From 9f59341d070c62e6dbf8d1d06593ca72beaf9811 Mon Sep 17 00:00:00 2001 From: "Richard J. Moore" Date: Sun, 8 Feb 2015 12:02:18 +0000 Subject: Remove legacy ifdefs for ancient openssl. There were still ifdefs for openssl 0.9.7 and openssl 0.9.8f. [ChangeLog][QtNetwork] Some legacy ifdefs for openssl 0.9.7 and openssl 0.9.8f were removed, Qt will no longer build with these versions. In addition there is no support for openssl built with NO_TLSEXT. Change-Id: I9268515c0a125a2f6d79add8ee1cb40768e7e898 Reviewed-by: Daniel Molkentin --- src/network/ssl/qsslcertificate_openssl.cpp | 11 +---------- src/network/ssl/qsslcontext_openssl.cpp | 4 ++-- src/network/ssl/qsslcontext_openssl_p.h | 4 ++-- src/network/ssl/qsslsocket_openssl.cpp | 6 +----- src/network/ssl/qsslsocket_openssl_p.h | 2 -- src/network/ssl/qsslsocket_openssl_symbols.cpp | 22 ++-------------------- src/network/ssl/qsslsocket_openssl_symbols_p.h | 24 +----------------------- 7 files changed, 9 insertions(+), 64 deletions(-) diff --git a/src/network/ssl/qsslcertificate_openssl.cpp b/src/network/ssl/qsslcertificate_openssl.cpp index 4cb2e525eb..f73a16147a 100644 --- a/src/network/ssl/qsslcertificate_openssl.cpp +++ b/src/network/ssl/qsslcertificate_openssl.cpp @@ -673,11 +673,7 @@ QList QSslCertificatePrivate::certificatesFromPem(const QByteAr QByteArray decoded = QByteArray::fromBase64( QByteArray::fromRawData(pem.data() + startPos, endPos - startPos)); -#if OPENSSL_VERSION_NUMBER >= 0x00908000L const unsigned char *data = (const unsigned char *)decoded.data(); -#else - unsigned char *data = (unsigned char *)decoded.data(); -#endif if (X509 *x509 = q_d2i_X509(0, &data, decoded.size())) { certificates << QSslCertificate_from_X509(x509); @@ -693,12 +689,7 @@ QList QSslCertificatePrivate::certificatesFromDer(const QByteAr QList certificates; QSslSocketPrivate::ensureInitialized(); - -#if OPENSSL_VERSION_NUMBER >= 0x00908000L - const unsigned char *data = (const unsigned char *)der.data(); -#else - unsigned char *data = (unsigned char *)der.data(); -#endif + const unsigned char *data = (const unsigned char *)der.data(); int size = der.size(); while (size > 0 && (count == -1 || certificates.size() < count)) { diff --git a/src/network/ssl/qsslcontext_openssl.cpp b/src/network/ssl/qsslcontext_openssl.cpp index 282f3a54c7..b21732c88c 100644 --- a/src/network/ssl/qsslcontext_openssl.cpp +++ b/src/network/ssl/qsslcontext_openssl.cpp @@ -368,7 +368,7 @@ init_context: return sslContext; } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) static int next_proto_cb(SSL *, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) @@ -428,7 +428,7 @@ SSL* QSslContext::createSsl() } } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) QList protocols = sslConfiguration.d->nextAllowedProtocols; if (!protocols.isEmpty()) { m_supportedNPNVersions.clear(); diff --git a/src/network/ssl/qsslcontext_openssl_p.h b/src/network/ssl/qsslcontext_openssl_p.h index 41fe77dcdb..77c5b4e2c6 100644 --- a/src/network/ssl/qsslcontext_openssl_p.h +++ b/src/network/ssl/qsslcontext_openssl_p.h @@ -77,7 +77,7 @@ public: void setSessionASN1(const QByteArray &sessionASN1); int sessionTicketLifeTimeHint() const; -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) // must be public because we want to use it from an OpenSSL callback struct NPNContext { NPNContext() : data(0), @@ -103,7 +103,7 @@ private: QSslError::SslError errorCode; QString errorStr; QSslConfiguration sslConfiguration; -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) QByteArray m_supportedNPNVersions; NPNContext m_npnContext; #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index ebf36fc34a..42befc64fa 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -366,7 +366,6 @@ bool QSslSocketBackendPrivate::initSslContext() return false; } -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) if ((configuration.protocol == QSsl::TlsV1SslV3 || configuration.protocol == QSsl::TlsV1_0 || configuration.protocol == QSsl::TlsV1_1 || @@ -387,7 +386,6 @@ bool QSslSocketBackendPrivate::initSslContext() qCWarning(lcSsl, "could not set SSL_CTRL_SET_TLSEXT_HOSTNAME, Server Name Indication disabled"); } } -#endif // Clear the session. errorList.clear(); @@ -1568,10 +1566,8 @@ void QSslSocketBackendPrivate::continueHandshake() if (readBufferMaxSize) plainSocket->setReadBufferSize(readBufferMaxSize); -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) if (q_SSL_ctrl((ssl), SSL_CTRL_GET_SESSION_REUSED, 0, NULL)) configuration.peerSessionShared = true; -#endif #ifdef QT_DECRYPT_SSL_TRAFFIC if (ssl->session && ssl->s3) { @@ -1621,7 +1617,7 @@ void QSslSocketBackendPrivate::continueHandshake() } } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) const unsigned char *proto = 0; unsigned int proto_len = 0; q_SSL_get0_next_proto_negotiated(ssl, &proto, &proto_len); diff --git a/src/network/ssl/qsslsocket_openssl_p.h b/src/network/ssl/qsslsocket_openssl_p.h index de2bfea892..f6887a0339 100644 --- a/src/network/ssl/qsslsocket_openssl_p.h +++ b/src/network/ssl/qsslsocket_openssl_p.h @@ -89,9 +89,7 @@ #include #include #include -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) #include -#endif #if OPENSSL_VERSION_NUMBER >= 0x10000000L typedef _STACK STACK; diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp index bbdb2297cb..61c703eb2c 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp @@ -152,11 +152,7 @@ DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYA DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG) DEFINEFUNC(DSA *, DSA_new, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG) -#if OPENSSL_VERSION_NUMBER < 0x00908000L -DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return) -#else // 0.9.8 broke SC and BC by changing this signature. DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, const unsigned char **b, b, long c, c, return 0, return) -#endif DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return 0, return) DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(void, ERR_free_strings, void, DUMMYARG, return, DUMMYARG) @@ -231,12 +227,7 @@ DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return) DEFINEFUNC3(char *, SSL_CIPHER_description, SSL_CIPHER *a, a, char *b, b, int c, c, return 0, return) DEFINEFUNC2(int, SSL_CIPHER_get_bits, SSL_CIPHER *a, a, int *b, b, return 0, return) DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return) -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX *a, a, return -1, return) -#else -DEFINEFUNC(int, SSL_CTX_check_private_key, SSL_CTX *a, a, return -1, return) -#endif DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return) DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG) #if OPENSSL_VERSION_NUMBER >= 0x10000000L @@ -255,12 +246,7 @@ DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return) DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return 0, return) DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG) -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return 0, return) -#else -DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, SSL *a, a, return 0, return) -#endif #if OPENSSL_VERSION_NUMBER >= 0x10000000L DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return 0, return) #else @@ -279,9 +265,7 @@ DEFINEFUNC(long, SSL_get_verify_result, SSL *a, a, return -1, return) DEFINEFUNC(int, SSL_library_init, void, DUMMYARG, return -1, return) DEFINEFUNC(void, SSL_load_error_strings, void, DUMMYARG, return, DUMMYARG) DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return) -#endif DEFINEFUNC3(int, SSL_read, SSL *a, a, void *b, b, int c, c, return -1, return) DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG) DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG) @@ -391,7 +375,7 @@ DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return) DEFINEFUNC(const char *, SSLeay_version, int a, a, return 0, return) DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION *in, in, unsigned char **pp, pp, return 0, return) DEFINEFUNC3(SSL_SESSION *, d2i_SSL_SESSION, SSL_SESSION **a, a, const unsigned char **pp, pp, long length, length, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) DEFINEFUNC6(int, SSL_select_next_proto, unsigned char **out, out, unsigned char *outlen, outlen, const unsigned char *in, in, unsigned int inlen, inlen, const unsigned char *client, client, unsigned int client_len, client_len, @@ -852,9 +836,7 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(SSL_library_init) RESOLVEFUNC(SSL_load_error_strings) RESOLVEFUNC(SSL_new) -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) RESOLVEFUNC(SSL_ctrl) -#endif RESOLVEFUNC(SSL_read) RESOLVEFUNC(SSL_set_accept_state) RESOLVEFUNC(SSL_set_bio) @@ -945,7 +927,7 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(SSLeay_version) RESOLVEFUNC(i2d_SSL_SESSION) RESOLVEFUNC(d2i_SSL_SESSION) -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) RESOLVEFUNC(SSL_select_next_proto) RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb) RESOLVEFUNC(SSL_get0_next_proto_negotiated) diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h index 8c00592249..1141ed5125 100644 --- a/src/network/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h @@ -231,12 +231,7 @@ void q_CRYPTO_set_id_callback(unsigned long (*a)()); void q_CRYPTO_free(void *a); DSA *q_DSA_new(); void q_DSA_free(DSA *a); -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. X509 *q_d2i_X509(X509 **a, const unsigned char **b, long c); -#else -X509 *q_d2i_X509(X509 **a, unsigned char **b, long c); -#endif char *q_ERR_error_string(unsigned long a, char *b); unsigned long q_ERR_get_error(); void q_ERR_free_strings(); @@ -315,12 +310,7 @@ int q_SSL_clear(SSL *a); char *q_SSL_CIPHER_description(SSL_CIPHER *a, char *b, int c); int q_SSL_CIPHER_get_bits(SSL_CIPHER *a, int *b); int q_SSL_connect(SSL *a); -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. int q_SSL_CTX_check_private_key(const SSL_CTX *a); -#else -int q_SSL_CTX_check_private_key(SSL_CTX *a); -#endif long q_SSL_CTX_ctrl(SSL_CTX *a, int b, long c, void *d); void q_SSL_CTX_free(SSL_CTX *a); #if OPENSSL_VERSION_NUMBER >= 0x10000000L @@ -339,12 +329,7 @@ int q_SSL_CTX_use_RSAPrivateKey(SSL_CTX *a, RSA *b); int q_SSL_CTX_use_PrivateKey_file(SSL_CTX *a, const char *b, int c); X509_STORE *q_SSL_CTX_get_cert_store(const SSL_CTX *a); void q_SSL_free(SSL *a); -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. STACK_OF(SSL_CIPHER) *q_SSL_get_ciphers(const SSL *a); -#else -STACK_OF(SSL_CIPHER) *q_SSL_get_ciphers(SSL *a); -#endif #if OPENSSL_VERSION_NUMBER >= 0x10000000L const SSL_CIPHER *q_SSL_get_current_cipher(SSL *a); #else @@ -354,18 +339,11 @@ int q_SSL_version(const SSL *a); int q_SSL_get_error(SSL *a, int b); STACK_OF(X509) *q_SSL_get_peer_cert_chain(SSL *a); X509 *q_SSL_get_peer_certificate(SSL *a); -#if OPENSSL_VERSION_NUMBER >= 0x00908000L -// 0.9.8 broke SC and BC by changing this function's signature. long q_SSL_get_verify_result(const SSL *a); -#else -long q_SSL_get_verify_result(SSL *a); -#endif int q_SSL_library_init(); void q_SSL_load_error_strings(); SSL *q_SSL_new(SSL_CTX *a); -#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT) long q_SSL_ctrl(SSL *ssl,int cmd, long larg, void *parg); -#endif int q_SSL_read(SSL *a, void *b, int c); void q_SSL_set_bio(SSL *a, BIO *b, BIO *c); void q_SSL_set_accept_state(SSL *a); @@ -532,7 +510,7 @@ const char *q_SSLeay_version(int type); int q_i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); SSL_SESSION *q_d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length); -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) +#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) int q_SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, const unsigned char *client, unsigned int client_len); -- cgit v1.2.3