[arch-commits] Commit in qt4/trunk (PKGBUILD disable-sslv3.patch)
Jan Steffens
heftig at archlinux.org
Fri Mar 4 10:31:39 UTC 2016
Date: Friday, March 4, 2016 @ 11:31:38
Author: heftig
Revision: 260789
Disable SSLv3
Added:
qt4/trunk/disable-sslv3.patch
Modified:
qt4/trunk/PKGBUILD
---------------------+
PKGBUILD | 5 ++++
disable-sslv3.patch | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 59 insertions(+)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-03-04 10:30:52 UTC (rev 260788)
+++ PKGBUILD 2016-03-04 10:31:38 UTC (rev 260789)
@@ -37,6 +37,7 @@
'kubuntu_14_systemtrayicon.diff'
'kde4-settings.patch'
'glib-honor-ExcludeSocketNotifiers-flag.diff'
+ 'disable-sslv3.patch'
'l-qclipboard_fix_recursive.patch'
'l-qclipboard_delay.patch')
md5sums=('d990ee66bf7ab0c785589776f35ba6ad'
@@ -50,6 +51,7 @@
'a523644faa8f98a73f55c4aa23c114a6'
'66dfea63916c8dbf47b23cb012ffdccc'
'85679531c8a7310317adfb7002d9f99a'
+ '1803ab6313df762d807678e58fc85f53'
'009de09b4e589a7770fba74405656c99'
'addc5e88d538ee55e17bd49ba337ca67')
@@ -76,6 +78,9 @@
# https://bugreports.qt.io/browse/QTBUG-38585
patch -p0 -i "${srcdir}"/l-qclipboard_delay.patch
+ # React to OpenSSL's OPENSSL_NO_SSL3 define
+ patch -p1 -i "${srcdir}"/disable-sslv3.patch
+
sed -i "s|-O2|${CXXFLAGS}|" mkspecs/common/{g++,gcc}-base.conf
sed -i "/^QMAKE_LFLAGS_RPATH/s| -Wl,-rpath,||g" mkspecs/common/gcc-base-unix.conf
sed -i "/^QMAKE_LFLAGS\s/s|+=|+= ${LDFLAGS}|g" mkspecs/common/gcc-base.conf
Added: disable-sslv3.patch
===================================================================
--- disable-sslv3.patch (rev 0)
+++ disable-sslv3.patch 2016-03-04 10:31:38 UTC (rev 260789)
@@ -0,0 +1,54 @@
+diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 16:14:44.000000000 +0200
++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp 2016-03-04 11:29:17.119300898 +0100
+@@ -267,7 +267,11 @@
+ #endif
+ break;
+ case QSsl::SslV3:
++#ifndef OPENSSL_NO_SSL3
+ ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
++#else
++ ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error
++#endif
+ break;
+ case QSsl::SecureProtocols: // SslV2 will be disabled below
+ case QSsl::TlsV1SslV3: // SslV2 will be disabled below
+diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 16:14:44.000000000 +0200
++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp 2016-03-04 11:28:52.806050135 +0100
+@@ -228,13 +228,17 @@
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #else
+@@ -822,13 +826,17 @@
+ #ifndef OPENSSL_NO_SSL2
+ RESOLVEFUNC(SSLv2_client_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ RESOLVEFUNC(SSLv3_client_method)
++#endif
+ RESOLVEFUNC(SSLv23_client_method)
+ RESOLVEFUNC(TLSv1_client_method)
+ #ifndef OPENSSL_NO_SSL2
+ RESOLVEFUNC(SSLv2_server_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ RESOLVEFUNC(SSLv3_server_method)
++#endif
+ RESOLVEFUNC(SSLv23_server_method)
+ RESOLVEFUNC(TLSv1_server_method)
+ RESOLVEFUNC(X509_NAME_entry_count)
More information about the arch-commits
mailing list