svn commit: r434634 - head/net/qt4-network/files
Matthew Rezny
rezny at FreeBSD.org
Wed Feb 22 19:38:33 UTC 2017
Author: rezny
Date: Wed Feb 22 19:38:31 2017
New Revision: 434634
URL: https://svnweb.freebsd.org/changeset/ports/434634
Log:
Adjust SSL patches to match behavior of Qt5 in regards to SSL/TLS versions.
PR: 216781
Approved by: swills (mentor)
Differential Revision: https://reviews.freebsd.org/D9727
Modified:
head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
Modified: head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
==============================================================================
--- head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp Wed Feb 22 19:29:56 2017 (r434633)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp Wed Feb 22 19:38:31 2017 (r434634)
@@ -1,21 +1,31 @@
+* Make availability of SSLv3 in Qt4 same as in Qt5, i.e. not part of SecureProtocols
+*
--- src/network/ssl/qsslsocket_openssl.cpp.orig 2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslsocket_openssl.cpp
-@@ -267,15 +267,14 @@ init_context:
+@@ -267,9 +267,13 @@ init_context:
#endif
break;
case QSsl::SslV3:
-- ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
++#ifndef OPENSSL_NO_SSL3_METHOD
+ ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
++#else
+ ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error
++#endif
break;
- case QSsl::SecureProtocols: // SslV2 will be disabled below
-- case QSsl::TlsV1SslV3: // SslV2 will be disabled below
++ case QSsl::SecureProtocols: // SslV2/3 will be disabled below
+ case QSsl::TlsV1SslV3: // SslV2 will be disabled below
case QSsl::AnyProtocol:
-- default:
- ctx = q_SSL_CTX_new(client ? q_SSLv23_client_method() : q_SSLv23_server_method());
- break;
- case QSsl::TlsV1:
-+ case QSsl::SecureProtocols:
-+ default:
- ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method());
- break;
- }
+ default:
+@@ -297,8 +301,10 @@ init_context:
+
+ // Enable bug workarounds.
+ long options;
+- if (configuration.protocol == QSsl::TlsV1SslV3 || configuration.protocol == QSsl::SecureProtocols)
++ if (configuration.protocol == QSsl::TlsV1SslV3)
+ options = SSL_OP_ALL|SSL_OP_NO_SSLv2;
++ else if (configuration.protocol == QSsl::SecureProtocols)
++ options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3;
+ else
+ options = SSL_OP_ALL;
+
Modified: head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
==============================================================================
--- head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp Wed Feb 22 19:29:56 2017 (r434633)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp Wed Feb 22 19:38:31 2017 (r434634)
@@ -1,3 +1,6 @@
+* Prepend the path of the SSL libraries used for building so the same libraries are
+* found and loaded at runtime. Normal search finds base SSL libraries before ports.
+*
--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig 2015-05-07 14:14:44 UTC
+++ src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -511,9 +511,9 @@ static QPair<QLibrary*, QLibrary*> loadO
@@ -5,10 +8,10 @@
#elif defined(SHLIB_VERSION_NUMBER)
// first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
- libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
-+ libssl->setFileNameAndVersion(QLatin1String("/usr/local/lib/libssl"), QLatin1String(SHLIB_VERSION_NUMBER));
++ libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), QLatin1String(SHLIB_VERSION_NUMBER));
libssl->setLoadHints(QLibrary::ImprovedSearchHeuristics);
- libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
-+ libcrypto->setFileNameAndVersion(QLatin1String("/usr/local/lib/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER));
++ libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), QLatin1String(SHLIB_VERSION_NUMBER));
libcrypto->setLoadHints(libcrypto->loadHints() | QLibrary::ImprovedSearchHeuristics);
if (libcrypto->load() && libssl->load()) {
// libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
@@ -18,8 +21,8 @@
// second attempt: find the development files libssl.so and libcrypto.so
- libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
- libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
-+ libssl->setFileNameAndVersion(QLatin1String("/usr/local/lib/libssl"), -1);
-+ libcrypto->setFileNameAndVersion(QLatin1String("/usr/local/lib/libcrypto"), -1);
++ libssl->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libssl"), -1);
++ libcrypto->setFileNameAndVersion(QLatin1String("%%OPENSSLLIB%%/libcrypto"), -1);
if (libcrypto->load() && libssl->load()) {
// libssl.so.0 and libcrypto.so.0 found
return pair;
More information about the svn-ports-all
mailing list