diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-10-06 14:01:25 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-10-06 21:12:53 +0200 |
commit | 3abcff49eb962cb087498626d77929a870c82929 (patch) | |
tree | 7bd391dbfa6b31eb0f0e3b51cdae8fa7935eaa1b /src/plugins/tls | |
parent | e7cd245628967fab4a80f1d7b9f30491c38c4a0e (diff) |
QTlsBackend (OpenSSL) : detect incompatible versions
OpenSSL v3 among other nice things brought some nasty crashes
(essentially, finally breaking what was already not so nice
in 1.x: see, e.g. ASN1_ITEM_free and ASN1_ITEM_ptr that we
have to use to free resources allocated by openssl). Let's,
at least, not use v3 from Qt built with 1.1.1 and vice
versa.
Pick-to: 6.2 5.15
Change-Id: If14a2a0ce2189a1b7967b7ab7248d11d0f2fc423
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/plugins/tls')
-rw-r--r-- | src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp index a30348b20e..037ab92f62 100644 --- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp +++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp @@ -930,13 +930,25 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(OpenSSL_version_num) RESOLVEFUNC(OpenSSL_version) - if (!_q_OpenSSL_version) { + if (!_q_OpenSSL_version || !_q_OpenSSL_version_num) { // Apparently, we were built with OpenSSL 1.1 enabled but are now using // a wrong library. qCWarning(lcTlsBackend, "Incompatible version of OpenSSL"); return false; } +#if OPENSSL_VERSION_NUMBER >= 0x30000000 + if (q_OpenSSL_version_num() < 0x30000000) { + qCWarning(lcTlsBackend, "Incompatible version of OpenSSL (built with OpenSSL >= 3.x, runtime version is < 3.x)"); + return false; + } +#else + if (q_OpenSSL_version_num() >= 0x30000000) { + qCWarning(lcTlsBackend, "Incompatible version of OpenSSL (built with OpenSSL 1.x, runtime version is >= 3.x)"); + return false; + } +#endif // OPENSSL_VERSION_NUMBER + RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint) #if QT_CONFIG(dtls) |