6 files changed, 31 insertions, 8 deletions

diff --git a/src/network/ssl/qsslcertificate.cpp b/src/network/ssl/qsslcertificate.cpp
index 31ff296480..d153e0b929 100644
--- a/src/network/ssl/qsslcertificate.cpp
+++ b/src/network/ssl/qsslcertificate.cpp
@@ -761,7 +761,7 @@ QDebug operator<<(QDebug debug, const QSslCertificate &certificate)
           << ", " << certificate.issuerDisplayName()
           << ", " << certificate.subjectDisplayName()
           << ", " << certificate.subjectAlternativeNames()
-#ifndef QT_NO_DATESTRING
+#if QT_CONFIG(datestring)
           << ", " << certificate.effectiveDate()
           << ", " << certificate.expiryDate()
 #endif
diff --git a/src/network/ssl/qsslcertificate_openssl.cpp b/src/network/ssl/qsslcertificate_openssl.cpp
index e87264c972..fa87cfeaaf 100644
--- a/src/network/ssl/qsslcertificate_openssl.cpp
+++ b/src/network/ssl/qsslcertificate_openssl.cpp
@@ -44,8 +44,9 @@
 #include "qsslkey_p.h"
 #include "qsslcertificateextension_p.h"
 
+#if QT_CONFIG(thread)
 #include <QtCore/private/qmutexpool_p.h>
-
+#endif
 QT_BEGIN_NAMESPACE
 
 // forward declaration
@@ -90,7 +91,9 @@ bool QSslCertificate::isSelfSigned() const
 
 QByteArray QSslCertificate::version() const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     if (d->versionString.isEmpty() && d->x509)
         d->versionString = QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1);
 
@@ -99,7 +102,9 @@ QByteArray QSslCertificate::version() const
 
 QByteArray QSslCertificate::serialNumber() const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     if (d->serialNumberString.isEmpty() && d->x509) {
         ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509);
         QByteArray hexString;
@@ -116,7 +121,9 @@ QByteArray QSslCertificate::serialNumber() const
 
 QStringList QSslCertificate::issuerInfo(SubjectInfo info) const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->issuerInfo.isEmpty() && d->x509)
         d->issuerInfo =
@@ -127,7 +134,9 @@ QStringList QSslCertificate::issuerInfo(SubjectInfo info) const
 
 QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->issuerInfo.isEmpty() && d->x509)
         d->issuerInfo =
@@ -138,7 +147,9 @@ QStringList QSslCertificate::issuerInfo(const QByteArray &attribute) const
 
 QStringList QSslCertificate::subjectInfo(SubjectInfo info) const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->subjectInfo.isEmpty() && d->x509)
         d->subjectInfo =
@@ -149,7 +160,9 @@ QStringList QSslCertificate::subjectInfo(SubjectInfo info) const
 
 QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->subjectInfo.isEmpty() && d->x509)
         d->subjectInfo =
@@ -160,7 +173,9 @@ QStringList QSslCertificate::subjectInfo(const QByteArray &attribute) const
 
 QList<QByteArray> QSslCertificate::subjectInfoAttributes() const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->subjectInfo.isEmpty() && d->x509)
         d->subjectInfo =
@@ -171,7 +186,9 @@ QList<QByteArray> QSslCertificate::subjectInfoAttributes() const
 
 QList<QByteArray> QSslCertificate::issuerInfoAttributes() const
 {
+#if QT_CONFIG(thread)
     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+#endif
     // lazy init
     if (d->issuerInfo.isEmpty() && d->x509)
         d->issuerInfo =
diff --git a/src/network/ssl/qsslcontext_openssl11.cpp b/src/network/ssl/qsslcontext_openssl11.cpp
index 7d11e51e8b..708cb7bb0e 100644
--- a/src/network/ssl/qsslcontext_openssl11.cpp
+++ b/src/network/ssl/qsslcontext_openssl11.cpp
@@ -159,20 +159,20 @@ init_context:
     case QSsl::TlsV1SslV3:
     case QSsl::AnyProtocol:
         minVersion = SSL3_VERSION;
-        maxVersion = TLS_MAX_VERSION;
+        maxVersion = 0;
         break;
     case QSsl::SecureProtocols:
     case QSsl::TlsV1_0OrLater:
         minVersion = TLS1_VERSION;
-        maxVersion = TLS_MAX_VERSION;
+        maxVersion = 0;
         break;
     case QSsl::TlsV1_1OrLater:
         minVersion = TLS1_1_VERSION;
-        maxVersion = TLS_MAX_VERSION;
+        maxVersion = 0;
         break;
     case QSsl::TlsV1_2OrLater:
         minVersion = TLS1_2_VERSION;
-        maxVersion = TLS_MAX_VERSION;
+        maxVersion = 0;
         break;
 #if QT_CONFIG(dtls)
     case QSsl::DtlsV1_0:
diff --git a/src/network/ssl/qsslpresharedkeyauthenticator.h b/src/network/ssl/qsslpresharedkeyauthenticator.h
index d0e2eda973..423f7731b4 100644
--- a/src/network/ssl/qsslpresharedkeyauthenticator.h
+++ b/src/network/ssl/qsslpresharedkeyauthenticator.h
@@ -45,6 +45,8 @@
 #include <QtCore/QSharedDataPointer>
 #include <QtCore/QMetaType>
 
+QT_REQUIRE_CONFIG(ssl);
+
 QT_BEGIN_NAMESPACE
 
 class QSslPreSharedKeyAuthenticatorPrivate;
diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp
index 730a9552b5..9166e0ac29 100644
--- a/src/network/ssl/qsslsocket_mac.cpp
+++ b/src/network/ssl/qsslsocket_mac.cpp
@@ -410,7 +410,7 @@ void QSslSocketBackendPrivate::continueHandshake()
     Q_Q(QSslSocket);
     connectionEncrypted = true;
 
-#if QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE(__MAC_10_13, __IPHONE_11_0, __TVOS_11_0, __WATCHOS_4_0)
+#if QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE(__MAC_10_13_4, __IPHONE_11_0, __TVOS_11_0, __WATCHOS_4_0)
     // Unlike OpenSSL, Secure Transport does not allow to negotiate protocols via
     // a callback during handshake. We can only set our list of preferred protocols
     // (and send it during handshake) and then receive what our peer has sent to us.
@@ -920,7 +920,7 @@ bool QSslSocketBackendPrivate::initSslContext()
         return false;
     }
 
-#if QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE(__MAC_10_13, __IPHONE_11_0, __TVOS_11_0, __WATCHOS_4_0)
+#if QT_DARWIN_PLATFORM_SDK_EQUAL_OR_ABOVE(__MAC_10_13_4, __IPHONE_11_0, __TVOS_11_0, __WATCHOS_4_0)
     if (__builtin_available(macOS 10.13, iOS 11.0, tvOS 11.0, watchOS 4.0, *)) {
         const auto protocolNames = configuration.nextAllowedProtocols;
         QCFType<CFMutableArrayRef> cfNames(CFArrayCreateMutable(nullptr, 0, &kCFTypeArrayCallBacks));
diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
index 63cb276d54..8af9b5d77e 100644
--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
+++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
@@ -63,7 +63,9 @@
 # include <QtCore/qlibrary.h>
 #endif
 #include <QtCore/qmutex.h>
+#if QT_CONFIG(thread)
 #include <private/qmutexpool_p.h>
+#endif
 #include <QtCore/qdatetime.h>
 #if defined(Q_OS_UNIX)
 #include <QtCore/qdir.h>
@@ -903,11 +905,13 @@ bool q_resolveOpenSslSymbols()
 {
     static bool symbolsResolved = false;
     static bool triedToResolveSymbols = false;
+#if QT_CONFIG(thread)
 #if QT_CONFIG(opensslv11)
     QMutexLocker locker(QMutexPool::globalInstanceGet((void *)&q_OPENSSL_init_ssl));
 #else
     QMutexLocker locker(QMutexPool::globalInstanceGet((void *)&q_SSL_library_init));
 #endif
+#endif
     if (symbolsResolved)
         return true;
     if (triedToResolveSymbols)