77 lines
4.1 KiB
Diff
77 lines
4.1 KiB
Diff
The checks for OPENSSL_VERSION_NUMBER > 0x10002000 are used to
|
|
enable openssl specific macros and functions which libressl
|
|
obviously does not provide, thus add some additional tests
|
|
to disable that code for libressl.
|
|
|
|
--- qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-06-29 22:04:46.000000000 +0200
|
|
+++ qtbase/src/network/ssl/qsslcontext_openssl.cpp 2015-07-04 03:51:25.926570550 +0200
|
|
@@ -338,7 +338,7 @@
|
|
|
|
const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves();
|
|
if (!qcurves.isEmpty()) {
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) && defined(SSL_CTRL_SET_CURVES)
|
|
// Set the curves to be used
|
|
if (q_SSLeay() >= 0x10002000L) {
|
|
// SSL_CTX_ctrl wants a non-const pointer as last argument,
|
|
--- qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-06-29 22:04:46.000000000 +0200
|
|
+++ qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-07-04 03:58:29.430569295 +0200
|
|
@@ -406,7 +406,7 @@
|
|
DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return 0, return)
|
|
DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG)
|
|
DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return)
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER)
|
|
DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return)
|
|
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
#endif // OPENSSL_NO_EC
|
|
--- qtbase/src/network/ssl/qsslellipticcurve_openssl.cpp 2015-07-04 04:05:26.110568061 +0200
|
|
+++ qtbase/src/network/ssl/qsslellipticcurve_openssl.cpp 2015-07-04 04:06:01.709567956 +0200
|
|
@@ -76,7 +76,7 @@
|
|
|
|
int nid = q_OBJ_sn2nid(curveNameLatin1.data());
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER)
|
|
if (nid == 0 && q_SSLeay() >= 0x10002000L)
|
|
nid = q_EC_curve_nist2nid(curveNameLatin1.data());
|
|
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
--- qtwebengine/src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c.orig 2016-03-19 08:55:45.519280715 +0100
|
|
+++ qtwebengine/src/3rdparty/chromium/net/third_party/nss/ssl/ssl3con.c 2016-03-19 08:58:17.419007495 +0100
|
|
@@ -2088,8 +2088,8 @@ ssl3_ChaCha20Poly1305(
|
|
param.len = sizeof(aeadParams);
|
|
param.data = (unsigned char *) &aeadParams;
|
|
memset(&aeadParams, 0, sizeof(aeadParams));
|
|
- aeadParams.pIv = (unsigned char *) additionalData;
|
|
- aeadParams.ulIvLen = 8;
|
|
+ aeadParams.pNonce = (unsigned char *) additionalData;
|
|
+ aeadParams.ulNonceLen = 8;
|
|
aeadParams.pAAD = (unsigned char *) additionalData;
|
|
aeadParams.ulAADLen = additionalDataLen;
|
|
aeadParams.ulTagLen = tagSize;
|
|
--- qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2016-12-01 09:17:04.000000000 +0100
|
|
+++ qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2016-12-19 23:09:01.362450092 +0100
|
|
@@ -489,9 +489,9 @@
|
|
int q_EC_curve_nist2nid(const char *name);
|
|
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
#endif // OPENSSL_NO_EC
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && defined(SSL_CTRL_GET_SERVER_TEMP_KEY)
|
|
#define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key)
|
|
-#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
+#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) && defined(SSL_CTRL_GET_SERVER_TEMP_KEY)
|
|
|
|
// PKCS#12 support
|
|
int q_PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
|
|
--- qtbase/src/network/ssl/qsslsocket_openssl.cpp 2016-12-01 09:17:04.000000000 +0100
|
|
+++ qtbase/src/network/ssl/qsslsocket_openssl.cpp 2016-12-19 23:12:19.584374209 +0100
|
|
@@ -1587,7 +1587,7 @@
|
|
}
|
|
#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
|
|
+#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && defined(SSL_CTRL_GET_SERVER_TMP_KEY)
|
|
if (q_SSLeay() >= 0x10002000L && mode == QSslSocket::SslClientMode) {
|
|
EVP_PKEY *key;
|
|
if (q_SSL_get_server_tmp_key(ssl, &key))
|