Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 562050 | Differences between
and this patch

Collapse All | Expand All

(-)a/src/network/ssl/qsslcontext_openssl.cpp (-4 / +11 lines)
Lines 65-70 static DH *get_dh1024() Link Here
65
    return dh;
65
    return dh;
66
}
66
}
67
67
68
static bool q_enableECSetCurves() {
69
        // The ability to select elliptic curves is
70
        // present in OpenSSL 1.0.2+ but not in LibreSSL.
71
        // RFC4492 Section 5.1.1 "Supported Elliptic Curves Extension"
72
        return q_SSLeay() >= 0x10002000L && !q_LibreSSL();
73
}
74
68
QSslContext::QSslContext()
75
QSslContext::QSslContext()
69
    : ctx(0),
76
    : ctx(0),
70
    pkey(0),
77
    pkey(0),
Lines 340-348 init_context: Link Here
340
347
341
    const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves();
348
    const QVector<QSslEllipticCurve> qcurves = sslContext->sslConfiguration.ellipticCurves();
342
    if (!qcurves.isEmpty()) {
349
    if (!qcurves.isEmpty()) {
343
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
350
#if defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC)
344
        // Set the curves to be used
351
        // Set the curves to be used
345
        if (q_SSLeay() >= 0x10002000L) {
352
        if (q_enableECSetCurves()) {
346
            // SSL_CTX_ctrl wants a non-const pointer as last argument,
353
            // SSL_CTX_ctrl wants a non-const pointer as last argument,
347
            // but let's avoid a copy into a temporary array
354
            // but let's avoid a copy into a temporary array
348
            if (!q_SSL_CTX_ctrl(sslContext->ctx,
355
            if (!q_SSL_CTX_ctrl(sslContext->ctx,
Lines 354-363 init_context: Link Here
354
                return sslContext;
361
                return sslContext;
355
            }
362
            }
356
        } else
363
        } else
357
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
364
#endif // defined(SSL_CTRL_SET_CURVES) && !defined(OPENSSL_NO_EC)
358
        {
365
        {
359
            // specific curves requested, but not possible to set -> error
366
            // specific curves requested, but not possible to set -> error
360
            sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocket::tr("OpenSSL version too old, need at least v1.0.2"));
367
            sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocket::tr("This version of OpenSSL lacks support for selecting specific elliptic curves."));
361
            sslContext->errorCode = QSslError::UnspecifiedError;
368
            sslContext->errorCode = QSslError::UnspecifiedError;
362
            return sslContext;
369
            return sslContext;
363
        }
370
        }
(-)a/src/network/ssl/qsslsocket_openssl_symbols.cpp (+5 lines)
Lines 1000-1005 bool q_resolveOpenSslSymbols() Link Here
1000
#endif
1000
#endif
1001
    return true;
1001
    return true;
1002
}
1002
}
1003
1004
bool q_LibreSSL()
1005
{
1006
    return strncmp(q_SSLeay_version(SSLEAY_VERSION), "LibreSSL", 8) == 0;
1007
}
1003
#endif // !defined QT_LINKED_OPENSSL
1008
#endif // !defined QT_LINKED_OPENSSL
1004
1009
1005
//==============================================================================
1010
//==============================================================================
(-)a/src/network/ssl/qsslsocket_openssl_symbols_p.h (+1 lines)
Lines 209-214 QT_BEGIN_NAMESPACE Link Here
209
#endif // !defined QT_LINKED_OPENSSL
209
#endif // !defined QT_LINKED_OPENSSL
210
210
211
bool q_resolveOpenSslSymbols();
211
bool q_resolveOpenSslSymbols();
212
bool q_LibreSSL();
212
long q_ASN1_INTEGER_get(ASN1_INTEGER *a);
213
long q_ASN1_INTEGER_get(ASN1_INTEGER *a);
213
unsigned char * q_ASN1_STRING_data(ASN1_STRING *a);
214
unsigned char * q_ASN1_STRING_data(ASN1_STRING *a);
214
int q_ASN1_STRING_length(ASN1_STRING *a);
215
int q_ASN1_STRING_length(ASN1_STRING *a);

Return to bug 562050