diff --git a/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch b/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch deleted file mode 100644 index 62cfe7f..0000000 --- a/0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch +++ /dev/null @@ -1,1064 +0,0 @@ -From 298fb77362a0fb24aa84f9b79030b95f88dc9ab6 Mon Sep 17 00:00:00 2001 -From: Fabian Vogt -Date: Thu, 24 Aug 2017 15:11:40 +0200 -Subject: [PATCH] Make kssl compile against OpenSSL 1.1.0 - -Summary: -OpenSSL 1.1.0 contains some source-incompatible changes, most notably making most of the -structures opaque and introducing new getter/setter functions to modify the structures. This -patch adds some of the newly introduced functions to the KOpenSSL class and modifies the code to call them. The implementation of those newly introduced methods contains both OpenSSL < 1.1 compatible code (direct structure member access) and calls to real functions resolved from OpenSSL>= 1.1 library. Which implementation is used is decided at compile time. Some of the existing methods were renamed to match the OpenSSL 1.1 naming and to avoid conflicts with backward-compatibility names provided by OpenSSL 1.1. - -KSSLCertificate::toNetscape() returns empty result when built against OpenSSL 1.1 since I wasn't able to find a proper equivalent in OpenSSL 1.1 API (and there does not seem to be any). - -BUG: 370223 - -Test Plan: The code compiles under both OpenSSL 1.1 and OpenSSL 1.0.x. I did not test the actual functionality. - -Reviewers: #frameworks, dfaure - -Subscribers: fvogt, ltoscano, rdieter, #frameworks - -Tags: #frameworks - -Differential Revision: https://phabricator.kde.org/D6665 ---- - src/kssl/kopenssl.cpp | 306 ++++++++++++++++++++++++++++++++++++++----- - src/kssl/kopenssl.h | 76 +++++++++-- - src/kssl/kssl.cpp | 4 - - src/kssl/ksslcallback.c | 4 +- - src/kssl/ksslcertchain.cpp | 51 +++----- - src/kssl/ksslcertificate.cpp | 68 ++++++---- - 6 files changed, 391 insertions(+), 118 deletions(-) - -diff --git a/src/kssl/kopenssl.cpp b/src/kssl/kopenssl.cpp -index 6b7a648b..c68a134a 100644 ---- a/src/kssl/kopenssl.cpp -+++ b/src/kssl/kopenssl.cpp -@@ -69,18 +69,26 @@ extern "C" { - static int (*K_X509_verify_cert)(X509_STORE_CTX *) = nullptr; - static X509_STORE_CTX *(*K_X509_STORE_CTX_new)(void) = nullptr; - static void (*K_X509_STORE_free)(X509_STORE *) = nullptr; -+ static void (*K_X509_STORE_set_verify_cb)(X509_STORE *, int (*)(int, X509_STORE_CTX *)) = nullptr; - static X509_STORE *(*K_X509_STORE_new)(void) = nullptr; - static void (*K_X509_free)(X509 *) = nullptr; - static char *(*K_X509_NAME_oneline)(X509_NAME *, char *, int) = nullptr; - static X509_NAME *(*K_X509_get_subject_name)(X509 *) = nullptr; - static X509_NAME *(*K_X509_get_issuer_name)(X509 *) = nullptr; -+ static void (*K_X509_get0_signature)(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x) = nullptr; - static X509_LOOKUP *(*K_X509_STORE_add_lookup)(X509_STORE *, X509_LOOKUP_METHOD *) = nullptr; - static X509_LOOKUP_METHOD *(*K_X509_LOOKUP_file)(void) = nullptr; - static void (*K_X509_LOOKUP_free)(X509_LOOKUP *) = nullptr; - static int (*K_X509_LOOKUP_ctrl)(X509_LOOKUP *, int, const char *, long, char **) = nullptr; - static void (*K_X509_STORE_CTX_init)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *) = nullptr; -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - static void (*K_CRYPTO_free)(void *) = nullptr; -+#else -+ static void (*K_CRYPTO_free)(void *, const char *, int) = nullptr; -+#endif - static X509 *(*K_X509_dup)(X509 *) = nullptr; -+ static ASN1_TIME *(*K_X509_getm_notBefore)(const X509 *) = nullptr; -+ static ASN1_TIME *(*K_X509_getm_notAfter)(const X509 *) = nullptr; - static BIO_METHOD *(*K_BIO_s_mem)(void) = nullptr; - static BIO *(*K_BIO_new)(BIO_METHOD *) = nullptr; - static BIO *(*K_BIO_new_fp)(FILE *, int) = nullptr; -@@ -112,13 +120,16 @@ extern "C" { - static STACK_OF(X509) *(*K_SSL_get_peer_cert_chain)(SSL *) = nullptr; - static void (*K_X509_STORE_CTX_set_chain)(X509_STORE_CTX *, STACK_OF(X509) *) = nullptr; - static void (*K_X509_STORE_CTX_set_purpose)(X509_STORE_CTX *, int) = nullptr; -- static void (*K_sk_free)(STACK *) = nullptr; -- static int (*K_sk_num)(STACK *) = nullptr; -- static char *(*K_sk_pop)(STACK *) = nullptr; -- static char *(*K_sk_value)(STACK *, int) = nullptr; -- static STACK *(*K_sk_new)(int (*)()) = nullptr; -- static int (*K_sk_push)(STACK *, char *) = nullptr; -- static STACK *(*K_sk_dup)(STACK *) = nullptr; -+ static X509 *(*K_X509_STORE_CTX_get_current_cert)(X509_STORE_CTX *) = nullptr; -+ static void (*K_X509_STORE_CTX_set_error)(X509_STORE_CTX *, int) = nullptr; -+ static int (*K_X509_STORE_CTX_get_error)(X509_STORE_CTX *) = nullptr; -+ static void (*K_OPENSSL_sk_free)(STACK *) = nullptr; -+ static int (*K_OPENSSL_sk_num)(STACK *) = nullptr; -+ static char *(*K_OPENSSL_sk_pop)(STACK *) = nullptr; -+ static char *(*K_OPENSSL_sk_value)(STACK *, int) = nullptr; -+ static STACK *(*K_OPENSSL_sk_new)(int (*)()) = nullptr; -+ static int (*K_OPENSSL_sk_push)(STACK *, char *) = nullptr; -+ static STACK *(*K_OPENSSL_sk_dup)(STACK *) = nullptr; - static char *(*K_i2s_ASN1_INTEGER)(X509V3_EXT_METHOD *, ASN1_INTEGER *) = nullptr; - static ASN1_INTEGER *(*K_X509_get_serialNumber)(X509 *) = nullptr; - static EVP_PKEY *(*K_X509_get_pubkey)(X509 *) = nullptr; -@@ -158,6 +169,12 @@ extern "C" { - static int (*K_X509_check_purpose)(X509 *, int, int) = nullptr; - static X509_PURPOSE *(*K_X509_PURPOSE_get0)(int) = nullptr; - static int (*K_EVP_PKEY_assign)(EVP_PKEY *, int, char *) = nullptr; -+ static int (*K_EVP_PKEY_base_id)(EVP_PKEY *) = nullptr; -+ static RSA *(*K_EVP_PKEY_get0_RSA)(EVP_PKEY *) = nullptr; -+ static void (*K_RSA_get0_key)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = nullptr; -+ static DSA *(*K_EVP_PKEY_get0_DSA)(EVP_PKEY *) = nullptr; -+ static void (*K_DSA_get0_pqg)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **) = nullptr; -+ static void (*K_DSA_get0_key)(DSA *, const BIGNUM **, const BIGNUM **) = nullptr; - static int (*K_X509_REQ_set_pubkey)(X509_REQ *, EVP_PKEY *) = nullptr; - static RSA *(*K_RSA_generate_key)(int, unsigned long, void (*)(int, int, void *), void *) = nullptr; - static int (*K_i2d_X509_REQ_fp)(FILE *, X509_REQ *) = nullptr; -@@ -413,7 +430,11 @@ KOpenSSLProxy::KOpenSSLProxy() - K_RAND_load_file = (int (*)(const char *, long)) d->cryptoLib->resolve("RAND_load_file"); - K_RAND_file_name = (const char *(*)(char *, size_t)) d->cryptoLib->resolve("RAND_file_name"); - K_RAND_write_file = (int (*)(const char *)) d->cryptoLib->resolve("RAND_write_file"); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - K_CRYPTO_free = (void (*)(void *)) d->cryptoLib->resolve("CRYPTO_free"); -+#else -+ K_CRYPTO_free = (void (*)(void *, const char *, int)) d->cryptoLib->resolve("CRYPTO_free"); -+#endif - K_d2i_X509 = (X509 * (*)(X509 **, unsigned char **, long)) d->cryptoLib->resolve("d2i_X509"); - K_i2d_X509 = (int (*)(X509 *, unsigned char **)) d->cryptoLib->resolve("i2d_X509"); - K_X509_cmp = (int (*)(X509 *, X509 *)) d->cryptoLib->resolve("X509_cmp"); -@@ -422,15 +443,19 @@ KOpenSSLProxy::KOpenSSLProxy() - K_X509_verify_cert = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolve("X509_verify_cert"); - K_X509_STORE_new = (X509_STORE * (*)(void)) d->cryptoLib->resolve("X509_STORE_new"); - K_X509_STORE_free = (void (*)(X509_STORE *)) d->cryptoLib->resolve("X509_STORE_free"); -+ K_X509_STORE_set_verify_cb = (void (*)(X509_STORE *, int (*)(int, X509_STORE_CTX *))) d->cryptoLib->resolve("X509_STORE_set_verify_cb"); - K_X509_NAME_oneline = (char *(*)(X509_NAME *, char *, int)) d->cryptoLib->resolve("X509_NAME_oneline"); - K_X509_get_subject_name = (X509_NAME * (*)(X509 *)) d->cryptoLib->resolve("X509_get_subject_name"); - K_X509_get_issuer_name = (X509_NAME * (*)(X509 *)) d->cryptoLib->resolve("X509_get_issuer_name"); -+ K_X509_get0_signature = (void (*)(const ASN1_BIT_STRING **, const X509_ALGOR **, const X509 *)) d->cryptoLib->resolve("X509_get0_signature"); - K_X509_STORE_add_lookup = (X509_LOOKUP * (*)(X509_STORE *, X509_LOOKUP_METHOD *)) d->cryptoLib->resolve("X509_STORE_add_lookup"); - K_X509_LOOKUP_file = (X509_LOOKUP_METHOD * (*)(void)) d->cryptoLib->resolve("X509_LOOKUP_file"); - K_X509_LOOKUP_free = (void (*)(X509_LOOKUP *)) d->cryptoLib->resolve("X509_LOOKUP_free"); - K_X509_LOOKUP_ctrl = (int (*)(X509_LOOKUP *, int, const char *, long, char **)) d->cryptoLib->resolve("X509_LOOKUP_ctrl"); - K_X509_STORE_CTX_init = (void (*)(X509_STORE_CTX *, X509_STORE *, X509 *, STACK_OF(X509) *)) d->cryptoLib->resolve("X509_STORE_CTX_init"); - K_X509_dup = (X509 * (*)(X509 *)) d->cryptoLib->resolve("X509_dup"); -+ K_X509_getm_notBefore = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolve("X509_getm_notBefore"); -+ K_X509_getm_notAfter = (ASN1_TIME *(*)(const X509 *)) d->cryptoLib->resolve("X509_getm_notAfter"); - K_BIO_s_mem = (BIO_METHOD * (*)(void)) d->cryptoLib->resolve("BIO_s_mem"); - K_BIO_new = (BIO * (*)(BIO_METHOD *)) d->cryptoLib->resolve("BIO_new"); - K_BIO_new_fp = (BIO * (*)(FILE *, int)) d->cryptoLib->resolve("BIO_new_fp"); -@@ -457,13 +482,26 @@ KOpenSSLProxy::KOpenSSLProxy() - K_X509_REQ_new = (X509_REQ * (*)()) d->cryptoLib->resolve("X509_REQ_new"); - K_X509_STORE_CTX_set_chain = (void (*)(X509_STORE_CTX *, STACK_OF(X509) *)) d->cryptoLib->resolve("X509_STORE_CTX_set_chain"); - K_X509_STORE_CTX_set_purpose = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolve("X509_STORE_CTX_set_purpose"); -- K_sk_free = (void (*)(STACK *)) d->cryptoLib->resolve("sk_free"); -- K_sk_num = (int (*)(STACK *)) d->cryptoLib->resolve("sk_num"); -- K_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolve("sk_pop"); -- K_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolve("sk_value"); -- K_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolve("sk_new"); -- K_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolve("sk_push"); -- K_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolve("sk_dup"); -+ K_X509_STORE_CTX_get_current_cert = (X509 * (*)(X509_STORE_CTX *)) d->cryptoLib->resolve("X509_STORE_CTX_get_current_cert"); -+ K_X509_STORE_CTX_set_error = (void (*)(X509_STORE_CTX *, int)) d->cryptoLib->resolve("X509_STORE_CTX_set_error"); -+ K_X509_STORE_CTX_get_error = (int (*)(X509_STORE_CTX *)) d->cryptoLib->resolve("X509_STORE_CTX_get_error"); -+#if OPENSSL_VERSION_NUMBER >= 0x10100000L -+ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolve("OPENSSL_sk_free"); -+ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolve("OPENSSL_sk_num"); -+ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolve("OPENSSL_sk_pop"); -+ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolve("OPENSSL_sk_value"); -+ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolve("OPENSSL_sk_new"); -+ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolve("OPENSSL_sk_push"); -+ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolve("OPENSSL_sk_dup"); -+#else -+ K_OPENSSL_sk_free = (void (*)(STACK *)) d->cryptoLib->resolve("sk_free"); -+ K_OPENSSL_sk_num = (int (*)(STACK *)) d->cryptoLib->resolve("sk_num"); -+ K_OPENSSL_sk_pop = (char *(*)(STACK *)) d->cryptoLib->resolve("sk_pop"); -+ K_OPENSSL_sk_value = (char *(*)(STACK *, int)) d->cryptoLib->resolve("sk_value"); -+ K_OPENSSL_sk_new = (STACK * (*)(int (*)())) d->cryptoLib->resolve("sk_new"); -+ K_OPENSSL_sk_push = (int (*)(STACK *, char *)) d->cryptoLib->resolve("sk_push"); -+ K_OPENSSL_sk_dup = (STACK * (*)(STACK *)) d->cryptoLib->resolve("sk_dup"); -+#endif - K_i2s_ASN1_INTEGER = (char *(*)(X509V3_EXT_METHOD *, ASN1_INTEGER *)) d->cryptoLib->resolve("i2s_ASN1_INTEGER"); - K_X509_get_serialNumber = (ASN1_INTEGER * (*)(X509 *)) d->cryptoLib->resolve("X509_get_serialNumber"); - K_X509_get_pubkey = (EVP_PKEY * (*)(X509 *)) d->cryptoLib->resolve("X509_get_pubkey"); -@@ -507,6 +545,12 @@ KOpenSSLProxy::KOpenSSLProxy() - K_X509_check_purpose = (int (*)(X509 *, int, int)) d->cryptoLib->resolve("X509_check_purpose"); - K_X509_PURPOSE_get0 = (X509_PURPOSE * (*)(int)) d->cryptoLib->resolve("X509_PURPOSE_get0"); - K_EVP_PKEY_assign = (int (*)(EVP_PKEY *, int, char *)) d->cryptoLib->resolve("EVP_PKEY_assign"); -+ K_EVP_PKEY_base_id = (int (*)(EVP_PKEY *)) d->cryptoLib->resolve("EVP_PKEY_base_id"); -+ K_EVP_PKEY_get0_RSA = (RSA *(*)(EVP_PKEY *)) d->cryptoLib->resolve("EVP_PKEY_get0_RSA"); -+ K_RSA_get0_key = (void (*)(RSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolve("ESA_get0_key"); -+ K_EVP_PKEY_get0_DSA = (DSA *(*)(EVP_PKEY *)) d->cryptoLib->resolve("EVP_PKEY_get0_DSA"); -+ K_DSA_get0_pqg = (void (*)(DSA *, const BIGNUM **, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolve("DSA_get0_pqg"); -+ K_DSA_get0_key = (void (*)(DSA *, const BIGNUM **, const BIGNUM **)) d->cryptoLib->resolve("DSA_get0_key"); - K_X509_REQ_set_pubkey = (int (*)(X509_REQ *, EVP_PKEY *)) d->cryptoLib->resolve("X509_REQ_set_pubkey"); - K_RSA_generate_key = (RSA * (*)(int, unsigned long, void (*)(int, int, void *), void *)) d->cryptoLib->resolve("RSA_generate_key"); - K_i2d_X509_REQ_fp = (int (*)(FILE *, X509_REQ *)) d->cryptoLib->resolve("i2d_X509_REQ_fp"); -@@ -933,6 +977,17 @@ void KOpenSSLProxy::X509_STORE_free(X509_STORE *v) - } - } - -+void KOpenSSLProxy::X509_STORE_set_verify_cb(X509_STORE *store, int (*verify_cb)(int, X509_STORE_CTX *)) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ X509_STORE_set_verify_cb_func(store, verify_cb); -+#else -+ if (K_X509_STORE_set_verify_cb) { -+ (K_X509_STORE_set_verify_cb)(store, verify_cb); -+ } -+#endif -+} -+ - X509_STORE_CTX *KOpenSSLProxy::X509_STORE_CTX_new(void) - { - if (K_X509_STORE_CTX_new) { -@@ -987,6 +1042,22 @@ X509_NAME *KOpenSSLProxy::X509_get_issuer_name(X509 *a) - return nullptr; - } - -+void KOpenSSLProxy::X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **algor, const X509 *x) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ if (psig) { -+ *psig = x->signature; -+ } -+ if (algor) { -+ *algor = x->sig_alg; -+ } -+#else -+ if (K_X509_get0_signature) { -+ return (K_X509_get0_signature)(psig, algor, x); -+ } -+#endif -+} -+ - X509_LOOKUP *KOpenSSLProxy::X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) - { - if (K_X509_STORE_add_lookup) { -@@ -1025,12 +1096,21 @@ void KOpenSSLProxy::X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - } - } - -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - void KOpenSSLProxy::CRYPTO_free(void *x) - { - if (K_CRYPTO_free) { - (K_CRYPTO_free)(x); - } - } -+#else -+void KOpenSSLProxy::CRYPTO_free(void *x, const char *file, int line) -+{ -+ if (K_CRYPTO_free) { -+ K_CRYPTO_free(x, file, line); -+ } -+} -+#endif - - X509 *KOpenSSLProxy::X509_dup(X509 *x509) - { -@@ -1040,6 +1120,32 @@ X509 *KOpenSSLProxy::X509_dup(X509 *x509) - return nullptr; - } - -+ASN1_TIME *KOpenSSLProxy::X509_getm_notBefore(const X509 *x) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return X509_get_notBefore(x); -+#else -+ if (K_X509_getm_notBefore) { -+ return (K_X509_getm_notBefore)(x); -+ } else { -+ return nullptr; -+ } -+#endif -+} -+ -+ASN1_TIME *KOpenSSLProxy::X509_getm_notAfter(const X509 *x) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return X509_get_notAfter(x); -+#else -+ if (K_X509_getm_notAfter) { -+ return (K_X509_getm_notAfter)(x); -+ } else { -+ return nullptr; -+ } -+#endif -+} -+ - BIO *KOpenSSLProxy::BIO_new(BIO_METHOD *type) - { - if (K_BIO_new) { -@@ -1257,35 +1363,35 @@ STACK_OF(X509) *KOpenSSLProxy::SSL_get_peer_cert_chain(SSL *s) - } - } - --void KOpenSSLProxy::sk_free(STACK *s) -+void KOpenSSLProxy::OPENSSL_sk_free(STACK *s) - { -- if (K_sk_free) { -- (K_sk_free)(s); -+ if (K_OPENSSL_sk_free) { -+ (K_OPENSSL_sk_free)(s); - } - } - --int KOpenSSLProxy::sk_num(STACK *s) -+int KOpenSSLProxy::OPENSSL_sk_num(STACK *s) - { -- if (K_sk_num) { -- return (K_sk_num)(s); -+ if (K_OPENSSL_sk_num) { -+ return (K_OPENSSL_sk_num)(s); - } else { - return -1; - } - } - --char *KOpenSSLProxy::sk_pop(STACK *s) -+char *KOpenSSLProxy::OPENSSL_sk_pop(STACK *s) - { -- if (K_sk_pop) { -- return (K_sk_pop)(s); -+ if (K_OPENSSL_sk_pop) { -+ return (K_OPENSSL_sk_pop)(s); - } else { - return nullptr; - } - } - --char *KOpenSSLProxy::sk_value(STACK *s, int n) -+char *KOpenSSLProxy::OPENSSL_sk_value(STACK *s, int n) - { -- if (K_sk_value) { -- return (K_sk_value)(s, n); -+ if (K_OPENSSL_sk_value) { -+ return (K_OPENSSL_sk_value)(s, n); - } else { - return nullptr; - } -@@ -1305,28 +1411,65 @@ void KOpenSSLProxy::X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose) - } - } - --STACK *KOpenSSLProxy::sk_dup(STACK *s) -+X509 *KOpenSSLProxy::X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return v->current_cert; -+#else -+ if (K_X509_STORE_CTX_get_current_cert) { -+ return (K_X509_STORE_CTX_get_current_cert)(v); -+ } else { -+ return nullptr; -+ } -+#endif -+} -+ -+void KOpenSSLProxy::X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ v->error = error; -+#else -+ if (K_X509_STORE_CTX_set_error) { -+ (K_X509_STORE_CTX_set_error)(v, error); -+ } -+#endif -+} -+ -+int KOpenSSLProxy::X509_STORE_CTX_get_error(X509_STORE_CTX *v) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return v->error; -+#else -+ if (K_X509_STORE_CTX_get_error) { -+ return (K_X509_STORE_CTX_get_error)(v); -+ } else { -+ return 0; -+ } -+#endif -+} -+ -+STACK *KOpenSSLProxy::OPENSSL_sk_dup(STACK *s) - { -- if (K_sk_dup) { -- return (K_sk_dup)(s); -+ if (K_OPENSSL_sk_dup) { -+ return (K_OPENSSL_sk_dup)(s); - } else { - return nullptr; - } - } - --STACK *KOpenSSLProxy::sk_new(int (*cmp)()) -+STACK *KOpenSSLProxy::OPENSSL_sk_new(int (*cmp)()) - { -- if (K_sk_new) { -- return (K_sk_new)(cmp); -+ if (K_OPENSSL_sk_new) { -+ return (K_OPENSSL_sk_new)(cmp); - } else { - return nullptr; - } - } - --int KOpenSSLProxy::sk_push(STACK *s, char *d) -+int KOpenSSLProxy::OPENSSL_sk_push(STACK *s, char *d) - { -- if (K_sk_push) { -- return (K_sk_push)(s, d); -+ if (K_OPENSSL_sk_push) { -+ return (K_OPENSSL_sk_push)(s, d); - } else { - return -1; - } -@@ -1749,6 +1892,99 @@ int KOpenSSLProxy::EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) - } - } - -+int KOpenSSLProxy::EVP_PKEY_base_id(EVP_PKEY *pkey) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return pkey->type; -+#else -+ if (K_EVP_PKEY_base_id) { -+ return (K_EVP_PKEY_base_id)(pkey); -+ } else { -+ return 0; -+ } -+#endif -+} -+ -+RSA *KOpenSSLProxy::EVP_PKEY_get0_RSA(EVP_PKEY *pkey) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return pkey->pkey.rsa; -+#else -+ if (K_EVP_PKEY_get0_RSA) { -+ return (K_EVP_PKEY_get0_RSA)(pkey); -+ } else { -+ return nullptr; -+ } -+#endif -+} -+ -+void KOpenSSLProxy::RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ if (n) { -+ *n = rsa->n; -+ } -+ if (e) { -+ *e = rsa->e; -+ } -+ if (d) { -+ *d = rsa->d; -+ } -+#else -+ if (K_RSA_get0_key) { -+ (K_RSA_get0_key)(rsa, n, e, d); -+ } -+#endif -+} -+ -+DSA *KOpenSSLProxy::EVP_PKEY_get0_DSA(EVP_PKEY *pkey) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ return pkey->pkey.dsa; -+#else -+ if (K_EVP_PKEY_get0_DSA) { -+ return (K_EVP_PKEY_get0_DSA)(pkey); -+ } else { -+ return nullptr; -+ } -+#endif -+} -+ -+void KOpenSSLProxy::DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ if (p) { -+ *p = dsa->p; -+ } -+ if (q) { -+ *q = dsa->q; -+ } -+ if (g) { -+ *g = dsa->g; -+ } -+#else -+ if (K_DSA_get0_pqg) { -+ (K_DSA_get0_pqg)(dsa, p, q, g); -+ } -+#endif -+} -+ -+void KOpenSSLProxy::DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ if (pub_key) { -+ *pub_key = dsa->pub_key; -+ } -+ if (priv_key) { -+ *priv_key = dsa->priv_key; -+ } -+#else -+ if (K_DSA_get0_key) { -+ (K_DSA_get0_key)(dsa, pub_key, priv_key); -+ } -+#endif -+} -+ - int KOpenSSLProxy::X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) - { - if (K_X509_REQ_set_pubkey) { -diff --git a/src/kssl/kopenssl.h b/src/kssl/kopenssl.h -index 68de672a..518cd5b7 100644 ---- a/src/kssl/kopenssl.h -+++ b/src/kssl/kopenssl.h -@@ -278,6 +278,16 @@ public: - X509 *X509_dup(X509 *x509); - - /* -+ * X509_getm_notBefore - get validity start -+ */ -+ ASN1_TIME *X509_getm_notBefore(const X509 *x); -+ -+ /* -+ * X509_getm_notAfter - get validity end -+ */ -+ ASN1_TIME *X509_getm_notAfter(const X509 *x); -+ -+ /* - * X509_STORE_CTX_new - create an X509 store context - */ - X509_STORE_CTX *X509_STORE_CTX_new(void); -@@ -297,6 +307,21 @@ public: - */ - void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose); - -+ /** -+ * X509_STORE_CTX_get_current_cert - get the current certificate -+ */ -+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *v); -+ -+ /** -+ * X509_STORE_CTX_set_error - set certificate error -+ */ -+ void X509_STORE_CTX_set_error(X509_STORE_CTX *v, int error); -+ -+ /** -+ * X509_STORE_CTX_get_error - get certificate error -+ */ -+ int X509_STORE_CTX_get_error(X509_STORE_CTX *v); -+ - /* - * X509_verify_cert - verify the certificate - */ -@@ -313,6 +338,11 @@ public: - void X509_STORE_free(X509_STORE *v); - - /* -+ * X509_STORE_set_verify_cb - set verify callback -+ */ -+ void X509_STORE_set_verify_cb(X509_STORE *v, int (*verify_cb)(int, X509_STORE_CTX *)); -+ -+ /* - * X509_free - free up an X509 - */ - void X509_free(X509 *v); -@@ -333,6 +363,11 @@ public: - X509_NAME *X509_get_issuer_name(X509 *a); - - /* -+ * X509_get0_signature - return X509 signature and signature algorithm -+ */ -+ void X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x); -+ -+ /* - * X509_STORE_add_lookup - add a lookup file/method to an X509 store - */ - X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); -@@ -360,7 +395,11 @@ public: - /* - * CRYPTO_free - free up an internally allocated object - */ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - void CRYPTO_free(void *x); -+#else -+ void CRYPTO_free(void *x, const char *file, int line); -+#endif - - /* - * BIO_new - create new BIO -@@ -461,58 +500,58 @@ public: - /* - * Pop off the stack - */ -- char *sk_pop(STACK *s); -+ char *OPENSSL_sk_pop(STACK *s); - - /* - * Free the stack - */ -- void sk_free(STACK *s); -+ void OPENSSL_sk_free(STACK *s); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- void sk_free(void *s) -+ void OPENSSL_sk_free(void *s) - { -- return sk_free(reinterpret_cast(s)); -+ return OPENSSL_sk_free(reinterpret_cast(s)); - } - #endif - - /* - * Number of elements in the stack - */ -- int sk_num(STACK *s); -+ int OPENSSL_sk_num(STACK *s); - - /* - * Value of element n in the stack - */ -- char *sk_value(STACK *s, int n); -+ char *OPENSSL_sk_value(STACK *s, int n); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- char *sk_value(void *s, int n) -+ char *OPENSSL_sk_value(void *s, int n) - { -- return sk_value(reinterpret_cast(s), n); -+ return OPENSSL_sk_value(reinterpret_cast(s), n); - } - #endif - - /* - * Create a new stack - */ -- STACK *sk_new(int (*cmp)()); -+ STACK *OPENSSL_sk_new(int (*cmp)()); - - /* - * Add an element to the stack - */ -- int sk_push(STACK *s, char *d); -+ int OPENSSL_sk_push(STACK *s, char *d); - - #if OPENSSL_VERSION_NUMBER >= 0x10000000L -- int sk_push(void *s, void *d) -+ int OPENSSL_sk_push(void *s, void *d) - { -- return sk_push(reinterpret_cast(s), reinterpret_cast(d)); -+ return OPENSSL_sk_push(reinterpret_cast(s), reinterpret_cast(d)); - } - #endif - - /* - * Duplicate the stack - */ -- STACK *sk_dup(STACK *s); -+ STACK *OPENSSL_sk_dup(STACK *s); - - /* - * Convert an ASN1_INTEGER to its text form -@@ -744,6 +783,17 @@ public: - int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key); - - /* -+ * Get key type -+ */ -+ int EVP_PKEY_base_id(EVP_PKEY *pkey); -+ -+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey); -+ void RSA_get0_key(RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); -+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey); -+ void DSA_get0_pqg(DSA *dsa, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g); -+ void DSA_get0_key(DSA *dsa, const BIGNUM **pub_key, const BIGNUM **priv_key); -+ -+ /* - * Generate a RSA key - */ - RSA *RSA_generate_key(int bits, unsigned long e, void -diff --git a/src/kssl/kssl.cpp b/src/kssl/kssl.cpp -index a35f8164..4dc008ab 100644 ---- a/src/kssl/kssl.cpp -+++ b/src/kssl/kssl.cpp -@@ -46,8 +46,6 @@ - #warning "kssl.cpp needs to be ported to QSslSocket" - #endif - --#define sk_dup d->kossl->sk_dup -- - class KSSLPrivate - { - public: -@@ -210,5 +208,3 @@ bool KSSL::doesSSLWork() - return m_bSSLWorks; - } - --#undef sk_dup -- -diff --git a/src/kssl/ksslcallback.c b/src/kssl/ksslcallback.c -index 8afc33a4..086d8b25 100644 ---- a/src/kssl/ksslcallback.c -+++ b/src/kssl/ksslcallback.c -@@ -39,7 +39,7 @@ extern "C" { - // back will not be threadsafe ofcourse. - - if (KSSL_X509CallBack_ca) { -- if (KOSSL::self()->X509_cmp(ctx->current_cert, KSSL_X509CallBack_ca) != 0) { -+ if (KOSSL::self()->X509_cmp(KOSSL::self()->X509_STORE_CTX_get_current_cert(ctx), KSSL_X509CallBack_ca) != 0) { - return 1; // Ignore errors for this certificate - } - -@@ -47,7 +47,7 @@ extern "C" { - } - - if (!ok) { -- switch (ctx->error) { -+ switch (KOSSL::self()->X509_STORE_CTX_get_error(ctx)) { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - case X509_V_ERR_UNABLE_TO_GET_CRL: - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: -diff --git a/src/kssl/ksslcertchain.cpp b/src/kssl/ksslcertchain.cpp -index 6b5a8b23..16bb5d0b 100644 ---- a/src/kssl/ksslcertchain.cpp -+++ b/src/kssl/ksslcertchain.cpp -@@ -41,16 +41,6 @@ - #include - #include - --#if KSSL_HAVE_SSL --#define sk_new d->kossl->sk_new --#define sk_push d->kossl->sk_push --#define sk_free d->kossl->sk_free --#define sk_value d->kossl->sk_value --#define sk_num d->kossl->sk_num --#define sk_dup d->kossl->sk_dup --#define sk_pop d->kossl->sk_pop --#endif -- - class KSSLCertChainPrivate - { - public: -@@ -79,13 +69,13 @@ KSSLCertChain::~KSSLCertChain() - STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; - - for (;;) { -- X509 *x5 = sk_X509_pop(x); -+ X509 *x5 = reinterpret_cast(d->kossl->OPENSSL_sk_pop(reinterpret_cast(x))); - if (!x5) { - break; - } - d->kossl->X509_free(x5); - } -- sk_X509_free(x); -+ d->kossl->OPENSSL_sk_free(reinterpret_cast(x)); - } - #endif - delete d; -@@ -108,7 +98,7 @@ KSSLCertChain *KSSLCertChain::replicate() - int KSSLCertChain::depth() - { - #if KSSL_HAVE_SSL -- return sk_X509_num((STACK_OF(X509) *)_chain); -+ return d->kossl->OPENSSL_sk_num(static_cast(_chain)); - #endif - return 0; - } -@@ -127,8 +117,8 @@ QList KSSLCertChain::getChain() const - #if KSSL_HAVE_SSL - STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; - -- for (int i = 0; i < sk_X509_num(x); i++) { -- X509 *x5 = sk_X509_value(x, i); -+ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast(x)); i++) { -+ X509 *x5 = reinterpret_cast(d->kossl->OPENSSL_sk_value(reinterpret_cast(x), i)); - if (!x5) { - continue; - } -@@ -148,22 +138,22 @@ void KSSLCertChain::setChain(const QList &chain) - STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; - - for (;;) { -- X509 *x5 = sk_X509_pop(x); -+ X509 *x5 = reinterpret_cast(d->kossl->OPENSSL_sk_pop(reinterpret_cast(x))); - if (!x5) { - break; - } - d->kossl->X509_free(x5); - } -- sk_X509_free(x); -+ d->kossl->OPENSSL_sk_free(reinterpret_cast(x)); - _chain = nullptr; - } - - if (chain.isEmpty()) { - return; - } -- _chain = (void *)sk_new(nullptr); -+ _chain = (void *)d->kossl->OPENSSL_sk_new(nullptr); - foreach (KSSLCertificate *x, chain) { -- sk_X509_push((STACK_OF(X509) *)_chain, d->kossl->X509_dup(x->getCert())); -+ d->kossl->OPENSSL_sk_push(static_cast(_chain), d->kossl->X509_dup(x->getCert())); - } - - #endif -@@ -176,13 +166,13 @@ void KSSLCertChain::setChain(void *stack_of_x509) - STACK_OF(X509) *x = (STACK_OF(X509) *)_chain; - - for (;;) { -- X509 *x5 = sk_X509_pop(x); -+ X509 *x5 = reinterpret_cast(d->kossl->OPENSSL_sk_pop(reinterpret_cast(x))); - if (!x5) { - break; - } - d->kossl->X509_free(x5); - } -- sk_X509_free(x); -+ d->kossl->OPENSSL_sk_free(reinterpret_cast(x)); - _chain = nullptr; - } - -@@ -190,15 +180,15 @@ void KSSLCertChain::setChain(void *stack_of_x509) - return; - } - -- _chain = (void *)sk_new(nullptr); -+ _chain = (void *)d->kossl->OPENSSL_sk_new(nullptr); - STACK_OF(X509) *x = (STACK_OF(X509) *)stack_of_x509; - -- for (int i = 0; i < sk_X509_num(x); i++) { -- X509 *x5 = sk_X509_value(x, i); -+ for (int i = 0; i < d->kossl->OPENSSL_sk_num(reinterpret_cast(x)); i++) { -+ X509 *x5 = reinterpret_cast(d->kossl->OPENSSL_sk_value(reinterpret_cast(x), i)); - if (!x5) { - continue; - } -- sk_X509_push((STACK_OF(X509) *)_chain, d->kossl->X509_dup(x5)); -+ d->kossl->OPENSSL_sk_push(reinterpret_cast(_chain), d->kossl->X509_dup(x5)); - } - - #else -@@ -217,14 +207,3 @@ void KSSLCertChain::setCertChain(const QStringList &chain) - } - setChain(cl); - } -- --#if KSSL_HAVE_SSL --#undef sk_new --#undef sk_push --#undef sk_free --#undef sk_value --#undef sk_num --#undef sk_dup --#undef sk_pop --#endif -- -diff --git a/src/kssl/ksslcertificate.cpp b/src/kssl/ksslcertificate.cpp -index 2fbe5751..4c96e4b0 100644 ---- a/src/kssl/ksslcertificate.cpp -+++ b/src/kssl/ksslcertificate.cpp -@@ -195,14 +195,17 @@ QString KSSLCertificate::getSignatureText() const - char *s; - int n, i; - -- i = d->kossl->OBJ_obj2nid(d->m_cert->sig_alg->algorithm); -+ const X509_ALGOR *algor; -+ const ASN1_BIT_STRING *sig; -+ d->kossl->X509_get0_signature(&sig, &algor, d->m_cert); -+ i = d->kossl->OBJ_obj2nid(algor->algorithm); - rc = i18n("Signature Algorithm: "); - rc += (i == NID_undef) ? i18n("Unknown") : QString(d->kossl->OBJ_nid2ln(i)); - - rc += '\n'; - rc += i18n("Signature Contents:"); -- n = d->m_cert->signature->length; -- s = (char *)d->m_cert->signature->data; -+ n = sig->length; -+ s = (char *)sig->data; - for (i = 0; i < n; ++i) { - if (i % 20 != 0) { - rc += ':'; -@@ -227,9 +230,10 @@ void KSSLCertificate::getEmails(QStringList &to) const - } - - STACK *s = d->kossl->X509_get1_email(d->m_cert); -+ const int size = d->kossl->OPENSSL_sk_num(s); - if (s) { -- for (int n = 0; n < s->num; n++) { -- to.append(d->kossl->sk_value(s, n)); -+ for (int n = 0; n < size; n++) { -+ to.append(d->kossl->OPENSSL_sk_value(s, n)); - } - d->kossl->X509_email_free(s); - } -@@ -309,12 +313,12 @@ QString KSSLCertificate::getKeyType() const - EVP_PKEY *pkey = d->kossl->X509_get_pubkey(d->m_cert); - if (pkey) { - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -+ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { - rc = "RSA"; - } else - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -+ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { - rc = "DSA"; - } else - #endif -@@ -336,8 +340,10 @@ QString KSSLCertificate::getPublicKeyText() const - if (pkey) { - rc = i18nc("Unknown", "Unknown key algorithm"); - #ifndef NO_RSA -- if (pkey->type == EVP_PKEY_RSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->n); -+ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_RSA) { -+ const BIGNUM *n, *e; -+ d->kossl->RSA_get0_key(d->kossl->EVP_PKEY_get0_RSA(pkey), &n, &e, nullptr); -+ x = d->kossl->BN_bn2hex(n); - rc = i18n("Key type: RSA (%1 bit)", strlen(x) * 4) + '\n'; - - rc += i18n("Modulus: "); -@@ -352,15 +358,18 @@ QString KSSLCertificate::getPublicKeyText() const - rc += '\n'; - d->kossl->OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.rsa->e); -+ x = d->kossl->BN_bn2hex(e); - rc += i18n("Exponent: 0x") + QLatin1String(x) + - QLatin1String("\n"); - d->kossl->OPENSSL_free(x); - } - #endif - #ifndef NO_DSA -- if (pkey->type == EVP_PKEY_DSA) { -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->p); -+ if (d->kossl->EVP_PKEY_base_id(pkey) == EVP_PKEY_DSA) { -+ auto dsa = d->kossl->EVP_PKEY_get0_DSA(pkey); -+ const BIGNUM *p, *q, *g; -+ d->kossl->DSA_get0_pqg(dsa, &p, &q, &g); -+ x = d->kossl->BN_bn2hex(p); - // hack - this may not be always accurate - rc = i18n("Key type: DSA (%1 bit)", strlen(x) * 4) + '\n'; - -@@ -376,7 +385,7 @@ QString KSSLCertificate::getPublicKeyText() const - rc += '\n'; - d->kossl->OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->q); -+ x = d->kossl->BN_bn2hex(q); - rc += i18n("160 bit prime factor: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i % 40 != 0 && i % 2 == 0) { -@@ -389,7 +398,7 @@ QString KSSLCertificate::getPublicKeyText() const - rc += '\n'; - d->kossl->OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->g); -+ x = d->kossl->BN_bn2hex(g); - rc += QString("g: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i % 40 != 0 && i % 2 == 0) { -@@ -402,7 +411,9 @@ QString KSSLCertificate::getPublicKeyText() const - rc += '\n'; - d->kossl->OPENSSL_free(x); - -- x = d->kossl->BN_bn2hex(pkey->pkey.dsa->pub_key); -+ const BIGNUM *pub_key; -+ d->kossl->DSA_get0_key(dsa, &pub_key, nullptr); -+ x = d->kossl->BN_bn2hex(pub_key); - rc += i18n("Public key: "); - for (unsigned int i = 0; i < strlen(x); i++) { - if (i % 40 != 0 && i % 2 == 0) { -@@ -692,7 +703,7 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi - return errors; - } - -- X509_STORE_set_verify_cb_func(certStore, X509Callback); -+ d->kossl->X509_STORE_set_verify_cb(certStore, X509Callback); - - certLookup = d->kossl->X509_STORE_add_lookup(certStore, d->kossl->X509_LOOKUP_file()); - if (!certLookup) { -@@ -733,9 +744,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi - KSSL_X509CallBack_ca = ca ? ca->d->m_cert : nullptr; - KSSL_X509CallBack_ca_found = false; - -- certStoreCTX->error = X509_V_OK; -+ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- int errcode = certStoreCTX->error; -+ int errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); - if (ca && !KSSL_X509CallBack_ca_found) { - ksslv = KSSLCertificate::Irrelevant; - } else { -@@ -748,9 +759,9 @@ KSSLCertificate::KSSLValidationList KSSLCertificate::validateVerbose(KSSLCertifi - d->kossl->X509_STORE_CTX_set_purpose(certStoreCTX, - X509_PURPOSE_NS_SSL_SERVER); - -- certStoreCTX->error = X509_V_OK; -+ d->kossl->X509_STORE_CTX_set_error(certStoreCTX, X509_V_OK); - rc = d->kossl->X509_verify_cert(certStoreCTX); -- errcode = certStoreCTX->error; -+ errcode = d->kossl->X509_STORE_CTX_get_error(certStoreCTX); - ksslv = processError(errcode); - } - d->kossl->X509_STORE_CTX_free(certStoreCTX); -@@ -982,7 +993,7 @@ KSSLCertificate::KSSLValidation KSSLCertificate::processError(int ec) - QString KSSLCertificate::getNotBefore() const - { - #if KSSL_HAVE_SSL -- return ASN1_UTCTIME_QString(X509_get_notBefore(d->m_cert)); -+ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notBefore(d->m_cert)); - #else - return QString(); - #endif -@@ -991,7 +1002,7 @@ QString KSSLCertificate::getNotBefore() const - QString KSSLCertificate::getNotAfter() const - { - #if KSSL_HAVE_SSL -- return ASN1_UTCTIME_QString(X509_get_notAfter(d->m_cert)); -+ return ASN1_UTCTIME_QString(d->kossl->X509_getm_notAfter(d->m_cert)); - #else - return QString(); - #endif -@@ -1000,7 +1011,7 @@ QString KSSLCertificate::getNotAfter() const - QDateTime KSSLCertificate::getQDTNotBefore() const - { - #if KSSL_HAVE_SSL -- return ASN1_UTCTIME_QDateTime(X509_get_notBefore(d->m_cert), nullptr); -+ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notBefore(d->m_cert), nullptr); - #else - return QDateTime::currentDateTime(); - #endif -@@ -1009,7 +1020,7 @@ QDateTime KSSLCertificate::getQDTNotBefore() const - QDateTime KSSLCertificate::getQDTNotAfter() const - { - #if KSSL_HAVE_SSL -- return ASN1_UTCTIME_QDateTime(X509_get_notAfter(d->m_cert), nullptr); -+ return ASN1_UTCTIME_QDateTime(d->kossl->X509_getm_notAfter(d->m_cert), nullptr); - #else - return QDateTime::currentDateTime(); - #endif -@@ -1210,7 +1221,8 @@ typedef struct NETSCAPE_X509_st { - QByteArray KSSLCertificate::toNetscape() - { - QByteArray qba; --#if KSSL_HAVE_SSL -+ // no equivalent in OpenSSL 1.1.0 (?), so behave as if we had no OpenSSL at all -+#if KSSL_HAVE_SSL && OPENSSL_VERSION_NUMBER < 0x10100000L - NETSCAPE_X509 nx; - ASN1_OCTET_STRING hdr; - QTemporaryFile ktf; -@@ -1294,10 +1306,10 @@ QStringList KSSLCertificate::subjAltNames() const - return rc; - } - -- int cnt = d->kossl->sk_GENERAL_NAME_num(names); -+ int cnt = d->kossl->OPENSSL_sk_num((STACK *)names); - - for (int i = 0; i < cnt; i++) { -- const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->sk_value(names, i); -+ const GENERAL_NAME *val = (const GENERAL_NAME *)d->kossl->OPENSSL_sk_value(names, i); - if (val->type != GEN_DNS) { - continue; - } -@@ -1309,7 +1321,7 @@ QStringList KSSLCertificate::subjAltNames() const - rc += s; - } - } -- d->kossl->sk_free(names); -+ d->kossl->OPENSSL_sk_free(names); - #endif - return rc; - } --- -2.13.2 - diff --git a/kdelibs4support-5.39.0.tar.xz b/kdelibs4support-5.39.0.tar.xz deleted file mode 100644 index 0f071ba..0000000 --- a/kdelibs4support-5.39.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d735000260d8565e812b96c81d510acef14f7b66e9fcbbd2d42711bd1bfcb20f -size 3340204 diff --git a/kdelibs4support-5.40.0.tar.xz b/kdelibs4support-5.40.0.tar.xz new file mode 100644 index 0000000..ddf84f6 --- /dev/null +++ b/kdelibs4support-5.40.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f9d7508aa6a72a186ba7d922e82ca49a5ac5d76e1fa02af995d17208128995df +size 3341884 diff --git a/kdelibs4support.changes b/kdelibs4support.changes index 702a740..06d0906 100644 --- a/kdelibs4support.changes +++ b/kdelibs4support.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Mon Nov 13 07:01:14 CET 2017 - lbeltrame@kde.org + +- Update to 5.40.0 + * New feature release + * For more details please see: + * https://www.kde.org/announcements/kde-frameworks-5.40.0.php +- Changes since 5.39.0: + * full docu for disableSessionManagement() replacement + * Make kssl compile against OpenSSL 1.1.0 (kde#370223) + * Add .arcconfig +- Remove patches, now upstream: + * 0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch + ------------------------------------------------------------------- Mon Oct 23 06:41:39 CEST 2017 - lbeltrame@kde.org diff --git a/kdelibs4support.spec b/kdelibs4support.spec index 45c7d32..c314340 100644 --- a/kdelibs4support.spec +++ b/kdelibs4support.spec @@ -18,13 +18,13 @@ %bcond_without lang %define lname libKF5KDELibs4Support5 -%define _tar_path 5.39 +%define _tar_path 5.40 # Full KF5 version (e.g. 5.33.0) %{!?_kf5_version: %global _kf5_version %{version}} # Last major and minor KF5 version (e.g. 5.33) %{!?_kf5_bugfix_version: %global _kf5_bugfix_version %(echo %{_kf5_version} | awk -F. '{print $1"."$2}')} Name: kdelibs4support -Version: 5.39.0 +Version: 5.40.0 Release: 0 %define kf5_version %{version} BuildRequires: NetworkManager-devel @@ -79,8 +79,6 @@ Group: System/GUI/KDE Url: http://www.kde.org Source: http://download.kde.org/stable/frameworks/%{_tar_path}/portingAids/%{name}-%{version}.tar.xz Source1: baselibs.conf -# PATCH-FIX-UPSTREAM -Patch1: 0001-Make-kssl-compile-against-OpenSSL-1.1.0.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -193,7 +191,6 @@ KDEDIRS environment variable correctly. Development files. %lang_package %prep %setup -q -%patch1 -p1 %build %cmake_kf5 -d build