Opened 6 years ago
Last modified 5 years ago
#58218 new enhancement
port:qt4, port:qt59 : OpenSSL 1.1 compatibility
| Reported by: | RJVB (René Bertin) | Owned by: | |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | haspatch | Cc: | michaelld (Michael Dickens), MarcusCalhoun-Lopez (Marcus Calhoun-Lopez), yan12125 (Chih-Hsuan Yen) |
| Port: | qt59 |
Description
I've been working to get my two Qt ports to support OpenSSL 1.1 in order to be ready when the time comes to upgrade. For now I've tested with an OSSL 1.02r build installed into its own libexec prefix but with symlinks exposing it at the usual locations. As far as I can tell things work as they should.
I'm providing the patches here in hope someone will find them useful (and actually test against OpenSSL 1.1x).
Attachments (5)
Change History (12)
Changed 6 years ago by RJVB (René Bertin)
| Attachment: | patch-support-openssl11.diff added |
|---|
Changed 6 years ago by RJVB (René Bertin)
| Attachment: | patch-openssl11-support-qt597.diff added |
|---|
patch for Qt 5.9; this is a cherry-pick of the official Qt commit that made it into 5.10 but not 5.9 (for whatever political? reason)
comment:1 Changed 6 years ago by RJVB (René Bertin)
FWIW: the Qt5 configure script accepts OPENSSL_PREFIX=${prefix} and/or OPENSSL_INCDIR=/path/to/opensslheaders and/or OPENSSL_LIBDIR=/path/to/openssllibs. No need to manhandle -I and -L in configure.*flags.
comment:2 Changed 6 years ago by RJVB (René Bertin)
No hurry for Qt5; I learnt that there have been a few bugfixes I should hunt down and backport.
Changed 6 years ago by RJVB (René Bertin)
| Attachment: | patch-openssl11-support-qt597.2.diff added |
|---|
this version contains the few SSL fixes from the 5.10 branch that weren't already applied to 5.9
comment:3 Changed 6 years ago by yan12125 (Chih-Hsuan Yen)
| Cc: | yan12125 added |
|---|
comment:4 Changed 6 years ago by yan12125 (Chih-Hsuan Yen)
RJVB: Could you turn OpenSSL 1.1 patches into GitHub pull requests?
comment:5 Changed 6 years ago by RJVB (René Bertin)
I'd rather not because that means I'd have to make assumptions on how the Qt port maintainers want to adapt their ports (neither of which I use myself) and about how people are running their tests. All without having OpenSSL 1.1 installed because I plan to do that upgrade at a convenient time after port:openssl made the transition. I have way too many other things on my fork ATM to start messing with such a central port.
Testing these patches shouldn't be hard;
> sudo port -n patch qtN > (cd `port work qtN`/qt-* && patch -Np1 -i /path/to/patchXXXX.diff) > sudo port -nok destroot qtN
afterwards it's up to you to decide if you want to port -noks upgrade --force or just want to replace the installed QtNetwork framework with the one that was just rebuilt. From what I understand Qt dependents are completely oblivious and independent of the SSL backend used by QtNetwork.
comment:6 Changed 5 years ago by yan12125 (Chih-Hsuan Yen)
comment:7 Changed 5 years ago by yan12125 (Chih-Hsuan Yen)
| Port: | qt4-mac removed |
|---|
qt4-mac is fixed for openssl 1.1 in https://github.com/macports/macports-ports/commit/facea54fb2cf383c404c0b96eee1c5da5da686a7
Changed 5 years ago by RJVB (René Bertin)
| Attachment: | patch-openssl11-support-qt597.3.diff added |
|---|
amended and tested version: works against the current OpenSSL 1.1 port
Changed 5 years ago by RJVB (René Bertin)
| Attachment: | patch-httpsockeng-fix.diff added |
|---|
prevent a crash that I've seen with OSSL 1.1 but not with OSSL 1.0
Patch for Qt4, adapted from the ArchLinux patch