Page MenuHomeFreeBSD

Fix build of qt5-network with libressl (non -devel)

Authored by rezny on Mar 7 2017, 1:30 AM.



The last revision of the SSL patches were tested with openssl and libressl-devel (2.5.1), but not with libressl (2.4.5) as that was assumed ok; the patches prior that revision were ok. However, the update of Qt from 5.6 to 5.7 occurred at the same time and a change in 5.7 causes a build failure with libressl (non -devel). SSL_CTRL_GET_SERVER_TMP_KEY is not defined in LibreSSL < 2.5, so better to guard it's use by checking it is defined rather than checking the reported version. Also, the previous patch for curve control is greatly simplified. I had been led astray previously by the recommendation in the BoringSSL porting guide; set1_curves was implemented first in OpenSSL, but is not the only option, set1_groups was also added to OpenSSL and is now the recommended function to use according to the OpenSSL 1.1 manpages. So, there is no need to worry about which version, just call SSL_CTX_set1_groups with either SSL library.

Test Plan

Poudriere 11 amd64 with openssl, libressl, libressl-devel OK (test with openssl-devel fails on python27 dependency)

Diff Detail

rP FreeBSD ports repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

rezny retitled this revision from to Fix build of qt5-network with libressl (non -devel).
rezny updated this object.
rezny edited the test plan for this revision. (Show Details)
rezny added reviewers: kde, swills, feld.
swills edited edge metadata.


This revision is now accepted and ready to land.Mar 7 2017, 2:05 AM
This revision was automatically updated to reflect the committed changes.