Bug#806505: libqt4-network: failed looksup on SSLv3_*_method
Package: libqt4-network
Version: 4:4.8.7+dfsg-4
Severity: normal
Tags: patch
Dear Maintainer,
libqt4-network is trying to look up SSLv3_*_method functions in OpenSSL
which recently got removed. I don't know how to tag this as transition
related.
QSslSocket: cannot resolve SSLv3_client_method
QSslSocket: cannot resolve SSLv3_server_method
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
diff -Nru qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl.cpp qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl.cpp
--- qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl.cpp 2015-05-07 10:14:44.000000000 -0400
+++ qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl.cpp 2015-11-27 20:49:36.768826857 -0500
@@ -267,7 +267,11 @@
#endif
break;
case QSsl::SslV3:
+#ifndef OPENSSL_NO_SSL3_METHOD
ctx = q_SSL_CTX_new(client ? q_SSLv3_client_method() : q_SSLv3_server_method());
+#else
+ ctx = 0; // SSL 3 not supported by the system, but chosen deliberately -> error
+#endif
break;
case QSsl::SecureProtocols: // SslV2 will be disabled below
case QSsl::TlsV1SslV3: // SslV2 will be disabled below
diff -Nru qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl_symbols.cpp qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl_symbols.cpp
--- qt4-x11-4.8.7+dfsg.orig/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-05-07 10:14:44.000000000 -0400
+++ qt4-x11-4.8.7+dfsg/src/network/ssl/qsslsocket_openssl_symbols.cpp 2015-11-27 20:49:48.061023402 -0500
@@ -228,13 +228,17 @@
#ifndef OPENSSL_NO_SSL2
DEFINEFUNC(const SSL_METHOD *, SSLv2_client_method, DUMMYARG, DUMMYARG, return 0, return)
#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
DEFINEFUNC(const SSL_METHOD *, SSLv3_client_method, DUMMYARG, DUMMYARG, return 0, return)
+#endif
DEFINEFUNC(const SSL_METHOD *, SSLv23_client_method, DUMMYARG, DUMMYARG, return 0, return)
DEFINEFUNC(const SSL_METHOD *, TLSv1_client_method, DUMMYARG, DUMMYARG, return 0, return)
#ifndef OPENSSL_NO_SSL2
DEFINEFUNC(const SSL_METHOD *, SSLv2_server_method, DUMMYARG, DUMMYARG, return 0, return)
#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
DEFINEFUNC(const SSL_METHOD *, SSLv3_server_method, DUMMYARG, DUMMYARG, return 0, return)
+#endif
DEFINEFUNC(const SSL_METHOD *, SSLv23_server_method, DUMMYARG, DUMMYARG, return 0, return)
DEFINEFUNC(const SSL_METHOD *, TLSv1_server_method, DUMMYARG, DUMMYARG, return 0, return)
#else
@@ -822,13 +826,17 @@
#ifndef OPENSSL_NO_SSL2
RESOLVEFUNC(SSLv2_client_method)
#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
RESOLVEFUNC(SSLv3_client_method)
+#endif
RESOLVEFUNC(SSLv23_client_method)
RESOLVEFUNC(TLSv1_client_method)
#ifndef OPENSSL_NO_SSL2
RESOLVEFUNC(SSLv2_server_method)
#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
RESOLVEFUNC(SSLv3_server_method)
+#endif
RESOLVEFUNC(SSLv23_server_method)
RESOLVEFUNC(TLSv1_server_method)
RESOLVEFUNC(X509_NAME_entry_count)
Reply to: