2015-09-16 17:23 GMT+03:00 David Coppa <dco...@openbsd.org>: > > Hi, > > > $ minitube > QSslSocket: cannot resolve SSLv3_client_method > QSslSocket: cannot resolve SSLv3_server_method > > > The diff below fixes this, I've looked at how OPENSSL_NO_SSL2 is > handled. > > Comments? OKs?
No need to bump SHARED_LIBS. Otherwise, okay zhuk@. BTW, I have another SSL-related diff for qt4, hope to find some way to re-test it soon... > Index: Makefile > =================================================================== > RCS file: /cvs/ports/x11/qt4/Makefile,v > retrieving revision 1.128 > diff -u -p -u -p -r1.128 Makefile > --- Makefile 16 Sep 2015 07:13:02 -0000 1.128 > +++ Makefile 16 Sep 2015 14:02:49 -0000 > @@ -24,7 +24,7 @@ PKGNAME-main = qt4-${PKGVERSION} > PKGNAME-debug = qt4-debug-${PKGVERSION} > FULLPKGNAME-html = qt4-html-${PKGVERSION} > FULLPKGPATH-html = ${BASE_PKGPATH},-html > -REVISION-main = 0 > +REVISION-main = 1 > > # XXX qmake include parser is bogus > DPB_PROPERTIES = parallel nojunk > @@ -34,7 +34,7 @@ SHARED_LIBS = Qt3Support 8.0 \ > QtDesigner 7.0 \ > QtDesignerComponents 7.0 \ > QtGui 10.1 \ > - QtNetwork 10.0 \ > + QtNetwork 11.0 \ > QtOpenGL 7.0 \ > QtSql 8.0 \ > QtXml 8.0 \ > Index: patches/patch-src_network_ssl_qsslsocket_openssl_cpp > =================================================================== > RCS file: > /cvs/ports/x11/qt4/patches/patch-src_network_ssl_qsslsocket_openssl_cpp,v > retrieving revision 1.2 > diff -u -p -u -p -r1.2 patch-src_network_ssl_qsslsocket_openssl_cpp > --- patches/patch-src_network_ssl_qsslsocket_openssl_cpp 3 Jun 2015 > 07:28:01 -0000 1.2 > +++ patches/patch-src_network_ssl_qsslsocket_openssl_cpp 16 Sep 2015 > 14:02:49 -0000 > @@ -1,10 +1,16 @@ > $OpenBSD: patch-src_network_ssl_qsslsocket_openssl_cpp,v 1.2 2015/06/03 > 07:28:01 dcoppa Exp $ > Disable SSLv3 by default. > --- src/network/ssl/qsslsocket_openssl.cpp.orig Thu May 7 16:14:44 > 2015 > -+++ src/network/ssl/qsslsocket_openssl.cpp Sun May 31 13:28:29 2015 > -@@ -269,13 +269,13 @@ init_context: > ++++ src/network/ssl/qsslsocket_openssl.cpp Wed Sep 16 13:30:03 2015 > +@@ -267,15 +267,19 @@ init_context: > + #endif > + break; > case QSsl::SslV3: > ++#ifndef OPENSSL_NO_SSL3 > ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : > q_SSLv3_server_method()); > ++#else > ++ ctx = 0; // SSL 3 not supported by the system, but chosen > deliberately -> error > ++#endif > break; > - case QSsl::SecureProtocols: // SslV2 will be disabled below > - case QSsl::TlsV1SslV3: // SslV2 will be disabled below > Index: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_cpp > =================================================================== > RCS file: patches/patch-src_network_ssl_qsslsocket_openssl_symbols_cpp > diff -N patches/patch-src_network_ssl_qsslsocket_openssl_symbols_cpp > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-src_network_ssl_qsslsocket_openssl_symbols_cpp 16 > Sep 2015 14:02:49 -0000 > @@ -0,0 +1,39 @@ > +$OpenBSD$ > +--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig Wed Sep 16 > 13:27:39 2015 > ++++ src/network/ssl/qsslsocket_openssl_symbols.cpp Wed Sep 16 13:33:06 > 2015 > +@@ -228,13 +228,17 @@ DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, re > + #ifndef OPENSSL_NO_SSL2 > + DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, > return 0, return) > + #endif > ++#ifndef OPENSSL_NO_SSL3 > + DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, > return 0, return) > ++#endif > + DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, > return 0, return) > + DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, > return 0, return) > + #ifndef OPENSSL_NO_SSL2 > + DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, > return 0, return) > + #endif > ++#ifndef OPENSSL_NO_SSL3 > + DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, > return 0, return) > ++#endif > + DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, > return 0, return) > + DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, > return 0, return) > + #else > +@@ -822,13 +826,17 @@ bool q_resolveOpenSslSymbols() > + #ifndef OPENSSL_NO_SSL2 > + RESOLVEFUNC(SSLv2_client_method) > + #endif > ++#ifndef OPENSSL_NO_SSL3 > + RESOLVEFUNC(SSLv3_client_method) > ++#endif > + RESOLVEFUNC(SSLv23_client_method) > + RESOLVEFUNC(TLSv1_client_method) > + #ifndef OPENSSL_NO_SSL2 > + RESOLVEFUNC(SSLv2_server_method) > + #endif > ++#ifndef OPENSSL_NO_SSL3 > + RESOLVEFUNC(SSLv3_server_method) > ++#endif > + RESOLVEFUNC(SSLv23_server_method) > + RESOLVEFUNC(TLSv1_server_method) > + RESOLVEFUNC(X509_NAME_entry_count) > -- WBR, Vadim Zhukov