--- qtbase/src/network/ssl/qsslellipticcurve_openssl.cpp 2017-01-18 15:20:58.000000000 +0100 +++ qtbase/src/network/ssl/qsslellipticcurve_openssl.cpp 2017-02-21 16:25:56.477986158 +0100 @@ -82,7 +82,7 @@ int nid = q_OBJ_sn2nid(curveNameLatin1.data()); -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (nid == 0 && q_SSLeay() >= 0x10002000L) nid = q_EC_curve_nist2nid(curveNameLatin1.data()); #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L --- qtbase/src/network/ssl/qsslsocket_openssl.cpp 2017-01-18 15:20:58.000000000 +0100 +++ qtbase/src/network/ssl/qsslsocket_openssl.cpp 2017-02-21 19:12:22.200604090 +0100 @@ -94,7 +94,7 @@ bool QSslSocketPrivate::s_loadedCiphersAndCerts = false; bool QSslSocketPrivate::s_loadRootCertsOnDemand = false; -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) int QSslSocketBackendPrivate::s_indexForSSLExtraData = -1; #endif @@ -191,7 +191,7 @@ return (quintptr)QThread::currentThreadId(); } -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) static unsigned int q_ssl_psk_client_callback(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, @@ -328,7 +328,7 @@ options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; else if (protocol == QSsl::TlsV1_0OrLater) options = SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3; -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) // Choosing Tlsv1_1OrLater or TlsV1_2OrLater on OpenSSL < 1.0.1 // will cause an error in QSslContext::fromConfiguration, meaning // we will never get here. @@ -437,13 +437,13 @@ else q_SSL_set_accept_state(ssl); -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) // Save a pointer to this object into the SSL structure. if (q_SSLeay() >= 0x10001000L) q_SSL_set_ex_data(ssl, s_indexForSSLExtraData, this); #endif -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) // Set the client callback for PSK if (q_SSLeay() >= 0x10001000L) { if (mode == QSslSocket::SslClientMode) @@ -506,7 +506,7 @@ q_SSL_load_error_strings(); q_OpenSSL_add_all_algorithms(); -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10001000L) QSslSocketBackendPrivate::s_indexForSSLExtraData = q_SSL_get_ex_new_index(0L, NULL, NULL, NULL, NULL); #endif @@ -1594,7 +1594,7 @@ } } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) configuration.nextProtocolNegotiationStatus = sslContextPointer->npnContext().status; if (sslContextPointer->npnContext().status == QSslConfiguration::NextProtocolNegotiationUnsupported) { @@ -1603,7 +1603,7 @@ } else { const unsigned char *proto = 0; unsigned int proto_len = 0; -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10002000L) { q_SSL_get0_alpn_selected(ssl, &proto, &proto_len); if (proto_len && mode == QSslSocket::SslClientMode) { @@ -1626,7 +1626,7 @@ } #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10002000L && mode == QSslSocket::SslClientMode) { EVP_PKEY *key; if (q_SSL_get_server_tmp_key(ssl, &key)) --- qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2017-01-18 15:20:58.000000000 +0100 +++ qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp 2017-02-21 19:14:32.805677245 +0100 @@ -151,7 +151,7 @@ DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return) DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return) DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC2(int, BN_is_word, BIGNUM *a, a, BN_ULONG w, w, return 0, return) #endif DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM *a, a, BN_ULONG w, w, return -1, return) @@ -300,17 +300,17 @@ DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION *ses, ses, return, DUMMYARG) DEFINEFUNC(SSL_SESSION*, SSL_get1_session, SSL *ssl, ssl, return 0, return) DEFINEFUNC(SSL_SESSION*, SSL_get_session, const SSL *ssl, ssl, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC5(int, SSL_get_ex_new_index, long argl, argl, void *argp, argp, CRYPTO_EX_new *new_func, new_func, CRYPTO_EX_dup *dup_func, dup_func, CRYPTO_EX_free *free_func, free_func, return -1, return) DEFINEFUNC3(int, SSL_set_ex_data, SSL *ssl, ssl, int idx, idx, void *arg, arg, return 0, return) DEFINEFUNC2(void *, SSL_get_ex_data, const SSL *ssl, ssl, int idx, idx, return NULL, return) #endif -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC2(void, SSL_set_psk_client_callback, SSL* ssl, ssl, q_psk_client_callback_t callback, callback, return, DUMMYARG) DEFINEFUNC2(void, SSL_set_psk_server_callback, SSL* ssl, ssl, q_psk_server_callback_t callback, callback, return, DUMMYARG) DEFINEFUNC2(int, SSL_CTX_use_psk_identity_hint, SSL_CTX* ctx, ctx, const char *hint, hint, return 0, return) #endif #if OPENSSL_VERSION_NUMBER >= 0x10000000L #ifndef OPENSSL_NO_SSL2 DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return) #endif @@ -319,7 +319,7 @@ #endif DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC(const SSL_METHOD *, TLSv1_1_client_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_2_client_method, DUMMYARG, DUMMYARG, return 0, return) #endif @@ -331,7 +331,7 @@ #endif DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC(const SSL_METHOD *, TLSv1_1_server_method, DUMMYARG, DUMMYARG, return 0, return) DEFINEFUNC(const SSL_METHOD *, TLSv1_2_server_method, DUMMYARG, DUMMYARG, return 0, return) #endif @@ -414,7 +414,7 @@ DEFINEFUNC(const char *, SSLeay_version, int a, a, return 0, return) DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION *in, in, unsigned char **pp, pp, return 0, return) DEFINEFUNC3(SSL_SESSION *, d2i_SSL_SESSION, SSL_SESSION **a, a, const unsigned char **pp, pp, long length, length, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC6(int, SSL_select_next_proto, unsigned char **out, out, unsigned char *outlen, outlen, const unsigned char *in, in, unsigned int inlen, inlen, const unsigned char *client, client, unsigned int client_len, client_len, @@ -427,7 +427,7 @@ void *arg, arg, return, DUMMYARG) DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s, const unsigned char **data, data, unsigned *len, len, return, DUMMYARG) -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC3(int, SSL_set_alpn_protos, SSL *s, s, const unsigned char *protos, protos, unsigned protos_len, protos_len, return -1, return) DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s, @@ -451,7 +451,7 @@ DEFINEFUNC(EC_KEY *, EC_KEY_new_by_curve_name, int nid, nid, return 0, return) DEFINEFUNC(void, EC_KEY_free, EC_KEY *ecdh, ecdh, return, DUMMYARG) DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return 0, return) -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) DEFINEFUNC(int, EC_curve_nist2nid, const char *name, name, return 0, return) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L #endif // OPENSSL_NO_EC @@ -791,7 +791,7 @@ RESOLVEFUNC(EC_GROUP_get_degree) #endif RESOLVEFUNC(BN_num_bits) -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(BN_is_word) #endif RESOLVEFUNC(BN_mod_word) @@ -912,12 +912,12 @@ RESOLVEFUNC(SSL_SESSION_free) RESOLVEFUNC(SSL_get1_session) RESOLVEFUNC(SSL_get_session) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(SSL_get_ex_new_index) RESOLVEFUNC(SSL_set_ex_data) RESOLVEFUNC(SSL_get_ex_data) #endif -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(SSL_set_psk_client_callback) RESOLVEFUNC(SSL_set_psk_server_callback) RESOLVEFUNC(SSL_CTX_use_psk_identity_hint) @@ -931,7 +931,7 @@ #endif RESOLVEFUNC(SSLv23_client_method) RESOLVEFUNC(TLSv1_client_method) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(TLSv1_1_client_method) RESOLVEFUNC(TLSv1_2_client_method) #endif @@ -943,7 +943,7 @@ #endif RESOLVEFUNC(SSLv23_server_method) RESOLVEFUNC(TLSv1_server_method) -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(TLSv1_1_server_method) RESOLVEFUNC(TLSv1_2_server_method) #endif @@ -999,12 +999,12 @@ RESOLVEFUNC(SSLeay_version) RESOLVEFUNC(i2d_SSL_SESSION) RESOLVEFUNC(d2i_SSL_SESSION) -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(SSL_select_next_proto) RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb) RESOLVEFUNC(SSL_get0_next_proto_negotiated) #endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) RESOLVEFUNC(SSL_set_alpn_protos) RESOLVEFUNC(SSL_CTX_set_alpn_select_cb) RESOLVEFUNC(SSL_get0_alpn_selected) @@ -1020,7 +1020,7 @@ RESOLVEFUNC(EC_KEY_new_by_curve_name) RESOLVEFUNC(EC_KEY_free) RESOLVEFUNC(EC_get_builtin_curves) -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10002000L) RESOLVEFUNC(EC_curve_nist2nid) #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L --- qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2017-01-18 15:20:58.000000000 +0100 +++ qtbase/src/network/ssl/qsslsocket_openssl_symbols_p.h 2017-02-21 19:15:38.083714302 +0100 @@ -228,7 +228,7 @@ Q_AUTOTEST_EXPORT BIO_METHOD *q_BIO_s_mem(); Q_AUTOTEST_EXPORT int q_BIO_write(BIO *a, const void *b, int c); int q_BN_num_bits(const BIGNUM *a); -#if OPENSSL_VERSION_NUMBER >= 0x10100000L +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) int q_BN_is_word(BIGNUM *a, BN_ULONG w); #else // BN_is_word is implemented purely as a @@ -241,7 +241,7 @@ // // Users are required to include . #define q_BN_is_word BN_is_word -#endif // OPENSSL_VERSION_NUMBER >= 0x10100000L +#endif // (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER) BN_ULONG q_BN_mod_word(const BIGNUM *a, BN_ULONG w); #ifndef OPENSSL_NO_EC const EC_GROUP* q_EC_KEY_get0_group(const EC_KEY* k); @@ -387,19 +387,19 @@ void q_SSL_SESSION_free(SSL_SESSION *ses); SSL_SESSION *q_SSL_get1_session(SSL *ssl); SSL_SESSION *q_SSL_get_session(const SSL *ssl); -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) int q_SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int q_SSL_set_ex_data(SSL *ssl, int idx, void *arg); void *q_SSL_get_ex_data(const SSL *ssl, int idx); #endif -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) typedef unsigned int (*q_psk_client_callback_t)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len); void q_SSL_set_psk_client_callback(SSL *ssl, q_psk_client_callback_t callback); typedef unsigned int (*q_psk_server_callback_t)(SSL *ssl, const char *identity, unsigned char *psk, unsigned int max_psk_len); void q_SSL_set_psk_server_callback(SSL *ssl, q_psk_server_callback_t callback); int q_SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint); -#endif // OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#endif // (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) #if OPENSSL_VERSION_NUMBER >= 0x10000000L #ifndef OPENSSL_NO_SSL2 const SSL_METHOD *q_SSLv2_client_method(); #endif @@ -509,13 +509,13 @@ // EC curves management size_t q_EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems); -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) int q_EC_curve_nist2nid(const char *name); -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L +#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) #endif // OPENSSL_NO_EC -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) #define q_SSL_get_server_tmp_key(ssl, key) q_SSL_ctrl((ssl), SSL_CTRL_GET_SERVER_TMP_KEY, 0, (char *)key) -#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L +#endif // (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) // PKCS#12 support int q_PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); @@ -573,7 +573,7 @@ int q_i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp); SSL_SESSION *q_d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length); -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) int q_SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, const unsigned char *client, unsigned int client_len); @@ -585,7 +585,7 @@ void *arg); void q_SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, unsigned *len); -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) int q_SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos, unsigned protos_len); void q_SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, @@ -598,7 +598,7 @@ void q_SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data, unsigned *len); #endif -#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ... +#endif // (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) // Helper function class QDateTime; --- qtbase/src/network/ssl/qsslcontext_openssl.cpp 2017-01-18 15:20:58.000000000 +0100 +++ qtbase/src/network/ssl/qsslcontext_openssl.cpp 2017-02-21 19:23:04.291975945 +0100 @@ -126,7 +126,7 @@ sslContext->ctx = q_SSL_CTX_new(client ? q_TLSv1_client_method() : q_TLSv1_server_method()); break; case QSsl::TlsV1_1: -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) sslContext->ctx = q_SSL_CTX_new(client ? q_TLSv1_1_client_method() : q_TLSv1_1_server_method()); #else // TLS 1.1 not supported by the system, but chosen deliberately -> error @@ -135,7 +135,7 @@ #endif break; case QSsl::TlsV1_2: -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) sslContext->ctx = q_SSL_CTX_new(client ? q_TLSv1_2_client_method() : q_TLSv1_2_server_method()); #else // TLS 1.2 not supported by the system, but chosen deliberately -> error @@ -149,7 +149,7 @@ break; case QSsl::TlsV1_1OrLater: case QSsl::TlsV1_2OrLater: -#if OPENSSL_VERSION_NUMBER >= 0x10001000L +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(LIBRESSL_VERSION_NUMBER) // Specific protocols will be specified via SSL options. sslContext->ctx = q_SSL_CTX_new(client ? q_SSLv23_client_method() : q_SSLv23_server_method()); #else @@ -330,7 +330,7 @@ } #ifndef OPENSSL_NO_EC -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10002000L) { q_SSL_CTX_ctrl(sslContext->ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL); } else @@ -344,14 +344,14 @@ } #endif // OPENSSL_NO_EC -#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_PSK) && !defined(LIBRESSL_VERSION_NUMBER) if (!client) q_SSL_CTX_use_psk_identity_hint(sslContext->ctx, sslContext->sslConfiguration.preSharedKeyIdentityHint().constData()); #endif // OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_PSK) const QVector qcurves = sslContext->sslConfiguration.ellipticCurves(); if (!qcurves.isEmpty()) { -#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(OPENSSL_NO_EC) +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(OPENSSL_NO_EC) && !defined(LIBRESSL_VERSION_NUMBER) // Set the curves to be used if (q_SSLeay() >= 0x10002000L) { // SSL_CTX_ctrl wants a non-const pointer as last argument, @@ -387,7 +387,7 @@ return sslContext; } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) static int next_proto_cb(SSL *, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) @@ -447,7 +447,7 @@ } } -#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG) +#if (OPENSSL_VERSION_NUMBER >= 0x1000100fL) && !defined(OPENSSL_NO_NEXTPROTONEG) && !defined(LIBRESSL_VERSION_NUMBER) QList protocols = sslConfiguration.d->nextAllowedProtocols; if (!protocols.isEmpty()) { m_supportedNPNVersions.clear(); @@ -462,7 +462,7 @@ m_npnContext.data = reinterpret_cast(m_supportedNPNVersions.data()); m_npnContext.len = m_supportedNPNVersions.count(); m_npnContext.status = QSslConfiguration::NextProtocolNegotiationNone; -#if OPENSSL_VERSION_NUMBER >= 0x10002000L +#if (OPENSSL_VERSION_NUMBER >= 0x10002000L) && !defined(LIBRESSL_VERSION_NUMBER) if (q_SSLeay() >= 0x10002000L) { // Callback's type has a parameter 'const unsigned char ** out' // since it was introduced in 1.0.2. Internally, OpenSSL's own code