From owner-svn-ports-head@freebsd.org  Wed Oct 31 02:29:05 2018
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id ED8EC1074336;
 Wed, 31 Oct 2018 02:29:04 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 94F9E861BB;
 Wed, 31 Oct 2018 02:29:04 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 717BF26118;
 Wed, 31 Oct 2018 02:29:04 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w9V2T4Hw056795;
 Wed, 31 Oct 2018 02:29:04 GMT (envelope-from danfe@FreeBSD.org)
Received: (from danfe@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w9V2T3nP056791;
 Wed, 31 Oct 2018 02:29:03 GMT (envelope-from danfe@FreeBSD.org)
Message-Id: <201810310229.w9V2T3nP056791@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: danfe set sender to
 danfe@FreeBSD.org using -f
From: Alexey Dokuchaev <danfe@FreeBSD.org>
Date: Wed, 31 Oct 2018 02:29:03 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r483545 - in head/net/qt4-network: . files
X-SVN-Group: ports-head
X-SVN-Commit-Author: danfe
X-SVN-Commit-Paths: in head/net/qt4-network: . files
X-SVN-Commit-Revision: 483545
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2018 02:29:05 -0000

Author: danfe
Date: Wed Oct 31 02:29:03 2018
New Revision: 483545
URL: https://svnweb.freebsd.org/changeset/ports/483545

Log:
  Unbreak the build against newer versions of OpenSSL (since 1.1.0-pre5),
  where many data structures were made opaque.

Added:
  head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp   (contents, props changed)
  head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp   (contents, props changed)
Modified:
  head/net/qt4-network/Makefile
  head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp

Modified: head/net/qt4-network/Makefile
==============================================================================
--- head/net/qt4-network/Makefile	Wed Oct 31 02:14:50 2018	(r483544)
+++ head/net/qt4-network/Makefile	Wed Oct 31 02:29:03 2018	(r483545)
@@ -13,9 +13,6 @@ COMMENT=	Qt network module
 LICENSE=	GPLv3 LGPL21 LGPL3 GFDL
 LICENSE_COMB=	dual
 
-BROKEN_SSL=	openssl-devel
-BROKEN_SSL_REASON_openssl-devel=	error: member access into incomplete type 'RSA' (aka 'rsa_st')
-
 RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
 
 USES=		qmake:no_env qt-dist:4 ssl

Added: head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslcertificate.cpp	Wed Oct 31 02:29:03 2018	(r483545)
@@ -0,0 +1,44 @@
+--- src/network/ssl/qsslcertificate.cpp.orig	2015-05-07 14:14:44 UTC
++++ src/network/ssl/qsslcertificate.cpp
+@@ -261,7 +261,7 @@ QByteArray QSslCertificate::version() const
+     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+     if (d->versionString.isEmpty() && d->x509)
+         d->versionString =
+-            QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
++            QByteArray::number(qlonglong(X509_get_version(d->x509)) + 1);
+ 
+     return d->versionString;
+ }
+@@ -276,7 +276,7 @@ QByteArray QSslCertificate::serialNumber() const
+ {
+     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+     if (d->serialNumberString.isEmpty() && d->x509) {
+-        ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
++        ASN1_INTEGER *serialNumber = X509_get_serialNumber(d->x509);
+         // if we cannot convert to a long, just output the hexadecimal number
+         if (serialNumber->length > 4) {
+             QByteArray hexString;
+@@ -489,19 +489,19 @@ QSslKey QSslCertificate::publicKey() const
+     QSslKey key;
+ 
+     key.d->type = QSsl::PublicKey;
+-    X509_PUBKEY *xkey = d->x509->cert_info->key;
++    X509_PUBKEY *xkey = X509_get_X509_PUBKEY(d->x509);
+     EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
+     Q_ASSERT(pkey);
+ 
+-    if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
++    if (q_EVP_PKEY_type(EVP_PKEY_id(pkey)) == EVP_PKEY_RSA) {
+         key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
+         key.d->algorithm = QSsl::Rsa;
+         key.d->isNull = false;
+-    } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
++    } else if (q_EVP_PKEY_type(EVP_PKEY_id(pkey)) == EVP_PKEY_DSA) {
+         key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
+         key.d->algorithm = QSsl::Dsa;
+         key.d->isNull = false;
+-    } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
++    } else if (q_EVP_PKEY_type(EVP_PKEY_id(pkey)) == EVP_PKEY_DH) {
+         // DH unsupported
+     } else {
+         // error?

Added: head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslkey.cpp	Wed Oct 31 02:29:03 2018	(r483545)
@@ -0,0 +1,17 @@
+--- src/network/ssl/qsslkey.cpp.orig	2015-05-07 14:14:44 UTC
++++ src/network/ssl/qsslkey.cpp
+@@ -321,8 +321,12 @@ int QSslKey::length() const
+ {
+     if (d->isNull)
+         return -1;
+-    return (d->algorithm == QSsl::Rsa)
+-           ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
++    return (d->algorithm == QSsl::Rsa) ?
++#if OPENSSL_VERSION_NUMBER >= 0x10100005L
++        q_BN_num_bits(RSA_get0_n(d->rsa)) : q_BN_num_bits(DSA_get0_p(d->dsa));
++#else
++        q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
++#endif
+ }
+ 
+ /*!

Modified: head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
==============================================================================
--- head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp	Wed Oct 31 02:14:50 2018	(r483544)
+++ head/net/qt4-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp	Wed Oct 31 02:29:03 2018	(r483545)
@@ -2,7 +2,17 @@
 *
 --- src/network/ssl/qsslsocket_openssl.cpp.orig	2015-05-07 14:14:44 UTC
 +++ src/network/ssl/qsslsocket_openssl.cpp
-@@ -267,9 +267,13 @@ init_context:
+@@ -222,8 +222,7 @@ QSslCipher QSslSocketBackendPrivate::QSslCipher_from_S
+             ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
+         ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
+ 
+-        ciph.d->bits = cipher->strength_bits;
+-        ciph.d->supportedBits = cipher->alg_bits;
++        ciph.d->bits = SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits);
+ 
+     }
+     return ciph;
+@@ -267,9 +266,13 @@ init_context:
  #endif
          break;
      case QSsl::SslV3:
@@ -17,7 +27,7 @@
      case QSsl::TlsV1SslV3: // SslV2 will be disabled below
      case QSsl::AnyProtocol:
      default:
-@@ -297,8 +301,10 @@ init_context:
+@@ -297,8 +300,10 @@ init_context:
  
      // Enable bug workarounds.
      long options;
@@ -28,4 +38,40 @@
 +        options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3;
      else
          options = SSL_OP_ALL;
+ 
+@@ -325,7 +330,7 @@ init_context:
+         options |= SSL_OP_NO_COMPRESSION;
+ #endif
+ 
+-    q_SSL_CTX_set_options(ctx, options);
++    SSL_CTX_set_options(ctx, options);
+ 
+     // Initialize ciphers
+     QByteArray cipherString;
+@@ -363,7 +368,7 @@ init_context:
+         //
+         // See also: QSslContext::fromConfiguration()
+         if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
+-            q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
++            q_X509_STORE_add_cert(SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle());
+         }
+     }
+ 
+@@ -659,13 +664,17 @@ void QSslSocketPrivate::resetDefaultCiphers()
+     STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
+     for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
+         if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+             if (cipher->valid) {
++#endif
+                 QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
+                 if (!ciph.isNull()) {
+                     if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
+                         ciphers << ciph;
+                 }
++#if OPENSSL_VERSION_NUMBER < 0x10100005L
+             }
++#endif
+         }
+     }