Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 562050 - dev-qt/qtnetwork add libressl support
Summary: dev-qt/qtnetwork add libressl support
Status: IN_PROGRESS
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal with 6 votes (vote)
Assignee: Qt Bug Alias
URL:
Whiteboard:
Keywords:
: 592710 597096 615432 625944 635854 671414 (view as bug list)
Depends on:
Blocks: libressl-support 668218
  Show dependency tree
 
Reported: 2015-10-02 15:42 UTC by Julian Ospald
Modified: 2019-10-05 14:00 UTC (History)
22 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
0001-dev-qt-qtnetwork-add-libressl-support.patch (0001-dev-qt-qtnetwork-add-libressl-support.patch,1.80 KB, patch)
2015-10-02 15:42 UTC, Julian Ospald
Details | Diff
qtnetwork-5.4.2-r1.ebuild.diff (qtnetwork-5.4.2-r1.ebuild.diff,728 bytes, patch)
2015-10-02 15:42 UTC, Julian Ospald
Details | Diff
0001-Fix-compilation-with-libressl.patch (0001-Fix-compilation-with-libressl.patch,1.59 KB, patch)
2015-10-09 23:17 UTC, Julian Ospald
Details | Diff
qtnetwork-5.7.0_alpha-build.log (build.log,123.70 KB, text/plain)
2016-03-16 02:37 UTC, jospezial
Details
Patch to fix building with LibreSSL from Code Review. (qtnetwork-5.6-libressl.patch,2.96 KB, patch)
2016-04-13 05:32 UTC, Aric Belsito
Details | Diff
5.7 Patch (qtnetwork-5.7-libressl.patch,4.93 KB, patch)
2016-04-13 05:33 UTC, Aric Belsito
Details | Diff
Patch for latest 5.7.9999 config.tests/unix/openssl/openssl.cpp (libressl_openssl_cpp_remove_test.patch,514 bytes, patch)
2016-06-17 22:20 UTC, jospezial
Details | Diff
Patch for latest 5.7.9999 (libressl.patch,1.23 KB, patch)
2017-02-02 21:16 UTC, jospezial
Details | Diff
qtnetwork-5.9.2.ebuild (qtnetwork-5.9.2.ebuild,1.21 KB, text/plain)
2017-11-05 19:32 UTC, maurerpe
Details
qt-5.10.0_beta3-libressl.tar.gz (doesn't work yet) (qt-5.10.0_beta3-libressl.tar.gz,11.99 KB, application/gzip)
2017-11-05 21:58 UTC, maurerpe
Details
qt-5.10.0_beta3-libressl.tar.gz (compiles) (qt-5.10.0_beta3-libressl.tar.gz,12.42 KB, application/gzip)
2017-11-06 05:49 UTC, maurerpe
Details
qt-5.10.0_beta3-libressl.tar.gz (compiles) (qt-5.10.0_beta3-libressl.tar.gz,12.42 KB, application/gzip)
2017-11-06 06:21 UTC, maurerpe
Details
my patch to compile dev-qt/qtnetwork-5.11.9999::qt against dev-libs/libressl-2.7.2 (qtnetwork-5.11-libressl-2.7.patch,2.88 KB, patch)
2018-05-05 06:18 UTC, jospezial
Details | Diff
Failed build after applying patch from https://github.com/gentoo/libressl/ (qtnetwork_build.log,226.57 KB, text/x-log)
2018-11-08 19:58 UTC, Simeon Simeonov
Details
emerge --info qtnetwork (qtnetwork_emerge_info.log,5.85 KB, text/x-log)
2018-11-08 20:00 UTC, Simeon Simeonov
Details
Patch to buil;d qtnetwork-5.11.2 against libressl 2.6.5 (qtnetwork-5.11.2-libressl.patch,3.09 KB, patch)
2018-11-19 21:05 UTC, Sasha Sokolov
Details | Diff
my patch to compile dev-qt/qtnetwork-5.12.9999::qt against dev-libs/libressl-2.9.0 (qtnetwork-5.12-libressl-2.9.patch,4.69 KB, patch)
2018-12-22 03:14 UTC, jospezial
Details | Diff
my patch to compile dev-qt/qtnetwork-5.13.9999::qt against dev-libs/libressl-2.9.2 (qtnetwork-5.13-libressl-2.9.patch,5.34 KB, patch)
2019-06-22 05:55 UTC, jospezial
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Julian Ospald 2015-10-02 15:42:29 UTC
Created attachment 413512 [details, diff]
0001-dev-qt-qtnetwork-add-libressl-support.patch

.
Comment 1 Julian Ospald 2015-10-02 15:42:50 UTC
Created attachment 413514 [details, diff]
qtnetwork-5.4.2-r1.ebuild.diff

adding diff for easier readability
Comment 2 Pablo Cholaky 2015-10-09 15:42:55 UTC
Using libressl-2.2.3 with openssl dummy ebuild from libressl overlay:


x86_64-pc-linux-gnu-g++ -c -O2 -pipe -fvisibility=hidden -fvisibility-inlines-hidden -std=c++0x -fno-exceptions -Wall -W -D_REENTRANT -fPIC -DQT_NO_MTDEV -DQT_NO_EVDEV -DQT_NO_TSLIB -DQT_NO_LIBINPUT -DQT_NO_USING_NAMESPACE -DQT_BUILD_NETWORK_LIB -DQT_BUILDING_QT -DQT_NO_CAST_TO_ASCII -DQT_ASCII_CAST_WARNINGS -DQT_MOC_COMPAT -DQT_USE_QSTRINGBUILDER -DQT_DEPRECATED_WARNINGS -DQT_DISABLE_DEPRECATED_BEFORE=0x050000 -DQT_NO_EXCEPTIONS -D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_CORE_LIB -I. -I../../include -I../../include/QtNetwork -I../../include/QtNetwork/5.5.0 -I../../include/QtNetwork/5.5.0/QtNetwork -Ikernel -isystem /usr/include/qt5/QtCore/5.5.0 -isystem /usr/include/qt5/QtCore/5.5.0/QtCore -isystem /usr/include/qt5 -isystem /usr/include/qt5/QtCore -I.moc -I../../mkspecs/linux-g++ -o .obj/qsslellipticcurve_openssl.o ssl/qsslellipticcurve_openssl.cpp
ssl/qsslcontext_openssl.cpp: In static member function ‘static QSslContext* QSslContext::fromConfiguration(QSslSocket::SslMode, const QSslConfiguration&, bool)’:
ssl/qsslcontext_openssl.cpp:347:33: error: ‘SSL_CTRL_SET_CURVES’ was not declared in this scope
                                 SSL_CTRL_SET_CURVES,
                                 ^
Makefile:20537: recipe for target '.obj/qsslcontext_openssl.o' failed
make: *** [.obj/qsslcontext_openssl.o] Error 1
make: *** Waiting for unfinished jobs....
 * ERROR: dev-qt/qtnetwork-5.5.0::qt failed (compile phase):
Comment 3 Julian Ospald 2015-10-09 15:58:25 UTC
interesting, could you create a new bug with complete info (build log, USE flags and so on) and make it block this bug?
Comment 4 Julian Ospald 2015-10-09 23:05:40 UTC
yes, it seems this is a regression in 5.5.0, but 5.4.2 works, see

https://bugreports.qt.io/browse/QTBUG-46292
https://github.com/libressl-portable/openbsd/issues/33
Comment 5 Julian Ospald 2015-10-09 23:17:22 UTC
Created attachment 414236 [details, diff]
0001-Fix-compilation-with-libressl.patch
Comment 6 Julian Ospald 2015-10-09 23:24:35 UTC
Can you test this patch? Especially runtime.
Comment 7 James L. Hammons 2015-11-07 14:34:11 UTC
Can confirm that both patches work on x86_64; at least it allows it to build. I don't know how to test the runtime behaviour, as I don't use this Qt module in my projects. FWIW.
Comment 8 Marek Behun 2015-11-10 13:23:27 UTC
(In reply to Julian Ospald (hasufell) from comment #5)
> Created attachment 414236 [details, diff] [details, diff]
> 0001-Fix-compilation-with-libressl.patch

Did you also send this patch upstream?

(In reply to Julian Ospald (hasufell) from comment #4)
> yes, it seems this is a regression in 5.5.0, but 5.4.2 works, see
> 
> https://bugreports.qt.io/browse/QTBUG-46292
> https://github.com/libressl-portable/openbsd/issues/33

If 5.4.2 works, why not patch the ebuild for 5.4.2 so that it has the libressl flag?
Comment 9 Michael Palimaka (kensington) gentoo-dev 2015-11-10 13:24:36 UTC
(In reply to Marek Behun from comment #8)
> (In reply to Julian Ospald (hasufell) from comment #5)
> > Created attachment 414236 [details, diff] [details, diff] [details, diff]
> > 0001-Fix-compilation-with-libressl.patch
> 
> Did you also send this patch upstream?
> 
> (In reply to Julian Ospald (hasufell) from comment #4)
> > yes, it seems this is a regression in 5.5.0, but 5.4.2 works, see
> > 
> > https://bugreports.qt.io/browse/QTBUG-46292
> > https://github.com/libressl-portable/openbsd/issues/33
> 
> If 5.4.2 works, why not patch the ebuild for 5.4.2 so that it has the
> libressl flag?

5.4.2 won't be around forever. Better to get it fixed properly for a permanent fix.
Comment 10 Ulenrich 2015-12-18 12:05:17 UTC
It compiles fine with dev-qt/qtnetwork-5.5.1

If you want to upgrade libresslified 
Kde4 to kde5
you will need this two patches: 
ebuild patch adding the libressl flag and the compile patch
Comment 11 jospezial 2016-01-06 20:24:25 UTC
dev-qt/qtnetwork-5.6.0_beta still does not compile without that compilation patch.
Comment 12 maurerpe 2016-02-21 20:07:55 UTC
I can confirm this issue still exists and the patch still needed (and works) with libressl-2.3.2-r1 (and qtnetwork-5.5.1)

I have been running the patch for a couple of months without issue.

Upstream Qt has declared this WONTFIX.  (Ref: https://bugreports.qt.io/browse/QTBUG-46292 )  Yet it affects nearly every gentoo libressl user (who doesn't have at least one qt application installed?).
Comment 13 Michael Palimaka (kensington) gentoo-dev 2016-02-22 12:28:48 UTC
The patch needs to go to http://codereview.qt-project.org/ if it is to have any chance of being accepted.
Comment 14 timofonic 2016-03-03 10:50:18 UTC
Any news about merging this patch?
Comment 15 Michael Palimaka (kensington) gentoo-dev 2016-03-03 15:18:06 UTC
(In reply to timofonic from comment #14)
> Any news about merging this patch?

It needs to go upstream to http://codereview.qt-project.org/ .
Comment 16 jospezial 2016-03-12 06:19:47 UTC
It looks as there has to be SSL_CTRL_GET_SERVER_TMP_KEY added to the patch? 

ssl/qsslsocket_openssl.cpp: In member function ‘virtual void QSslSocketBackendPrivate::continueHandshake()’:
ssl/qsslsocket_openssl.cpp:1581:31: error: ‘SSL_CTRL_GET_SERVER_TMP_KEY’ was not declared in this scope
         if (q_SSL_get_server_tmp_key(ssl, &key))
                               ^
Makefile:19892: recipe for target '.obj/qsslsocket_openssl.o' failed
make: *** [.obj/qsslsocket_openssl.o] Error 1

dev-qt/qtnetwork-5.7.0_alpha
Comment 17 jospezial 2016-03-16 02:37:00 UTC
Created attachment 428320 [details]
qtnetwork-5.7.0_alpha-build.log

Could somebody help me to modify the patch to workaround the new error in dev-qt/qtnetwork-5.7.0_alpha ?
The old patch does only help against the old error.

x86_64-pc-linux-gnu-g++ -c -march=native -O2 -pipe -std=c++1z -fvisibility=hidden -fvisibility-inlines-hidden -fno-exceptions -Wall -W -Wvla -Wdate-time -D_REENTRANT -fPIC -DQT_NO_MTDEV -DQT_NO_EVDEV -DQT_NO_TSLIB -DQT_NO_LIBINPUT -DQT_NO_USING_NAMESPACE -DQT_BUILD_NETWORK_LIB -DQT_BUILDING_QT -DQT_NO_CAST_TO_ASCII -DQT_ASCII_CAST_WARNINGS -DQT_MOC_COMPAT -DQT_USE_QSTRINGBUILDER -DQT_DEPRECATED_WARNINGS -DQT_DISABLE_DEPRECATED_BEFORE=0x050000 -DQT_NO_EXCEPTIONS -D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_CORE_LIB -I. -I../../include -I../../include/QtNetwork -I../../include/QtNetwork/5.7.0 -I../../include/QtNetwork/5.7.0/QtNetwork -Ikernel -isystem /usr/include/qt5/QtCore/5.7.0 -isystem /usr/include/qt5/QtCore/5.7.0/QtCore -isystem /usr/include/qt5 -isystem /usr/include/qt5/QtCore -I.moc -I../../mkspecs/linux-g++ -o .obj/qsslsocket_openssl.o ssl/qsslsocket_openssl.cpp
In file included from ssl/qsslsocket_openssl.cpp:61:0:
ssl/qsslsocket_openssl.cpp: In member function ‘virtual void QSslSocketBackendPrivate::continueHandshake()’:
ssl/qsslsocket_openssl_symbols_p.h:493:62: error: ‘SSL_CTRL_GET_SERVER_TMP_KEY’ was not declared in this scope
 #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key)
                                                              ^
ssl/qsslsocket_openssl.cpp:1581:13: note: in expansion of macro ‘q_SSL_get_server_tmp_key’
         if (q_SSL_get_server_tmp_key(ssl, &key))
             ^
Makefile:19864: recipe for target '.obj/qsslsocket_openssl.o' failed


=================================================================
                        Package Settings
=================================================================

dev-libs/libressl-2.2.6::gentoo was built with the following:
USE="asm -static-libs" ABI_X86="32 64 -x32"
Comment 18 jospezial 2016-03-18 19:30:43 UTC
This is the part in qsslsocket_openssl.cpp of dev-qt/qtnetwork-5.7.0_alpha

#if OPENSSL_VERSION_NUMBER >= 0x10002000L
    if (q_SSLeay() >= 0x10002000L && mode == QSslSocket::SslClientMode) {
        EVP_PKEY *key;
        if (q_SSL_get_server_tmp_key(ssl, &key))
            configuration.ephemeralServerKey = QSslKey(key, QSsl::PublicKey);
    }
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...

I think I have to change 

#if OPENSSL_VERSION_NUMBER >= 0x10002000L

to

#if OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(q_SSL_get_server_tmp_key(ssl, &key))


or this better?:

#if OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(q_SSL_get_server_tmp_key)
or
#if OPENSSL_VERSION_NUMBER >= 0x10002000L && defined(SSL_get_server_tmp_key)

I could remove that part and it should work for libressl.
But then openssl users will have limited features?
Comment 19 Aric Belsito 2016-04-06 23:25:45 UTC
@jospezial

It's probably a better idea to remove the check for OPENSSL_VERSION_NUMBER and instead check:

defined(SSL_CTRL_GET_SERVER_TMP_KEY)

I'm trying to get the first patch upstreamed right now, going to see if I can get that upstreamed into 5.7.0/5.8.0 as well.
https://codereview.qt-project.org/#/c/154800/
Comment 20 Aric Belsito 2016-04-13 05:32:09 UTC
Created attachment 430294 [details, diff]
Patch to fix building with LibreSSL from Code Review.

It doesn't appear that the QT project is interested in maintaining LibreSSL support as ifdef cases in the OpenSSL backend, because they are planning to drop everything below 1.1.0 soon.

Attached is a patch that probably would've been otherwise merged.
Comment 21 Aric Belsito 2016-04-13 05:33:05 UTC
Created attachment 430296 [details, diff]
5.7 Patch

Here's the patch updated for 5.7
Comment 22 Michael Palimaka (kensington) gentoo-dev 2016-04-14 15:54:50 UTC
Thanks a lot for taking the time to follow up with upstream.

Since upstream appears to be rejecting the patch, I don't think think it's a good idea that we carry it downstream.
Comment 23 Aric Belsito 2016-04-14 22:34:16 UTC
(In reply to Michael Palimaka (kensington) from comment #22)
> Since upstream appears to be rejecting the patch, I don't think think it's a
> good idea that we carry it downstream.

Agreed. Soon the patch would be *very* large.

If I get the go-ahead from upstream, I'll try to create a new LibreSSL backend.

Hopefully we don't have to force openssl usage for qt..
Comment 24 Aric Belsito 2016-04-23 20:17:03 UTC
Just so everyone gets an update on this, a new backend is in order.

One day it might even use libtls instead of libcrypto+libssl. :)
Comment 25 jospezial 2016-06-09 00:26:07 UTC
new regression in latest 5.7.9999

checking for OpenSSL... 
g++ -c -pipe -O2 -Wall -W -fPIC  -I../../../../qtnetwork-5.7.9999/config.tests/unix/openssl -I. -I../../../../qtnetwork-5.7.9999/mkspecs/linux-g++ -o openssl.o ../../../../qtnetwork-5.7.9999/config.tests/unix/openssl/openssl.cpp
../../../../qtnetwork-5.7.9999/config.tests/unix/openssl/openssl.cpp:49:4: error: #error "OpenSSL was reported as >= 1.0.2 but is missing required features, possibly it's libressl which is unsupported"
 #  error "OpenSSL was reported as >= 1.0.2 but is missing required features, possibly it's libressl which is unsupported"
    ^
gmake: *** [Makefile:177: openssl.o] Error 1
OpenSSL disabled.
OpenSSL support cannot be enabled due to functionality tests!
 Turn on verbose messaging (-v) to /var/tmp/portage/dev-qt/qtnetwork-5.7.9999/work/qtnetwork-5.7.9999/configure to see the final report.
 If you believe this message is in error you may use the continue
 switch (-continue) to /var/tmp/portage/dev-qt/qtnetwork-5.7.9999/work/qtnetwork-5.7.9999/configure to continue.
 * ERROR: dev-qt/qtnetwork-5.7.9999::qt failed (configure phase):
 *   configure failed
Comment 26 jospezial 2016-06-09 00:45:50 UTC
http://code.qt.io/cgit/qt/qtbase.git/commit/?h=5.7&id=8c7d6b94d5e1e28c0352c5ae6ac52d4d1ea9b681
"Detect if the 'openssl' is really libressl at configure time.
Qt does not support libressl which reports itself as openssl but uses
a high version number. This means that we expect it to have features
that it doesn't and will fail to build. Instead detect this situation
at configure time and disable the ssl support.
"
Comment 27 jospezial 2016-06-17 22:20:57 UTC
Created attachment 437876 [details, diff]
Patch for latest 5.7.9999 config.tests/unix/openssl/openssl.cpp

This reverts
http://code.qt.io/cgit/qt/qtbase.git/commit/?h=5.7&id=8c7d6b94d5e1e28c0352c5ae6ac52d4d1ea9b681
Comment 28 jospezial 2016-06-17 22:23:31 UTC
(In reply to Aric Belsito from comment #24)
> Just so everyone gets an update on this, a new backend is in order.
> 
> One day it might even use libtls instead of libcrypto+libssl. :)

Any news about the new libressl backend? Is there work in progress, we can see?
Comment 29 Davide Pesavento gentoo-dev 2016-06-17 23:15:03 UTC
(In reply to jospezial from comment #25)
> new regression in latest 5.7.9999

Not a regression... libressl has never been supported.


Upstream has made it clear that they do not intend to make/keep the openssl backend compatible with libressl, so I will not apply any downstream patch that does that.
The only solution I see here is that someone writes a libressl backend for qtnetwork and gets it merged upstream.
Comment 30 James L. Hammons 2016-07-21 12:19:40 UTC
Bug #561854 lists this bug as one of its dependencies, and since this bug is *not* resolved, please don't close it as RESOLVED CANTFIX as there's no way to know on that bug if it's been fixed or not (radio silence is being enforced there).

"The only solution I see here is that someone writes a libressl backend for qtnetwork and gets it merged upstream."

Until that happens, this bug should remain open so it can be properly tracked in bug #561854.
Comment 31 Michael Palimaka (kensington) gentoo-dev 2016-09-03 19:22:35 UTC
*** Bug 592710 has been marked as a duplicate of this bug. ***
Comment 32 Davide Pesavento gentoo-dev 2016-10-14 13:07:21 UTC
*** Bug 597096 has been marked as a duplicate of this bug. ***
Comment 33 jospezial 2017-02-02 21:16:19 UTC
Created attachment 462288 [details, diff]
Patch for latest 5.7.9999

This seems to be the only patch needed for
dev-qt/qtnetwork-5.7.9999 with dev-libs/libressl-2.5.1
Comment 34 Arfrever Frehtes Taifersar Arahesis 2017-04-13 13:12:19 UTC
*** Bug 615432 has been marked as a duplicate of this bug. ***
Comment 35 Michael Palimaka (kensington) gentoo-dev 2017-07-22 15:15:35 UTC
*** Bug 625944 has been marked as a duplicate of this bug. ***
Comment 36 jospezial 2017-08-31 18:56:15 UTC
This breaks all our patches in QT5.10:
http://code.qt.io/cgit/qt/qtbase.git/commit/?h=5.10&id=cfbe03a6e035ab3cce5f04962cddd06bd414dcea

"QSslSocket: OpenSSL 1.1 backend
This patch-set implements a new QSslSocket backend based on OpenSSL 1.1."

So where is the libressl combatible backend?
Comment 37 jospezial 2017-09-09 13:43:31 UTC
dev-qt/qtnetwork-5.9.9999::qt successfully built against dev-libs/libressl-2.6.1

Will test qt-5.10 again.
Comment 38 jospezial 2017-09-09 13:45:14 UTC
(In reply to jospezial from comment #37)
> dev-qt/qtnetwork-5.9.9999::qt successfully built against
> dev-libs/libressl-2.6.1

without libressl specific patches.
Comment 39 jospezial 2017-09-09 14:21:48 UTC
does not work with dev-qt/qtnetwork-5.10.9999

In file included from /var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl_symbols_p.h:220:0,
                 from /var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslcertificate.cpp:116:
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:87:22: error: ‘OPENSSL_STACK’ was not declared in this scope
 int q_OPENSSL_sk_num(OPENSSL_STACK *a);
                      ^~~~~~~~~~~~~
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:87:22: note: suggested alternative: ‘OPENSSL_BLOCK’
 int q_OPENSSL_sk_num(OPENSSL_STACK *a);
                      ^~~~~~~~~~~~~
                      OPENSSL_BLOCK
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:87:37: error: ‘a’ was not declared in this scope
 int q_OPENSSL_sk_num(OPENSSL_STACK *a);
                                     ^
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:88:28: error: variable or field ‘q_OPENSSL_sk_pop_free’ declared void
 void q_OPENSSL_sk_pop_free(OPENSSL_STACK *a, void (*b)(void *));
                            ^~~~~~~~~~~~~
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:88:28: error: ‘OPENSSL_STACK’ was not declared in this scope
/var/tmp/portage/dev-qt/qtnetwork-5.10.9999/work/qtnetwork-5.10.9999/src/network/ssl/qsslsocket_openssl11_symbols_p.h:88:28: note: suggested alternative: ‘OPENSSL_BLOCK’
 void q_OPENSSL_sk_pop_free(OPENSSL_STACK *a, void (*b)(void *));
                            ^~~~~~~~~~~~~
                            OPENSSL_BLOCK


all in
http://code.qt.io/cgit/qt/qtbase.git/commit/?h=dev&id=cfbe03a6e035ab3cce5f04962cddd06bd414dcea
depends on OPENSSL_STACK
Comment 40 stephane.goujet 2017-09-11 15:11:21 UTC
(In reply to jospezial from comment #39)
> does not work with dev-qt/qtnetwork-5.10.9999

> all in
> http://code.qt.io/cgit/qt/qtbase.git/commit/
> ?h=dev&id=cfbe03a6e035ab3cce5f04962cddd06bd414dcea
> depends on OPENSSL_STACK

Thats's because it tries to use its OpenSSL 1.1 backend (OPENSSL_STACK is just a typedef that exists in 1.1 but not in 1.0). You should be able to tell qtnetwork "configure" not to use it, with something like "-no-opensslv11", it should fall back to its OpenSSL 1.0 backend.

Can you try to modify the ebuild this way and see if it works?
Comment 41 jospezial 2017-09-14 21:28:25 UTC
https://bugs.gentoo.org/show_bug.cgi?id=625944
is a duplicate of this bug

This bug here should be reopened. As "in progress"?
Comment 42 Davide Pesavento gentoo-dev 2017-11-05 17:17:25 UTC
*** Bug 625944 has been marked as a duplicate of this bug. ***
Comment 43 Davide Pesavento gentoo-dev 2017-11-05 17:17:53 UTC
*** Bug 635854 has been marked as a duplicate of this bug. ***
Comment 44 Davide Pesavento gentoo-dev 2017-11-05 17:19:51 UTC
Reopening. It seems the situation got better in 5.9 and later, combined with a recent libressl (>= 2.6? please confirm).
Comment 45 Arfrever Frehtes Taifersar Arahesis 2017-11-05 19:19:09 UTC
(In reply to Davide Pesavento from comment #44)
> It seems the situation got better in 5.9 and later

Comment #39 suggests that situation is bad again in 5.10.
Comment 46 Davide Pesavento gentoo-dev 2017-11-05 19:23:58 UTC
And comment #40 has a solution (untested, but I'm optimistic)
Comment 47 maurerpe 2017-11-05 19:29:46 UTC
I can confirm that dev-libs/libressl-2.6.2 works with dev-qt/qtnetwork-5.9.2 without a patch.  All that is needed is to add a libressl use flag and conditionally depend on dev-libs/libressl.

I fully expect that qtnetwork-5.7.1 and qtnetwork-5.6.2 both require a patch to compile, even with the latest libressl.  I attempted to confirm this, but it looks like I would need to downgrade my entire qt install to test it.
Comment 48 maurerpe 2017-11-05 19:32:37 UTC
Created attachment 502750 [details]
qtnetwork-5.9.2.ebuild

Working ebuild for dev-qt/qtnetwork-5.9.2.  No patches required.  Also in the libressl overlay: https://github.com/gentoo/libressl/
Comment 49 maurerpe 2017-11-05 21:51:49 UTC
I attempted to compile qtnetwork-5.10.  It has not been released from upstream yet.  The latest development version is 5.10.0_beta3.  I did not find ebuilds for this in the qt overlay, only 5.10.9999.  I don't like to use *.9999 builds because they are not reproducible from one day to the next.  One person can get one result and another person on another day can get a completely different result.

To compile qtnetwork, you also need the corresponding version of qtcore

I, therefore, created my own ebuild for dev-qt/qtcore-5.10.0_beta3 and was surprised to discover that neither portage qt5-build.eclass nor the qt overlay qt5-build.eclass was capable of constructing the correct SRC_URI.  Apparently, upstream changed some of their naming convention for version 5.10.  Has nobody on the QT team tried any of alpha, beta1, beta2, or beta3 on any qt 5.10 packages?  They all use the same code, so it is broken for all of them.  Their hesitation to fix 5.9.2 for libressl support due to possible breakage in 5.10 made me think that 5.10 was emanate and otherwise tested, but this clearly isn't the case.

I updated the eclass to fix this issue for the development releases and was able to download compile and install qtcore-5.10.0_beta3 without issue.

Next came qtnetwork-5.10.0_beta3.  I created an ebuild based the qtnetwork-5.10.9999 ebuild in the qt overlay.  At first I tried the minimum change: add libressl use flag and conditionally depend on libresl.  No changes to configure options, no patches.  This build failed, as expected based on comments #39 and #40 above.  The errors included several refferences to a missing OPENSSL_STACK.

Next, I tried the suggestion from comment #40 and added:
		$(usex libressl -no-opensslv11 '')
to the myconf array.  This wouldn't even configure, giving the error:
ERROR: Unknown command line option '-no-opensslv11'
Likewise,
		$(usex libressl -no-openssl11 '')
(omitting the 'v') gave a similar error.

I dug into it and found that ${S}/config.tests/unix/openssl11/openssl.cpp contained a configure test that checked
#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER-0 < 0x10100000L
Libressl fails this check (meaning the openssl v1.1 code should be used) because it defines OPENSSL_VERSION_NUMBER as 0x20000000L in /usr/include/openssl/opensslv.h  I modified the test to be:
#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER-0 < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
so that libressl will fail and configure will fall back to openssl 1.0 code.

I really hoped that this was the winner and everything would work fine, but it still didn't compile.  I got the following error:
.obj/qssldiffiehellmanparameters_openssl.o:qssldiffiehellmanparameters_openssl.cpp:function isSafeDH(dh_st*): error: undefined reference to 'q_BN_is_word(bignum_st*, unsigned long)'
collect2: error: ld returned 1 exit status
This error at first glance appears to be qt upstream's fault since libressl clearly defines BN_is_word in /usr/include/openssl/bn.h and the q_ prefix usually means a qt specific version of a function.

I will look into this further, but this comment is long enough for now.
Comment 50 maurerpe 2017-11-05 21:58:26 UTC
Created attachment 502766 [details]
qt-5.10.0_beta3-libressl.tar.gz (doesn't work yet)

Here are all the ebuilds, eclasses and patches for my attempt in the previous post.
Comment 51 maurerpe 2017-11-06 05:47:51 UTC
Ok.  I figured it out.  Qt 5.10 performs a configure test to determine if the openssl version is 1.1 or greater.  The code then uses
#if QT_CONFIG(opensslv11)
to test for this.

However, there are 3 places in the code where
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
is used instead.  Two are in src/network/ssl/qsslsocket_openssl_symbols_p.h and one is in src/network/ssl/qsslsocket_openssl_symbols.cpp.

The fix is to patch these three the QT_CONFIG style.  After that everything compiled fine.
Comment 52 maurerpe 2017-11-06 05:49:30 UTC
Created attachment 502770 [details]
qt-5.10.0_beta3-libressl.tar.gz (compiles)

Files that allow qtnetwork-5.10.0_beta3 to compile against libressl.
Comment 53 maurerpe 2017-11-06 06:16:57 UTC
I have opened bug 636680 to track the issue with qt5-build.eclass for qt 5.10 since it is an unrelated issue.
Comment 54 maurerpe 2017-11-06 06:21:28 UTC
Created attachment 502778 [details]
qt-5.10.0_beta3-libressl.tar.gz (compiles)

Oops.  Forgot to run repoman before I posted.  There was an unquoted variable in the qtnetwork ebuild that is now fixed.
Comment 55 jy6x2b32pie9 2017-11-26 16:40:06 UTC
qtnetwork-5.9.3 doesn't support libreoffice.
Comment 56 jy6x2b32pie9 2017-11-26 17:07:30 UTC
(In reply to jy6x2b32pie9 from comment #55)
> qtnetwork-5.9.3 doesn't support libreoffice.

One needs to think about what one writes, I sorry.

Doesn't support libressl, of course. Brute copy of qtnetwork-5.9.2.ebuild from libressl overlay into local qtnetwork-5.9.3.ebuild looks like it works. At least, it passes everything with FEATURES="test" enabled.
Comment 57 Larry the Git Cow gentoo-dev 2018-02-10 02:49:59 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/proj/qt.git/commit/?id=1badf7a1bca143d3819cb076932a7d33778aaf79

commit 1badf7a1bca143d3819cb076932a7d33778aaf79
Author:     Michael Palimaka <kensington@gentoo.org>
AuthorDate: 2018-02-10 02:49:08 +0000
Commit:     Michael Palimaka <kensington@gentoo.org>
CommitDate: 2018-02-10 02:49:45 +0000

    dev-qt/qtnetwork: introduce libressl support
    
    This commit deliberately only targets 5.9.9999 until I can complete testing on
    later versions.
    
    Bug: https://bugs.gentoo.org/562050
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 dev-qt/qtnetwork/qtnetwork-5.9.9999.ebuild | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)}
Comment 58 Larry the Git Cow gentoo-dev 2018-02-10 02:50:28 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a18e99a64734c9970ae93f101990a28fb44bcae1

commit a18e99a64734c9970ae93f101990a28fb44bcae1
Author:     Michael Palimaka <kensington@gentoo.org>
AuthorDate: 2018-02-10 02:50:07 +0000
Commit:     Michael Palimaka <kensington@gentoo.org>
CommitDate: 2018-02-10 02:50:18 +0000

    dev-qt/qtnetwork: introduce libressl support
    
    Bug: https://bugs.gentoo.org/562050
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 dev-qt/qtnetwork/qtnetwork-5.9.4.ebuild | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)}
Comment 59 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-04-21 00:30:54 UTC
qtnetwork-5.9.4 builds and runs fine against dev-libs/libressl-{2.6.4, 2.7.2}
Comment 60 jospezial 2018-04-27 16:51:40 UTC
https://gitweb.gentoo.org/proj/kde.git/commit/?id=1a0a9c1107bb12ec33987093e44aef4952f91716
"kde5-functions.eclass: Raise QT_MINIMAL to 5.10.1 for kde-plasma live"

So what are your patches for qt 5.10 and 5.11 ?

RIP qt-5.9!
Comment 61 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-04-28 02:01:47 UTC
(In reply to jospezial from comment #60)
> https://gitweb.gentoo.org/proj/kde.git/commit/
> ?id=1a0a9c1107bb12ec33987093e44aef4952f91716
> "kde5-functions.eclass: Raise QT_MINIMAL to 5.10.1 for kde-plasma live"
> 
> So what are your patches for qt 5.10 and 5.11 ?
> 
> RIP qt-5.9!

You didn't bring any patches?
Comment 62 jospezial 2018-05-01 08:10:08 UTC
(In reply to maurerpe from comment #54)
> Created attachment 502778 [details]
> qt-5.10.0_beta3-libressl.tar.gz (compiles)
> 
> Oops.  Forgot to run repoman before I posted.  There was an unquoted
> variable in the qtnetwork ebuild that is now fixed.

That patch still works with dev-qt/qtnetwork-5.10.1 and dev-libs/libressl-2.7.2

Will test qt-5.11 later.
Comment 63 jospezial 2018-05-05 06:18:45 UTC
Created attachment 529810 [details, diff]
my patch to compile dev-qt/qtnetwork-5.11.9999::qt against dev-libs/libressl-2.7.2
Comment 64 Pablo Cholaky 2018-07-04 16:28:41 UTC
(In reply to jospezial from comment #63)
> Created attachment 529810 [details, diff] [details, diff]
> my patch to compile dev-qt/qtnetwork-5.11.9999::qt against
> dev-libs/libressl-2.7.2

Can confirm that patch working for qtnetwork-5.11
Comment 65 jospezial 2018-08-19 09:37:11 UTC
With my patch and dev-libs/libressl-2.8.0


x86_64-pc-linux-gnu-g++ -c -march=native -O2 -pipe -std=c++1z -fvisibility=hidden -fvisibility-inlines-hidden -fno-exceptions -Wall -W -Wvla -Wdate-time -Wshift-overflow=2 -Wduplicated-cond -Wno-stringop-overflow -D_REENTRANT -fPIC -DQT_NO_USING_NAMESPACE -DQT_NO_FOREACH -DQT_USE_SYSTEM_PROXIES -DQT_NO_NARROWING_CONVERSIONS_IN_CONNECT -DQT_BUILD_NETWORK_LIB -DQT_BUILDING_QT -DQT_NO_CAST_TO_ASCII -DQT_ASCII_CAST_WARNINGS -DQT_MOC_COMPAT -DQT_USE_QSTRINGBUILDER -DQT_DEPRECATED_WARNINGS -DQT_DISABLE_DEPRECATED_BEFORE=0x050000 -DQT_NO_EXCEPTIONS -D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_NO_DEBUG -DQT_CORE_LIB -I/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network -I. -I/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/kernel -I../../include -I../../include/QtNetwork -I../../include/QtNetwork/5.11.2 -I../../include/QtNetwork/5.11.2/QtNetwork -isystem /usr/include/qt5/QtCore/5.11.2 -isystem /usr/include/qt5/QtCore/5.11.2/QtCore -isystem /usr/include/qt5 -isystem /usr/include/qt5/QtCore -I.moc -I/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/mkspecs/linux-g++ -o .obj/qsslsocket_openssl_symbols.o /var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/ssl/qsslsocket_openssl_symbols.cpp
In file included from /var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/ssl/qsslsocket_openssl_symbols.cpp:58:
/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/ssl/qsslsocket_openssl_symbols.cpp: In function ‘BIO_METHOD* q_BIO_s_mem()’:
/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/ssl/qsslsocket_openssl_symbols_p.h:185:37: error: invalid conversion from ‘const BIO_METHOD*’ {aka ‘const bio_method_st*’} to ‘BIO_METHOD*’ {aka ‘bio_method_st*’} [-fpermissive]
     ret q_##func(arg) { funcret func(a); }
/var/tmp/portage/dev-qt/qtnetwork-5.11.9999/work/qtnetwork-5.11.9999/src/network/ssl/qsslsocket_openssl_symbols.cpp:194:1: note: in expansion of macro ‘DEFINEFUNC’
 DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
 ^~~~~~~~~~
make: *** [Makefile:3466: .obj/qsslsocket_openssl_symbols.o] Error 1
 * ERROR: dev-qt/qtnetwork-5.11.9999::qt failed (compile phase):
 *   emake failed
Comment 66 Andreas Sturmlechner gentoo-dev 2018-09-16 00:06:02 UTC
This is causing trouble in revdeps.
Comment 67 Stefan Strogin gentoo-dev 2018-09-16 03:18:43 UTC
(In reply to jospezial from comment #63)
> Created attachment 529810 [details, diff] [details, diff]
> my patch to compile dev-qt/qtnetwork-5.11.9999::qt against
> dev-libs/libressl-2.7.2

Works for me with qtnetwork-5.11.1 and libressl-2.6.5.
Comment 68 Quentin R. 2018-10-10 20:07:53 UTC
I don't know if I've created a duplicate but I made a bug report about an issue building =dev-qt/qtnetwork-5.9.6 with =dev-libs/libressl-2.8.1 here: https://bugs.gentoo.org/668218.

Building and running =dev-qt/qtnetwork-5.9.6 was working with =dev-libs/libressl-2.8.0.
Comment 69 Quentin R. 2018-10-12 11:44:17 UTC
Ok so it's fixed upstream in 5.11.2.
Comment 70 Quentin R. 2018-10-14 19:30:38 UTC
nevermind, it's not https://ptpb.pw/iXHd
Comment 71 Toralf Förster gentoo-dev 2018-10-16 18:08:31 UTC
(In reply to Pablo Cholaky from comment #64)
the (In reply to Stefan Strogin from comment #67)

Here I do get :

with libressl-2.6.5 and qtnetwork-5.11.1

6/QtCore -isystem /usr/include/qt5 -isystem /usr/include/qt5/QtCore -I.moc -I../../mkspecs/linux-g++ -o .obj/qhttpnetworkconnectionchannel.o access/qhttpnetworkconnectionchannel.cpp
In file included from ../../include/QtCore/qglobal.h:1:0,
                 from ../../include/QtNetwork/../../src/network/kernel/qtnetworkglobal.h:43,
                 from ../../include/QtNetwork/qtnetworkglobal.h:1,
                 from ../../include/QtNetwork/5.11.1/QtNetwork/private/../../../../../src/network/kernel/qtnetworkglobal_p.h:54,
                 from ../../include/QtNetwork/5.11.1/QtNetwork/private/qtnetworkglobal_p.h:1,
                 from access/qhttpnetworkconnection_p.h:54,
                 from access/qhttpnetworkconnection.cpp:40:
../../include/QtCore/../../src/corelib/global/qglobal.h:86:30: error: division by zero in #if
 #define QT_CONFIG(feature) (1/QT_FEATURE_##feature == 1)
                              ^
Comment 72 Quentin R. 2018-11-03 14:55:04 UTC
pagorman opened a bug report with a patch for 5.11.1 with libressl 2.8.2 https://bugs.gentoo.org/670170
Comment 73 Quentin R. 2018-11-08 01:02:04 UTC
As his patch seems to work, I made a pull request that is now merged on official libressl overlay. https://github.com/gentoo/libressl/pull/254 Feel free to test it and write feedback.
Comment 74 Simeon Simeonov 2018-11-08 19:56:43 UTC
(In reply to Quentin R. from comment #73)
> As his patch seems to work, I made a pull request that is now merged on
> official libressl overlay. https://github.com/gentoo/libressl/pull/254 Feel
> free to test it and write feedback.

Using the patch the system still fails to build on my machine. Build.log and emerge --info attached.
Comment 75 Simeon Simeonov 2018-11-08 19:58:04 UTC
Created attachment 554572 [details]
Failed build after applying patch from https://github.com/gentoo/libressl/
Comment 76 Simeon Simeonov 2018-11-08 20:00:04 UTC
Created attachment 554574 [details]
emerge --info qtnetwork

emerge -pqv qtnetwork
[ebuild  N    ] dev-qt/qtnetwork-5.11.1  USE="libressl ssl -bindist -connman -debug -libproxy -networkmanager -test"
Comment 77 Simeon Simeonov 2018-11-09 08:15:32 UTC
N.B. I am building against the stable LibreSSL 2.6.5 though
Comment 78 Andreas Sturmlechner gentoo-dev 2018-11-18 11:43:45 UTC
*** Bug 671414 has been marked as a duplicate of this bug. ***
Comment 79 Sasha Sokolov 2018-11-19 21:03:47 UTC
I have been able to build qtnetwork-5.11.2 against libressl 2.6.5 with a subset of the github.com/gentoo/libressl patch, attached. Prior I experienced errors identical to Simeon Simeonov.
Comment 80 Sasha Sokolov 2018-11-19 21:05:02 UTC
Created attachment 555740 [details, diff]
Patch to buil;d qtnetwork-5.11.2 against libressl 2.6.5
Comment 81 Simeon Simeonov 2018-11-20 20:27:47 UTC
(In reply to Sasha Sokolov from comment #80)
> Created attachment 555740 [details, diff] [details, diff]
> Patch to buil;d qtnetwork-5.11.2 against libressl 2.6.5

The patch worked for me even with the current qtnetwork-5.11.1. Thanks!
Comment 82 needle 2018-11-26 11:53:44 UTC
Build of qtnetwork 5.11.1/5.11.2 with this patch is successful. Thanks.

(In reply to Sasha Sokolov from comment #80)
> Created attachment 555740 [details, diff] [details, diff]
> Patch to buil;d qtnetwork-5.11.2 against libressl 2.6.5
Comment 83 Marcel Schilling 2018-12-05 09:16:00 UTC
the build works with https://github.com/gentoo/libressl/blob/57f31bb387b1adfe0eb5c5938448a01b90c39410/dev-qt/qtnetwork/qtnetwork-5.11.2.ebuild when building against >=dev-libs/libressl-2.8.0 (currently masked for testing): https://github.com/gentoo/libressl/issues/258#issuecomment-440218330
Comment 84 jospezial 2018-12-22 03:14:45 UTC
Created attachment 558324 [details, diff]
my patch to compile dev-qt/qtnetwork-5.12.9999::qt against dev-libs/libressl-2.9.0

patch had to be changed because of:
http://code.qt.io/cgit/qt/qtbase.git/commit/?id=b6cd5fdc6b7c799a80126659f35801af9a26601a
"configure: inline openssl test sources"


tested against dev-libs/libressl-2.9.0
Comment 85 Pavel Volkov 2019-02-16 23:36:42 UTC
Which patch works with current qtnetwork 5.11.3 and libressl 2.8.3?
Comment 86 Pablo Cholaky 2019-02-17 03:27:04 UTC
(In reply to Pavel Volkov from comment #85)
> Which patch works with current qtnetwork 5.11.3 and libressl 2.8.3?

Yes, please try my personal patch: https://github.com/waltercool/waltercooloverlay/blob/65e914b358bd0b06a4301f6c938bdd6a9fba9d53/dev-qt/qtnetwork/files/qtnetwork-5.11-libressl.patch
Comment 87 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-02-22 23:43:53 UTC
(In reply to Pavel Volkov from comment #85)
> Which patch works with current qtnetwork 5.11.3 and libressl 2.8.3?

Pavel, the Gentoo libressl overlay has the appropriate patch in it.
Comment 88 Larry the Git Cow gentoo-dev 2019-03-02 00:51:34 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=e7ebc1bc36959b7a842b5800b4459dd444c3b5d6

commit e7ebc1bc36959b7a842b5800b4459dd444c3b5d6
Author:     Stefan Strogin <stefan.strogin@gmail.com>
AuthorDate: 2019-03-02 00:50:42 +0000
Commit:     Stefan Strogin <stefan.strogin@gmail.com>
CommitDate: 2019-03-02 00:50:42 +0000

    dev-qt/qtnetwork: bump version to 5.12.1; add patch
    
    Bug: https://bugs.gentoo.org/562050
    Package-Manager: Portage-2.3.62, Repoman-2.3.12
    Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>

 dev-qt/qtnetwork/Manifest                          |  1 +
 .../files/qtnetwork-5.12.1-libressl.patch          | 93 ++++++++++++++++++++++
 dev-qt/qtnetwork/qtnetwork-5.12.1.ebuild           | 67 ++++++++++++++++
 3 files changed, 161 insertions(+)
Comment 89 Anthony Parsons 2019-03-11 02:15:21 UTC
I'm having the compile failure reported in https://github.com/gentoo/libressl/issues/258 with the current version (qtnetwork-5.12.1::libressl), using libressl-2.9.0 on i686.

I have an amd64 box which worked fine with that combination, so I'm not sure what's going on.
Comment 90 Anthony Parsons 2019-03-14 09:50:03 UTC
(In reply to Anthony Parsons from comment #89)

Apologies for the bugspam, turned out to be PEBKAC. Thought my system was up to date but turns out I actually had 2.6.3 installed.

It's a data point all the same; might be a good idea to specify min version >=2.7 in DEPEND?
Comment 91 Larry the Git Cow gentoo-dev 2019-03-17 18:46:36 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=7d74943a95d64012d973fb65510c4d70a3f463f3

commit 7d74943a95d64012d973fb65510c4d70a3f463f3
Author:     Stefan Strogin <stefan.strogin@gmail.com>
AuthorDate: 2019-03-17 18:45:04 +0000
Commit:     Stefan Strogin <stefan.strogin@gmail.com>
CommitDate: 2019-03-17 18:45:04 +0000

    dev-qt/qtnetwork: bump version to 5.12.2
    
    Bug: https://bugs.gentoo.org/562050
    Package-Manager: Portage-2.3.62, Repoman-2.3.12
    Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>

 dev-qt/qtnetwork/Manifest                |  1 +
 dev-qt/qtnetwork/qtnetwork-5.12.2.ebuild | 67 ++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)
Comment 92 Pavel Volkov 2019-04-22 07:36:42 UTC
Please update to 5.12.3.
Comment 93 Larry the Git Cow gentoo-dev 2019-04-22 18:19:08 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=481fd481c08bf0fd9ad37c956354345c0212b8e9

commit 481fd481c08bf0fd9ad37c956354345c0212b8e9
Author:     Dennis Gaebler <dennis.gaebler@uni-ulm.de>
AuthorDate: 2019-04-22 12:30:46 +0000
Commit:     Stefan Strogin <stefan.strogin@gmail.com>
CommitDate: 2019-04-22 18:04:44 +0000

    dev-qt/qtnetwork: Add 5.12.3
    
    Reported-by: Dennis Gaebler <dennis.gaebler@uni-ulm.de>
    Bug: https://bugs.gentoo.org/562050
    Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>

 dev-qt/qtnetwork/Manifest                |  1 +
 dev-qt/qtnetwork/qtnetwork-5.12.3.ebuild | 67 ++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+)
Comment 94 Aidan Harris 2019-06-21 20:10:24 UTC
Updated patch for 5.12.4 (currently in the Qt overlay):

https://github.com/gentoo/libressl/pull/297
Comment 95 jospezial 2019-06-22 05:55:02 UTC
Created attachment 580336 [details, diff]
my patch to compile dev-qt/qtnetwork-5.13.9999::qt against dev-libs/libressl-2.9.2

updated with patch from aidanharris
Comment 96 René Fuchs 2019-07-09 14:01:38 UTC
and daily greets the groundhog :) sorry but its so frustrating 

please add for 5.12.4
Comment 97 jospezial 2019-07-09 16:47:50 UTC
(In reply to René Fuchs from comment #96)
> and daily greets the groundhog :) sorry but its so frustrating 
> 
> please add for 5.12.4

https://github.com/gentoo/libressl/commit/b5e619354bc10456fbbda75bbbc02cf9a2a98834
 dev-qt/qtnetwork-5.12.4: Add 5.12.4

and https://github.com/gentoo/libressl/commit/b61ba94129f03f1f4b982cdab1f71838fbbd51c9
Comment 98 Pavel Volkov 2019-07-15 07:38:28 UTC
How long does it take for gentoo/libressl repo changes to show up i gentoo-mirror/libressl?

It's been over 6 days...
Comment 99 Pablo Cholaky 2019-07-15 07:48:29 UTC
(In reply to Pavel Volkov from comment #98)
> How long does it take for gentoo/libressl repo changes to show up i
> gentoo-mirror/libressl?
> 
> It's been over 6 days...

For those kind of bugs at master, it doesn't. Those patches are bad fix usually and QT team doesn't want to suppprt LibreSSL.

Your only option here would be adding LibreSSL overlay, or add patches into your own overlay.

Personally I have my own patches into my overlay, I added qtnetwork patch for 5.12.4 onto my overlay at least (https://gitlab.com/waltercool/waltercooloverlay)

Master branch of Gentoo usually don't pick patches rejected by project owner (as QT) due excessive maintenance at every release.
Comment 100 Pavel Volkov 2019-07-15 07:52:45 UTC
(In reply to Pablo Cholaky from comment #99)
> Your only option here would be adding LibreSSL overlay, or add patches into
> your own overlay.

Well, libressl overlay tracks gentoo-mirror/libressl on github.
Last version there is 5.12.3, so I wonder when I'll see 5.12.4.

I know I can add it to locally.
Comment 101 Pablo Cholaky 2019-07-15 07:54:16 UTC
Oh my bad, you meant libressl mirror and not gentoo mirror.

Well, as workaround, you can try to sync the normal one and update with egencache at /etc/portage/repos.d, isn't that bad.
Comment 102 Kyle Sanderson 2019-07-27 19:10:28 UTC
(In reply to Pablo Cholaky from comment #99)
> (In reply to Pavel Volkov from comment #98)
> > How long does it take for gentoo/libressl repo changes to show up i
> > gentoo-mirror/libressl?
> > 
> > It's been over 6 days...
> 
> For those kind of bugs at master, it doesn't. Those patches are bad fix
> usually and QT team doesn't want to suppprt LibreSSL.
> 
> Your only option here would be adding LibreSSL overlay, or add patches into
> your own overlay.
> 
> Personally I have my own patches into my overlay, I added qtnetwork patch
> for 5.12.4 onto my overlay at least
> (https://gitlab.com/waltercool/waltercooloverlay)
> 
> Master branch of Gentoo usually don't pick patches rejected by project owner
> (as QT) due excessive maintenance at every release.

What? we had BFQ months (even years) in gentoo-sources before it was mainlined... Please merge this, there's no reason not to.
Comment 103 Kyle Sanderson 2019-08-15 11:03:02 UTC
Any update on this? FreeBSD has had this in the tree for years...
Comment 104 jospezial 2019-08-25 10:13:42 UTC
qt-5.14 branch is giving us more libressl headaches.

Will dig deeper in it soon.
Comment 105 jospezial 2019-08-25 10:37:50 UTC
(In reply to jospezial from comment #104)
> qt-5.14 branch is giving us more libressl headaches.
> 
> Will dig deeper in it soon.

old patch still works. Tested with libressl-3.0.0
Comment 106 Pavel Volkov 2019-10-04 06:31:34 UTC
With libressl 3.0.1 my KMail accounts can't connect to server anymore:
error:10FFF067:elliptic curve routines:CRYPTO_internal:invalid field

Reverting to 3.0.0 fixes this.

Rebuilding qtnetwork and akonadi makes no difference.
Comment 107 Stefan Strogin gentoo-dev 2019-10-05 14:00:58 UTC
Thanks, Pavel. I have got the same error in quassel client (also uses qtnetwork).
Masked libressl-3.0.1 for now.