diff options
author | adridg <adridg@FreeBSD.org> | 2018-10-08 05:29:01 +0800 |
---|---|---|
committer | adridg <adridg@FreeBSD.org> | 2018-10-08 05:29:01 +0800 |
commit | fda5d86f2a96fe71c679d60969e18e90c85c8d14 (patch) | |
tree | 5d61f39a5c5c3f352571dd34cffb9b385ad38b5c /net | |
parent | 711544f11bbf22121bbca6e17ed4c7fd44ed7536 (diff) | |
download | freebsd-ports-gnome-fda5d86f2a96fe71c679d60969e18e90c85c8d14.tar.gz freebsd-ports-gnome-fda5d86f2a96fe71c679d60969e18e90c85c8d14.tar.zst freebsd-ports-gnome-fda5d86f2a96fe71c679d60969e18e90c85c8d14.zip |
Revert 481493, net/qt4-network update to OpenSSL 1.1.1
"Something's wrong. Perhaps you forgot to build and run ports that
depend on the one you just patched."
PR: 214691
Reported by: antoine
Diffstat (limited to 'net')
5 files changed, 6 insertions, 245 deletions
diff --git a/net/qt4-network/Makefile b/net/qt4-network/Makefile index 37712c7d033b..9202475df760 100644 --- a/net/qt4-network/Makefile +++ b/net/qt4-network/Makefile @@ -3,7 +3,7 @@ PORTNAME= network DISTVERSION= ${QT4_VERSION} -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= net ipv6 PKGNAMEPREFIX= qt4- @@ -13,6 +13,9 @@ COMMENT= Qt network module LICENSE= GPLv3 LGPL21 LGPL3 GFDL LICENSE_COMB= dual +BROKEN_SSL= openssl-devel +BROKEN_SSL_REASON_openssl-devel= error: member access into incomplete type 'RSA' (aka 'rsa_st') + RUN_DEPENDS= ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss USES= qmake:no_env qt-dist:4 ssl diff --git a/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp b/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp deleted file mode 100644 index 04ea2b7216e4..000000000000 --- a/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp +++ /dev/null @@ -1,80 +0,0 @@ ---- src/network/ssl/qsslcertificate.cpp.orig 2015-05-07 14:14:44 UTC -+++ src/network/ssl/qsslcertificate.cpp -@@ -260,8 +260,13 @@ QByteArray QSslCertificate::version() co - { - QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); - if (d->versionString.isEmpty() && d->x509) -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ d->versionString = -+ QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1); -+#else - d->versionString = - QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1); -+#endif - - return d->versionString; - } -@@ -276,7 +281,11 @@ QByteArray QSslCertificate::serialNumber - { - QMutexLocker lock(QMutexPool::globalInstanceGet(d.data())); - if (d->serialNumberString.isEmpty() && d->x509) { -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509); -+#else - ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber; -+#endif - // if we cannot convert to a long, just output the hexadecimal number - if (serialNumber->length > 4) { - QByteArray hexString; -@@ -489,19 +498,37 @@ QSslKey QSslCertificate::publicKey() con - QSslKey key; - - key.d->type = QSsl::PublicKey; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ EVP_PKEY *pkey = q_X509_get_pubkey(d->x509); -+#else - X509_PUBKEY *xkey = d->x509->cert_info->key; - EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey); -+#endif - Q_ASSERT(pkey); - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ int keyType = q_EVP_PKEY_type(q_EVP_PKEY_base_id(pkey)); -+ -+ if (keyType == EVP_PKEY_RSA) { -+#else - if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) { -+#endif - key.d->rsa = q_EVP_PKEY_get1_RSA(pkey); - key.d->algorithm = QSsl::Rsa; - key.d->isNull = false; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ } else if (keyType == EVP_PKEY_DSA) { -+#else - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) { -+#endif - key.d->dsa = q_EVP_PKEY_get1_DSA(pkey); - key.d->algorithm = QSsl::Dsa; - key.d->isNull = false; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ } else if (keyType == EVP_PKEY_DH) { -+#else - } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) { -+#endif - // DH unsupported - } else { - // error? -@@ -698,8 +725,13 @@ QSslCertificate QSslCertificatePrivate:: - if (!x509 || !QSslSocket::supportsSsl()) - return certificate; - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ const ASN1_TIME *nbef = q_X509_get0_notBefore(x509); -+ const ASN1_TIME *naft = q_X509_get0_notAfter(x509); -+#else - ASN1_TIME *nbef = q_X509_get_notBefore(x509); - ASN1_TIME *naft = q_X509_get_notAfter(x509); -+#endif - certificate.d->notValidBefore = q_getTimeFromASN1(nbef); - certificate.d->notValidAfter = q_getTimeFromASN1(naft); - certificate.d->null = false; diff --git a/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp b/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp deleted file mode 100644 index db40bee7189c..000000000000 --- a/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp +++ /dev/null @@ -1,16 +0,0 @@ ---- src/network/ssl/qsslkey.cpp.orig 2015-05-07 14:14:44 UTC -+++ src/network/ssl/qsslkey.cpp -@@ -321,8 +321,13 @@ int QSslKey::length() const - { - if (d->isNull) - return -1; -+#if OPENSSL_VERSION_NUMBER >= 0x10100000 -+ return (d->algorithm == QSsl::Rsa) -+ ? q_RSA_bits(d->rsa) : q_DSA_bits(d->dsa); -+#else - return (d->algorithm == QSsl::Rsa) - ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p); -+#endif - } - - /*! diff --git a/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp index e47129749d4a..df7de3efdb0f 100644 --- a/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp +++ b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp @@ -1,31 +1,8 @@ * Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols * - --- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC +++ src/network/ssl/qsslsocket_openssl.cpp -@@ -222,9 +222,12 @@ QSslCipher QSslSocketBackendPrivate::QSs - ciph.d->encryptionMethod = descriptionList.at(4).mid(4); - ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export")); - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - ciph.d->bits = cipher->strength_bits; - ciph.d->supportedBits = cipher->alg_bits; -- -+#else -+ ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits); -+#endif - } - return ciph; - } -@@ -260,16 +263,20 @@ bool QSslSocketBackendPrivate::initSslCo - init_context: - switch (configuration.protocol) { - case QSsl::SslV2: --#ifndef OPENSSL_NO_SSL2 -+#if OPENSSL_VERSION_NUMBER <= 0x1010000L && !defined(OPENSSL_NO_SSL2) - ctx = q_SSL_CTX_new(client ? q_SSLv2_client_method() : q_SSLv2_server_method()); - #else - ctx = 0; // SSL 2 not supported by the system, but chosen deliberately -> error +@@ -267,9 +267,13 @@ init_context: #endif break; case QSsl::SslV3: @@ -40,7 +17,7 @@ case QSsl::TlsV1SslV3: // SslV2 will be disabled below case QSsl::AnyProtocol: default: -@@ -297,8 +304,10 @@ init_context: +@@ -297,8 +301,10 @@ init_context: // Enable bug workarounds. long options; @@ -52,31 +29,3 @@ else options = SSL_OP_ALL; -@@ -363,7 +372,7 @@ init_context: - // - // See also: QSslContext::fromConfiguration() - if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) { -- q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle()); -+ q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle()); - } - } - -@@ -659,13 +668,11 @@ void QSslSocketPrivate::resetDefaultCiph - STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl); - for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) { - if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) { -- if (cipher->valid) { -- QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); -- if (!ciph.isNull()) { -- if (!ciph.name().toLower().startsWith(QLatin1String("adh"))) -- ciphers << ciph; -- } -- } -+ QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher); -+ if (!ciph.isNull()) { -+ if (!ciph.name().toLower().startsWith(QLatin1String("adh"))) -+ ciphers << ciph; -+ } - } - } - diff --git a/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h b/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h deleted file mode 100644 index ac0011f15d8b..000000000000 --- a/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h +++ /dev/null @@ -1,95 +0,0 @@ ---- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig 2015-05-07 14:14:44 UTC -+++ src/network/ssl/qsslsocket_openssl_symbols_p.h -@@ -218,6 +218,9 @@ void q_CRYPTO_set_locking_callback(void - void q_CRYPTO_set_id_callback(unsigned long (*a)()); - void q_CRYPTO_free(void *a); - void q_DSA_free(DSA *a); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+int q_DSA_bits(DSA *a); -+#endif - #if OPENSSL_VERSION_NUMBER >= 0x00908000L - // 0.9.8 broke SC and BC by changing this function's signature. - X509 *q_d2i_X509(X509 **a, const unsigned char **b, long c); -@@ -227,12 +230,18 @@ X509 *q_d2i_X509(X509 **a, unsigned char - char *q_ERR_error_string(unsigned long a, char *b); - unsigned long q_ERR_get_error(); - const EVP_CIPHER *q_EVP_des_ede3_cbc(); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+const EVP_MD *q_EVP_sha1(); -+#endif - int q_EVP_PKEY_assign(EVP_PKEY *a, int b, char *c); - int q_EVP_PKEY_set1_RSA(EVP_PKEY *a, RSA *b); - int q_EVP_PKEY_set1_DSA(EVP_PKEY *a, DSA *b); - void q_EVP_PKEY_free(EVP_PKEY *a); - RSA *q_EVP_PKEY_get1_RSA(EVP_PKEY *a); - DSA *q_EVP_PKEY_get1_DSA(EVP_PKEY *a); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+int q_EVP_PKEY_base_id(EVP_PKEY *a); -+#endif - int q_EVP_PKEY_type(int a); - EVP_PKEY *q_EVP_PKEY_new(); - int q_i2d_X509(X509 *a, unsigned char **b); -@@ -258,6 +267,9 @@ int q_PEM_write_bio_RSA_PUBKEY(BIO *a, R - void q_RAND_seed(const void *a, int b); - int q_RAND_status(); - void q_RSA_free(RSA *a); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+int q_RSA_bits(RSA *a); -+#endif - int q_sk_num(STACK *a); - void q_sk_pop_free(STACK *a, void (*b)(void *)); - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -@@ -270,6 +282,9 @@ char * q_sk_value(STACK *a, int b); - int q_SSL_accept(SSL *a); - int q_SSL_clear(SSL *a); - char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c); -+#if OPENSSL_VERSION_NUMBER >= 0x10000000L -+int q_SSL_CIPHER_get_bits(SSL_CIPHER *a, int *b); -+#endif - int q_SSL_connect(SSL *a); - #if OPENSSL_VERSION_NUMBER >= 0x00908000L - // 0.9.8 broke SC and BC by changing this function's signature. -@@ -293,6 +308,7 @@ int q_SSL_CTX_use_certificate_file(SSL_C - int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b); - int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b); - int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c); -+X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a); - void q_SSL_free(SSL *a); - #if OPENSSL_VERSION_NUMBER >= 0x00908000L - // 0.9.8 broke SC and BC by changing this function's signature. -@@ -353,6 +369,9 @@ void *q_ASN1_dup(i2d_of_void *i2d, d2i_o - #else - X509 *q_X509_dup(X509 *a); - #endif -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+int q_X509_digest(const X509 *x509, const EVP_MD *type, unsigned char *md, unsigned int *len); -+#endif - ASN1_OBJECT *q_X509_EXTENSION_get_object(X509_EXTENSION *a); - void q_X509_free(X509 *a); - X509_EXTENSION *q_X509_get_ext(X509 *a, int b); -@@ -360,6 +379,13 @@ int q_X509_get_ext_count(X509 *a); - void *q_X509_get_ext_d2i(X509 *a, int b, int *c, int *d); - X509_NAME *q_X509_get_issuer_name(X509 *a); - X509_NAME *q_X509_get_subject_name(X509 *a); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+long q_X509_get_version(X509 *a); -+ASN1_INTEGER *q_X509_get_serialNumber(X509 *a); -+EVP_PKEY *q_X509_get_pubkey(X509 *a); -+const ASN1_TIME *q_X509_get0_notBefore(X509 *a); -+const ASN1_TIME *q_X509_get0_notAfter(X509 *a); -+#endif - int q_X509_verify_cert(X509_STORE_CTX *ctx); - int q_X509_NAME_entry_count(X509_NAME *a); - X509_NAME_ENTRY *q_X509_NAME_get_entry(X509_NAME *a,int b); -@@ -399,7 +425,11 @@ DSA *q_d2i_DSAPrivateKey(DSA **a, unsign - PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) - #endif -+#if OPENSSL_VERSION_NUMBER <= 0x10100000L - #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL) -+#else -+unsigned long q_SSL_CTX_set_options(SSL_CTX *ctx, unsigned long op); -+#endif - #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st) - #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i) - #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st)) |