Index: head/net/qt5-network/Makefile =================================================================== --- head/net/qt5-network/Makefile (revision 466187) +++ head/net/qt5-network/Makefile (revision 466188) @@ -1,52 +1,52 @@ # $FreeBSD$ PORTNAME= network DISTVERSION= ${QT5_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net ipv6 PKGNAMEPREFIX= qt5- MAINTAINER= kde@FreeBSD.org COMMENT= Qt network module BROKEN_SSL= openssl-devel BROKEN_SSL_REASON_openssl-devel= error: member access into incomplete type 'X509' (aka 'x509_st') RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss USES= ssl USE_QT5= core qmake_build buildtools_build QT_DIST= base HAS_CONFIGURE= yes CONFIGURE_ARGS= -no-gui -no-xcb USE_LDCONFIG= ${PREFIX}/${QT_LIBDIR_REL} BUILD_WRKSRC= ${WRKSRC}/src/${PORTNAME} INSTALL_WRKSRC= ${BUILD_WRKSRC} QT_DEFINES= OPENSSL SSL QT_CONFIG= openssl post-patch: @${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \ ${BUILD_WRKSRC}/ssl/qsslsocket_openssl.cpp @${REINPLACE_CMD} -e 's|%%OPENSSLLIB%%|${OPENSSLLIB}|g' \ ${BUILD_WRKSRC}/ssl/qsslsocket_openssl_symbols.cpp post-configure: .for d in src/network src/plugins/bearer/generic ${MKDIR} ${WRKSRC}/${d} cd ${WRKSRC}/${d} && ${SETENV} ${QMAKE_ENV} ${_QMAKE} ${QMAKE_ARGS} ${WRKSRC}/${d} .endfor post-build: @cd ${WRKSRC}/src/plugins/bearer/generic && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} \ ${_MAKE_JOBS} ${MAKE_ARGS} ${ALL_TARGET} post-install: @cd ${WRKSRC}/src/plugins/bearer/generic && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} \ ${MAKE_ARGS} ${INSTALL_TARGET} .include Index: head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp =================================================================== --- head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp (revision 466187) +++ head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp (revision 466188) @@ -1,22 +1,25 @@ * Instead of using the SSL_CTRL_SET_CURVES macros which only exists in OpenSSL, * call the SSL_CTX_set1_groups function, which exists in LibreSSL as well as in * OpenSSL and is what would be called through the macro * ---- src/network/ssl/qsslcontext_openssl.cpp.orig 2016-12-01 08:17:04 UTC +--- src/network/ssl/qsslcontext_openssl.cpp.orig 2018-01-16 06:53:43 UTC +++ src/network/ssl/qsslcontext_openssl.cpp -@@ -350,12 +350,9 @@ init_context: +@@ -354,12 +354,18 @@ init_context: #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) // Set the curves to be used if (q_SSLeay() >= 0x10002000L) { -- // SSL_CTX_ctrl wants a non-const pointer as last argument, -- // but let's avoid a copy into a temporary array -- if (!q_SSL_CTX_ctrl(sslContext->ctx, -- SSL_CTRL_SET_CURVES, -- qcurves.size(), -- const_cast(reinterpret_cast(qcurves.data())))) { ++#if defined(LIBRESSL_VERSION_NUMBER) + if (!q_SSL_CTX_set1_groups(sslContext->ctx, + const_cast(reinterpret_cast(qcurves.data())), + qcurves.size())) { ++#else // defined(LIBRESSL_VERSION_NUMBER) + // SSL_CTX_ctrl wants a non-const pointer as last argument, + // but let's avoid a copy into a temporary array + if (!q_SSL_CTX_ctrl(sslContext->ctx, + SSL_CTRL_SET_CURVES, + qcurves.size(), + const_cast(reinterpret_cast(qcurves.data())))) { ++#endif // defined(LIBRESSL_VERSION_NUMBER) sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl()); sslContext->errorCode = QSslError::UnspecifiedError; } Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp =================================================================== --- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp (revision 466187) +++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp (revision 466188) @@ -1,79 +1,83 @@ * Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp * * Prepend the path of the SSL libraries used for building so the same libraries are * found and loaded at runtime. Normal search finds base SSL libraries before ports. * ---- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2017-11-16 05:15:28 UTC +--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2018-01-16 06:53:43 UTC +++ src/network/ssl/qsslsocket_openssl_symbols.cpp -@@ -151,7 +151,7 @@ DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int +@@ -151,7 +151,7 @@ DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if !defined(BN_is_word) DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return) #endif DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM *a, a, BN_ULONG w, w, return static_cast(-1), return) -@@ -453,6 +453,7 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, retu +@@ -453,6 +453,9 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, retu DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return) #if OPENSSL_VERSION_NUMBER >= 0x10002000L DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return) ++#if defined(LIBRESSL_VERSION_NUMBER) +DEFINEFUNC3(int, SSL_CTX_set1_groups, SSL_CTX *a, a, int *b, b, int c, c, return -1, return) ++#endif // defined(LIBRESSL_VERSION_NUMBER) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC -@@ -658,8 +659,8 @@ static QPair loadO +@@ -680,8 +683,8 @@ static QPair loadO #endif #if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so // first attempt: the canonical name is libssl.so. - libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER)); - libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER)); + libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), QLatin1String(SHLIB_VERSION_NUMBER)); + libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER)); if (libcrypto->load() && libssl->load()) { // libssl.so. and libcrypto.so. found return pair; -@@ -676,8 +677,8 @@ static QPair loadO +@@ -698,8 +701,8 @@ static QPair loadO // OS X's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third // attempt, _after_ /Contents/Frameworks has been searched. // iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place. - libssl->setFileNameAndVersion(QLatin1String("ssl"), -1); - libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1); + libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), -1); + libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), -1); if (libcrypto->load() && libssl->load()) { // libssl.so.0 and libcrypto.so.0 found return pair; -@@ -790,7 +791,7 @@ bool q_resolveOpenSslSymbols() +@@ -790,7 +793,7 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(EC_GROUP_get_degree) #endif RESOLVEFUNC(BN_num_bits) -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if !defined(BN_is_word) RESOLVEFUNC(BN_is_word) #endif RESOLVEFUNC(BN_mod_word) -@@ -1020,8 +1021,10 @@ bool q_resolveOpenSslSymbols() +@@ -1020,8 +1023,12 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(EC_KEY_free) RESOLVEFUNC(EC_get_builtin_curves) #if OPENSSL_VERSION_NUMBER >= 0x10002000L - if (q_SSLeay() >= 0x10002000L) + if (q_SSLeay() >= 0x10002000L) { RESOLVEFUNC(EC_curve_nist2nid) ++#if defined(LIBRESSL_VERSION_NUMBER) + RESOLVEFUNC(SSL_CTX_set1_groups) ++#endif // defined(LIBRESSL_VERSION_NUMBER) + } #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC RESOLVEFUNC(PKCS12_parse) -@@ -1030,10 +1033,9 @@ bool q_resolveOpenSslSymbols() +@@ -1030,10 +1037,9 @@ bool q_resolveOpenSslSymbols() delete libs.first; delete libs.second; - if (!_q_SSLeay || q_SSLeay() >= 0x10100000L) { + if (!_q_SSLeay) { // OpenSSL 1.1 deprecated and removed SSLeay. We consider a failure to // resolve this symbol as a failure to resolve symbols. - // The right operand of '||' above ... a bit of paranoia. qCWarning(lcSsl, "Incompatible version of OpenSSL"); return false; } Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h =================================================================== --- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (revision 466187) +++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (revision 466188) @@ -1,30 +1,32 @@ * Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp * * check macro is defined instead of version, LibreSSL < 2.5 doesn't have SSL_CTRL_GET_SERVER_TMP_KEY * ---- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2017-11-16 05:15:28 UTC +--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2018-01-16 06:53:43 UTC +++ src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -228,7 +228,7 @@ int q_BIO_read(BIO *a, void *b, int c); Q_AUTOTEST_EXPORT BIO_METHOD *q_BIO_s_mem(); Q_AUTOTEST_EXPORT int q_BIO_write(BIO *a, const void *b, int c); int q_BN_num_bits(const BIGNUM *a); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if !defined(BN_is_word) int q_BN_is_word(BIGNUM *a, BN_ULONG w); #else // BN_is_word is implemented purely as a -@@ -511,11 +511,12 @@ void q_EC_KEY_free(EC_KEY *ecdh); +@@ -511,11 +511,14 @@ void q_EC_KEY_free(EC_KEY *ecdh); size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); #if OPENSSL_VERSION_NUMBER >= 0x10002000L int q_EC_curve_nist2nid(const char *name); ++#if defined(LIBRESSL_VERSION_NUMBER) +int q_SSL_CTX_set1_groups(SSL_CTX *a, int *b, int c); ++#endif // defined(LIBRESSL_VERSION_NUMBER) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if defined(SSL_CTRL_GET_SERVER_TMP_KEY) #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key) -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L +#endif // defined(SSL_CTRL_GET_SERVER_TMP_KEY) // PKCS#12 support int q_PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);