Page MenuHomeFreeBSD
Files F148550027

D9726.id.diff
No OneTemporary
Actions

D9726.id.diff
View Options

Index: head/net/qt5-network/Makefile
===================================================================
--- head/net/qt5-network/Makefile
+++ head/net/qt5-network/Makefile
@@ -26,7 +26,8 @@
post-patch:
@${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \
- ${BUILD_WRKSRC}/ssl/qsslsocket_openssl.cpp \
+ ${BUILD_WRKSRC}/ssl/qsslsocket_openssl.cpp
+ @${REINPLACE_CMD} -e 's|%%OPENSSLLIB%%|${OPENSSLLIB}|g' \
${BUILD_WRKSRC}/ssl/qsslsocket_openssl_symbols.cpp
post-build:
Index: head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp
===================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp
@@ -1,29 +1,43 @@
-Obtained from: https://github.com/libressl-portable/openbsd/issues/33
-
-From 81494e67eccba04fc3fe554d76a9ca6fe7f2250e Mon Sep 17 00:00:00 2001
-From: hasufell <hasufell@gentoo.org>
-Date: Sat, 10 Oct 2015 01:15:01 +0200
-Subject: [PATCH] Fix compilation with libressl
-
-By additionally checking for defined(SSL_CTRL_SET_CURVES), which
-is defined in openssl, but not in libressl.
---- src/network/ssl/qsslcontext_openssl.cpp.orig 2015-10-13 04:35:28 UTC
+* Instead of using the SSL_CTRL_SET_CURVES macros which only exists in OpenSSL,
+* call the SSL_CTX_set1_curves functions as suggested by BoringSSL porting docs
+* and which is the function in OpenSSL that is called through the replaced macro.
+* LibreSSL has a SSL_CTX_set1_groups functions and provides a compat macro.
+* Unfortunately, since Qt resolves the symbols at runtime, we cannot call through
+* that macro and must instead explicitly call SSL_CTX_set1_groups if the library
+* doesn't export a function called SSL_CTX_set1_curves, as in the case of LibreSSL.
+*
+--- src/network/ssl/qsslcontext_openssl.cpp.orig 2016-12-01 08:17:04 UTC
+++ src/network/ssl/qsslcontext_openssl.cpp
-@@ -338,7 +338,7 @@ init_context:
-
- const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves();
- if (!qcurves.isEmpty()) {
--#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
-+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC)
+@@ -350,14 +350,24 @@ init_context:
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
// Set the curves to be used
if (q_SSLeay() >= 0x10002000L) {
- // SSL_CTX_ctrl wants a non-const pointer as last argument,
-@@ -352,7 +352,7 @@ init_context:
- return sslContext;
+- // SSL_CTX_ctrl wants a non-const pointer as last argument,
+- // but let's avoid a copy into a temporary array
+- if (!q_SSL_CTX_ctrl(sslContext->ctx,
+- SSL_CTRL_SET_CURVES,
+- qcurves.size(),
+- const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())))) {
+- sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
+- sslContext->errorCode = QSslError::UnspecifiedError;
++ switch (q_SSL_CTX_set1_curves(sslContext->ctx,
++ const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())),
++ qcurves.size())) {
++ case 1:
++ default:
++ break;
++ case 0:
++ sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
++ sslContext->errorCode = QSslError::UnspecifiedError;
++ break;
++ case -1:
++ if (q_SSL_CTX_set1_groups(sslContext->ctx,
++ reinterpret_cast<const int *>(qcurves.data()),
++ qcurves.size()) < 1) {
++ sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
++ sslContext->errorCode = QSslError::UnspecifiedError;
++ }
++ break;
}
} else
--#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
-+#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC)
- {
- // specific curves requested, but not possible to set -> error
- sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocket::tr("OpenSSL version too old, need at least v1.0.2"));
+ #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
===================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
@@ -1,24 +1,51 @@
---- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2015-02-17 04:56:38 UTC
+* Boilerplate for SSL_CTX_set1_curves/groups() used in qsslcontext_openssl.cpp
+*
+* Prepend the path of the SSL libraries used for building so the same libraries are
+* found and loaded at runtime. Normal search finds base SSL libraries before ports.
+*
+--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2016-09-16 05:49:42 UTC
+++ src/network/ssl/qsslsocket_openssl_symbols.cpp
-@@ -611,8 +611,8 @@ static QPair<QLibrary*, QLibrary*> loadO
+@@ -424,6 +424,8 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ec
+ DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return)
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+ DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return)
++DEFINEFUNC3(int, SSL_CTX_set1_curves, SSL_CTX *a, a, int *b, b, int c, c, return -1, return)
++DEFINEFUNC3(int, SSL_CTX_set1_groups, SSL_CTX *a, a, const int *b, b, size_t c, c, return -1, return)
+ #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
+ #endif // OPENSSL_NO_EC
+
+@@ -652,8 +654,8 @@ static QPair<QLibrary*, QLibrary*> loadO
#endif
#if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
// first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
- libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
- libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
-+ libssl->setFileNameAndVersion(QLatin1String("/usr/local/libssl"), QLatin1String(SHLIB_VERSION_NUMBER));
-+ libcrypto->setFileNameAndVersion(QLatin1String("/usr/local/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER));
++ libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), QLatin1String(SHLIB_VERSION_NUMBER));
++ libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER));
if (libcrypto->load() && libssl->load()) {
// libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
return pair;
-@@ -629,8 +629,8 @@ static QPair<QLibrary*, QLibrary*> loadO
+@@ -670,8 +672,8 @@ static QPair<QLibrary*, QLibrary*> loadO
// OS X's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
// attempt, _after_ <bundle>/Contents/Frameworks has been searched.
// iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
- libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
- libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
-+ libssl->setFileNameAndVersion(QLatin1String("/usr/local/lib/libssl"), -1);
-+ libcrypto->setFileNameAndVersion(QLatin1String("/usr/local/lib/libcrypto"), -1);
++ libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), -1);
++ libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), -1);
if (libcrypto->load() && libssl->load()) {
// libssl.so.0 and libcrypto.so.0 found
return pair;
+@@ -976,8 +978,11 @@ bool q_resolveOpenSslSymbols()
+ RESOLVEFUNC(EC_KEY_free)
+ RESOLVEFUNC(EC_get_builtin_curves)
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+- if (q_SSLeay() >= 0x10002000L)
++ if (q_SSLeay() >= 0x10002000L) {
+ RESOLVEFUNC(EC_curve_nist2nid)
++ RESOLVEFUNC(SSL_CTX_set1_curves)
++ RESOLVEFUNC(SSL_CTX_set1_groups)
++ }
+ #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
+ #endif // OPENSSL_NO_EC
+ RESOLVEFUNC(PKCS12_parse)
Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
===================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
@@ -0,0 +1,13 @@
+* Boilerplate for SSL_CTX_set1_curves/groups() used in qsslcontext_openssl.cpp
+*
+--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2016-09-16 05:49:42 UTC
++++ src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -481,6 +481,8 @@ void q_EC_KEY_free(EC_KEY *ecdh);
+ size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+ #if OPENSSL_VERSION_NUMBER >= 0x10002000L
+ int q_EC_curve_nist2nid(const char *name);
++int q_SSL_CTX_set1_curves(SSL_CTX *a, int *b, int c);
++int q_SSL_CTX_set1_groups(SSL_CTX *a, const int *b, size_t c);
+ #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
+ #endif // OPENSSL_NO_EC
+

File Metadata

Mime Type
text/plain
Expires
Thu, Mar 19, 4:19 PM (3 h, 35 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29969312
Default Alt Text
D9726.id.diff (9 KB)

Event Timeline