1 /****************************************************************************
2 **
3 ** Copyright (C) 2017 The Qt Company Ltd.
4 ** Copyright (C) 2014 BlackBerry Limited. All rights reserved.
5 ** Copyright (C) 2016 Richard J. Moore <rich@kde.org>
6 ** Contact: https://www.qt.io/licensing/
7 **
8 ** This file is part of the QtNetwork module of the Qt Toolkit.
9 **
10 ** $QT_BEGIN_LICENSE:LGPL$
11 ** Commercial License Usage
12 ** Licensees holding valid commercial Qt licenses may use this file in
13 ** accordance with the commercial license agreement provided with the
14 ** Software or, alternatively, in accordance with the terms contained in
15 ** a written agreement between you and The Qt Company. For licensing terms
16 ** and conditions see https://www.qt.io/terms-conditions. For further
17 ** information use the contact form at https://www.qt.io/contact-us.
18 **
19 ** GNU Lesser General Public License Usage
20 ** Alternatively, this file may be used under the terms of the GNU Lesser
21 ** General Public License version 3 as published by the Free Software
22 ** Foundation and appearing in the file LICENSE.LGPL3 included in the
23 ** packaging of this file. Please review the following information to
24 ** ensure the GNU Lesser General Public License version 3 requirements
25 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
26 **
27 ** GNU General Public License Usage
28 ** Alternatively, this file may be used under the terms of the GNU
29 ** General Public License version 2.0 or (at your option) the GNU General
30 ** Public license version 3 or any later version approved by the KDE Free
31 ** Qt Foundation. The licenses are as published by the Free Software
32 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
33 ** included in the packaging of this file. Please review the following
34 ** information to ensure the GNU General Public License requirements will
35 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and
36 ** https://www.gnu.org/licenses/gpl-3.0.html.
37 **
38 ** $QT_END_LICENSE$
39 **
40 ****************************************************************************/
41
42 /****************************************************************************
43 **
44 ** In addition, as a special exception, the copyright holders listed above give
45 ** permission to link the code of its release of Qt with the OpenSSL project's
46 ** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
47 ** same license as the original version), and distribute the linked executables.
48 **
49 ** You must comply with the GNU General Public License version 2 in all
50 ** respects for all of the code used other than the "OpenSSL" code. If you
51 ** modify this file, you may extend this exception to your version of the file,
52 ** but you are not obligated to do so. If you do not wish to do so, delete
53 ** this exception statement from your version of this file.
54 **
55 ****************************************************************************/
56
57 #include "qssl_p.h"
58 #include "qsslsocket_openssl_symbols_p.h"
59
60 #ifdef Q_OS_WIN
61 # include <private/qsystemlibrary_p.h>
62 #elif QT_CONFIG(library)
63 # include <QtCore/qlibrary.h>
64 #endif
65 #include <QtCore/qmutex.h>
66 #include <QtCore/qdatetime.h>
67 #if defined(Q_OS_UNIX)
68 #include <QtCore/qdir.h>
69 #endif
70 #include <QtCore/private/qmemory_p.h>
71 #if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
72 #include <link.h>
73 #endif
74 #ifdef Q_OS_DARWIN
75 #include "private/qcore_mac_p.h"
76 #endif
77
78 #include <algorithm>
79
80 QT_BEGIN_NAMESPACE
81
82 /*
83 Note to maintainer:
84 -------------------
85
86 We load OpenSSL symbols dynamically. Because symbols are known to
87 disappear, and signatures sometimes change, between releases, we need to
88 be careful about how this is done. To ensure we don't end up dereferencing
89 null function pointers, and continue running even if certain functions are
90 missing, we define helper functions for each of the symbols we load from
91 OpenSSL, all prefixed with "q_" (declared in
92 qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect
93 directly, we call q_SSL_connect, which is a function that checks if the
94 actual SSL_connect fptr is null, and returns a failure if it is, or calls
95 SSL_connect if it isn't.
96
97 This requires a somewhat tedious process of declaring each function we
98 want to call in OpenSSL thrice: once with the q_, in _p.h, once using the
99 DEFINEFUNC macros below, and once in the function that actually resolves
100 the symbols, below the DEFINEFUNC declarations below.
101
102 There's one DEFINEFUNC macro declared for every number of arguments
103 exposed by OpenSSL (feel free to extend when needed). The easiest thing to
104 do is to find an existing entry that matches the arg count of the function
105 you want to import, and do the same.
106
107 The first macro arg is the function return type. The second is the
108 verbatim name of the function/symbol. Then follows a list of N pairs of
109 argument types with a variable name, and just the variable name (char *a,
110 a, char *b, b, etc). Finally there's two arguments - a suitable return
111 statement for the error case (for an int function, return 0 or return -1
112 is usually right). Then either just "return" or DUMMYARG, the latter being
113 for void functions.
114
115 Note: Take into account that these macros and declarations are processed
116 at compile-time, and the result depends on the OpenSSL headers the
117 compiling host has installed, but the symbols are resolved at run-time,
118 possibly with a different version of OpenSSL.
119 */
120
121 #ifndef QT_LINKED_OPENSSL
122
123 namespace {
qsslSocketUnresolvedSymbolWarning(const char * functionName)124 void qsslSocketUnresolvedSymbolWarning(const char *functionName)
125 {
126 qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName);
127 }
128
129 #if QT_CONFIG(library)
qsslSocketCannotResolveSymbolWarning(const char * functionName)130 void qsslSocketCannotResolveSymbolWarning(const char *functionName)
131 {
132 qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName);
133 }
134 #endif
135
136 }
137
138 #endif // QT_LINKED_OPENSSL
139
140 DEFINEFUNC(const unsigned char *, ASN1_STRING_get0_data, const ASN1_STRING *a, a, return nullptr, return)
141 DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return)
142 DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS *settings, settings, return 0, return)
143 DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return nullptr, return)
144 DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return nullptr, return)
145 DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return)
146 DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX *c, c, return 0, return)
147 DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY *a, a, return 0, return)
148 DEFINEFUNC2(EVP_PKEY_CTX *, EVP_PKEY_CTX_new, EVP_PKEY *pkey, pkey, ENGINE *e, e, return nullptr, return)
149 DEFINEFUNC(int, EVP_PKEY_param_check, EVP_PKEY_CTX *ctx, ctx, return 0, return)
150 DEFINEFUNC(void, EVP_PKEY_CTX_free, EVP_PKEY_CTX *ctx, ctx, return, return)
151 DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return)
152 DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return)
153 DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return)
154 DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return)
155 DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK *a, a, void (*b)(void*), b, return, DUMMYARG)
156 DEFINEFUNC(OPENSSL_STACK *, OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return nullptr, return)
157 DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK *a, a, void *b, b, return, DUMMYARG)
158 DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK *a, a, return, DUMMYARG)
159 DEFINEFUNC2(void *, OPENSSL_sk_value, OPENSSL_STACK *a, a, int b, b, return nullptr, return)
160 DEFINEFUNC(int, SSL_session_reused, SSL *a, a, return 0, return)
161 DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, unsigned long op, op, return 0, return)
162 DEFINEFUNC(int, SSL_CTX_get_security_level, const SSL_CTX *ctx, ctx, return -1, return)
163 DEFINEFUNC2(void, SSL_CTX_set_security_level, SSL_CTX *ctx, ctx, int level, level, return, return)
164 #ifdef TLS1_3_VERSION
165 DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX *ctx, ctx, const char *str, str, return 0, return)
166 DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL *ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return, DUMMYARG)
167 DEFINEFUNC2(void, SSL_CTX_sess_set_new_cb, SSL_CTX *ctx, ctx, NewSessionCallback cb, cb, return, return)
168 DEFINEFUNC(int, SSL_SESSION_is_resumable, const SSL_SESSION *s, s, return 0, return)
169 #endif
170 DEFINEFUNC3(size_t, SSL_get_client_random, SSL *a, a, unsigned char *out, out, size_t outlen, outlen, return 0, return)
171 DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION *ses, ses, unsigned char *out, out, size_t outlen, outlen, return 0, return)
172 DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return)
173 DEFINEFUNC2(unsigned long, SSL_set_options, SSL *ssl, ssl, unsigned long op, op, return 0, return)
174
175 DEFINEFUNC(const SSL_METHOD *, TLS_method, DUMMYARG, DUMMYARG, return nullptr, return)
176 DEFINEFUNC(const SSL_METHOD *, TLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
177 DEFINEFUNC(const SSL_METHOD *, TLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
178 DEFINEFUNC(void, X509_up_ref, X509 *a, a, return, DUMMYARG)
179 DEFINEFUNC(ASN1_TIME *, X509_getm_notBefore, X509 *a, a, return nullptr, return)
180 DEFINEFUNC(ASN1_TIME *, X509_getm_notAfter, X509 *a, a, return nullptr, return)
181 DEFINEFUNC(long, X509_get_version, X509 *a, a, return -1, return)
182 DEFINEFUNC(EVP_PKEY *, X509_get_pubkey, X509 *a, a, return nullptr, return)
183 DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE *a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return, DUMMYARG)
184 DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *data, data, return 0, return)
185 DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return)
186 DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return)
187 DEFINEFUNC3(void, CRYPTO_free, void *str, str, const char *file, file, int line, line, return, DUMMYARG)
188 DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return)
189 DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return)
190 DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return)
191 DEFINEFUNC4(void, DH_get0_pqg, const DH *dh, dh, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, DUMMYARG)
192 DEFINEFUNC(int, DH_bits, DH *dh, dh, return 0, return)
193
194 #if QT_CONFIG(dtls)
195 DEFINEFUNC2(int, DTLSv1_listen, SSL *s, s, BIO_ADDR *c, c, return -1, return)
196 DEFINEFUNC(BIO_ADDR *, BIO_ADDR_new, DUMMYARG, DUMMYARG, return nullptr, return)
197 DEFINEFUNC(void, BIO_ADDR_free, BIO_ADDR *ap, ap, return, DUMMYARG)
198 DEFINEFUNC2(BIO_METHOD *, BIO_meth_new, int type, type, const char *name, name, return nullptr, return)
199 DEFINEFUNC(void, BIO_meth_free, BIO_METHOD *biom, biom, return, DUMMYARG)
200 DEFINEFUNC2(int, BIO_meth_set_write, BIO_METHOD *biom, biom, DgramWriteCallback write, write, return 0, return)
201 DEFINEFUNC2(int, BIO_meth_set_read, BIO_METHOD *biom, biom, DgramReadCallback read, read, return 0, return)
202 DEFINEFUNC2(int, BIO_meth_set_puts, BIO_METHOD *biom, biom, DgramPutsCallback puts, puts, return 0, return)
203 DEFINEFUNC2(int, BIO_meth_set_ctrl, BIO_METHOD *biom, biom, DgramCtrlCallback ctrl, ctrl, return 0, return)
204 DEFINEFUNC2(int, BIO_meth_set_create, BIO_METHOD *biom, biom, DgramCreateCallback crt, crt, return 0, return)
205 DEFINEFUNC2(int, BIO_meth_set_destroy, BIO_METHOD *biom, biom, DgramDestroyCallback dtr, dtr, return 0, return)
206 #endif // dtls
207
208 #if QT_CONFIG(ocsp)
209 DEFINEFUNC(const OCSP_CERTID *, OCSP_SINGLERESP_get0_id, const OCSP_SINGLERESP *x, x, return nullptr, return)
210 DEFINEFUNC3(OCSP_RESPONSE *, d2i_OCSP_RESPONSE, OCSP_RESPONSE **a, a, const unsigned char **in, in, long len, len, return nullptr, return)
211 DEFINEFUNC(void, OCSP_RESPONSE_free, OCSP_RESPONSE *rs, rs, return, DUMMYARG)
212 DEFINEFUNC(OCSP_BASICRESP *, OCSP_response_get1_basic, OCSP_RESPONSE *resp, resp, return nullptr, return)
213 DEFINEFUNC(void, OCSP_BASICRESP_free, OCSP_BASICRESP *bs, bs, return, DUMMYARG)
214 DEFINEFUNC(int, OCSP_response_status, OCSP_RESPONSE *resp, resp, return OCSP_RESPONSE_STATUS_INTERNALERROR, return)
215 DEFINEFUNC4(int, OCSP_basic_verify, OCSP_BASICRESP *bs, bs, STACK_OF(X509) *certs, certs, X509_STORE *st, st, unsigned long flags, flags, return -1, return)
216 DEFINEFUNC(int, OCSP_resp_count, OCSP_BASICRESP *bs, bs, return 0, return)
217 DEFINEFUNC2(OCSP_SINGLERESP *, OCSP_resp_get0, OCSP_BASICRESP *bs, bs, int idx, idx, return nullptr, return)
218 DEFINEFUNC5(int, OCSP_single_get0_status, OCSP_SINGLERESP *single, single, int *reason, reason, ASN1_GENERALIZEDTIME **revtime, revtime,
219 ASN1_GENERALIZEDTIME **thisupd, thisupd, ASN1_GENERALIZEDTIME **nextupd, nextupd, return -1, return)
220 DEFINEFUNC4(int, OCSP_check_validity, ASN1_GENERALIZEDTIME *thisupd, thisupd, ASN1_GENERALIZEDTIME *nextupd, nextupd, long nsec, nsec, long maxsec, maxsec, return 0, return)
221 DEFINEFUNC3(OCSP_CERTID *, OCSP_cert_to_id, const EVP_MD *dgst, dgst, X509 *subject, subject, X509 *issuer, issuer, return nullptr, return)
222 DEFINEFUNC(void, OCSP_CERTID_free, OCSP_CERTID *cid, cid, return, DUMMYARG)
223 DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING **piNameHash, piNameHash, ASN1_OBJECT **pmd, pmd,
224 ASN1_OCTET_STRING **piKeyHash, piKeyHash, ASN1_INTEGER **pserial, pserial, OCSP_CERTID *cid, cid,
225 return 0, return)
226 DEFINEFUNC2(OCSP_RESPONSE *, OCSP_response_create, int status, status, OCSP_BASICRESP *bs, bs, return nullptr, return)
227 DEFINEFUNC(const STACK_OF(X509) *, OCSP_resp_get0_certs, const OCSP_BASICRESP *bs, bs, return nullptr, return)
228 DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID *a, a, OCSP_CERTID *b, b, return -1, return)
229 DEFINEFUNC7(OCSP_SINGLERESP *, OCSP_basic_add1_status, OCSP_BASICRESP *r, r, OCSP_CERTID *c, c, int s, s,
230 int re, re, ASN1_TIME *rt, rt, ASN1_TIME *t, t, ASN1_TIME *n, n, return nullptr, return)
231 DEFINEFUNC(OCSP_BASICRESP *, OCSP_BASICRESP_new, DUMMYARG, DUMMYARG, return nullptr, return)
232 DEFINEFUNC2(int, i2d_OCSP_RESPONSE, OCSP_RESPONSE *r, r, unsigned char **ppout, ppout, return 0, return)
233 DEFINEFUNC6(int, OCSP_basic_sign, OCSP_BASICRESP *br, br, X509 *signer, signer, EVP_PKEY *key, key,
234 const EVP_MD *dg, dg, STACK_OF(X509) *cs, cs, unsigned long flags, flags, return 0, return)
235 #endif // ocsp
236
237 DEFINEFUNC2(void, BIO_set_data, BIO *a, a, void *ptr, ptr, return, DUMMYARG)
238 DEFINEFUNC(void *, BIO_get_data, BIO *a, a, return nullptr, return)
239 DEFINEFUNC2(void, BIO_set_init, BIO *a, a, int init, init, return, DUMMYARG)
240 DEFINEFUNC(int, BIO_get_shutdown, BIO *a, a, return -1, return)
241 DEFINEFUNC2(void, BIO_set_shutdown, BIO *a, a, int shut, shut, return, DUMMYARG)
242
243 DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER *a, a, return 0, return)
244 DEFINEFUNC2(int, ASN1_INTEGER_cmp, const ASN1_INTEGER *a, a, const ASN1_INTEGER *b, b, return 1, return)
245 DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING *a, a, return 0, return)
246 DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return)
247 DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return)
248 DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return)
249 DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return nullptr, return)
250 DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return)
251
252 DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return)
253 DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return)
254 DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM *a, a, BN_ULONG w, w, return static_cast<BN_ULONG>(-1), return)
255 #ifndef OPENSSL_NO_EC
256 DEFINEFUNC(const EC_GROUP*, EC_KEY_get0_group, const EC_KEY* k, k, return nullptr, return)
257 DEFINEFUNC(int, EC_GROUP_get_degree, const EC_GROUP* g, g, return 0, return)
258 #endif
259 DEFINEFUNC(DSA *, DSA_new, DUMMYARG, DUMMYARG, return nullptr, return)
260 DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG)
261 DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, const unsigned char **b, b, long c, c, return nullptr, return)
262 DEFINEFUNC2(char *, ERR_error_string, unsigned long a, a, char *b, b, return nullptr, return)
263 DEFINEFUNC3(void, ERR_error_string_n, unsigned long e, e, char *b, b, size_t len, len, return, DUMMYARG)
264 DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return 0, return)
265 DEFINEFUNC(EVP_CIPHER_CTX *, EVP_CIPHER_CTX_new, void, DUMMYARG, return nullptr, return)
266 DEFINEFUNC(void, EVP_CIPHER_CTX_free, EVP_CIPHER_CTX *a, a, return, DUMMYARG)
267 DEFINEFUNC4(int, EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX *ctx, ctx, int type, type, int arg, arg, void *ptr, ptr, return 0, return)
268 DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX *ctx, ctx, int keylen, keylen, return 0, return)
269 DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *type, type, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
270 DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX *ctx, ctx, const EVP_CIPHER *cipher, cipher, ENGINE *impl, impl, const unsigned char *key, key, const unsigned char *iv, iv, int enc, enc, return 0, return)
271 DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, const unsigned char *in, in, int inl, inl, return 0, return)
272 DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX *ctx, ctx, unsigned char *out, out, int *outl, outl, return 0, return)
273 DEFINEFUNC(const EVP_MD *, EVP_get_digestbyname, const char *name, name, return nullptr, return)
274 #ifndef OPENSSL_NO_DES
275 DEFINEFUNC(const EVP_CIPHER *, EVP_des_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
276 DEFINEFUNC(const EVP_CIPHER *, EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
277 #endif
278 #ifndef OPENSSL_NO_RC2
279 DEFINEFUNC(const EVP_CIPHER *, EVP_rc2_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
280 #endif
281 #ifndef OPENSSL_NO_AES
282 DEFINEFUNC(const EVP_CIPHER *, EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
283 DEFINEFUNC(const EVP_CIPHER *, EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
284 DEFINEFUNC(const EVP_CIPHER *, EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return nullptr, return)
285 #endif
286 DEFINEFUNC(const EVP_MD *, EVP_sha1, DUMMYARG, DUMMYARG, return nullptr, return)
287 DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY *a, a, int b, b, char *c, c, return -1, return)
288 DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY *a, a, RSA *b, b, return -1, return)
289 DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY *a, a, DSA *b, b, return -1, return)
290 DEFINEFUNC2(int, EVP_PKEY_set1_DH, EVP_PKEY *a, a, DH *b, b, return -1, return)
291 #ifndef OPENSSL_NO_EC
292 DEFINEFUNC2(int, EVP_PKEY_set1_EC_KEY, EVP_PKEY *a, a, EC_KEY *b, b, return -1, return)
293 #endif
294 DEFINEFUNC2(int, EVP_PKEY_cmp, const EVP_PKEY *a, a, const EVP_PKEY *b, b, return -1, return)
295 DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY *a, a, return, DUMMYARG)
296 DEFINEFUNC(DSA *, EVP_PKEY_get1_DSA, EVP_PKEY *a, a, return nullptr, return)
297 DEFINEFUNC(RSA *, EVP_PKEY_get1_RSA, EVP_PKEY *a, a, return nullptr, return)
298 DEFINEFUNC(DH *, EVP_PKEY_get1_DH, EVP_PKEY *a, a, return nullptr, return)
299 #ifndef OPENSSL_NO_EC
300 DEFINEFUNC(EC_KEY *, EVP_PKEY_get1_EC_KEY, EVP_PKEY *a, a, return nullptr, return)
301 #endif
302 DEFINEFUNC(EVP_PKEY *, EVP_PKEY_new, DUMMYARG, DUMMYARG, return nullptr, return)
303 DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return)
304 DEFINEFUNC2(int, i2d_X509, X509 *a, a, unsigned char **b, b, return -1, return)
305 DEFINEFUNC(const char *, OBJ_nid2sn, int a, a, return nullptr, return)
306 DEFINEFUNC(const char *, OBJ_nid2ln, int a, a, return nullptr, return)
307 DEFINEFUNC(int, OBJ_sn2nid, const char *s, s, return 0, return)
308 DEFINEFUNC(int, OBJ_ln2nid, const char *s, s, return 0, return)
309 DEFINEFUNC3(int, i2t_ASN1_OBJECT, char *a, a, int b, b, ASN1_OBJECT *c, c, return -1, return)
310 DEFINEFUNC4(int, OBJ_obj2txt, char *a, a, int b, b, ASN1_OBJECT *c, c, int d, d, return -1, return)
311 DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT *a, a, return NID_undef, return)
312 DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PrivateKey, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
313 DEFINEFUNC4(DSA *, PEM_read_bio_DSAPrivateKey, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
314 DEFINEFUNC4(RSA *, PEM_read_bio_RSAPrivateKey, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
315
316 #ifndef OPENSSL_NO_EC
317 DEFINEFUNC4(EC_KEY *, PEM_read_bio_ECPrivateKey, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
318 DEFINEFUNC7(int, PEM_write_bio_ECPrivateKey, BIO *a, a, EC_KEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
319 DEFINEFUNC4(EC_KEY *, PEM_read_bio_EC_PUBKEY, BIO *a, a, EC_KEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
320 DEFINEFUNC2(int, PEM_write_bio_EC_PUBKEY, BIO *a, a, EC_KEY *b, b, return 0, return)
321 #endif // OPENSSL_NO_EC
322
323 DEFINEFUNC4(DH *, PEM_read_bio_DHparams, BIO *a, a, DH **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
324 DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO *a, a, DSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
325 DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO *a, a, RSA *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
326 DEFINEFUNC7(int, PEM_write_bio_PrivateKey, BIO *a, a, EVP_PKEY *b, b, const EVP_CIPHER *c, c, unsigned char *d, d, int e, e, pem_password_cb *f, f, void *g, g, return 0, return)
327 DEFINEFUNC4(EVP_PKEY *, PEM_read_bio_PUBKEY, BIO *a, a, EVP_PKEY **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
328 DEFINEFUNC4(DSA *, PEM_read_bio_DSA_PUBKEY, BIO *a, a, DSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
329 DEFINEFUNC4(RSA *, PEM_read_bio_RSA_PUBKEY, BIO *a, a, RSA **b, b, pem_password_cb *c, c, void *d, d, return nullptr, return)
330 DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO *a, a, DSA *b, b, return 0, return)
331 DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO *a, a, RSA *b, b, return 0, return)
332 DEFINEFUNC2(int, PEM_write_bio_PUBKEY, BIO *a, a, EVP_PKEY *b, b, return 0, return)
333 DEFINEFUNC2(void, RAND_seed, const void *a, a, int b, b, return, DUMMYARG)
334 DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -1, return)
335 DEFINEFUNC2(int, RAND_bytes, unsigned char *b, b, int n, n, return 0, return)
336 DEFINEFUNC(RSA *, RSA_new, DUMMYARG, DUMMYARG, return nullptr, return)
337 DEFINEFUNC(void, RSA_free, RSA *a, a, return, DUMMYARG)
338 DEFINEFUNC(int, SSL_accept, SSL *a, a, return -1, return)
339 DEFINEFUNC(int, SSL_clear, SSL *a, a, return -1, return)
340 DEFINEFUNC3(char *, SSL_CIPHER_description, const SSL_CIPHER *a, a, char *b, b, int c, c, return nullptr, return)
341 DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *a, a, int *b, b, return 0, return)
342 DEFINEFUNC(BIO *, SSL_get_rbio, const SSL *s, s, return nullptr, return)
343 DEFINEFUNC(int, SSL_connect, SSL *a, a, return -1, return)
344 DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX *a, a, return -1, return)
345 DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX *a, a, int b, b, long c, c, void *d, d, return -1, return)
346 DEFINEFUNC(void, SSL_CTX_free, SSL_CTX *a, a, return, DUMMYARG)
347 DEFINEFUNC(SSL_CTX *, SSL_CTX_new, const SSL_METHOD *a, a, return nullptr, return)
348 DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX *a, a, const char *b, b, return -1, return)
349 DEFINEFUNC3(long, SSL_CTX_callback_ctrl, SSL_CTX *ctx, ctx, int dst, dst, GenericCallbackType cb, cb, return 0, return)
350 DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX *a, a, return -1, return)
351 DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX *a, a, int b, b, int (*c)(int, X509_STORE_CTX *), c, return, DUMMYARG)
352 DEFINEFUNC2(void, SSL_CTX_set_verify_depth, SSL_CTX *a, a, int b, b, return, DUMMYARG)
353 DEFINEFUNC2(int, SSL_CTX_use_certificate, SSL_CTX *a, a, X509 *b, b, return -1, return)
354 DEFINEFUNC3(int, SSL_CTX_use_certificate_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
355 DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX *a, a, EVP_PKEY *b, b, return -1, return)
356 DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX *a, a, RSA *b, b, return -1, return)
357 DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX *a, a, const char *b, b, int c, c, return -1, return)
358 DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *a, a, return nullptr, return)
359 DEFINEFUNC(SSL_CONF_CTX *, SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return);
360 DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX *a, a, return ,return);
361 DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX *a, a, SSL_CTX *b, b, return, return);
362 DEFINEFUNC2(unsigned int, SSL_CONF_CTX_set_flags, SSL_CONF_CTX *a, a, unsigned int b, b, return 0, return);
363 DEFINEFUNC(int, SSL_CONF_CTX_finish, SSL_CONF_CTX *a, a, return 0, return);
364 DEFINEFUNC3(int, SSL_CONF_cmd, SSL_CONF_CTX *a, a, const char *b, b, const char *c, c, return 0, return);
365 DEFINEFUNC(void, SSL_free, SSL *a, a, return, DUMMYARG)
366 DEFINEFUNC(STACK_OF(SSL_CIPHER) *, SSL_get_ciphers, const SSL *a, a, return nullptr, return)
367 DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr, return)
368 DEFINEFUNC(int, SSL_version, const SSL *a, a, return 0, return)
369 DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return)
370 DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return nullptr, return)
371 DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return nullptr, return)
372 DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return)
373 DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return nullptr, return)
374 DEFINEFUNC(SSL_CTX *, SSL_get_SSL_CTX, SSL *a, a, return nullptr, return)
375 DEFINEFUNC4(long, SSL_ctrl, SSL *a, a, int cmd, cmd, long larg, larg, void *parg, parg, return -1, return)
376 DEFINEFUNC3(int, SSL_read, SSL *a, a, void *b, b, int c, c, return -1, return)
377 DEFINEFUNC3(void, SSL_set_bio, SSL *a, a, BIO *b, b, BIO *c, c, return, DUMMYARG)
378 DEFINEFUNC(void, SSL_set_accept_state, SSL *a, a, return, DUMMYARG)
379 DEFINEFUNC(void, SSL_set_connect_state, SSL *a, a, return, DUMMYARG)
380 DEFINEFUNC(int, SSL_shutdown, SSL *a, a, return -1, return)
381 DEFINEFUNC(int, SSL_in_init, const SSL *a, a, return 0, return)
382 DEFINEFUNC(int, SSL_get_shutdown, const SSL *ssl, ssl, return 0, return)
383 DEFINEFUNC2(int, SSL_set_session, SSL* to, to, SSL_SESSION *session, session, return -1, return)
384 DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION *ses, ses, return, DUMMYARG)
385 DEFINEFUNC(SSL_SESSION*, SSL_get1_session, SSL *ssl, ssl, return nullptr, return)
386 DEFINEFUNC(SSL_SESSION*, SSL_get_session, const SSL *ssl, ssl, return nullptr, return)
387 DEFINEFUNC3(int, SSL_set_ex_data, SSL *ssl, ssl, int idx, idx, void *arg, arg, return 0, return)
388 DEFINEFUNC2(void *, SSL_get_ex_data, const SSL *ssl, ssl, int idx, idx, return nullptr, return)
389
390 #ifndef OPENSSL_NO_PSK
391 DEFINEFUNC2(void, SSL_set_psk_client_callback, SSL* ssl, ssl, q_psk_client_callback_t callback, callback, return, DUMMYARG)
392 DEFINEFUNC2(void, SSL_set_psk_server_callback, SSL* ssl, ssl, q_psk_server_callback_t callback, callback, return, DUMMYARG)
393 DEFINEFUNC2(int, SSL_CTX_use_psk_identity_hint, SSL_CTX* ctx, ctx, const char *hint, hint, return 0, return)
394 #endif // !OPENSSL_NO_PSK
395
396 DEFINEFUNC3(int, SSL_write, SSL *a, a, const void *b, b, int c, c, return -1, return)
397 DEFINEFUNC2(int, X509_cmp, X509 *a, a, X509 *b, b, return -1, return)
398 DEFINEFUNC4(int, X509_digest, const X509 *x509, x509, const EVP_MD *type, type, unsigned char *md, md, unsigned int *len, len, return -1, return)
399 DEFINEFUNC(X509 *, X509_dup, X509 *a, a, return nullptr, return)
400 DEFINEFUNC2(void, X509_print, BIO *a, a, X509 *b, b, return, DUMMYARG);
401 DEFINEFUNC(ASN1_OBJECT *, X509_EXTENSION_get_object, X509_EXTENSION *a, a, return nullptr, return)
402 DEFINEFUNC(void, X509_free, X509 *a, a, return, DUMMYARG)
403 //Q_AUTOTEST_EXPORT ASN1_TIME *q_X509_gmtime_adj(ASN1_TIME *s, long adj);
404 DEFINEFUNC2(ASN1_TIME *, X509_gmtime_adj, ASN1_TIME *s, s, long adj, adj, return nullptr, return)
405 DEFINEFUNC(void, ASN1_TIME_free, ASN1_TIME *t, t, return, DUMMYARG)
406 DEFINEFUNC2(X509_EXTENSION *, X509_get_ext, X509 *a, a, int b, b, return nullptr, return)
407 DEFINEFUNC(int, X509_get_ext_count, X509 *a, a, return 0, return)
408 DEFINEFUNC4(void *, X509_get_ext_d2i, X509 *a, a, int b, b, int *c, c, int *d, d, return nullptr, return)
409 DEFINEFUNC(const X509V3_EXT_METHOD *, X509V3_EXT_get, X509_EXTENSION *a, a, return nullptr, return)
410 DEFINEFUNC(void *, X509V3_EXT_d2i, X509_EXTENSION *a, a, return nullptr, return)
411 DEFINEFUNC(int, X509_EXTENSION_get_critical, X509_EXTENSION *a, a, return 0, return)
412 DEFINEFUNC(ASN1_OCTET_STRING *, X509_EXTENSION_get_data, X509_EXTENSION *a, a, return nullptr, return)
413 DEFINEFUNC(void, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS *a, a, return, DUMMYARG)
414 DEFINEFUNC(void, AUTHORITY_KEYID_free, AUTHORITY_KEYID *a, a, return, DUMMYARG)
415 DEFINEFUNC(void, GENERAL_NAME_free, GENERAL_NAME *a, a, return, DUMMYARG)
416 DEFINEFUNC2(int, ASN1_STRING_print, BIO *a, a, const ASN1_STRING *b, b, return 0, return)
417 DEFINEFUNC2(int, X509_check_issued, X509 *a, a, X509 *b, b, return -1, return)
418 DEFINEFUNC(X509_NAME *, X509_get_issuer_name, X509 *a, a, return nullptr, return)
419 DEFINEFUNC(X509_NAME *, X509_get_subject_name, X509 *a, a, return nullptr, return)
420 DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *a, a, return nullptr, return)
421 DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX *a, a, return -1, return)
422 DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME *a, a, return 0, return)
423 DEFINEFUNC2(X509_NAME_ENTRY *, X509_NAME_get_entry, X509_NAME *a, a, int b, b, return nullptr, return)
424 DEFINEFUNC(ASN1_STRING *, X509_NAME_ENTRY_get_data, X509_NAME_ENTRY *a, a, return nullptr, return)
425 DEFINEFUNC(ASN1_OBJECT *, X509_NAME_ENTRY_get_object, X509_NAME_ENTRY *a, a, return nullptr, return)
426 DEFINEFUNC(EVP_PKEY *, X509_PUBKEY_get, X509_PUBKEY *a, a, return nullptr, return)
427 DEFINEFUNC(void, X509_STORE_free, X509_STORE *a, a, return, DUMMYARG)
428 DEFINEFUNC(X509_STORE *, X509_STORE_new, DUMMYARG, DUMMYARG, return nullptr, return)
429 DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, return)
430 DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG)
431 DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return)
432 DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return)
433 DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return)
434 DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return)
435 DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return nullptr, return)
436 DEFINEFUNC(X509_STORE *, X509_STORE_CTX_get0_store, X509_STORE_CTX *ctx, ctx, return nullptr, return)
437 DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return nullptr, return)
438 DEFINEFUNC2(void *, X509_STORE_CTX_get_ex_data, X509_STORE_CTX *ctx, ctx, int idx, idx, return nullptr, return)
439 DEFINEFUNC(int, SSL_get_ex_data_X509_STORE_CTX_idx, DUMMYARG, DUMMYARG, return -1, return)
440
441 #if OPENSSL_VERSION_MAJOR < 3
442 DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return)
443 #else
444 DEFINEFUNC2(int, SSL_CTX_load_verify_dir, SSL_CTX *ctx, ctx, const char *CApath, CApath, return 0, return)
445 #endif // OPENSSL_VERSION_MAJOR
446
447 DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION *in, in, unsigned char **pp, pp, return 0, return)
448 DEFINEFUNC3(SSL_SESSION *, d2i_SSL_SESSION, SSL_SESSION **a, a, const unsigned char **pp, pp, long length, length, return nullptr, return)
449
450 #ifndef OPENSSL_NO_NEXTPROTONEG
451 DEFINEFUNC6(int, SSL_select_next_proto, unsigned char **out, out, unsigned char *outlen, outlen,
452 const unsigned char *in, in, unsigned int inlen, inlen,
453 const unsigned char *client, client, unsigned int client_len, client_len,
454 return -1, return)
455 DEFINEFUNC3(void, SSL_CTX_set_next_proto_select_cb, SSL_CTX *s, s,
456 int (*cb) (SSL *ssl, unsigned char **out,
457 unsigned char *outlen,
458 const unsigned char *in,
459 unsigned int inlen, void *arg), cb,
460 void *arg, arg, return, DUMMYARG)
461 DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s,
462 const unsigned char **data, data, unsigned *len, len, return, DUMMYARG)
463 DEFINEFUNC3(int, SSL_set_alpn_protos, SSL *s, s, const unsigned char *protos, protos,
464 unsigned protos_len, protos_len, return -1, return)
465 DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s,
466 int (*cb) (SSL *ssl, const unsigned char **out,
467 unsigned char *outlen,
468 const unsigned char *in,
469 unsigned int inlen, void *arg), cb,
470 void *arg, arg, return, DUMMYARG)
471 DEFINEFUNC3(void, SSL_get0_alpn_selected, const SSL *s, s, const unsigned char **data, data,
472 unsigned *len, len, return, DUMMYARG)
473 #endif // !OPENSSL_NO_NEXTPROTONEG
474
475 // DTLS:
476 #if QT_CONFIG(dtls)
477 DEFINEFUNC2(void, SSL_CTX_set_cookie_generate_cb, SSL_CTX *ctx, ctx, CookieGenerateCallback cb, cb, return, DUMMYARG)
478 DEFINEFUNC2(void, SSL_CTX_set_cookie_verify_cb, SSL_CTX *ctx, ctx, CookieVerifyCallback cb, cb, return, DUMMYARG)
479 DEFINEFUNC(const SSL_METHOD *, DTLS_server_method, DUMMYARG, DUMMYARG, return nullptr, return)
480 DEFINEFUNC(const SSL_METHOD *, DTLS_client_method, DUMMYARG, DUMMYARG, return nullptr, return)
481 #endif // dtls
482 DEFINEFUNC2(void, BIO_set_flags, BIO *b, b, int flags, flags, return, DUMMYARG)
483 DEFINEFUNC2(void, BIO_clear_flags, BIO *b, b, int flags, flags, return, DUMMYARG)
484 DEFINEFUNC2(void *, BIO_get_ex_data, BIO *b, b, int idx, idx, return nullptr, return)
485 DEFINEFUNC3(int, BIO_set_ex_data, BIO *b, b, int idx, idx, void *data, data, return -1, return)
486
487 DEFINEFUNC3(void *, CRYPTO_malloc, size_t num, num, const char *file, file, int line, line, return nullptr, return)
488 DEFINEFUNC(DH *, DH_new, DUMMYARG, DUMMYARG, return nullptr, return)
489 DEFINEFUNC(void, DH_free, DH *dh, dh, return, DUMMYARG)
490 DEFINEFUNC3(DH *, d2i_DHparams, DH**a, a, const unsigned char **pp, pp, long length, length, return nullptr, return)
491 DEFINEFUNC2(int, i2d_DHparams, DH *a, a, unsigned char **p, p, return -1, return)
492 #ifndef OPENSSL_NO_DEPRECATED_3_0
493 DEFINEFUNC2(int, DH_check, DH *dh, dh, int *codes, codes, return 0, return)
494 #endif // OPENSSL_NO_DEPRECATED_3_0
495 DEFINEFUNC3(BIGNUM *, BN_bin2bn, const unsigned char *s, s, int len, len, BIGNUM *ret, ret, return nullptr, return)
496
497 #ifndef OPENSSL_NO_EC
498 DEFINEFUNC(EC_KEY *, EC_KEY_dup, const EC_KEY *ec, ec, return nullptr, return)
499 DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return nullptr, return)
500 DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG)
501 DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return)
502 DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return)
503 #endif // OPENSSL_NO_EC
504
505 DEFINEFUNC5(int, PKCS12_parse, PKCS12 *p12, p12, const char *pass, pass, EVP_PKEY **pkey, pkey, \
506 X509 **cert, cert, STACK_OF(X509) **ca, ca, return 1, return);
507 DEFINEFUNC2(PKCS12 *, d2i_PKCS12_bio, BIO *bio, bio, PKCS12 **pkcs12, pkcs12, return nullptr, return);
DEFINEFUNC(void,PKCS12_free,PKCS12 * pkcs12,pkcs12,return,DUMMYARG)508 DEFINEFUNC(void, PKCS12_free, PKCS12 *pkcs12, pkcs12, return, DUMMYARG)
509
510 #define RESOLVEFUNC(func) \
511 if (!(_q_##func = _q_PTR_##func(libs.ssl->resolve(#func))) \
512 && !(_q_##func = _q_PTR_##func(libs.crypto->resolve(#func)))) \
513 qsslSocketCannotResolveSymbolWarning(#func);
514
515 #if !defined QT_LINKED_OPENSSL
516
517 #if !QT_CONFIG(library)
518 bool q_resolveOpenSslSymbols()
519 {
520 qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the "
521 "'library' feature, which means runtime resolving of libraries won't work.");
522 qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving "
523 "of libraries.");
524 return false;
525 }
526 #else
527
528 # ifdef Q_OS_UNIX
529 struct NumericallyLess
530 {
531 typedef bool result_type;
532 result_type operator()(const QStringRef &lhs, const QStringRef &rhs) const
533 {
534 bool ok = false;
535 int b = 0;
536 int a = lhs.toInt(&ok);
537 if (ok)
538 b = rhs.toInt(&ok);
539 if (ok) {
540 // both toInt succeeded
541 return a < b;
542 } else {
543 // compare as strings;
544 return lhs < rhs;
545 }
546 }
547 };
548
549 struct LibGreaterThan
550 {
551 typedef bool result_type;
552 result_type operator()(const QString &lhs, const QString &rhs) const
553 {
554 const QVector<QStringRef> lhsparts = lhs.splitRef(QLatin1Char('.'));
555 const QVector<QStringRef> rhsparts = rhs.splitRef(QLatin1Char('.'));
556 Q_ASSERT(lhsparts.count() > 1 && rhsparts.count() > 1);
557
558 // note: checking rhs < lhs, the same as lhs > rhs
559 return std::lexicographical_compare(rhsparts.begin() + 1, rhsparts.end(),
560 lhsparts.begin() + 1, lhsparts.end(),
561 NumericallyLess());
562 }
563 };
564
565 #if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
566 static int dlIterateCallback(struct dl_phdr_info *info, size_t size, void *data)
567 {
568 if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name))
569 return 1;
570 QSet<QString> *paths = (QSet<QString> *)data;
571 QString path = QString::fromLocal8Bit(info->dlpi_name);
572 if (!path.isEmpty()) {
573 QFileInfo fi(path);
574 path = fi.absolutePath();
575 if (!path.isEmpty())
576 paths->insert(path);
577 }
578 return 0;
579 }
580 #endif
581
582 static QStringList libraryPathList()
583 {
584 QStringList paths;
585 # ifdef Q_OS_DARWIN
586 paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH"))
587 .split(QLatin1Char(':'), Qt::SkipEmptyParts);
588
589 // search in .app/Contents/Frameworks
590 UInt32 packageType;
591 CFBundleGetPackageInfo(CFBundleGetMainBundle(), &packageType, nullptr);
592 if (packageType == FOUR_CHAR_CODE('APPL')) {
593 QUrl bundleUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyBundleURL(CFBundleGetMainBundle())));
594 QUrl frameworksUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyPrivateFrameworksURL(CFBundleGetMainBundle())));
595 paths << bundleUrl.resolved(frameworksUrl).path();
596 }
597 # else
598 paths = QString::fromLatin1(qgetenv("LD_LIBRARY_PATH"))
599 .split(QLatin1Char(':'), Qt::SkipEmptyParts);
600 # endif
601 paths << QLatin1String("/lib") << QLatin1String("/usr/lib") << QLatin1String("/usr/local/lib");
602 paths << QLatin1String("/lib64") << QLatin1String("/usr/lib64") << QLatin1String("/usr/local/lib64");
603 paths << QLatin1String("/lib32") << QLatin1String("/usr/lib32") << QLatin1String("/usr/local/lib32");
604
605 #if defined(Q_OS_ANDROID)
606 paths << QLatin1String("/system/lib");
607 #elif defined(Q_OS_LINUX)
608 // discover paths of already loaded libraries
609 QSet<QString> loadedPaths;
610 dl_iterate_phdr(dlIterateCallback, &loadedPaths);
611 paths.append(loadedPaths.values());
612 #endif
613
614 return paths;
615 }
616
617 Q_NEVER_INLINE
618 static QStringList findAllLibs(QLatin1String filter)
619 {
620 const QStringList paths = libraryPathList();
621 QStringList found;
622 const QStringList filters((QString(filter)));
623
624 for (const QString &path : paths) {
625 QDir dir(path);
626 QStringList entryList = dir.entryList(filters, QDir::Files);
627
628 std::sort(entryList.begin(), entryList.end(), LibGreaterThan());
629 for (const QString &entry : qAsConst(entryList))
630 found << path + QLatin1Char('/') + entry;
631 }
632
633 return found;
634 }
635
636 static QStringList findAllLibSsl()
637 {
638 return findAllLibs(QLatin1String("libssl.*"));
639 }
640
641 static QStringList findAllLibCrypto()
642 {
643 return findAllLibs(QLatin1String("libcrypto.*"));
644 }
645 # endif
646
647 #ifdef Q_OS_WIN
648
649 struct LoadedOpenSsl {
650 std::unique_ptr<QSystemLibrary> ssl, crypto;
651 };
652
653 static bool tryToLoadOpenSslWin32Library(QLatin1String ssleay32LibName, QLatin1String libeay32LibName, LoadedOpenSsl &result)
654 {
655 auto ssleay32 = qt_make_unique<QSystemLibrary>(ssleay32LibName);
656 if (!ssleay32->load(false)) {
657 return FALSE;
658 }
659
660 auto libeay32 = qt_make_unique<QSystemLibrary>(libeay32LibName);
661 if (!libeay32->load(false)) {
662 return FALSE;
663 }
664
665 result.ssl = std::move(ssleay32);
666 result.crypto = std::move(libeay32);
667 return TRUE;
668 }
669
670 static LoadedOpenSsl loadOpenSsl()
671 {
672 LoadedOpenSsl result;
673
674 // With OpenSSL 1.1 the names have changed to libssl-1_1(-x64) and libcrypto-1_1(-x64), for builds using
675 // MSVC and GCC, (-x64 suffix for 64-bit builds).
676
677 #ifdef Q_PROCESSOR_X86_64
678 #define QT_SSL_SUFFIX "-x64"
679 #else // !Q_PROCESSOFR_X86_64
680 #define QT_SSL_SUFFIX
681 #endif // !Q_PROCESSOR_x86_64
682
683 tryToLoadOpenSslWin32Library(QLatin1String("libssl-1_1" QT_SSL_SUFFIX),
684 QLatin1String("libcrypto-1_1" QT_SSL_SUFFIX), result);
685
686 #undef QT_SSL_SUFFIX
687 return result;
688 }
689 #else
690
691 struct LoadedOpenSsl {
692 std::unique_ptr<QLibrary> ssl, crypto;
693 };
694
695 static LoadedOpenSsl loadOpenSsl()
696 {
697 LoadedOpenSsl result = {qt_make_unique<QLibrary>(), qt_make_unique<QLibrary>()};
698
699 # if defined(Q_OS_UNIX)
700 QLibrary * const libssl = result.ssl.get();
701 QLibrary * const libcrypto = result.crypto.get();
702
703 // Try to find the libssl library on the system.
704 //
705 // Up until Qt 4.3, this only searched for the "ssl" library at version -1, that
706 // is, libssl.so on most Unix systems. However, the .so file isn't present in
707 // user installations because it's considered a development file.
708 //
709 // The right thing to do is to load the library at the major version we know how
710 // to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h)
711 //
712 // However, OpenSSL is a well-known case of binary-compatibility breakage. To
713 // avoid such problems, many system integrators and Linux distributions change
714 // the soname of the binary, letting the full version number be the soname. So
715 // we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that
716 // reason, we will search a few common paths (see findAllLibSsl() above) in hopes
717 // we find one that works.
718 //
719 // If that fails, for OpenSSL 1.0 we also try some fallbacks -- look up
720 // libssl.so with a hardcoded soname. The reason is QTBUG-68156: the binary
721 // builds of Qt happen (at the time of this writing) on RHEL machines,
722 // which change SHLIB_VERSION_NUMBER to a non-portable string. When running
723 // those binaries on the target systems, this code won't pick up
724 // libssl.so.MODIFIED_SHLIB_VERSION_NUMBER because it doesn't exist there.
725 // Given that the only 1.0 supported release (at the time of this writing)
726 // is 1.0.2, with soname "1.0.0", give that a try too. Note that we mandate
727 // OpenSSL >= 1.0.0 with a configure-time check, and OpenSSL has kept binary
728 // compatibility between 1.0.0 and 1.0.2.
729 //
730 // It is important, however, to try the canonical name and the unversioned name
731 // without going through the loop. By not specifying a path, we let the system
732 // dlopen(3) function determine it for us. This will include any DT_RUNPATH or
733 // DT_RPATH tags on our library header as well as other system-specific search
734 // paths. See the man page for dlopen(3) on your system for more information.
735
736 #ifdef Q_OS_OPENBSD
737 libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
738 #endif
739 #if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
740 // first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
741 libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
742 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
743 if (libcrypto->load() && libssl->load()) {
744 // libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
745 return result;
746 } else {
747 libssl->unload();
748 libcrypto->unload();
749 }
750 #endif
751
752 #ifndef Q_OS_DARWIN
753 // second attempt: find the development files libssl.so and libcrypto.so
754 //
755 // disabled on macOS/iOS:
756 // macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
757 // attempt, _after_ <bundle>/Contents/Frameworks has been searched.
758 // iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
759 # if defined(Q_OS_ANDROID)
760 // OpenSSL 1.1.x must be suffixed otherwise it will use the system libcrypto.so libssl.so which on API-21 are OpenSSL 1.0 not 1.1
761 auto openSSLSuffix = [](const QByteArray &defaultSuffix = {}) {
762 auto suffix = qgetenv("ANDROID_OPENSSL_SUFFIX");
763 if (suffix.isEmpty())
764 return defaultSuffix;
765 return suffix;
766 };
767
768 static QString suffix = QString::fromLatin1(openSSLSuffix("_1_1"));
769
770 libssl->setFileNameAndVersion(QLatin1String("ssl") + suffix, -1);
771 libcrypto->setFileNameAndVersion(QLatin1String("crypto") + suffix, -1);
772 # else
773 libssl->setFileNameAndVersion(QLatin1String("ssl"), -1);
774 libcrypto->setFileNameAndVersion(QLatin1String("crypto"), -1);
775 # endif
776 if (libcrypto->load() && libssl->load()) {
777 // libssl.so.0 and libcrypto.so.0 found
778 return result;
779 } else {
780 libssl->unload();
781 libcrypto->unload();
782 }
783 #endif
784
785 // third attempt: loop on the most common library paths and find libssl
786 const QStringList sslList = findAllLibSsl();
787 const QStringList cryptoList = findAllLibCrypto();
788
789 for (const QString &crypto : cryptoList) {
790 libcrypto->setFileNameAndVersion(crypto, -1);
791 if (libcrypto->load()) {
792 QFileInfo fi(crypto);
793 QString version = fi.completeSuffix();
794
795 for (const QString &ssl : sslList) {
796 if (!ssl.endsWith(version))
797 continue;
798
799 libssl->setFileNameAndVersion(ssl, -1);
800
801 if (libssl->load()) {
802 // libssl.so.x and libcrypto.so.x found
803 return result;
804 } else {
805 libssl->unload();
806 }
807 }
808 }
809 libcrypto->unload();
810 }
811
812 // failed to load anything
813 result = {};
814 return result;
815
816 # else
817 // not implemented for this platform yet
818 return result;
819 # endif
820 }
821 #endif
822
823 static QBasicMutex symbolResolveMutex;
824 static QBasicAtomicInt symbolsResolved = Q_BASIC_ATOMIC_INITIALIZER(false);
825 static bool triedToResolveSymbols = false;
826
827 bool q_resolveOpenSslSymbols()
828 {
829 if (symbolsResolved.loadAcquire())
830 return true;
831 QMutexLocker locker(&symbolResolveMutex);
832 if (symbolsResolved.loadRelaxed())
833 return true;
834 if (triedToResolveSymbols)
835 return false;
836 triedToResolveSymbols = true;
837
838 LoadedOpenSsl libs = loadOpenSsl();
839 if (!libs.ssl || !libs.crypto)
840 // failed to load them
841 return false;
842
843 RESOLVEFUNC(OPENSSL_init_ssl)
844 RESOLVEFUNC(OPENSSL_init_crypto)
845 RESOLVEFUNC(ASN1_STRING_get0_data)
846 RESOLVEFUNC(EVP_CIPHER_CTX_reset)
847 RESOLVEFUNC(EVP_PKEY_up_ref)
848 RESOLVEFUNC(EVP_PKEY_CTX_new)
849 RESOLVEFUNC(EVP_PKEY_param_check)
850 RESOLVEFUNC(EVP_PKEY_CTX_free)
851 RESOLVEFUNC(EVP_PKEY_base_id)
852 RESOLVEFUNC(RSA_bits)
853 RESOLVEFUNC(OPENSSL_sk_new_null)
854 RESOLVEFUNC(OPENSSL_sk_push)
855 RESOLVEFUNC(OPENSSL_sk_free)
856 RESOLVEFUNC(OPENSSL_sk_num)
857 RESOLVEFUNC(OPENSSL_sk_pop_free)
858 RESOLVEFUNC(OPENSSL_sk_value)
859 RESOLVEFUNC(DH_get0_pqg)
860 RESOLVEFUNC(SSL_CTX_set_options)
861 RESOLVEFUNC(SSL_CTX_get_security_level)
862 RESOLVEFUNC(SSL_CTX_set_security_level)
863 #ifdef TLS1_3_VERSION
864 RESOLVEFUNC(SSL_CTX_set_ciphersuites)
865 RESOLVEFUNC(SSL_set_psk_use_session_callback)
866 RESOLVEFUNC(SSL_CTX_sess_set_new_cb)
867 RESOLVEFUNC(SSL_SESSION_is_resumable)
868 #endif // TLS 1.3 or OpenSSL > 1.1.1
869
870 RESOLVEFUNC(SSL_get_client_random)
871 RESOLVEFUNC(SSL_SESSION_get_master_key)
872 RESOLVEFUNC(SSL_session_reused)
873 RESOLVEFUNC(SSL_get_session)
874 RESOLVEFUNC(SSL_set_options)
875 RESOLVEFUNC(CRYPTO_get_ex_new_index)
876 RESOLVEFUNC(TLS_method)
877 RESOLVEFUNC(TLS_client_method)
878 RESOLVEFUNC(TLS_server_method)
879 RESOLVEFUNC(X509_up_ref)
880 RESOLVEFUNC(X509_STORE_CTX_get0_chain)
881 RESOLVEFUNC(X509_getm_notBefore)
882 RESOLVEFUNC(X509_getm_notAfter)
883 RESOLVEFUNC(X509_get_version)
884 RESOLVEFUNC(X509_get_pubkey)
885 RESOLVEFUNC(X509_STORE_set_verify_cb)
886 RESOLVEFUNC(X509_STORE_set_ex_data)
887 RESOLVEFUNC(X509_STORE_get_ex_data)
888 RESOLVEFUNC(CRYPTO_free)
889 RESOLVEFUNC(OpenSSL_version_num)
890 RESOLVEFUNC(OpenSSL_version)
891
892 if (!_q_OpenSSL_version) {
893 // Apparently, we were built with OpenSSL 1.1 enabled but are now using
894 // a wrong library.
895 qCWarning(lcSsl, "Incompatible version of OpenSSL");
896 return false;
897 }
898
899 RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint)
900 RESOLVEFUNC(DH_bits)
901 RESOLVEFUNC(DSA_bits)
902
903 #if QT_CONFIG(dtls)
904 RESOLVEFUNC(DTLSv1_listen)
905 RESOLVEFUNC(BIO_ADDR_new)
906 RESOLVEFUNC(BIO_ADDR_free)
907 RESOLVEFUNC(BIO_meth_new)
908 RESOLVEFUNC(BIO_meth_free)
909 RESOLVEFUNC(BIO_meth_set_write)
910 RESOLVEFUNC(BIO_meth_set_read)
911 RESOLVEFUNC(BIO_meth_set_puts)
912 RESOLVEFUNC(BIO_meth_set_ctrl)
913 RESOLVEFUNC(BIO_meth_set_create)
914 RESOLVEFUNC(BIO_meth_set_destroy)
915 #endif // dtls
916
917 #if QT_CONFIG(ocsp)
918 RESOLVEFUNC(OCSP_SINGLERESP_get0_id)
919 RESOLVEFUNC(d2i_OCSP_RESPONSE)
920 RESOLVEFUNC(OCSP_RESPONSE_free)
921 RESOLVEFUNC(OCSP_response_status)
922 RESOLVEFUNC(OCSP_response_get1_basic)
923 RESOLVEFUNC(OCSP_BASICRESP_free)
924 RESOLVEFUNC(OCSP_basic_verify)
925 RESOLVEFUNC(OCSP_resp_count)
926 RESOLVEFUNC(OCSP_resp_get0)
927 RESOLVEFUNC(OCSP_single_get0_status)
928 RESOLVEFUNC(OCSP_check_validity)
929 RESOLVEFUNC(OCSP_cert_to_id)
930 RESOLVEFUNC(OCSP_id_get0_info)
931 RESOLVEFUNC(OCSP_resp_get0_certs)
932 RESOLVEFUNC(OCSP_basic_sign)
933 RESOLVEFUNC(OCSP_response_create)
934 RESOLVEFUNC(i2d_OCSP_RESPONSE)
935 RESOLVEFUNC(OCSP_basic_add1_status)
936 RESOLVEFUNC(OCSP_BASICRESP_new)
937 RESOLVEFUNC(OCSP_CERTID_free)
938 RESOLVEFUNC(OCSP_cert_to_id)
939 RESOLVEFUNC(OCSP_id_cmp)
940 #endif // ocsp
941
942 RESOLVEFUNC(BIO_set_data)
943 RESOLVEFUNC(BIO_get_data)
944 RESOLVEFUNC(BIO_set_init)
945 RESOLVEFUNC(BIO_get_shutdown)
946 RESOLVEFUNC(BIO_set_shutdown)
947 RESOLVEFUNC(ASN1_INTEGER_get)
948 RESOLVEFUNC(ASN1_INTEGER_cmp)
949 RESOLVEFUNC(ASN1_STRING_length)
950 RESOLVEFUNC(ASN1_STRING_to_UTF8)
951 RESOLVEFUNC(BIO_ctrl)
952 RESOLVEFUNC(BIO_free)
953 RESOLVEFUNC(BIO_new)
954 RESOLVEFUNC(BIO_new_mem_buf)
955 RESOLVEFUNC(BIO_read)
956 RESOLVEFUNC(BIO_s_mem)
957 RESOLVEFUNC(BIO_write)
958 RESOLVEFUNC(BIO_set_flags)
959 RESOLVEFUNC(BIO_clear_flags)
960 RESOLVEFUNC(BIO_set_ex_data)
961 RESOLVEFUNC(BIO_get_ex_data)
962
963 #ifndef OPENSSL_NO_EC
964 RESOLVEFUNC(EC_KEY_get0_group)
965 RESOLVEFUNC(EC_GROUP_get_degree)
966 #endif
967 RESOLVEFUNC(BN_num_bits)
968 RESOLVEFUNC(BN_is_word)
969 RESOLVEFUNC(BN_mod_word)
970 RESOLVEFUNC(DSA_new)
971 RESOLVEFUNC(DSA_free)
972 RESOLVEFUNC(ERR_error_string)
973 RESOLVEFUNC(ERR_error_string_n)
974 RESOLVEFUNC(ERR_get_error)
975 RESOLVEFUNC(EVP_CIPHER_CTX_new)
976 RESOLVEFUNC(EVP_CIPHER_CTX_free)
977 RESOLVEFUNC(EVP_CIPHER_CTX_ctrl)
978 RESOLVEFUNC(EVP_CIPHER_CTX_set_key_length)
979 RESOLVEFUNC(EVP_CipherInit)
980 RESOLVEFUNC(EVP_CipherInit_ex)
981 RESOLVEFUNC(EVP_CipherUpdate)
982 RESOLVEFUNC(EVP_CipherFinal)
983 RESOLVEFUNC(EVP_get_digestbyname)
984 #ifndef OPENSSL_NO_DES
985 RESOLVEFUNC(EVP_des_cbc)
986 RESOLVEFUNC(EVP_des_ede3_cbc)
987 #endif
988 #ifndef OPENSSL_NO_RC2
989 RESOLVEFUNC(EVP_rc2_cbc)
990 #endif
991 #ifndef OPENSSL_NO_AES
992 RESOLVEFUNC(EVP_aes_128_cbc)
993 RESOLVEFUNC(EVP_aes_192_cbc)
994 RESOLVEFUNC(EVP_aes_256_cbc)
995 #endif
996 RESOLVEFUNC(EVP_sha1)
997 RESOLVEFUNC(EVP_PKEY_assign)
998 RESOLVEFUNC(EVP_PKEY_set1_RSA)
999 RESOLVEFUNC(EVP_PKEY_set1_DSA)
1000 RESOLVEFUNC(EVP_PKEY_set1_DH)
1001
1002 #ifndef OPENSSL_NO_EC
1003 RESOLVEFUNC(EVP_PKEY_set1_EC_KEY)
1004 RESOLVEFUNC(EVP_PKEY_get1_EC_KEY)
1005 RESOLVEFUNC(PEM_read_bio_ECPrivateKey)
1006 RESOLVEFUNC(PEM_write_bio_ECPrivateKey)
1007 RESOLVEFUNC(PEM_read_bio_EC_PUBKEY)
1008 RESOLVEFUNC(PEM_write_bio_EC_PUBKEY)
1009 #endif // OPENSSL_NO_EC
1010
1011 RESOLVEFUNC(EVP_PKEY_cmp)
1012 RESOLVEFUNC(EVP_PKEY_free)
1013 RESOLVEFUNC(EVP_PKEY_get1_DSA)
1014 RESOLVEFUNC(EVP_PKEY_get1_RSA)
1015 RESOLVEFUNC(EVP_PKEY_get1_DH)
1016 RESOLVEFUNC(EVP_PKEY_new)
1017 RESOLVEFUNC(EVP_PKEY_type)
1018 RESOLVEFUNC(OBJ_nid2sn)
1019 RESOLVEFUNC(OBJ_nid2ln)
1020 RESOLVEFUNC(OBJ_sn2nid)
1021 RESOLVEFUNC(OBJ_ln2nid)
1022 RESOLVEFUNC(i2t_ASN1_OBJECT)
1023 RESOLVEFUNC(OBJ_obj2txt)
1024 RESOLVEFUNC(OBJ_obj2nid)
1025 RESOLVEFUNC(PEM_read_bio_PrivateKey)
1026 RESOLVEFUNC(PEM_read_bio_DSAPrivateKey)
1027 RESOLVEFUNC(PEM_read_bio_RSAPrivateKey)
1028 RESOLVEFUNC(PEM_read_bio_DHparams)
1029 RESOLVEFUNC(PEM_write_bio_DSAPrivateKey)
1030 RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
1031 RESOLVEFUNC(PEM_write_bio_PrivateKey)
1032 RESOLVEFUNC(PEM_read_bio_PUBKEY)
1033 RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY)
1034 RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY)
1035 RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY)
1036 RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY)
1037 RESOLVEFUNC(PEM_write_bio_PUBKEY)
1038 RESOLVEFUNC(RAND_seed)
1039 RESOLVEFUNC(RAND_status)
1040 RESOLVEFUNC(RAND_bytes)
1041 RESOLVEFUNC(RSA_new)
1042 RESOLVEFUNC(RSA_free)
1043 RESOLVEFUNC(SSL_CIPHER_description)
1044 RESOLVEFUNC(SSL_CIPHER_get_bits)
1045 RESOLVEFUNC(SSL_get_rbio)
1046 RESOLVEFUNC(SSL_CTX_check_private_key)
1047 RESOLVEFUNC(SSL_CTX_ctrl)
1048 RESOLVEFUNC(SSL_CTX_free)
1049 RESOLVEFUNC(SSL_CTX_new)
1050 RESOLVEFUNC(SSL_CTX_set_cipher_list)
1051 RESOLVEFUNC(SSL_CTX_callback_ctrl)
1052 RESOLVEFUNC(SSL_CTX_set_default_verify_paths)
1053 RESOLVEFUNC(SSL_CTX_set_verify)
1054 RESOLVEFUNC(SSL_CTX_set_verify_depth)
1055 RESOLVEFUNC(SSL_CTX_use_certificate)
1056 RESOLVEFUNC(SSL_CTX_use_certificate_file)
1057 RESOLVEFUNC(SSL_CTX_use_PrivateKey)
1058 RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
1059 RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
1060 RESOLVEFUNC(SSL_CTX_get_cert_store);
1061 RESOLVEFUNC(SSL_CONF_CTX_new);
1062 RESOLVEFUNC(SSL_CONF_CTX_free);
1063 RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx);
1064 RESOLVEFUNC(SSL_CONF_CTX_set_flags);
1065 RESOLVEFUNC(SSL_CONF_CTX_finish);
1066 RESOLVEFUNC(SSL_CONF_cmd);
1067 RESOLVEFUNC(SSL_accept)
1068 RESOLVEFUNC(SSL_clear)
1069 RESOLVEFUNC(SSL_connect)
1070 RESOLVEFUNC(SSL_free)
1071 RESOLVEFUNC(SSL_get_ciphers)
1072 RESOLVEFUNC(SSL_get_current_cipher)
1073 RESOLVEFUNC(SSL_version)
1074 RESOLVEFUNC(SSL_get_error)
1075 RESOLVEFUNC(SSL_get_peer_cert_chain)
1076 RESOLVEFUNC(SSL_get_peer_certificate)
1077 RESOLVEFUNC(SSL_get_verify_result)
1078 RESOLVEFUNC(SSL_new)
1079 RESOLVEFUNC(SSL_get_SSL_CTX)
1080 RESOLVEFUNC(SSL_ctrl)
1081 RESOLVEFUNC(SSL_read)
1082 RESOLVEFUNC(SSL_set_accept_state)
1083 RESOLVEFUNC(SSL_set_bio)
1084 RESOLVEFUNC(SSL_set_connect_state)
1085 RESOLVEFUNC(SSL_shutdown)
1086 RESOLVEFUNC(SSL_in_init)
1087 RESOLVEFUNC(SSL_get_shutdown)
1088 RESOLVEFUNC(SSL_set_session)
1089 RESOLVEFUNC(SSL_SESSION_free)
1090 RESOLVEFUNC(SSL_get1_session)
1091 RESOLVEFUNC(SSL_get_session)
1092 RESOLVEFUNC(SSL_set_ex_data)
1093 RESOLVEFUNC(SSL_get_ex_data)
1094 RESOLVEFUNC(SSL_get_ex_data_X509_STORE_CTX_idx)
1095
1096 #ifndef OPENSSL_NO_PSK
1097 RESOLVEFUNC(SSL_set_psk_client_callback)
1098 RESOLVEFUNC(SSL_set_psk_server_callback)
1099 RESOLVEFUNC(SSL_CTX_use_psk_identity_hint)
1100 #endif // !OPENSSL_NO_PSK
1101
1102 RESOLVEFUNC(SSL_write)
1103 RESOLVEFUNC(X509_NAME_entry_count)
1104 RESOLVEFUNC(X509_NAME_get_entry)
1105 RESOLVEFUNC(X509_NAME_ENTRY_get_data)
1106 RESOLVEFUNC(X509_NAME_ENTRY_get_object)
1107 RESOLVEFUNC(X509_PUBKEY_get)
1108 RESOLVEFUNC(X509_STORE_free)
1109 RESOLVEFUNC(X509_STORE_new)
1110 RESOLVEFUNC(X509_STORE_add_cert)
1111 RESOLVEFUNC(X509_STORE_CTX_free)
1112 RESOLVEFUNC(X509_STORE_CTX_init)
1113 RESOLVEFUNC(X509_STORE_CTX_new)
1114 RESOLVEFUNC(X509_STORE_CTX_set_purpose)
1115 RESOLVEFUNC(X509_STORE_CTX_get_error)
1116 RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
1117 RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
1118 RESOLVEFUNC(X509_STORE_CTX_get0_store)
1119 RESOLVEFUNC(X509_cmp)
1120 RESOLVEFUNC(X509_STORE_CTX_get_ex_data)
1121 RESOLVEFUNC(X509_dup)
1122 RESOLVEFUNC(X509_print)
1123 RESOLVEFUNC(X509_digest)
1124 RESOLVEFUNC(X509_EXTENSION_get_object)
1125 RESOLVEFUNC(X509_free)
1126 RESOLVEFUNC(X509_gmtime_adj)
1127 RESOLVEFUNC(ASN1_TIME_free)
1128 RESOLVEFUNC(X509_get_ext)
1129 RESOLVEFUNC(X509_get_ext_count)
1130 RESOLVEFUNC(X509_get_ext_d2i)
1131 RESOLVEFUNC(X509V3_EXT_get)
1132 RESOLVEFUNC(X509V3_EXT_d2i)
1133 RESOLVEFUNC(X509_EXTENSION_get_critical)
1134 RESOLVEFUNC(X509_EXTENSION_get_data)
1135 RESOLVEFUNC(BASIC_CONSTRAINTS_free)
1136 RESOLVEFUNC(AUTHORITY_KEYID_free)
1137 RESOLVEFUNC(GENERAL_NAME_free)
1138 RESOLVEFUNC(ASN1_STRING_print)
1139 RESOLVEFUNC(X509_check_issued)
1140 RESOLVEFUNC(X509_get_issuer_name)
1141 RESOLVEFUNC(X509_get_subject_name)
1142 RESOLVEFUNC(X509_get_serialNumber)
1143 RESOLVEFUNC(X509_verify_cert)
1144 RESOLVEFUNC(d2i_X509)
1145 RESOLVEFUNC(i2d_X509)
1146 #if OPENSSL_VERSION_MAJOR < 3
1147 RESOLVEFUNC(SSL_CTX_load_verify_locations)
1148 #else
1149 RESOLVEFUNC(SSL_CTX_load_verify_dir)
1150 #endif // OPENSSL_VERSION_MAJOR
1151 RESOLVEFUNC(i2d_SSL_SESSION)
1152 RESOLVEFUNC(d2i_SSL_SESSION)
1153
1154 #ifndef OPENSSL_NO_NEXTPROTONEG
1155 RESOLVEFUNC(SSL_select_next_proto)
1156 RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb)
1157 RESOLVEFUNC(SSL_get0_next_proto_negotiated)
1158 RESOLVEFUNC(SSL_set_alpn_protos)
1159 RESOLVEFUNC(SSL_CTX_set_alpn_select_cb)
1160 RESOLVEFUNC(SSL_get0_alpn_selected)
1161 #endif // !OPENSSL_NO_NEXTPROTONEG
1162
1163 #if QT_CONFIG(dtls)
1164 RESOLVEFUNC(SSL_CTX_set_cookie_generate_cb)
1165 RESOLVEFUNC(SSL_CTX_set_cookie_verify_cb)
1166 RESOLVEFUNC(DTLS_server_method)
1167 RESOLVEFUNC(DTLS_client_method)
1168 #endif // dtls
1169
1170 RESOLVEFUNC(CRYPTO_malloc)
1171 RESOLVEFUNC(DH_new)
1172 RESOLVEFUNC(DH_free)
1173 RESOLVEFUNC(d2i_DHparams)
1174 RESOLVEFUNC(i2d_DHparams)
1175 #ifndef OPENSSL_NO_DEPRECATED_3_0
1176 RESOLVEFUNC(DH_check)
1177 #endif // OPENSSL_NO_DEPRECATED_3_0
1178 RESOLVEFUNC(BN_bin2bn)
1179
1180 #ifndef OPENSSL_NO_EC
1181 RESOLVEFUNC(EC_KEY_dup)
1182 RESOLVEFUNC(EC_KEY_new_by_curve_name)
1183 RESOLVEFUNC(EC_KEY_free)
1184 RESOLVEFUNC(EC_get_builtin_curves)
1185 #endif // OPENSSL_NO_EC
1186
1187 RESOLVEFUNC(PKCS12_parse)
1188 RESOLVEFUNC(d2i_PKCS12_bio)
1189 RESOLVEFUNC(PKCS12_free)
1190
1191 symbolsResolved.storeRelease(true);
1192 return true;
1193 }
1194 #endif // QT_CONFIG(library)
1195
1196 #else // !defined QT_LINKED_OPENSSL
1197
1198 bool q_resolveOpenSslSymbols()
1199 {
1200 #ifdef QT_NO_OPENSSL
1201 return false;
1202 #endif
1203 return true;
1204 }
1205 #endif // !defined QT_LINKED_OPENSSL
1206
1207 //==============================================================================
1208 // contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/
1209 // Based on X509_cmp_time() for intitial buffer hacking.
1210 //==============================================================================
q_getTimeFromASN1(const ASN1_TIME * aTime)1211 QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
1212 {
1213 size_t lTimeLength = aTime->length;
1214 char *pString = (char *) aTime->data;
1215 auto isValidPointer = [pString, lTimeLength](const char *const probe){
1216 return size_t(probe - pString) < lTimeLength;
1217 };
1218
1219 if (aTime->type == V_ASN1_UTCTIME) {
1220
1221 char lBuffer[24];
1222 char *pBuffer = lBuffer;
1223
1224 if ((lTimeLength < 11) || (lTimeLength > 17))
1225 return QDateTime();
1226
1227 memcpy(pBuffer, pString, 10);
1228 pBuffer += 10;
1229 pString += 10;
1230
1231 if ((*pString == 'Z') || (*pString == '-') || (*pString == '+')) {
1232 *pBuffer++ = '0';
1233 *pBuffer++ = '0';
1234 } else {
1235 *pBuffer++ = *pString++;
1236 if (!isValidPointer(pString)) // Nah.
1237 return {};
1238 *pBuffer++ = *pString++;
1239 if (!isValidPointer(pString)) // Nah.
1240 return {};
1241 // Skip any fractional seconds...
1242 if (*pString == '.') {
1243 pString++;
1244 if (!isValidPointer(pString)) // Oh no, cannot dereference (see below).
1245 return {};
1246 while ((*pString >= '0') && (*pString <= '9')) {
1247 pString++;
1248 if (!isValidPointer(pString)) // No and no.
1249 return {};
1250 }
1251 }
1252 }
1253
1254 *pBuffer++ = 'Z';
1255 *pBuffer++ = '\0';
1256
1257 time_t lSecondsFromUCT;
1258 if (*pString == 'Z') {
1259 lSecondsFromUCT = 0;
1260 } else {
1261 if ((*pString != '+') && (*pString != '-'))
1262 return QDateTime();
1263
1264 if (!isValidPointer(pString + 4)) {
1265 // What kind of input parameters we were provided with? To hell with them!
1266 return {};
1267 }
1268 lSecondsFromUCT = ((pString[1] - '0') * 10 + (pString[2] - '0')) * 60;
1269 lSecondsFromUCT += (pString[3] - '0') * 10 + (pString[4] - '0');
1270 lSecondsFromUCT *= 60;
1271 if (*pString == '-')
1272 lSecondsFromUCT = -lSecondsFromUCT;
1273 }
1274
1275 tm lTime;
1276 lTime.tm_sec = ((lBuffer[10] - '0') * 10) + (lBuffer[11] - '0');
1277 lTime.tm_min = ((lBuffer[8] - '0') * 10) + (lBuffer[9] - '0');
1278 lTime.tm_hour = ((lBuffer[6] - '0') * 10) + (lBuffer[7] - '0');
1279 lTime.tm_mday = ((lBuffer[4] - '0') * 10) + (lBuffer[5] - '0');
1280 lTime.tm_mon = (((lBuffer[2] - '0') * 10) + (lBuffer[3] - '0')) - 1;
1281 lTime.tm_year = ((lBuffer[0] - '0') * 10) + (lBuffer[1] - '0');
1282 if (lTime.tm_year < 50)
1283 lTime.tm_year += 100; // RFC 2459
1284
1285 QDate resDate(lTime.tm_year + 1900, lTime.tm_mon + 1, lTime.tm_mday);
1286 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1287
1288 QDateTime result(resDate, resTime, Qt::UTC);
1289 result = result.addSecs(lSecondsFromUCT);
1290 return result;
1291
1292 } else if (aTime->type == V_ASN1_GENERALIZEDTIME) {
1293
1294 if (lTimeLength < 15)
1295 return QDateTime(); // hopefully never triggered
1296
1297 // generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2)
1298 tm lTime;
1299 lTime.tm_sec = ((pString[12] - '0') * 10) + (pString[13] - '0');
1300 lTime.tm_min = ((pString[10] - '0') * 10) + (pString[11] - '0');
1301 lTime.tm_hour = ((pString[8] - '0') * 10) + (pString[9] - '0');
1302 lTime.tm_mday = ((pString[6] - '0') * 10) + (pString[7] - '0');
1303 lTime.tm_mon = (((pString[4] - '0') * 10) + (pString[5] - '0'));
1304 lTime.tm_year = ((pString[0] - '0') * 1000) + ((pString[1] - '0') * 100) +
1305 ((pString[2] - '0') * 10) + (pString[3] - '0');
1306
1307 QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday);
1308 QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1309
1310 QDateTime result(resDate, resTime, Qt::UTC);
1311 return result;
1312
1313 } else {
1314 qCWarning(lcSsl, "unsupported date format detected");
1315 return QDateTime();
1316 }
1317
1318 }
1319
1320 QT_END_NAMESPACE
1321