From d20e06ac0cb2d830c612b83b043a5d5a211a2504 Mon Sep 17 00:00:00 2001
From: Treeve Jelbert <treeve@sourcemage.org>
Date: Sat, 21 Oct 2017 14:50:51 +0200
Subject: [PATCH 2/3] libressl is not openssl-1.1 fix
 qsslsocket_openssl_symbols libressl-2.8.0 fixes EVP_get_digestbyname usage
 configure.json

---
 src/network/configure.json                       |  2 +-
 src/network/ssl/qsslcontext_openssl.cpp          |  2 +-
 src/network/ssl/qsslkey_openssl.cpp              |  5 +++++
 src/network/ssl/qsslsocket_openssl_symbols.cpp   | 16 ++++++++++++++--
 src/network/ssl/qsslsocket_openssl_symbols_p.h   |  7 +++++--
 .../ssl/qsslsocket_opensslpre11_symbols_p.h      |  5 +++++
 6 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/src/network/configure.json b/src/network/configure.json
index 07d46b790e..7c11acb34a 100644
--- a/src/network/configure.json
+++ b/src/network/configure.json
@@ -167,7 +167,7 @@
             "test": {
                 "include": "openssl/opensslv.h",
                 "tail": [
-                    "#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER-0 < 0x10100000L",
+                    "#if !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER-0 < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)",
                     "#  error OpenSSL >= 1.1 is required",
                     "#endif"
                 ]
diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp
index e81e5582f4..cbaa480400 100644
--- a/src/network/ssl/qsslcontext_openssl.cpp
+++ b/src/network/ssl/qsslcontext_openssl.cpp
@@ -265,7 +265,7 @@ void QSslContext::applyBackendConfig(QSslContext *sslContext)
     }
 #endif // ocsp

-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && ! defined(LIBRESSL_VERSION_NUMBER)
     if (QSslSocket::sslLibraryVersionNumber() >= 0x10002000L) {
         QSharedPointer<SSL_CONF_CTX> cctx(q_SSL_CONF_CTX_new(), &q_SSL_CONF_CTX_free);
         if (cctx) {
diff --git a/src/network/ssl/qsslkey_openssl.cpp b/src/network/ssl/qsslkey_openssl.cpp
index 99c1a39c73..c2844df0d7 100644
--- a/src/network/ssl/qsslkey_openssl.cpp
+++ b/src/network/ssl/qsslkey_openssl.cpp
@@ -371,8 +371,13 @@ static QByteArray doCrypt(QSslKeyPrivate::Cipher cipher, const QByteArray &data,
     q_EVP_CipherUpdate(ctx,
         reinterpret_cast<unsigned char *>(output.data()), &len,
         reinterpret_cast<const unsigned char *>(data.constData()), data.size());
+#ifdef LIBRESSL_VERSION_NUMBER
+    q_EVP_CipherFinal_ex(ctx,
+        reinterpret_cast<unsigned char *>(output.data()) + len, &i);
+#else
     q_EVP_CipherFinal(ctx,
         reinterpret_cast<unsigned char *>(output.data()) + len, &i);
+#endif
     len += i;

 #if QT_CONFIG(opensslv11)
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
index 93b54aaa67..73b9d942de 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -247,8 +247,13 @@ DEFINEFUNC3(void *, ASN1_dup, i2d_of_void *a, a, d2i_of_void *b, b, char *c, c,
 #endif
 DEFINEFUNC2(BIO *, BIO_new_file, const char *filename, filename, const char *mode, mode, return nullptr, return)
 DEFINEFUNC(void, ERR_clear_error, DUMMYARG, DUMMYARG, return, DUMMYARG)
+#ifdef LIBRESSL_VERSION_NUMBER
+DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return nullptr, return)
+DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
+#else
 DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return nullptr, return)
 DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
+#endif // libressl
 DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return)
 DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG)
 DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG)
@@ -350,7 +355,11 @@ DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX *ctx, ctx, int ke
 DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *type, type, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
 DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *cipher, cipher, ENGINE *impl, impl, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
 DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, const unsigned char *in, in, int inl, inl, return 0, return)
+#ifdef LIBRESSL_VERSION_NUMBER
+DEFINEFUNC3(int, EVP_CipherFinal_ex, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, return 0, return)
+#else
 DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, return 0, return)
+#endif // LIBRESSL_VERSION_NUMBER
 DEFINEFUNC(const EVP_MD *, EVP_get_digestbyname, const char *name, name, return nullptr, return)
 #ifndef OPENSSL_NO_DES
 DEFINEFUNC(const EVP_CIPHER *, EVP_des_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
@@ -439,7 +448,7 @@ DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -
 DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return)
 DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
 DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return)
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && ! defined(LIBRESSL_VERSION_NUMBER)
 DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return);
 DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return);
 DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return);
@@ -602,7 +611,7 @@ bool q_resolveOpenSslSymbols()
                      "of libraries.");
     return false;
 }
-#else
+#endif

 # ifdef Q_OS_UNIX
 struct NumericallyLess
@@ -1169,6 +1178,9 @@ bool q_resolveOpenSslSymbols()
     RESOLVEFUNC(EVP_CipherInit)
     RESOLVEFUNC(EVP_CipherInit_ex)
     RESOLVEFUNC(EVP_CipherUpdate)
+#ifdef LIBRESSL_VERSION_NUMBER
+    RESOLVEFUNC(EVP_CipherFinal_ex)
+#else
     RESOLVEFUNC(EVP_CipherFinal)
     RESOLVEFUNC(EVP_get_digestbyname)
 #ifndef OPENSSL_NO_DES
diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
index e09820b2f2..331c89f563 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
+++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
@@ -238,7 +238,7 @@ int q_BIO_read(BIO *a, void *b, int c);
 Q_AUTOTEST_EXPORT int q_BIO_write(BIO *a, const void *b, int c);
 int q_BN_num_bits(const BIGNUM *a);

-#if QT_CONFIG(opensslv11)
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L  && ! defined(LIBRESSL_VERSION_NUMBER)
 int q_BN_is_word(BIGNUM *a, BN_ULONG w);
 #else // opensslv11
 // BN_is_word is implemented purely as a
@@ -271,6 +271,9 @@ int q_EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
 int q_EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, const unsigned char *key, const unsigned char *iv, int enc);
 int q_EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
 int q_EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, const unsigned char *in, int inl);
+#ifdef LIBRESSL_VERSION_NUMBER
+int q_EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+#endif
 int q_EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
 const EVP_MD *q_EVP_get_digestbyname(const char *name);

@@ -372,7 +375,7 @@ int q_SSL_CTX_use_PrivateKey(SSL_CTX *a, EVP_PKEY *b);
 int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b);
 int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c);
 X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a);
-#if OPENSSL_VERSION_NUMBER >= 0x10002000L
+#if OPENSSL_VERSION_NUMBER >= 0x10002000L && ! defined(LIBRESSL_VERSION_NUMBER)
 SSL_CONF_CTX *q_SSL_CONF_CTX_new();
 void q_SSL_CONF_CTX_free(SSL_CONF_CTX *a);
 void q_SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *a, SSL_CTX *b);
diff --git a/src/network/ssl/qsslsocket_opensslpre11_symbols_p.h b/src/network/ssl/qsslsocket_opensslpre11_symbols_p.h
index 46b6505346..505837abb0 100644
--- a/src/network/ssl/qsslsocket_opensslpre11_symbols_p.h
+++ b/src/network/ssl/qsslsocket_opensslpre11_symbols_p.h
@@ -78,8 +78,13 @@
 unsigned char * q_ASN1_STRING_data(ASN1_STRING *a);
 BIO *q_BIO_new_file(const char *filename, const char *mode);
 void q_ERR_clear_error();
+#ifdef LIBRESSL_VERSION_NUMBER
+Q_AUTOTEST_EXPORT BIO *q_BIO_new(const BIO_METHOD *a);
+Q_AUTOTEST_EXPORT const BIO_METHOD *q_BIO_s_mem();
+#else
 Q_AUTOTEST_EXPORT BIO *q_BIO_new(BIO_METHOD *a);
 Q_AUTOTEST_EXPORT BIO_METHOD *q_BIO_s_mem();
+#endif //libressl
 int q_CRYPTO_num_locks();
 void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int));
 void q_CRYPTO_set_id_callback(unsigned long (*a)());
--
2.21.0