,9 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R
 void q_RAND_seed(const void *a, int b);
 int q_RAND_status();
 void q_RSA_free(RSA *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+int q_RSA_bits(RSA *a);
+#endif
 int q_sk_num(STACK *a);
 void q_sk_pop_free(STACK *a, void (*b)(void *));
 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
@@ -270,6 +282,9 @@ char * q_sk_value(STACK *a, int b);
 int q_SSL_accept(SSL *a);
 int q_SSL_clear(SSL *a);
 char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c);
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+int q_SSL_CIPHER_get_bits(SSL_CIPHER *a, int *b);
+#endif
 int q_SSL_connect(SSL *a);
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
 // 0.9.8 broke SC and BC by changing this function's signature.
@@ -293,6 +308,7 @@ int q_SSL_CTX_use_certificate_file(SSL_C
 int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b);
 int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b);
 int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c);
+X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a);
 void q_SSL_free(SSL *a);
 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
 // 0.9.8 broke SC and BC by changing this function's signature.
@@ -353,6 +369,9 @@ void *q_ASN1_dup(i2d_of_void *i2d, d2i_o
 #else
 X509 *q_X509_dup(X509 *a);
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+int q_X509_digest(const X509 *x509, const EVP_MD *type, unsigned char *md, unsigned int *len);
+#endif
 ASN1_OBJECT *q_X509_EXTENSION_get_object(X509_EXTENSION *a);
 void q_X509_free(X509 *a);
 X509_EXTENSION *q_X509_get_ext(X509 *a, int b);
@@ -360,6 +379,13 @@ int q_X509_get_ext_count(X509 *a);
 void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d);
 X509_NAME *q_X509_get_issuer_name(X509 *a);
 X509_NAME *q_X509_get_subject_name(X509 *a);
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+long q_X509_get_version(X509 *a);
+ASN1_INTEGER *q_X509_get_serialNumber(X509 *a);
+EVP_PKEY *q_X509_get_pubkey(X509 *a);
+const ASN1_TIME *q_X509_get0_notBefore(X509 *a);
+const ASN1_TIME *q_X509_get0_notAfter(X509 *a);
+#endif
 int q_X509_verify_cert(X509_STORE_CTX *ctx);
 int q_X509_NAME_entry_count(X509_NAME *a);
 X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b);
@@ -399,7 +425,11 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign
 		PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
 			bp,(char *)x,enc,kstr,klen,cb,u)
 #endif
+#if OPENSSL_VERSION_NUMBER <= 0x10100000L
 #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+#else
+unsigned long q_SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
+#endif
 #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
 #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i)
 #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))

Return to bug 214691

Line 0 Link Here

(-)net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp (+80 lines)
		1	--- src/network/ssl/qsslcertificate.cpp.orig 2015-05-07 14:14:44 UTC
		2	+++ src/network/ssl/qsslcertificate.cpp
		3	@@ -260,8 +260,13 @@ QByteArray QSslCertificate::version() co
		4	{
		5	QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
		6	if (d->versionString.isEmpty() && d->x509)
		7	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		8	+ d->versionString =
		9	+ QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1);
		10	+#else
		11	d->versionString =
		12	QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
		13	+#endif
		14
		15	return d->versionString;
		16	}
		17	@@ -276,7 +281,11 @@ QByteArray QSslCertificate::serialNumber
		18	{
		19	QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
		20	if (d->serialNumberString.isEmpty() && d->x509) {
		21	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		22	+ ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509);
		23	+#else
		24	ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
		25	+#endif
		26	// if we cannot convert to a long, just output the hexadecimal number
		27	if (serialNumber->length > 4) {
		28	QByteArray hexString;
		29	@@ -489,19 +498,37 @@ QSslKey QSslCertificate::publicKey() con
		30	QSslKey key;
		31
		32	key.d->type = QSsl::PublicKey;
		33	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		34	+ EVP_PKEY *pkey = q_X509_get_pubkey(d->x509);
		35	+#else
		36	X509_PUBKEY *xkey = d->x509->cert_info->key;
		37	EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
		38	+#endif
		39	Q_ASSERT(pkey);
		40
		41	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		42	+ int keyType = q_EVP_PKEY_type(q_EVP_PKEY_base_id(pkey));
		43	+
		44	+ if (keyType == EVP_PKEY_RSA) {
		45	+#else
		46	if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
		47	+#endif
		48	key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
		49	key.d->algorithm = QSsl::Rsa;
		50	key.d->isNull = false;
		51	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		52	+ } else if (keyType == EVP_PKEY_DSA) {
		53	+#else
		54	} else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
		55	+#endif
		56	key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
		57	key.d->algorithm = QSsl::Dsa;
		58	key.d->isNull = false;
		59	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		60	+ } else if (keyType == EVP_PKEY_DH) {
		61	+#else
		62	} else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
		63	+#endif
		64	// DH unsupported
65	} else {
66	// error?
67	@@ -698,8 +725,13 @@ QSslCertificate QSslCertificatePrivate::
68	if (!x509 \|\| !QSslSocket::supportsSsl())
69	return certificate;
70
71	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
72	+ const ASN1_TIME *nbef = q_X509_get0_notBefore(x509);
73	+ const ASN1_TIME *naft = q_X509_get0_notAfter(x509);
74	+#else
75	ASN1_TIME *nbef = q_X509_get_notBefore(x509);
76	ASN1_TIME *naft = q_X509_get_notAfter(x509);
77	+#endif
78	certificate.d->notValidBefore = q_getTimeFromASN1(nbef);
79	certificate.d->notValidAfter = q_getTimeFromASN1(naft);
80	certificate.d->null = false;

Line 0 Link Here

(-)net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp (+16 lines)
	1	--- src/network/ssl/qsslkey.cpp.orig 2015-05-07 14:14:44 UTC
	2	+++ src/network/ssl/qsslkey.cpp
	3	@@ -321,8 +321,13 @@ int QSslKey::length() const
	4	{
	5	if (d->isNull)
	6	return -1;
	7	+#if OPENSSL_VERSION_NUMBER >= 0x10100000
	8	+ return (d->algorithm == QSsl::Rsa)
	9	+ ? q_RSA_bits(d->rsa) : q_DSA_bits(d->dsa);
	10	+#else
	11	return (d->algorithm == QSsl::Rsa)
	12	? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
	13	+#endif
	14	}
	15
	16	/*!

Lines 1-8 Link Here

(-)net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp (-2 / +53 lines)
1	* Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols	1	* Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols
2	*	2	*
		3
3	--- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC	4	--- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC
4	+++ src/network/ssl/qsslsocket_openssl.cpp	5	+++ src/network/ssl/qsslsocket_openssl.cpp
5	@@ -267,9 +267,13 @@ init_context:	6	@@ -222,9 +222,12 @@ QSslCipher QSslSocketBackendPrivate::QSs
		7	ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
		8	ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
		9
		10	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
		11	ciph.d->bits = cipher->strength_bits;
		12	ciph.d->supportedBits = cipher->alg_bits;
		13	-
		14	+#else
		15	+ ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits);
		16	+#endif
		17	}
		18	return ciph;
		19	}
		20	@@ -260,16 +263,20 @@ bool QSslSocketBackendPrivate::initSslCo
		21	init_context:
		22	switch (configuration.protocol) {
		23	case QSsl::SslV2:
		24	-#ifndef OPENSSL_NO_SSL2
		25	+#if OPENSSL_VERSION_NUMBER <= 0x1010000L && !defined(OPENSSL_NO_SSL2)
		26	ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method());
		27	#else
		28	ctx = 0; // SSL 2 not supported by the system, but chosen deliberately -> error
6	#endif	29	#endif
7	break;	30	break;
8	case QSsl::SslV3:	31	case QSsl::SslV3:
Lines 17-23 Link Here
17	case QSsl::TlsV1SslV3: // SslV2 will be disabled below	40	case QSsl::TlsV1SslV3: // SslV2 will be disabled below
18	case QSsl::AnyProtocol:	41	case QSsl::AnyProtocol:
19	default:	42	default:
20	@@ -297,8 +301,10 @@ init_context:	43	@@ -297,8 +304,10 @@ init_context:
21		44
22	// Enable bug workarounds.	45	// Enable bug workarounds.
23	long options;	46	long options;
Lines 29-31 Link Here
29	else	52	else
30	options = SSL_OP_ALL;	53	options = SSL_OP_ALL;
31		54
		55	@@ -363,7 +372,7 @@ init_context:
		56	//
		57	// See also: QSslContext::fromConfiguration()
		58	if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
		59	- q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
		60	+ q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle());
		61	}
		62	}
		63
		64	@@ -659,13 +668,11 @@ void QSslSocketPrivate::resetDefaultCiph
		65	STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
		66	for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
		67	if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
		68	- if (cipher->valid) {
		69	- QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
		70	- if (!ciph.isNull()) {
		71	- if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
		72	- ciphers << ciph;
		73	- }
		74	- }
		75	+ QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
		76	+ if (!ciph.isNull()) {
		77	+ if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
		78	+ ciphers << ciph;
		79	+ }
		80	}
		81	}
		82

Line 0 Link Here

(-)net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (+95 lines)
		1	--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2015-05-07 14:14:44 UTC
		2	+++ src/network/ssl/qsslsocket_openssl_symbols_p.h
		3	@@ -218,6 +218,9 @@ void q_CRYPTO_set_locking_callback(void
		4	void q_CRYPTO_set_id_callback(unsigned long (*a)());
		5	void q_CRYPTO_free(void *a);
		6	void q_DSA_free(DSA *a);
		7	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		8	+int q_DSA_bits(DSA *a);
		9	+#endif
		10	#if OPENSSL_VERSION_NUMBER >= 0x00908000L
		11	// 0.9.8 broke SC and BC by changing this function's signature.
		12	X509 q_d2i_X509(X509 a, const unsigned char *b, long c);
		13	@@ -227,12 +230,18 @@ X509 q_d2i_X509(X509 *a, unsigned char
		14	char q_ERR_error_string(unsigned long a, char b);
		15	unsigned long q_ERR_get_error();
		16	const EVP_CIPHER *q_EVP_des_ede3_cbc();
		17	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		18	+const EVP_MD *q_EVP_sha1();
		19	+#endif
		20	int q_EVP_PKEY_assign(EVP_PKEY a, int b, char c);
		21	int q_EVP_PKEY_set1_RSA(EVP_PKEY a, RSA b);
		22	int q_EVP_PKEY_set1_DSA(EVP_PKEY a, DSA b);
		23	void q_EVP_PKEY_free(EVP_PKEY *a);
		24	RSA q_EVP_PKEY_get1_RSA(EVP_PKEY a);
		25	DSA q_EVP_PKEY_get1_DSA(EVP_PKEY a);
		26	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		27	+int q_EVP_PKEY_base_id(EVP_PKEY *a);
		28	+#endif
		29	int q_EVP_PKEY_type(int a);
		30	EVP_PKEY *q_EVP_PKEY_new();
		31	int q_i2d_X509(X509 a, unsigned char *b);
		32	@@ -258,6 +267,9 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R
		33	void q_RAND_seed(const void *a, int b);
		34	int q_RAND_status();
		35	void q_RSA_free(RSA *a);
		36	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
		37	+int q_RSA_bits(RSA *a);
		38	+#endif
		39	int q_sk_num(STACK *a);
		40	void q_sk_pop_free(STACK a, void (b)(void *));
		41	#if OPENSSL_VERSION_NUMBER >= 0x10000000L
		42	@@ -270,6 +282,9 @@ char * q_sk_value(STACK *a, int b);
		43	int q_SSL_accept(SSL *a);
		44	int q_SSL_clear(SSL *a);
		45	char q_SSL_CIPHER_description(SSL_CIPHER a, char *b, int c);
		46	+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
		47	+int q_SSL_CIPHER_get_bits(SSL_CIPHER a, int b);
		48	+#endif
		49	int q_SSL_connect(SSL *a);
		50	#if OPENSSL_VERSION_NUMBER >= 0x00908000L
		51	// 0.9.8 broke SC and BC by changing this function's signature.
		52	@@ -293,6 +308,7 @@ int q_SSL_CTX_use_certificate_file(SSL_C
		53	int q_SSL_CTX_use_PrivateKey(SSL_CTX a, EVP_PKEY b);
		54	int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX a, RSA b);
		55	int q_SSL_CTX_use_PrivateKey_file(SSL_CTX a, const char b, int c);
		56	+X509_STORE q_SSL_CTX_get_cert_store(const SSL_CTX a);
		57	void q_SSL_free(SSL *a);
		58	#if OPENSSL_VERSION_NUMBER >= 0x00908000L
		59	// 0.9.8 broke SC and BC by changing this function's signature.
		60	@@ -353,6 +369,9 @@ void q_ASN1_dup(i2d_of_void i2d, d2i_o
		61	#else
		62	X509 q_X509_dup(X509 a);
		63	#endif
		64	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
65	+int q_X509_digest(const X509 x509, const EVP_MD type, unsigned char md, unsigned int len);
66	+#endif
67	ASN1_OBJECT q_X509_EXTENSION_get_object(X509_EXTENSION a);
68	void q_X509_free(X509 *a);
69	X509_EXTENSION q_X509_get_ext(X509 a, int b);
70	@@ -360,6 +379,13 @@ int q_X509_get_ext_count(X509 *a);
71	void q_X509_get_ext_d2i(X509 a, int b, int c, int d);
72	X509_NAME q_X509_get_issuer_name(X509 a);
73	X509_NAME q_X509_get_subject_name(X509 a);
74	+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
75	+long q_X509_get_version(X509 *a);
76	+ASN1_INTEGER q_X509_get_serialNumber(X509 a);
77	+EVP_PKEY q_X509_get_pubkey(X509 a);
78	+const ASN1_TIME q_X509_get0_notBefore(X509 a);
79	+const ASN1_TIME q_X509_get0_notAfter(X509 a);
80	+#endif
81	int q_X509_verify_cert(X509_STORE_CTX *ctx);
82	int q_X509_NAME_entry_count(X509_NAME *a);
83	X509_NAME_ENTRY q_X509_NAME_get_entry(X509_NAME a,int b);
84	@@ -399,7 +425,11 @@ DSA q_d2i_DSAPrivateKey(DSA *a, unsign
85	PEM_ASN1_write_bio((int ()(void, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
86	bp,(char *)x,enc,kstr,klen,cb,u)
87	#endif
88	+#if OPENSSL_VERSION_NUMBER <= 0x10100000L
89	#define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
90	+#else
91	+unsigned long q_SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op);
92	+#endif
93	#define q_SKM_sk_num(type, st) ((int ()(const STACK_OF(type) ))q_sk_num)(st)
94	#define q_SKM_sk_value(type, st,i) ((type * ()(const STACK_OF(type) , int))q_sk_value)(st, i)
95	#define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))