683 lines
30 KiB
Diff
683 lines
30 KiB
Diff
diff --git a/src/network/ssl/qdtls_openssl.cpp b/src/network/ssl/qdtls_openssl.cpp
|
|
index ede9595f197..e8af73acfb9 100644
|
|
--- a/src/network/ssl/qdtls_openssl.cpp
|
|
+++ b/src/network/ssl/qdtls_openssl.cpp
|
|
@@ -267,6 +267,7 @@ extern "C" int q_X509DtlsCallback(int ok, X509_STORE_CTX *ctx)
|
|
return 1;
|
|
}
|
|
|
|
+#ifndef OPENSSL_NO_PSK
|
|
extern "C" unsigned q_PSK_client_callback(SSL *ssl, const char *hint, char *identity,
|
|
unsigned max_identity_len, unsigned char *psk,
|
|
unsigned max_psk_len)
|
|
@@ -291,6 +292,7 @@ extern "C" unsigned q_PSK_server_callback(SSL *ssl, const char *identity, unsign
|
|
Q_ASSERT(dtls->dtlsPrivate);
|
|
return dtls->dtlsPrivate->pskServerCallback(identity, psk, max_psk_len);
|
|
}
|
|
+#endif // OPENSSL_NO_PSK
|
|
|
|
} // namespace dtlscallbacks
|
|
|
|
@@ -551,18 +553,24 @@ extern "C" long q_dgram_ctrl(BIO *bio, int cmd, long num, void *ptr)
|
|
case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
|
|
// DTLSTODO: I'm not sure yet, how it's used by OpenSSL.
|
|
return 1;
|
|
+#ifdef BIO_CTRL_DGRAM_SET_DONT_FRAG
|
|
case BIO_CTRL_DGRAM_SET_DONT_FRAG:
|
|
qDtlsDebug("BIO_CTRL_DGRAM_SET_DONT_FRAG");
|
|
// To be done in QUdpSocket, it's about IP_DONTFRAG etc.
|
|
return 1;
|
|
+#endif // BIO_CTRL_DGRAM_SET_DONT_FRAG
|
|
+#ifdef BIO_CTRL_DGRAM_GET_MTU_OVERHEAD
|
|
case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
|
|
// AFAIK it's 28 for IPv4 and 48 for IPv6, but let's pretend it's 0
|
|
// so that OpenSSL does not start suddenly fragmenting the first
|
|
// client hello (which will result in DTLSv1_listen rejecting it).
|
|
return 0;
|
|
+#endif // BIO_CTRL_DGRAM_GET_MTU_OVERHEAD
|
|
+#ifdef BIO_CTRL_DGRAM_SET_PEEK_MODE
|
|
case BIO_CTRL_DGRAM_SET_PEEK_MODE:
|
|
dtls->peeking = num;
|
|
return 1;
|
|
+#endif // BIO_CTRL_DGRAM_SET_PEEK_MODE
|
|
default:;
|
|
#if QT_DTLS_VERBOSE
|
|
qWarning() << "Unexpected cmd (" << cmd << ")";
|
|
@@ -702,12 +710,16 @@ bool DtlsState::initCtxAndConnection(QDtlsBasePrivate *dtlsBase)
|
|
}
|
|
|
|
if (dtlsBase->mode == QSslSocket::SslServerMode) {
|
|
- if (dtlsBase->dtlsConfiguration.dtlsCookieEnabled)
|
|
- q_SSL_set_options(newConnection.data(), SSL_OP_COOKIE_EXCHANGE);
|
|
- q_SSL_set_psk_server_callback(newConnection.data(), dtlscallbacks::q_PSK_server_callback);
|
|
- } else {
|
|
- q_SSL_set_psk_client_callback(newConnection.data(), dtlscallbacks::q_PSK_client_callback);
|
|
- }
|
|
+ if (dtlsBase->dtlsConfiguration.dtlsCookieEnabled)
|
|
+ q_SSL_set_options(newConnection.data(), SSL_OP_COOKIE_EXCHANGE);
|
|
+#ifndef OPENSSL_NO_PSK
|
|
+ q_SSL_set_psk_server_callback(newConnection.data(), dtlscallbacks::q_PSK_server_callback);
|
|
+#endif // OPENSSL_NO_PSK
|
|
+} else {
|
|
+#ifndef OPENSSL_NO_PSK
|
|
+ q_SSL_set_psk_client_callback(newConnection.data(), dtlscallbacks::q_PSK_client_callback);
|
|
+#endif // OPENSSL_NO_PSK
|
|
+}
|
|
|
|
tlsContext.swap(newContext);
|
|
tlsConnection.swap(newConnection);
|
|
diff --git a/src/network/ssl/qsslcertificate_openssl.cpp b/src/network/ssl/qsslcertificate_openssl.cpp
|
|
index d1794d4dbd7..1f1aa5edb36 100644
|
|
--- a/src/network/ssl/qsslcertificate_openssl.cpp
|
|
+++ b/src/network/ssl/qsslcertificate_openssl.cpp
|
|
@@ -727,7 +727,7 @@ static QMultiMap<QByteArray, QString> _q_mapFromX509Name(X509_NAME *name)
|
|
unsigned char *data = nullptr;
|
|
int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e));
|
|
info.insert(name, QString::fromUtf8((char*)data, size));
|
|
-#if QT_CONFIG(opensslv11)
|
|
+#if QT_CONFIG(opensslv11) && !defined(LIBRESSL_VERSION_NUMBER)
|
|
q_CRYPTO_free(data, nullptr, 0);
|
|
#else
|
|
q_CRYPTO_free(data);
|
|
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp
|
|
index e4bb61ecb57..325ea3b58f8 100644
|
|
--- a/src/network/ssl/qsslcontext_openssl.cpp
|
|
+++ b/src/network/ssl/qsslcontext_openssl.cpp
|
|
@@ -54,12 +54,14 @@
|
|
|
|
QT_BEGIN_NAMESPACE
|
|
|
|
+#ifdef SSL_SECOP_PEER
|
|
Q_GLOBAL_STATIC(bool, forceSecurityLevel)
|
|
|
|
Q_NETWORK_EXPORT void qt_ForceTlsSecurityLevel()
|
|
{
|
|
*forceSecurityLevel() = true;
|
|
}
|
|
+#endif //SSL_SECOP_PEER
|
|
|
|
// defined in qsslsocket_openssl.cpp:
|
|
extern int q_X509Callback(int ok, X509_STORE_CTX *ctx);
|
|
@@ -351,9 +353,11 @@ init_context:
|
|
return;
|
|
}
|
|
|
|
+#ifdef SSL_SECOP_PEER
|
|
// A nasty hacked OpenSSL using a level that will make our auto-tests fail:
|
|
if (q_SSL_CTX_get_security_level(sslContext->ctx) > 1 && *forceSecurityLevel())
|
|
q_SSL_CTX_set_security_level(sslContext->ctx, 1);
|
|
+#endif //SSL_SECOP_PEER
|
|
|
|
const long anyVersion =
|
|
#if QT_CONFIG(dtls)
|
|
@@ -408,16 +412,28 @@ init_context:
|
|
maxVersion = DTLS1_VERSION;
|
|
break;
|
|
case QSsl::DtlsV1_0OrLater:
|
|
+#ifdef DTLS_MAX_VERSION
|
|
minVersion = DTLS1_VERSION;
|
|
maxVersion = 0;
|
|
+#else
|
|
+ Q_UNREACHABLE();
|
|
+#endif // DTLS_MAX_VERSION
|
|
break;
|
|
case QSsl::DtlsV1_2:
|
|
+#ifdef DTLS1_2_VERSION
|
|
minVersion = DTLS1_2_VERSION;
|
|
maxVersion = DTLS1_2_VERSION;
|
|
+#else
|
|
+ Q_UNREACHABLE();
|
|
+#endif // DTLS1_2_VERSION
|
|
break;
|
|
case QSsl::DtlsV1_2OrLater:
|
|
+#if defined(DTLS1_2_VERSION)
|
|
minVersion = DTLS1_2_VERSION;
|
|
maxVersion = 0;
|
|
+#else
|
|
+ Q_UNREACHABLE();
|
|
+#endif // DTLS1_2_VERSION
|
|
break;
|
|
case QSsl::TlsV1_3OrLater:
|
|
#ifdef TLS1_3_VERSION
|
|
@@ -722,6 +738,7 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext)
|
|
}
|
|
#endif // ocsp
|
|
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
QSharedPointer<SSL_CONF_CTX> cctx(q_SSL_CONF_CTX_new(), &q_SSL_CONF_CTX_free);
|
|
if (cctx) {
|
|
q_SSL_CONF_CTX_set_ssl_ctx(cctx.data(), sslContext->ctx);
|
|
@@ -768,7 +785,9 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext)
|
|
sslContext->errorStr = msgErrorSettingBackendConfig(QSslSocket::tr("SSL_CONF_finish() failed"));
|
|
sslContext->errorCode = QSslError::UnspecifiedError;
|
|
}
|
|
- } else {
|
|
+ } else
|
|
+#endif // LIBRESSL_VERSION_NUMBER
|
|
+ {
|
|
sslContext->errorStr = msgErrorSettingBackendConfig(QSslSocket::tr("SSL_CONF_CTX_new() failed"));
|
|
sslContext->errorCode = QSslError::UnspecifiedError;
|
|
}
|
|
diff --git a/src/network/ssl/qsslcontext_openssl_p.h b/src/network/ssl/qsslcontext_openssl_p.h
|
|
index 70cb97aad82..01a61cf5352 100644
|
|
--- a/src/network/ssl/qsslcontext_openssl_p.h
|
|
+++ b/src/network/ssl/qsslcontext_openssl_p.h
|
|
@@ -61,6 +61,13 @@
|
|
|
|
QT_BEGIN_NAMESPACE
|
|
|
|
+#ifndef DTLS_ANY_VERSION
|
|
+#define DTLS_ANY_VERSION 0x1FFFF
|
|
+#endif
|
|
+#ifndef TLS_ANY_VERSION
|
|
+#define TLS_ANY_VERSION 0x10000
|
|
+#endif
|
|
+
|
|
#ifndef QT_NO_SSL
|
|
|
|
class QSslContextPrivate;
|
|
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
|
|
index 8f6858c867a..8292cec8b3c 100644
|
|
--- a/src/network/ssl/qsslsocket_openssl.cpp
|
|
+++ b/src/network/ssl/qsslsocket_openssl.cpp
|
|
@@ -246,6 +246,12 @@ static int q_ssl_psk_use_session_callback(SSL *ssl, const EVP_MD *md, const unsi
|
|
return 1; // need to return 1 or else "the connection setup fails."
|
|
}
|
|
|
|
+#endif // TLS1_3_VERSION
|
|
+
|
|
+#endif // !OPENSSL_NO_PSK
|
|
+
|
|
+#if (!defined(OPENSSL_NO_PSK) || defined(LIBRESSL_VERSION_NUMBER)) \
|
|
+&& defined(TLS1_3_VERSION)
|
|
int q_ssl_sess_set_new_cb(SSL *ssl, SSL_SESSION *session)
|
|
{
|
|
if (!ssl) {
|
|
@@ -261,9 +267,7 @@ int q_ssl_sess_set_new_cb(SSL *ssl, SSL_SESSION *session)
|
|
QSslSocketBackendPrivate::s_indexForSSLExtraData));
|
|
return socketPrivate->handleNewSessionTicket(ssl);
|
|
}
|
|
-#endif // TLS1_3_VERSION
|
|
-
|
|
-#endif // !OPENSSL_NO_PSK
|
|
+#endif
|
|
|
|
#if QT_CONFIG(ocsp)
|
|
|
|
@@ -675,7 +679,7 @@ bool QSslSocketBackendPrivate::initSslContext()
|
|
else if (mode == QSslSocket::SslServerMode)
|
|
q_SSL_set_psk_server_callback(ssl, &q_ssl_psk_server_callback);
|
|
|
|
-#if OPENSSL_VERSION_NUMBER >= 0x10101006L
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x10101006L && !defined(LIBRESSL_VERSION_NUMBER)
|
|
// Set the client callback for TLSv1.3 PSK
|
|
if (mode == QSslSocket::SslClientMode
|
|
&& QSslSocket::sslLibraryBuildVersionNumber() >= 0x10101006L) {
|
|
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
|
|
index 6a9a3ef3b3f..a7c112c367e 100644
|
|
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
|
|
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
|
|
@@ -142,14 +142,21 @@ DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTI
|
|
DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return)
|
|
DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return nullptr, return)
|
|
DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return)
|
|
+#endif
|
|
DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX *c, c, return 0, return)
|
|
DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY *a, a, return 0, return)
|
|
+#ifdef OPENSSL_NO_DEPRECATED_3_0
|
|
DEFINEFUNC2(EVP_PKEY_CTX *, EVP_PKEY_CTX_new, EVP_PKEY *pkey, pkey, ENGINE *e, e, return nullptr, return)
|
|
DEFINEFUNC(int, EVP_PKEY_param_check, EVP_PKEY_CTX *ctx, ctx, return 0, return)
|
|
DEFINEFUNC(void, EVP_PKEY_CTX_free, EVP_PKEY_CTX *ctx, ctx, return, return)
|
|
+#endif // OPENSSL_NO_DEPRECATED_3_0
|
|
DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return)
|
|
+#endif
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER)
|
|
DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return)
|
|
DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
|
|
DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return)
|
|
@@ -158,8 +165,18 @@ DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG)
|
|
DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return)
|
|
DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return)
|
|
DEFINEFUNC2(qssloptions, SSL_CTX_set_options, SSL_CTX *ctx, ctx, qssloptions op, op, return 0, return)
|
|
+#else
|
|
+DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
|
|
+DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
|
|
+DEFINEFUNC(_STACK *, sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return)
|
|
+DEFINEFUNC2(void, sk_push, _STACK *a, a, void *b, b, return, DUMMYARG)
|
|
+DEFINEFUNC(void, sk_free, _STACK *a, a, return, DUMMYARG)
|
|
+DEFINEFUNC2(void *, sk_value, STACK *a, a, int b, b, return nullptr, return)
|
|
+#endif // LIBRESSL_VERSION_NUMBER
|
|
+#ifdef SSL_SECOP_PEER
|
|
DEFINEFUNC(int, SSL_CTX_get_security_level, const SSL_CTX *ctx, ctx, return -1, return)
|
|
DEFINEFUNC2(void, SSL_CTX_set_security_level, SSL_CTX *ctx, ctx, int level, level, return, return)
|
|
+#endif //SSL_SECOP_PEER
|
|
#ifdef TLS1_3_VERSION
|
|
DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return)
|
|
DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG)
|
|
@@ -169,7 +186,9 @@ DEFINEFUNC(int, SSL_SESSION_is_resumable, const SSL_SESSION *s, s, return 0, ret
|
|
DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return)
|
|
DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return)
|
|
DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
DEFINEFUNC2(unsigned long, SSL_set_options, SSL *ssl, ssl, unsigned long op, op, return 0, return)
|
|
+#endif
|
|
|
|
DEFINEFUNC(const SSL_METHOD *, TLS_method, DUMMYARG, DUMMYARG, return nullptr, return)
|
|
DEFINEFUNC(const SSL_METHOD *, TLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
|
|
@@ -185,7 +204,23 @@ DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_ver
|
|
DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *data, data, return 0, return)
|
|
DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return)
|
|
DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return)
|
|
-DEFINEFUNC3(void, CRYPTO_free, void *str, str, const char *file, file, int line, line, return, DUMMYARG)
|
|
+#if defined(QT_LINKED_OPENSSL)
|
|
+void q_CRYPTO_free(void *str, const char *, int)
|
|
+{
|
|
+ OPENSSL_free(str);
|
|
+}
|
|
+#else
|
|
+typedef void (*_q_PTR_CRYPTO_free)(void *str, const char *file, int line);
|
|
+static _q_PTR_CRYPTO_free _q_CRYPTO_free = nullptr;
|
|
+void q_CRYPTO_free(void *str, const char *file, int line)
|
|
+{
|
|
+ if (Q_UNLIKELY(!_q_CRYPTO_free)) {
|
|
+ qsslSocketUnresolvedSymbolWarning("CRYPTO_free");
|
|
+ return;
|
|
+ }
|
|
+ _q_CRYPTO_free(str, file, line);
|
|
+}
|
|
+#endif // QT_LINKED_OPENSSL
|
|
DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return)
|
|
DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return)
|
|
DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return)
|
|
@@ -193,9 +228,25 @@ DEFINEFUNC4(void, DH_get0_pqg, const DH *dh, dh, const BIGNUM **p, p, const BIGN
|
|
DEFINEFUNC(int, DH_bits, DH *dh, dh, return 0, return)
|
|
|
|
#if QT_CONFIG(dtls)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || defined(BIO_F_BIO_ADDR_NEW)
|
|
DEFINEFUNC2(int, DTLSv1_listen, SSL *s, s, BIO_ADDR *c, c, return -1, return)
|
|
DEFINEFUNC(BIO_ADDR *, BIO_ADDR_new, DUMMYARG, DUMMYARG, return nullptr, return)
|
|
DEFINEFUNC(void, BIO_ADDR_free, BIO_ADDR *ap, ap, return, DUMMYARG)
|
|
+#else
|
|
+int q_DTLSv1_listen(SSL *, BIO_ADDR *)
|
|
+{
|
|
+ return -1;
|
|
+}
|
|
+
|
|
+BIO_ADDR *q_BIO_ADDR_new()
|
|
+{
|
|
+ return nullptr;
|
|
+}
|
|
+
|
|
+void q_BIO_ADDR_free(BIO_ADDR *)
|
|
+{
|
|
+}
|
|
+#endif // !LIBRESSL_VERSION_NUMBER || BIO_F_BIO_ADDR_NEW
|
|
DEFINEFUNC2(BIO_METHOD *, BIO_meth_new, int type, type, const char *name, name, return nullptr, return)
|
|
DEFINEFUNC(void, BIO_meth_free, BIO_METHOD *biom, biom, return, DUMMYARG)
|
|
DEFINEFUNC2(int, BIO_meth_set_write, BIO_METHOD *biom, biom, DgramWriteCallback write, write, return 0, return)
|
|
@@ -225,7 +276,9 @@ DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash,
|
|
ASN1_OCTET_STRING **piKeyHash, piKeyHash, ASN1_INTEGER **pserial, pserial, OCSP_CERTID *cid, cid,
|
|
return 0, return)
|
|
DEFINEFUNC2(OCSP_RESPONSE *, OCSP_response_create, int status, status, OCSP_BASICRESP *bs, bs, return nullptr, return)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
DEFINEFUNC(const STACK_OF(X509) *, OCSP_resp_get0_certs, const OCSP_BASICRESP *bs, bs, return nullptr, return)
|
|
+#endif
|
|
DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID *a, a, OCSP_CERTID *b, b, return -1, return)
|
|
DEFINEFUNC7(OCSP_SINGLERESP *, OCSP_basic_add1_status, OCSP_BASICRESP *r, r, OCSP_CERTID *c, c, int s, s,
|
|
int re, re, ASN1_TIME *rt, rt, ASN1_TIME *t, t, ASN1_TIME *n, n, return nullptr, return)
|
|
@@ -358,12 +411,14 @@ DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -
|
|
DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return)
|
|
DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
|
|
DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return);
|
|
DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return);
|
|
DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return);
|
|
DEFINEFUNC2(unsigned int, SSL_CONF_CTX_set_flags, SSL_CONF_CTX *a, a, unsigned int b, b, return 0, return);
|
|
DEFINEFUNC(int, SSL_CONF_CTX_finish, SSL_CONF_CTX *a, a, return 0, return);
|
|
DEFINEFUNC3(int, SSL_CONF_cmd, SSL_CONF_CTX *a, a, const char *b, b, const char *c, c, return 0, return);
|
|
+#endif
|
|
DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG)
|
|
DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return nullptr, return)
|
|
DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr, return)
|
|
@@ -388,7 +443,11 @@ DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG
|
|
DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG)
|
|
DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG)
|
|
DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
DEFINEFUNC(int, SSL_in_init, const SSL *a, a, return 0, return)
|
|
+#else
|
|
+DEFINEFUNC(int, SSL_state, const SSL *a, a, return 0, return)
|
|
+#endif
|
|
DEFINEFUNC(int, SSL_get_shutdown, const SSL *ssl, ssl, return 0, return)
|
|
DEFINEFUNC2(int, SSL_set_session, SSL* to, to, SSL_SESSION *session, session, return -1, return)
|
|
DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION *ses, ses, return, DUMMYARG)
|
|
@@ -870,20 +929,35 @@ bool q_resolveOpenSslSymbols()
|
|
RESOLVEFUNC(EVP_CIPHER_CTX_reset)
|
|
RESOLVEFUNC(AUTHORITY_INFO_ACCESS_free)
|
|
RESOLVEFUNC(EVP_PKEY_up_ref)
|
|
+#ifdef OPENSSL_NO_DEPRECATED_3_0
|
|
RESOLVEFUNC(EVP_PKEY_CTX_new)
|
|
RESOLVEFUNC(EVP_PKEY_param_check)
|
|
RESOLVEFUNC(EVP_PKEY_CTX_free)
|
|
+#endif // OPENSSL_NO_DEPRECATED_3_0
|
|
RESOLVEFUNC(RSA_bits)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER)
|
|
RESOLVEFUNC(OPENSSL_sk_new_null)
|
|
RESOLVEFUNC(OPENSSL_sk_push)
|
|
RESOLVEFUNC(OPENSSL_sk_free)
|
|
RESOLVEFUNC(OPENSSL_sk_num)
|
|
RESOLVEFUNC(OPENSSL_sk_pop_free)
|
|
RESOLVEFUNC(OPENSSL_sk_value)
|
|
+#else
|
|
+ RESOLVEFUNC(sk_new_null)
|
|
+ RESOLVEFUNC(sk_push)
|
|
+ RESOLVEFUNC(sk_free)
|
|
+ RESOLVEFUNC(sk_num)
|
|
+ RESOLVEFUNC(sk_pop_free)
|
|
+ RESOLVEFUNC(sk_value)
|
|
+#endif
|
|
RESOLVEFUNC(DH_get0_pqg)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
RESOLVEFUNC(SSL_CTX_set_options)
|
|
+#endif
|
|
+#ifdef SSL_SECOP_PEER
|
|
RESOLVEFUNC(SSL_CTX_get_security_level)
|
|
RESOLVEFUNC(SSL_CTX_set_security_level)
|
|
+#endif //SSL_SECOP_PEER
|
|
#ifdef TLS1_3_VERSION
|
|
RESOLVEFUNC(SSL_CTX_set_ciphersuites)
|
|
RESOLVEFUNC(SSL_set_psk_use_session_callback)
|
|
@@ -893,9 +967,13 @@ bool q_resolveOpenSslSymbols()
|
|
|
|
RESOLVEFUNC(SSL_get_client_random)
|
|
RESOLVEFUNC(SSL_SESSION_get_master_key)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
RESOLVEFUNC(SSL_session_reused)
|
|
+#endif
|
|
RESOLVEFUNC(SSL_get_session)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
RESOLVEFUNC(SSL_set_options)
|
|
+#endif
|
|
RESOLVEFUNC(CRYPTO_get_ex_new_index)
|
|
RESOLVEFUNC(TLS_method)
|
|
RESOLVEFUNC(TLS_client_method)
|
|
@@ -936,12 +1014,16 @@ bool q_resolveOpenSslSymbols()
|
|
|
|
RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint)
|
|
RESOLVEFUNC(DH_bits)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
RESOLVEFUNC(DSA_bits)
|
|
+#endif
|
|
|
|
#if QT_CONFIG(dtls)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || defined(BIO_F_BIO_ADDR_NEW)
|
|
RESOLVEFUNC(DTLSv1_listen)
|
|
RESOLVEFUNC(BIO_ADDR_new)
|
|
RESOLVEFUNC(BIO_ADDR_free)
|
|
+#endif // !LIBRESSL_VERSION_NUMBER || BIO_F_BIO_ADDR_NEW
|
|
RESOLVEFUNC(BIO_meth_new)
|
|
RESOLVEFUNC(BIO_meth_free)
|
|
RESOLVEFUNC(BIO_meth_set_write)
|
|
@@ -966,7 +1048,9 @@ bool q_resolveOpenSslSymbols()
|
|
RESOLVEFUNC(OCSP_check_validity)
|
|
RESOLVEFUNC(OCSP_cert_to_id)
|
|
RESOLVEFUNC(OCSP_id_get0_info)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
RESOLVEFUNC(OCSP_resp_get0_certs)
|
|
+#endif
|
|
RESOLVEFUNC(OCSP_basic_sign)
|
|
RESOLVEFUNC(OCSP_response_create)
|
|
RESOLVEFUNC(i2d_OCSP_RESPONSE)
|
|
@@ -1003,7 +1087,9 @@ bool q_resolveOpenSslSymbols()
|
|
RESOLVEFUNC(EC_GROUP_get_degree)
|
|
#endif
|
|
RESOLVEFUNC(BN_num_bits)
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
RESOLVEFUNC(BN_is_word)
|
|
+#endif
|
|
RESOLVEFUNC(BN_mod_word)
|
|
RESOLVEFUNC(DSA_new)
|
|
RESOLVEFUNC(DSA_free)
|
|
@@ -1096,12 +1182,14 @@ bool q_resolveOpenSslSymbols()
|
|
RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
|
|
RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
|
|
RESOLVEFUNC(SSL_CTX_get_cert_store);
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
RESOLVEFUNC(SSL_CONF_CTX_new);
|
|
RESOLVEFUNC(SSL_CONF_CTX_free);
|
|
RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx);
|
|
RESOLVEFUNC(SSL_CONF_CTX_set_flags);
|
|
RESOLVEFUNC(SSL_CONF_CTX_finish);
|
|
RESOLVEFUNC(SSL_CONF_cmd);
|
|
+#endif
|
|
RESOLVEFUNC(SSL_accept)
|
|
RESOLVEFUNC(SSL_clear)
|
|
RESOLVEFUNC(SSL_connect)
|
|
@@ -1129,7 +1217,11 @@ bool q_resolveOpenSslSymbols()
|
|
RESOLVEFUNC(SSL_set_bio)
|
|
RESOLVEFUNC(SSL_set_connect_state)
|
|
RESOLVEFUNC(SSL_shutdown)
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
RESOLVEFUNC(SSL_in_init)
|
|
+#else
|
|
+ RESOLVEFUNC(SSL_state)
|
|
+#endif
|
|
RESOLVEFUNC(SSL_get_shutdown)
|
|
RESOLVEFUNC(SSL_set_session)
|
|
RESOLVEFUNC(SSL_SESSION_free)
|
|
diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
|
|
index bf165f67ad0..08caa050b2e 100644
|
|
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
|
|
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
|
|
@@ -72,6 +72,8 @@
|
|
#include "qsslsocket_openssl_p.h"
|
|
#include <QtCore/qglobal.h>
|
|
|
|
+#include <openssl/bio.h>
|
|
+
|
|
#if QT_CONFIG(ocsp)
|
|
#include "qocsp_p.h"
|
|
#endif
|
|
@@ -80,6 +82,16 @@ QT_BEGIN_NAMESPACE
|
|
|
|
#define DUMMYARG
|
|
|
|
+#ifdef LIBRESSL_VERSION_NUMBER
|
|
+typedef _STACK STACK;
|
|
+typedef STACK OPENSSL_STACK;
|
|
+typedef void OPENSSL_INIT_SETTINGS;
|
|
+typedef int (*X509_STORE_CTX_verify_cb)(int ok,X509_STORE_CTX *ctx);
|
|
+#ifndef BIO_F_BIO_ADDR_NEW
|
|
+typedef struct bio_addr_st BIO_ADDR;
|
|
+#endif
|
|
+#endif
|
|
+
|
|
#if !defined QT_LINKED_OPENSSL
|
|
// **************** Shared declarations ******************
|
|
// ret func(arg)
|
|
@@ -230,21 +242,20 @@ const unsigned char * q_ASN1_STRING_get0_data(const ASN1_STRING *x);
|
|
Q_AUTOTEST_EXPORT BIO *q_BIO_new(const BIO_METHOD *a);
|
|
Q_AUTOTEST_EXPORT const BIO_METHOD *q_BIO_s_mem();
|
|
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
int q_DSA_bits(DSA *a);
|
|
+#else
|
|
+#define q_DSA_bits(dsa) q_BN_num_bits((dsa)->p)
|
|
+#endif
|
|
void q_AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a);
|
|
int q_EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c);
|
|
Q_AUTOTEST_EXPORT int q_EVP_PKEY_up_ref(EVP_PKEY *a);
|
|
+#ifdef OPENSSL_NO_DEPRECATED_3_0
|
|
EVP_PKEY_CTX *q_EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
|
|
void q_EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
|
|
int q_EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);
|
|
+#endif // OPENSSL_NO_DEPRECATED_3_0
|
|
int q_RSA_bits(RSA *a);
|
|
-Q_AUTOTEST_EXPORT int q_OPENSSL_sk_num(OPENSSL_STACK *a);
|
|
-Q_AUTOTEST_EXPORT void q_OPENSSL_sk_pop_free(OPENSSL_STACK *a, void (*b)(void *));
|
|
-Q_AUTOTEST_EXPORT OPENSSL_STACK *q_OPENSSL_sk_new_null();
|
|
-Q_AUTOTEST_EXPORT void q_OPENSSL_sk_push(OPENSSL_STACK *st, void *data);
|
|
-Q_AUTOTEST_EXPORT void q_OPENSSL_sk_free(OPENSSL_STACK *a);
|
|
-Q_AUTOTEST_EXPORT void * q_OPENSSL_sk_value(OPENSSL_STACK *a, int b);
|
|
-int q_SSL_session_reused(SSL *a);
|
|
|
|
#if OPENSSL_VERSION_MAJOR < 3
|
|
using qssloptions = unsigned long;
|
|
@@ -252,7 +263,33 @@ using qssloptions = unsigned long;
|
|
using qssloptions = uint64_t;
|
|
#endif // OPENSSL_VERSION_MAJOR
|
|
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER)
|
|
+Q_AUTOTEST_EXPORT int q_OPENSSL_sk_num(OPENSSL_STACK *a);
|
|
+Q_AUTOTEST_EXPORT void q_OPENSSL_sk_pop_free(OPENSSL_STACK *a, void (*b)(void *));
|
|
+Q_AUTOTEST_EXPORT OPENSSL_STACK *q_OPENSSL_sk_new_null();
|
|
+Q_AUTOTEST_EXPORT void q_OPENSSL_sk_push(OPENSSL_STACK *st, void *data);
|
|
+Q_AUTOTEST_EXPORT void q_OPENSSL_sk_free(OPENSSL_STACK *a);
|
|
+Q_AUTOTEST_EXPORT void * q_OPENSSL_sk_value(OPENSSL_STACK *a, int b);
|
|
+int q_SSL_session_reused(SSL *a);
|
|
qssloptions q_SSL_CTX_set_options(SSL_CTX *ctx, qssloptions op);
|
|
+#else // LIBRESSL_VERSION_NUMBER
|
|
+int q_sk_num(STACK *a);
|
|
+#define q_OPENSSL_sk_num(a) q_sk_num(a)
|
|
+void q_sk_pop_free(STACK *a, void (*b)(void *));
|
|
+#define q_OPENSSL_sk_pop_free(a, b) q_sk_pop_free(a, b)
|
|
+STACK *q_sk_new_null();
|
|
+#define q_OPENSSL_sk_new_null() q_sk_new_null()
|
|
+void q_sk_push(STACK *st, void *data);
|
|
+#define q_OPENSSL_sk_push(st, data) q_sk_push(st, data)
|
|
+void q_sk_free(STACK *a);
|
|
+#define q_OPENSSL_sk_free q_sk_free
|
|
+void *q_sk_value(STACK *a, int b);
|
|
+#define q_OPENSSL_sk_value(a, b) q_sk_value(a, b)
|
|
+#define q_SSL_session_reused(ssl) \
|
|
+q_SSL_ctrl((ssl), SSL_CTRL_GET_SESSION_REUSED, 0, NULL)
|
|
+#define q_SSL_CTX_set_options(ctx, op) \
|
|
+q_SSL_CTX_ctrl((ctx), SSL_CTRL_OPTIONS, (op), NULL)
|
|
+#endif // LIBRESSL_VERSION_NUMBER
|
|
int q_OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings);
|
|
size_t q_SSL_get_client_random(SSL *a, unsigned char *out, size_t outlen);
|
|
size_t q_SSL_SESSION_get_master_key(const SSL_SESSION *session, unsigned char *out, size_t outlen);
|
|
@@ -278,8 +315,13 @@ int q_DH_bits(DH *dh);
|
|
# define q_SSL_load_error_strings() q_OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS \
|
|
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL)
|
|
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
#define q_SKM_sk_num(st) q_OPENSSL_sk_num((OPENSSL_STACK *)st)
|
|
#define q_SKM_sk_value(type, st,i) (type *)q_OPENSSL_sk_value((OPENSSL_STACK *)st, i)
|
|
+#else
|
|
+#define q_SKM_sk_num(st) q_sk_num((OPENSSL_STACK *)st)
|
|
+#define q_SKM_sk_value(type, st,i) (type *)q_sk_value((OPENSSL_STACK *)st, i)
|
|
+#endif // LIBRESSL_VERSION_NUMBER
|
|
|
|
#define q_OPENSSL_add_all_algorithms_conf() q_OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS \
|
|
| OPENSSL_INIT_ADD_ALL_DIGESTS \
|
|
@@ -292,7 +334,12 @@ long q_OpenSSL_version_num();
|
|
const char *q_OpenSSL_version(int type);
|
|
|
|
unsigned long q_SSL_SESSION_get_ticket_lifetime_hint(const SSL_SESSION *session);
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
unsigned long q_SSL_set_options(SSL *s, unsigned long op);
|
|
+#else
|
|
+#define q_SSL_set_options(ssl, op) \
|
|
+q_SSL_ctrl((ssl), SSL_CTRL_OPTIONS, (op), NULL)
|
|
+#endif
|
|
|
|
#ifdef TLS1_3_VERSION
|
|
int q_SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str);
|
|
@@ -381,7 +428,12 @@ BIO *q_BIO_new_mem_buf(void *a, int b);
|
|
int q_BIO_read(BIO *a, void *b, int c);
|
|
Q_AUTOTEST_EXPORT int q_BIO_write(BIO *a, const void *b, int c);
|
|
int q_BN_num_bits(const BIGNUM *a);
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
int q_BN_is_word(BIGNUM *a, BN_ULONG w);
|
|
+#else
|
|
+#define q_BN_is_word(a, w) (((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) \
|
|
+|| (((w) == 0) && ((a)->top == 0))) && (!(w) || !(a)->neg))
|
|
+#endif
|
|
BN_ULONG q_BN_mod_word(const BIGNUM *a, BN_ULONG w);
|
|
|
|
#ifndef OPENSSL_NO_EC
|
|
@@ -515,12 +567,14 @@ int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b);
|
|
int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b);
|
|
int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c);
|
|
X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a);
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
SSL_CONF_CTX *q_SSL_CONF_CTX_new();
|
|
void q_SSL_CONF_CTX_free(SSL_CONF_CTX *a);
|
|
void q_SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *a, SSL_CTX *b);
|
|
unsigned int q_SSL_CONF_CTX_set_flags(SSL_CONF_CTX *a, unsigned int b);
|
|
int q_SSL_CONF_CTX_finish(SSL_CONF_CTX *a);
|
|
int q_SSL_CONF_cmd(SSL_CONF_CTX *a, const char *b, const char *c);
|
|
+#endif
|
|
void q_SSL_free(SSL *a);
|
|
STACK_OF(SSL_CIPHER) *q_SSL_get_ciphers(const SSL *a);
|
|
const SSL_CIPHER *q_SSL_get_current_cipher(SSL *a);
|
|
@@ -536,7 +590,12 @@ void q_SSL_set_bio(SSL *a, BIO *b, BIO *c);
|
|
void q_SSL_set_accept_state(SSL *a);
|
|
void q_SSL_set_connect_state(SSL *a);
|
|
int q_SSL_shutdown(SSL *a);
|
|
+#ifndef LIBRESSL_VERSION_NUMBER
|
|
int q_SSL_in_init(const SSL *s);
|
|
+#else
|
|
+int q_SSL_state(const SSL *s);
|
|
+#define q_SSL_in_init(s) (q_SSL_state((s))&SSL_ST_INIT)
|
|
+#endif
|
|
int q_SSL_get_shutdown(const SSL *ssl);
|
|
int q_SSL_set_session(SSL *to, SSL_SESSION *session);
|
|
void q_SSL_SESSION_free(SSL_SESSION *ses);
|
|
@@ -695,9 +754,23 @@ void *q_X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
|
|
int q_SSL_get_ex_data_X509_STORE_CTX_idx();
|
|
|
|
#if QT_CONFIG(dtls)
|
|
+#ifdef DTLS_CTRL_SET_LINK_MTU
|
|
#define q_DTLS_set_link_mtu(ssl, mtu) q_SSL_ctrl((ssl), DTLS_CTRL_SET_LINK_MTU, (mtu), nullptr)
|
|
+#else
|
|
+#define q_DTLS_set_link_mtu(ssl, mtu) 0
|
|
+#endif // DTLS_CTRL_SET_LINK_MTU
|
|
+
|
|
+#ifdef DTLS_CTRL_GET_TIMEOUT
|
|
#define q_DTLSv1_get_timeout(ssl, arg) q_SSL_ctrl(ssl, DTLS_CTRL_GET_TIMEOUT, 0, arg)
|
|
+#else
|
|
+#define q_DTLSv1_get_timeout(ssl, arg) 0
|
|
+#endif // DTLS_CTRL_GET_TIMEOUT
|
|
+
|
|
+#ifdef DTLS_CTRL_HANDLE_TIMEOUT
|
|
#define q_DTLSv1_handle_timeout(ssl) q_SSL_ctrl(ssl, DTLS_CTRL_HANDLE_TIMEOUT, 0, nullptr)
|
|
+#else
|
|
+#define q_DTLSv1_handle_timeout(ssl) 0
|
|
+#endif // DTLS_CTRL_HANDLE_TIMEOUT
|
|
#endif // dtls
|
|
|
|
void q_BIO_set_flags(BIO *b, int flags);
|
|
@@ -742,7 +815,11 @@ int q_OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, ASN1_GENERALIZEDTIME *n
|
|
int q_OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd, ASN1_OCTET_STRING **pikeyHash,
|
|
ASN1_INTEGER **pserial, OCSP_CERTID *cid);
|
|
|
|
+#if !defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER >= 0x03050000fL
|
|
const STACK_OF(X509) *q_OCSP_resp_get0_certs(const OCSP_BASICRESP *bs);
|
|
+#else
|
|
+#define q_OCSP_resp_get0_certs(bs) ((bs)->certs)
|
|
+#endif
|
|
Q_AUTOTEST_EXPORT OCSP_CERTID *q_OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
|
|
Q_AUTOTEST_EXPORT void q_OCSP_CERTID_free(OCSP_CERTID *cid);
|
|
int q_OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
@@ -762,10 +839,13 @@ int q_OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
|
|
void *q_CRYPTO_malloc(size_t num, const char *file, int line);
|
|
#define q_OPENSSL_malloc(num) q_CRYPTO_malloc(num, "", 0)
|
|
void q_CRYPTO_free(void *str, const char *file, int line);
|
|
+inline void q_CRYPTO_free(void *str) { q_CRYPTO_free(str, "", 0); }
|
|
#define q_OPENSSL_free(addr) q_CRYPTO_free(addr, "", 0)
|
|
|
|
+#ifdef SSL_SECOP_PEER
|
|
int q_SSL_CTX_get_security_level(const SSL_CTX *ctx);
|
|
void q_SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
|
|
+#endif //SSL_SECOP_PEER
|
|
|
|
QT_END_NAMESPACE
|
|
|