1/****************************************************************************
2**
3** Copyright (C) 2017 The Qt Company Ltd.
4** Copyright (C) 2014 BlackBerry Limited. All rights reserved.
5** Copyright (C) 2016 Richard J. Moore <rich@kde.org>
6** Contact: https://www.qt.io/licensing/
7**
8** This file is part of the QtNetwork module of the Qt Toolkit.
9**
10** $QT_BEGIN_LICENSE:LGPL$
11** Commercial License Usage
12** Licensees holding valid commercial Qt licenses may use this file in
13** accordance with the commercial license agreement provided with the
14** Software or, alternatively, in accordance with the terms contained in
15** a written agreement between you and The Qt Company. For licensing terms
16** and conditions see https://www.qt.io/terms-conditions. For further
17** information use the contact form at https://www.qt.io/contact-us.
18**
19** GNU Lesser General Public License Usage
20** Alternatively, this file may be used under the terms of the GNU Lesser
21** General Public License version 3 as published by the Free Software
22** Foundation and appearing in the file LICENSE.LGPL3 included in the
23** packaging of this file. Please review the following information to
24** ensure the GNU Lesser General Public License version 3 requirements
25** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
26**
27** GNU General Public License Usage
28** Alternatively, this file may be used under the terms of the GNU
29** General Public License version 2.0 or (at your option) the GNU General
30** Public license version 3 or any later version approved by the KDE Free
31** Qt Foundation. The licenses are as published by the Free Software
32** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
33** included in the packaging of this file. Please review the following
34** information to ensure the GNU General Public License requirements will
35** be met: https://www.gnu.org/licenses/gpl-2.0.html and
36** https://www.gnu.org/licenses/gpl-3.0.html.
37**
38** $QT_END_LICENSE$
39**
40****************************************************************************/
41
42/****************************************************************************
43**
44** In addition, as a special exception, the copyright holders listed above give
45** permission to link the code of its release of Qt with the OpenSSL project's
46** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
47** same license as the original version), and distribute the linked executables.
48**
49** You must comply with the GNU General Public License version 2 in all
50** respects for all of the code used other than the "OpenSSL" code. If you
51** modify this file, you may extend this exception to your version of the file,
52** but you are not obligated to do so. If you do not wish to do so, delete
53** this exception statement from your version of this file.
54**
55****************************************************************************/
56
57#include "qssl_p.h"
58#include "qsslsocket_openssl_symbols_p.h"
59
60#ifdef Q_OS_WIN
61# include <private/qsystemlibrary_p.h>
62#elif QT_CONFIG(library)
63# include <QtCore/qlibrary.h>
64#endif
65#include <QtCore/qmutex.h>
66#include <QtCore/qdatetime.h>
67#if defined(Q_OS_UNIX)
68#include <QtCore/qdir.h>
69#endif
70#include <QtCore/private/qmemory_p.h>
71#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
72#include <link.h>
73#endif
74#ifdef Q_OS_DARWIN
75#include "private/qcore_mac_p.h"
76#endif
77
78#include <algorithm>
79
80QT_BEGIN_NAMESPACE
81
82/*
83 Note to maintainer:
84 -------------------
85
86 We load OpenSSL symbols dynamically. Because symbols are known to
87 disappear, and signatures sometimes change, between releases, we need to
88 be careful about how this is done. To ensure we don't end up dereferencing
89 null function pointers, and continue running even if certain functions are
90 missing, we define helper functions for each of the symbols we load from
91 OpenSSL, all prefixed with "q_" (declared in
92 qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect
93 directly, we call q_SSL_connect, which is a function that checks if the
94 actual SSL_connect fptr is null, and returns a failure if it is, or calls
95 SSL_connect if it isn't.
96
97 This requires a somewhat tedious process of declaring each function we
98 want to call in OpenSSL thrice: once with the q_, in _p.h, once using the
99 DEFINEFUNC macros below, and once in the function that actually resolves
100 the symbols, below the DEFINEFUNC declarations below.
101
102 There's one DEFINEFUNC macro declared for every number of arguments
103 exposed by OpenSSL (feel free to extend when needed). The easiest thing to
104 do is to find an existing entry that matches the arg count of the function
105 you want to import, and do the same.
106
107 The first macro arg is the function return type. The second is the
108 verbatim name of the function/symbol. Then follows a list of N pairs of
109 argument types with a variable name, and just the variable name (char *a,
110 a, char *b, b, etc). Finally there's two arguments - a suitable return
111 statement for the error case (for an int function, return 0 or return -1
112 is usually right). Then either just "return" or DUMMYARG, the latter being
113 for void functions.
114
115 Note: Take into account that these macros and declarations are processed
116 at compile-time, and the result depends on the OpenSSL headers the
117 compiling host has installed, but the symbols are resolved at run-time,
118 possibly with a different version of OpenSSL.
119*/
120
121#ifndef QT_LINKED_OPENSSL
122
123namespace {
124void qsslSocketUnresolvedSymbolWarning(const char *functionName)
125{
126 qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName);
127}
128
129#if QT_CONFIG(library)
130void qsslSocketCannotResolveSymbolWarning(const char *functionName)
131{
132 qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName);
133}
134#endif
135
136}
137
138#endif // QT_LINKED_OPENSSL
139
140#if QT_CONFIG(opensslv11)
141
142// Below are the functions first introduced in version 1.1:
143
144DEFINEFUNC(const unsigned char *, ASN1_STRING_get0_data, const ASN1_STRING *a, a, return nullptr, return)
145DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return)
146DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return)
147DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return nullptr, return)
148DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
149DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return)
150DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX *c, c, return 0, return)
151DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY *a, a, return 0, return)
152DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return)
153DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return)
154DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return)
155DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return)
156DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
157DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return)
158DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK *a, a, void *b, b, return, DUMMYARG)
159DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG)
160DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return)
161DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return)
162DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return)
163#ifdef TLS1_3_VERSION
164DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return)
165DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG)
166#endif
167DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return)
168DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return)
169DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return)
170DEFINEFUNC2(unsigned long, SSL_set_options, SSL *ssl, ssl, unsigned long op, op, return 0, return)
171
172DEFINEFUNC(const SSL_METHOD *, TLS_method, DUMMYARG, DUMMYARG, return nullptr, return)
173DEFINEFUNC(const SSL_METHOD *, TLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
174DEFINEFUNC(const SSL_METHOD *, TLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
175DEFINEFUNC(void, X509_up_ref, X509 *a, a, return, DUMMYARG)
176DEFINEFUNC(ASN1_TIME *, X509_getm_notBefore, X509 *a, a, return nullptr, return)
177DEFINEFUNC(ASN1_TIME *, X509_getm_notAfter, X509 *a, a, return nullptr, return)
178DEFINEFUNC(long, X509_get_version, X509 *a, a, return -1, return)
179DEFINEFUNC(EVP_PKEY *, X509_get_pubkey, X509 *a, a, return nullptr, return)
180DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return, DUMMYARG)
181DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *data, data, return 0, return)
182DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return)
183DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return)
184DEFINEFUNC3(void, CRYPTO_free, void *str, str, const char *file, file, int line, line, return, DUMMYARG)
185DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return)
186DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return)
187DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return)
188DEFINEFUNC4(void, DH_get0_pqg, const DH *dh, dh, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, DUMMYARG)
189DEFINEFUNC(int, DH_bits, DH *dh, dh, return 0, return)
190
191#if QT_CONFIG(dtls)
192DEFINEFUNC2(int, DTLSv1_listen, SSL *s, s, BIO_ADDR *c, c, return -1, return)
193DEFINEFUNC(BIO_ADDR *, BIO_ADDR_new, DUMMYARG, DUMMYARG, return nullptr, return)
194DEFINEFUNC(void, BIO_ADDR_free, BIO_ADDR *ap, ap, return, DUMMYARG)
195DEFINEFUNC2(BIO_METHOD *, BIO_meth_new, int type, type, const char *name, name, return nullptr, return)
196DEFINEFUNC(void, BIO_meth_free, BIO_METHOD *biom, biom, return, DUMMYARG)
197DEFINEFUNC2(int, BIO_meth_set_write, BIO_METHOD *biom, biom, DgramWriteCallback write, write, return 0, return)
198DEFINEFUNC2(int, BIO_meth_set_read, BIO_METHOD *biom, biom, DgramReadCallback read, read, return 0, return)
199DEFINEFUNC2(int, BIO_meth_set_puts, BIO_METHOD *biom, biom, DgramPutsCallback puts, puts, return 0, return)
200DEFINEFUNC2(int, BIO_meth_set_ctrl, BIO_METHOD *biom, biom, DgramCtrlCallback ctrl, ctrl, return 0, return)
201DEFINEFUNC2(int, BIO_meth_set_create, BIO_METHOD *biom, biom, DgramCreateCallback crt, crt, return 0, return)
202DEFINEFUNC2(int, BIO_meth_set_destroy, BIO_METHOD *biom, biom, DgramDestroyCallback dtr, dtr, return 0, return)
203#endif // dtls
204
205#if QT_CONFIG(ocsp)
206DEFINEFUNC(const OCSP_CERTID *, OCSP_SINGLERESP_get0_id, const OCSP_SINGLERESP *x, x, return nullptr, return)
207DEFINEFUNC3(OCSP_RESPONSE *, d2i_OCSP_RESPONSE, OCSP_RESPONSE **a, a, const unsigned char **in, in, long len, len, return nullptr, return)
208DEFINEFUNC(void, OCSP_RESPONSE_free, OCSP_RESPONSE *rs, rs, return, DUMMYARG)
209DEFINEFUNC(OCSP_BASICRESP *, OCSP_response_get1_basic, OCSP_RESPONSE *resp, resp, return nullptr, return)
210DEFINEFUNC(void, OCSP_BASICRESP_free, OCSP_BASICRESP *bs, bs, return, DUMMYARG)
211DEFINEFUNC(int, OCSP_response_status, OCSP_RESPONSE *resp, resp, return OCSP_RESPONSE_STATUS_INTERNALERROR, return)
212DEFINEFUNC4(int, OCSP_basic_verify, OCSP_BASICRESP *bs, bs, STACK_OF(X509) *certs, certs, X509_STORE *st, st, unsigned long flags, flags, return -1, return)
213DEFINEFUNC(int, OCSP_resp_count, OCSP_BASICRESP *bs, bs, return 0, return)
214DEFINEFUNC2(OCSP_SINGLERESP *, OCSP_resp_get0, OCSP_BASICRESP *bs, bs, int idx, idx, return nullptr, return)
215DEFINEFUNC5(int, OCSP_single_get0_status, OCSP_SINGLERESP *single, single, int *reason, reason, ASN1_GENERALIZEDTIME **revtime, revtime,
216 ASN1_GENERALIZEDTIME **thisupd, thisupd, ASN1_GENERALIZEDTIME **nextupd, nextupd, return -1, return)
217DEFINEFUNC4(int, OCSP_check_validity, ASN1_GENERALIZEDTIME *thisupd, thisupd, ASN1_GENERALIZEDTIME *nextupd, nextupd, long nsec, nsec, long maxsec, maxsec, return 0, return)
218DEFINEFUNC3(OCSP_CERTID *, OCSP_cert_to_id, const EVP_MD *dgst, dgst, X509 *subject, subject, X509 *issuer, issuer, return nullptr, return)
219DEFINEFUNC(void, OCSP_CERTID_free, OCSP_CERTID *cid, cid, return, DUMMYARG)
220DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash, ASN1_OBJECT **pmd, pmd,
221 ASN1_OCTET_STRING **piKeyHash, piKeyHash, ASN1_INTEGER **pserial, pserial, OCSP_CERTID *cid, cid,
222 return 0, return)
223DEFINEFUNC2(OCSP_RESPONSE *, OCSP_response_create, int status, status, OCSP_BASICRESP *bs, bs, return nullptr, return)
224DEFINEFUNC(const STACK_OF(X509) *, OCSP_resp_get0_certs, const OCSP_BASICRESP *bs, bs, return nullptr, return)
225DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID *a, a, OCSP_CERTID *b, b, return -1, return)
226DEFINEFUNC7(OCSP_SINGLERESP *, OCSP_basic_add1_status, OCSP_BASICRESP *r, r, OCSP_CERTID *c, c, int s, s,
227 int re, re, ASN1_TIME *rt, rt, ASN1_TIME *t, t, ASN1_TIME *n, n, return nullptr, return)
228DEFINEFUNC(OCSP_BASICRESP *, OCSP_BASICRESP_new, DUMMYARG, DUMMYARG, return nullptr, return)
229DEFINEFUNC2(int, i2d_OCSP_RESPONSE, OCSP_RESPONSE *r, r, unsigned char **ppout, ppout, return 0, return)
230DEFINEFUNC6(int, OCSP_basic_sign, OCSP_BASICRESP *br, br, X509 *signer, signer, EVP_PKEY *key, key,
231 const EVP_MD *dg, dg, STACK_OF(X509) *cs, cs, unsigned long flags, flags, return 0, return)
232#endif // ocsp
233
234DEFINEFUNC2(void, BIO_set_data, BIO *a, a, void *ptr, ptr, return, DUMMYARG)
235DEFINEFUNC(void *, BIO_get_data, BIO *a, a, return nullptr, return)
236DEFINEFUNC2(void, BIO_set_init, BIO *a, a, int init, init, return, DUMMYARG)
237DEFINEFUNC(int, BIO_get_shutdown, BIO *a, a, return -1, return)
238DEFINEFUNC2(void, BIO_set_shutdown, BIO *a, a, int shut, shut, return, DUMMYARG)
239
240#else // QT_CONFIG(opensslv11)
241
242// Functions below are either deprecated or removed in OpenSSL >= 1.1:
243
244DEFINEFUNC(unsigned char *, ASN1_STRING_data, ASN1_STRING *a, a, return nullptr, return)
245
246#ifdef SSLEAY_MACROS
247DEFINEFUNC3(void *, ASN1_dup, i2d_of_void *a, a, d2i_of_void *b, b, char *c, c, return nullptr, return)
248#endif
249DEFINEFUNC2(BIO *, BIO_new_file, const char *filename, filename, const char *mode, mode, return nullptr, return)
250DEFINEFUNC(void, ERR_clear_error, DUMMYARG, DUMMYARG, return, DUMMYARG)
251DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return nullptr, return)
252DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
253DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return)
254DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG)
255DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG)
256DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG)
257DEFINEFUNC3(int, CRYPTO_set_ex_data, CRYPTO_EX_DATA *ad, ad, int idx, idx, void *val, val, return 0, return)
258DEFINEFUNC2(void *, CRYPTO_get_ex_data, const CRYPTO_EX_DATA *ad, ad, int idx, idx, return nullptr, return)
259DEFINEFUNC(unsigned long, ERR_peek_last_error, DUMMYARG, DUMMYARG, return 0, return)
260DEFINEFUNC(void, ERR_free_strings, void, DUMMYARG, return, DUMMYARG)
261DEFINEFUNC(void, EVP_CIPHER_CTX_cleanup, EVP_CIPHER_CTX *a, a, return, DUMMYARG)
262DEFINEFUNC(void, EVP_CIPHER_CTX_init, EVP_CIPHER_CTX *a, a, return, DUMMYARG)
263
264#ifdef SSLEAY_MACROS
265DEFINEFUNC6(void *, PEM_ASN1_read_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return nullptr, return)
266DEFINEFUNC6(void *, PEM_ASN1_write_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return nullptr, return)
267#endif // SSLEAY_MACROS
268
269DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
270DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
271
272DEFINEFUNC(_STACK *, sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return)
273DEFINEFUNC2(void, sk_push, _STACK *a, a, void *b, b, return, DUMMYARG)
274DEFINEFUNC(void, sk_free, _STACK *a, a, return, DUMMYARG)
275DEFINEFUNC2(void *, sk_value, STACK *a, a, int b, b, return nullptr, return)
276
277DEFINEFUNC(int, SSL_library_init, void, DUMMYARG, return -1, return)
278DEFINEFUNC(void, SSL_load_error_strings, void, DUMMYARG, return, DUMMYARG)
279
280#if OPENSSL_VERSION_NUMBER >= 0x10001000L
281DEFINEFUNC5(int, SSL_get_ex_new_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return)
282#endif // OPENSSL_VERSION_NUMBER >= 0x10001000L
283
284DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
285DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
286#if OPENSSL_VERSION_NUMBER >= 0x10001000L
287DEFINEFUNC(const SSL_METHOD *, TLSv1_1_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
288DEFINEFUNC(const SSL_METHOD *, TLSv1_2_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
289#endif
290DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
291DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
292#if OPENSSL_VERSION_NUMBER >= 0x10001000L
293DEFINEFUNC(const SSL_METHOD *, TLSv1_1_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
294DEFINEFUNC(const SSL_METHOD *, TLSv1_2_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
295#endif
296
297DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get_chain, X509_STORE_CTX *a, a, return nullptr, return)
298
299#ifdef SSLEAY_MACROS
300DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return)
301DEFINEFUNC2(int, i2d_RSAPrivateKey, const RSA *a, a, unsigned char **b, b, return -1, return)
302#ifndef OPENSSL_NO_EC
303DEFINEFUNC2(int, i2d_ECPrivateKey, const EC_KEY *a, a, unsigned char **b, b, return -1, return)
304#endif
305DEFINEFUNC3(RSA *, d2i_RSAPrivateKey, RSA **a, a, unsigned char **b, b, long c, c, return nullptr, return)
306DEFINEFUNC3(DSA *, d2i_DSAPrivateKey, DSA **a, a, unsigned char **b, b, long c, c, return nullptr, return)
307#ifndef OPENSSL_NO_EC
308DEFINEFUNC3(EC_KEY *, d2i_ECPrivateKey, EC_KEY **a, a, unsigned char **b, b, long c, c, return nullptr, return)
309#endif
310#endif
311
312#if QT_CONFIG(dtls)
313DEFINEFUNC(const SSL_METHOD *, DTLSv1_server_method, void, DUMMYARG, return nullptr, return)
314DEFINEFUNC(const SSL_METHOD *, DTLSv1_client_method, void, DUMMYARG, return nullptr, return)
315DEFINEFUNC(const SSL_METHOD *, DTLSv1_2_server_method, void, DUMMYARG, return nullptr, return)
316DEFINEFUNC(const SSL_METHOD *, DTLSv1_2_client_method, void, DUMMYARG, return nullptr, return)
317#endif // dtls
318
319DEFINEFUNC(char *, CONF_get1_default_config_file, DUMMYARG, DUMMYARG, return nullptr, return)
320DEFINEFUNC(void, OPENSSL_add_all_algorithms_noconf, void, DUMMYARG, return, DUMMYARG)
321DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG)
322DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return)
323DEFINEFUNC(const char *, SSLeay_version, int a, a, return nullptr, return)
324
325#endif // QT_CONFIG(opensslv11)
326
327DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER *a, a, return 0, return)
328DEFINEFUNC2(int, ASN1_INTEGER_cmp, const ASN1_INTEGER *a, a, const ASN1_INTEGER *b, b, return 1, return)
329DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING *a, a, return 0, return)
330DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return)
331DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return)
332DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return)
333DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return nullptr, return)
334DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return)
335
336DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return)
337DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return)
338DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM *a, a, BN_ULONG w, w, return static_cast<BN_ULONG>(-1), return)
339#ifndef OPENSSL_NO_EC
340DEFINEFUNC(const EC_GROUP*, EC_KEY_get0_group, const EC_KEY* k, k, return nullptr, return)
341DEFINEFUNC(int, EC_GROUP_get_degree, const EC_GROUP* g, g, return 0, return)
342#endif
343DEFINEFUNC(DSA *, DSA_new, DUMMYARG, DUMMYARG, return nullptr, return)
344DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG)
345DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, const unsigned char **b, b, long c, c, return nullptr, return)
346DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return nullptr, return)
347DEFINEFUNC3(void, ERR_error_string_n, unsigned long e, e, char *b, b, size_t len, len, return, DUMMYARG)
348DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return)
349DEFINEFUNC(EVP_CIPHER_CTX *, EVP_CIPHER_CTX_new, void, DUMMYARG, return nullptr, return)
350DEFINEFUNC(void, EVP_CIPHER_CTX_free, EVP_CIPHER_CTX *a, a, return, DUMMYARG)
351DEFINEFUNC4(int, EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX *ctx, ctx, int type, type, int arg, arg, void *ptr, ptr, return 0, return)
352DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX *ctx, ctx, int keylen, keylen, return 0, return)
353DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *type, type, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
354DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *cipher, cipher, ENGINE *impl, impl, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
355DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, const unsigned char *in, in, int inl, inl, return 0, return)
356DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, return 0, return)
357DEFINEFUNC(const EVP_MD *, EVP_get_digestbyname, const char *name, name, return nullptr, return)
358#ifndef OPENSSL_NO_DES
359DEFINEFUNC(const EVP_CIPHER *, EVP_des_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
360DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
361#endif
362#ifndef OPENSSL_NO_RC2
363DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
364#endif
365#ifndef OPENSSL_NO_AES
366DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
367DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
368DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
369#endif
370DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return)
371DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return)
372DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return)
373DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY *a, a, DSA *b, b, return -1, return)
374DEFINEFUNC2(int, EVP_PKEY_set1_DH, EVP_PKEY *a, a, DH *b, b, return -1, return)
375#ifndef OPENSSL_NO_EC
376DEFINEFUNC2(int, EVP_PKEY_set1_EC_KEY, EVP_PKEY *a, a, EC_KEY *b, b, return -1, return)
377#endif
378DEFINEFUNC2(int, EVP_PKEY_cmp, const EVP_PKEY *a, a, const EVP_PKEY *b, b, return -1, return)
379DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY *a, a, return, DUMMYARG)
380DEFINEFUNC(DSA *, EVP_PKEY_get1_DSA, EVP_PKEY *a, a, return nullptr, return)
381DEFINEFUNC(RSA *, EVP_PKEY_get1_RSA, EVP_PKEY *a, a, return nullptr, return)
382DEFINEFUNC(DH *, EVP_PKEY_get1_DH, EVP_PKEY *a, a, return nullptr, return)
383#ifndef OPENSSL_NO_EC
384DEFINEFUNC(EC_KEY *, EVP_PKEY_get1_EC_KEY, EVP_PKEY *a, a, return nullptr, return)
385#endif
386DEFINEFUNC(EVP_PKEY *, EVP_PKEY_new, DUMMYARG, DUMMYARG, return nullptr, return)
387DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return)
388DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return)
389DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return nullptr, return)
390DEFINEFUNC(const char *, OBJ_nid2ln, int a, a, return nullptr, return)
391DEFINEFUNC(int, OBJ_sn2nid, const char *s, s, return 0, return)
392DEFINEFUNC(int, OBJ_ln2nid, const char *s, s, return 0, return)
393DEFINEFUNC3(int, i2t_ASN1_OBJECT, char *a, a, int b, b, ASN1_OBJECT *c, c, return -1, return)
394DEFINEFUNC4(int, OBJ_obj2txt, char *a, a, int b, b, ASN1_OBJECT *c, c, int d, d, return -1, return)
395
396DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT *a, a, return NID_undef, return)
397
398#ifndef SSLEAY_MACROS
399DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PrivateKey, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
400DEFINEFUNC4(DSA *, PEM_read_bio_DSAPrivateKey, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
401DEFINEFUNC4(RSA *, PEM_read_bio_RSAPrivateKey, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
402#ifndef OPENSSL_NO_EC
403DEFINEFUNC4(EC_KEY *, PEM_read_bio_ECPrivateKey, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
404#endif
405DEFINEFUNC4(DH *, PEM_read_bio_DHparams, BIO *a, a, DH **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
406DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
407DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
408DEFINEFUNC7(int, PEM_write_bio_PrivateKey, BIO *a, a, EVP_PKEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
409#ifndef OPENSSL_NO_EC
410DEFINEFUNC7(int, PEM_write_bio_ECPrivateKey, BIO *a, a, EC_KEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
411#endif
412#endif // !SSLEAY_MACROS
413DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PUBKEY, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
414DEFINEFUNC4(DSA *, PEM_read_bio_DSA_PUBKEY, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
415DEFINEFUNC4(RSA *, PEM_read_bio_RSA_PUBKEY, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
416#ifndef OPENSSL_NO_EC
417DEFINEFUNC4(EC_KEY *, PEM_read_bio_EC_PUBKEY, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
418#endif
419DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO *a, a, DSA *b, b, return 0, return)
420DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO *a, a, RSA *b, b, return 0, return)
421DEFINEFUNC2(int, PEM_write_bio_PUBKEY, BIO *a, a, EVP_PKEY *b, b, return 0, return)
422#ifndef OPENSSL_NO_EC
423DEFINEFUNC2(int, PEM_write_bio_EC_PUBKEY, BIO *a, a, EC_KEY *b, b, return 0, return)
424#endif
425DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG)
426DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return)
427DEFINEFUNC2(int, RAND_bytes, unsigned char *b, b, int n, n, return 0, return)
428DEFINEFUNC(RSA *, RSA_new, DUMMYARG, DUMMYARG, return nullptr, return)
429DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG)
430DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return)
431DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return)
432DEFINEFUNC3(char *, SSL_CIPHER_description, const SSL_CIPHER *a, a, char *b, b, int c, c, return nullptr, return)
433DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *a, a, int *b, b, return 0, return)
434DEFINEFUNC(BIO *, SSL_get_rbio, const SSL *s, s, return nullptr, return)
435DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return)
436DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX *a, a, return -1, return)
437DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return)
438DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG)
439DEFINEFUNC(SSL_CTX *, SSL_CTX_new, const SSL_METHOD *a, a, return nullptr, return)
440DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return)
441DEFINEFUNC3(long, SSL_CTX_callback_ctrl, SSL_CTX *ctx, ctx, int dst, dst, GenericCallbackType cb, cb, return 0, return)
442DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return)
443DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX *a, a, int b, b, int (*c)(int, X509_STORE_CTX *), c, return, DUMMYARG)
444DEFINEFUNC2(void, SSL_CTX_set_verify_depth, SSL_CTX *a, a, int b, b, return, DUMMYARG)
445DEFINEFUNC2(int, SSL_CTX_use_certificate, SSL_CTX *a, a, X509 *b, b, return -1, return)
446DEFINEFUNC3(int, SSL_CTX_use_certificate_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
447DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -1, return)
448DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return)
449DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
450DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return)
451#if OPENSSL_VERSION_NUMBER >= 0x10002000L
452DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return);
453DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return);
454DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return);
455DEFINEFUNC2(unsigned int, SSL_CONF_CTX_set_flags, SSL_CONF_CTX *a, a, unsigned int b, b, return 0, return);
456DEFINEFUNC(int, SSL_CONF_CTX_finish, SSL_CONF_CTX *a, a, return 0, return);
457DEFINEFUNC3(int, SSL_CONF_cmd, SSL_CONF_CTX *a, a, const char *b, b, const char *c, c, return 0, return);
458#endif
459DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG)
460DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return nullptr, return)
461DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr, return)
462DEFINEFUNC(int, SSL_version, const SSL *a, a, return 0, return)
463DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return)
464DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return nullptr, return)
465DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return nullptr, return)
466DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return)
467DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return nullptr, return)
468DEFINEFUNC(SSL_CTX *, SSL_get_SSL_CTX, SSL *a, a, return nullptr, return)
469DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return)
470DEFINEFUNC3(int, SSL_read, SSL *a, a, void *b, b, int c, c, return -1, return)
471DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG)
472DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG)
473DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG)
474DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return)
475DEFINEFUNC(int, SSL_get_shutdown, const SSL *ssl, ssl, return 0, return)
476DEFINEFUNC2(int, SSL_set_session, SSL* to, to, SSL_SESSION *session, session, return -1, return)
477DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION *ses, ses, return, DUMMYARG)
478DEFINEFUNC(SSL_SESSION*, SSL_get1_session, SSL *ssl, ssl, return nullptr, return)
479DEFINEFUNC(SSL_SESSION*, SSL_get_session, const SSL *ssl, ssl, return nullptr, return)
480#if OPENSSL_VERSION_NUMBER >= 0x10001000L
481DEFINEFUNC3(int, SSL_set_ex_data, SSL *ssl, ssl, int idx, idx, void *arg, arg, return 0, return)
482DEFINEFUNC2(void *, SSL_get_ex_data, const SSL *ssl, ssl, int idx, idx, return nullptr, return)
483#endif
484#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK)
485DEFINEFUNC2(void, SSL_set_psk_client_callback, SSL* ssl, ssl, q_psk_client_callback_t callback, callback, return, DUMMYARG)
486DEFINEFUNC2(void, SSL_set_psk_server_callback, SSL* ssl, ssl, q_psk_server_callback_t callback, callback, return, DUMMYARG)
487DEFINEFUNC2(int, SSL_CTX_use_psk_identity_hint, SSL_CTX* ctx, ctx, const char *hint, hint, return 0, return)
488#endif
489DEFINEFUNC3(int, SSL_write, SSL *a, a, const void *b, b, int c, c, return -1, return)
490DEFINEFUNC2(int, X509_cmp, X509 *a, a, X509 *b, b, return -1, return)
491DEFINEFUNC4(int, X509_digest, const X509 *x509, x509, const EVP_MD *type, type, unsigned char *md, md, unsigned int *len, len, return -1, return)
492#ifndef SSLEAY_MACROS
493DEFINEFUNC(X509 *, X509_dup, X509 *a, a, return nullptr, return)
494#endif
495DEFINEFUNC2(void, X509_print, BIO *a, a, X509 *b, b, return, DUMMYARG);
496DEFINEFUNC(ASN1_OBJECT *, X509_EXTENSION_get_object, X509_EXTENSION *a, a, return nullptr, return)
497DEFINEFUNC(void, X509_free, X509 *a, a, return, DUMMYARG)
498//Q_AUTOTEST_EXPORT ASN1_TIME *q_X509_gmtime_adj(ASN1_TIME *s, long adj);
499DEFINEFUNC2(ASN1_TIME *, X509_gmtime_adj, ASN1_TIME *s, s, long adj, adj, return nullptr, return)
500DEFINEFUNC(void, ASN1_TIME_free, ASN1_TIME *t, t, return, DUMMYARG)
501DEFINEFUNC2(X509_EXTENSION *, X509_get_ext, X509 *a, a, int b, b, return nullptr, return)
502DEFINEFUNC(int, X509_get_ext_count, X509 *a, a, return 0, return)
503DEFINEFUNC4(void *, X509_get_ext_d2i, X509 *a, a, int b, b, int *c, c, int *d, d, return nullptr, return)
504DEFINEFUNC(const X509V3_EXT_METHOD *, X509V3_EXT_get, X509_EXTENSION *a, a, return nullptr, return)
505DEFINEFUNC(void *, X509V3_EXT_d2i, X509_EXTENSION *a, a, return nullptr, return)
506DEFINEFUNC(int, X509_EXTENSION_get_critical, X509_EXTENSION *a, a, return 0, return)
507DEFINEFUNC(ASN1_OCTET_STRING *, X509_EXTENSION_get_data, X509_EXTENSION *a, a, return nullptr, return)
508DEFINEFUNC(void, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS *a, a, return, DUMMYARG)
509DEFINEFUNC(void, AUTHORITY_KEYID_free, AUTHORITY_KEYID *a, a, return, DUMMYARG)
510DEFINEFUNC(void, GENERAL_NAME_free, GENERAL_NAME *a, a, return, DUMMYARG)
511DEFINEFUNC2(int, ASN1_STRING_print, BIO *a, a, const ASN1_STRING *b, b, return 0, return)
512DEFINEFUNC2(int, X509_check_issued, X509 *a, a, X509 *b, b, return -1, return)
513DEFINEFUNC(X509_NAME *, X509_get_issuer_name, X509 *a, a, return nullptr, return)
514DEFINEFUNC(X509_NAME *, X509_get_subject_name, X509 *a, a, return nullptr, return)
515DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *a, a, return nullptr, return)
516DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX *a, a, return -1, return)
517DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME *a, a, return 0, return)
518DEFINEFUNC2(X509_NAME_ENTRY *, X509_NAME_get_entry, X509_NAME *a, a, int b, b, return nullptr, return)
519DEFINEFUNC(ASN1_STRING *, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY *a, a, return nullptr, return)
520DEFINEFUNC(ASN1_OBJECT *, X509_NAME_ENTRY_get_object, X509_NAME_ENTRY *a, a, return nullptr, return)
521DEFINEFUNC(EVP_PKEY *, X509_PUBKEY_get, X509_PUBKEY *a, a, return nullptr, return)
522DEFINEFUNC(void, X509_STORE_free, X509_STORE *a, a, return, DUMMYARG)
523DEFINEFUNC(X509_STORE *, X509_STORE_new, DUMMYARG, DUMMYARG, return nullptr, return)
524DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, return)
525DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG)
526DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return)
527DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return)
528DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return)
529DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return)
530DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return nullptr, return)
531DEFINEFUNC(X509_STORE *, X509_STORE_CTX_get0_store, X509_STORE_CTX *ctx, ctx, return nullptr, return)
532DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return)
533DEFINEFUNC2(void *, X509_STORE_CTX_get_ex_data, X509_STORE_CTX *ctx, ctx, int idx, idx, return nullptr, return)
534DEFINEFUNC(int, SSL_get_ex_data_X509_STORE_CTX_idx, DUMMYARG, DUMMYARG, return -1, return)
535DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return)
536DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION *in, in, unsigned char **pp, pp, return 0, return)
537DEFINEFUNC3(SSL_SESSION *, d2i_SSL_SESSION, SSL_SESSION **a, a, const unsigned char **pp, pp, long length, length, return nullptr, return)
538#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG)
539DEFINEFUNC6(int, SSL_select_next_proto, unsigned char **out, out, unsigned char *outlen, outlen,
540 const unsigned char *in, in, unsigned int inlen, inlen,
541 const unsigned char *client, client, unsigned int client_len, client_len,
542 return -1, return)
543DEFINEFUNC3(void, SSL_CTX_set_next_proto_select_cb, SSL_CTX *s, s,
544 int (*cb) (SSL *ssl, unsigned char **out,
545 unsigned char *outlen,
546 const unsigned char *in,
547 unsigned int inlen, void *arg), cb,
548 void *arg, arg, return, DUMMYARG)
549DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s,
550 const unsigned char **data, data, unsigned *len, len, return, DUMMYARG)
551#if OPENSSL_VERSION_NUMBER >= 0x10002000L
552DEFINEFUNC3(int, SSL_set_alpn_protos, SSL *s, s, const unsigned char *protos, protos,
553 unsigned protos_len, protos_len, return -1, return)
554DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s,
555 int (*cb) (SSL *ssl, const unsigned char **out,
556 unsigned char *outlen,
557 const unsigned char *in,
558 unsigned int inlen, void *arg), cb,
559 void *arg, arg, return, DUMMYARG)
560DEFINEFUNC3(void, SSL_get0_alpn_selected, const SSL *s, s, const unsigned char **data, data,
561 unsigned *len, len, return, DUMMYARG)
562#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...
563#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
564
565// DTLS:
566#if QT_CONFIG(dtls)
567DEFINEFUNC2(void, SSL_CTX_set_cookie_generate_cb, SSL_CTX *ctx, ctx, CookieGenerateCallback cb, cb, return, DUMMYARG)
568DEFINEFUNC2(void, SSL_CTX_set_cookie_verify_cb, SSL_CTX *ctx, ctx, CookieVerifyCallback cb, cb, return, DUMMYARG)
569DEFINEFUNC(const SSL_METHOD *, DTLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
570DEFINEFUNC(const SSL_METHOD *, DTLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
571#endif // dtls
572DEFINEFUNC2(void, BIO_set_flags, BIO *b, b, int flags, flags, return, DUMMYARG)
573DEFINEFUNC2(void, BIO_clear_flags, BIO *b, b, int flags, flags, return, DUMMYARG)
574DEFINEFUNC2(void *, BIO_get_ex_data, BIO *b, b, int idx, idx, return nullptr, return)
575DEFINEFUNC3(int, BIO_set_ex_data, BIO *b, b, int idx, idx, void *data, data, return -1, return)
576
577DEFINEFUNC3(void *, CRYPTO_malloc, size_t num, num, const char *file, file, int line, line, return nullptr, return)
578DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return nullptr, return)
579DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG)
580DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return nullptr, return)
581DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return)
582DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return)
583DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return nullptr, return)
584#ifndef OPENSSL_NO_EC
585DEFINEFUNC(EC_KEY *, EC_KEY_dup, const EC_KEY *ec, ec, return nullptr, return)
586DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return nullptr, return)
587DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG)
588DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return)
589#if OPENSSL_VERSION_NUMBER >= 0x10002000L
590DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return)
591#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
592#endif // OPENSSL_NO_EC
593
594DEFINEFUNC5(int, PKCS12_parse, PKCS12 *p12, p12, const char *pass, pass, EVP_PKEY **pkey, pkey, \
595 X509 **cert, cert, STACK_OF(X509) **ca, ca, return 1, return);
596DEFINEFUNC2(PKCS12 *, d2i_PKCS12_bio, BIO *bio, bio, PKCS12 **pkcs12, pkcs12, return nullptr, return);
597DEFINEFUNC(void, PKCS12_free, PKCS12 *pkcs12, pkcs12, return, DUMMYARG)
598
599#define RESOLVEFUNC(func) \
600 if (!(_q_##func = _q_PTR_##func(libs.ssl->resolve(#func))) \
601 && !(_q_##func = _q_PTR_##func(libs.crypto->resolve(#func)))) \
602 qsslSocketCannotResolveSymbolWarning(#func);
603
604#if !defined QT_LINKED_OPENSSL
605
606#if !QT_CONFIG(library)
607bool q_resolveOpenSslSymbols()
608{
609 qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the "
610 "'library' feature, which means runtime resolving of libraries won't work.");
611 qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving "
612 "of libraries.");
613 return false;
614}
615#else
616
617# ifdef Q_OS_UNIX
618struct NumericallyLess
619{
620 typedef bool result_type;
621 result_type operator()(const QStringRef &lhs, const QStringRef &rhs) const
622 {
623 bool ok = false;
624 int b = 0;
625 int a = lhs.toInt(&ok);
626 if (ok)
627 b = rhs.toInt(&ok);
628 if (ok) {
629 // both toInt succeeded
630 return a < b;
631 } else {
632 // compare as strings;
633 return lhs < rhs;
634 }
635 }
636};
637
638struct LibGreaterThan
639{
640 typedef bool result_type;
641 result_type operator()(const QString &lhs, const QString &rhs) const
642 {
643 const QVector<QStringRef> lhsparts = lhs.splitRef(QLatin1Char('.'));
644 const QVector<QStringRef> rhsparts = rhs.splitRef(QLatin1Char('.'));
645 Q_ASSERT(lhsparts.count() > 1 && rhsparts.count() > 1);
646
647 // note: checking rhs < lhs, the same as lhs > rhs
648 return std::lexicographical_compare(rhsparts.begin() + 1, rhsparts.end(),
649 lhsparts.begin() + 1, lhsparts.end(),
650 NumericallyLess());
651 }
652};
653
654#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
655static int dlIterateCallback(struct dl_phdr_info *info, size_t size, void *data)
656{
657 if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name))
658 return 1;
659 QSet<QString> *paths = (QSet<QString> *)data;
660 QString path = QString::fromLocal8Bit(info->dlpi_name);
661 if (!path.isEmpty()) {
662 QFileInfo fi(path);
663 path = fi.absolutePath();
664 if (!path.isEmpty())
665 paths->insert(path);
666 }
667 return 0;
668}
669#endif
670
671static QStringList libraryPathList()
672{
673 QStringList paths;
674# ifdef Q_OS_DARWIN
675 paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH"))
676 .split(QLatin1Char(':'), QString::SkipEmptyParts);
677
678 // search in .app/Contents/Frameworks
679 UInt32 packageType;
680 CFBundleGetPackageInfo(CFBundleGetMainBundle(), &packageType, nullptr);
681 if (packageType == FOUR_CHAR_CODE('APPL')) {
682 QUrl bundleUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyBundleURL(CFBundleGetMainBundle())));
683 QUrl frameworksUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyPrivateFrameworksURL(CFBundleGetMainBundle())));
684 paths << bundleUrl.resolved(frameworksUrl).path();
685 }
686# else
687 paths = QString::fromLatin1(qgetenv("LD_LIBRARY_PATH"))
688 .split(QLatin1Char(':'), QString::SkipEmptyParts);
689# endif
690 paths << QLatin1String("/lib") << QLatin1String("/usr/lib") << QLatin1String("/usr/local/lib");
691 paths << QLatin1String("/lib64") << QLatin1String("/usr/lib64") << QLatin1String("/usr/local/lib64");
692 paths << QLatin1String("/lib32") << QLatin1String("/usr/lib32") << QLatin1String("/usr/local/lib32");
693
694#if defined(Q_OS_ANDROID)
695 paths << QLatin1String("/system/lib");
696#elif defined(Q_OS_LINUX)
697 // discover paths of already loaded libraries
698 QSet<QString> loadedPaths;
699 dl_iterate_phdr(dlIterateCallback, &loadedPaths);
700 paths.append(loadedPaths.values());
701#endif
702
703 return paths;
704}
705
706Q_NEVER_INLINE
707static QStringList findAllLibs(QLatin1String filter)
708{
709 const QStringList paths = libraryPathList();
710 QStringList found;
711 const QStringList filters((QString(filter)));
712
713 for (const QString &path : paths) {
714 QDir dir(path);
715 QStringList entryList = dir.entryList(filters, QDir::Files);
716
717 std::sort(entryList.begin(), entryList.end(), LibGreaterThan());
718 for (const QString &entry : qAsConst(entryList))
719 found << path + QLatin1Char('/') + entry;
720 }
721
722 return found;
723}
724
725static QStringList findAllLibSsl()
726{
727 return findAllLibs(QLatin1String("libssl.*"));
728}
729
730static QStringList findAllLibCrypto()
731{
732 return findAllLibs(QLatin1String("libcrypto.*"));
733}
734# endif
735
736#ifdef Q_OS_WIN
737
738struct LoadedOpenSsl {
739 std::unique_ptr<QSystemLibrary> ssl, crypto;
740};
741
742static bool tryToLoadOpenSslWin32Library(QLatin1String ssleay32LibName, QLatin1String libeay32LibName, LoadedOpenSsl &result)
743{
744 auto ssleay32 = qt_make_unique<QSystemLibrary>(ssleay32LibName);
745 if (!ssleay32->load(false)) {
746 return FALSE;
747 }
748
749 auto libeay32 = qt_make_unique<QSystemLibrary>(libeay32LibName);
750 if (!libeay32->load(false)) {
751 return FALSE;
752 }
753
754 result.ssl = std::move(ssleay32);
755 result.crypto = std::move(libeay32);
756 return TRUE;
757}
758
759static LoadedOpenSsl loadOpenSsl()
760{
761 LoadedOpenSsl result;
762
763#if QT_CONFIG(opensslv11)
764 // With OpenSSL 1.1 the names have changed to libssl-1_1(-x64) and libcrypto-1_1(-x64), for builds using
765 // MSVC and GCC, (-x64 suffix for 64-bit builds).
766
767#ifdef Q_PROCESSOR_X86_64
768#define QT_SSL_SUFFIX "-x64"
769#else // !Q_PROCESSOFR_X86_64
770#define QT_SSL_SUFFIX
771#endif // !Q_PROCESSOR_x86_64
772
773 tryToLoadOpenSslWin32Library(QLatin1String("libssl-1_1" QT_SSL_SUFFIX),
774 QLatin1String("libcrypto-1_1" QT_SSL_SUFFIX), result);
775
776#undef QT_SSL_SUFFIX
777
778#else // QT_CONFIG(opensslv11)
779
780 // When OpenSSL is built using MSVC then the libraries are named 'ssleay32.dll' and 'libeay32'dll'.
781 // When OpenSSL is built using GCC then different library names are used (depending on the OpenSSL version)
782 // The oldest version of a GCC-based OpenSSL which can be detected by the code below is 0.9.8g (released in 2007)
783 if (!tryToLoadOpenSslWin32Library(QLatin1String("ssleay32"), QLatin1String("libeay32"), result)) {
784 if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-10"), QLatin1String("libcrypto-10"), result)) {
785 if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-8"), QLatin1String("libcrypto-8"), result)) {
786 tryToLoadOpenSslWin32Library(QLatin1String("libssl-7"), QLatin1String("libcrypto-7"), result);
787 }
788 }
789 }
790#endif // !QT_CONFIG(opensslv11)
791
792 return result;
793}
794#else
795
796struct LoadedOpenSsl {
797 std::unique_ptr<QLibrary> ssl, crypto;
798};
799
800static LoadedOpenSsl loadOpenSsl()
801{
802 LoadedOpenSsl result = {qt_make_unique<QLibrary>(), qt_make_unique<QLibrary>()};
803
804# if defined(Q_OS_UNIX)
805 QLibrary * const libssl = result.ssl.get();
806 QLibrary * const libcrypto = result.crypto.get();
807
808 // Try to find the libssl library on the system.
809 //
810 // Up until Qt 4.3, this only searched for the "ssl" library at version -1, that
811 // is, libssl.so on most Unix systems. However, the .so file isn't present in
812 // user installations because it's considered a development file.
813 //
814 // The right thing to do is to load the library at the major version we know how
815 // to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h)
816 //
817 // However, OpenSSL is a well-known case of binary-compatibility breakage. To
818 // avoid such problems, many system integrators and Linux distributions change
819 // the soname of the binary, letting the full version number be the soname. So
820 // we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that
821 // reason, we will search a few common paths (see findAllLibSsl() above) in hopes
822 // we find one that works.
823 //
824 // If that fails, for OpenSSL 1.0 we also try some fallbacks -- look up
825 // libssl.so with a hardcoded soname. The reason is QTBUG-68156: the binary
826 // builds of Qt happen (at the time of this writing) on RHEL machines,
827 // which change SHLIB_VERSION_NUMBER to a non-portable string. When running
828 // those binaries on the target systems, this code won't pick up
829 // libssl.so.MODIFIED_SHLIB_VERSION_NUMBER because it doesn't exist there.
830 // Given that the only 1.0 supported release (at the time of this writing)
831 // is 1.0.2, with soname "1.0.0", give that a try too. Note that we mandate
832 // OpenSSL >= 1.0.0 with a configure-time check, and OpenSSL has kept binary
833 // compatibility between 1.0.0 and 1.0.2.
834 //
835 // It is important, however, to try the canonical name and the unversioned name
836 // without going through the loop. By not specifying a path, we let the system
837 // dlopen(3) function determine it for us. This will include any DT_RUNPATH or
838 // DT_RPATH tags on our library header as well as other system-specific search
839 // paths. See the man page for dlopen(3) on your system for more information.
840
841#ifdef Q_OS_OPENBSD
842 libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
843#endif
844#if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
845 // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
846 libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
847 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
848 if (libcrypto->load() && libssl->load()) {
849 // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
850 return result;
851 } else {
852 libssl->unload();
853 libcrypto->unload();
854 }
855
856#if !QT_CONFIG(opensslv11)
857 // first-and-half attempts: for OpenSSL 1.0 try to load some hardcoded sonames:
858 // - "1.0.0" is the official upstream one
859 // - "1.0.2" is found on some distributions (e.g. Debian) that patch OpenSSL
860 static const QLatin1String fallbackSonames[] = {
861 QLatin1String("1.0.0"),
862 QLatin1String("1.0.2")
863 };
864
865 for (auto fallbackSoname : fallbackSonames) {
866 libssl->setFileNameAndVersion(QLatin1String("ssl"), fallbackSoname);
867 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), fallbackSoname);
868 if (libcrypto->load() && libssl->load()) {
869 return result;
870 } else {
871 libssl->unload();
872 libcrypto->unload();
873 }
874 }
875#endif
876#endif
877
878#ifndef Q_OS_DARWIN
879 // second attempt: find the development files libssl.so and libcrypto.so
880 //
881 // disabled on macOS/iOS:
882 // macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
883 // attempt, _after_ <bundle>/Contents/Frameworks has been searched.
884 // iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
885# if defined(Q_OS_ANDROID)
886 // OpenSSL 1.1.x must be suffixed otherwise it will use the system libcrypto.so libssl.so which on API-21 are OpenSSL 1.0 not 1.1
887 auto openSSLSuffix = [](const QByteArray &defaultSuffix = {}) {
888 auto suffix = qgetenv("ANDROID_OPENSSL_SUFFIX");
889 if (suffix.isEmpty())
890 return defaultSuffix;
891 return suffix;
892 };
893# if QT_CONFIG(opensslv11)
894 static QString suffix = QString::fromLatin1(openSSLSuffix("_1_1"));
895# else
896 static QString suffix = QString::fromLatin1(openSSLSuffix());
897# endif
898 libssl->setFileNameAndVersion(QLatin1String("ssl") + suffix, -1);
899 libcrypto->setFileNameAndVersion(QLatin1String("crypto") + suffix, -1);
900# else
901 libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
902 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
903# endif
904 if (libcrypto->load() && libssl->load()) {
905 // libssl.so.0 and libcrypto.so.0 found
906 return result;
907 } else {
908 libssl->unload();
909 libcrypto->unload();
910 }
911#endif
912
913 // third attempt: loop on the most common library paths and find libssl
914 const QStringList sslList = findAllLibSsl();
915 const QStringList cryptoList = findAllLibCrypto();
916
917 for (const QString &crypto : cryptoList) {
918 libcrypto->setFileNameAndVersion(crypto, -1);
919 if (libcrypto->load()) {
920 QFileInfo fi(crypto);
921 QString version = fi.completeSuffix();
922
923 for (const QString &ssl : sslList) {
924 if (!ssl.endsWith(version))
925 continue;
926
927 libssl->setFileNameAndVersion(ssl, -1);
928
929 if (libssl->load()) {
930 // libssl.so.x and libcrypto.so.x found
931 return result;
932 } else {
933 libssl->unload();
934 }
935 }
936 }
937 libcrypto->unload();
938 }
939
940 // failed to load anything
941 result = {};
942 return result;
943
944# else
945 // not implemented for this platform yet
946 return result;
947# endif
948}
949#endif
950
951static QBasicMutex symbolResolveMutex;
952static QBasicAtomicInt symbolsResolved = Q_BASIC_ATOMIC_INITIALIZER(false);
953static bool triedToResolveSymbols = false;
954
955bool q_resolveOpenSslSymbols()
956{
957 if (symbolsResolved.loadAcquire())
958 return true;
959 QMutexLocker locker(&symbolResolveMutex);
960 if (symbolsResolved.loadRelaxed())
961 return true;
962 if (triedToResolveSymbols)
963 return false;
964 triedToResolveSymbols = true;
965
966 LoadedOpenSsl libs = loadOpenSsl();
967 if (!libs.ssl || !libs.crypto)
968 // failed to load them
969 return false;
970
971#if QT_CONFIG(opensslv11)
972
973 RESOLVEFUNC(OPENSSL_init_ssl)
974 RESOLVEFUNC(OPENSSL_init_crypto)
975 RESOLVEFUNC(ASN1_STRING_get0_data)
976 RESOLVEFUNC(EVP_CIPHER_CTX_reset)
977 RESOLVEFUNC(EVP_PKEY_up_ref)
978 RESOLVEFUNC(EVP_PKEY_base_id)
979 RESOLVEFUNC(RSA_bits)
980 RESOLVEFUNC(OPENSSL_sk_new_null)
981 RESOLVEFUNC(OPENSSL_sk_push)
982 RESOLVEFUNC(OPENSSL_sk_free)
983 RESOLVEFUNC(OPENSSL_sk_num)
984 RESOLVEFUNC(OPENSSL_sk_pop_free)
985 RESOLVEFUNC(OPENSSL_sk_value)
986 RESOLVEFUNC(DH_get0_pqg)
987 RESOLVEFUNC(SSL_CTX_set_options)
988#ifdef TLS1_3_VERSION
989 RESOLVEFUNC(SSL_CTX_set_ciphersuites)
990 RESOLVEFUNC(SSL_set_psk_use_session_callback)
991#endif // TLS 1.3 or OpenSSL > 1.1.1
992 RESOLVEFUNC(SSL_get_client_random)
993 RESOLVEFUNC(SSL_SESSION_get_master_key)
994 RESOLVEFUNC(SSL_session_reused)
995 RESOLVEFUNC(SSL_get_session)
996 RESOLVEFUNC(SSL_set_options)
997 RESOLVEFUNC(CRYPTO_get_ex_new_index)
998 RESOLVEFUNC(TLS_method)
999 RESOLVEFUNC(TLS_client_method)
1000 RESOLVEFUNC(TLS_server_method)
1001 RESOLVEFUNC(X509_up_ref)
1002 RESOLVEFUNC(X509_STORE_CTX_get0_chain)
1003 RESOLVEFUNC(X509_getm_notBefore)
1004 RESOLVEFUNC(X509_getm_notAfter)
1005 RESOLVEFUNC(X509_get_version)
1006 RESOLVEFUNC(X509_get_pubkey)
1007 RESOLVEFUNC(X509_STORE_set_verify_cb)
1008 RESOLVEFUNC(X509_STORE_set_ex_data)
1009 RESOLVEFUNC(X509_STORE_get_ex_data)
1010 RESOLVEFUNC(CRYPTO_free)
1011 RESOLVEFUNC(OpenSSL_version_num)
1012 RESOLVEFUNC(OpenSSL_version)
1013 if (!_q_OpenSSL_version) {
1014 // Apparently, we were built with OpenSSL 1.1 enabled but are now using
1015 // a wrong library.
1016 qCWarning(lcSsl, "Incompatible version of OpenSSL");
1017 return false;
1018 }
1019
1020 RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint)
1021 RESOLVEFUNC(DH_bits)
1022 RESOLVEFUNC(DSA_bits)
1023
1024#if QT_CONFIG(dtls)
1025 RESOLVEFUNC(DTLSv1_listen)
1026 RESOLVEFUNC(BIO_ADDR_new)
1027 RESOLVEFUNC(BIO_ADDR_free)
1028 RESOLVEFUNC(BIO_meth_new)
1029 RESOLVEFUNC(BIO_meth_free)
1030 RESOLVEFUNC(BIO_meth_set_write)
1031 RESOLVEFUNC(BIO_meth_set_read)
1032 RESOLVEFUNC(BIO_meth_set_puts)
1033 RESOLVEFUNC(BIO_meth_set_ctrl)
1034 RESOLVEFUNC(BIO_meth_set_create)
1035 RESOLVEFUNC(BIO_meth_set_destroy)
1036#endif // dtls
1037#if QT_CONFIG(ocsp)
1038 RESOLVEFUNC(OCSP_SINGLERESP_get0_id)
1039 RESOLVEFUNC(d2i_OCSP_RESPONSE)
1040 RESOLVEFUNC(OCSP_RESPONSE_free)
1041 RESOLVEFUNC(OCSP_response_status)
1042 RESOLVEFUNC(OCSP_response_get1_basic)
1043 RESOLVEFUNC(OCSP_BASICRESP_free)
1044 RESOLVEFUNC(OCSP_basic_verify)
1045 RESOLVEFUNC(OCSP_resp_count)
1046 RESOLVEFUNC(OCSP_resp_get0)
1047 RESOLVEFUNC(OCSP_single_get0_status)
1048 RESOLVEFUNC(OCSP_check_validity)
1049 RESOLVEFUNC(OCSP_cert_to_id)
1050 RESOLVEFUNC(OCSP_id_get0_info)
1051 RESOLVEFUNC(OCSP_resp_get0_certs)
1052 RESOLVEFUNC(OCSP_basic_sign)
1053 RESOLVEFUNC(OCSP_response_create)
1054 RESOLVEFUNC(i2d_OCSP_RESPONSE)
1055 RESOLVEFUNC(OCSP_basic_add1_status)
1056 RESOLVEFUNC(OCSP_BASICRESP_new)
1057 RESOLVEFUNC(OCSP_CERTID_free)
1058 RESOLVEFUNC(OCSP_cert_to_id)
1059 RESOLVEFUNC(OCSP_id_cmp)
1060#endif // ocsp
1061 RESOLVEFUNC(BIO_set_data)
1062 RESOLVEFUNC(BIO_get_data)
1063 RESOLVEFUNC(BIO_set_init)
1064 RESOLVEFUNC(BIO_get_shutdown)
1065 RESOLVEFUNC(BIO_set_shutdown)
1066#else // !opensslv11
1067
1068 RESOLVEFUNC(ASN1_STRING_data)
1069
1070#ifdef SSLEAY_MACROS
1071 RESOLVEFUNC(ASN1_dup)
1072#endif // SSLEAY_MACROS
1073 RESOLVEFUNC(BIO_new_file)
1074 RESOLVEFUNC(ERR_clear_error)
1075 RESOLVEFUNC(CRYPTO_free)
1076 RESOLVEFUNC(CRYPTO_num_locks)
1077 RESOLVEFUNC(CRYPTO_set_id_callback)
1078 RESOLVEFUNC(CRYPTO_set_locking_callback)
1079 RESOLVEFUNC(CRYPTO_set_ex_data)
1080 RESOLVEFUNC(CRYPTO_get_ex_data)
1081 RESOLVEFUNC(ERR_peek_last_error)
1082 RESOLVEFUNC(ERR_free_strings)
1083 RESOLVEFUNC(EVP_CIPHER_CTX_cleanup)
1084 RESOLVEFUNC(EVP_CIPHER_CTX_init)
1085
1086#ifdef SSLEAY_MACROS // ### verify
1087 RESOLVEFUNC(PEM_ASN1_read_bio)
1088#endif // SSLEAY_MACROS
1089
1090 RESOLVEFUNC(sk_new_null)
1091 RESOLVEFUNC(sk_push)
1092 RESOLVEFUNC(sk_free)
1093 RESOLVEFUNC(sk_num)
1094 RESOLVEFUNC(sk_pop_free)
1095 RESOLVEFUNC(sk_value)
1096 RESOLVEFUNC(SSL_library_init)
1097 RESOLVEFUNC(SSL_load_error_strings)
1098#if OPENSSL_VERSION_NUMBER >= 0x10001000L
1099 RESOLVEFUNC(SSL_get_ex_new_index)
1100#endif
1101 RESOLVEFUNC(SSLv23_client_method)
1102 RESOLVEFUNC(TLSv1_client_method)
1103#if OPENSSL_VERSION_NUMBER >= 0x10001000L
1104 RESOLVEFUNC(TLSv1_1_client_method)
1105 RESOLVEFUNC(TLSv1_2_client_method)
1106#endif
1107 RESOLVEFUNC(SSLv23_server_method)
1108 RESOLVEFUNC(TLSv1_server_method)
1109#if OPENSSL_VERSION_NUMBER >= 0x10001000L
1110 RESOLVEFUNC(TLSv1_1_server_method)
1111 RESOLVEFUNC(TLSv1_2_server_method)
1112#endif
1113 RESOLVEFUNC(X509_STORE_CTX_get_chain)
1114#ifdef SSLEAY_MACROS
1115 RESOLVEFUNC(i2d_DSAPrivateKey)
1116 RESOLVEFUNC(i2d_RSAPrivateKey)
1117 RESOLVEFUNC(d2i_DSAPrivateKey)
1118 RESOLVEFUNC(d2i_RSAPrivateKey)
1119#endif
1120
1121#if QT_CONFIG(dtls)
1122 RESOLVEFUNC(DTLSv1_server_method)
1123 RESOLVEFUNC(DTLSv1_client_method)
1124 RESOLVEFUNC(DTLSv1_2_server_method)
1125 RESOLVEFUNC(DTLSv1_2_client_method)
1126#endif // dtls
1127
1128 RESOLVEFUNC(CONF_get1_default_config_file)
1129 RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf)
1130 RESOLVEFUNC(OPENSSL_add_all_algorithms_conf)
1131 RESOLVEFUNC(SSLeay)
1132
1133 if (!_q_SSLeay || q_SSLeay() >= 0x10100000L) {
1134 // OpenSSL 1.1 has deprecated and removed SSLeay. We consider a failure to
1135 // resolve this symbol as a failure to resolve symbols.
1136 // The right operand of '||' above is ... a bit of paranoia.
1137 qCWarning(lcSsl, "Incompatible version of OpenSSL");
1138 return false;
1139 }
1140
1141
1142 RESOLVEFUNC(SSLeay_version)
1143
1144#ifndef OPENSSL_NO_EC
1145#if OPENSSL_VERSION_NUMBER >= 0x10002000L
1146 if (q_SSLeay() >= 0x10002000L)
1147 RESOLVEFUNC(EC_curve_nist2nid)
1148#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
1149#endif // OPENSSL_NO_EC
1150
1151
1152#endif // !opensslv11
1153
1154 RESOLVEFUNC(ASN1_INTEGER_get)
1155 RESOLVEFUNC(ASN1_INTEGER_cmp)
1156 RESOLVEFUNC(ASN1_STRING_length)
1157 RESOLVEFUNC(ASN1_STRING_to_UTF8)
1158 RESOLVEFUNC(BIO_ctrl)
1159 RESOLVEFUNC(BIO_free)
1160 RESOLVEFUNC(BIO_new)
1161 RESOLVEFUNC(BIO_new_mem_buf)
1162 RESOLVEFUNC(BIO_read)
1163 RESOLVEFUNC(BIO_s_mem)
1164 RESOLVEFUNC(BIO_write)
1165 RESOLVEFUNC(BIO_set_flags)
1166 RESOLVEFUNC(BIO_clear_flags)
1167 RESOLVEFUNC(BIO_set_ex_data)
1168 RESOLVEFUNC(BIO_get_ex_data)
1169
1170#ifndef OPENSSL_NO_EC
1171 RESOLVEFUNC(EC_KEY_get0_group)
1172 RESOLVEFUNC(EC_GROUP_get_degree)
1173#endif
1174 RESOLVEFUNC(BN_num_bits)
1175#if QT_CONFIG(opensslv11)
1176 RESOLVEFUNC(BN_is_word)
1177#endif
1178 RESOLVEFUNC(BN_mod_word)
1179 RESOLVEFUNC(DSA_new)
1180 RESOLVEFUNC(DSA_free)
1181 RESOLVEFUNC(ERR_error_string)
1182 RESOLVEFUNC(ERR_error_string_n)
1183 RESOLVEFUNC(ERR_get_error)
1184 RESOLVEFUNC(EVP_CIPHER_CTX_new)
1185 RESOLVEFUNC(EVP_CIPHER_CTX_free)
1186 RESOLVEFUNC(EVP_CIPHER_CTX_ctrl)
1187 RESOLVEFUNC(EVP_CIPHER_CTX_set_key_length)
1188 RESOLVEFUNC(EVP_CipherInit)
1189 RESOLVEFUNC(EVP_CipherInit_ex)
1190 RESOLVEFUNC(EVP_CipherUpdate)
1191 RESOLVEFUNC(EVP_CipherFinal)
1192 RESOLVEFUNC(EVP_get_digestbyname)
1193#ifndef OPENSSL_NO_DES
1194 RESOLVEFUNC(EVP_des_cbc)
1195 RESOLVEFUNC(EVP_des_ede3_cbc)
1196#endif
1197#ifndef OPENSSL_NO_RC2
1198 RESOLVEFUNC(EVP_rc2_cbc)
1199#endif
1200#ifndef OPENSSL_NO_AES
1201 RESOLVEFUNC(EVP_aes_128_cbc)
1202 RESOLVEFUNC(EVP_aes_192_cbc)
1203 RESOLVEFUNC(EVP_aes_256_cbc)
1204#endif
1205 RESOLVEFUNC(EVP_sha1)
1206 RESOLVEFUNC(EVP_PKEY_assign)
1207 RESOLVEFUNC(EVP_PKEY_set1_RSA)
1208 RESOLVEFUNC(EVP_PKEY_set1_DSA)
1209 RESOLVEFUNC(EVP_PKEY_set1_DH)
1210#ifndef OPENSSL_NO_EC
1211 RESOLVEFUNC(EVP_PKEY_set1_EC_KEY)
1212#endif
1213 RESOLVEFUNC(EVP_PKEY_cmp)
1214 RESOLVEFUNC(EVP_PKEY_free)
1215 RESOLVEFUNC(EVP_PKEY_get1_DSA)
1216 RESOLVEFUNC(EVP_PKEY_get1_RSA)
1217 RESOLVEFUNC(EVP_PKEY_get1_DH)
1218#ifndef OPENSSL_NO_EC
1219 RESOLVEFUNC(EVP_PKEY_get1_EC_KEY)
1220#endif
1221 RESOLVEFUNC(EVP_PKEY_new)
1222 RESOLVEFUNC(EVP_PKEY_type)
1223 RESOLVEFUNC(OBJ_nid2sn)
1224 RESOLVEFUNC(OBJ_nid2ln)
1225 RESOLVEFUNC(OBJ_sn2nid)
1226 RESOLVEFUNC(OBJ_ln2nid)
1227 RESOLVEFUNC(i2t_ASN1_OBJECT)
1228 RESOLVEFUNC(OBJ_obj2txt)
1229 RESOLVEFUNC(OBJ_obj2nid)
1230
1231#ifndef SSLEAY_MACROS
1232 RESOLVEFUNC(PEM_read_bio_PrivateKey)
1233 RESOLVEFUNC(PEM_read_bio_DSAPrivateKey)
1234 RESOLVEFUNC(PEM_read_bio_RSAPrivateKey)
1235#ifndef OPENSSL_NO_EC
1236 RESOLVEFUNC(PEM_read_bio_ECPrivateKey)
1237#endif
1238 RESOLVEFUNC(PEM_read_bio_DHparams)
1239 RESOLVEFUNC(PEM_write_bio_DSAPrivateKey)
1240 RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
1241 RESOLVEFUNC(PEM_write_bio_PrivateKey)
1242#ifndef OPENSSL_NO_EC
1243 RESOLVEFUNC(PEM_write_bio_ECPrivateKey)
1244#endif
1245#endif // !SSLEAY_MACROS
1246
1247 RESOLVEFUNC(PEM_read_bio_PUBKEY)
1248 RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY)
1249 RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY)
1250#ifndef OPENSSL_NO_EC
1251 RESOLVEFUNC(PEM_read_bio_EC_PUBKEY)
1252#endif
1253 RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY)
1254 RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY)
1255 RESOLVEFUNC(PEM_write_bio_PUBKEY)
1256#ifndef OPENSSL_NO_EC
1257 RESOLVEFUNC(PEM_write_bio_EC_PUBKEY)
1258#endif
1259 RESOLVEFUNC(RAND_seed)
1260 RESOLVEFUNC(RAND_status)
1261 RESOLVEFUNC(RAND_bytes)
1262 RESOLVEFUNC(RSA_new)
1263 RESOLVEFUNC(RSA_free)
1264 RESOLVEFUNC(SSL_CIPHER_description)
1265 RESOLVEFUNC(SSL_CIPHER_get_bits)
1266 RESOLVEFUNC(SSL_get_rbio)
1267 RESOLVEFUNC(SSL_CTX_check_private_key)
1268 RESOLVEFUNC(SSL_CTX_ctrl)
1269 RESOLVEFUNC(SSL_CTX_free)
1270 RESOLVEFUNC(SSL_CTX_new)
1271 RESOLVEFUNC(SSL_CTX_set_cipher_list)
1272 RESOLVEFUNC(SSL_CTX_callback_ctrl)
1273 RESOLVEFUNC(SSL_CTX_set_default_verify_paths)
1274 RESOLVEFUNC(SSL_CTX_set_verify)
1275 RESOLVEFUNC(SSL_CTX_set_verify_depth)
1276 RESOLVEFUNC(SSL_CTX_use_certificate)
1277 RESOLVEFUNC(SSL_CTX_use_certificate_file)
1278 RESOLVEFUNC(SSL_CTX_use_PrivateKey)
1279 RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
1280 RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
1281 RESOLVEFUNC(SSL_CTX_get_cert_store);
1282#if OPENSSL_VERSION_NUMBER >= 0x10002000L
1283 RESOLVEFUNC(SSL_CONF_CTX_new);
1284 RESOLVEFUNC(SSL_CONF_CTX_free);
1285 RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx);
1286 RESOLVEFUNC(SSL_CONF_CTX_set_flags);
1287 RESOLVEFUNC(SSL_CONF_CTX_finish);
1288 RESOLVEFUNC(SSL_CONF_cmd);
1289#endif
1290 RESOLVEFUNC(SSL_accept)
1291 RESOLVEFUNC(SSL_clear)
1292 RESOLVEFUNC(SSL_connect)
1293 RESOLVEFUNC(SSL_free)
1294 RESOLVEFUNC(SSL_get_ciphers)
1295 RESOLVEFUNC(SSL_get_current_cipher)
1296 RESOLVEFUNC(SSL_version)
1297 RESOLVEFUNC(SSL_get_error)
1298 RESOLVEFUNC(SSL_get_peer_cert_chain)
1299 RESOLVEFUNC(SSL_get_peer_certificate)
1300 RESOLVEFUNC(SSL_get_verify_result)
1301 RESOLVEFUNC(SSL_new)
1302 RESOLVEFUNC(SSL_get_SSL_CTX)
1303 RESOLVEFUNC(SSL_ctrl)
1304 RESOLVEFUNC(SSL_read)
1305 RESOLVEFUNC(SSL_set_accept_state)
1306 RESOLVEFUNC(SSL_set_bio)
1307 RESOLVEFUNC(SSL_set_connect_state)
1308 RESOLVEFUNC(SSL_shutdown)
1309 RESOLVEFUNC(SSL_get_shutdown)
1310 RESOLVEFUNC(SSL_set_session)
1311 RESOLVEFUNC(SSL_SESSION_free)
1312 RESOLVEFUNC(SSL_get1_session)
1313 RESOLVEFUNC(SSL_get_session)
1314#if OPENSSL_VERSION_NUMBER >= 0x10001000L
1315 RESOLVEFUNC(SSL_set_ex_data)
1316 RESOLVEFUNC(SSL_get_ex_data)
1317 RESOLVEFUNC(SSL_get_ex_data_X509_STORE_CTX_idx)
1318#endif
1319#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK)
1320 RESOLVEFUNC(SSL_set_psk_client_callback)
1321 RESOLVEFUNC(SSL_set_psk_server_callback)
1322 RESOLVEFUNC(SSL_CTX_use_psk_identity_hint)
1323#endif
1324 RESOLVEFUNC(SSL_write)
1325 RESOLVEFUNC(X509_NAME_entry_count)
1326 RESOLVEFUNC(X509_NAME_get_entry)
1327 RESOLVEFUNC(X509_NAME_ENTRY_get_data)
1328 RESOLVEFUNC(X509_NAME_ENTRY_get_object)
1329 RESOLVEFUNC(X509_PUBKEY_get)
1330 RESOLVEFUNC(X509_STORE_free)
1331 RESOLVEFUNC(X509_STORE_new)
1332 RESOLVEFUNC(X509_STORE_add_cert)
1333 RESOLVEFUNC(X509_STORE_CTX_free)
1334 RESOLVEFUNC(X509_STORE_CTX_init)
1335 RESOLVEFUNC(X509_STORE_CTX_new)
1336 RESOLVEFUNC(X509_STORE_CTX_set_purpose)
1337 RESOLVEFUNC(X509_STORE_CTX_get_error)
1338 RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
1339 RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
1340 RESOLVEFUNC(X509_STORE_CTX_get0_store)
1341 RESOLVEFUNC(X509_cmp)
1342 RESOLVEFUNC(X509_STORE_CTX_get_ex_data)
1343
1344#ifndef SSLEAY_MACROS
1345 RESOLVEFUNC(X509_dup)
1346#endif
1347 RESOLVEFUNC(X509_print)
1348 RESOLVEFUNC(X509_digest)
1349 RESOLVEFUNC(X509_EXTENSION_get_object)
1350 RESOLVEFUNC(X509_free)
1351 RESOLVEFUNC(X509_gmtime_adj)
1352 RESOLVEFUNC(ASN1_TIME_free)
1353 RESOLVEFUNC(X509_get_ext)
1354 RESOLVEFUNC(X509_get_ext_count)
1355 RESOLVEFUNC(X509_get_ext_d2i)
1356 RESOLVEFUNC(X509V3_EXT_get)
1357 RESOLVEFUNC(X509V3_EXT_d2i)
1358 RESOLVEFUNC(X509_EXTENSION_get_critical)
1359 RESOLVEFUNC(X509_EXTENSION_get_data)
1360 RESOLVEFUNC(BASIC_CONSTRAINTS_free)
1361 RESOLVEFUNC(AUTHORITY_KEYID_free)
1362 RESOLVEFUNC(GENERAL_NAME_free)
1363 RESOLVEFUNC(ASN1_STRING_print)
1364 RESOLVEFUNC(X509_check_issued)
1365 RESOLVEFUNC(X509_get_issuer_name)
1366 RESOLVEFUNC(X509_get_subject_name)
1367 RESOLVEFUNC(X509_get_serialNumber)
1368 RESOLVEFUNC(X509_verify_cert)
1369 RESOLVEFUNC(d2i_X509)
1370 RESOLVEFUNC(i2d_X509)
1371 RESOLVEFUNC(SSL_CTX_load_verify_locations)
1372 RESOLVEFUNC(i2d_SSL_SESSION)
1373 RESOLVEFUNC(d2i_SSL_SESSION)
1374#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG)
1375 RESOLVEFUNC(SSL_select_next_proto)
1376 RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb)
1377 RESOLVEFUNC(SSL_get0_next_proto_negotiated)
1378#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
1379#if OPENSSL_VERSION_NUMBER >= 0x10002000L
1380 RESOLVEFUNC(SSL_set_alpn_protos)
1381 RESOLVEFUNC(SSL_CTX_set_alpn_select_cb)
1382 RESOLVEFUNC(SSL_get0_alpn_selected)
1383#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...
1384#if QT_CONFIG(dtls)
1385 RESOLVEFUNC(SSL_CTX_set_cookie_generate_cb)
1386 RESOLVEFUNC(SSL_CTX_set_cookie_verify_cb)
1387 RESOLVEFUNC(DTLS_server_method)
1388 RESOLVEFUNC(DTLS_client_method)
1389#endif // dtls
1390 RESOLVEFUNC(CRYPTO_malloc)
1391 RESOLVEFUNC(DH_new)
1392 RESOLVEFUNC(DH_free)
1393 RESOLVEFUNC(d2i_DHparams)
1394 RESOLVEFUNC(i2d_DHparams)
1395 RESOLVEFUNC(DH_check)
1396 RESOLVEFUNC(BN_bin2bn)
1397#ifndef OPENSSL_NO_EC
1398 RESOLVEFUNC(EC_KEY_dup)
1399 RESOLVEFUNC(EC_KEY_new_by_curve_name)
1400 RESOLVEFUNC(EC_KEY_free)
1401 RESOLVEFUNC(EC_get_builtin_curves)
1402#endif // OPENSSL_NO_EC
1403 RESOLVEFUNC(PKCS12_parse)
1404 RESOLVEFUNC(d2i_PKCS12_bio)
1405 RESOLVEFUNC(PKCS12_free)
1406
1407 symbolsResolved.storeRelease(true);
1408 return true;
1409}
1410#endif // QT_CONFIG(library)
1411
1412#else // !defined QT_LINKED_OPENSSL
1413
1414bool q_resolveOpenSslSymbols()
1415{
1416#ifdef QT_NO_OPENSSL
1417 return false;
1418#endif
1419 return true;
1420}
1421#endif // !defined QT_LINKED_OPENSSL
1422
1423//==============================================================================
1424// contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/
1425// Based on X509_cmp_time() for intitial buffer hacking.
1426//==============================================================================
1427QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
1428{
1429 size_t lTimeLength = aTime->length;
1430 char *pString = (char *) aTime->data;
1431
1432 if (aTime->type == V_ASN1_UTCTIME) {
1433
1434 char lBuffer[24];
1435 char *pBuffer = lBuffer;
1436
1437 if ((lTimeLength < 11) || (lTimeLength > 17))
1438 return QDateTime();
1439
1440 memcpy(pBuffer, pString, 10);
1441 pBuffer += 10;
1442 pString += 10;
1443
1444 if ((*pString == 'Z') || (*pString == '-') || (*pString == '+')) {
1445 *pBuffer++ = '0';
1446 *pBuffer++ = '0';
1447 } else {
1448 *pBuffer++ = *pString++;
1449 *pBuffer++ = *pString++;
1450 // Skip any fractional seconds...
1451 if (*pString == '.') {
1452 pString++;
1453 while ((*pString >= '0') && (*pString <= '9'))
1454 pString++;
1455 }
1456 }
1457
1458 *pBuffer++ = 'Z';
1459 *pBuffer++ = '\0';
1460
1461 time_t lSecondsFromUCT;
1462 if (*pString == 'Z') {
1463 lSecondsFromUCT = 0;
1464 } else {
1465 if ((*pString != '+') && (*pString != '-'))
1466 return QDateTime();
1467
1468 lSecondsFromUCT = ((pString[1] - '0') * 10 + (pString[2] - '0')) * 60;
1469 lSecondsFromUCT += (pString[3] - '0') * 10 + (pString[4] - '0');
1470 lSecondsFromUCT *= 60;
1471 if (*pString == '-')
1472 lSecondsFromUCT = -lSecondsFromUCT;
1473 }
1474
1475 tm lTime;
1476 lTime.tm_sec = ((lBuffer[10] - '0') * 10) + (lBuffer[11] - '0');
1477 lTime.tm_min = ((lBuffer[8] - '0') * 10) + (lBuffer[9] - '0');
1478 lTime.tm_hour = ((lBuffer[6] - '0') * 10) + (lBuffer[7] - '0');
1479 lTime.tm_mday = ((lBuffer[4] - '0') * 10) + (lBuffer[5] - '0');
1480 lTime.tm_mon = (((lBuffer[2] - '0') * 10) + (lBuffer[3] - '0')) - 1;
1481 lTime.tm_year = ((lBuffer[0] - '0') * 10) + (lBuffer[1] - '0');
1482 if (lTime.tm_year < 50)
1483 lTime.tm_year += 100; // RFC 2459
1484
1485 QDate resDate(lTime.tm_year + 1900, lTime.tm_mon + 1, lTime.tm_mday);
1486 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1487
1488 QDateTime result(resDate, resTime, Qt::UTC);
1489 result = result.addSecs(lSecondsFromUCT);
1490 return result;
1491
1492 } else if (aTime->type == V_ASN1_GENERALIZEDTIME) {
1493
1494 if (lTimeLength < 15)
1495 return QDateTime(); // hopefully never triggered
1496
1497 // generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2)
1498 tm lTime;
1499 lTime.tm_sec = ((pString[12] - '0') * 10) + (pString[13] - '0');
1500 lTime.tm_min = ((pString[10] - '0') * 10) + (pString[11] - '0');
1501 lTime.tm_hour = ((pString[8] - '0') * 10) + (pString[9] - '0');
1502 lTime.tm_mday = ((pString[6] - '0') * 10) + (pString[7] - '0');
1503 lTime.tm_mon = (((pString[4] - '0') * 10) + (pString[5] - '0'));
1504 lTime.tm_year = ((pString[0] - '0') * 1000) + ((pString[1] - '0') * 100) +
1505 ((pString[2] - '0') * 10) + (pString[3] - '0');
1506
1507 QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday);
1508 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1509
1510 QDateTime result(resDate, resTime, Qt::UTC);
1511 return result;
1512
1513 } else {
1514 qCWarning(lcSsl, "unsupported date format detected");
1515 return QDateTime();
1516 }
1517
1518}
1519
1520QT_END_NAMESPACE
1521