1 /****************************************************************************
2 **
3 ** Copyright (C) 2015 The Qt Company Ltd.
4 ** Contact: http://www.qt.io/licensing/
5 **
6 ** This file is part of the QtNetwork module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and The Qt Company. For licensing terms
14 ** and conditions see http://www.qt.io/terms-conditions. For further
15 ** information use the contact form at http://www.qt.io/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 or version 3 as published by the Free
20 ** Software Foundation and appearing in the file LICENSE.LGPLv21 and
21 ** LICENSE.LGPLv3 included in the packaging of this file. Please review the
22 ** following information to ensure the GNU Lesser General Public License
23 ** requirements will be met: https://www.gnu.org/licenses/lgpl.html and
24 ** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
25 **
26 ** As a special exception, The Qt Company gives you certain additional
27 ** rights. These rights are described in The Qt Company LGPL Exception
28 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
29 **
30 ** GNU General Public License Usage
31 ** Alternatively, this file may be used under the terms of the GNU
32 ** General Public License version 3.0 as published by the Free Software
33 ** Foundation and appearing in the file LICENSE.GPL included in the
34 ** packaging of this file. Please review the following information to
35 ** ensure the GNU General Public License version 3.0 requirements will be
36 ** met: http://www.gnu.org/copyleft/gpl.html.
37 **
38 ** $QT_END_LICENSE$
39 **
40 ****************************************************************************/
41
42
43 #include <QtCore/qglobal.h>
44
45 #ifndef QT_NO_OPENSSL
46
47 #include "qsslsocket_openssl_symbols_p.h"
48
49 #ifdef Q_OS_WIN
50 # include <private/qsystemlibrary_p.h>
51 #else
52 # include <QtCore/qlibrary.h>
53 #endif
54 #include <QtCore/qmutex.h>
55 #include <private/qmutexpool_p.h>
56 #include <QtCore/qdatetime.h>
57 #if defined(Q_OS_UNIX)
58 #include <QtCore/qdir.h>
59 #endif
60 #ifdef Q_OS_LINUX
61 #include <link.h>
62 #endif
63
64 QT_BEGIN_NAMESPACE
65
66 /*
67 Note to maintainer:
68 -------------------
69
70 We load OpenSSL symbols dynamically. Because symbols are known to
71 disappear, and signatures sometimes change, between releases, we need to
72 be careful about how this is done. To ensure we don't end up dereferencing
73 null function pointers, and continue running even if certain functions are
74 missing, we define helper functions for each of the symbols we load from
75 OpenSSL, all prefixed with "q_" (declared in
76 qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect
77 directly, we call q_SSL_connect, which is a function that checks if the
78 actual SSL_connect fptr is null, and returns a failure if it is, or calls
79 SSL_connect if it isn't.
80
81 This requires a somewhat tedious process of declaring each function we
82 want to call in OpenSSL thrice: once with the q_, in _p.h, once using the
83 DEFINEFUNC macros below, and once in the function that actually resolves
84 the symbols, below the DEFINEFUNC declarations below.
85
86 There's one DEFINEFUNC macro declared for every number of arguments
87 exposed by OpenSSL (feel free to extend when needed). The easiest thing to
88 do is to find an existing entry that matches the arg count of the function
89 you want to import, and do the same.
90
91 The first macro arg is the function return type. The second is the
92 verbatim name of the function/symbol. Then follows a list of N pairs of
93 argument types with a variable name, and just the variable name (char *a,
94 a, char *b, b, etc). Finally there's two arguments - a suitable return
95 statement for the error case (for an int function, return 0 or return -1
96 is usually right). Then either just "return" or DUMMYARG, the latter being
97 for void functions.
98
99 Note: Take into account that these macros and declarations are processed
100 at compile-time, and the result depends on the OpenSSL headers the
101 compiling host has installed, but the symbols are resolved at run-time,
102 possibly with a different version of OpenSSL.
103 */
104
105 #ifdef SSLEAY_MACROS
106 DEFINEFUNC3(void *, ASN1_dup, i2d_of_void *a, a, d2i_of_void *b, b, char *c, c, return 0, return)
107 #endif
108 DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER *a, a, return 0, return)
109 DEFINEFUNC(unsigned char *, ASN1_STRING_data, ASN1_STRING *a, a, return 0, return)
110 DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING *a, a, return 0, return)
111 DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return);
112 DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return)
113 DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return)
114 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
115 DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return 0, return)
116 #else
117 DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return 0, return)
118 #endif
119 DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return 0, return)
120 DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return)
121 #if OPENSSL_VERSION_NUMBER < 0x10100000L
122 DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
123 #else
124 DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
125 #endif
126 DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return)
127 DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return)
128 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
129 DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return)
DEFINEFUNC(void,CRYPTO_set_locking_callback,void (* a)(int,int,const char *,int),a,return,DUMMYARG)130 DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG)
131 DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG)
132 DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG)
133 #else
134 DEFINEFUNC(void, OPENSSL_free, void *a, a, return, DUMMYARG)
135 #endif
136 DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG)
137 #if OPENSSL_VERSION_NUMBER < 0x00908000L
138 DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return)
139 #else // 0.9.8 broke SC and BC by changing this signature.
140 DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, const unsigned char **b, b, long c, c, return 0, return)
141 #endif
142 DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return 0, return)
143 DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return)
144 DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return 0, return)
145 DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return)
146 DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return)
147 DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY *a, a, DSA *b, b, return -1, return)
148 DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY *a, a, return, DUMMYARG)
149 DEFINEFUNC(DSA *, EVP_PKEY_get1_DSA, EVP_PKEY *a, a, return 0, return)
150 DEFINEFUNC(RSA *, EVP_PKEY_get1_RSA, EVP_PKEY *a, a, return 0, return)
151 DEFINEFUNC(EVP_PKEY *, EVP_PKEY_new, DUMMYARG, DUMMYARG, return 0, return)
152 DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return)
153 DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return)
154 DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return 0, return)
155 DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT *a, a, return NID_undef, return)
156 #ifdef SSLEAY_MACROS
157 DEFINEFUNC6(void *, PEM_ASN1_read_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return 0, return)
158 DEFINEFUNC6(void *, PEM_ASN1_write_bio, d2i_of_void *a, a, const char *b, b, BIO *c, c, void **d, d, pem_password_cb *e, e, void *f, f, return 0, return)
159 #else
160 DEFINEFUNC4(DSA *, PEM_read_bio_DSAPrivateKey, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
161 DEFINEFUNC4(RSA *, PEM_read_bio_RSAPrivateKey, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
162 DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
163 DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
164 #endif
165 DEFINEFUNC4(DSA *, PEM_read_bio_DSA_PUBKEY, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
166 DEFINEFUNC4(RSA *, PEM_read_bio_RSA_PUBKEY, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return 0, return)
167 DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO *a, a, DSA *b, b, return 0, return)
168 DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO *a, a, RSA *b, b, return 0, return)
169 DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG)
170 DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return)
171 DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG)
172 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
173 DEFINEFUNC(int, sk_num, STACK *a, a, return -1, return)
174 DEFINEFUNC2(void, sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
175 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
176 DEFINEFUNC(void, sk_free, _STACK *a, a, return, DUMMYARG)
177 DEFINEFUNC2(void *, sk_value, STACK *a, a, int b, b, return 0, return)
178 #else
179 DEFINEFUNC(void, sk_free, STACK *a, a, return, DUMMYARG)
180 DEFINEFUNC2(char *, sk_value, STACK *a, a, int b, b, return 0, return)
181 #endif
182 #else
183 DEFINEFUNC(int, OPENSSL_sk_num, STACK *a, a, return -1, return)
184 DEFINEFUNC2(void, OPENSSL_sk_pop_free, STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
185 DEFINEFUNC(void, OPENSSL_sk_free, _STACK *a, a, return, DUMMYARG)
186 DEFINEFUNC2(void *, OPENSSL_sk_value, STACK *a, a, int b, b, return 0, return)
187 #endif
188 DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return)
189 DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return)
190 DEFINEFUNC3(char *, SSL_CIPHER_description, SSL_CIPHER *a, a, char *b, b, int c, c, return 0, return)
191 DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return)
192 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
193 // 0.9.8 broke SC and BC by changing this function's signature.
194 DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX *a, a, return -1, return)
195 #else
196 DEFINEFUNC(int, SSL_CTX_check_private_key, SSL_CTX *a, a, return -1, return)
197 #endif
198 DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return)
199 DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG)
200 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
201 DEFINEFUNC(SSL_CTX *, SSL_CTX_new, const SSL_METHOD *a, a, return 0, return)
202 #else
203 DEFINEFUNC(SSL_CTX *, SSL_CTX_new, SSL_METHOD *a, a, return 0, return)
204 #endif
205 DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return)
206 DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return)
207 DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX *a, a, int b, b, int (*c)(int, X509_STORE_CTX *), c, return, DUMMYARG)
208 DEFINEFUNC2(void, SSL_CTX_set_verify_depth, SSL_CTX *a, a, int b, b, return, DUMMYARG)
209 DEFINEFUNC2(int, SSL_CTX_use_certificate, SSL_CTX *a, a, X509 *b, b, return -1, return)
210 DEFINEFUNC3(int, SSL_CTX_use_certificate_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
211 DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -1, return)
212 DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return)
213 DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
214 DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG)
215 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
216 // 0.9.8 broke SC and BC by changing this function's signature.
217 DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return 0, return)
218 #else
219 DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, SSL *a, a, return 0, return)
220 #endif
221 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
222 DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return 0, return)
223 #else
224 DEFINEFUNC(SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return 0, return)
225 #endif
226 DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return)
227 DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return 0, return)
228 DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return 0, return)
229 #if OPENSSL_VERSION_NUMBER >= 0x00908000L
230 // 0.9.8 broke SC and BC by changing this function's signature.
231 DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return)
232 #else
233 DEFINEFUNC(long, SSL_get_verify_result, SSL *a, a, return -1, return)
234 #endif
235 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
236 DEFINEFUNC(int, SSL_library_init, void, DUMMYARG, return -1, return)
237 DEFINEFUNC(void, SSL_load_error_strings, void, DUMMYARG, return, DUMMYARG)
238 #else
239 DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return -1, return)
240 #endif
241 DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return 0, return)
242 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
243 DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return)
244 #endif
245 DEFINEFUNC3(int, SSL_read, SSL *a, a, void *b, b, int c, c, return -1, return)
246 DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG)
247 DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG)
248 DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG)
249 DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return)
250 #if OPENSSL_VERSION_NUMBER >= 0x10000000L
251 #ifndef OPENSSL_NO_SSL2
252 DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
253 #endif
254 #ifndef OPENSSL_NO_SSL3_METHOD
255 DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
256 #endif
257 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
258 DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
259 #else
260 DEFINEFUNC(const SSL_METHOD *, TLS_client_method, DUMMYARG, DUMMYARG, return 0, return)
261 #endif
262 DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
263 #ifndef OPENSSL_NO_SSL2
264 DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
265 #endif
266 #ifndef OPENSSL_NO_SSL3_METHOD
267 DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
268 #endif
269 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
270 DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
271 #else
272 DEFINEFUNC(const SSL_METHOD *, TLS_server_method, DUMMYARG, DUMMYARG, return 0, return)
273 #endif
274 DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
275 #else
276 DEFINEFUNC(SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
277 DEFINEFUNC(SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
278 DEFINEFUNC(SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
279 DEFINEFUNC(SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
280 DEFINEFUNC(SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
281 DEFINEFUNC(SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
282 DEFINEFUNC(SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
283 DEFINEFUNC(SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
284 #endif
285 DEFINEFUNC3(int, SSL_write, SSL *a, a, const void *b, b, int c, c, return -1, return)
286 DEFINEFUNC2(int, X509_cmp, X509 *a, a, X509 *b, b, return -1, return)
287 #ifndef SSLEAY_MACROS
288 DEFINEFUNC(X509 *, X509_dup, X509 *a, a, return 0, return)
289 #endif
290 DEFINEFUNC(ASN1_OBJECT *, X509_EXTENSION_get_object, X509_EXTENSION *a, a, return 0, return)
291 DEFINEFUNC(void, X509_free, X509 *a, a, return, DUMMYARG)
292 DEFINEFUNC2(X509_EXTENSION *, X509_get_ext, X509 *a, a, int b, b, return 0, return)
293 DEFINEFUNC(int, X509_get_ext_count, X509 *a, a, return 0, return)
294 DEFINEFUNC4(void *, X509_get_ext_d2i, X509 *a, a, int b, b, int *c, c, int *d, d, return 0, return)
295 DEFINEFUNC(X509_NAME *, X509_get_issuer_name, X509 *a, a, return 0, return)
296 DEFINEFUNC(X509_NAME *, X509_get_subject_name, X509 *a, a, return 0, return)
297 DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX *a, a, return -1, return)
298 DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME *a, a, return 0, return)
299 DEFINEFUNC2(X509_NAME_ENTRY *, X509_NAME_get_entry, X509_NAME *a, a, int b, b, return 0, return)
300 DEFINEFUNC(ASN1_STRING *, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY *a, a, return 0, return)
301 DEFINEFUNC(ASN1_OBJECT *, X509_NAME_ENTRY_get_object, X509_NAME_ENTRY *a, a, return 0, return)
302 DEFINEFUNC(EVP_PKEY *, X509_PUBKEY_get, X509_PUBKEY *a, a, return 0, return)
303 DEFINEFUNC(void, X509_STORE_free, X509_STORE *a, a, return, DUMMYARG)
304 DEFINEFUNC(X509_STORE *, X509_STORE_new, DUMMYARG, DUMMYARG, return 0, return)
305 DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, return)
306 DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG)
307 DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return)
308 DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return)
309 DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return)
310 DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return)
311 DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return 0, return)
312 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
313 DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get_chain, X509_STORE_CTX *a, a, return 0, return)
314 #else
315 DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return 0, return)
316 #endif
317 DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return 0, return)
318 #ifdef SSLEAY_MACROS
319 DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return)
320 DEFINEFUNC2(int, i2d_RSAPrivateKey, const RSA *a, a, unsigned char **b, b, return -1, return)
321 DEFINEFUNC3(RSA *, d2i_RSAPrivateKey, RSA **a, a, unsigned char **b, b, long c, c, return 0, return)
322 DEFINEFUNC3(DSA *, d2i_DSAPrivateKey, DSA **a, a, unsigned char **b, b, long c, c, return 0, return)
323 #endif
324 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
325 DEFINEFUNC(void, OPENSSL_add_all_algorithms_noconf, void, DUMMYARG, return, DUMMYARG)
326 DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG)
327 #else
328 DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return -1, return)
329 #endif
330 DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return)
331 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
332 DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return)
333 #else
334 DEFINEFUNC(unsigned long, OpenSSL_version_num, void, DUMMYARG, return 0, return)
335 #endif
336 DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *ctx, ctx, return 0, return)
337
338 DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *x, x, return 0, return)
339 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
340 DEFINEFUNC(int, EVP_PKEY_id, const EVP_PKEY *pkey, pkey, return 0, return)
341 DEFINEFUNC(int, EVP_PKEY_base_id, const EVP_PKEY *pkey, pkey, return 0, return)
342 DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *cipher, cipher, int *alg_bits, alg_bits, return 0, return)
343 DEFINEFUNC2(long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, long options, options, return 0, return)
344 DEFINEFUNC(long, X509_get_version, X509 *x, x, return 0, return)
345 DEFINEFUNC(X509_PUBKEY *, X509_get_X509_PUBKEY, X509 *x, x, return 0, return)
346 DEFINEFUNC(int, RSA_bits, const RSA *rsa, rsa, return 0, return)
347 DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return)
348 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
349 DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return)
350 DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return)
351 #else
352 DEFINEFUNC(ASN1_TIME *, X509_getm_notAfter, X509 *x, x, return 0, return)
353 DEFINEFUNC(ASN1_TIME *, X509_getm_notBefore, X509 *x, x, return 0, return)
354 #endif
355 DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, return)
356 #endif
357
358 #ifdef Q_OS_SYMBIAN
359 #define RESOLVEFUNC(func, ordinal, lib) \
360 if (!(_q_##func = _q_PTR_##func(lib->resolve(#ordinal)))) \
361 qWarning("QSslSocket: cannot resolve "#func);
362 #else
363 #define RESOLVEFUNC(func) \
364 if (!(_q_##func = _q_PTR_##func(libs.first->resolve(#func))) \
365 && !(_q_##func = _q_PTR_##func(libs.second->resolve(#func)))) \
366 qWarning("QSslSocket: cannot resolve "#func);
367 #endif
368
369 #if !defined QT_LINKED_OPENSSL
370
371 #ifdef QT_NO_LIBRARY
372 bool q_resolveOpenSslSymbols()
373 {
374 qWarning("QSslSocket: unable to resolve symbols. "
375 "QT_NO_LIBRARY is defined which means runtime resolving of "
376 "libraries won't work.");
377 qWarning("Either compile Qt statically or with support for runtime resolving "
378 "of libraries.");
379 return false;
380 }
381 #else
382
383 # ifdef Q_OS_UNIX
384 static bool libGreaterThan(const QString &lhs, const QString &rhs)
385 {
386 QStringList lhsparts = lhs.split(QLatin1Char('.'));
387 QStringList rhsparts = rhs.split(QLatin1Char('.'));
388 Q_ASSERT(lhsparts.count() > 1 && rhsparts.count() > 1);
389
390 for (int i = 1; i < rhsparts.count(); ++i) {
391 if (lhsparts.count() <= i)
392 // left hand side is shorter, so it's less than rhs
393 return false;
394
395 bool ok = false;
396 int b = 0;
397 int a = lhsparts.at(i).toInt(&ok);
398 if (ok)
399 b = rhsparts.at(i).toInt(&ok);
400 if (ok) {
401 // both toInt succeeded
402 if (a == b)
403 continue;
404 return a > b;
405 } else {
406 // compare as strings;
407 if (lhsparts.at(i) == rhsparts.at(i))
408 continue;
409 return lhsparts.at(i) > rhsparts.at(i);
410 }
411 }
412
413 // they compared strictly equally so far
414 // lhs cannot be less than rhs
415 return true;
416 }
417
418 #ifdef Q_OS_LINUX
419 static int dlIterateCallback(struct dl_phdr_info *info, size_t size, void *data)
420 {
421 if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name))
422 return 1;
423 QSet<QString> *paths = (QSet<QString> *)data;
424 QString path = QString::fromLocal8Bit(info->dlpi_name);
425 if (!path.isEmpty()) {
426 QFileInfo fi(path);
427 path = fi.absolutePath();
428 if (!path.isEmpty())
429 paths->insert(path);
430 }
431 return 0;
432 }
433 #endif
434
435 static QStringList libraryPathList()
436 {
437 QStringList paths;
438 # ifdef Q_OS_DARWIN
439 paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH"))
440 .split(QLatin1Char(':'), QString::SkipEmptyParts);
441 # else
442 paths = QString::fromLatin1(qgetenv("LD_LIBRARY_PATH"))
443 .split(QLatin1Char(':'), QString::SkipEmptyParts);
444 # endif
445 paths << QLatin1String("/lib") << QLatin1String("/usr/lib") << QLatin1String("/usr/local/lib");
446 paths << QLatin1String("/lib64") << QLatin1String("/usr/lib64") << QLatin1String("/usr/local/lib64");
447 paths << QLatin1String("/lib32") << QLatin1String("/usr/lib32") << QLatin1String("/usr/local/lib32");
448
449 #ifdef Q_OS_LINUX
450 // discover paths of already loaded libraries
451 QSet<QString> loadedPaths;
452 dl_iterate_phdr(dlIterateCallback, &loadedPaths);
453 paths.append(loadedPaths.toList());
454 #endif
455
456 return paths;
457 }
458
459
460 static QStringList findAllLibSsl()
461 {
462 QStringList paths = libraryPathList();
463 QStringList foundSsls;
464
465 foreach (const QString &path, paths) {
466 QDir dir(path);
467 QStringList entryList = dir.entryList(QStringList() << QLatin1String("libssl.*"), QDir::Files);
468
469 qSort(entryList.begin(), entryList.end(), libGreaterThan);
470 foreach (const QString &entry, entryList)
471 foundSsls << path + QLatin1Char('/') + entry;
472 }
473
474 return foundSsls;
475 }
476
477 static QStringList findAllLibCrypto()
478 {
479 QStringList paths = libraryPathList();
480
481 QStringList foundCryptos;
482 foreach (const QString &path, paths) {
483 QDir dir(path);
484 QStringList entryList = dir.entryList(QStringList() << QLatin1String("libcrypto.*"), QDir::Files);
485
486 qSort(entryList.begin(), entryList.end(), libGreaterThan);
487 foreach (const QString &entry, entryList)
488 foundCryptos << path + QLatin1Char('/') + entry;
489 }
490
491 return foundCryptos;
492 }
493 # endif
494
495 #ifdef Q_OS_WIN
496 static QPair<QSystemLibrary*, QSystemLibrary*> loadOpenSslWin32()
497 {
498 QPair<QSystemLibrary*,QSystemLibrary*> pair;
499 pair.first = 0;
500 pair.second = 0;
501
502 QSystemLibrary *ssleay32 = new QSystemLibrary(QLatin1String("ssleay32"));
503 if (!ssleay32->load(false)) {
504 // Cannot find ssleay32.dll
505 delete ssleay32;
506 return pair;
507 }
508
509 QSystemLibrary *libeay32 = new QSystemLibrary(QLatin1String("libeay32"));
510 if (!libeay32->load(false)) {
511 delete ssleay32;
512 delete libeay32;
513 return pair;
514 }
515
516 pair.first = ssleay32;
517 pair.second = libeay32;
518 return pair;
519 }
520 #else
521
522 static QPair<QLibrary*, QLibrary*> loadOpenSsl()
523 {
524 QPair<QLibrary*,QLibrary*> pair;
525 pair.first = 0;
526 pair.second = 0;
527
528 # if defined(Q_OS_SYMBIAN)
529 QLibrary *libssl = new QLibrary(QLatin1String("libssl"));
530 if (!libssl->load()) {
531 // Cannot find ssleay32.dll
532 delete libssl;
533 return pair;
534 }
535
536 QLibrary *libcrypto = new QLibrary(QLatin1String("libcrypto"));
537 if (!libcrypto->load()) {
538 delete libcrypto;
539 delete libssl;
540 return pair;
541 }
542
543 pair.first = libssl;
544 pair.second = libcrypto;
545 return pair;
546 # elif defined(Q_OS_UNIX)
547 QLibrary *&libssl = pair.first;
548 QLibrary *&libcrypto = pair.second;
549 libssl = new QLibrary;
550 libcrypto = new QLibrary;
551
552 // Try to find the libssl library on the system.
553 //
554 // Up until Qt 4.3, this only searched for the "ssl" library at version -1, that
555 // is, libssl.so on most Unix systems. However, the .so file isn't present in
556 // user installations because it's considered a development file.
557 //
558 // The right thing to do is to load the library at the major version we know how
559 // to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h)
560 //
561 // However, OpenSSL is a well-known case of binary-compatibility breakage. To
562 // avoid such problems, many system integrators and Linux distributions change
563 // the soname of the binary, letting the full version number be the soname. So
564 // we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that
565 // reason, we will search a few common paths (see findAllLibSsl() above) in hopes
566 // we find one that works.
567 //
568 // It is important, however, to try the canonical name and the unversioned name
569 // without going through the loop. By not specifying a path, we let the system
570 // dlopen(3) function determine it for us. This will include any DT_RUNPATH or
571 // DT_RPATH tags on our library header as well as other system-specific search
572 // paths. See the man page for dlopen(3) on your system for more information.
573
574 #ifdef Q_OS_OPENBSD
575 libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
576 #endif
577 #if defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
578 libssl->setLoadHints(QLibrary::ImprovedSearchHeuristics);
579 libcrypto->setLoadHints(libcrypto->loadHints() | QLibrary::ImprovedSearchHeuristics);
580 #elif defined(SHLIB_VERSION_NUMBER)
581 // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
582 libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
583 libssl->setLoadHints(QLibrary::ImprovedSearchHeuristics);
584 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
585 libcrypto->setLoadHints(libcrypto->loadHints() | QLibrary::ImprovedSearchHeuristics);
586 if (libcrypto->load() && libssl->load()) {
587 // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
588 return pair;
589 } else {
590 libssl->unload();
591 libcrypto->unload();
592 }
593 #endif
594
595 // second attempt: find the development files libssl.so and libcrypto.so
596 libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
597 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
598 if (libcrypto->load() && libssl->load()) {
599 // libssl.so.0 and libcrypto.so.0 found
600 return pair;
601 } else {
602 libssl->unload();
603 libcrypto->unload();
604 }
605
606 // third attempt: loop on the most common library paths and find libssl
607 QStringList sslList = findAllLibSsl();
608 QStringList cryptoList = findAllLibCrypto();
609
610 foreach (const QString &crypto, cryptoList) {
611 libcrypto->setFileNameAndVersion(crypto, -1);
612 if (libcrypto->load()) {
613 QFileInfo fi(crypto);
614 QString version = fi.completeSuffix();
615
616 foreach (const QString &ssl, sslList) {
617 if (!ssl.endsWith(version))
618 continue;
619
620 libssl->setFileNameAndVersion(ssl, -1);
621
622 if (libssl->load()) {
623 // libssl.so.x and libcrypto.so.x found
624 return pair;
625 } else {
626 libssl->unload();
627 }
628 }
629 }
630 libcrypto->unload();
631 }
632
633 // failed to load anything
634 delete libssl;
635 delete libcrypto;
636 libssl = libcrypto = 0;
637 return pair;
638
639 # else
640 // not implemented for this platform yet
641 return pair;
642 # endif
643 }
644 #endif
645
646 bool q_resolveOpenSslSymbols()
647 {
648 static volatile bool symbolsResolved = false;
649 static volatile bool triedToResolveSymbols = false;
650 #ifndef QT_NO_THREAD
651 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
652 QMutexLocker locker(QMutexPool::globalInstanceGet((void *)&q_SSL_library_init));
653 #else
654 QMutexLocker locker(QMutexPool::globalInstanceGet((void *)&q_OPENSSL_init_ssl));
655 #endif
656 #endif
657 if (symbolsResolved)
658 return true;
659 if (triedToResolveSymbols)
660 return false;
661 triedToResolveSymbols = true;
662
663 #ifdef Q_OS_WIN
664 QPair<QSystemLibrary *, QSystemLibrary *> libs = loadOpenSslWin32();
665 #else
666 QPair<QLibrary *, QLibrary *> libs = loadOpenSsl();
667 #endif
668 if (!libs.first || !libs.second)
669 // failed to load them
670 return false;
671
672 #ifdef Q_OS_SYMBIAN
673 #ifdef SSLEAY_MACROS
674 RESOLVEFUNC(ASN1_dup, 125, libs.second )
675 #endif
676 RESOLVEFUNC(ASN1_INTEGER_get, 48, libs.second )
677 RESOLVEFUNC(ASN1_STRING_data, 71, libs.second )
678 RESOLVEFUNC(ASN1_STRING_length, 76, libs.second )
679 RESOLVEFUNC(ASN1_STRING_to_UTF8, 86, libs.second )
680 RESOLVEFUNC(BIO_ctrl, 184, libs.second )
681 RESOLVEFUNC(BIO_free, 209, libs.second )
682 RESOLVEFUNC(BIO_new, 222, libs.second )
683 RESOLVEFUNC(BIO_new_mem_buf, 230, libs.second )
684 RESOLVEFUNC(BIO_read, 244, libs.second )
685 RESOLVEFUNC(BIO_s_mem, 251, libs.second )
686 RESOLVEFUNC(BIO_write, 269, libs.second )
687 RESOLVEFUNC(BN_num_bits, 387, libs.second )
688 RESOLVEFUNC(CRYPTO_free, 469, libs.second )
689 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
690 RESOLVEFUNC(CRYPTO_num_locks, 500, libs.second )
691 RESOLVEFUNC(CRYPTO_set_id_callback, 513, libs.second )
692 RESOLVEFUNC(CRYPTO_set_locking_callback, 516, libs.second )
693 #endif
694 RESOLVEFUNC(DSA_free, 594, libs.second )
695 RESOLVEFUNC(ERR_error_string, 744, libs.second )
696 RESOLVEFUNC(ERR_get_error, 749, libs.second )
697 RESOLVEFUNC(EVP_des_ede3_cbc, 919, libs.second )
698 RESOLVEFUNC(EVP_PKEY_assign, 859, libs.second )
699 RESOLVEFUNC(EVP_PKEY_set1_RSA, 880, libs.second )
700 RESOLVEFUNC(EVP_PKEY_set1_DSA, 879, libs.second )
701 RESOLVEFUNC(EVP_PKEY_free, 867, libs.second )
702 RESOLVEFUNC(EVP_PKEY_get1_DSA, 869, libs.second )
703 RESOLVEFUNC(EVP_PKEY_get1_RSA, 870, libs.second )
704 RESOLVEFUNC(EVP_PKEY_new, 876, libs.second )
705 RESOLVEFUNC(EVP_PKEY_type, 882, libs.second )
706 RESOLVEFUNC(OBJ_nid2sn, 1036, libs.second )
707 RESOLVEFUNC(OBJ_obj2nid, 1037, libs.second )
708 #ifdef SSLEAY_MACROS // ### verify
709 RESOLVEFUNC(PEM_ASN1_read_bio, 1180, libs.second )
710 #else
711 RESOLVEFUNC(PEM_read_bio_DSAPrivateKey, 1219, libs.second )
712 RESOLVEFUNC(PEM_read_bio_RSAPrivateKey, 1228, libs.second )
713 RESOLVEFUNC(PEM_write_bio_DSAPrivateKey, 1260, libs.second )
714 RESOLVEFUNC(PEM_write_bio_RSAPrivateKey, 1271, libs.second )
715 #endif
716 RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY, 1220, libs.second )
717 RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY, 1230, libs.second )
718 RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY, 1261, libs.second )
719 RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY, 1273, libs.second )
720 RESOLVEFUNC(RAND_seed, 1426, libs.second )
721 RESOLVEFUNC(RAND_status, 1429, libs.second )
722 RESOLVEFUNC(RSA_free, 1450, libs.second )
723 RESOLVEFUNC(sk_free, 2571, libs.second )
724 RESOLVEFUNC(sk_num, 2576, libs.second )
725 RESOLVEFUNC(sk_pop_free, 2578, libs.second )
726 RESOLVEFUNC(sk_value, 2585, libs.second )
727 RESOLVEFUNC(SSL_CIPHER_description, 11, libs.first )
728 RESOLVEFUNC(SSL_CTX_check_private_key, 21, libs.first )
729 RESOLVEFUNC(SSL_CTX_ctrl, 22, libs.first )
730 RESOLVEFUNC(SSL_CTX_free, 24, libs.first )
731 RESOLVEFUNC(SSL_CTX_new, 35, libs.first )
732 RESOLVEFUNC(SSL_CTX_set_cipher_list, 40, libs.first )
733 RESOLVEFUNC(SSL_CTX_set_default_verify_paths, 44, libs.first )
734 RESOLVEFUNC(SSL_CTX_set_verify, 56, libs.first )
735 RESOLVEFUNC(SSL_CTX_set_verify_depth, 57, libs.first )
736 RESOLVEFUNC(SSL_CTX_use_certificate, 64, libs.first )
737 RESOLVEFUNC(SSL_CTX_use_certificate_file, 67, libs.first )
738 RESOLVEFUNC(SSL_CTX_use_PrivateKey, 58, libs.first )
739 RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey, 61, libs.first )
740 RESOLVEFUNC(SSL_CTX_use_PrivateKey_file, 60, libs.first )
741 RESOLVEFUNC(SSL_accept, 82, libs.first )
742 RESOLVEFUNC(SSL_clear, 92, libs.first )
743 RESOLVEFUNC(SSL_connect, 93, libs.first )
744 RESOLVEFUNC(SSL_free, 99, libs.first )
745 RESOLVEFUNC(SSL_get_ciphers, 104, libs.first )
746 RESOLVEFUNC(SSL_get_current_cipher, 106, libs.first )
747 RESOLVEFUNC(SSL_get_error, 110, libs.first )
748 RESOLVEFUNC(SSL_get_peer_cert_chain, 117, libs.first )
749 RESOLVEFUNC(SSL_get_peer_certificate, 118, libs.first )
750 RESOLVEFUNC(SSL_get_verify_result, 132, libs.first )
751 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
752 RESOLVEFUNC(SSL_library_init, 137, libs.first )
753 RESOLVEFUNC(SSL_load_error_strings, 139, libs.first )
754 #endif
755 RESOLVEFUNC(SSL_new, 140, libs.first )
756 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
757 RESOLVEFUNC(SSL_ctrl, 95, libs.first )
758 #endif
759 RESOLVEFUNC(SSL_read, 143, libs.first )
760 RESOLVEFUNC(SSL_set_accept_state, 148, libs.first )
761 RESOLVEFUNC(SSL_set_bio, 149, libs.first )
762 RESOLVEFUNC(SSL_set_connect_state, 152, libs.first )
763 RESOLVEFUNC(SSL_shutdown, 173, libs.first )
764 RESOLVEFUNC(SSL_write, 188, libs.first )
765 RESOLVEFUNC(SSLv2_client_method, 192, libs.first )
766 RESOLVEFUNC(SSLv3_client_method, 195, libs.first )
767 RESOLVEFUNC(SSLv23_client_method, 189, libs.first )
768 RESOLVEFUNC(TLSv1_client_method, 198, libs.first )
769 RESOLVEFUNC(SSLv2_server_method, 194, libs.first )
770 RESOLVEFUNC(SSLv3_server_method, 197, libs.first )
771 RESOLVEFUNC(SSLv23_server_method, 191, libs.first )
772 RESOLVEFUNC(TLSv1_server_method, 200, libs.first )
773 RESOLVEFUNC(SSL_CTX_load_verify_locations, 34, libs.first )
774 RESOLVEFUNC(X509_NAME_entry_count, 1821, libs.second )
775 RESOLVEFUNC(X509_NAME_get_entry, 1823, libs.second )
776 RESOLVEFUNC(X509_NAME_ENTRY_get_data, 1808, libs.second )
777 RESOLVEFUNC(X509_NAME_ENTRY_get_object, 1809, libs.second )
778 RESOLVEFUNC(X509_PUBKEY_get, 1844, libs.second )
779 RESOLVEFUNC(X509_STORE_free, 1939, libs.second )
780 RESOLVEFUNC(X509_STORE_new, 1942, libs.second )
781 RESOLVEFUNC(X509_STORE_add_cert, 1936, libs.second )
782 RESOLVEFUNC(X509_STORE_CTX_free, 1907, libs.second )
783 RESOLVEFUNC(X509_STORE_CTX_init, 1919, libs.second )
784 RESOLVEFUNC(X509_STORE_CTX_new, 1920, libs.second )
785 RESOLVEFUNC(X509_STORE_CTX_set_purpose, 1931, libs.second )
786 RESOLVEFUNC(X509_cmp, 1992, libs.second )
787 #ifndef SSLEAY_MACROS
788 RESOLVEFUNC(X509_dup, 1997, libs.second )
789 #endif
790 RESOLVEFUNC(X509_EXTENSION_get_object, 1785, libs.second )
791 RESOLVEFUNC(X509_free, 2001, libs.second )
792 RESOLVEFUNC(X509_get_ext, 2012, libs.second )
793 RESOLVEFUNC(X509_get_ext_count, 2016, libs.second )
794 RESOLVEFUNC(X509_get_ext_d2i, 2017, libs.second )
795 RESOLVEFUNC(X509_get_issuer_name, 2018, libs.second )
796 RESOLVEFUNC(X509_get_subject_name, 2022, libs.second )
797 RESOLVEFUNC(X509_verify_cert, 2069, libs.second )
798 RESOLVEFUNC(d2i_X509, 2309, libs.second )
799 RESOLVEFUNC(i2d_X509, 2489, libs.second )
800 #ifdef SSLEAY_MACROS
801 RESOLVEFUNC(i2d_DSAPrivateKey, 2395, libs.second )
802 RESOLVEFUNC(i2d_RSAPrivateKey, 2476, libs.second )
803 RESOLVEFUNC(d2i_DSAPrivateKey, 2220, libs.second )
804 RESOLVEFUNC(d2i_RSAPrivateKey, 2296, libs.second )
805 #endif
806 RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf, 1153, libs.second )
807 RESOLVEFUNC(OPENSSL_add_all_algorithms_conf, 1152, libs.second )
808 RESOLVEFUNC(SSLeay, 1504, libs.second )
809 #else // Q_OS_SYMBIAN
810 #ifdef SSLEAY_MACROS
811 RESOLVEFUNC(ASN1_dup)
812 #endif
813 RESOLVEFUNC(ASN1_INTEGER_get)
814 RESOLVEFUNC(ASN1_STRING_data)
815 RESOLVEFUNC(ASN1_STRING_length)
816 RESOLVEFUNC(ASN1_STRING_to_UTF8)
817 RESOLVEFUNC(BIO_ctrl)
818 RESOLVEFUNC(BIO_free)
819 RESOLVEFUNC(BIO_new)
820 RESOLVEFUNC(BIO_new_mem_buf)
821 RESOLVEFUNC(BIO_read)
822 RESOLVEFUNC(BIO_s_mem)
823 RESOLVEFUNC(BIO_write)
824 RESOLVEFUNC(BN_num_bits)
825 RESOLVEFUNC(CRYPTO_free)
826 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
827 RESOLVEFUNC(CRYPTO_num_locks)
828 RESOLVEFUNC(CRYPTO_set_id_callback)
829 RESOLVEFUNC(CRYPTO_set_locking_callback)
830 #endif
831 RESOLVEFUNC(DSA_free)
832 RESOLVEFUNC(ERR_error_string)
833 RESOLVEFUNC(ERR_get_error)
834 RESOLVEFUNC(EVP_des_ede3_cbc)
835 RESOLVEFUNC(EVP_PKEY_assign)
836 RESOLVEFUNC(EVP_PKEY_set1_RSA)
837 RESOLVEFUNC(EVP_PKEY_set1_DSA)
838 RESOLVEFUNC(EVP_PKEY_free)
839 RESOLVEFUNC(EVP_PKEY_get1_DSA)
840 RESOLVEFUNC(EVP_PKEY_get1_RSA)
841 RESOLVEFUNC(EVP_PKEY_new)
842 RESOLVEFUNC(EVP_PKEY_type)
843 RESOLVEFUNC(OBJ_nid2sn)
844 RESOLVEFUNC(OBJ_obj2nid)
845 #ifdef SSLEAY_MACROS // ### verify
846 RESOLVEFUNC(PEM_ASN1_read_bio)
847 #else
848 RESOLVEFUNC(PEM_read_bio_DSAPrivateKey)
849 RESOLVEFUNC(PEM_read_bio_RSAPrivateKey)
850 RESOLVEFUNC(PEM_write_bio_DSAPrivateKey)
851 RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
852 #endif
853 RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY)
854 RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY)
855 RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY)
856 RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY)
857 RESOLVEFUNC(RAND_seed)
858 RESOLVEFUNC(RAND_status)
859 RESOLVEFUNC(RSA_free)
860 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
861 RESOLVEFUNC(sk_free)
862 RESOLVEFUNC(sk_num)
863 RESOLVEFUNC(sk_pop_free)
864 RESOLVEFUNC(sk_value)
865 #else
866 RESOLVEFUNC(OPENSSL_sk_free)
867 RESOLVEFUNC(OPENSSL_sk_num)
868 RESOLVEFUNC(OPENSSL_sk_pop_free)
869 RESOLVEFUNC(OPENSSL_sk_value)
870 #endif
871 RESOLVEFUNC(SSL_CIPHER_description)
872 RESOLVEFUNC(SSL_CTX_check_private_key)
873 RESOLVEFUNC(SSL_CTX_ctrl)
874 RESOLVEFUNC(SSL_CTX_free)
875 RESOLVEFUNC(SSL_CTX_new)
876 RESOLVEFUNC(SSL_CTX_set_cipher_list)
877 RESOLVEFUNC(SSL_CTX_set_default_verify_paths)
878 RESOLVEFUNC(SSL_CTX_set_verify)
879 RESOLVEFUNC(SSL_CTX_set_verify_depth)
880 RESOLVEFUNC(SSL_CTX_use_certificate)
881 RESOLVEFUNC(SSL_CTX_use_certificate_file)
882 RESOLVEFUNC(SSL_CTX_use_PrivateKey)
883 RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
884 RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
885 RESOLVEFUNC(SSL_CTX_get_cert_store)
886 RESOLVEFUNC(SSL_accept)
887 RESOLVEFUNC(SSL_clear)
888 RESOLVEFUNC(SSL_connect)
889 RESOLVEFUNC(SSL_free)
890 RESOLVEFUNC(SSL_get_ciphers)
891 RESOLVEFUNC(SSL_get_current_cipher)
892 RESOLVEFUNC(SSL_get_error)
893 RESOLVEFUNC(SSL_get_peer_cert_chain)
894 RESOLVEFUNC(SSL_get_peer_certificate)
895 RESOLVEFUNC(SSL_get_verify_result)
896 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
897 RESOLVEFUNC(SSL_library_init)
898 RESOLVEFUNC(SSL_load_error_strings)
899 #else
900 RESOLVEFUNC(OPENSSL_init_ssl)
901 #endif
902 RESOLVEFUNC(SSL_new)
903 #if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
904 RESOLVEFUNC(SSL_ctrl)
905 #endif
906 RESOLVEFUNC(SSL_read)
907 RESOLVEFUNC(SSL_set_accept_state)
908 RESOLVEFUNC(SSL_set_bio)
909 RESOLVEFUNC(SSL_set_connect_state)
910 RESOLVEFUNC(SSL_shutdown)
911 RESOLVEFUNC(SSL_write)
912
913 RESOLVEFUNC(X509_get_serialNumber)
914 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
915 RESOLVEFUNC(SSL_CTX_ctrl)
916 RESOLVEFUNC(EVP_PKEY_id)
917 RESOLVEFUNC(EVP_PKEY_base_id)
918 RESOLVEFUNC(SSL_CIPHER_get_bits)
919 RESOLVEFUNC(SSL_CTX_set_options)
920 RESOLVEFUNC(X509_get_version)
921 RESOLVEFUNC(X509_get_X509_PUBKEY)
922 RESOLVEFUNC(RSA_bits)
923 RESOLVEFUNC(DSA_security_bits)
924 RESOLVEFUNC(DSA_get0_pqg)
925 #if OPENSSL_VERSION_NUMBER < 0x10100000L
926 RESOLVEFUNC(X509_get_notAfter)
927 RESOLVEFUNC(X509_get_notBefore)
928 #else
929 RESOLVEFUNC(X509_getm_notAfter)
930 RESOLVEFUNC(X509_getm_notBefore)
931 #endif
932 #endif
933
934 #ifndef OPENSSL_NO_SSL2
935 RESOLVEFUNC(SSLv2_client_method)
936 #endif
937 #ifndef OPENSSL_NO_SSL3_METHOD
938 RESOLVEFUNC(SSLv3_client_method)
939 #endif
940 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
941 RESOLVEFUNC(SSLv23_client_method)
942 #else
943 RESOLVEFUNC(TLS_client_method)
944 #endif
945 RESOLVEFUNC(TLSv1_client_method)
946 #ifndef OPENSSL_NO_SSL2
947 RESOLVEFUNC(SSLv2_server_method)
948 #endif
949 #ifndef OPENSSL_NO_SSL3_METHOD
950 RESOLVEFUNC(SSLv3_server_method)
951 #endif
952 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
953 RESOLVEFUNC(SSLv23_server_method)
954 #else
955 RESOLVEFUNC(TLS_server_method)
956 #endif
957 RESOLVEFUNC(TLSv1_server_method)
958 RESOLVEFUNC(X509_NAME_entry_count)
959 RESOLVEFUNC(X509_NAME_get_entry)
960 RESOLVEFUNC(X509_NAME_ENTRY_get_data)
961 RESOLVEFUNC(X509_NAME_ENTRY_get_object)
962 RESOLVEFUNC(X509_PUBKEY_get)
963 RESOLVEFUNC(X509_STORE_free)
964 RESOLVEFUNC(X509_STORE_new)
965 RESOLVEFUNC(X509_STORE_add_cert)
966 RESOLVEFUNC(X509_STORE_CTX_free)
967 RESOLVEFUNC(X509_STORE_CTX_init)
968 RESOLVEFUNC(X509_STORE_CTX_new)
969 RESOLVEFUNC(X509_STORE_CTX_set_purpose)
970 RESOLVEFUNC(X509_STORE_CTX_get_error)
971 RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
972 RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
973 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
974 RESOLVEFUNC(X509_STORE_CTX_get_chain)
975 #else
976 RESOLVEFUNC(X509_STORE_CTX_get0_chain)
977 #endif
978 RESOLVEFUNC(X509_cmp)
979 #ifndef SSLEAY_MACROS
980 RESOLVEFUNC(X509_dup)
981 #endif
982 RESOLVEFUNC(X509_EXTENSION_get_object)
983 RESOLVEFUNC(X509_free)
984 RESOLVEFUNC(X509_get_ext)
985 RESOLVEFUNC(X509_get_ext_count)
986 RESOLVEFUNC(X509_get_ext_d2i)
987 RESOLVEFUNC(X509_get_issuer_name)
988 RESOLVEFUNC(X509_get_subject_name)
989 RESOLVEFUNC(X509_verify_cert)
990 RESOLVEFUNC(d2i_X509)
991 RESOLVEFUNC(i2d_X509)
992 #ifdef SSLEAY_MACROS
993 RESOLVEFUNC(i2d_DSAPrivateKey)
994 RESOLVEFUNC(i2d_RSAPrivateKey)
995 RESOLVEFUNC(d2i_DSAPrivateKey)
996 RESOLVEFUNC(d2i_RSAPrivateKey)
997 #endif
998 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
999 RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf)
1000 RESOLVEFUNC(OPENSSL_add_all_algorithms_conf)
1001 #else
1002 RESOLVEFUNC(OPENSSL_init_crypto)
1003 #endif
1004 RESOLVEFUNC(SSL_CTX_load_verify_locations)
1005 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
1006 RESOLVEFUNC(SSLeay)
1007 #else
1008 RESOLVEFUNC(OpenSSL_version_num)
1009 #endif
1010 #endif // Q_OS_SYMBIAN
1011 symbolsResolved = true;
1012 delete libs.first;
1013 delete libs.second;
1014 return true;
1015 }
1016 #endif // QT_NO_LIBRARY
1017
1018 #else // !defined QT_LINKED_OPENSSL
1019
1020 bool q_resolveOpenSslSymbols()
1021 {
1022 #ifdef QT_NO_OPENSSL
1023 return false;
1024 #endif
1025 return true;
1026 }
1027 #endif // !defined QT_LINKED_OPENSSL
1028
1029 //==============================================================================
1030 // contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/
1031 // Based on X509_cmp_time() for intitial buffer hacking.
1032 //==============================================================================
q_getTimeFromASN1(const ASN1_TIME * aTime)1033 QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
1034 {
1035 size_t lTimeLength = aTime->length;
1036 char *pString = (char *) aTime->data;
1037
1038 if (aTime->type == V_ASN1_UTCTIME) {
1039
1040 char lBuffer[24];
1041 char *pBuffer = lBuffer;
1042
1043 if ((lTimeLength < 11) || (lTimeLength > 17))
1044 return QDateTime();
1045
1046 memcpy(pBuffer, pString, 10);
1047 pBuffer += 10;
1048 pString += 10;
1049
1050 if ((*pString == 'Z') || (*pString == '-') || (*pString == '+')) {
1051 *pBuffer++ = '0';
1052 *pBuffer++ = '0';
1053 } else {
1054 *pBuffer++ = *pString++;
1055 *pBuffer++ = *pString++;
1056 // Skip any fractional seconds...
1057 if (*pString == '.') {
1058 pString++;
1059 while ((*pString >= '0') && (*pString <= '9'))
1060 pString++;
1061 }
1062 }
1063
1064 *pBuffer++ = 'Z';
1065 *pBuffer++ = '\0';
1066
1067 time_t lSecondsFromUCT;
1068 if (*pString == 'Z') {
1069 lSecondsFromUCT = 0;
1070 } else {
1071 if ((*pString != '+') && (*pString != '-'))
1072 return QDateTime();
1073
1074 lSecondsFromUCT = ((pString[1] - '0') * 10 + (pString[2] - '0')) * 60;
1075 lSecondsFromUCT += (pString[3] - '0') * 10 + (pString[4] - '0');
1076 lSecondsFromUCT *= 60;
1077 if (*pString == '-')
1078 lSecondsFromUCT = -lSecondsFromUCT;
1079 }
1080
1081 tm lTime;
1082 lTime.tm_sec = ((lBuffer[10] - '0') * 10) + (lBuffer[11] - '0');
1083 lTime.tm_min = ((lBuffer[8] - '0') * 10) + (lBuffer[9] - '0');
1084 lTime.tm_hour = ((lBuffer[6] - '0') * 10) + (lBuffer[7] - '0');
1085 lTime.tm_mday = ((lBuffer[4] - '0') * 10) + (lBuffer[5] - '0');
1086 lTime.tm_mon = (((lBuffer[2] - '0') * 10) + (lBuffer[3] - '0')) - 1;
1087 lTime.tm_year = ((lBuffer[0] - '0') * 10) + (lBuffer[1] - '0');
1088 if (lTime.tm_year < 50)
1089 lTime.tm_year += 100; // RFC 2459
1090
1091 QDate resDate(lTime.tm_year + 1900, lTime.tm_mon + 1, lTime.tm_mday);
1092 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1093
1094 QDateTime result(resDate, resTime, Qt::UTC);
1095 result = result.addSecs(lSecondsFromUCT);
1096 return result;
1097
1098 } else if (aTime->type == V_ASN1_GENERALIZEDTIME) {
1099
1100 if (lTimeLength < 15)
1101 return QDateTime(); // hopefully never triggered
1102
1103 // generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2)
1104 tm lTime;
1105 lTime.tm_sec = ((pString[12] - '0') * 10) + (pString[13] - '0');
1106 lTime.tm_min = ((pString[10] - '0') * 10) + (pString[11] - '0');
1107 lTime.tm_hour = ((pString[8] - '0') * 10) + (pString[9] - '0');
1108 lTime.tm_mday = ((pString[6] - '0') * 10) + (pString[7] - '0');
1109 lTime.tm_mon = (((pString[4] - '0') * 10) + (pString[5] - '0'));
1110 lTime.tm_year = ((pString[0] - '0') * 1000) + ((pString[1] - '0') * 100) +
1111 ((pString[2] - '0') * 10) + (pString[3] - '0');
1112
1113 QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday);
1114 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1115
1116 QDateTime result(resDate, resTime, Qt::UTC);
1117 return result;
1118
1119 } else {
1120 qWarning("unsupported date format detected");
1121 return QDateTime();
1122 }
1123
1124 }
1125
1126 QT_END_NAMESPACE
1127
1128 #endif // QT_NO_OPENSSL
1129