From 2d5aac2c4835286c6ba881d97a73f04093be556e Mon Sep 17 00:00:00 2001 From: Karsten Heimrich Date: Tue, 25 Feb 2020 15:46:58 +0100 Subject: Namespace SSL symbols to prevent static linker errors Change-Id: I8c04a56eca9fc6e75894f37676cc9517c2e89441 Fixes: QTBUG-82352 Reviewed-by: Alex Blasche --- src/knx/ssl/qknxsecurekey.cpp | 48 +++++++++++++++--------------- src/knx/ssl/qknxssl_openssl.cpp | 37 ++++++++++++----------- src/knx/ssl/qsslsocket_openssl_symbols.cpp | 4 +++ src/knx/ssl/qsslsocket_openssl_symbols_p.h | 4 +++ 4 files changed, 51 insertions(+), 42 deletions(-) diff --git a/src/knx/ssl/qknxsecurekey.cpp b/src/knx/ssl/qknxsecurekey.cpp index 8ca21ae..80e2145 100644 --- a/src/knx/ssl/qknxsecurekey.cpp +++ b/src/knx/ssl/qknxsecurekey.cpp @@ -47,7 +47,7 @@ public: { #if QT_CONFIG(opensslv11) if (m_evpPKey) - q_EVP_PKEY_free(m_evpPKey); + QKnxPrivate::q_EVP_PKEY_free(m_evpPKey); #endif } @@ -150,19 +150,19 @@ QKnxByteArray QKnxSecureKey::bytes() const if (d_ptr->m_type == Type::Private) { size_t len = 32; QKnxByteArray ba(int(len), 0); - if (q_EVP_PKEY_get_raw_private_key(d_ptr->m_evpPKey, ba.data(), &len) <= 0) + if (QKnxPrivate::q_EVP_PKEY_get_raw_private_key(d_ptr->m_evpPKey, ba.data(), &len) <= 0) return {}; // preferred, no other way possible return ba; } size_t len = 32; QKnxByteArray pub(32, Qt::Uninitialized); - if (q_EVP_PKEY_get_raw_public_key(d_ptr->m_evpPKey, pub.data(), &len) > 0) + if (QKnxPrivate::q_EVP_PKEY_get_raw_public_key(d_ptr->m_evpPKey, pub.data(), &len) > 0) return pub; // preferred way - pub.resize(q_i2d_PUBKEY(d_ptr->m_evpPKey, nullptr)); + pub.resize(QKnxPrivate::q_i2d_PUBKEY(d_ptr->m_evpPKey, nullptr)); auto tmp = pub.data(); - q_i2d_PUBKEY(d_ptr->m_evpPKey, &tmp); + QKnxPrivate::q_i2d_PUBKEY(d_ptr->m_evpPKey, &tmp); return pub.right(32); #else return {}; @@ -190,7 +190,7 @@ QKnxSecureKey QKnxSecureKey::fromBytes(QKnxSecureKey::Type type, const QKnxByteA key.d_ptr->m_type = type; if (type == Type::Private) { - key.d_ptr->m_evpPKey = q_EVP_PKEY_new_raw_private_key(NID_X25519, nullptr, ba.constData(), + key.d_ptr->m_evpPKey = QKnxPrivate::q_EVP_PKEY_new_raw_private_key(NID_X25519, nullptr, ba.constData(), ba.size()); // preferred way if (key.d_ptr->m_evpPKey) return key; @@ -199,23 +199,23 @@ QKnxSecureKey QKnxSecureKey::fromBytes(QKnxSecureKey::Type type, const QKnxByteA auto tmp = pkcs8 + ba; // PKCS #8 is a standard syntax for storing private key information BIO *bio = nullptr; - if ((bio = q_BIO_new_mem_buf(reinterpret_cast (tmp.data()), tmp.size()))) - key.d_ptr->m_evpPKey = q_d2i_PrivateKey_bio(bio, nullptr); - q_BIO_free(bio); + if ((bio = QKnxPrivate::q_BIO_new_mem_buf(reinterpret_cast (tmp.data()), tmp.size()))) + key.d_ptr->m_evpPKey = QKnxPrivate::q_d2i_PrivateKey_bio(bio, nullptr); + QKnxPrivate::q_BIO_free(bio); return key; } if (type == Type::Public) { - key.d_ptr->m_evpPKey = q_EVP_PKEY_new_raw_public_key(NID_X25519, nullptr, ba.constData(), + key.d_ptr->m_evpPKey = QKnxPrivate::q_EVP_PKEY_new_raw_public_key(NID_X25519, nullptr, ba.constData(), ba.size()); // preferred way if (key.d_ptr->m_evpPKey) return key; - key.d_ptr->m_evpPKey = q_EVP_PKEY_new(); - if (q_EVP_PKEY_set_type(key.d_ptr->m_evpPKey, NID_X25519) <= 0) + key.d_ptr->m_evpPKey = QKnxPrivate::q_EVP_PKEY_new(); + if (QKnxPrivate::q_EVP_PKEY_set_type(key.d_ptr->m_evpPKey, NID_X25519) <= 0) return {}; - if (q_EVP_PKEY_set1_tls_encodedpoint(key.d_ptr->m_evpPKey, ba.constData(), ba.size()) <= 0) + if (QKnxPrivate::q_EVP_PKEY_set1_tls_encodedpoint(key.d_ptr->m_evpPKey, ba.constData(), ba.size()) <= 0) return {}; return key; } @@ -237,11 +237,11 @@ QKnxSecureKey QKnxSecureKey::generatePrivateKey() if (!QKnxCryptographicEngine::supportsCryptography()) return key; - if (auto *pctx = q_EVP_PKEY_CTX_new_id(NID_X25519, nullptr)) { - q_EVP_PKEY_keygen_init(pctx); + if (auto *pctx = QKnxPrivate::q_EVP_PKEY_CTX_new_id(NID_X25519, nullptr)) { + QKnxPrivate::q_EVP_PKEY_keygen_init(pctx); key.d_ptr->m_type = Type::Private; - q_EVP_PKEY_keygen(pctx, &key.d_ptr->m_evpPKey); - q_EVP_PKEY_CTX_free(pctx); + QKnxPrivate::q_EVP_PKEY_keygen(pctx, &key.d_ptr->m_evpPKey); + QKnxPrivate::q_EVP_PKEY_CTX_free(pctx); } #endif return key; @@ -256,7 +256,7 @@ QKnxSecureKey QKnxSecureKey::publicKeyFromPrivate(const QKnxSecureKey &privateKe QKnxSecureKey key; #if QT_CONFIG(opensslv11) if (privateKey.type() == QKnxSecureKey::Type::Private && privateKey.isValid()) { - q_EVP_PKEY_up_ref(privateKey.d_ptr->m_evpPKey); + QKnxPrivate::q_EVP_PKEY_up_ref(privateKey.d_ptr->m_evpPKey); key.d_ptr->m_type = Type::Public; key.d_ptr->m_evpPKey = privateKey.d_ptr->m_evpPKey; } @@ -305,29 +305,29 @@ QKnxByteArray QKnxSecureKey::sharedSecret(const QKnxSecureKey &privateKey, if (peerPublicKey.type() != QKnxSecureKey::Type::Public || !peerPublicKey.isValid()) return {}; - auto evpPKeyCtx = q_EVP_PKEY_CTX_new(privateKey.d_ptr->m_evpPKey, nullptr); + auto evpPKeyCtx = QKnxPrivate::q_EVP_PKEY_CTX_new(privateKey.d_ptr->m_evpPKey, nullptr); if (!evpPKeyCtx) return {}; struct ScopedFree final { ScopedFree(EVP_PKEY_CTX *key) : m_evpPKeyCtx(key) {} - ~ScopedFree() { q_EVP_PKEY_CTX_free(m_evpPKeyCtx); } + ~ScopedFree() { QKnxPrivate::q_EVP_PKEY_CTX_free(m_evpPKeyCtx); } EVP_PKEY_CTX *m_evpPKeyCtx = nullptr; } _{ evpPKeyCtx }; - if (q_EVP_PKEY_derive_init(evpPKeyCtx) <= 0) + if (QKnxPrivate::q_EVP_PKEY_derive_init(evpPKeyCtx) <= 0) return {}; - if (q_EVP_PKEY_derive_set_peer(evpPKeyCtx, peerPublicKey.d_ptr->m_evpPKey) <= 0) + if (QKnxPrivate::q_EVP_PKEY_derive_set_peer(evpPKeyCtx, peerPublicKey.d_ptr->m_evpPKey) <= 0) return {}; size_t keylen = 0; - if (q_EVP_PKEY_derive(evpPKeyCtx, nullptr, &keylen) <= 0) + if (QKnxPrivate::q_EVP_PKEY_derive(evpPKeyCtx, nullptr, &keylen) <= 0) return {}; QKnxByteArray ba(int(keylen), 0); - if (q_EVP_PKEY_derive(evpPKeyCtx, ba.data(), &keylen) <= 0) + if (QKnxPrivate::q_EVP_PKEY_derive(evpPKeyCtx, ba.data(), &keylen) <= 0) return {}; return ba; #else diff --git a/src/knx/ssl/qknxssl_openssl.cpp b/src/knx/ssl/qknxssl_openssl.cpp index a110efb..db07366 100644 --- a/src/knx/ssl/qknxssl_openssl.cpp +++ b/src/knx/ssl/qknxssl_openssl.cpp @@ -66,7 +66,7 @@ Q_GLOBAL_STATIC_WITH_ARGS(QMutex, qt_knxOpenSslInitMutex, (QMutex::Recursive)) bool QKnxOpenSsl::supportsSsl() { #if QT_CONFIG(opensslv11) - if (!q_resolveOpenSslSymbols()) + if (!QKnxPrivate::q_resolveOpenSslSymbols()) return false; const QMutexLocker locker(qt_knxOpenSslInitMutex); @@ -74,18 +74,18 @@ bool QKnxOpenSsl::supportsSsl() s_libraryLoaded = true; // Initialize OpenSSL. - if (q_OPENSSL_init_ssl(0, nullptr) != 1) + if (QKnxPrivate::q_OPENSSL_init_ssl(0, nullptr) != 1) return false; - q_SSL_load_error_strings(); - q_OpenSSL_add_all_algorithms(); + QKnxPrivate::q_SSL_load_error_strings(); + QKnxPrivate::q_OpenSSL_add_all_algorithms(); // Initialize OpenSSL's random seed. - if (!q_RAND_status()) { + if (!QKnxPrivate::q_RAND_status()) { qWarning("Random number generator not seeded, disabling SSL support"); return false; } - if (q_EVP_PKEY_type(NID_X25519) == NID_undef) { + if (QKnxPrivate::q_EVP_PKEY_type(NID_X25519) == NID_undef) { qWarning("The X25519 algorithm is not supported, disabling SSL support"); return false; } @@ -105,7 +105,7 @@ long QKnxOpenSsl::sslLibraryVersionNumber() { #if QT_CONFIG(opensslv11) if (supportsSsl()) - return q_OpenSSL_version_num(); + return QKnxPrivate::q_OpenSSL_version_num(); #endif return 0; } @@ -136,32 +136,33 @@ QKnxByteArray QKnxSsl::doCrypt(const QKnxByteArray &key, const QKnxByteArray &iv if (!qt_QKnxOpenSsl->supportsSsl()) return {}; - QSharedPointer ctxPtr(q_EVP_CIPHER_CTX_new(), q_EVP_CIPHER_CTX_free); + QSharedPointer ctxPtr(QKnxPrivate::q_EVP_CIPHER_CTX_new(), + QKnxPrivate::q_EVP_CIPHER_CTX_free); if (ctxPtr.isNull()) return {}; - q_EVP_CIPHER_CTX_reset(ctxPtr.data()); + QKnxPrivate::q_EVP_CIPHER_CTX_reset(ctxPtr.data()); const auto ctx = ctxPtr.data(); - const auto c = q_EVP_aes_128_cbc(); - if (q_EVP_CipherInit_ex(ctx, c, nullptr, nullptr, nullptr, mode) <= 0) + const auto c = QKnxPrivate::q_EVP_aes_128_cbc(); + if (QKnxPrivate::q_EVP_CipherInit_ex(ctx, c, nullptr, nullptr, nullptr, mode) <= 0) return {}; - if (q_EVP_CIPHER_CTX_set_padding(ctx, 0) <= 0) + if (QKnxPrivate::q_EVP_CIPHER_CTX_set_padding(ctx, 0) <= 0) return {}; - Q_ASSERT(q_EVP_CIPHER_CTX_iv_length(ctx) == 16); - Q_ASSERT(q_EVP_CIPHER_CTX_key_length(ctx) == 16); + Q_ASSERT(QKnxPrivate::q_EVP_CIPHER_CTX_iv_length(ctx) == 16); + Q_ASSERT(QKnxPrivate::q_EVP_CIPHER_CTX_key_length(ctx) == 16); - if (q_EVP_CipherInit_ex(ctx, nullptr, nullptr, key.constData(), iv.constData(), mode) <= 0) + if (QKnxPrivate::q_EVP_CipherInit_ex(ctx, nullptr, nullptr, key.constData(), iv.constData(), mode) <= 0) return {}; int outl, offset = 0; - QKnxByteArray out(data.size() + q_EVP_CIPHER_block_size(c), 0x00); - if (q_EVP_CipherUpdate(ctx, out.data(), &outl, data.constData(), data.size()) <= 0) + QKnxByteArray out(data.size() + QKnxPrivate::q_EVP_CIPHER_block_size(c), 0x00); + if (QKnxPrivate::q_EVP_CipherUpdate(ctx, out.data(), &outl, data.constData(), data.size()) <= 0) return {}; offset += outl; - if (q_EVP_CipherFinal_ex(ctx, out.data() + offset, &outl) <= 0) + if (QKnxPrivate::q_EVP_CipherFinal_ex(ctx, out.data() + offset, &outl) <= 0) return {}; offset += outl; diff --git a/src/knx/ssl/qsslsocket_openssl_symbols.cpp b/src/knx/ssl/qsslsocket_openssl_symbols.cpp index d46f869..73caed3 100644 --- a/src/knx/ssl/qsslsocket_openssl_symbols.cpp +++ b/src/knx/ssl/qsslsocket_openssl_symbols.cpp @@ -78,6 +78,8 @@ QT_BEGIN_NAMESPACE +namespace QKnxPrivate { + /* Note to maintainer: ------------------- @@ -1438,4 +1440,6 @@ QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime) } +} // namespace QKnxPrivate + QT_END_NAMESPACE diff --git a/src/knx/ssl/qsslsocket_openssl_symbols_p.h b/src/knx/ssl/qsslsocket_openssl_symbols_p.h index c5ae895..b3dacd0 100644 --- a/src/knx/ssl/qsslsocket_openssl_symbols_p.h +++ b/src/knx/ssl/qsslsocket_openssl_symbols_p.h @@ -110,6 +110,8 @@ QT_BEGIN_NAMESPACE Q_DECLARE_LOGGING_CATEGORY(lcSsl) +namespace QKnxPrivate { + #define DUMMYARG #if !defined QT_LINKED_OPENSSL @@ -603,6 +605,8 @@ void q_SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, const EVP_MD *q_EVP_sha256(void); #endif +} // namespace QKnxPrivate + // Helper function class QDateTime; QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime); -- cgit v1.2.3