Index: head/net/qt5-network/Makefile =================================================================== --- head/net/qt5-network/Makefile (revision 485964) +++ head/net/qt5-network/Makefile (revision 485965) @@ -1,47 +1,48 @@ # $FreeBSD$ PORTNAME= network DISTVERSION= ${QT5_VERSION} +PORTREVISION= 1 CATEGORIES= net ipv6 PKGNAMEPREFIX= qt5- MAINTAINER= kde@FreeBSD.org COMMENT= Qt network module RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss USES= compiler:c++11-lang qmake:no_env qt-dist:5,base ssl USE_QT= core buildtools_build HAS_CONFIGURE= yes CONFIGURE_ARGS= -no-gui -no-xcb USE_LDCONFIG= ${PREFIX}/${QT_LIBDIR_REL} BUILD_WRKSRC= ${WRKSRC}/src/${PORTNAME} INSTALL_WRKSRC= ${BUILD_WRKSRC} QT_DEFINES= OPENSSL SSL QT_CONFIG= openssl post-patch: @${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \ ${BUILD_WRKSRC}/ssl/qsslsocket_openssl.cpp @${REINPLACE_CMD} -e 's|%%OPENSSLLIB%%|${OPENSSLLIB}|g' \ ${BUILD_WRKSRC}/ssl/qsslsocket_openssl_symbols.cpp post-configure: .for d in src/network src/plugins/bearer/generic ${MKDIR} ${WRKSRC}/${d} cd ${WRKSRC}/${d} && ${SETENV} ${QMAKE_ENV} ${_QMAKE} ${QMAKE_ARGS} ${WRKSRC}/${d} .endfor post-build: @cd ${WRKSRC}/src/plugins/bearer/generic && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} \ ${_MAKE_JOBS} ${MAKE_ARGS} ${ALL_TARGET} post-install: @cd ${WRKSRC}/src/plugins/bearer/generic && \ ${SETENV} ${MAKE_ENV} ${MAKE} ${MAKE_FLAGS} ${MAKEFILE} \ ${MAKE_ARGS} ${INSTALL_TARGET} .include Index: head/net/qt5-network/files/patch-qsslcontext_openssl.cpp =================================================================== --- head/net/qt5-network/files/patch-qsslcontext_openssl.cpp (nonexistent) +++ head/net/qt5-network/files/patch-qsslcontext_openssl.cpp (revision 485965) @@ -0,0 +1,15 @@ +* +* Fix for libressl atter openssl111 API change +* +* +--- src/network/ssl/qsslcontext_openssl.cpp.orig 2018-10-21 16:58:39 UTC ++++ src/network/ssl/qsslcontext_openssl.cpp +@@ -248,7 +248,7 @@ void QSslContext::applyBackendConfig(QSs + if (sslContext->sslConfiguration.backendConfiguration().isEmpty()) + return; + +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + if (QSslSocket::sslLibraryVersionNumber() >= 0x10002000L) { + QSharedPointer cctx(q_SSL_CONF_CTX_new(), &q_SSL_CONF_CTX_free); + if (cctx) { Property changes on: head/net/qt5-network/files/patch-qsslcontext_openssl.cpp ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp =================================================================== --- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp (revision 485964) +++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp (revision 485965) @@ -1,150 +1,173 @@ * Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp * * Prepend the path of the SSL libraries used for building so the same libraries are * found and loaded at runtime. Normal search finds base SSL libraries before ports. * ---- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2018-02-08 19:24:48.000000000 +0100 -+++ src/network/ssl/qsslsocket_openssl_symbols.cpp 2018-06-29 12:22:11.265885000 +0200 +* = = = = = = = = = = = = = = = = = = = = = = +* +* Fix for libressl atter openssl111 API change +* +* +--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2018-10-21 15:55:52 UTC ++++ src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -150,6 +150,14 @@ DEFINEFUNC2(int, BN_is_word, BIGNUM *a, DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX *c, c, return 0, return) DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return) DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return) +#ifdef LIBRESSL_VERSION_NUMBER +DEFINEFUNC(int, sk_num, OPENSSL_STACK *a, a, return -1, return) +DEFINEFUNC2(void, sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG) +DEFINEFUNC(OPENSSL_STACK *, sk_new_null, DUMMYARG, DUMMYARG, return 0, return) +DEFINEFUNC2(void, sk_push, OPENSSL_STACK *a, a, void *b, b, return, DUMMYARG) +DEFINEFUNC(void, sk_free, OPENSSL_STACK *a, a, return, DUMMYARG) +DEFINEFUNC2(void *, sk_value, OPENSSL_STACK *a, a, int b, b, return 0, return) +#else DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return) DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return) DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG) @@ -159,6 +167,7 @@ DEFINEFUNC(void, OPENSSL_sk_free, OPENSS DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return 0, return) DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return) DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return) +#endif DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return) DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return) DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return) @@ -168,7 +177,9 @@ DEFINEFUNC(const SSL_METHOD *, TLS_clien DEFINEFUNC(const SSL_METHOD *, TLS_server_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(ASN1_TIME *, X509_getm_notBefore, X509 *a, a, return 0, return) DEFINEFUNC(ASN1_TIME *, X509_getm_notAfter, X509 *a, a, return 0, return) +#ifndef LIBRESSL_VERSION_NUMBER DEFINEFUNC(long, X509_get_version, X509 *a, a, return -1, return) +#endif DEFINEFUNC(EVP_PKEY *, X509_get_pubkey, X509 *a, a, return 0, return) DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return, DUMMYARG) DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return 0, return) -@@ -524,6 +535,9 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ec +@@ -406,7 +417,7 @@ DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, + DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return) + DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) + DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return 0, return) +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return 0, return); + DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return); + DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return); +@@ -537,6 +548,9 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ec DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return) #if OPENSSL_VERSION_NUMBER >= 0x10002000L DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return) +#if defined(LIBRESSL_VERSION_NUMBER) +DEFINEFUNC3(int, SSL_CTX_set1_groups, SSL_CTX *a, a, int *b, b, int c, c, return -1, return) +#endif // defined(LIBRESSL_VERSION_NUMBER) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC -@@ -769,8 +783,8 @@ static QPair loadO +@@ -782,8 +796,8 @@ static QPair loadO #endif #if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so // first attempt: the canonical name is libssl.so. - libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER)); - libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER)); + libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), QLatin1String(SHLIB_VERSION_NUMBER)); + libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER)); if (libcrypto->load() && libssl->load()) { // libssl.so. and libcrypto.so. found return pair; -@@ -787,8 +801,8 @@ static QPair loadO +@@ -800,8 +814,8 @@ static QPair loadO // macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third // attempt, _after_ /Contents/Frameworks has been searched. // iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place. - libssl->setFileNameAndVersion(QLatin1String("ssl"), -1); - libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1); + libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), -1); + libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), -1); if (libcrypto->load() && libssl->load()) { // libssl.so.0 and libcrypto.so.0 found return pair; -@@ -872,17 +886,30 @@ bool q_resolveOpenSslSymbols() +@@ -885,17 +899,30 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(EVP_CIPHER_CTX_reset) RESOLVEFUNC(EVP_PKEY_base_id) RESOLVEFUNC(RSA_bits) +#ifdef LIBRESSL_VERSION_NUMBER + RESOLVEFUNC(sk_new_null) + RESOLVEFUNC(sk_push) + RESOLVEFUNC(sk_free) + RESOLVEFUNC(sk_num) + RESOLVEFUNC(sk_pop_free) + RESOLVEFUNC(sk_value) +#else RESOLVEFUNC(OPENSSL_sk_new_null) RESOLVEFUNC(OPENSSL_sk_push) RESOLVEFUNC(OPENSSL_sk_free) RESOLVEFUNC(OPENSSL_sk_num) RESOLVEFUNC(OPENSSL_sk_pop_free) RESOLVEFUNC(OPENSSL_sk_value) +#endif RESOLVEFUNC(DH_get0_pqg) +#ifdef LIBRESSL_VERSION_NUMBER + RESOLVEFUNC(SSL_ctrl) +#else RESOLVEFUNC(SSL_CTX_set_options) + RESOLVEFUNC(SSL_session_reused) +#endif RESOLVEFUNC(SSL_get_client_random) RESOLVEFUNC(SSL_SESSION_get_master_key) - RESOLVEFUNC(SSL_session_reused) RESOLVEFUNC(SSL_get_session) RESOLVEFUNC(CRYPTO_get_ex_new_index) RESOLVEFUNC(TLS_method) -@@ -891,7 +918,9 @@ bool q_resolveOpenSslSymbols() +@@ -904,7 +931,9 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(X509_STORE_CTX_get0_chain) RESOLVEFUNC(X509_getm_notBefore) RESOLVEFUNC(X509_getm_notAfter) +#ifndef LIBRESSL_VERSION_NUMBER RESOLVEFUNC(X509_get_version) +#endif RESOLVEFUNC(X509_get_pubkey) RESOLVEFUNC(X509_STORE_set_verify_cb) RESOLVEFUNC(CRYPTO_free) -@@ -908,7 +937,9 @@ bool q_resolveOpenSslSymbols() +@@ -921,7 +950,9 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint) RESOLVEFUNC(DH_bits) +#ifndef LIBRESSL_VERSION_NUMBER RESOLVEFUNC(DSA_bits) +#endif #else // !opensslv11 -@@ -979,10 +1010,9 @@ bool q_resolveOpenSslSymbols() +@@ -992,10 +1023,9 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(OPENSSL_add_all_algorithms_conf) RESOLVEFUNC(SSLeay) - if (!_q_SSLeay || q_SSLeay() >= 0x10100000L) { + if (!_q_SSLeay) { // OpenSSL 1.1 has deprecated and removed SSLeay. We consider a failure to // resolve this symbol as a failure to resolve symbols. - // The right operand of '||' above is ... a bit of paranoia. delete libs.first; delete libs.second; qCWarning(lcSsl, "Incompatible version of OpenSSL"); -@@ -994,8 +1024,12 @@ bool q_resolveOpenSslSymbols() +@@ -1007,8 +1037,12 @@ bool q_resolveOpenSslSymbols() #ifndef OPENSSL_NO_EC #if OPENSSL_VERSION_NUMBER >= 0x10002000L - if (q_SSLeay() >= 0x10002000L) + if (q_SSLeay() >= 0x10002000L) { RESOLVEFUNC(EC_curve_nist2nid) +#if defined(LIBRESSL_VERSION_NUMBER) + RESOLVEFUNC(SSL_CTX_set1_groups) +#endif // defined(LIBRESSL_VERSION_NUMBER) + } #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC +@@ -1122,7 +1156,7 @@ bool q_resolveOpenSslSymbols() + RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) + RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) + RESOLVEFUNC(SSL_CTX_get_cert_store); +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + RESOLVEFUNC(SSL_CONF_CTX_new); + RESOLVEFUNC(SSL_CONF_CTX_free); + RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx); Index: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h =================================================================== --- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (revision 485964) +++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h (revision 485965) @@ -1,13 +1,40 @@ Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp. ---- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2018-02-08 18:24:48 UTC +* +* Fix for libressl atter openssl111 API change +* Definitions for TLS_VERSIONS needed for qsslcontext_openssl11.cpp (QSslContext::initSslContext) +* +--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2018-10-21 17:04:11 UTC +++ src/network/ssl/qsslsocket_openssl_symbols_p.h -@@ -454,6 +454,9 @@ void q_EC_KEY_free(EC_KEY *ecdh); +@@ -74,6 +74,13 @@ + + QT_BEGIN_NAMESPACE + ++#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x20700000L ++# define TLS1_2_VERSION 0x0303 ++# define TLS_MAX_VERSION TLS1_2_VERSION ++# define TLS_ANY_VERSION 0x10000 ++#endif ++ ++ + #define DUMMYARG + + #if !defined QT_LINKED_OPENSSL +@@ -356,7 +363,7 @@ int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, + int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b); + int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c); + X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a); +-#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) + SSL_CONF_CTX *q_SSL_CONF_CTX_new(); + void q_SSL_CONF_CTX_free(SSL_CONF_CTX *a); + void q_SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *a, SSL_CTX *b); +@@ -468,6 +475,9 @@ void q_EC_KEY_free(EC_KEY *ecdh); size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); #if OPENSSL_VERSION_NUMBER >= 0x10002000L int q_EC_curve_nist2nid(const char *name); +#if defined(LIBRESSL_VERSION_NUMBER) +int q_SSL_CTX_set1_groups(SSL_CTX *a, int *b, int c); +#endif // defined(LIBRESSL_VERSION_NUMBER) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC #if OPENSSL_VERSION_NUMBER >= 0x10002000L