aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Murray <scott.murray@konsulko.com>2022-08-14 15:58:44 -0400
committerScott Murray <scott.murray@konsulko.com>2022-08-22 17:22:16 +0000
commit1c873e0ae5aeee00dec99e113d579abd89c90497 (patch)
treed6f6756a372821bcadc631b14d495fe2f4585c57
parent02eef14403101fb3974eda558e52f10eab458f54 (diff)
qtbase: Add backported patches for OpenSSL 3 support
To make QSslSocket work when building with OpenSSL 3.x, add two backported patches pulled from the v5.15.3-lts-lgpl branch of the KDE repo: https://invent.kde.org/qt/qt/qtbase This appears to be the minimal fix for e.g. QtLocation's SSL usage. For more information on the KDE Qt5 patch collection, see: https://community.kde.org/Qt5PatchCollection Bug-AGL: SPEC-4395 Signed-off-by: Scott Murray <scott.murray@konsulko.com> Change-Id: I0bc3fe7c0726aaea71a2c162db040e57ac92a9db Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl/+/27917 ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account Reviewed-by: Naoto YAMAGUCHI <naoto.yamaguchi@aisin.co.jp> Tested-by: Jenkins Job builder account
-rw-r--r--meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0001-Don-t-use-a-deprecated-function-if-built-linked-with.patch84
-rw-r--r--meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0002-Adapt-for-q_EVP_PKEY_base_id-q_EVP_PKEY_get_base_id-.patch86
-rw-r--r--meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase_aglcore.inc7
3 files changed, 177 insertions, 0 deletions
diff --git a/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0001-Don-t-use-a-deprecated-function-if-built-linked-with.patch b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0001-Don-t-use-a-deprecated-function-if-built-linked-with.patch
new file mode 100644
index 000000000..ba3c2be42
--- /dev/null
+++ b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0001-Don-t-use-a-deprecated-function-if-built-linked-with.patch
@@ -0,0 +1,84 @@
+From bed8f42232886b3b738cb4d4ff77846283c59665 Mon Sep 17 00:00:00 2001
+From: Timur Pocheptsov <timur.pocheptsov@qt.io>
+Date: Mon, 12 Jul 2021 12:38:14 +0200
+Subject: [PATCH] Don't use a deprecated function if built/linked with OpenSSL
+ v3
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+SSL_get_peer_certificate was deprecated in OpenSSL v3 and can be 'compiled-out'
+using OPENSSL_API_COMPAT. Use SSL_get1_peer_certificate instead.
+
+Pick-to: 6.2
+Task-number: QTBUG-94596
+Change-Id: Iedb2e06e673e981cab79d4bf0147ac6f5f90089a
+Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
+(cherry picked from commit ae6590e360fbb04d93940b2651f70df44a28943e)
+---
+ src/network/ssl/qsslsocket_openssl_symbols.cpp | 12 ++++++++++++
+ src/network/ssl/qsslsocket_openssl_symbols_p.h | 9 ++++++++-
+ 2 files changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+index 81caef3d8f..f343349e2c 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
++++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+@@ -368,7 +368,13 @@ DEFINEFUNC(const SSL_CIPHER *, SSL_get_current_cipher, SSL *a, a, return nullptr
+ DEFINEFUNC(int, SSL_version, const SSL *a, a, return 0, return)
+ DEFINEFUNC2(int, SSL_get_error, SSL *a, a, int b, b, return -1, return)
+ DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return nullptr, return)
++
++#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
++DEFINEFUNC(X509 *, SSL_get1_peer_certificate, SSL *a, a, return nullptr, return)
++#else
+ DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return nullptr, return)
++#endif // OPENSSL_VERSION_MAJOR >= 3
++
+ DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return)
+ DEFINEFUNC(SSL *, SSL_new, SSL_CTX *a, a, return nullptr, return)
+ DEFINEFUNC(SSL_CTX *, SSL_get_SSL_CTX, SSL *a, a, return nullptr, return)
+@@ -1075,7 +1081,13 @@ bool q_resolveOpenSslSymbols()
+ RESOLVEFUNC(SSL_version)
+ RESOLVEFUNC(SSL_get_error)
+ RESOLVEFUNC(SSL_get_peer_cert_chain)
++
++#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
++ RESOLVEFUNC(SSL_get1_peer_certificate)
++#else
+ RESOLVEFUNC(SSL_get_peer_certificate)
++#endif // OPENSSL_VERSION_MAJOR >= 3
++
+ RESOLVEFUNC(SSL_get_verify_result)
+ RESOLVEFUNC(SSL_new)
+ RESOLVEFUNC(SSL_get_SSL_CTX)
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+index b363e77f48..000134b671 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
++++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -509,7 +509,6 @@ const SSL_CIPHER *q_SSL_get_current_cipher(SSL *a);
+ int q_SSL_version(const SSL *a);
+ int q_SSL_get_error(SSL *a, int b);
+ STACK_OF(X509) *q_SSL_get_peer_cert_chain(SSL *a);
+-X509 *q_SSL_get_peer_certificate(SSL *a);
+ long q_SSL_get_verify_result(const SSL *a);
+ SSL *q_SSL_new(SSL_CTX *a);
+ SSL_CTX *q_SSL_get_SSL_CTX(SSL *a);
+@@ -748,6 +747,14 @@ void *q_CRYPTO_malloc(size_t num, const char *file, int line);
+ int q_SSL_CTX_get_security_level(const SSL_CTX *ctx);
+ void q_SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+
++// Here we have the ones that make difference between OpenSSL pre/post v3:
++#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
++X509 *q_SSL_get1_peer_certificate(SSL *a);
++#define q_SSL_get_peer_certificate q_SSL_get1_peer_certificate
++#else
++X509 *q_SSL_get_peer_certificate(SSL *a);
++#endif // OPENSSL_VERSION_MAJOR >= 3
++
+ QT_END_NAMESPACE
+
+ #endif
+--
+2.35.3
+
diff --git a/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0002-Adapt-for-q_EVP_PKEY_base_id-q_EVP_PKEY_get_base_id-.patch b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0002-Adapt-for-q_EVP_PKEY_base_id-q_EVP_PKEY_get_base_id-.patch
new file mode 100644
index 000000000..d43c3fd40
--- /dev/null
+++ b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase/0002-Adapt-for-q_EVP_PKEY_base_id-q_EVP_PKEY_get_base_id-.patch
@@ -0,0 +1,86 @@
+From bb32d60ee031e29dcfd4bb22d81f6592bf308be9 Mon Sep 17 00:00:00 2001
+From: Dmitry Shachnev <mitya57@gmail.com>
+Date: Sun, 5 Dec 2021 16:07:44 +0300
+Subject: [PATCH] =?UTF-8?q?Adapt=20for=20q=5FEVP=5FPKEY=5Fbase=5Fid=20?=
+ =?UTF-8?q?=E2=86=92=20q=5FEVP=5FPKEY=5Fget=5Fbase=5Fid=20rename=20in=20Op?=
+ =?UTF-8?q?enSSL=203?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Based on upstream commit 4c0f81490ba0c4ec (the whole commit does not
+apply cleanly).
+---
+ src/network/ssl/qsslsocket_openssl_symbols.cpp | 6 ++++--
+ src/network/ssl/qsslsocket_openssl_symbols_p.h | 4 +++-
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+index f343349e2c..f89f5206a3 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
++++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+@@ -148,7 +148,6 @@ DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY *a, a, return 0, return)
+ DEFINEFUNC2(EVP_PKEY_CTX *, EVP_PKEY_CTX_new, EVP_PKEY *pkey, pkey, ENGINE *e, e, return nullptr, return)
+ DEFINEFUNC(int, EVP_PKEY_param_check, EVP_PKEY_CTX *ctx, ctx, return 0, return)
+ DEFINEFUNC(void, EVP_PKEY_CTX_free, EVP_PKEY_CTX *ctx, ctx, return, return)
+-DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return)
+ DEFINEFUNC(int, RSA_bits, RSA *a, a, return 0, return)
+ DEFINEFUNC(int, DSA_bits, DSA *a, a, return 0, return)
+ DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK *a, a, return -1, return)
+@@ -371,8 +370,10 @@ DEFINEFUNC(STACK_OF(X509) *, SSL_get_peer_cert_chain, SSL *a, a, return nullptr,
+
+ #if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
+ DEFINEFUNC(X509 *, SSL_get1_peer_certificate, SSL *a, a, return nullptr, return)
++DEFINEFUNC(int, EVP_PKEY_get_base_id, const EVP_PKEY *pkey, pkey, return -1, return)
+ #else
+ DEFINEFUNC(X509 *, SSL_get_peer_certificate, SSL *a, a, return nullptr, return)
++DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY *a, a, return NID_undef, return)
+ #endif // OPENSSL_VERSION_MAJOR >= 3
+
+ DEFINEFUNC(long, SSL_get_verify_result, const SSL *a, a, return -1, return)
+@@ -856,7 +857,6 @@ bool q_resolveOpenSslSymbols()
+ RESOLVEFUNC(EVP_PKEY_CTX_new)
+ RESOLVEFUNC(EVP_PKEY_param_check)
+ RESOLVEFUNC(EVP_PKEY_CTX_free)
+- RESOLVEFUNC(EVP_PKEY_base_id)
+ RESOLVEFUNC(RSA_bits)
+ RESOLVEFUNC(OPENSSL_sk_new_null)
+ RESOLVEFUNC(OPENSSL_sk_push)
+@@ -1084,8 +1084,10 @@ bool q_resolveOpenSslSymbols()
+
+ #if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
+ RESOLVEFUNC(SSL_get1_peer_certificate)
++ RESOLVEFUNC(EVP_PKEY_get_base_id)
+ #else
+ RESOLVEFUNC(SSL_get_peer_certificate)
++ RESOLVEFUNC(EVP_PKEY_base_id)
+ #endif // OPENSSL_VERSION_MAJOR >= 3
+
+ RESOLVEFUNC(SSL_get_verify_result)
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+index 000134b671..9af27ab99d 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
++++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -236,7 +236,6 @@ Q_AUTOTEST_EXPORT int q_EVP_PKEY_up_ref(EVP_PKEY *a);
+ EVP_PKEY_CTX *q_EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ void q_EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+ int q_EVP_PKEY_param_check(EVP_PKEY_CTX *ctx);
+-int q_EVP_PKEY_base_id(EVP_PKEY *a);
+ int q_RSA_bits(RSA *a);
+ Q_AUTOTEST_EXPORT int q_OPENSSL_sk_num(OPENSSL_STACK *a);
+ Q_AUTOTEST_EXPORT void q_OPENSSL_sk_pop_free(OPENSSL_STACK *a, void (*b)(void *));
+@@ -751,8 +750,11 @@ void q_SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
+ #if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
+ X509 *q_SSL_get1_peer_certificate(SSL *a);
+ #define q_SSL_get_peer_certificate q_SSL_get1_peer_certificate
++int q_EVP_PKEY_get_base_id(const EVP_PKEY *pkey);
++#define q_EVP_PKEY_base_id q_EVP_PKEY_get_base_id
+ #else
+ X509 *q_SSL_get_peer_certificate(SSL *a);
++int q_EVP_PKEY_base_id(EVP_PKEY *a);
+ #endif // OPENSSL_VERSION_MAJOR >= 3
+
+ QT_END_NAMESPACE
+--
+2.35.3
+
diff --git a/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase_aglcore.inc b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase_aglcore.inc
index 54a6311fb..57fcfb48b 100644
--- a/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase_aglcore.inc
+++ b/meta-agl-core/dynamic-layers/meta-qt5/recipes-qt/qt5/qtbase_aglcore.inc
@@ -1,3 +1,10 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/qtbase:"
+
+SRC_URI:append = " \
+ file://0001-Don-t-use-a-deprecated-function-if-built-linked-with.patch \
+ file://0002-Adapt-for-q_EVP_PKEY_base_id-q_EVP_PKEY_get_base_id-.patch \
+"
+
PACKAGECONFIG_WAYLAND = "${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland', '', d)}"
PACKAGECONFIG_GL = "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2', '', d)}"