1 |
commit: 2653c5a703c411483009291858bb7f98a6e1acf2 |
2 |
Author: Stefan Strogin <stefan <AT> steils <DOT> org> |
3 |
AuthorDate: Sat Nov 28 19:37:21 2020 +0000 |
4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 28 19:45:05 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/qt.git/commit/?id=2653c5a7 |
7 |
|
8 |
dev-qt/qtnetwork: update patch for LibreSSL |
9 |
|
10 |
Package-Manager: Portage-3.0.10, Repoman-3.0.2 |
11 |
Signed-off-by: Stefan Strogin <steils <AT> gentoo.org> |
12 |
Closes: https://github.com/gentoo/qt/pull/230 |
13 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
14 |
|
15 |
...ressl.patch => qtnetwork-5.15.2-libressl.patch} | 70 ++++++++++++++-------- |
16 |
dev-qt/qtnetwork/qtnetwork-5.15.9999.ebuild | 2 +- |
17 |
2 files changed, 45 insertions(+), 27 deletions(-) |
18 |
|
19 |
diff --git a/dev-qt/qtnetwork/files/qtnetwork-5.15.1-libressl.patch b/dev-qt/qtnetwork/files/qtnetwork-5.15.2-libressl.patch |
20 |
similarity index 87% |
21 |
rename from dev-qt/qtnetwork/files/qtnetwork-5.15.1-libressl.patch |
22 |
rename to dev-qt/qtnetwork/files/qtnetwork-5.15.2-libressl.patch |
23 |
index d78e1929..f7fe32f0 100644 |
24 |
--- a/dev-qt/qtnetwork/files/qtnetwork-5.15.1-libressl.patch |
25 |
+++ b/dev-qt/qtnetwork/files/qtnetwork-5.15.2-libressl.patch |
26 |
@@ -1,6 +1,6 @@ |
27 |
-From faefff58d6669a41ed7831589420c4413bc28f97 Mon Sep 17 00:00:00 2001 |
28 |
+From 07a00f9c6d87f1fa5360cfb8f086670f3fa5bd3f Mon Sep 17 00:00:00 2001 |
29 |
From: Stefan Strogin <steils@g.o> |
30 |
-Date: Wed, 5 Feb 2020 03:49:35 +0200 |
31 |
+Date: Sat, 28 Nov 2020 06:12:22 +0200 |
32 |
Subject: [PATCH] QSslSocket: add LibreSSL support |
33 |
|
34 |
Upstream-Status: Inappropriate |
35 |
@@ -8,18 +8,18 @@ Upstream-Status: Inappropriate |
36 |
Signed-off-by: Stefan Strogin <steils@g.o> |
37 |
--- |
38 |
src/network/ssl/qsslcertificate_openssl.cpp | 2 +- |
39 |
- src/network/ssl/qsslcontext_openssl.cpp | 17 ++++++- |
40 |
+ src/network/ssl/qsslcontext_openssl.cpp | 19 +++++++- |
41 |
src/network/ssl/qsslcontext_openssl_p.h | 7 +++ |
42 |
src/network/ssl/qsslsocket_openssl.cpp | 2 +- |
43 |
- .../ssl/qsslsocket_openssl_symbols.cpp | 29 ++++++++++++ |
44 |
+ .../ssl/qsslsocket_openssl_symbols.cpp | 31 +++++++++++++ |
45 |
.../ssl/qsslsocket_openssl_symbols_p.h | 45 +++++++++++++++++++ |
46 |
- 6 files changed, 99 insertions(+), 3 deletions(-) |
47 |
+ 6 files changed, 103 insertions(+), 3 deletions(-) |
48 |
|
49 |
diff --git a/src/network/ssl/qsslcertificate_openssl.cpp b/src/network/ssl/qsslcertificate_openssl.cpp |
50 |
-index 6f1fb26add..eba5a72951 100644 |
51 |
+index ca9d61cc..19774432 100644 |
52 |
--- a/src/network/ssl/qsslcertificate_openssl.cpp |
53 |
+++ b/src/network/ssl/qsslcertificate_openssl.cpp |
54 |
-@@ -658,7 +658,7 @@ static QMultiMap<QByteArray, QString> _q_mapFromX509Name(X509_NAME *name) |
55 |
+@@ -661,7 +661,7 @@ static QMultiMap<QByteArray, QString> _q_mapFromX509Name(X509_NAME *name) |
56 |
unsigned char *data = nullptr; |
57 |
int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e)); |
58 |
info.insert(name, QString::fromUtf8((char*)data, size)); |
59 |
@@ -29,10 +29,22 @@ index 6f1fb26add..eba5a72951 100644 |
60 |
#else |
61 |
q_CRYPTO_free(data); |
62 |
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp |
63 |
-index abc398b209..c2f90be009 100644 |
64 |
+index c9f202f5..d3626cab 100644 |
65 |
--- a/src/network/ssl/qsslcontext_openssl.cpp |
66 |
+++ b/src/network/ssl/qsslcontext_openssl.cpp |
67 |
-@@ -397,16 +397,28 @@ init_context: |
68 |
+@@ -351,9 +351,11 @@ init_context: |
69 |
+ return; |
70 |
+ } |
71 |
+ |
72 |
++#ifndef LIBRESSL_VERSION_NUMBER |
73 |
+ // A nasty hacked OpenSSL using a level that will make our auto-tests fail: |
74 |
+ if (q_SSL_CTX_get_security_level(sslContext->ctx) > 1 && *forceSecurityLevel()) |
75 |
+ q_SSL_CTX_set_security_level(sslContext->ctx, 1); |
76 |
++#endif // LIBRESSL_VERSION_NUMBER |
77 |
+ |
78 |
+ const long anyVersion = |
79 |
+ #if QT_CONFIG(dtls) |
80 |
+@@ -408,16 +410,28 @@ init_context: |
81 |
maxVersion = DTLS1_VERSION; |
82 |
break; |
83 |
case QSsl::DtlsV1_0OrLater: |
84 |
@@ -61,7 +73,7 @@ index abc398b209..c2f90be009 100644 |
85 |
break; |
86 |
case QSsl::TlsV1_3OrLater: |
87 |
#ifdef TLS1_3_VERSION |
88 |
-@@ -711,6 +723,7 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext) |
89 |
+@@ -722,6 +736,7 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext) |
90 |
} |
91 |
#endif // ocsp |
92 |
|
93 |
@@ -69,7 +81,7 @@ index abc398b209..c2f90be009 100644 |
94 |
QSharedPointer<SSL_CONF_CTX> cctx(q_SSL_CONF_CTX_new(), &q_SSL_CONF_CTX_free); |
95 |
if (cctx) { |
96 |
q_SSL_CONF_CTX_set_ssl_ctx(cctx.data(), sslContext->ctx); |
97 |
-@@ -757,7 +770,9 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext) |
98 |
+@@ -768,7 +783,9 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext) |
99 |
sslContext->errorStr = msgErrorSettingBackendConfig(QSslSocket::tr("SSL_CONF_finish() failed")); |
100 |
sslContext->errorCode = QSslError::UnspecifiedError; |
101 |
} |
102 |
@@ -81,7 +93,7 @@ index abc398b209..c2f90be009 100644 |
103 |
sslContext->errorCode = QSslError::UnspecifiedError; |
104 |
} |
105 |
diff --git a/src/network/ssl/qsslcontext_openssl_p.h b/src/network/ssl/qsslcontext_openssl_p.h |
106 |
-index 70cb97aad8..01a61cf535 100644 |
107 |
+index 70cb97aa..01a61cf5 100644 |
108 |
--- a/src/network/ssl/qsslcontext_openssl_p.h |
109 |
+++ b/src/network/ssl/qsslcontext_openssl_p.h |
110 |
@@ -61,6 +61,13 @@ |
111 |
@@ -99,10 +111,10 @@ index 70cb97aad8..01a61cf535 100644 |
112 |
|
113 |
class QSslContextPrivate; |
114 |
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp |
115 |
-index 6239537949..6f5e7fd6e2 100644 |
116 |
+index 277037e5..f599498d 100644 |
117 |
--- a/src/network/ssl/qsslsocket_openssl.cpp |
118 |
+++ b/src/network/ssl/qsslsocket_openssl.cpp |
119 |
-@@ -605,7 +605,7 @@ bool QSslSocketBackendPrivate::initSslContext() |
120 |
+@@ -653,7 +653,7 @@ bool QSslSocketBackendPrivate::initSslContext() |
121 |
else if (mode == QSslSocket::SslServerMode) |
122 |
q_SSL_set_psk_server_callback(ssl, &q_ssl_psk_server_callback); |
123 |
|
124 |
@@ -112,7 +124,7 @@ index 6239537949..6f5e7fd6e2 100644 |
125 |
if (mode == QSslSocket::SslClientMode |
126 |
&& QSslSocket::sslLibraryBuildVersionNumber() >= 0x10101006L) { |
127 |
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp |
128 |
-index 2f57998cea..c5779dd285 100644 |
129 |
+index ed80fc14..6941b4db 100644 |
130 |
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp |
131 |
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp |
132 |
@@ -145,11 +145,14 @@ DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return |
133 |
@@ -130,7 +142,7 @@ index 2f57998cea..c5779dd285 100644 |
134 |
DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return) |
135 |
DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return) |
136 |
DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG) |
137 |
-@@ -157,6 +160,14 @@ DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return null |
138 |
+@@ -157,10 +160,20 @@ DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return null |
139 |
DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK *a, a, void *b, b, return, DUMMYARG) |
140 |
DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG) |
141 |
DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return) |
142 |
@@ -144,8 +156,14 @@ index 2f57998cea..c5779dd285 100644 |
143 |
+#endif // LIBRESSL_VERSION_NUMBER |
144 |
DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return) |
145 |
DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return) |
146 |
++#ifndef LIBRESSL_VERSION_NUMBER |
147 |
+ DEFINEFUNC(int, SSL_CTX_get_security_level, const SSL_CTX *ctx, ctx, return -1, return) |
148 |
+ DEFINEFUNC2(void, SSL_CTX_set_security_level, SSL_CTX *ctx, ctx, int level, level, return, return) |
149 |
++#endif // LIBRESSL_VERSION_NUMBER |
150 |
#ifdef TLS1_3_VERSION |
151 |
-@@ -182,7 +193,11 @@ DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_ver |
152 |
+ DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return) |
153 |
+ DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG) |
154 |
+@@ -184,7 +197,11 @@ DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_ver |
155 |
DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *data, data, return 0, return) |
156 |
DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return) |
157 |
DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return) |
158 |
@@ -157,7 +175,7 @@ index 2f57998cea..c5779dd285 100644 |
159 |
DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return) |
160 |
DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return) |
161 |
DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return) |
162 |
-@@ -222,7 +237,9 @@ DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash, |
163 |
+@@ -224,7 +241,9 @@ DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash, |
164 |
ASN1_OCTET_STRING **piKeyHash, piKeyHash, ASN1_INTEGER **pserial, pserial, OCSP_CERTID *cid, cid, |
165 |
return 0, return) |
166 |
DEFINEFUNC2(OCSP_RESPONSE *, OCSP_response_create, int status, status, OCSP_BASICRESP *bs, bs, return nullptr, return) |
167 |
@@ -167,7 +185,7 @@ index 2f57998cea..c5779dd285 100644 |
168 |
DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID *a, a, OCSP_CERTID *b, b, return -1, return) |
169 |
DEFINEFUNC7(OCSP_SINGLERESP *, OCSP_basic_add1_status, OCSP_BASICRESP *r, r, OCSP_CERTID *c, c, int s, s, |
170 |
int re, re, ASN1_TIME *rt, rt, ASN1_TIME *t, t, ASN1_TIME *n, n, return nullptr, return) |
171 |
-@@ -354,12 +371,14 @@ DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return - |
172 |
+@@ -356,12 +375,14 @@ DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return - |
173 |
DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return) |
174 |
DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) |
175 |
DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return) |
176 |
@@ -182,7 +200,7 @@ index 2f57998cea..c5779dd285 100644 |
177 |
DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG) |
178 |
DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return nullptr, return) |
179 |
DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr, return) |
180 |
-@@ -843,17 +862,21 @@ bool q_resolveOpenSslSymbols() |
181 |
+@@ -845,17 +866,21 @@ bool q_resolveOpenSslSymbols() |
182 |
RESOLVEFUNC(ASN1_STRING_get0_data) |
183 |
RESOLVEFUNC(EVP_CIPHER_CTX_reset) |
184 |
RESOLVEFUNC(EVP_PKEY_up_ref) |
185 |
@@ -203,8 +221,8 @@ index 2f57998cea..c5779dd285 100644 |
186 |
+#endif |
187 |
RESOLVEFUNC(DH_get0_pqg) |
188 |
RESOLVEFUNC(SSL_CTX_set_options) |
189 |
- |
190 |
-@@ -895,7 +918,9 @@ bool q_resolveOpenSslSymbols() |
191 |
+ RESOLVEFUNC(SSL_CTX_get_security_level) |
192 |
+@@ -898,7 +923,9 @@ bool q_resolveOpenSslSymbols() |
193 |
|
194 |
RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint) |
195 |
RESOLVEFUNC(DH_bits) |
196 |
@@ -214,7 +232,7 @@ index 2f57998cea..c5779dd285 100644 |
197 |
|
198 |
#if QT_CONFIG(dtls) |
199 |
RESOLVEFUNC(DTLSv1_listen) |
200 |
-@@ -925,7 +950,9 @@ bool q_resolveOpenSslSymbols() |
201 |
+@@ -928,7 +955,9 @@ bool q_resolveOpenSslSymbols() |
202 |
RESOLVEFUNC(OCSP_check_validity) |
203 |
RESOLVEFUNC(OCSP_cert_to_id) |
204 |
RESOLVEFUNC(OCSP_id_get0_info) |
205 |
@@ -224,7 +242,7 @@ index 2f57998cea..c5779dd285 100644 |
206 |
RESOLVEFUNC(OCSP_basic_sign) |
207 |
RESOLVEFUNC(OCSP_response_create) |
208 |
RESOLVEFUNC(i2d_OCSP_RESPONSE) |
209 |
-@@ -1055,12 +1082,14 @@ bool q_resolveOpenSslSymbols() |
210 |
+@@ -1058,12 +1087,14 @@ bool q_resolveOpenSslSymbols() |
211 |
RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) |
212 |
RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) |
213 |
RESOLVEFUNC(SSL_CTX_get_cert_store); |
214 |
@@ -240,7 +258,7 @@ index 2f57998cea..c5779dd285 100644 |
215 |
RESOLVEFUNC(SSL_clear) |
216 |
RESOLVEFUNC(SSL_connect) |
217 |
diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h |
218 |
-index 018962bcc1..62cf23ae38 100644 |
219 |
+index c46afcf5..42a31119 100644 |
220 |
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h |
221 |
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h |
222 |
@@ -80,6 +80,13 @@ QT_BEGIN_NAMESPACE |
223 |
@@ -355,5 +373,5 @@ index 018962bcc1..62cf23ae38 100644 |
224 |
Q_AUTOTEST_EXPORT void q_OCSP_CERTID_free(OCSP_CERTID *cid); |
225 |
int q_OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b); |
226 |
-- |
227 |
-2.26.2 |
228 |
+2.29.2 |
229 |
|
230 |
|
231 |
diff --git a/dev-qt/qtnetwork/qtnetwork-5.15.9999.ebuild b/dev-qt/qtnetwork/qtnetwork-5.15.9999.ebuild |
232 |
index e3ae43aa..b18029d1 100644 |
233 |
--- a/dev-qt/qtnetwork/qtnetwork-5.15.9999.ebuild |
234 |
+++ b/dev-qt/qtnetwork/qtnetwork-5.15.9999.ebuild |
235 |
@@ -48,7 +48,7 @@ QT5_GENTOO_PRIVATE_CONFIG=( |
236 |
:network |
237 |
) |
238 |
|
239 |
-PATCHES=( "${FILESDIR}"/${PN}-5.15.1-libressl.patch ) # Bug 562050, not upstreamable |
240 |
+PATCHES=( "${FILESDIR}"/${PN}-5.15.2-libressl.patch ) # Bug 562050, not upstreamable |
241 |
|
242 |
pkg_setup() { |
243 |
use connman && QT5_TARGET_SUBDIRS+=(src/plugins/bearer/connman) |