From owner-svn-ports-head@freebsd.org  Tue Mar  7 02:45:49 2017
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11818D00051;
 Tue,  7 Mar 2017 02:45:49 +0000 (UTC)
 (envelope-from rezny@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C3E641E35;
 Tue,  7 Mar 2017 02:45:48 +0000 (UTC)
 (envelope-from rezny@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v272jl0r001828;
 Tue, 7 Mar 2017 02:45:47 GMT (envelope-from rezny@FreeBSD.org)
Received: (from rezny@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id v272jlj0001823;
 Tue, 7 Mar 2017 02:45:47 GMT (envelope-from rezny@FreeBSD.org)
Message-Id: <201703070245.v272jlj0001823@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: rezny set sender to
 rezny@FreeBSD.org using -f
From: Matthew Rezny <rezny@FreeBSD.org>
Date: Tue, 7 Mar 2017 02:45:47 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r435579 - in head/net/qt5-network: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 02:45:49 -0000

Author: rezny
Date: Tue Mar  7 02:45:47 2017
New Revision: 435579
URL: https://svnweb.freebsd.org/changeset/ports/435579

Log:
  Fix to build with libressl as well as libressl-devel and simplify patch
  
  PR:		217220
  Reported by:	w.schwarzenfeld@utanet.at
  Approved by:	swills (mentor)
  Differential Revision:	https://reviews.freebsd.org/D9914

Added:
  head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp   (contents, props changed)
Modified:
  head/net/qt5-network/Makefile
  head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp
  head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
  head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h

Modified: head/net/qt5-network/Makefile
==============================================================================
--- head/net/qt5-network/Makefile	Tue Mar  7 02:31:49 2017	(r435578)
+++ head/net/qt5-network/Makefile	Tue Mar  7 02:45:47 2017	(r435579)
@@ -2,6 +2,7 @@
 
 PORTNAME=	network
 DISTVERSION=	${QT5_VERSION}
+PORTREVISION=	1
 CATEGORIES=	net ipv6
 PKGNAMEPREFIX=	qt5-
 

Modified: head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp
==============================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp	Tue Mar  7 02:31:49 2017	(r435578)
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslcontext__openssl.cpp	Tue Mar  7 02:45:47 2017	(r435579)
@@ -1,14 +1,10 @@
 * Instead of using the SSL_CTRL_SET_CURVES macros which only exists in OpenSSL,
-* call the SSL_CTX_set1_curves functions as suggested by BoringSSL porting docs
-* and which is the function in OpenSSL that is called through the replaced macro.
-* LibreSSL has a SSL_CTX_set1_groups functions and provides a compat macro.
-* Unfortunately, since Qt resolves the symbols at runtime, we cannot call through
-* that macro and must instead explicitly call SSL_CTX_set1_groups if the library
-* doesn't export a function called SSL_CTX_set1_curves, as in the case of LibreSSL.
+* call the SSL_CTX_set1_groups function, which exists in LibreSSL as well as in 
+* OpenSSL and is what would be called through the macro 
 *
 --- src/network/ssl/qsslcontext_openssl.cpp.orig	2016-12-01 08:17:04 UTC
 +++ src/network/ssl/qsslcontext_openssl.cpp
-@@ -350,14 +350,24 @@ init_context:
+@@ -350,12 +350,9 @@ init_context:
  #if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)
          // Set the curves to be used
          if (q_SSLeay() >= 0x10002000L) {
@@ -18,26 +14,9 @@
 -                                SSL_CTRL_SET_CURVES,
 -                                qcurves.size(),
 -                                const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())))) {
--                sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
--                sslContext->errorCode = QSslError::UnspecifiedError;
-+            switch (q_SSL_CTX_set1_curves(sslContext->ctx,
-+                                          const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())),
-+                                          qcurves.size())) {
-+                case 1:
-+                default:
-+                    break;
-+                case 0:
-+                    sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
-+                    sslContext->errorCode = QSslError::UnspecifiedError;
-+                    break;
-+                case -1:
-+                    if (q_SSL_CTX_set1_groups(sslContext->ctx,
-+                                              reinterpret_cast<const int *>(qcurves.data()),
-+                                              qcurves.size()) < 1) {
-+                        sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
-+                        sslContext->errorCode = QSslError::UnspecifiedError;
-+                    }
-+                    break;
++            if (!q_SSL_CTX_set1_groups(sslContext->ctx,
++                                       const_cast<int *>(reinterpret_cast<const int *>(qcurves.data())),
++                                       qcurves.size())) {
+                 sslContext->errorStr = msgErrorSettingEllipticCurves(QSslSocketBackendPrivate::getErrorsFromOpenSsl());
+                 sslContext->errorCode = QSslError::UnspecifiedError;
              }
-         } else
- #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC)

Added: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl.cpp	Tue Mar  7 02:45:47 2017	(r435579)
@@ -0,0 +1,20 @@
+* check macro is defined instead of version, LibreSSL < 2.5 doesn't have SSL_CTRL_GET_SERVER_TMP_KEY
+*
+--- src/network/ssl/qsslsocket_openssl.cpp.orig	2016-12-01 08:17:04 UTC
++++ src/network/ssl/qsslsocket_openssl.cpp
+@@ -1587,13 +1587,13 @@ void QSslSocketBackendPrivate::continueH
+     }
+ #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if defined(SSL_CTRL_GET_SERVER_TMP_KEY)
+     if (q_SSLeay() >= 0x10002000L && mode == QSslSocket::SslClientMode) {
+         EVP_PKEY *key;
+         if (q_SSL_get_server_tmp_key(ssl, &key))
+             configuration.ephemeralServerKey = QSslKey(key, QSsl::PublicKey);
+     }
+-#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...
++#endif // defined(SSL_CTRL_GET_SERVER_TMP_KEY)
+ 
+     connectionEncrypted = true;
+     emit q->encrypted();

Modified: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp
==============================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp	Tue Mar  7 02:31:49 2017	(r435578)
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols.cpp	Tue Mar  7 02:45:47 2017	(r435579)
@@ -1,20 +1,19 @@
-* Boilerplate for SSL_CTX_set1_curves/groups() used in qsslcontext_openssl.cpp
+* Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp
 *
 * Prepend the path of the SSL libraries used for building so the same libraries are
 * found and loaded at runtime. Normal search finds base SSL libraries before ports.
 *
---- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig	2016-09-16 05:49:42 UTC
+--- src/network/ssl/qsslsocket_openssl_symbols.cpp.orig	2016-12-01 08:17:04 UTC
 +++ src/network/ssl/qsslsocket_openssl_symbols.cpp
-@@ -424,6 +424,8 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ec
+@@ -430,6 +430,7 @@ DEFINEFUNC(void, EC_KEY_free, EC_KEY *ec
  DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return)
  #if OPENSSL_VERSION_NUMBER >= 0x10002000L
  DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return)
-+DEFINEFUNC3(int, SSL_CTX_set1_curves, SSL_CTX *a, a, int *b, b, int c, c, return -1, return)
-+DEFINEFUNC3(int, SSL_CTX_set1_groups, SSL_CTX *a, a, const int *b, b, size_t c, c, return -1, return)
++DEFINEFUNC3(int, SSL_CTX_set1_groups, SSL_CTX *a, a, int *b, b, int c, c, return -1, return)
  #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
  #endif // OPENSSL_NO_EC
  
-@@ -652,8 +654,8 @@ static QPair<QLibrary*, QLibrary*> loadO
+@@ -658,8 +659,8 @@ static QPair<QLibrary*, QLibrary*> loadO
  #endif
  #if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
      // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
@@ -25,7 +24,7 @@
      if (libcrypto->load() && libssl->load()) {
          // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
          return pair;
-@@ -670,8 +672,8 @@ static QPair<QLibrary*, QLibrary*> loadO
+@@ -676,8 +677,8 @@ static QPair<QLibrary*, QLibrary*> loadO
      //  OS X's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
      //    attempt, _after_ <bundle>/Contents/Frameworks has been searched.
      //  iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
@@ -36,14 +35,13 @@
      if (libcrypto->load() && libssl->load()) {
          // libssl.so.0 and libcrypto.so.0 found
          return pair;
-@@ -976,8 +978,11 @@ bool q_resolveOpenSslSymbols()
+@@ -982,8 +983,10 @@ bool q_resolveOpenSslSymbols()
      RESOLVEFUNC(EC_KEY_free)
      RESOLVEFUNC(EC_get_builtin_curves)
  #if OPENSSL_VERSION_NUMBER >= 0x10002000L
 -    if (q_SSLeay() >= 0x10002000L)
 +    if (q_SSLeay() >= 0x10002000L) {
          RESOLVEFUNC(EC_curve_nist2nid)
-+        RESOLVEFUNC(SSL_CTX_set1_curves)
 +        RESOLVEFUNC(SSL_CTX_set1_groups)
 +	}
  #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L

Modified: head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h
==============================================================================
--- head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h	Tue Mar  7 02:31:49 2017	(r435578)
+++ head/net/qt5-network/files/patch-src_network_ssl_qsslsocket__openssl__symbols__p.h	Tue Mar  7 02:45:47 2017	(r435579)
@@ -1,13 +1,21 @@
-* Boilerplate for SSL_CTX_set1_curves/groups() used in qsslcontext_openssl.cpp
+* Boilerplate for SSL_CTX_set1_groups() used in qsslcontext_openssl.cpp
 *
---- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig	2016-09-16 05:49:42 UTC
+* check macro is defined instead of version, LibreSSL < 2.5 doesn't have SSL_CTRL_GET_SERVER_TMP_KEY
+*
+--- src/network/ssl/qsslsocket_openssl_symbols_p.h.orig	2016-12-01 08:17:04 UTC
 +++ src/network/ssl/qsslsocket_openssl_symbols_p.h
-@@ -481,6 +481,8 @@ void q_EC_KEY_free(EC_KEY *ecdh);
+@@ -487,11 +487,12 @@ void q_EC_KEY_free(EC_KEY *ecdh);
  size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
  #if OPENSSL_VERSION_NUMBER >= 0x10002000L
  int q_EC_curve_nist2nid(const char *name);
-+int q_SSL_CTX_set1_curves(SSL_CTX *a, int *b, int c);
-+int q_SSL_CTX_set1_groups(SSL_CTX *a, const int *b, size_t c);
++int q_SSL_CTX_set1_groups(SSL_CTX *a, int *b, int c);
  #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
  #endif // OPENSSL_NO_EC
+-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++#if defined(SSL_CTRL_GET_SERVER_TMP_KEY)
+ #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key)
+-#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
++#endif // defined(SSL_CTRL_GET_SERVER_TMP_KEY)
  
+ // PKCS#12 support
+ int q_PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);