[arch-commits] Commit in lib32-qt4/trunk (PKGBUILD disable-sslv3.patch)
Bartłomiej Piotrowski
bpiotrowski at archlinux.org
Fri Mar 4 21:21:21 UTC 2016
Date: Friday, March 4, 2016 @ 22:21:20
Author: bpiotrowski
Revision: 164854
Disable SSLv3
Added:
lib32-qt4/trunk/disable-sslv3.patch
Modified:
lib32-qt4/trunk/PKGBUILD
---------------------+
PKGBUILD | 10 +++++++--
disable-sslv3.patch | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 62 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-03-04 21:16:25 UTC (rev 164853)
+++ PKGBUILD 2016-03-04 21:21:20 UTC (rev 164854)
@@ -24,12 +24,15 @@
conflicts=(lib32-qtwebkit lib32-qt)
_pkgfqn="qt-everywhere-opensource-src-${pkgver}"
source=("http://download.qt-project.org/official_releases/qt/4.8/${pkgver}/${_pkgfqn}.tar.gz"
- "kubuntu_14_systemtrayicon.diff")
+ "kubuntu_14_systemtrayicon.diff"
+ "disable-sslv3.patch")
md5sums=('d990ee66bf7ab0c785589776f35ba6ad'
- 'a523644faa8f98a73f55c4aa23c114a6')
+ 'a523644faa8f98a73f55c4aa23c114a6'
+ '1803ab6313df762d807678e58fc85f53')
export CC='clang'
export CXX='clang++'
+
prepare() {
cd $srcdir/$_pkgfqn
@@ -40,6 +43,9 @@
# http://blog.martin-graesslin.com/blog/2014/06/where-are-my-systray-icons/
patch -p1 -i "${srcdir}"/kubuntu_14_systemtrayicon.diff
+ # disable SSLv3
+ patch -p1 -i "${srcdir}"/disable-sslv3.patch
+
# some of those are likely unnecessary, but I'm too lazy to find and remove them
sed -i "/^QMAKE_LINK\s/s|g++|g++ -m32|g" mkspecs/common/g++-base.conf
sed -i "s|-O2|${CXXFLAGS} -m32|" mkspecs/common/g++-base.conf
Added: disable-sslv3.patch
===================================================================
--- disable-sslv3.patch (rev 0)
+++ disable-sslv3.patch 2016-03-04 21:21:20 UTC (rev 164854)
@@ -0,0 +1,54 @@
+diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 16:14:44.000000000 +0200
++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl.cpp 2016-03-04 11:29:17.119300898 +0100
+@@ -267,7 +267,11 @@
+ #endif
+ break;
+ case QSsl::SslV3:
++#ifndef OPENSSL_NO_SSL3
+ ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
++#else
++ ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error
++#endif
+ break;
+ case QSsl::SecureProtocols: // SslV2 will be disabled below
+ case QSsl::TlsV1SslV3: // SslV2 will be disabled below
+diff -u -r qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 16:14:44.000000000 +0200
++++ qt-everywhere-opensource-src-4.8.7-nossl3/src/network/ssl/qsslsocket_openssl_symbols.cpp 2016-03-04 11:28:52.806050135 +0100
+@@ -228,13 +228,17 @@
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
+ #ifndef OPENSSL_NO_SSL2
+ DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
++#endif
+ DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
+ #else
+@@ -822,13 +826,17 @@
+ #ifndef OPENSSL_NO_SSL2
+ RESOLVEFUNC(SSLv2_client_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ RESOLVEFUNC(SSLv3_client_method)
++#endif
+ RESOLVEFUNC(SSLv23_client_method)
+ RESOLVEFUNC(TLSv1_client_method)
+ #ifndef OPENSSL_NO_SSL2
+ RESOLVEFUNC(SSLv2_server_method)
+ #endif
++#ifndef OPENSSL_NO_SSL3
+ RESOLVEFUNC(SSLv3_server_method)
++#endif
+ RESOLVEFUNC(SSLv23_server_method)
+ RESOLVEFUNC(TLSv1_server_method)
+ RESOLVEFUNC(X509_NAME_entry_count)
More information about the arch-commits
mailing list