1 | /**************************************************************************** |
2 | ** |
3 | ** Copyright (C) 2017 The Qt Company Ltd. |
4 | ** Copyright (C) 2014 BlackBerry Limited. All rights reserved. |
5 | ** Copyright (C) 2016 Richard J. Moore <rich@kde.org> |
6 | ** Contact: https://www.qt.io/licensing/ |
7 | ** |
8 | ** This file is part of the QtNetwork module of the Qt Toolkit. |
9 | ** |
10 | ** $QT_BEGIN_LICENSE:LGPL$ |
11 | ** Commercial License Usage |
12 | ** Licensees holding valid commercial Qt licenses may use this file in |
13 | ** accordance with the commercial license agreement provided with the |
14 | ** Software or, alternatively, in accordance with the terms contained in |
15 | ** a written agreement between you and The Qt Company. For licensing terms |
16 | ** and conditions see https://www.qt.io/terms-conditions. For further |
17 | ** information use the contact form at https://www.qt.io/contact-us. |
18 | ** |
19 | ** GNU Lesser General Public License Usage |
20 | ** Alternatively, this file may be used under the terms of the GNU Lesser |
21 | ** General Public License version 3 as published by the Free Software |
22 | ** Foundation and appearing in the file LICENSE.LGPL3 included in the |
23 | ** packaging of this file. Please review the following information to |
24 | ** ensure the GNU Lesser General Public License version 3 requirements |
25 | ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. |
26 | ** |
27 | ** GNU General Public License Usage |
28 | ** Alternatively, this file may be used under the terms of the GNU |
29 | ** General Public License version 2.0 or (at your option) the GNU General |
30 | ** Public license version 3 or any later version approved by the KDE Free |
31 | ** Qt Foundation. The licenses are as published by the Free Software |
32 | ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 |
33 | ** included in the packaging of this file. Please review the following |
34 | ** information to ensure the GNU General Public License requirements will |
35 | ** be met: https://www.gnu.org/licenses/gpl-2.0.html and |
36 | ** https://www.gnu.org/licenses/gpl-3.0.html. |
37 | ** |
38 | ** $QT_END_LICENSE$ |
39 | ** |
40 | ****************************************************************************/ |
41 | |
42 | /**************************************************************************** |
43 | ** |
44 | ** In addition, as a special exception, the copyright holders listed above give |
45 | ** permission to link the code of its release of Qt with the OpenSSL project's |
46 | ** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the |
47 | ** same license as the original version), and distribute the linked executables. |
48 | ** |
49 | ** You must comply with the GNU General Public License version 2 in all |
50 | ** respects for all of the code used other than the "OpenSSL" code. If you |
51 | ** modify this file, you may extend this exception to your version of the file, |
52 | ** but you are not obligated to do so. If you do not wish to do so, delete |
53 | ** this exception statement from your version of this file. |
54 | ** |
55 | ****************************************************************************/ |
56 | |
57 | #include "qssl_p.h" |
58 | #include "qsslsocket_openssl_symbols_p.h" |
59 | |
60 | #ifdef Q_OS_WIN |
61 | # include <private/qsystemlibrary_p.h> |
62 | #elif QT_CONFIG(library) |
63 | # include <QtCore/qlibrary.h> |
64 | #endif |
65 | #include <QtCore/qmutex.h> |
66 | #include <QtCore/qdatetime.h> |
67 | #if defined(Q_OS_UNIX) |
68 | #include <QtCore/qdir.h> |
69 | #endif |
70 | #include <QtCore/private/qmemory_p.h> |
71 | #if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID) |
72 | #include <link.h> |
73 | #endif |
74 | #ifdef Q_OS_DARWIN |
75 | #include "private/qcore_mac_p.h" |
76 | #endif |
77 | |
78 | #include <algorithm> |
79 | |
80 | QT_BEGIN_NAMESPACE |
81 | |
82 | /* |
83 | Note to maintainer: |
84 | ------------------- |
85 | |
86 | We load OpenSSL symbols dynamically. Because symbols are known to |
87 | disappear, and signatures sometimes change, between releases, we need to |
88 | be careful about how this is done. To ensure we don't end up dereferencing |
89 | null function pointers, and continue running even if certain functions are |
90 | missing, we define helper functions for each of the symbols we load from |
91 | OpenSSL, all prefixed with "q_" (declared in |
92 | qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect |
93 | directly, we call q_SSL_connect, which is a function that checks if the |
94 | actual SSL_connect fptr is null, and returns a failure if it is, or calls |
95 | SSL_connect if it isn't. |
96 | |
97 | This requires a somewhat tedious process of declaring each function we |
98 | want to call in OpenSSL thrice: once with the q_, in _p.h, once using the |
99 | DEFINEFUNC macros below, and once in the function that actually resolves |
100 | the symbols, below the DEFINEFUNC declarations below. |
101 | |
102 | There's one DEFINEFUNC macro declared for every number of arguments |
103 | exposed by OpenSSL (feel free to extend when needed). The easiest thing to |
104 | do is to find an existing entry that matches the arg count of the function |
105 | you want to import, and do the same. |
106 | |
107 | The first macro arg is the function return type. The second is the |
108 | verbatim name of the function/symbol. Then follows a list of N pairs of |
109 | argument types with a variable name, and just the variable name (char *a, |
110 | a, char *b, b, etc). Finally there's two arguments - a suitable return |
111 | statement for the error case (for an int function, return 0 or return -1 |
112 | is usually right). Then either just "return" or DUMMYARG, the latter being |
113 | for void functions. |
114 | |
115 | Note: Take into account that these macros and declarations are processed |
116 | at compile-time, and the result depends on the OpenSSL headers the |
117 | compiling host has installed, but the symbols are resolved at run-time, |
118 | possibly with a different version of OpenSSL. |
119 | */ |
120 | |
121 | #ifndef QT_LINKED_OPENSSL |
122 | |
123 | namespace { |
124 | void qsslSocketUnresolvedSymbolWarning(const char *functionName) |
125 | { |
126 | qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s" , functionName); |
127 | } |
128 | |
129 | #if QT_CONFIG(library) |
130 | void qsslSocketCannotResolveSymbolWarning(const char *functionName) |
131 | { |
132 | qCWarning(lcSsl, "QSslSocket: cannot resolve %s" , functionName); |
133 | } |
134 | #endif |
135 | |
136 | } |
137 | |
138 | #endif // QT_LINKED_OPENSSL |
139 | |
140 | #if QT_CONFIG(opensslv11) |
141 | |
142 | // Below are the functions first introduced in version 1.1: |
143 | |
144 | DEFINEFUNC(const unsigned char *, ASN1_STRING_get0_data, const ASN1_STRING *a, a, return nullptr, return) |
145 | DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return) |
146 | DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return) |
147 | DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return nullptr, return) |
148 | DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return) |
149 | DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return) |
150 | DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX *c, c, return 0, return) |
151 | DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY *a, a, return 0, return) |
152 | DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return) |
153 | DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return) |
154 | DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return) |
155 | DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return) |
156 | DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG) |
157 | DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return) |
158 | DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK *a, a, void *b, b, return, DUMMYARG) |
159 | DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG) |
160 | DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return) |
161 | DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return) |
162 | DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return) |
163 | #ifdef TLS1_3_VERSION |
164 | DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return) |
165 | DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG) |
166 | #endif |
167 | DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return) |
168 | DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return) |
169 | DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return) |
170 | DEFINEFUNC2(unsigned long, SSL_set_options, SSL *ssl, ssl, unsigned long op, op, return 0, return) |
171 | |
172 | DEFINEFUNC(const SSL_METHOD *, TLS_method, DUMMYARG, DUMMYARG, return nullptr, return) |
173 | DEFINEFUNC(const SSL_METHOD *, TLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
174 | DEFINEFUNC(const SSL_METHOD *, TLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
175 | DEFINEFUNC(void, X509_up_ref, X509 *a, a, return, DUMMYARG) |
176 | DEFINEFUNC(ASN1_TIME *, X509_getm_notBefore, X509 *a, a, return nullptr, return) |
177 | DEFINEFUNC(ASN1_TIME *, X509_getm_notAfter, X509 *a, a, return nullptr, return) |
178 | DEFINEFUNC(long, X509_get_version, X509 *a, a, return -1, return) |
179 | DEFINEFUNC(EVP_PKEY *, X509_get_pubkey, X509 *a, a, return nullptr, return) |
180 | DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return, DUMMYARG) |
181 | DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *data, data, return 0, return) |
182 | DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return) |
183 | DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return) |
184 | DEFINEFUNC3(void, CRYPTO_free, void *str, str, const char *file, file, int line, line, return, DUMMYARG) |
185 | DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return) |
186 | DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return) |
187 | DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return) |
188 | DEFINEFUNC4(void, DH_get0_pqg, const DH *dh, dh, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, DUMMYARG) |
189 | DEFINEFUNC(int, DH_bits, DH *dh, dh, return 0, return) |
190 | |
191 | #if QT_CONFIG(dtls) |
192 | DEFINEFUNC2(int, DTLSv1_listen, SSL *s, s, BIO_ADDR *c, c, return -1, return) |
193 | DEFINEFUNC(BIO_ADDR *, BIO_ADDR_new, DUMMYARG, DUMMYARG, return nullptr, return) |
194 | DEFINEFUNC(void, BIO_ADDR_free, BIO_ADDR *ap, ap, return, DUMMYARG) |
195 | DEFINEFUNC2(BIO_METHOD *, BIO_meth_new, int type, type, const char *name, name, return nullptr, return) |
196 | DEFINEFUNC(void, BIO_meth_free, BIO_METHOD *biom, biom, return, DUMMYARG) |
197 | DEFINEFUNC2(int, BIO_meth_set_write, BIO_METHOD *biom, biom, DgramWriteCallback write, write, return 0, return) |
198 | DEFINEFUNC2(int, BIO_meth_set_read, BIO_METHOD *biom, biom, DgramReadCallback read, read, return 0, return) |
199 | DEFINEFUNC2(int, BIO_meth_set_puts, BIO_METHOD *biom, biom, DgramPutsCallback puts, puts, return 0, return) |
200 | DEFINEFUNC2(int, BIO_meth_set_ctrl, BIO_METHOD *biom, biom, DgramCtrlCallback ctrl, ctrl, return 0, return) |
201 | DEFINEFUNC2(int, BIO_meth_set_create, BIO_METHOD *biom, biom, DgramCreateCallback crt, crt, return 0, return) |
202 | DEFINEFUNC2(int, BIO_meth_set_destroy, BIO_METHOD *biom, biom, DgramDestroyCallback dtr, dtr, return 0, return) |
203 | #endif // dtls |
204 | |
205 | #if QT_CONFIG(ocsp) |
206 | DEFINEFUNC(const OCSP_CERTID *, OCSP_SINGLERESP_get0_id, const OCSP_SINGLERESP *x, x, return nullptr, return) |
207 | DEFINEFUNC3(OCSP_RESPONSE *, d2i_OCSP_RESPONSE, OCSP_RESPONSE **a, a, const unsigned char **in, in, long len, len, return nullptr, return) |
208 | DEFINEFUNC(void, OCSP_RESPONSE_free, OCSP_RESPONSE *rs, rs, return, DUMMYARG) |
209 | DEFINEFUNC(OCSP_BASICRESP *, OCSP_response_get1_basic, OCSP_RESPONSE *resp, resp, return nullptr, return) |
210 | DEFINEFUNC(void, OCSP_BASICRESP_free, OCSP_BASICRESP *bs, bs, return, DUMMYARG) |
211 | DEFINEFUNC(int, OCSP_response_status, OCSP_RESPONSE *resp, resp, return OCSP_RESPONSE_STATUS_INTERNALERROR, return) |
212 | DEFINEFUNC4(int, OCSP_basic_verify, OCSP_BASICRESP *bs, bs, STACK_OF(X509) *certs, certs, X509_STORE *st, st, unsigned long flags, flags, return -1, return) |
213 | DEFINEFUNC(int, OCSP_resp_count, OCSP_BASICRESP *bs, bs, return 0, return) |
214 | DEFINEFUNC2(OCSP_SINGLERESP *, OCSP_resp_get0, OCSP_BASICRESP *bs, bs, int idx, idx, return nullptr, return) |
215 | DEFINEFUNC5(int, OCSP_single_get0_status, OCSP_SINGLERESP *single, single, int *reason, reason, ASN1_GENERALIZEDTIME **revtime, revtime, |
216 | ASN1_GENERALIZEDTIME **thisupd, thisupd, ASN1_GENERALIZEDTIME **nextupd, nextupd, return -1, return) |
217 | DEFINEFUNC4(int, OCSP_check_validity, ASN1_GENERALIZEDTIME *thisupd, thisupd, ASN1_GENERALIZEDTIME *nextupd, nextupd, long nsec, nsec, long maxsec, maxsec, return 0, return) |
218 | DEFINEFUNC3(OCSP_CERTID *, OCSP_cert_to_id, const EVP_MD *dgst, dgst, X509 *subject, subject, X509 *issuer, issuer, return nullptr, return) |
219 | DEFINEFUNC(void, OCSP_CERTID_free, OCSP_CERTID *cid, cid, return, DUMMYARG) |
220 | DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash, ASN1_OBJECT **pmd, pmd, |
221 | ASN1_OCTET_STRING **piKeyHash, piKeyHash, ASN1_INTEGER **pserial, pserial, OCSP_CERTID *cid, cid, |
222 | return 0, return) |
223 | DEFINEFUNC2(OCSP_RESPONSE *, OCSP_response_create, int status, status, OCSP_BASICRESP *bs, bs, return nullptr, return) |
224 | DEFINEFUNC(const STACK_OF(X509) *, OCSP_resp_get0_certs, const OCSP_BASICRESP *bs, bs, return nullptr, return) |
225 | DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID *a, a, OCSP_CERTID *b, b, return -1, return) |
226 | DEFINEFUNC7(OCSP_SINGLERESP *, OCSP_basic_add1_status, OCSP_BASICRESP *r, r, OCSP_CERTID *c, c, int s, s, |
227 | int re, re, ASN1_TIME *rt, rt, ASN1_TIME *t, t, ASN1_TIME *n, n, return nullptr, return) |
228 | DEFINEFUNC(OCSP_BASICRESP *, OCSP_BASICRESP_new, DUMMYARG, DUMMYARG, return nullptr, return) |
229 | DEFINEFUNC2(int, i2d_OCSP_RESPONSE, OCSP_RESPONSE *r, r, unsigned char **ppout, ppout, return 0, return) |
230 | DEFINEFUNC6(int, OCSP_basic_sign, OCSP_BASICRESP *br, br, X509 *signer, signer, EVP_PKEY *key, key, |
231 | const EVP_MD *dg, dg, STACK_OF(X509) *cs, cs, unsigned long flags, flags, return 0, return) |
232 | #endif // ocsp |
233 | |
234 | DEFINEFUNC2(void, BIO_set_data, BIO *a, a, void *ptr, ptr, return, DUMMYARG) |
235 | DEFINEFUNC(void *, BIO_get_data, BIO *a, a, return nullptr, return) |
236 | DEFINEFUNC2(void, BIO_set_init, BIO *a, a, int init, init, return, DUMMYARG) |
237 | DEFINEFUNC(int, BIO_get_shutdown, BIO *a, a, return -1, return) |
238 | DEFINEFUNC2(void, BIO_set_shutdown, BIO *a, a, int shut, shut, return, DUMMYARG) |
239 | |
240 | #else // QT_CONFIG(opensslv11) |
241 | |
242 | // Functions below are either deprecated or removed in OpenSSL >= 1.1: |
243 | |
244 | DEFINEFUNC(unsigned char *, ASN1_STRING_data, ASN1_STRING *a, a, return nullptr, return) |
245 | |
246 | #ifdef SSLEAY_MACROS |
247 | DEFINEFUNC3(void *, ASN1_dup, i2d_of_void *a, a, d2i_of_void *b, b, char *c, c, return nullptr, return) |
248 | #endif |
249 | DEFINEFUNC2(BIO *, BIO_new_file, const char *filename, filename, const char *mode, mode, return nullptr, return) |
250 | DEFINEFUNC(void, ERR_clear_error, DUMMYARG, DUMMYARG, return, DUMMYARG) |
251 | DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return nullptr, return) |
252 | DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return) |
253 | DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return) |
254 | DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG) |
255 | DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG) |
256 | DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) |
257 | DEFINEFUNC3(int, CRYPTO_set_ex_data, CRYPTO_EX_DATA *ad, ad, int idx, idx, void *val, val, return 0, return) |
258 | DEFINEFUNC2(void *, CRYPTO_get_ex_data, const CRYPTO_EX_DATA *ad, ad, int idx, idx, return nullptr, return) |
259 | DEFINEFUNC(unsigned long, ERR_peek_last_error, DUMMYARG, DUMMYARG, return 0, return) |
260 | DEFINEFUNC(void, ERR_free_strings, void, DUMMYARG, return, DUMMYARG) |
261 | DEFINEFUNC(void, EVP_CIPHER_CTX_cleanup, EVP_CIPHER_CTX *a, a, return, DUMMYARG) |
262 | DEFINEFUNC(void, EVP_CIPHER_CTX_init, EVP_CIPHER_CTX *a, a, return, DUMMYARG) |
263 | |
264 | #ifdef SSLEAY_MACROS |
265 | DEFINEFUNC6(void *, PEM_ASN1_read_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return nullptr, return) |
266 | DEFINEFUNC6(void *, PEM_ASN1_write_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return nullptr, return) |
267 | #endif // SSLEAY_MACROS |
268 | |
269 | DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return) |
270 | DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG) |
271 | |
272 | DEFINEFUNC(_STACK *, sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return) |
273 | DEFINEFUNC2(void, sk_push, _STACK *a, a, void *b, b, return, DUMMYARG) |
274 | DEFINEFUNC(void, sk_free, _STACK *a, a, return, DUMMYARG) |
275 | DEFINEFUNC2(void *, sk_value, STACK *a, a, int b, b, return nullptr, return) |
276 | |
277 | DEFINEFUNC(int, SSL_library_init, void, DUMMYARG, return -1, return) |
278 | DEFINEFUNC(void, SSL_load_error_strings, void, DUMMYARG, return, DUMMYARG) |
279 | |
280 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
281 | DEFINEFUNC5(int, SSL_get_ex_new_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return) |
282 | #endif // OPENSSL_VERSION_NUMBER >= 0x10001000L |
283 | |
284 | DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
285 | DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
286 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
287 | DEFINEFUNC(const SSL_METHOD *, TLSv1_1_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
288 | DEFINEFUNC(const SSL_METHOD *, TLSv1_2_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
289 | #endif |
290 | DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
291 | DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
292 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
293 | DEFINEFUNC(const SSL_METHOD *, TLSv1_1_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
294 | DEFINEFUNC(const SSL_METHOD *, TLSv1_2_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
295 | #endif |
296 | |
297 | DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get_chain, X509_STORE_CTX *a, a, return nullptr, return) |
298 | |
299 | #ifdef SSLEAY_MACROS |
300 | DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return) |
301 | DEFINEFUNC2(int, i2d_RSAPrivateKey, const RSA *a, a, unsigned char **b, b, return -1, return) |
302 | #ifndef OPENSSL_NO_EC |
303 | DEFINEFUNC2(int, i2d_ECPrivateKey, const EC_KEY *a, a, unsigned char **b, b, return -1, return) |
304 | #endif |
305 | DEFINEFUNC3(RSA *, d2i_RSAPrivateKey, RSA **a, a, unsigned char **b, b, long c, c, return nullptr, return) |
306 | DEFINEFUNC3(DSA *, d2i_DSAPrivateKey, DSA **a, a, unsigned char **b, b, long c, c, return nullptr, return) |
307 | #ifndef OPENSSL_NO_EC |
308 | DEFINEFUNC3(EC_KEY *, d2i_ECPrivateKey, EC_KEY **a, a, unsigned char **b, b, long c, c, return nullptr, return) |
309 | #endif |
310 | #endif |
311 | |
312 | #if QT_CONFIG(dtls) |
313 | DEFINEFUNC(const SSL_METHOD *, DTLSv1_server_method, void, DUMMYARG, return nullptr, return) |
314 | DEFINEFUNC(const SSL_METHOD *, DTLSv1_client_method, void, DUMMYARG, return nullptr, return) |
315 | DEFINEFUNC(const SSL_METHOD *, DTLSv1_2_server_method, void, DUMMYARG, return nullptr, return) |
316 | DEFINEFUNC(const SSL_METHOD *, DTLSv1_2_client_method, void, DUMMYARG, return nullptr, return) |
317 | #endif // dtls |
318 | |
319 | DEFINEFUNC(char *, CONF_get1_default_config_file, DUMMYARG, DUMMYARG, return nullptr, return) |
320 | DEFINEFUNC(void, OPENSSL_add_all_algorithms_noconf, void, DUMMYARG, return, DUMMYARG) |
321 | DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG) |
322 | DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return) |
323 | DEFINEFUNC(const char *, SSLeay_version, int a, a, return nullptr, return) |
324 | |
325 | #endif // QT_CONFIG(opensslv11) |
326 | |
327 | DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER *a, a, return 0, return) |
328 | DEFINEFUNC2(int, ASN1_INTEGER_cmp, const ASN1_INTEGER *a, a, const ASN1_INTEGER *b, b, return 1, return) |
329 | DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING *a, a, return 0, return) |
330 | DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return) |
331 | DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return) |
332 | DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return) |
333 | DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return nullptr, return) |
334 | DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return) |
335 | |
336 | DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) |
337 | DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) |
338 | DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM *a, a, BN_ULONG w, w, return static_cast<BN_ULONG>(-1), return) |
339 | #ifndef OPENSSL_NO_EC |
340 | DEFINEFUNC(const EC_GROUP*, EC_KEY_get0_group, const EC_KEY* k, k, return nullptr, return) |
341 | DEFINEFUNC(int, EC_GROUP_get_degree, const EC_GROUP* g, g, return 0, return) |
342 | #endif |
343 | DEFINEFUNC(DSA *, DSA_new, DUMMYARG, DUMMYARG, return nullptr, return) |
344 | DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) |
345 | DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, const unsigned char **b, b, long c, c, return nullptr, return) |
346 | DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return nullptr, return) |
347 | DEFINEFUNC3(void, ERR_error_string_n, unsigned long e, e, char *b, b, size_t len, len, return, DUMMYARG) |
348 | DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return) |
349 | DEFINEFUNC(EVP_CIPHER_CTX *, EVP_CIPHER_CTX_new, void, DUMMYARG, return nullptr, return) |
350 | DEFINEFUNC(void, EVP_CIPHER_CTX_free, EVP_CIPHER_CTX *a, a, return, DUMMYARG) |
351 | DEFINEFUNC4(int, EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX *ctx, ctx, int type, type, int arg, arg, void *ptr, ptr, return 0, return) |
352 | DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX *ctx, ctx, int keylen, keylen, return 0, return) |
353 | DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *type, type, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return) |
354 | DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *cipher, cipher, ENGINE *impl, impl, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return) |
355 | DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, const unsigned char *in, in, int inl, inl, return 0, return) |
356 | DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, return 0, return) |
357 | DEFINEFUNC(const EVP_MD *, EVP_get_digestbyname, const char *name, name, return nullptr, return) |
358 | #ifndef OPENSSL_NO_DES |
359 | DEFINEFUNC(const EVP_CIPHER *, EVP_des_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
360 | DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
361 | #endif |
362 | #ifndef OPENSSL_NO_RC2 |
363 | DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
364 | #endif |
365 | #ifndef OPENSSL_NO_AES |
366 | DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
367 | DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
368 | DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return) |
369 | #endif |
370 | DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return) |
371 | DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return) |
372 | DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return) |
373 | DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY *a, a, DSA *b, b, return -1, return) |
374 | DEFINEFUNC2(int, EVP_PKEY_set1_DH, EVP_PKEY *a, a, DH *b, b, return -1, return) |
375 | #ifndef OPENSSL_NO_EC |
376 | DEFINEFUNC2(int, EVP_PKEY_set1_EC_KEY, EVP_PKEY *a, a, EC_KEY *b, b, return -1, return) |
377 | #endif |
378 | DEFINEFUNC2(int, EVP_PKEY_cmp, const EVP_PKEY *a, a, const EVP_PKEY *b, b, return -1, return) |
379 | DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY *a, a, return, DUMMYARG) |
380 | DEFINEFUNC(DSA *, EVP_PKEY_get1_DSA, EVP_PKEY *a, a, return nullptr, return) |
381 | DEFINEFUNC(RSA *, EVP_PKEY_get1_RSA, EVP_PKEY *a, a, return nullptr, return) |
382 | DEFINEFUNC(DH *, EVP_PKEY_get1_DH, EVP_PKEY *a, a, return nullptr, return) |
383 | #ifndef OPENSSL_NO_EC |
384 | DEFINEFUNC(EC_KEY *, EVP_PKEY_get1_EC_KEY, EVP_PKEY *a, a, return nullptr, return) |
385 | #endif |
386 | DEFINEFUNC(EVP_PKEY *, EVP_PKEY_new, DUMMYARG, DUMMYARG, return nullptr, return) |
387 | DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return) |
388 | DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return) |
389 | DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return nullptr, return) |
390 | DEFINEFUNC(const char *, OBJ_nid2ln, int a, a, return nullptr, return) |
391 | DEFINEFUNC(int, OBJ_sn2nid, const char *s, s, return 0, return) |
392 | DEFINEFUNC(int, OBJ_ln2nid, const char *s, s, return 0, return) |
393 | DEFINEFUNC3(int, i2t_ASN1_OBJECT, char *a, a, int b, b, ASN1_OBJECT *c, c, return -1, return) |
394 | DEFINEFUNC4(int, OBJ_obj2txt, char *a, a, int b, b, ASN1_OBJECT *c, c, int d, d, return -1, return) |
395 | |
396 | DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT *a, a, return NID_undef, return) |
397 | |
398 | #ifndef SSLEAY_MACROS |
399 | DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PrivateKey, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
400 | DEFINEFUNC4(DSA *, PEM_read_bio_DSAPrivateKey, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
401 | DEFINEFUNC4(RSA *, PEM_read_bio_RSAPrivateKey, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
402 | #ifndef OPENSSL_NO_EC |
403 | DEFINEFUNC4(EC_KEY *, PEM_read_bio_ECPrivateKey, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
404 | #endif |
405 | DEFINEFUNC4(DH *, PEM_read_bio_DHparams, BIO *a, a, DH **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
406 | DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) |
407 | DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) |
408 | DEFINEFUNC7(int, PEM_write_bio_PrivateKey, BIO *a, a, EVP_PKEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) |
409 | #ifndef OPENSSL_NO_EC |
410 | DEFINEFUNC7(int, PEM_write_bio_ECPrivateKey, BIO *a, a, EC_KEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return) |
411 | #endif |
412 | #endif // !SSLEAY_MACROS |
413 | DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PUBKEY, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
414 | DEFINEFUNC4(DSA *, PEM_read_bio_DSA_PUBKEY, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
415 | DEFINEFUNC4(RSA *, PEM_read_bio_RSA_PUBKEY, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
416 | #ifndef OPENSSL_NO_EC |
417 | DEFINEFUNC4(EC_KEY *, PEM_read_bio_EC_PUBKEY, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return) |
418 | #endif |
419 | DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO *a, a, DSA *b, b, return 0, return) |
420 | DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO *a, a, RSA *b, b, return 0, return) |
421 | DEFINEFUNC2(int, PEM_write_bio_PUBKEY, BIO *a, a, EVP_PKEY *b, b, return 0, return) |
422 | #ifndef OPENSSL_NO_EC |
423 | DEFINEFUNC2(int, PEM_write_bio_EC_PUBKEY, BIO *a, a, EC_KEY *b, b, return 0, return) |
424 | #endif |
425 | DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG) |
426 | DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return) |
427 | DEFINEFUNC2(int, RAND_bytes, unsigned char *b, b, int n, n, return 0, return) |
428 | DEFINEFUNC(RSA *, RSA_new, DUMMYARG, DUMMYARG, return nullptr, return) |
429 | DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG) |
430 | DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return) |
431 | DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return) |
432 | DEFINEFUNC3(char *, SSL_CIPHER_description, const SSL_CIPHER *a, a, char *b, b, int c, c, return nullptr, return) |
433 | DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *a, a, int *b, b, return 0, return) |
434 | DEFINEFUNC(BIO *, SSL_get_rbio, const SSL *s, s, return nullptr, return) |
435 | DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return) |
436 | DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX *a, a, return -1, return) |
437 | DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return) |
438 | DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG) |
439 | DEFINEFUNC(SSL_CTX *, SSL_CTX_new, const SSL_METHOD *a, a, return nullptr, return) |
440 | DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return) |
441 | DEFINEFUNC3(long, SSL_CTX_callback_ctrl, SSL_CTX *ctx, ctx, int dst, dst, GenericCallbackType cb, cb, return 0, return) |
442 | DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return) |
443 | DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX *a, a, int b, b, int (*c)(int, X509_STORE_CTX *), c, return, DUMMYARG) |
444 | DEFINEFUNC2(void, SSL_CTX_set_verify_depth, SSL_CTX *a, a, int b, b, return, DUMMYARG) |
445 | DEFINEFUNC2(int, SSL_CTX_use_certificate, SSL_CTX *a, a, X509 *b, b, return -1, return) |
446 | DEFINEFUNC3(int, SSL_CTX_use_certificate_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) |
447 | DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -1, return) |
448 | DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return) |
449 | DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) |
450 | DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return) |
451 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
452 | DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return); |
453 | DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return); |
454 | DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return); |
455 | DEFINEFUNC2(unsigned int, SSL_CONF_CTX_set_flags, SSL_CONF_CTX *a, a, unsigned int b, b, return 0, return); |
456 | DEFINEFUNC(int, SSL_CONF_CTX_finish, SSL_CONF_CTX *a, a, return 0, return); |
457 | DEFINEFUNC3(int, SSL_CONF_cmd, SSL_CONF_CTX *a, a, const char *b, b, const char *c, c, return 0, return); |
458 | #endif |
459 | DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG) |
460 | DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return nullptr, return) |
461 | DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr, return) |
462 | DEFINEFUNC(int, SSL_version, const SSL *a, a, return 0, return) |
463 | DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return) |
464 | DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return nullptr, return) |
465 | DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return nullptr, return) |
466 | DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return) |
467 | DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return nullptr, return) |
468 | DEFINEFUNC(SSL_CTX *, SSL_get_SSL_CTX, SSL *a, a, return nullptr, return) |
469 | DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return) |
470 | DEFINEFUNC3(int, SSL_read, SSL *a, a, void *b, b, int c, c, return -1, return) |
471 | DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG) |
472 | DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG) |
473 | DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG) |
474 | DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return) |
475 | DEFINEFUNC(int, SSL_get_shutdown, const SSL *ssl, ssl, return 0, return) |
476 | DEFINEFUNC2(int, SSL_set_session, SSL* to, to, SSL_SESSION *session, session, return -1, return) |
477 | DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION *ses, ses, return, DUMMYARG) |
478 | DEFINEFUNC(SSL_SESSION*, SSL_get1_session, SSL *ssl, ssl, return nullptr, return) |
479 | DEFINEFUNC(SSL_SESSION*, SSL_get_session, const SSL *ssl, ssl, return nullptr, return) |
480 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
481 | DEFINEFUNC3(int, SSL_set_ex_data, SSL *ssl, ssl, int idx, idx, void *arg, arg, return 0, return) |
482 | DEFINEFUNC2(void *, SSL_get_ex_data, const SSL *ssl, ssl, int idx, idx, return nullptr, return) |
483 | #endif |
484 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) |
485 | DEFINEFUNC2(void, SSL_set_psk_client_callback, SSL* ssl, ssl, q_psk_client_callback_t callback, callback, return, DUMMYARG) |
486 | DEFINEFUNC2(void, SSL_set_psk_server_callback, SSL* ssl, ssl, q_psk_server_callback_t callback, callback, return, DUMMYARG) |
487 | DEFINEFUNC2(int, SSL_CTX_use_psk_identity_hint, SSL_CTX* ctx, ctx, const char *hint, hint, return 0, return) |
488 | #endif |
489 | DEFINEFUNC3(int, SSL_write, SSL *a, a, const void *b, b, int c, c, return -1, return) |
490 | DEFINEFUNC2(int, X509_cmp, X509 *a, a, X509 *b, b, return -1, return) |
491 | DEFINEFUNC4(int, X509_digest, const X509 *x509, x509, const EVP_MD *type, type, unsigned char *md, md, unsigned int *len, len, return -1, return) |
492 | #ifndef SSLEAY_MACROS |
493 | DEFINEFUNC(X509 *, X509_dup, X509 *a, a, return nullptr, return) |
494 | #endif |
495 | DEFINEFUNC2(void, X509_print, BIO *a, a, X509 *b, b, return, DUMMYARG); |
496 | DEFINEFUNC(ASN1_OBJECT *, X509_EXTENSION_get_object, X509_EXTENSION *a, a, return nullptr, return) |
497 | DEFINEFUNC(void, X509_free, X509 *a, a, return, DUMMYARG) |
498 | //Q_AUTOTEST_EXPORT ASN1_TIME *q_X509_gmtime_adj(ASN1_TIME *s, long adj); |
499 | DEFINEFUNC2(ASN1_TIME *, X509_gmtime_adj, ASN1_TIME *s, s, long adj, adj, return nullptr, return) |
500 | DEFINEFUNC(void, ASN1_TIME_free, ASN1_TIME *t, t, return, DUMMYARG) |
501 | DEFINEFUNC2(X509_EXTENSION *, X509_get_ext, X509 *a, a, int b, b, return nullptr, return) |
502 | DEFINEFUNC(int, X509_get_ext_count, X509 *a, a, return 0, return) |
503 | DEFINEFUNC4(void *, X509_get_ext_d2i, X509 *a, a, int b, b, int *c, c, int *d, d, return nullptr, return) |
504 | DEFINEFUNC(const X509V3_EXT_METHOD *, X509V3_EXT_get, X509_EXTENSION *a, a, return nullptr, return) |
505 | DEFINEFUNC(void *, X509V3_EXT_d2i, X509_EXTENSION *a, a, return nullptr, return) |
506 | DEFINEFUNC(int, X509_EXTENSION_get_critical, X509_EXTENSION *a, a, return 0, return) |
507 | DEFINEFUNC(ASN1_OCTET_STRING *, X509_EXTENSION_get_data, X509_EXTENSION *a, a, return nullptr, return) |
508 | DEFINEFUNC(void, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS *a, a, return, DUMMYARG) |
509 | DEFINEFUNC(void, AUTHORITY_KEYID_free, AUTHORITY_KEYID *a, a, return, DUMMYARG) |
510 | DEFINEFUNC(void, GENERAL_NAME_free, GENERAL_NAME *a, a, return, DUMMYARG) |
511 | DEFINEFUNC2(int, ASN1_STRING_print, BIO *a, a, const ASN1_STRING *b, b, return 0, return) |
512 | DEFINEFUNC2(int, X509_check_issued, X509 *a, a, X509 *b, b, return -1, return) |
513 | DEFINEFUNC(X509_NAME *, X509_get_issuer_name, X509 *a, a, return nullptr, return) |
514 | DEFINEFUNC(X509_NAME *, X509_get_subject_name, X509 *a, a, return nullptr, return) |
515 | DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *a, a, return nullptr, return) |
516 | DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX *a, a, return -1, return) |
517 | DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME *a, a, return 0, return) |
518 | DEFINEFUNC2(X509_NAME_ENTRY *, X509_NAME_get_entry, X509_NAME *a, a, int b, b, return nullptr, return) |
519 | DEFINEFUNC(ASN1_STRING *, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY *a, a, return nullptr, return) |
520 | DEFINEFUNC(ASN1_OBJECT *, X509_NAME_ENTRY_get_object, X509_NAME_ENTRY *a, a, return nullptr, return) |
521 | DEFINEFUNC(EVP_PKEY *, X509_PUBKEY_get, X509_PUBKEY *a, a, return nullptr, return) |
522 | DEFINEFUNC(void, X509_STORE_free, X509_STORE *a, a, return, DUMMYARG) |
523 | DEFINEFUNC(X509_STORE *, X509_STORE_new, DUMMYARG, DUMMYARG, return nullptr, return) |
524 | DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, return) |
525 | DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG) |
526 | DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return) |
527 | DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return) |
528 | DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return) |
529 | DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return) |
530 | DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return nullptr, return) |
531 | DEFINEFUNC(X509_STORE *, X509_STORE_CTX_get0_store, X509_STORE_CTX *ctx, ctx, return nullptr, return) |
532 | DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return) |
533 | DEFINEFUNC2(void *, X509_STORE_CTX_get_ex_data, X509_STORE_CTX *ctx, ctx, int idx, idx, return nullptr, return) |
534 | DEFINEFUNC(int, SSL_get_ex_data_X509_STORE_CTX_idx, DUMMYARG, DUMMYARG, return -1, return) |
535 | DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return) |
536 | DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION *in, in, unsigned char **pp, pp, return 0, return) |
537 | DEFINEFUNC3(SSL_SESSION *, d2i_SSL_SESSION, SSL_SESSION **a, a, const unsigned char **pp, pp, long length, length, return nullptr, return) |
538 | #if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) |
539 | DEFINEFUNC6(int, SSL_select_next_proto, unsigned char **out, out, unsigned char *outlen, outlen, |
540 | const unsigned char *in, in, unsigned int inlen, inlen, |
541 | const unsigned char *client, client, unsigned int client_len, client_len, |
542 | return -1, return) |
543 | DEFINEFUNC3(void, SSL_CTX_set_next_proto_select_cb, SSL_CTX *s, s, |
544 | int (*cb) (SSL *ssl, unsigned char **out, |
545 | unsigned char *outlen, |
546 | const unsigned char *in, |
547 | unsigned int inlen, void *arg), cb, |
548 | void *arg, arg, return, DUMMYARG) |
549 | DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s, |
550 | const unsigned char **data, data, unsigned *len, len, return, DUMMYARG) |
551 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
552 | DEFINEFUNC3(int, SSL_set_alpn_protos, SSL *s, s, const unsigned char *protos, protos, |
553 | unsigned protos_len, protos_len, return -1, return) |
554 | DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s, |
555 | int (*cb) (SSL *ssl, const unsigned char **out, |
556 | unsigned char *outlen, |
557 | const unsigned char *in, |
558 | unsigned int inlen, void *arg), cb, |
559 | void *arg, arg, return, DUMMYARG) |
560 | DEFINEFUNC3(void, SSL_get0_alpn_selected, const SSL *s, s, const unsigned char **data, data, |
561 | unsigned *len, len, return, DUMMYARG) |
562 | #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ... |
563 | #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... |
564 | |
565 | // DTLS: |
566 | #if QT_CONFIG(dtls) |
567 | DEFINEFUNC2(void, SSL_CTX_set_cookie_generate_cb, SSL_CTX *ctx, ctx, CookieGenerateCallback cb, cb, return, DUMMYARG) |
568 | DEFINEFUNC2(void, SSL_CTX_set_cookie_verify_cb, SSL_CTX *ctx, ctx, CookieVerifyCallback cb, cb, return, DUMMYARG) |
569 | DEFINEFUNC(const SSL_METHOD *, DTLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return) |
570 | DEFINEFUNC(const SSL_METHOD *, DTLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return) |
571 | #endif // dtls |
572 | DEFINEFUNC2(void, BIO_set_flags, BIO *b, b, int flags, flags, return, DUMMYARG) |
573 | DEFINEFUNC2(void, BIO_clear_flags, BIO *b, b, int flags, flags, return, DUMMYARG) |
574 | DEFINEFUNC2(void *, BIO_get_ex_data, BIO *b, b, int idx, idx, return nullptr, return) |
575 | DEFINEFUNC3(int, BIO_set_ex_data, BIO *b, b, int idx, idx, void *data, data, return -1, return) |
576 | |
577 | DEFINEFUNC3(void *, CRYPTO_malloc, size_t num, num, const char *file, file, int line, line, return nullptr, return) |
578 | DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return nullptr, return) |
579 | DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG) |
580 | DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return nullptr, return) |
581 | DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return) |
582 | DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return) |
583 | DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return nullptr, return) |
584 | #ifndef OPENSSL_NO_EC |
585 | DEFINEFUNC(EC_KEY *, EC_KEY_dup, const EC_KEY *ec, ec, return nullptr, return) |
586 | DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return nullptr, return) |
587 | DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG) |
588 | DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return) |
589 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
590 | DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return) |
591 | #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L |
592 | #endif // OPENSSL_NO_EC |
593 | |
594 | DEFINEFUNC5(int, PKCS12_parse, PKCS12 *p12, p12, const char *pass, pass, EVP_PKEY **pkey, pkey, \ |
595 | X509 **cert, cert, STACK_OF(X509) **ca, ca, return 1, return); |
596 | DEFINEFUNC2(PKCS12 *, d2i_PKCS12_bio, BIO *bio, bio, PKCS12 **pkcs12, pkcs12, return nullptr, return); |
597 | DEFINEFUNC(void, PKCS12_free, PKCS12 *pkcs12, pkcs12, return, DUMMYARG) |
598 | |
599 | #define RESOLVEFUNC(func) \ |
600 | if (!(_q_##func = _q_PTR_##func(libs.ssl->resolve(#func))) \ |
601 | && !(_q_##func = _q_PTR_##func(libs.crypto->resolve(#func)))) \ |
602 | qsslSocketCannotResolveSymbolWarning(#func); |
603 | |
604 | #if !defined QT_LINKED_OPENSSL |
605 | |
606 | #if !QT_CONFIG(library) |
607 | bool q_resolveOpenSslSymbols() |
608 | { |
609 | qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the " |
610 | "'library' feature, which means runtime resolving of libraries won't work." ); |
611 | qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving " |
612 | "of libraries." ); |
613 | return false; |
614 | } |
615 | #else |
616 | |
617 | # ifdef Q_OS_UNIX |
618 | struct NumericallyLess |
619 | { |
620 | typedef bool result_type; |
621 | result_type operator()(const QStringRef &lhs, const QStringRef &rhs) const |
622 | { |
623 | bool ok = false; |
624 | int b = 0; |
625 | int a = lhs.toInt(&ok); |
626 | if (ok) |
627 | b = rhs.toInt(&ok); |
628 | if (ok) { |
629 | // both toInt succeeded |
630 | return a < b; |
631 | } else { |
632 | // compare as strings; |
633 | return lhs < rhs; |
634 | } |
635 | } |
636 | }; |
637 | |
638 | struct LibGreaterThan |
639 | { |
640 | typedef bool result_type; |
641 | result_type operator()(const QString &lhs, const QString &rhs) const |
642 | { |
643 | const QVector<QStringRef> lhsparts = lhs.splitRef(QLatin1Char('.')); |
644 | const QVector<QStringRef> rhsparts = rhs.splitRef(QLatin1Char('.')); |
645 | Q_ASSERT(lhsparts.count() > 1 && rhsparts.count() > 1); |
646 | |
647 | // note: checking rhs < lhs, the same as lhs > rhs |
648 | return std::lexicographical_compare(rhsparts.begin() + 1, rhsparts.end(), |
649 | lhsparts.begin() + 1, lhsparts.end(), |
650 | NumericallyLess()); |
651 | } |
652 | }; |
653 | |
654 | #if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID) |
655 | static int dlIterateCallback(struct dl_phdr_info *info, size_t size, void *data) |
656 | { |
657 | if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name)) |
658 | return 1; |
659 | QSet<QString> *paths = (QSet<QString> *)data; |
660 | QString path = QString::fromLocal8Bit(info->dlpi_name); |
661 | if (!path.isEmpty()) { |
662 | QFileInfo fi(path); |
663 | path = fi.absolutePath(); |
664 | if (!path.isEmpty()) |
665 | paths->insert(path); |
666 | } |
667 | return 0; |
668 | } |
669 | #endif |
670 | |
671 | static QStringList libraryPathList() |
672 | { |
673 | QStringList paths; |
674 | # ifdef Q_OS_DARWIN |
675 | paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH" )) |
676 | .split(QLatin1Char(':'), QString::SkipEmptyParts); |
677 | |
678 | // search in .app/Contents/Frameworks |
679 | UInt32 packageType; |
680 | CFBundleGetPackageInfo(CFBundleGetMainBundle(), &packageType, nullptr); |
681 | if (packageType == FOUR_CHAR_CODE('APPL')) { |
682 | QUrl bundleUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyBundleURL(CFBundleGetMainBundle()))); |
683 | QUrl frameworksUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyPrivateFrameworksURL(CFBundleGetMainBundle()))); |
684 | paths << bundleUrl.resolved(frameworksUrl).path(); |
685 | } |
686 | # else |
687 | paths = QString::fromLatin1(qgetenv("LD_LIBRARY_PATH" )) |
688 | .split(QLatin1Char(':'), QString::SkipEmptyParts); |
689 | # endif |
690 | paths << QLatin1String("/lib" ) << QLatin1String("/usr/lib" ) << QLatin1String("/usr/local/lib" ); |
691 | paths << QLatin1String("/lib64" ) << QLatin1String("/usr/lib64" ) << QLatin1String("/usr/local/lib64" ); |
692 | paths << QLatin1String("/lib32" ) << QLatin1String("/usr/lib32" ) << QLatin1String("/usr/local/lib32" ); |
693 | |
694 | #if defined(Q_OS_ANDROID) |
695 | paths << QLatin1String("/system/lib" ); |
696 | #elif defined(Q_OS_LINUX) |
697 | // discover paths of already loaded libraries |
698 | QSet<QString> loadedPaths; |
699 | dl_iterate_phdr(dlIterateCallback, &loadedPaths); |
700 | paths.append(loadedPaths.values()); |
701 | #endif |
702 | |
703 | return paths; |
704 | } |
705 | |
706 | Q_NEVER_INLINE |
707 | static QStringList findAllLibs(QLatin1String filter) |
708 | { |
709 | const QStringList paths = libraryPathList(); |
710 | QStringList found; |
711 | const QStringList filters((QString(filter))); |
712 | |
713 | for (const QString &path : paths) { |
714 | QDir dir(path); |
715 | QStringList entryList = dir.entryList(filters, QDir::Files); |
716 | |
717 | std::sort(entryList.begin(), entryList.end(), LibGreaterThan()); |
718 | for (const QString &entry : qAsConst(entryList)) |
719 | found << path + QLatin1Char('/') + entry; |
720 | } |
721 | |
722 | return found; |
723 | } |
724 | |
725 | static QStringList findAllLibSsl() |
726 | { |
727 | return findAllLibs(QLatin1String("libssl.*" )); |
728 | } |
729 | |
730 | static QStringList findAllLibCrypto() |
731 | { |
732 | return findAllLibs(QLatin1String("libcrypto.*" )); |
733 | } |
734 | # endif |
735 | |
736 | #ifdef Q_OS_WIN |
737 | |
738 | struct LoadedOpenSsl { |
739 | std::unique_ptr<QSystemLibrary> ssl, crypto; |
740 | }; |
741 | |
742 | static bool tryToLoadOpenSslWin32Library(QLatin1String ssleay32LibName, QLatin1String libeay32LibName, LoadedOpenSsl &result) |
743 | { |
744 | auto ssleay32 = qt_make_unique<QSystemLibrary>(ssleay32LibName); |
745 | if (!ssleay32->load(false)) { |
746 | return FALSE; |
747 | } |
748 | |
749 | auto libeay32 = qt_make_unique<QSystemLibrary>(libeay32LibName); |
750 | if (!libeay32->load(false)) { |
751 | return FALSE; |
752 | } |
753 | |
754 | result.ssl = std::move(ssleay32); |
755 | result.crypto = std::move(libeay32); |
756 | return TRUE; |
757 | } |
758 | |
759 | static LoadedOpenSsl loadOpenSsl() |
760 | { |
761 | LoadedOpenSsl result; |
762 | |
763 | #if QT_CONFIG(opensslv11) |
764 | // With OpenSSL 1.1 the names have changed to libssl-1_1(-x64) and libcrypto-1_1(-x64), for builds using |
765 | // MSVC and GCC, (-x64 suffix for 64-bit builds). |
766 | |
767 | #ifdef Q_PROCESSOR_X86_64 |
768 | #define QT_SSL_SUFFIX "-x64" |
769 | #else // !Q_PROCESSOFR_X86_64 |
770 | #define QT_SSL_SUFFIX |
771 | #endif // !Q_PROCESSOR_x86_64 |
772 | |
773 | tryToLoadOpenSslWin32Library(QLatin1String("libssl-1_1" QT_SSL_SUFFIX), |
774 | QLatin1String("libcrypto-1_1" QT_SSL_SUFFIX), result); |
775 | |
776 | #undef QT_SSL_SUFFIX |
777 | |
778 | #else // QT_CONFIG(opensslv11) |
779 | |
780 | // When OpenSSL is built using MSVC then the libraries are named 'ssleay32.dll' and 'libeay32'dll'. |
781 | // When OpenSSL is built using GCC then different library names are used (depending on the OpenSSL version) |
782 | // The oldest version of a GCC-based OpenSSL which can be detected by the code below is 0.9.8g (released in 2007) |
783 | if (!tryToLoadOpenSslWin32Library(QLatin1String("ssleay32" ), QLatin1String("libeay32" ), result)) { |
784 | if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-10" ), QLatin1String("libcrypto-10" ), result)) { |
785 | if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-8" ), QLatin1String("libcrypto-8" ), result)) { |
786 | tryToLoadOpenSslWin32Library(QLatin1String("libssl-7" ), QLatin1String("libcrypto-7" ), result); |
787 | } |
788 | } |
789 | } |
790 | #endif // !QT_CONFIG(opensslv11) |
791 | |
792 | return result; |
793 | } |
794 | #else |
795 | |
796 | struct LoadedOpenSsl { |
797 | std::unique_ptr<QLibrary> ssl, crypto; |
798 | }; |
799 | |
800 | static LoadedOpenSsl loadOpenSsl() |
801 | { |
802 | LoadedOpenSsl result = {qt_make_unique<QLibrary>(), qt_make_unique<QLibrary>()}; |
803 | |
804 | # if defined(Q_OS_UNIX) |
805 | QLibrary * const libssl = result.ssl.get(); |
806 | QLibrary * const libcrypto = result.crypto.get(); |
807 | |
808 | // Try to find the libssl library on the system. |
809 | // |
810 | // Up until Qt 4.3, this only searched for the "ssl" library at version -1, that |
811 | // is, libssl.so on most Unix systems. However, the .so file isn't present in |
812 | // user installations because it's considered a development file. |
813 | // |
814 | // The right thing to do is to load the library at the major version we know how |
815 | // to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h) |
816 | // |
817 | // However, OpenSSL is a well-known case of binary-compatibility breakage. To |
818 | // avoid such problems, many system integrators and Linux distributions change |
819 | // the soname of the binary, letting the full version number be the soname. So |
820 | // we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that |
821 | // reason, we will search a few common paths (see findAllLibSsl() above) in hopes |
822 | // we find one that works. |
823 | // |
824 | // If that fails, for OpenSSL 1.0 we also try some fallbacks -- look up |
825 | // libssl.so with a hardcoded soname. The reason is QTBUG-68156: the binary |
826 | // builds of Qt happen (at the time of this writing) on RHEL machines, |
827 | // which change SHLIB_VERSION_NUMBER to a non-portable string. When running |
828 | // those binaries on the target systems, this code won't pick up |
829 | // libssl.so.MODIFIED_SHLIB_VERSION_NUMBER because it doesn't exist there. |
830 | // Given that the only 1.0 supported release (at the time of this writing) |
831 | // is 1.0.2, with soname "1.0.0", give that a try too. Note that we mandate |
832 | // OpenSSL >= 1.0.0 with a configure-time check, and OpenSSL has kept binary |
833 | // compatibility between 1.0.0 and 1.0.2. |
834 | // |
835 | // It is important, however, to try the canonical name and the unversioned name |
836 | // without going through the loop. By not specifying a path, we let the system |
837 | // dlopen(3) function determine it for us. This will include any DT_RUNPATH or |
838 | // DT_RPATH tags on our library header as well as other system-specific search |
839 | // paths. See the man page for dlopen(3) on your system for more information. |
840 | |
841 | #ifdef Q_OS_OPENBSD |
842 | libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint); |
843 | #endif |
844 | #if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so |
845 | // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER> |
846 | libssl->setFileNameAndVersion(QLatin1String("ssl" ), QLatin1String(SHLIB_VERSION_NUMBER)); |
847 | libcrypto->setFileNameAndVersion(QLatin1String("crypto" ), QLatin1String(SHLIB_VERSION_NUMBER)); |
848 | if (libcrypto->load() && libssl->load()) { |
849 | // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found |
850 | return result; |
851 | } else { |
852 | libssl->unload(); |
853 | libcrypto->unload(); |
854 | } |
855 | |
856 | #if !QT_CONFIG(opensslv11) |
857 | // first-and-half attempts: for OpenSSL 1.0 try to load some hardcoded sonames: |
858 | // - "1.0.0" is the official upstream one |
859 | // - "1.0.2" is found on some distributions (e.g. Debian) that patch OpenSSL |
860 | static const QLatin1String fallbackSonames[] = { |
861 | QLatin1String("1.0.0" ), |
862 | QLatin1String("1.0.2" ) |
863 | }; |
864 | |
865 | for (auto fallbackSoname : fallbackSonames) { |
866 | libssl->setFileNameAndVersion(QLatin1String("ssl" ), fallbackSoname); |
867 | libcrypto->setFileNameAndVersion(QLatin1String("crypto" ), fallbackSoname); |
868 | if (libcrypto->load() && libssl->load()) { |
869 | return result; |
870 | } else { |
871 | libssl->unload(); |
872 | libcrypto->unload(); |
873 | } |
874 | } |
875 | #endif |
876 | #endif |
877 | |
878 | #ifndef Q_OS_DARWIN |
879 | // second attempt: find the development files libssl.so and libcrypto.so |
880 | // |
881 | // disabled on macOS/iOS: |
882 | // macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third |
883 | // attempt, _after_ <bundle>/Contents/Frameworks has been searched. |
884 | // iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place. |
885 | # if defined(Q_OS_ANDROID) |
886 | // OpenSSL 1.1.x must be suffixed otherwise it will use the system libcrypto.so libssl.so which on API-21 are OpenSSL 1.0 not 1.1 |
887 | auto openSSLSuffix = [](const QByteArray &defaultSuffix = {}) { |
888 | auto suffix = qgetenv("ANDROID_OPENSSL_SUFFIX" ); |
889 | if (suffix.isEmpty()) |
890 | return defaultSuffix; |
891 | return suffix; |
892 | }; |
893 | # if QT_CONFIG(opensslv11) |
894 | static QString suffix = QString::fromLatin1(openSSLSuffix("_1_1" )); |
895 | # else |
896 | static QString suffix = QString::fromLatin1(openSSLSuffix()); |
897 | # endif |
898 | libssl->setFileNameAndVersion(QLatin1String("ssl" ) + suffix, -1); |
899 | libcrypto->setFileNameAndVersion(QLatin1String("crypto" ) + suffix, -1); |
900 | # else |
901 | libssl->setFileNameAndVersion(QLatin1String("ssl" ), -1); |
902 | libcrypto->setFileNameAndVersion(QLatin1String("crypto" ), -1); |
903 | # endif |
904 | if (libcrypto->load() && libssl->load()) { |
905 | // libssl.so.0 and libcrypto.so.0 found |
906 | return result; |
907 | } else { |
908 | libssl->unload(); |
909 | libcrypto->unload(); |
910 | } |
911 | #endif |
912 | |
913 | // third attempt: loop on the most common library paths and find libssl |
914 | const QStringList sslList = findAllLibSsl(); |
915 | const QStringList cryptoList = findAllLibCrypto(); |
916 | |
917 | for (const QString &crypto : cryptoList) { |
918 | libcrypto->setFileNameAndVersion(crypto, -1); |
919 | if (libcrypto->load()) { |
920 | QFileInfo fi(crypto); |
921 | QString version = fi.completeSuffix(); |
922 | |
923 | for (const QString &ssl : sslList) { |
924 | if (!ssl.endsWith(version)) |
925 | continue; |
926 | |
927 | libssl->setFileNameAndVersion(ssl, -1); |
928 | |
929 | if (libssl->load()) { |
930 | // libssl.so.x and libcrypto.so.x found |
931 | return result; |
932 | } else { |
933 | libssl->unload(); |
934 | } |
935 | } |
936 | } |
937 | libcrypto->unload(); |
938 | } |
939 | |
940 | // failed to load anything |
941 | result = {}; |
942 | return result; |
943 | |
944 | # else |
945 | // not implemented for this platform yet |
946 | return result; |
947 | # endif |
948 | } |
949 | #endif |
950 | |
951 | static QBasicMutex symbolResolveMutex; |
952 | static QBasicAtomicInt symbolsResolved = Q_BASIC_ATOMIC_INITIALIZER(false); |
953 | static bool triedToResolveSymbols = false; |
954 | |
955 | bool q_resolveOpenSslSymbols() |
956 | { |
957 | if (symbolsResolved.loadAcquire()) |
958 | return true; |
959 | QMutexLocker locker(&symbolResolveMutex); |
960 | if (symbolsResolved.loadRelaxed()) |
961 | return true; |
962 | if (triedToResolveSymbols) |
963 | return false; |
964 | triedToResolveSymbols = true; |
965 | |
966 | LoadedOpenSsl libs = loadOpenSsl(); |
967 | if (!libs.ssl || !libs.crypto) |
968 | // failed to load them |
969 | return false; |
970 | |
971 | #if QT_CONFIG(opensslv11) |
972 | |
973 | RESOLVEFUNC(OPENSSL_init_ssl) |
974 | RESOLVEFUNC(OPENSSL_init_crypto) |
975 | RESOLVEFUNC(ASN1_STRING_get0_data) |
976 | RESOLVEFUNC(EVP_CIPHER_CTX_reset) |
977 | RESOLVEFUNC(EVP_PKEY_up_ref) |
978 | RESOLVEFUNC(EVP_PKEY_base_id) |
979 | RESOLVEFUNC(RSA_bits) |
980 | RESOLVEFUNC(OPENSSL_sk_new_null) |
981 | RESOLVEFUNC(OPENSSL_sk_push) |
982 | RESOLVEFUNC(OPENSSL_sk_free) |
983 | RESOLVEFUNC(OPENSSL_sk_num) |
984 | RESOLVEFUNC(OPENSSL_sk_pop_free) |
985 | RESOLVEFUNC(OPENSSL_sk_value) |
986 | RESOLVEFUNC(DH_get0_pqg) |
987 | RESOLVEFUNC(SSL_CTX_set_options) |
988 | #ifdef TLS1_3_VERSION |
989 | RESOLVEFUNC(SSL_CTX_set_ciphersuites) |
990 | RESOLVEFUNC(SSL_set_psk_use_session_callback) |
991 | #endif // TLS 1.3 or OpenSSL > 1.1.1 |
992 | RESOLVEFUNC(SSL_get_client_random) |
993 | RESOLVEFUNC(SSL_SESSION_get_master_key) |
994 | RESOLVEFUNC(SSL_session_reused) |
995 | RESOLVEFUNC(SSL_get_session) |
996 | RESOLVEFUNC(SSL_set_options) |
997 | RESOLVEFUNC(CRYPTO_get_ex_new_index) |
998 | RESOLVEFUNC(TLS_method) |
999 | RESOLVEFUNC(TLS_client_method) |
1000 | RESOLVEFUNC(TLS_server_method) |
1001 | RESOLVEFUNC(X509_up_ref) |
1002 | RESOLVEFUNC(X509_STORE_CTX_get0_chain) |
1003 | RESOLVEFUNC(X509_getm_notBefore) |
1004 | RESOLVEFUNC(X509_getm_notAfter) |
1005 | RESOLVEFUNC(X509_get_version) |
1006 | RESOLVEFUNC(X509_get_pubkey) |
1007 | RESOLVEFUNC(X509_STORE_set_verify_cb) |
1008 | RESOLVEFUNC(X509_STORE_set_ex_data) |
1009 | RESOLVEFUNC(X509_STORE_get_ex_data) |
1010 | RESOLVEFUNC(CRYPTO_free) |
1011 | RESOLVEFUNC(OpenSSL_version_num) |
1012 | RESOLVEFUNC(OpenSSL_version) |
1013 | if (!_q_OpenSSL_version) { |
1014 | // Apparently, we were built with OpenSSL 1.1 enabled but are now using |
1015 | // a wrong library. |
1016 | qCWarning(lcSsl, "Incompatible version of OpenSSL" ); |
1017 | return false; |
1018 | } |
1019 | |
1020 | RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint) |
1021 | RESOLVEFUNC(DH_bits) |
1022 | RESOLVEFUNC(DSA_bits) |
1023 | |
1024 | #if QT_CONFIG(dtls) |
1025 | RESOLVEFUNC(DTLSv1_listen) |
1026 | RESOLVEFUNC(BIO_ADDR_new) |
1027 | RESOLVEFUNC(BIO_ADDR_free) |
1028 | RESOLVEFUNC(BIO_meth_new) |
1029 | RESOLVEFUNC(BIO_meth_free) |
1030 | RESOLVEFUNC(BIO_meth_set_write) |
1031 | RESOLVEFUNC(BIO_meth_set_read) |
1032 | RESOLVEFUNC(BIO_meth_set_puts) |
1033 | RESOLVEFUNC(BIO_meth_set_ctrl) |
1034 | RESOLVEFUNC(BIO_meth_set_create) |
1035 | RESOLVEFUNC(BIO_meth_set_destroy) |
1036 | #endif // dtls |
1037 | #if QT_CONFIG(ocsp) |
1038 | RESOLVEFUNC(OCSP_SINGLERESP_get0_id) |
1039 | RESOLVEFUNC(d2i_OCSP_RESPONSE) |
1040 | RESOLVEFUNC(OCSP_RESPONSE_free) |
1041 | RESOLVEFUNC(OCSP_response_status) |
1042 | RESOLVEFUNC(OCSP_response_get1_basic) |
1043 | RESOLVEFUNC(OCSP_BASICRESP_free) |
1044 | RESOLVEFUNC(OCSP_basic_verify) |
1045 | RESOLVEFUNC(OCSP_resp_count) |
1046 | RESOLVEFUNC(OCSP_resp_get0) |
1047 | RESOLVEFUNC(OCSP_single_get0_status) |
1048 | RESOLVEFUNC(OCSP_check_validity) |
1049 | RESOLVEFUNC(OCSP_cert_to_id) |
1050 | RESOLVEFUNC(OCSP_id_get0_info) |
1051 | RESOLVEFUNC(OCSP_resp_get0_certs) |
1052 | RESOLVEFUNC(OCSP_basic_sign) |
1053 | RESOLVEFUNC(OCSP_response_create) |
1054 | RESOLVEFUNC(i2d_OCSP_RESPONSE) |
1055 | RESOLVEFUNC(OCSP_basic_add1_status) |
1056 | RESOLVEFUNC(OCSP_BASICRESP_new) |
1057 | RESOLVEFUNC(OCSP_CERTID_free) |
1058 | RESOLVEFUNC(OCSP_cert_to_id) |
1059 | RESOLVEFUNC(OCSP_id_cmp) |
1060 | #endif // ocsp |
1061 | RESOLVEFUNC(BIO_set_data) |
1062 | RESOLVEFUNC(BIO_get_data) |
1063 | RESOLVEFUNC(BIO_set_init) |
1064 | RESOLVEFUNC(BIO_get_shutdown) |
1065 | RESOLVEFUNC(BIO_set_shutdown) |
1066 | #else // !opensslv11 |
1067 | |
1068 | RESOLVEFUNC(ASN1_STRING_data) |
1069 | |
1070 | #ifdef SSLEAY_MACROS |
1071 | RESOLVEFUNC(ASN1_dup) |
1072 | #endif // SSLEAY_MACROS |
1073 | RESOLVEFUNC(BIO_new_file) |
1074 | RESOLVEFUNC(ERR_clear_error) |
1075 | RESOLVEFUNC(CRYPTO_free) |
1076 | RESOLVEFUNC(CRYPTO_num_locks) |
1077 | RESOLVEFUNC(CRYPTO_set_id_callback) |
1078 | RESOLVEFUNC(CRYPTO_set_locking_callback) |
1079 | RESOLVEFUNC(CRYPTO_set_ex_data) |
1080 | RESOLVEFUNC(CRYPTO_get_ex_data) |
1081 | RESOLVEFUNC(ERR_peek_last_error) |
1082 | RESOLVEFUNC(ERR_free_strings) |
1083 | RESOLVEFUNC(EVP_CIPHER_CTX_cleanup) |
1084 | RESOLVEFUNC(EVP_CIPHER_CTX_init) |
1085 | |
1086 | #ifdef SSLEAY_MACROS // ### verify |
1087 | RESOLVEFUNC(PEM_ASN1_read_bio) |
1088 | #endif // SSLEAY_MACROS |
1089 | |
1090 | RESOLVEFUNC(sk_new_null) |
1091 | RESOLVEFUNC(sk_push) |
1092 | RESOLVEFUNC(sk_free) |
1093 | RESOLVEFUNC(sk_num) |
1094 | RESOLVEFUNC(sk_pop_free) |
1095 | RESOLVEFUNC(sk_value) |
1096 | RESOLVEFUNC(SSL_library_init) |
1097 | RESOLVEFUNC(SSL_load_error_strings) |
1098 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
1099 | RESOLVEFUNC(SSL_get_ex_new_index) |
1100 | #endif |
1101 | RESOLVEFUNC(SSLv23_client_method) |
1102 | RESOLVEFUNC(TLSv1_client_method) |
1103 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
1104 | RESOLVEFUNC(TLSv1_1_client_method) |
1105 | RESOLVEFUNC(TLSv1_2_client_method) |
1106 | #endif |
1107 | RESOLVEFUNC(SSLv23_server_method) |
1108 | RESOLVEFUNC(TLSv1_server_method) |
1109 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
1110 | RESOLVEFUNC(TLSv1_1_server_method) |
1111 | RESOLVEFUNC(TLSv1_2_server_method) |
1112 | #endif |
1113 | RESOLVEFUNC(X509_STORE_CTX_get_chain) |
1114 | #ifdef SSLEAY_MACROS |
1115 | RESOLVEFUNC(i2d_DSAPrivateKey) |
1116 | RESOLVEFUNC(i2d_RSAPrivateKey) |
1117 | RESOLVEFUNC(d2i_DSAPrivateKey) |
1118 | RESOLVEFUNC(d2i_RSAPrivateKey) |
1119 | #endif |
1120 | |
1121 | #if QT_CONFIG(dtls) |
1122 | RESOLVEFUNC(DTLSv1_server_method) |
1123 | RESOLVEFUNC(DTLSv1_client_method) |
1124 | RESOLVEFUNC(DTLSv1_2_server_method) |
1125 | RESOLVEFUNC(DTLSv1_2_client_method) |
1126 | #endif // dtls |
1127 | |
1128 | RESOLVEFUNC(CONF_get1_default_config_file) |
1129 | RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf) |
1130 | RESOLVEFUNC(OPENSSL_add_all_algorithms_conf) |
1131 | RESOLVEFUNC(SSLeay) |
1132 | |
1133 | if (!_q_SSLeay || q_SSLeay() >= 0x10100000L) { |
1134 | // OpenSSL 1.1 has deprecated and removed SSLeay. We consider a failure to |
1135 | // resolve this symbol as a failure to resolve symbols. |
1136 | // The right operand of '||' above is ... a bit of paranoia. |
1137 | qCWarning(lcSsl, "Incompatible version of OpenSSL" ); |
1138 | return false; |
1139 | } |
1140 | |
1141 | |
1142 | RESOLVEFUNC(SSLeay_version) |
1143 | |
1144 | #ifndef OPENSSL_NO_EC |
1145 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
1146 | if (q_SSLeay() >= 0x10002000L) |
1147 | RESOLVEFUNC(EC_curve_nist2nid) |
1148 | #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L |
1149 | #endif // OPENSSL_NO_EC |
1150 | |
1151 | |
1152 | #endif // !opensslv11 |
1153 | |
1154 | RESOLVEFUNC(ASN1_INTEGER_get) |
1155 | RESOLVEFUNC(ASN1_INTEGER_cmp) |
1156 | RESOLVEFUNC(ASN1_STRING_length) |
1157 | RESOLVEFUNC(ASN1_STRING_to_UTF8) |
1158 | RESOLVEFUNC(BIO_ctrl) |
1159 | RESOLVEFUNC(BIO_free) |
1160 | RESOLVEFUNC(BIO_new) |
1161 | RESOLVEFUNC(BIO_new_mem_buf) |
1162 | RESOLVEFUNC(BIO_read) |
1163 | RESOLVEFUNC(BIO_s_mem) |
1164 | RESOLVEFUNC(BIO_write) |
1165 | RESOLVEFUNC(BIO_set_flags) |
1166 | RESOLVEFUNC(BIO_clear_flags) |
1167 | RESOLVEFUNC(BIO_set_ex_data) |
1168 | RESOLVEFUNC(BIO_get_ex_data) |
1169 | |
1170 | #ifndef OPENSSL_NO_EC |
1171 | RESOLVEFUNC(EC_KEY_get0_group) |
1172 | RESOLVEFUNC(EC_GROUP_get_degree) |
1173 | #endif |
1174 | RESOLVEFUNC(BN_num_bits) |
1175 | #if QT_CONFIG(opensslv11) |
1176 | RESOLVEFUNC(BN_is_word) |
1177 | #endif |
1178 | RESOLVEFUNC(BN_mod_word) |
1179 | RESOLVEFUNC(DSA_new) |
1180 | RESOLVEFUNC(DSA_free) |
1181 | RESOLVEFUNC(ERR_error_string) |
1182 | RESOLVEFUNC(ERR_error_string_n) |
1183 | RESOLVEFUNC(ERR_get_error) |
1184 | RESOLVEFUNC(EVP_CIPHER_CTX_new) |
1185 | RESOLVEFUNC(EVP_CIPHER_CTX_free) |
1186 | RESOLVEFUNC(EVP_CIPHER_CTX_ctrl) |
1187 | RESOLVEFUNC(EVP_CIPHER_CTX_set_key_length) |
1188 | RESOLVEFUNC(EVP_CipherInit) |
1189 | RESOLVEFUNC(EVP_CipherInit_ex) |
1190 | RESOLVEFUNC(EVP_CipherUpdate) |
1191 | RESOLVEFUNC(EVP_CipherFinal) |
1192 | RESOLVEFUNC(EVP_get_digestbyname) |
1193 | #ifndef OPENSSL_NO_DES |
1194 | RESOLVEFUNC(EVP_des_cbc) |
1195 | RESOLVEFUNC(EVP_des_ede3_cbc) |
1196 | #endif |
1197 | #ifndef OPENSSL_NO_RC2 |
1198 | RESOLVEFUNC(EVP_rc2_cbc) |
1199 | #endif |
1200 | #ifndef OPENSSL_NO_AES |
1201 | RESOLVEFUNC(EVP_aes_128_cbc) |
1202 | RESOLVEFUNC(EVP_aes_192_cbc) |
1203 | RESOLVEFUNC(EVP_aes_256_cbc) |
1204 | #endif |
1205 | RESOLVEFUNC(EVP_sha1) |
1206 | RESOLVEFUNC(EVP_PKEY_assign) |
1207 | RESOLVEFUNC(EVP_PKEY_set1_RSA) |
1208 | RESOLVEFUNC(EVP_PKEY_set1_DSA) |
1209 | RESOLVEFUNC(EVP_PKEY_set1_DH) |
1210 | #ifndef OPENSSL_NO_EC |
1211 | RESOLVEFUNC(EVP_PKEY_set1_EC_KEY) |
1212 | #endif |
1213 | RESOLVEFUNC(EVP_PKEY_cmp) |
1214 | RESOLVEFUNC(EVP_PKEY_free) |
1215 | RESOLVEFUNC(EVP_PKEY_get1_DSA) |
1216 | RESOLVEFUNC(EVP_PKEY_get1_RSA) |
1217 | RESOLVEFUNC(EVP_PKEY_get1_DH) |
1218 | #ifndef OPENSSL_NO_EC |
1219 | RESOLVEFUNC(EVP_PKEY_get1_EC_KEY) |
1220 | #endif |
1221 | RESOLVEFUNC(EVP_PKEY_new) |
1222 | RESOLVEFUNC(EVP_PKEY_type) |
1223 | RESOLVEFUNC(OBJ_nid2sn) |
1224 | RESOLVEFUNC(OBJ_nid2ln) |
1225 | RESOLVEFUNC(OBJ_sn2nid) |
1226 | RESOLVEFUNC(OBJ_ln2nid) |
1227 | RESOLVEFUNC(i2t_ASN1_OBJECT) |
1228 | RESOLVEFUNC(OBJ_obj2txt) |
1229 | RESOLVEFUNC(OBJ_obj2nid) |
1230 | |
1231 | #ifndef SSLEAY_MACROS |
1232 | RESOLVEFUNC(PEM_read_bio_PrivateKey) |
1233 | RESOLVEFUNC(PEM_read_bio_DSAPrivateKey) |
1234 | RESOLVEFUNC(PEM_read_bio_RSAPrivateKey) |
1235 | #ifndef OPENSSL_NO_EC |
1236 | RESOLVEFUNC(PEM_read_bio_ECPrivateKey) |
1237 | #endif |
1238 | RESOLVEFUNC(PEM_read_bio_DHparams) |
1239 | RESOLVEFUNC(PEM_write_bio_DSAPrivateKey) |
1240 | RESOLVEFUNC(PEM_write_bio_RSAPrivateKey) |
1241 | RESOLVEFUNC(PEM_write_bio_PrivateKey) |
1242 | #ifndef OPENSSL_NO_EC |
1243 | RESOLVEFUNC(PEM_write_bio_ECPrivateKey) |
1244 | #endif |
1245 | #endif // !SSLEAY_MACROS |
1246 | |
1247 | RESOLVEFUNC(PEM_read_bio_PUBKEY) |
1248 | RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY) |
1249 | RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY) |
1250 | #ifndef OPENSSL_NO_EC |
1251 | RESOLVEFUNC(PEM_read_bio_EC_PUBKEY) |
1252 | #endif |
1253 | RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY) |
1254 | RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY) |
1255 | RESOLVEFUNC(PEM_write_bio_PUBKEY) |
1256 | #ifndef OPENSSL_NO_EC |
1257 | RESOLVEFUNC(PEM_write_bio_EC_PUBKEY) |
1258 | #endif |
1259 | RESOLVEFUNC(RAND_seed) |
1260 | RESOLVEFUNC(RAND_status) |
1261 | RESOLVEFUNC(RAND_bytes) |
1262 | RESOLVEFUNC(RSA_new) |
1263 | RESOLVEFUNC(RSA_free) |
1264 | RESOLVEFUNC(SSL_CIPHER_description) |
1265 | RESOLVEFUNC(SSL_CIPHER_get_bits) |
1266 | RESOLVEFUNC(SSL_get_rbio) |
1267 | RESOLVEFUNC(SSL_CTX_check_private_key) |
1268 | RESOLVEFUNC(SSL_CTX_ctrl) |
1269 | RESOLVEFUNC(SSL_CTX_free) |
1270 | RESOLVEFUNC(SSL_CTX_new) |
1271 | RESOLVEFUNC(SSL_CTX_set_cipher_list) |
1272 | RESOLVEFUNC(SSL_CTX_callback_ctrl) |
1273 | RESOLVEFUNC(SSL_CTX_set_default_verify_paths) |
1274 | RESOLVEFUNC(SSL_CTX_set_verify) |
1275 | RESOLVEFUNC(SSL_CTX_set_verify_depth) |
1276 | RESOLVEFUNC(SSL_CTX_use_certificate) |
1277 | RESOLVEFUNC(SSL_CTX_use_certificate_file) |
1278 | RESOLVEFUNC(SSL_CTX_use_PrivateKey) |
1279 | RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey) |
1280 | RESOLVEFUNC(SSL_CTX_use_PrivateKey_file) |
1281 | RESOLVEFUNC(SSL_CTX_get_cert_store); |
1282 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
1283 | RESOLVEFUNC(SSL_CONF_CTX_new); |
1284 | RESOLVEFUNC(SSL_CONF_CTX_free); |
1285 | RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx); |
1286 | RESOLVEFUNC(SSL_CONF_CTX_set_flags); |
1287 | RESOLVEFUNC(SSL_CONF_CTX_finish); |
1288 | RESOLVEFUNC(SSL_CONF_cmd); |
1289 | #endif |
1290 | RESOLVEFUNC(SSL_accept) |
1291 | RESOLVEFUNC(SSL_clear) |
1292 | RESOLVEFUNC(SSL_connect) |
1293 | RESOLVEFUNC(SSL_free) |
1294 | RESOLVEFUNC(SSL_get_ciphers) |
1295 | RESOLVEFUNC(SSL_get_current_cipher) |
1296 | RESOLVEFUNC(SSL_version) |
1297 | RESOLVEFUNC(SSL_get_error) |
1298 | RESOLVEFUNC(SSL_get_peer_cert_chain) |
1299 | RESOLVEFUNC(SSL_get_peer_certificate) |
1300 | RESOLVEFUNC(SSL_get_verify_result) |
1301 | RESOLVEFUNC(SSL_new) |
1302 | RESOLVEFUNC(SSL_get_SSL_CTX) |
1303 | RESOLVEFUNC(SSL_ctrl) |
1304 | RESOLVEFUNC(SSL_read) |
1305 | RESOLVEFUNC(SSL_set_accept_state) |
1306 | RESOLVEFUNC(SSL_set_bio) |
1307 | RESOLVEFUNC(SSL_set_connect_state) |
1308 | RESOLVEFUNC(SSL_shutdown) |
1309 | RESOLVEFUNC(SSL_get_shutdown) |
1310 | RESOLVEFUNC(SSL_set_session) |
1311 | RESOLVEFUNC(SSL_SESSION_free) |
1312 | RESOLVEFUNC(SSL_get1_session) |
1313 | RESOLVEFUNC(SSL_get_session) |
1314 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L |
1315 | RESOLVEFUNC(SSL_set_ex_data) |
1316 | RESOLVEFUNC(SSL_get_ex_data) |
1317 | RESOLVEFUNC(SSL_get_ex_data_X509_STORE_CTX_idx) |
1318 | #endif |
1319 | #if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) |
1320 | RESOLVEFUNC(SSL_set_psk_client_callback) |
1321 | RESOLVEFUNC(SSL_set_psk_server_callback) |
1322 | RESOLVEFUNC(SSL_CTX_use_psk_identity_hint) |
1323 | #endif |
1324 | RESOLVEFUNC(SSL_write) |
1325 | RESOLVEFUNC(X509_NAME_entry_count) |
1326 | RESOLVEFUNC(X509_NAME_get_entry) |
1327 | RESOLVEFUNC(X509_NAME_ENTRY_get_data) |
1328 | RESOLVEFUNC(X509_NAME_ENTRY_get_object) |
1329 | RESOLVEFUNC(X509_PUBKEY_get) |
1330 | RESOLVEFUNC(X509_STORE_free) |
1331 | RESOLVEFUNC(X509_STORE_new) |
1332 | RESOLVEFUNC(X509_STORE_add_cert) |
1333 | RESOLVEFUNC(X509_STORE_CTX_free) |
1334 | RESOLVEFUNC(X509_STORE_CTX_init) |
1335 | RESOLVEFUNC(X509_STORE_CTX_new) |
1336 | RESOLVEFUNC(X509_STORE_CTX_set_purpose) |
1337 | RESOLVEFUNC(X509_STORE_CTX_get_error) |
1338 | RESOLVEFUNC(X509_STORE_CTX_get_error_depth) |
1339 | RESOLVEFUNC(X509_STORE_CTX_get_current_cert) |
1340 | RESOLVEFUNC(X509_STORE_CTX_get0_store) |
1341 | RESOLVEFUNC(X509_cmp) |
1342 | RESOLVEFUNC(X509_STORE_CTX_get_ex_data) |
1343 | |
1344 | #ifndef SSLEAY_MACROS |
1345 | RESOLVEFUNC(X509_dup) |
1346 | #endif |
1347 | RESOLVEFUNC(X509_print) |
1348 | RESOLVEFUNC(X509_digest) |
1349 | RESOLVEFUNC(X509_EXTENSION_get_object) |
1350 | RESOLVEFUNC(X509_free) |
1351 | RESOLVEFUNC(X509_gmtime_adj) |
1352 | RESOLVEFUNC(ASN1_TIME_free) |
1353 | RESOLVEFUNC(X509_get_ext) |
1354 | RESOLVEFUNC(X509_get_ext_count) |
1355 | RESOLVEFUNC(X509_get_ext_d2i) |
1356 | RESOLVEFUNC(X509V3_EXT_get) |
1357 | RESOLVEFUNC(X509V3_EXT_d2i) |
1358 | RESOLVEFUNC(X509_EXTENSION_get_critical) |
1359 | RESOLVEFUNC(X509_EXTENSION_get_data) |
1360 | RESOLVEFUNC(BASIC_CONSTRAINTS_free) |
1361 | RESOLVEFUNC(AUTHORITY_KEYID_free) |
1362 | RESOLVEFUNC(GENERAL_NAME_free) |
1363 | RESOLVEFUNC(ASN1_STRING_print) |
1364 | RESOLVEFUNC(X509_check_issued) |
1365 | RESOLVEFUNC(X509_get_issuer_name) |
1366 | RESOLVEFUNC(X509_get_subject_name) |
1367 | RESOLVEFUNC(X509_get_serialNumber) |
1368 | RESOLVEFUNC(X509_verify_cert) |
1369 | RESOLVEFUNC(d2i_X509) |
1370 | RESOLVEFUNC(i2d_X509) |
1371 | RESOLVEFUNC(SSL_CTX_load_verify_locations) |
1372 | RESOLVEFUNC(i2d_SSL_SESSION) |
1373 | RESOLVEFUNC(d2i_SSL_SESSION) |
1374 | #if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) |
1375 | RESOLVEFUNC(SSL_select_next_proto) |
1376 | RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb) |
1377 | RESOLVEFUNC(SSL_get0_next_proto_negotiated) |
1378 | #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... |
1379 | #if OPENSSL_VERSION_NUMBER >= 0x10002000L |
1380 | RESOLVEFUNC(SSL_set_alpn_protos) |
1381 | RESOLVEFUNC(SSL_CTX_set_alpn_select_cb) |
1382 | RESOLVEFUNC(SSL_get0_alpn_selected) |
1383 | #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ... |
1384 | #if QT_CONFIG(dtls) |
1385 | RESOLVEFUNC(SSL_CTX_set_cookie_generate_cb) |
1386 | RESOLVEFUNC(SSL_CTX_set_cookie_verify_cb) |
1387 | RESOLVEFUNC(DTLS_server_method) |
1388 | RESOLVEFUNC(DTLS_client_method) |
1389 | #endif // dtls |
1390 | RESOLVEFUNC(CRYPTO_malloc) |
1391 | RESOLVEFUNC(DH_new) |
1392 | RESOLVEFUNC(DH_free) |
1393 | RESOLVEFUNC(d2i_DHparams) |
1394 | RESOLVEFUNC(i2d_DHparams) |
1395 | RESOLVEFUNC(DH_check) |
1396 | RESOLVEFUNC(BN_bin2bn) |
1397 | #ifndef OPENSSL_NO_EC |
1398 | RESOLVEFUNC(EC_KEY_dup) |
1399 | RESOLVEFUNC(EC_KEY_new_by_curve_name) |
1400 | RESOLVEFUNC(EC_KEY_free) |
1401 | RESOLVEFUNC(EC_get_builtin_curves) |
1402 | #endif // OPENSSL_NO_EC |
1403 | RESOLVEFUNC(PKCS12_parse) |
1404 | RESOLVEFUNC(d2i_PKCS12_bio) |
1405 | RESOLVEFUNC(PKCS12_free) |
1406 | |
1407 | symbolsResolved.storeRelease(true); |
1408 | return true; |
1409 | } |
1410 | #endif // QT_CONFIG(library) |
1411 | |
1412 | #else // !defined QT_LINKED_OPENSSL |
1413 | |
1414 | bool q_resolveOpenSslSymbols() |
1415 | { |
1416 | #ifdef QT_NO_OPENSSL |
1417 | return false; |
1418 | #endif |
1419 | return true; |
1420 | } |
1421 | #endif // !defined QT_LINKED_OPENSSL |
1422 | |
1423 | //============================================================================== |
1424 | // contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/ |
1425 | // Based on X509_cmp_time() for intitial buffer hacking. |
1426 | //============================================================================== |
1427 | QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime) |
1428 | { |
1429 | size_t lTimeLength = aTime->length; |
1430 | char *pString = (char *) aTime->data; |
1431 | |
1432 | if (aTime->type == V_ASN1_UTCTIME) { |
1433 | |
1434 | char lBuffer[24]; |
1435 | char *pBuffer = lBuffer; |
1436 | |
1437 | if ((lTimeLength < 11) || (lTimeLength > 17)) |
1438 | return QDateTime(); |
1439 | |
1440 | memcpy(pBuffer, pString, 10); |
1441 | pBuffer += 10; |
1442 | pString += 10; |
1443 | |
1444 | if ((*pString == 'Z') || (*pString == '-') || (*pString == '+')) { |
1445 | *pBuffer++ = '0'; |
1446 | *pBuffer++ = '0'; |
1447 | } else { |
1448 | *pBuffer++ = *pString++; |
1449 | *pBuffer++ = *pString++; |
1450 | // Skip any fractional seconds... |
1451 | if (*pString == '.') { |
1452 | pString++; |
1453 | while ((*pString >= '0') && (*pString <= '9')) |
1454 | pString++; |
1455 | } |
1456 | } |
1457 | |
1458 | *pBuffer++ = 'Z'; |
1459 | *pBuffer++ = '\0'; |
1460 | |
1461 | time_t lSecondsFromUCT; |
1462 | if (*pString == 'Z') { |
1463 | lSecondsFromUCT = 0; |
1464 | } else { |
1465 | if ((*pString != '+') && (*pString != '-')) |
1466 | return QDateTime(); |
1467 | |
1468 | lSecondsFromUCT = ((pString[1] - '0') * 10 + (pString[2] - '0')) * 60; |
1469 | lSecondsFromUCT += (pString[3] - '0') * 10 + (pString[4] - '0'); |
1470 | lSecondsFromUCT *= 60; |
1471 | if (*pString == '-') |
1472 | lSecondsFromUCT = -lSecondsFromUCT; |
1473 | } |
1474 | |
1475 | tm lTime; |
1476 | lTime.tm_sec = ((lBuffer[10] - '0') * 10) + (lBuffer[11] - '0'); |
1477 | lTime.tm_min = ((lBuffer[8] - '0') * 10) + (lBuffer[9] - '0'); |
1478 | lTime.tm_hour = ((lBuffer[6] - '0') * 10) + (lBuffer[7] - '0'); |
1479 | lTime.tm_mday = ((lBuffer[4] - '0') * 10) + (lBuffer[5] - '0'); |
1480 | lTime.tm_mon = (((lBuffer[2] - '0') * 10) + (lBuffer[3] - '0')) - 1; |
1481 | lTime.tm_year = ((lBuffer[0] - '0') * 10) + (lBuffer[1] - '0'); |
1482 | if (lTime.tm_year < 50) |
1483 | lTime.tm_year += 100; // RFC 2459 |
1484 | |
1485 | QDate resDate(lTime.tm_year + 1900, lTime.tm_mon + 1, lTime.tm_mday); |
1486 | QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec); |
1487 | |
1488 | QDateTime result(resDate, resTime, Qt::UTC); |
1489 | result = result.addSecs(lSecondsFromUCT); |
1490 | return result; |
1491 | |
1492 | } else if (aTime->type == V_ASN1_GENERALIZEDTIME) { |
1493 | |
1494 | if (lTimeLength < 15) |
1495 | return QDateTime(); // hopefully never triggered |
1496 | |
1497 | // generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2) |
1498 | tm lTime; |
1499 | lTime.tm_sec = ((pString[12] - '0') * 10) + (pString[13] - '0'); |
1500 | lTime.tm_min = ((pString[10] - '0') * 10) + (pString[11] - '0'); |
1501 | lTime.tm_hour = ((pString[8] - '0') * 10) + (pString[9] - '0'); |
1502 | lTime.tm_mday = ((pString[6] - '0') * 10) + (pString[7] - '0'); |
1503 | lTime.tm_mon = (((pString[4] - '0') * 10) + (pString[5] - '0')); |
1504 | lTime.tm_year = ((pString[0] - '0') * 1000) + ((pString[1] - '0') * 100) + |
1505 | ((pString[2] - '0') * 10) + (pString[3] - '0'); |
1506 | |
1507 | QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday); |
1508 | QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec); |
1509 | |
1510 | QDateTime result(resDate, resTime, Qt::UTC); |
1511 | return result; |
1512 | |
1513 | } else { |
1514 | qCWarning(lcSsl, "unsupported date format detected" ); |
1515 | return QDateTime(); |
1516 | } |
1517 | |
1518 | } |
1519 | |
1520 | QT_END_NAMESPACE |
1521 | |