qsslsocket_openssl_symbols.cpp source code [qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp]

1	/****************************************************************************
2	**
3	** Copyright (C) 2017 The Qt Company Ltd.
4	** Copyright (C) 2014 BlackBerry Limited. All rights reserved.
5	** Copyright (C) 2016 Richard J. Moore <rich@kde.org>
6	** Contact: https://www.qt.io/licensing/
7	**
8	** This file is part of the QtNetwork module of the Qt Toolkit.
9	**
10	** $QT_BEGIN_LICENSE:LGPL$
11	** Commercial License Usage
12	** Licensees holding valid commercial Qt licenses may use this file in
13	** accordance with the commercial license agreement provided with the
14	** Software or, alternatively, in accordance with the terms contained in
15	** a written agreement between you and The Qt Company. For licensing terms
16	** and conditions see https://www.qt.io/terms-conditions. For further
17	** information use the contact form at https://www.qt.io/contact-us.
18	**
19	** GNU Lesser General Public License Usage
20	** Alternatively, this file may be used under the terms of the GNU Lesser
21	** General Public License version 3 as published by the Free Software
22	** Foundation and appearing in the file LICENSE.LGPL3 included in the
23	** packaging of this file. Please review the following information to
24	** ensure the GNU Lesser General Public License version 3 requirements
25	** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
26	**
27	** GNU General Public License Usage
28	** Alternatively, this file may be used under the terms of the GNU
29	** General Public License version 2.0 or (at your option) the GNU General
30	** Public license version 3 or any later version approved by the KDE Free
31	** Qt Foundation. The licenses are as published by the Free Software
32	** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
33	** included in the packaging of this file. Please review the following
34	** information to ensure the GNU General Public License requirements will
35	** be met: https://www.gnu.org/licenses/gpl-2.0.html and
36	** https://www.gnu.org/licenses/gpl-3.0.html.
37	**
38	** $QT_END_LICENSE$
39	**
40	****************************************************************************/
41
42	/****************************************************************************
43	**
44	** In addition, as a special exception, the copyright holders listed above give
45	** permission to link the code of its release of Qt with the OpenSSL project's
46	** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
47	** same license as the original version), and distribute the linked executables.
48	**
49	** You must comply with the GNU General Public License version 2 in all
50	** respects for all of the code used other than the "OpenSSL" code. If you
51	** modify this file, you may extend this exception to your version of the file,
52	** but you are not obligated to do so. If you do not wish to do so, delete
53	** this exception statement from your version of this file.
54	**
55	****************************************************************************/
56
57	#include "qssl_p.h"
58	#include "qsslsocket_openssl_symbols_p.h"
59
60	#ifdef Q_OS_WIN
61	# include <private/qsystemlibrary_p.h>
62	#elif QT_CONFIG(library)
63	# include <QtCore/qlibrary.h>
64	#endif
65	#include <QtCore/qmutex.h>
66	#include <QtCore/qdatetime.h>
67	#if defined(Q_OS_UNIX)
68	#include <QtCore/qdir.h>
69	#endif
70	#include <QtCore/private/qmemory_p.h>
71	#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
72	#include <link.h>
73	#endif
74	#ifdef Q_OS_DARWIN
75	#include "private/qcore_mac_p.h"
76	#endif
77
78	#include <algorithm>
79
80	QT_BEGIN_NAMESPACE
81
82	/*
83	Note to maintainer:
84	-------------------
85
86	We load OpenSSL symbols dynamically. Because symbols are known to
87	disappear, and signatures sometimes change, between releases, we need to
88	be careful about how this is done. To ensure we don't end up dereferencing
89	null function pointers, and continue running even if certain functions are
90	missing, we define helper functions for each of the symbols we load from
91	OpenSSL, all prefixed with "q_" (declared in
92	qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect
93	directly, we call q_SSL_connect, which is a function that checks if the
94	actual SSL_connect fptr is null, and returns a failure if it is, or calls
95	SSL_connect if it isn't.
96
97	This requires a somewhat tedious process of declaring each function we
98	want to call in OpenSSL thrice: once with the q_, in _p.h, once using the
99	DEFINEFUNC macros below, and once in the function that actually resolves
100	the symbols, below the DEFINEFUNC declarations below.
101
102	There's one DEFINEFUNC macro declared for every number of arguments
103	exposed by OpenSSL (feel free to extend when needed). The easiest thing to
104	do is to find an existing entry that matches the arg count of the function
105	you want to import, and do the same.
106
107	The first macro arg is the function return type. The second is the
108	verbatim name of the function/symbol. Then follows a list of N pairs of
109	argument types with a variable name, and just the variable name (char a,*
110	a, char b, b, etc). Finally there's two arguments - a suitable return*
111	statement for the error case (for an int function, return 0 or return -1
112	is usually right). Then either just "return" or DUMMYARG, the latter being
113	for void functions.
114
115	Note: Take into account that these macros and declarations are processed
116	at compile-time, and the result depends on the OpenSSL headers the
117	compiling host has installed, but the symbols are resolved at run-time,
118	possibly with a different version of OpenSSL.
119	*/
120
121	#ifndef QT_LINKED_OPENSSL
122
123	namespace {
124	void qsslSocketUnresolvedSymbolWarning(const char *functionName)
125	{
126	qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName);
127	}
128
129	#if QT_CONFIG(library)
130	void qsslSocketCannotResolveSymbolWarning(const char *functionName)
131	{
132	qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName);
133	}
134	#endif
135
136	}
137
138	#endif // QT_LINKED_OPENSSL
139
140	DEFINEFUNC(const unsigned char , ASN1_STRING_get0_data, const* ASN1_STRING a, a, return* nullptr, return)
141	DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS settings, settings, return* `0`, return)
142	DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS settings, settings, return* `0`, return)
143	DEFINEFUNC(BIO , BIO_new, const* BIO_METHOD a, a, return* nullptr, return)
144	DEFINEFUNC(const BIO_METHOD , BIO_s_mem, void, DUMMYARG, return* nullptr, return)
145	DEFINEFUNC2(int, BN_is_word, BIGNUM a, a, BN_ULONG w, w, return* `0`, return)
146	DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX c, c, return* `0`, return)
147	DEFINEFUNC(int, EVP_PKEY_up_ref, EVP_PKEY a, a, return* `0`, return)
148	DEFINEFUNC2(EVP_PKEY_CTX , EVP_PKEY_CTX_new, EVP_PKEY pkey, pkey, ENGINE e, e, return* nullptr, return)
149	DEFINEFUNC(int, EVP_PKEY_param_check, EVP_PKEY_CTX ctx, ctx, return* `0`, return)
150	DEFINEFUNC(void, EVP_PKEY_CTX_free, EVP_PKEY_CTX ctx, ctx, return, return*)
151	DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY a, a, return* NID_undef, return)
152	DEFINEFUNC(int, RSA_bits, RSA a, a, return* `0`, return)
153	DEFINEFUNC(int, DSA_bits, DSA a, a, return* `0`, return)
154	DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK a, a, return* -`1`, return)
155	DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK a, a, void* (b)(void), b, return**, DUMMYARG)
156	DEFINEFUNC(OPENSSL_STACK , OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return* nullptr, return)
157	DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK a, a, void* b, b, return*, DUMMYARG)
158	DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK a, a, return*, DUMMYARG)
159	DEFINEFUNC2(void , OPENSSL_sk_value, OPENSSL_STACK a, a, int b, b, return nullptr, return)
160	DEFINEFUNC(int, SSL_session_reused, SSL a, a, return* `0`, return)
161	DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX ctx, ctx, unsigned* long op, op, return `0`, return)
162	DEFINEFUNC(int, SSL_CTX_get_security_level, const SSL_CTX ctx, ctx, return* -`1`, return)
163	DEFINEFUNC2(void, SSL_CTX_set_security_level, SSL_CTX ctx, ctx, int* level, level, return, return)
164	#ifdef TLS1_3_VERSION
165	DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX ctx, ctx, const* char str, str, return* `0`, return)
166	DEFINEFUNC2(void, SSL_set_psk_use_session_callback, SSL ssl, ssl, q_SSL_psk_use_session_cb_func_t callback, callback, return*, DUMMYARG)
167	DEFINEFUNC2(void, SSL_CTX_sess_set_new_cb, SSL_CTX ctx, ctx, NewSessionCallback cb, cb, return, return*)
168	DEFINEFUNC(int, SSL_SESSION_is_resumable, const SSL_SESSION s, s, return* `0`, return)
169	#endif
170	DEFINEFUNC3(size_t, SSL_get_client_random, SSL a, a, unsigned* char out, out, size_t outlen, outlen, return* `0`, return)
171	DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION ses, ses, unsigned* char out, out, size_t outlen, outlen, return* `0`, return)
172	DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void argp, argp, CRYPTO_EX_new new_func, new_func, CRYPTO_EX_dup dup_func, dup_func, CRYPTO_EX_free free_func, free_func, return -`1`, return)
173	DEFINEFUNC2(unsigned long, SSL_set_options, SSL ssl, ssl, unsigned* long op, op, return `0`, return)
174
175	DEFINEFUNC(const SSL_METHOD , TLS_method, DUMMYARG, DUMMYARG, return* nullptr, return)
176	DEFINEFUNC(const SSL_METHOD , TLS_client_method, DUMMYARG, DUMMYARG, return* nullptr, return)
177	DEFINEFUNC(const SSL_METHOD , TLS_server_method, DUMMYARG, DUMMYARG, return* nullptr, return)
178	DEFINEFUNC(void, X509_up_ref, X509 a, a, return*, DUMMYARG)
179	DEFINEFUNC(ASN1_TIME , X509_getm_notBefore, X509 a, a, return nullptr, return)
180	DEFINEFUNC(ASN1_TIME , X509_getm_notAfter, X509 a, a, return nullptr, return)
181	DEFINEFUNC2(void, ASN1_item_free, ASN1_VALUE val, val, const* ASN1_ITEM it, it, return, return*)
182	DEFINEFUNC(void, X509V3_conf_free, CONF_VALUE val, val, return, return*)
183	DEFINEFUNC(long, X509_get_version, X509 a, a, return* -`1`, return)
184	DEFINEFUNC(EVP_PKEY , X509_get_pubkey, X509 a, a, return nullptr, return)
185	DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return*, DUMMYARG)
186	DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE a, a, int* idx, idx, void data, data, return* `0`, return)
187	DEFINEFUNC2(void , X509_STORE_get_ex_data, X509_STORE r, r, int idx, idx, return nullptr, return)
188	DEFINEFUNC(STACK_OF(X509) , X509_STORE_CTX_get0_chain, X509_STORE_CTX a, a, return nullptr, return)
189	DEFINEFUNC3(void, CRYPTO_free, void str, str, const* char file, file, int* line, line, return, DUMMYARG)
190	DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return `0`, return)
191	DEFINEFUNC(const char , OpenSSL_version, int* a, a, return nullptr, return)
192	DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION session, session, return* `0`, return)
193	DEFINEFUNC4(void, DH_get0_pqg, const DH dh, dh, const* BIGNUM *p, p, const* BIGNUM *q, q, const* BIGNUM g, g, return**, DUMMYARG)
194	DEFINEFUNC(int, DH_bits, DH dh, dh, return* `0`, return)
195
196	#if QT_CONFIG(dtls)
197	DEFINEFUNC2(int, DTLSv1_listen, SSL s, s, BIO_ADDR c, c, return -`1`, return)
198	DEFINEFUNC(BIO_ADDR , BIO_ADDR_new, DUMMYARG, DUMMYARG, return* nullptr, return)
199	DEFINEFUNC(void, BIO_ADDR_free, BIO_ADDR ap, ap, return*, DUMMYARG)
200	DEFINEFUNC2(BIO_METHOD , BIO_meth_new, int* type, type, const char name, name, return* nullptr, return)
201	DEFINEFUNC(void, BIO_meth_free, BIO_METHOD biom, biom, return*, DUMMYARG)
202	DEFINEFUNC2(int, BIO_meth_set_write, BIO_METHOD biom, biom, DgramWriteCallback write, write, return* `0`, return)
203	DEFINEFUNC2(int, BIO_meth_set_read, BIO_METHOD biom, biom, DgramReadCallback read, read, return* `0`, return)
204	DEFINEFUNC2(int, BIO_meth_set_puts, BIO_METHOD biom, biom, DgramPutsCallback puts, puts, return* `0`, return)
205	DEFINEFUNC2(int, BIO_meth_set_ctrl, BIO_METHOD biom, biom, DgramCtrlCallback ctrl, ctrl, return* `0`, return)
206	DEFINEFUNC2(int, BIO_meth_set_create, BIO_METHOD biom, biom, DgramCreateCallback crt, crt, return* `0`, return)
207	DEFINEFUNC2(int, BIO_meth_set_destroy, BIO_METHOD biom, biom, DgramDestroyCallback dtr, dtr, return* `0`, return)
208	#endif // dtls
209
210	#if QT_CONFIG(ocsp)
211	DEFINEFUNC(const OCSP_CERTID , OCSP_SINGLERESP_get0_id, const* OCSP_SINGLERESP x, x, return* nullptr, return)
212	DEFINEFUNC3(OCSP_RESPONSE , d2i_OCSP_RESPONSE, OCSP_RESPONSE a, a, const* unsigned char *in, in, long* len, len, return nullptr, return)
213	DEFINEFUNC(void, OCSP_RESPONSE_free, OCSP_RESPONSE rs, rs, return*, DUMMYARG)
214	DEFINEFUNC(OCSP_BASICRESP , OCSP_response_get1_basic, OCSP_RESPONSE resp, resp, return nullptr, return)
215	DEFINEFUNC(void, OCSP_BASICRESP_free, OCSP_BASICRESP bs, bs, return*, DUMMYARG)
216	DEFINEFUNC(int, OCSP_response_status, OCSP_RESPONSE resp, resp, return* OCSP_RESPONSE_STATUS_INTERNALERROR, return)
217	DEFINEFUNC4(int, OCSP_basic_verify, OCSP_BASICRESP bs, bs, STACK_OF(X509) certs, certs, X509_STORE st, st, unsigned* long flags, flags, return -`1`, return)
218	DEFINEFUNC(int, OCSP_resp_count, OCSP_BASICRESP bs, bs, return* `0`, return)
219	DEFINEFUNC2(OCSP_SINGLERESP , OCSP_resp_get0, OCSP_BASICRESP bs, bs, int idx, idx, return nullptr, return)
220	DEFINEFUNC5(int, OCSP_single_get0_status, OCSP_SINGLERESP single, single, int* reason, reason, ASN1_GENERALIZEDTIME *revtime, revtime,
221	ASN1_GENERALIZEDTIME thisupd, thisupd, ASN1_GENERALIZEDTIME nextupd, nextupd, return -`1`, return)
222	DEFINEFUNC4(int, OCSP_check_validity, ASN1_GENERALIZEDTIME thisupd, thisupd, ASN1_GENERALIZEDTIME nextupd, nextupd, long nsec, nsec, long maxsec, maxsec, return `0`, return)
223	DEFINEFUNC3(OCSP_CERTID , OCSP_cert_to_id, const* EVP_MD dgst, dgst, X509 subject, subject, X509 issuer, issuer, return* nullptr, return)
224	DEFINEFUNC(void, OCSP_CERTID_free, OCSP_CERTID cid, cid, return*, DUMMYARG)
225	DEFINEFUNC5(int, OCSP_id_get0_info, ASN1_OCTET_STRING piNameHash, piNameHash, ASN1_OBJECT pmd, pmd,
226	ASN1_OCTET_STRING piKeyHash, piKeyHash, ASN1_INTEGER pserial, pserial, OCSP_CERTID *cid, cid,
227	return `0`, return)
228	DEFINEFUNC2(OCSP_RESPONSE , OCSP_response_create, int* status, status, OCSP_BASICRESP bs, bs, return* nullptr, return)
229	DEFINEFUNC(const STACK_OF(X509) , OCSP_resp_get0_certs, const* OCSP_BASICRESP bs, bs, return* nullptr, return)
230	DEFINEFUNC2(int, OCSP_id_cmp, OCSP_CERTID a, a, OCSP_CERTID b, b, return -`1`, return)
231	DEFINEFUNC7(OCSP_SINGLERESP , OCSP_basic_add1_status, OCSP_BASICRESP r, r, OCSP_CERTID c, c, int* s, s,
232	int re, re, ASN1_TIME rt, rt, ASN1_TIME t, t, ASN1_TIME n, n, return* nullptr, return)
233	DEFINEFUNC(OCSP_BASICRESP , OCSP_BASICRESP_new, DUMMYARG, DUMMYARG, return* nullptr, return)
234	DEFINEFUNC2(int, i2d_OCSP_RESPONSE, OCSP_RESPONSE r, r, unsigned* char ppout, ppout, return `0`, return**)
235	DEFINEFUNC6(int, OCSP_basic_sign, OCSP_BASICRESP br, br, X509 signer, signer, EVP_PKEY *key, key,
236	const EVP_MD dg, dg, STACK_OF(X509) cs, cs, unsigned long flags, flags, return `0`, return)
237	#endif // ocsp
238
239	DEFINEFUNC(void, AUTHORITY_INFO_ACCESS_free, AUTHORITY_INFO_ACCESS p, p, return, return*)
240	DEFINEFUNC2(void, BIO_set_data, BIO a, a, void* ptr, ptr, return*, DUMMYARG)
241	DEFINEFUNC(void , BIO_get_data, BIO a, a, return nullptr, return)
242	DEFINEFUNC2(void, BIO_set_init, BIO a, a, int* init, init, return, DUMMYARG)
243	DEFINEFUNC(int, BIO_get_shutdown, BIO a, a, return* -`1`, return)
244	DEFINEFUNC2(void, BIO_set_shutdown, BIO a, a, int* shut, shut, return, DUMMYARG)
245
246	DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER a, a, return* `0`, return)
247	DEFINEFUNC2(int, ASN1_INTEGER_cmp, const ASN1_INTEGER a, a, const* ASN1_INTEGER b, b, return* `1`, return)
248	DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING a, a, return* `0`, return)
249	DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char *a, a, ASN1_STRING b, b, return `0`, return)
250	DEFINEFUNC4(long, BIO_ctrl, BIO a, a, int* b, b, long c, c, void d, d, return* -`1`, return)
251	DEFINEFUNC(int, BIO_free, BIO a, a, return* `0`, return)
252	DEFINEFUNC2(BIO , BIO_new_mem_buf, void* a, a, int* b, b, return nullptr, return)
253	DEFINEFUNC3(int, BIO_read, BIO a, a, void* b, b, int* c, c, return -`1`, return)
254
255	DEFINEFUNC3(int, BIO_write, BIO a, a, const* void b, b, int* c, c, return -`1`, return)
256	DEFINEFUNC(int, BN_num_bits, const BIGNUM a, a, return* `0`, return)
257	DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM a, a, BN_ULONG w, w, return* static_cast<BN_ULONG>(-`1`), return)
258	#ifndef OPENSSL_NO_EC
259	DEFINEFUNC(const EC_GROUP, EC_KEY_get0_group, const* EC_KEY* k, k, return nullptr, return)
260	DEFINEFUNC(int, EC_GROUP_get_degree, const EC_GROUP* g, g, return `0`, return)
261	#endif
262	DEFINEFUNC(DSA , DSA_new, DUMMYARG, DUMMYARG, return* nullptr, return)
263	DEFINEFUNC(void, DSA_free, DSA a, a, return*, DUMMYARG)
264	DEFINEFUNC3(X509 , d2i_X509, X509 a, a, const* unsigned char *b, b, long* c, c, return nullptr, return)
265	DEFINEFUNC2(char , ERR_error_string, unsigned* long a, a, char b, b, return* nullptr, return)
266	DEFINEFUNC3(void, ERR_error_string_n, unsigned long e, e, char b, b, size_t len, len, return*, DUMMYARG)
267	DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return `0`, return)
268	DEFINEFUNC(EVP_CIPHER_CTX , EVP_CIPHER_CTX_new, void, DUMMYARG, return* nullptr, return)
269	DEFINEFUNC(void, EVP_CIPHER_CTX_free, EVP_CIPHER_CTX a, a, return*, DUMMYARG)
270	DEFINEFUNC4(int, EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX ctx, ctx, int* type, type, int arg, arg, void ptr, ptr, return* `0`, return)
271	DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX ctx, ctx, int* keylen, keylen, return `0`, return)
272	DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX ctx, ctx, const* EVP_CIPHER type, type, const* unsigned char key, key, const* unsigned char iv, iv, int* enc, enc, return `0`, return)
273	DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX ctx, ctx, const* EVP_CIPHER cipher, cipher, ENGINE impl, impl, const unsigned char key, key, const* unsigned char iv, iv, int* enc, enc, return `0`, return)
274	DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX ctx, ctx, unsigned* char out, out, int* outl, outl, const* unsigned char in, in, int* inl, inl, return `0`, return)
275	DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX ctx, ctx, unsigned* char out, out, int* outl, outl, return* `0`, return)
276	DEFINEFUNC(const EVP_MD , EVP_get_digestbyname, const* char name, name, return* nullptr, return)
277	#ifndef OPENSSL_NO_DES
278	DEFINEFUNC(const EVP_CIPHER , EVP_des_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
279	DEFINEFUNC(const EVP_CIPHER , EVP_des_ede3_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
280	#endif
281	#ifndef OPENSSL_NO_RC2
282	DEFINEFUNC(const EVP_CIPHER , EVP_rc2_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
283	#endif
284	#ifndef OPENSSL_NO_AES
285	DEFINEFUNC(const EVP_CIPHER , EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
286	DEFINEFUNC(const EVP_CIPHER , EVP_aes_192_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
287	DEFINEFUNC(const EVP_CIPHER , EVP_aes_256_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
288	#endif
289	DEFINEFUNC(const EVP_MD , EVP_sha1, DUMMYARG, DUMMYARG, return* nullptr, return)
290	DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY a, a, int* b, b, char c, c, return* -`1`, return)
291	DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY a, a, RSA b, b, return -`1`, return)
292	DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY a, a, DSA b, b, return -`1`, return)
293	DEFINEFUNC2(int, EVP_PKEY_set1_DH, EVP_PKEY a, a, DH b, b, return -`1`, return)
294	#ifndef OPENSSL_NO_EC
295	DEFINEFUNC2(int, EVP_PKEY_set1_EC_KEY, EVP_PKEY a, a, EC_KEY b, b, return -`1`, return)
296	#endif
297	DEFINEFUNC2(int, EVP_PKEY_cmp, const EVP_PKEY a, a, const* EVP_PKEY b, b, return* -`1`, return)
298	DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY a, a, return*, DUMMYARG)
299	DEFINEFUNC(DSA , EVP_PKEY_get1_DSA, EVP_PKEY a, a, return nullptr, return)
300	DEFINEFUNC(RSA , EVP_PKEY_get1_RSA, EVP_PKEY a, a, return nullptr, return)
301	DEFINEFUNC(DH , EVP_PKEY_get1_DH, EVP_PKEY a, a, return nullptr, return)
302	#ifndef OPENSSL_NO_EC
303	DEFINEFUNC(EC_KEY , EVP_PKEY_get1_EC_KEY, EVP_PKEY a, a, return nullptr, return)
304	#endif
305	DEFINEFUNC(EVP_PKEY , EVP_PKEY_new, DUMMYARG, DUMMYARG, return* nullptr, return)
306	DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return)
307	DEFINEFUNC2(int, i2d_X509, X509 a, a, unsigned* char b, b, return -`1`, return**)
308	DEFINEFUNC(const char , OBJ_nid2sn, int* a, a, return nullptr, return)
309	DEFINEFUNC(const char , OBJ_nid2ln, int* a, a, return nullptr, return)
310	DEFINEFUNC(int, OBJ_sn2nid, const char s, s, return* `0`, return)
311	DEFINEFUNC(int, OBJ_ln2nid, const char s, s, return* `0`, return)
312	DEFINEFUNC3(int, i2t_ASN1_OBJECT, char a, a, int* b, b, ASN1_OBJECT c, c, return* -`1`, return)
313	DEFINEFUNC4(int, OBJ_obj2txt, char a, a, int* b, b, ASN1_OBJECT c, c, int* d, d, return -`1`, return)
314	DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT a, a, return* NID_undef, return)
315	DEFINEFUNC4(EVP_PKEY , PEM_read_bio_PrivateKey, BIO a, a, EVP_PKEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
316	DEFINEFUNC4(DSA , PEM_read_bio_DSAPrivateKey, BIO a, a, DSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
317	DEFINEFUNC4(RSA , PEM_read_bio_RSAPrivateKey, BIO a, a, RSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
318
319	#ifndef OPENSSL_NO_EC
320	DEFINEFUNC4(EC_KEY , PEM_read_bio_ECPrivateKey, BIO a, a, EC_KEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
321	DEFINEFUNC7(int, PEM_write_bio_ECPrivateKey, BIO a, a, EC_KEY b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
322	DEFINEFUNC4(EC_KEY , PEM_read_bio_EC_PUBKEY, BIO a, a, EC_KEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
323	DEFINEFUNC2(int, PEM_write_bio_EC_PUBKEY, BIO a, a, EC_KEY b, b, return `0`, return)
324	#endif // OPENSSL_NO_EC
325
326	DEFINEFUNC4(DH , PEM_read_bio_DHparams, BIO a, a, DH *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
327	DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO a, a, DSA b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
328	DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO a, a, RSA b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
329	DEFINEFUNC7(int, PEM_write_bio_PrivateKey, BIO a, a, EVP_PKEY b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
330	DEFINEFUNC4(EVP_PKEY , PEM_read_bio_PUBKEY, BIO a, a, EVP_PKEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
331	DEFINEFUNC4(DSA , PEM_read_bio_DSA_PUBKEY, BIO a, a, DSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
332	DEFINEFUNC4(RSA , PEM_read_bio_RSA_PUBKEY, BIO a, a, RSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
333	DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO a, a, DSA b, b, return `0`, return)
334	DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO a, a, RSA b, b, return `0`, return)
335	DEFINEFUNC2(int, PEM_write_bio_PUBKEY, BIO a, a, EVP_PKEY b, b, return `0`, return)
336	DEFINEFUNC2(void, RAND_seed, const void a, a, int* b, b, return, DUMMYARG)
337	DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -`1`, return)
338	DEFINEFUNC2(int, RAND_bytes, unsigned char b, b, int* n, n, return `0`, return)
339	DEFINEFUNC(RSA , RSA_new, DUMMYARG, DUMMYARG, return* nullptr, return)
340	DEFINEFUNC(void, RSA_free, RSA a, a, return*, DUMMYARG)
341	DEFINEFUNC(int, SSL_accept, SSL a, a, return* -`1`, return)
342	DEFINEFUNC(int, SSL_clear, SSL a, a, return* -`1`, return)
343	DEFINEFUNC3(char , SSL_CIPHER_description, const* SSL_CIPHER a, a, char* b, b, int* c, c, return nullptr, return)
344	DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER a, a, int* b, b, return* `0`, return)
345	DEFINEFUNC(BIO , SSL_get_rbio, const* SSL s, s, return* nullptr, return)
346	DEFINEFUNC(int, SSL_connect, SSL a, a, return* -`1`, return)
347	DEFINEFUNC(int, SSL_CTX_check_private_key, const SSL_CTX a, a, return* -`1`, return)
348	DEFINEFUNC4(long, SSL_CTX_ctrl, SSL_CTX a, a, int* b, b, long c, c, void d, d, return* -`1`, return)
349	DEFINEFUNC(void, SSL_CTX_free, SSL_CTX a, a, return*, DUMMYARG)
350	DEFINEFUNC(SSL_CTX , SSL_CTX_new, const* SSL_METHOD a, a, return* nullptr, return)
351	DEFINEFUNC2(int, SSL_CTX_set_cipher_list, SSL_CTX a, a, const* char b, b, return* -`1`, return)
352	DEFINEFUNC3(long, SSL_CTX_callback_ctrl, SSL_CTX ctx, ctx, int* dst, dst, GenericCallbackType cb, cb, return `0`, return)
353	DEFINEFUNC(int, SSL_CTX_set_default_verify_paths, SSL_CTX a, a, return* -`1`, return)
354	DEFINEFUNC3(void, SSL_CTX_set_verify, SSL_CTX a, a, int* b, b, int (c)(int, X509_STORE_CTX ), c, return, DUMMYARG)
355	DEFINEFUNC2(void, SSL_CTX_set_verify_depth, SSL_CTX a, a, int* b, b, return, DUMMYARG)
356	DEFINEFUNC2(int, SSL_CTX_use_certificate, SSL_CTX a, a, X509 b, b, return -`1`, return)
357	DEFINEFUNC3(int, SSL_CTX_use_certificate_file, SSL_CTX a, a, const* char b, b, int* c, c, return -`1`, return)
358	DEFINEFUNC2(int, SSL_CTX_use_PrivateKey, SSL_CTX a, a, EVP_PKEY b, b, return -`1`, return)
359	DEFINEFUNC2(int, SSL_CTX_use_RSAPrivateKey, SSL_CTX a, a, RSA b, b, return -`1`, return)
360	DEFINEFUNC3(int, SSL_CTX_use_PrivateKey_file, SSL_CTX a, a, const* char b, b, int* c, c, return -`1`, return)
361	DEFINEFUNC(X509_STORE , SSL_CTX_get_cert_store, const* SSL_CTX a, a, return* nullptr, return)
362	DEFINEFUNC(SSL_CONF_CTX , SSL_CONF_CTX_new, DUMMYARG, DUMMYARG, return* nullptr, return);
363	DEFINEFUNC(void, SSL_CONF_CTX_free, SSL_CONF_CTX a, a, return* ,return);
364	DEFINEFUNC2(void, SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX a, a, SSL_CTX b, b, return, return);
365	DEFINEFUNC2(unsigned int, SSL_CONF_CTX_set_flags, SSL_CONF_CTX a, a, unsigned* int b, b, return `0`, return);
366	DEFINEFUNC(int, SSL_CONF_CTX_finish, SSL_CONF_CTX a, a, return* `0`, return);
367	DEFINEFUNC3(int, SSL_CONF_cmd, SSL_CONF_CTX a, a, const* char b, b, const* char c, c, return* `0`, return);
368	DEFINEFUNC(void, SSL_free, SSL a, a, return*, DUMMYARG)
369	DEFINEFUNC(STACK_OF(SSL_CIPHER) , SSL_get_ciphers, const* SSL a, a, return* nullptr, return)
370	DEFINEFUNC(const SSL_CIPHER , SSL_get_current_cipher, SSL a, a, return nullptr, return)
371	DEFINEFUNC(int, SSL_version, const SSL a, a, return* `0`, return)
372	DEFINEFUNC2(int, SSL_get_error, SSL a, a, int* b, b, return -`1`, return)
373	DEFINEFUNC(STACK_OF(X509) , SSL_get_peer_cert_chain, SSL a, a, return nullptr, return)
374	DEFINEFUNC(X509 , SSL_get_peer_certificate, SSL a, a, return nullptr, return)
375	DEFINEFUNC(long, SSL_get_verify_result, const SSL a, a, return* -`1`, return)
376	DEFINEFUNC(SSL , SSL_new, SSL_CTX a, a, return nullptr, return)
377	DEFINEFUNC(SSL_CTX , SSL_get_SSL_CTX, SSL a, a, return nullptr, return)
378	DEFINEFUNC4(long, SSL_ctrl, SSL a, a, int* cmd, cmd, long larg, larg, void parg, parg, return* -`1`, return)
379	DEFINEFUNC3(int, SSL_read, SSL a, a, void* b, b, int* c, c, return -`1`, return)
380	DEFINEFUNC3(void, SSL_set_bio, SSL a, a, BIO b, b, BIO c, c, return*, DUMMYARG)
381	DEFINEFUNC(void, SSL_set_accept_state, SSL a, a, return*, DUMMYARG)
382	DEFINEFUNC(void, SSL_set_connect_state, SSL a, a, return*, DUMMYARG)
383	DEFINEFUNC(int, SSL_shutdown, SSL a, a, return* -`1`, return)
384	DEFINEFUNC(int, SSL_in_init, const SSL a, a, return* `0`, return)
385	DEFINEFUNC(int, SSL_get_shutdown, const SSL ssl, ssl, return* `0`, return)
386	DEFINEFUNC2(int, SSL_set_session, SSL* to, to, SSL_SESSION session, session, return* -`1`, return)
387	DEFINEFUNC(void, SSL_SESSION_free, SSL_SESSION ses, ses, return*, DUMMYARG)
388	DEFINEFUNC(SSL_SESSION, SSL_get1_session, SSL ssl, ssl, return nullptr, return)
389	DEFINEFUNC(SSL_SESSION, SSL_get_session, const* SSL ssl, ssl, return* nullptr, return)
390	DEFINEFUNC3(int, SSL_set_ex_data, SSL ssl, ssl, int* idx, idx, void arg, arg, return* `0`, return)
391	DEFINEFUNC2(void , SSL_get_ex_data, const* SSL ssl, ssl, int* idx, idx, return nullptr, return)
392
393	#ifndef OPENSSL_NO_PSK
394	DEFINEFUNC2(void, SSL_set_psk_client_callback, SSL* ssl, ssl, q_psk_client_callback_t callback, callback, return, DUMMYARG)
395	DEFINEFUNC2(void, SSL_set_psk_server_callback, SSL* ssl, ssl, q_psk_server_callback_t callback, callback, return, DUMMYARG)
396	DEFINEFUNC2(int, SSL_CTX_use_psk_identity_hint, SSL_CTX* ctx, ctx, const char hint, hint, return* `0`, return)
397	#endif // !OPENSSL_NO_PSK
398
399	DEFINEFUNC3(int, SSL_write, SSL a, a, const* void b, b, int* c, c, return -`1`, return)
400	DEFINEFUNC2(int, X509_cmp, X509 a, a, X509 b, b, return -`1`, return)
401	DEFINEFUNC4(int, X509_digest, const X509 x509, x509, const* EVP_MD type, type, unsigned* char md, md, unsigned* int len, len, return* -`1`, return)
402	DEFINEFUNC(X509 , X509_dup, X509 a, a, return nullptr, return)
403	DEFINEFUNC2(void, X509_print, BIO a, a, X509 b, b, return, DUMMYARG);
404	DEFINEFUNC(ASN1_OBJECT , X509_EXTENSION_get_object, X509_EXTENSION a, a, return nullptr, return)
405	DEFINEFUNC(void, X509_free, X509 a, a, return*, DUMMYARG)
406	//Q_AUTOTEST_EXPORT ASN1_TIME q_X509_gmtime_adj(ASN1_TIME s, long adj);
407	DEFINEFUNC2(ASN1_TIME , X509_gmtime_adj, ASN1_TIME s, s, long adj, adj, return nullptr, return)
408	DEFINEFUNC(void, ASN1_TIME_free, ASN1_TIME t, t, return*, DUMMYARG)
409	DEFINEFUNC2(X509_EXTENSION , X509_get_ext, X509 a, a, int b, b, return nullptr, return)
410	DEFINEFUNC(int, X509_get_ext_count, X509 a, a, return* `0`, return)
411	DEFINEFUNC4(void , X509_get_ext_d2i, X509 a, a, int b, b, int c, c, int* d, d, return* nullptr, return)
412	DEFINEFUNC(const X509V3_EXT_METHOD , X509V3_EXT_get, X509_EXTENSION a, a, return nullptr, return)
413	DEFINEFUNC(void , X509V3_EXT_d2i, X509_EXTENSION a, a, return nullptr, return)
414	DEFINEFUNC(int, X509_EXTENSION_get_critical, X509_EXTENSION a, a, return* `0`, return)
415	DEFINEFUNC(ASN1_OCTET_STRING , X509_EXTENSION_get_data, X509_EXTENSION a, a, return nullptr, return)
416	DEFINEFUNC(void, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS a, a, return*, DUMMYARG)
417	DEFINEFUNC(void, AUTHORITY_KEYID_free, AUTHORITY_KEYID a, a, return*, DUMMYARG)
418	DEFINEFUNC(void, GENERAL_NAME_free, GENERAL_NAME a, a, return*, DUMMYARG)
419	DEFINEFUNC2(int, ASN1_STRING_print, BIO a, a, const* ASN1_STRING b, b, return* `0`, return)
420	DEFINEFUNC2(int, X509_check_issued, X509 a, a, X509 b, b, return -`1`, return)
421	DEFINEFUNC(X509_NAME , X509_get_issuer_name, X509 a, a, return nullptr, return)
422	DEFINEFUNC(X509_NAME , X509_get_subject_name, X509 a, a, return nullptr, return)
423	DEFINEFUNC(ASN1_INTEGER , X509_get_serialNumber, X509 a, a, return nullptr, return)
424	DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX a, a, return* -`1`, return)
425	DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME a, a, return* `0`, return)
426	DEFINEFUNC2(X509_NAME_ENTRY , X509_NAME_get_entry, X509_NAME a, a, int b, b, return nullptr, return)
427	DEFINEFUNC(ASN1_STRING , X509_NAME_ENTRY_get_data, X509_NAME_ENTRY a, a, return nullptr, return)
428	DEFINEFUNC(ASN1_OBJECT , X509_NAME_ENTRY_get_object, X509_NAME_ENTRY a, a, return nullptr, return)
429	DEFINEFUNC(EVP_PKEY , X509_PUBKEY_get, X509_PUBKEY a, a, return nullptr, return)
430	DEFINEFUNC(void, X509_STORE_free, X509_STORE a, a, return*, DUMMYARG)
431	DEFINEFUNC(X509_STORE , X509_STORE_new, DUMMYARG, DUMMYARG, return* nullptr, return)
432	DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE a, a, X509 b, b, return `0`, return)
433	DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX a, a, return*, DUMMYARG)
434	DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX a, a, X509_STORE b, b, X509 c, c, STACK_OF(X509) d, d, return -`1`, return)
435	DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX a, a, int* b, b, return -`1`, return)
436	DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX a, a, return* -`1`, return)
437	DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX a, a, return* -`1`, return)
438	DEFINEFUNC(X509 , X509_STORE_CTX_get_current_cert, X509_STORE_CTX a, a, return nullptr, return)
439	DEFINEFUNC(X509_STORE , X509_STORE_CTX_get0_store, X509_STORE_CTX ctx, ctx, return nullptr, return)
440	DEFINEFUNC(X509_STORE_CTX , X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return* nullptr, return)
441	DEFINEFUNC2(void , X509_STORE_CTX_get_ex_data, X509_STORE_CTX ctx, ctx, int idx, idx, return nullptr, return)
442	DEFINEFUNC(int, SSL_get_ex_data_X509_STORE_CTX_idx, DUMMYARG, DUMMYARG, return -`1`, return)
443
444	#if OPENSSL_VERSION_MAJOR < 3
445	DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX ctx, ctx, const* char CAfile, CAfile, const* char CApath, CApath, return* `0`, return)
446	#else
447	DEFINEFUNC2(int, SSL_CTX_load_verify_dir, SSL_CTX ctx, ctx, const* char CApath, CApath, return* `0`, return)
448	#endif // OPENSSL_VERSION_MAJOR
449
450	DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION in, in, unsigned* char pp, pp, return `0`, return**)
451	DEFINEFUNC3(SSL_SESSION , d2i_SSL_SESSION, SSL_SESSION a, a, const* unsigned char *pp, pp, long* length, length, return nullptr, return)
452
453	#ifndef OPENSSL_NO_NEXTPROTONEG
454	DEFINEFUNC6(int, SSL_select_next_proto, unsigned char *out, out, unsigned* char *outlen, outlen,
455	const unsigned char in, in, unsigned* int inlen, inlen,
456	const unsigned char client, client, unsigned* int client_len, client_len,
457	return -`1`, return)
458	DEFINEFUNC3(void, SSL_CTX_set_next_proto_select_cb, SSL_CTX *s, s,
459	int (cb) (SSL ssl, unsigned char **out,
460	unsigned char *outlen,
461	const unsigned char *in,
462	unsigned int inlen, void *arg), cb,
463	void arg, arg, return*, DUMMYARG)
464	DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s,
465	const unsigned char *data, data, unsigned* len, len, return*, DUMMYARG)
466	DEFINEFUNC3(int, SSL_set_alpn_protos, SSL s, s, const* unsigned char *protos, protos,
467	unsigned protos_len, protos_len, return -`1`, return)
468	DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s,
469	int (cb) (SSL ssl, const unsigned char **out,
470	unsigned char *outlen,
471	const unsigned char *in,
472	unsigned int inlen, void *arg), cb,
473	void arg, arg, return*, DUMMYARG)
474	DEFINEFUNC3(void, SSL_get0_alpn_selected, const SSL s, s, const* unsigned char **data, data,
475	unsigned len, len, return*, DUMMYARG)
476	#endif // !OPENSSL_NO_NEXTPROTONEG
477
478	// DTLS:
479	#if QT_CONFIG(dtls)
480	DEFINEFUNC2(void, SSL_CTX_set_cookie_generate_cb, SSL_CTX ctx, ctx, CookieGenerateCallback cb, cb, return*, DUMMYARG)
481	DEFINEFUNC2(void, SSL_CTX_set_cookie_verify_cb, SSL_CTX ctx, ctx, CookieVerifyCallback cb, cb, return*, DUMMYARG)
482	DEFINEFUNC(const SSL_METHOD , DTLS_server_method, DUMMYARG, DUMMYARG, return* nullptr, return)
483	DEFINEFUNC(const SSL_METHOD , DTLS_client_method, DUMMYARG, DUMMYARG, return* nullptr, return)
484	#endif // dtls
485	DEFINEFUNC2(void, BIO_set_flags, BIO b, b, int* flags, flags, return, DUMMYARG)
486	DEFINEFUNC2(void, BIO_clear_flags, BIO b, b, int* flags, flags, return, DUMMYARG)
487	DEFINEFUNC2(void , BIO_get_ex_data, BIO b, b, int idx, idx, return nullptr, return)
488	DEFINEFUNC3(int, BIO_set_ex_data, BIO b, b, int* idx, idx, void data, data, return* -`1`, return)
489
490	DEFINEFUNC3(void , CRYPTO_malloc, size_t num, num, const* char file, file, int* line, line, return nullptr, return)
491	DEFINEFUNC(DH , DH_new, DUMMYARG, DUMMYARG, return* nullptr, return)
492	DEFINEFUNC(void, DH_free, DH dh, dh, return*, DUMMYARG)
493	DEFINEFUNC3(DH , d2i_DHparams, DHa, a, const* unsigned char *pp, pp, long* length, length, return nullptr, return)
494	DEFINEFUNC2(int, i2d_DHparams, DH a, a, unsigned* char p, p, return -`1`, return**)
495	#ifndef OPENSSL_NO_DEPRECATED_3_0
496	DEFINEFUNC2(int, DH_check, DH dh, dh, int* codes, codes, return* `0`, return)
497	#endif // OPENSSL_NO_DEPRECATED_3_0
498	DEFINEFUNC3(BIGNUM , BN_bin2bn, const* unsigned char s, s, int* len, len, BIGNUM ret, ret, return* nullptr, return)
499
500	#ifndef OPENSSL_NO_EC
501	DEFINEFUNC(EC_KEY , EC_KEY_dup, const* EC_KEY ec, ec, return* nullptr, return)
502	DEFINEFUNC(EC_KEY , EC_KEY_new_by_curve_name, int* nid, nid, return nullptr, return)
503	DEFINEFUNC(void, EC_KEY_free, EC_KEY ecdh, ecdh, return*, DUMMYARG)
504	DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return `0`, return)
505	DEFINEFUNC(int, EC_curve_nist2nid, const char name, name, return* `0`, return)
506	#endif // OPENSSL_NO_EC
507
508	DEFINEFUNC5(int, PKCS12_parse, PKCS12 p12, p12, const* char pass, pass, EVP_PKEY *pkey, pkey, \
509	X509 cert, cert, STACK_OF(X509) ca, ca, return `1`, return);
510	DEFINEFUNC2(PKCS12 , d2i_PKCS12_bio, BIO bio, bio, PKCS12 pkcs12, pkcs12, return nullptr, return**);
511	DEFINEFUNC(void, PKCS12_free, PKCS12 pkcs12, pkcs12, return*, DUMMYARG)
512
513	#define RESOLVEFUNC(func) \
514	if (!(_q_##func = _q_PTR_##func(libs.ssl ->resolve(#func))) \
515	&& !(_q_##func = _q_PTR_##func(libs.crypto ->resolve(#func)))) \
516	qsslSocketCannotResolveSymbolWarning(#func);
517
518	#if !defined QT_LINKED_OPENSSL
519
520	#if !QT_CONFIG(library)
521	bool q_resolveOpenSslSymbols()
522	{
523	qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the "
524	"'library' feature, which means runtime resolving of libraries won't work.");
525	qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving "
526	"of libraries.");
527	return false;
528	}
529	#else
530
531	# ifdef Q_OS_UNIX
532	struct NumericallyLess
533	{
534	typedef bool result_type;
535	result_type operator()(const QStringRef &lhs, const QStringRef &rhs) const
536	{
537	bool ok = false;
538	int b = `0`;
539	int a = lhs.toInt(ok: &ok);
540	if (ok)
541	b = rhs.toInt(ok: &ok);
542	if (ok) {
543	// both toInt succeeded
544	return a < b;
545	} else {
546	// compare as strings;
547	return lhs < rhs;
548	}
549	}
550	};
551
552	struct LibGreaterThan
553	{
554	typedef bool result_type;
555	result_type operator()(const QString &lhs, const QString &rhs) const
556	{
557	const QVector<QStringRef> lhsparts = lhs.splitRef(sep: QLatin1Char (`'.'`));
558	const QVector<QStringRef> rhsparts = rhs.splitRef(sep: QLatin1Char (`'.'`));
559	Q_ASSERT(lhsparts.count() > `1` && rhsparts.count() > `1`);
560
561	// note: checking rhs < lhs, the same as lhs > rhs
562	return std::lexicographical_compare(first1: rhsparts.begin() + `1`, last1: rhsparts.end(),
563	first2: lhsparts.begin() + `1`, last2: lhsparts.end(),
564	comp: NumericallyLess ());
565	}
566	};
567
568	#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
569	static int dlIterateCallback(struct dl_phdr_info info, size_t size, void* *data)
570	{
571	if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name))
572	return `1`;
573	QSet<QString> paths = (QSet<QString> )data;
574	QString path = QString::fromLocal8Bit(str: info->dlpi_name);
575	if (!path.isEmpty()) {
576	QFileInfo fi(path);
577	path = fi.absolutePath();
578	if (!path.isEmpty())
579	paths->insert(value: path);
580	}
581	return `0`;
582	}
583	#endif
584
585	static QStringList libraryPathList()
586	{
587	QStringList paths;
588	# ifdef Q_OS_DARWIN
589	paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH"))
590	.split(QLatin1Char(`':'`), Qt::SkipEmptyParts);
591
592	// search in .app/Contents/Frameworks
593	UInt32 packageType;
594	CFBundleGetPackageInfo(CFBundleGetMainBundle(), &packageType, nullptr);
595	if (packageType == FOUR_CHAR_CODE(`'APPL'`)) {
596	QUrl bundleUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyBundleURL(CFBundleGetMainBundle())));
597	QUrl frameworksUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyPrivateFrameworksURL(CFBundleGetMainBundle())));
598	paths << bundleUrl.resolved(frameworksUrl).path();
599	}
600	# else
601	paths = QString::fromLatin1(str: qgetenv(varName: "LD_LIBRARY_PATH"))
602	.split(sep: QLatin1Char (`':'`), behavior: Qt::SkipEmptyParts);
603	# endif
604	paths << QLatin1String ("/lib") << QLatin1String ("/usr/lib") << QLatin1String ("/usr/local/lib");
605	paths << QLatin1String ("/lib64") << QLatin1String ("/usr/lib64") << QLatin1String ("/usr/local/lib64");
606	paths << QLatin1String ("/lib32") << QLatin1String ("/usr/lib32") << QLatin1String ("/usr/local/lib32");
607
608	#if defined(Q_OS_ANDROID)
609	paths << QLatin1String("/system/lib");
610	#elif defined(Q_OS_LINUX)
611	// discover paths of already loaded libraries
612	QSet<QString> loadedPaths;
613	dl_iterate_phdr(callback: dlIterateCallback, data: &loadedPaths);
614	paths.append(t: loadedPaths.values());
615	#endif
616
617	return paths;
618	}
619
620	Q_NEVER_INLINE
621	static QStringList findAllLibs(QLatin1String filter)
622	{
623	const QStringList paths = libraryPathList();
624	QStringList found;
625	const QStringList filters((QString (filter)));
626
627	for (const QString &path : paths) {
628	QDir dir(path);
629	QStringList entryList = dir.entryList(nameFilters: filters, filters: QDir::Files);
630
631	std::sort(first: entryList.begin(), last: entryList.end(), comp: LibGreaterThan ());
632	for (const QString &entry : qAsConst(t&: entryList))
633	found << path + QLatin1Char (`'/'`) + entry;
634	}
635
636	return found;
637	}
638
639	static QStringList findAllLibSsl()
640	{
641	return findAllLibs(filter: QLatin1String ("libssl.*"));
642	}
643
644	static QStringList findAllLibCrypto()
645	{
646	return findAllLibs(filter: QLatin1String ("libcrypto.*"));
647	}
648	# endif
649
650	#ifdef Q_OS_WIN
651
652	struct LoadedOpenSsl {
653	std::unique_ptr<QSystemLibrary> ssl, crypto;
654	};
655
656	static bool tryToLoadOpenSslWin32Library(QLatin1String ssleay32LibName, QLatin1String libeay32LibName, LoadedOpenSsl &result)
657	{
658	auto ssleay32 = qt_make_unique<QSystemLibrary>(ssleay32LibName);
659	if (!ssleay32->load(false)) {
660	return FALSE;
661	}
662
663	auto libeay32 = qt_make_unique<QSystemLibrary>(libeay32LibName);
664	if (!libeay32->load(false)) {
665	return FALSE;
666	}
667
668	result.ssl = std::move(ssleay32);
669	result.crypto = std::move(libeay32);
670	return TRUE;
671	}
672
673	static LoadedOpenSsl loadOpenSsl()
674	{
675	LoadedOpenSsl result;
676
677	// With OpenSSL 1.1 the names have changed to libssl-1_1 and libcrypto-1_1 for builds using
678	// MSVC and GCC. For 3.0 the version suffix changed again, to just '3'.
679	// For non-x86 builds, an architecture suffix is also appended.
680
681	#if (OPENSSL_VERSION_NUMBER >> 28) < 3
682	#define QT_OPENSSL_VERSION "1_1"
683	#elif OPENSSL_VERSION_MAJOR == 3 // Starting with 3.0 this define is available
684	#define QT_OPENSSL_VERSION "3"
685	#endif // > 3 intentionally left undefined
686
687	#if defined(Q_PROCESSOR_X86_64)
688	#define QT_SSL_SUFFIX "-x64"
689	#elif defined(Q_PROCESSOR_ARM_64)
690	#define QT_SSL_SUFFIX "-arm64"
691	#elif defined(Q_PROCESSOR_ARM_32)
692	#define QT_SSL_SUFFIX "-arm"
693	#else
694	#define QT_SSL_SUFFIX
695	#endif
696
697	tryToLoadOpenSslWin32Library(QLatin1String("libssl-" QT_OPENSSL_VERSION QT_SSL_SUFFIX),
698	QLatin1String("libcrypto-" QT_OPENSSL_VERSION QT_SSL_SUFFIX), result);
699
700	#undef QT_SSL_SUFFIX
701	return result;
702	}
703	#else
704
705	struct LoadedOpenSsl {
706	std::unique_ptr<QLibrary> ssl, crypto;
707	};
708
709	static LoadedOpenSsl loadOpenSsl()
710	{
711	LoadedOpenSsl result = {.ssl: qt_make_unique<QLibrary>(), .crypto: qt_make_unique<QLibrary>()};
712
713	# if defined(Q_OS_UNIX)
714	QLibrary * const libssl = result.ssl.get();
715	QLibrary * const libcrypto = result.crypto.get();
716
717	// Try to find the libssl library on the system.
718	//
719	// Up until Qt 4.3, this only searched for the "ssl" library at version -1, that
720	// is, libssl.so on most Unix systems. However, the .so file isn't present in
721	// user installations because it's considered a development file.
722	//
723	// The right thing to do is to load the library at the major version we know how
724	// to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h)
725	//
726	// However, OpenSSL is a well-known case of binary-compatibility breakage. To
727	// avoid such problems, many system integrators and Linux distributions change
728	// the soname of the binary, letting the full version number be the soname. So
729	// we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that
730	// reason, we will search a few common paths (see findAllLibSsl() above) in hopes
731	// we find one that works.
732	//
733	// If that fails, for OpenSSL 1.0 we also try some fallbacks -- look up
734	// libssl.so with a hardcoded soname. The reason is QTBUG-68156: the binary
735	// builds of Qt happen (at the time of this writing) on RHEL machines,
736	// which change SHLIB_VERSION_NUMBER to a non-portable string. When running
737	// those binaries on the target systems, this code won't pick up
738	// libssl.so.MODIFIED_SHLIB_VERSION_NUMBER because it doesn't exist there.
739	// Given that the only 1.0 supported release (at the time of this writing)
740	// is 1.0.2, with soname "1.0.0", give that a try too. Note that we mandate
741	// OpenSSL >= 1.0.0 with a configure-time check, and OpenSSL has kept binary
742	// compatibility between 1.0.0 and 1.0.2.
743	//
744	// It is important, however, to try the canonical name and the unversioned name
745	// without going through the loop. By not specifying a path, we let the system
746	// dlopen(3) function determine it for us. This will include any DT_RUNPATH or
747	// DT_RPATH tags on our library header as well as other system-specific search
748	// paths. See the man page for dlopen(3) on your system for more information.
749
750	#ifdef Q_OS_OPENBSD
751	libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
752	#endif
753	#if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
754	// first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
755	libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
756	libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
757	if (libcrypto->load() && libssl->load()) {
758	// libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
759	return result;
760	} else {
761	libssl->unload();
762	libcrypto->unload();
763	}
764	#endif
765
766	#ifndef Q_OS_DARWIN
767	// second attempt: find the development files libssl.so and libcrypto.so
768	//
769	// disabled on macOS/iOS:
770	// macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
771	// attempt, _after_ <bundle>/Contents/Frameworks has been searched.
772	// iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
773	# if defined(Q_OS_ANDROID)
774	// OpenSSL 1.1.x must be suffixed otherwise it will use the system libcrypto.so libssl.so which on API-21 are OpenSSL 1.0 not 1.1
775	auto openSSLSuffix = [](const QByteArray &defaultSuffix = {}) {
776	auto suffix = qgetenv("ANDROID_OPENSSL_SUFFIX");
777	if (suffix.isEmpty())
778	return defaultSuffix;
779	return suffix;
780	};
781
782	static QString suffix = QString::fromLatin1(openSSLSuffix("_1_1"));
783
784	libssl->setFileNameAndVersion(QLatin1String("ssl") + suffix, -`1`);
785	libcrypto->setFileNameAndVersion(QLatin1String("crypto") + suffix, -`1`);
786	# else
787	libssl->setFileNameAndVersion(fileName: QLatin1String ("ssl"), verNum: -`1`);
788	libcrypto->setFileNameAndVersion(fileName: QLatin1String ("crypto"), verNum: -`1`);
789	# endif
790	if (libcrypto->load() && libssl->load()) {
791	// libssl.so.0 and libcrypto.so.0 found
792	return result;
793	} else {
794	libssl->unload();
795	libcrypto->unload();
796	}
797	#endif
798
799	// third attempt: loop on the most common library paths and find libssl
800	const QStringList sslList = findAllLibSsl();
801	const QStringList cryptoList = findAllLibCrypto();
802
803	for (const QString &crypto : cryptoList) {
804	#ifdef Q_OS_DARWIN
805	// Clients should not load the unversioned libcrypto dylib as it does not have a stable ABI
806	if (crypto.endsWith("libcrypto.dylib"))
807	continue;
808	#endif
809	libcrypto->setFileNameAndVersion(fileName: crypto, verNum: -`1`);
810	if (libcrypto->load()) {
811	QFileInfo fi(crypto);
812	QString version = fi.completeSuffix();
813
814	for (const QString &ssl : sslList) {
815	if (!ssl.endsWith(s: version))
816	continue;
817
818	libssl->setFileNameAndVersion(fileName: ssl, verNum: -`1`);
819
820	if (libssl->load()) {
821	// libssl.so.x and libcrypto.so.x found
822	return result;
823	} else {
824	libssl->unload();
825	}
826	}
827	}
828	libcrypto->unload();
829	}
830
831	// failed to load anything
832	result = {};
833	return result;
834
835	# else
836	// not implemented for this platform yet
837	return result;
838	# endif
839	}
840	#endif
841
842	static QBasicMutex symbolResolveMutex;
843	static QBasicAtomicInt symbolsResolved = Q_BASIC_ATOMIC_INITIALIZER(false);
844	static bool triedToResolveSymbols = false;
845
846	bool q_resolveOpenSslSymbols()
847	{
848	if (symbolsResolved.loadAcquire())
849	return true;
850	QMutexLocker locker(&symbolResolveMutex);
851	if (symbolsResolved.loadRelaxed())
852	return true;
853	if (triedToResolveSymbols)
854	return false;
855	triedToResolveSymbols = true;
856
857	LoadedOpenSsl libs = loadOpenSsl();
858	if (!libs.ssl \|\| !libs.crypto)
859	// failed to load them
860	return false;
861
862	RESOLVEFUNC(OPENSSL_init_ssl)
863	RESOLVEFUNC(OPENSSL_init_crypto)
864	RESOLVEFUNC(ASN1_STRING_get0_data)
865	RESOLVEFUNC(EVP_CIPHER_CTX_reset)
866	RESOLVEFUNC(AUTHORITY_INFO_ACCESS_free)
867	RESOLVEFUNC(EVP_PKEY_up_ref)
868	RESOLVEFUNC(EVP_PKEY_CTX_new)
869	RESOLVEFUNC(EVP_PKEY_param_check)
870	RESOLVEFUNC(EVP_PKEY_CTX_free)
871	RESOLVEFUNC(EVP_PKEY_base_id)
872	RESOLVEFUNC(RSA_bits)
873	RESOLVEFUNC(OPENSSL_sk_new_null)
874	RESOLVEFUNC(OPENSSL_sk_push)
875	RESOLVEFUNC(OPENSSL_sk_free)
876	RESOLVEFUNC(OPENSSL_sk_num)
877	RESOLVEFUNC(OPENSSL_sk_pop_free)
878	RESOLVEFUNC(OPENSSL_sk_value)
879	RESOLVEFUNC(DH_get0_pqg)
880	RESOLVEFUNC(SSL_CTX_set_options)
881	RESOLVEFUNC(SSL_CTX_get_security_level)
882	RESOLVEFUNC(SSL_CTX_set_security_level)
883	#ifdef TLS1_3_VERSION
884	RESOLVEFUNC(SSL_CTX_set_ciphersuites)
885	RESOLVEFUNC(SSL_set_psk_use_session_callback)
886	RESOLVEFUNC(SSL_CTX_sess_set_new_cb)
887	RESOLVEFUNC(SSL_SESSION_is_resumable)
888	#endif // TLS 1.3 or OpenSSL > 1.1.1
889
890	RESOLVEFUNC(SSL_get_client_random)
891	RESOLVEFUNC(SSL_SESSION_get_master_key)
892	RESOLVEFUNC(SSL_session_reused)
893	RESOLVEFUNC(SSL_get_session)
894	RESOLVEFUNC(SSL_set_options)
895	RESOLVEFUNC(CRYPTO_get_ex_new_index)
896	RESOLVEFUNC(TLS_method)
897	RESOLVEFUNC(TLS_client_method)
898	RESOLVEFUNC(TLS_server_method)
899	RESOLVEFUNC(X509_up_ref)
900	RESOLVEFUNC(X509_STORE_CTX_get0_chain)
901	RESOLVEFUNC(X509_getm_notBefore)
902	RESOLVEFUNC(X509_getm_notAfter)
903	RESOLVEFUNC(ASN1_item_free)
904	RESOLVEFUNC(X509V3_conf_free)
905	RESOLVEFUNC(X509_get_version)
906	RESOLVEFUNC(X509_get_pubkey)
907	RESOLVEFUNC(X509_STORE_set_verify_cb)
908	RESOLVEFUNC(X509_STORE_set_ex_data)
909	RESOLVEFUNC(X509_STORE_get_ex_data)
910	RESOLVEFUNC(CRYPTO_free)
911	RESOLVEFUNC(OpenSSL_version_num)
912	RESOLVEFUNC(OpenSSL_version)
913
914	if (!_q_OpenSSL_version \|\| !_q_OpenSSL_version_num) {
915	// Apparently, we were built with OpenSSL 1.1 enabled but are now using
916	// a wrong library.
917	qCWarning(lcSsl, "Incompatible version of OpenSSL");
918	return false;
919	}
920
921	#if OPENSSL_VERSION_NUMBER >= 0x30000000
922	if (q_OpenSSL_version_num() < `0x30000000`) {
923	qCWarning(lcSsl, "Incompatible version of OpenSSL (built with OpenSSL >= 3.x, runtime version is < 3.x)");
924	return false;
925	}
926	#else
927	if (q_OpenSSL_version_num() >= `0x30000000`) {
928	qCWarning(lcSsl, "Incompatible version of OpenSSL (built with OpenSSL 1.x, runtime version is >= 3.x)");
929	return false;
930	}
931	#endif // OPENSSL_VERSION_NUMBER
932
933	RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint)
934	RESOLVEFUNC(DH_bits)
935	RESOLVEFUNC(DSA_bits)
936
937	#if QT_CONFIG(dtls)
938	RESOLVEFUNC(DTLSv1_listen)
939	RESOLVEFUNC(BIO_ADDR_new)
940	RESOLVEFUNC(BIO_ADDR_free)
941	RESOLVEFUNC(BIO_meth_new)
942	RESOLVEFUNC(BIO_meth_free)
943	RESOLVEFUNC(BIO_meth_set_write)
944	RESOLVEFUNC(BIO_meth_set_read)
945	RESOLVEFUNC(BIO_meth_set_puts)
946	RESOLVEFUNC(BIO_meth_set_ctrl)
947	RESOLVEFUNC(BIO_meth_set_create)
948	RESOLVEFUNC(BIO_meth_set_destroy)
949	#endif // dtls
950
951	#if QT_CONFIG(ocsp)
952	RESOLVEFUNC(OCSP_SINGLERESP_get0_id)
953	RESOLVEFUNC(d2i_OCSP_RESPONSE)
954	RESOLVEFUNC(OCSP_RESPONSE_free)
955	RESOLVEFUNC(OCSP_response_status)
956	RESOLVEFUNC(OCSP_response_get1_basic)
957	RESOLVEFUNC(OCSP_BASICRESP_free)
958	RESOLVEFUNC(OCSP_basic_verify)
959	RESOLVEFUNC(OCSP_resp_count)
960	RESOLVEFUNC(OCSP_resp_get0)
961	RESOLVEFUNC(OCSP_single_get0_status)
962	RESOLVEFUNC(OCSP_check_validity)
963	RESOLVEFUNC(OCSP_cert_to_id)
964	RESOLVEFUNC(OCSP_id_get0_info)
965	RESOLVEFUNC(OCSP_resp_get0_certs)
966	RESOLVEFUNC(OCSP_basic_sign)
967	RESOLVEFUNC(OCSP_response_create)
968	RESOLVEFUNC(i2d_OCSP_RESPONSE)
969	RESOLVEFUNC(OCSP_basic_add1_status)
970	RESOLVEFUNC(OCSP_BASICRESP_new)
971	RESOLVEFUNC(OCSP_CERTID_free)
972	RESOLVEFUNC(OCSP_cert_to_id)
973	RESOLVEFUNC(OCSP_id_cmp)
974	#endif // ocsp
975
976	RESOLVEFUNC(BIO_set_data)
977	RESOLVEFUNC(BIO_get_data)
978	RESOLVEFUNC(BIO_set_init)
979	RESOLVEFUNC(BIO_get_shutdown)
980	RESOLVEFUNC(BIO_set_shutdown)
981	RESOLVEFUNC(ASN1_INTEGER_get)
982	RESOLVEFUNC(ASN1_INTEGER_cmp)
983	RESOLVEFUNC(ASN1_STRING_length)
984	RESOLVEFUNC(ASN1_STRING_to_UTF8)
985	RESOLVEFUNC(BIO_ctrl)
986	RESOLVEFUNC(BIO_free)
987	RESOLVEFUNC(BIO_new)
988	RESOLVEFUNC(BIO_new_mem_buf)
989	RESOLVEFUNC(BIO_read)
990	RESOLVEFUNC(BIO_s_mem)
991	RESOLVEFUNC(BIO_write)
992	RESOLVEFUNC(BIO_set_flags)
993	RESOLVEFUNC(BIO_clear_flags)
994	RESOLVEFUNC(BIO_set_ex_data)
995	RESOLVEFUNC(BIO_get_ex_data)
996
997	#ifndef OPENSSL_NO_EC
998	RESOLVEFUNC(EC_KEY_get0_group)
999	RESOLVEFUNC(EC_GROUP_get_degree)
1000	#endif
1001	RESOLVEFUNC(BN_num_bits)
1002	RESOLVEFUNC(BN_is_word)
1003	RESOLVEFUNC(BN_mod_word)
1004	RESOLVEFUNC(DSA_new)
1005	RESOLVEFUNC(DSA_free)
1006	RESOLVEFUNC(ERR_error_string)
1007	RESOLVEFUNC(ERR_error_string_n)
1008	RESOLVEFUNC(ERR_get_error)
1009	RESOLVEFUNC(EVP_CIPHER_CTX_new)
1010	RESOLVEFUNC(EVP_CIPHER_CTX_free)
1011	RESOLVEFUNC(EVP_CIPHER_CTX_ctrl)
1012	RESOLVEFUNC(EVP_CIPHER_CTX_set_key_length)
1013	RESOLVEFUNC(EVP_CipherInit)
1014	RESOLVEFUNC(EVP_CipherInit_ex)
1015	RESOLVEFUNC(EVP_CipherUpdate)
1016	RESOLVEFUNC(EVP_CipherFinal)
1017	RESOLVEFUNC(EVP_get_digestbyname)
1018	#ifndef OPENSSL_NO_DES
1019	RESOLVEFUNC(EVP_des_cbc)
1020	RESOLVEFUNC(EVP_des_ede3_cbc)
1021	#endif
1022	#ifndef OPENSSL_NO_RC2
1023	RESOLVEFUNC(EVP_rc2_cbc)
1024	#endif
1025	#ifndef OPENSSL_NO_AES
1026	RESOLVEFUNC(EVP_aes_128_cbc)
1027	RESOLVEFUNC(EVP_aes_192_cbc)
1028	RESOLVEFUNC(EVP_aes_256_cbc)
1029	#endif
1030	RESOLVEFUNC(EVP_sha1)
1031	RESOLVEFUNC(EVP_PKEY_assign)
1032	RESOLVEFUNC(EVP_PKEY_set1_RSA)
1033	RESOLVEFUNC(EVP_PKEY_set1_DSA)
1034	RESOLVEFUNC(EVP_PKEY_set1_DH)
1035
1036	#ifndef OPENSSL_NO_EC
1037	RESOLVEFUNC(EVP_PKEY_set1_EC_KEY)
1038	RESOLVEFUNC(EVP_PKEY_get1_EC_KEY)
1039	RESOLVEFUNC(PEM_read_bio_ECPrivateKey)
1040	RESOLVEFUNC(PEM_write_bio_ECPrivateKey)
1041	RESOLVEFUNC(PEM_read_bio_EC_PUBKEY)
1042	RESOLVEFUNC(PEM_write_bio_EC_PUBKEY)
1043	#endif // OPENSSL_NO_EC
1044
1045	RESOLVEFUNC(EVP_PKEY_cmp)
1046	RESOLVEFUNC(EVP_PKEY_free)
1047	RESOLVEFUNC(EVP_PKEY_get1_DSA)
1048	RESOLVEFUNC(EVP_PKEY_get1_RSA)
1049	RESOLVEFUNC(EVP_PKEY_get1_DH)
1050	RESOLVEFUNC(EVP_PKEY_new)
1051	RESOLVEFUNC(EVP_PKEY_type)
1052	RESOLVEFUNC(OBJ_nid2sn)
1053	RESOLVEFUNC(OBJ_nid2ln)
1054	RESOLVEFUNC(OBJ_sn2nid)
1055	RESOLVEFUNC(OBJ_ln2nid)
1056	RESOLVEFUNC(i2t_ASN1_OBJECT)
1057	RESOLVEFUNC(OBJ_obj2txt)
1058	RESOLVEFUNC(OBJ_obj2nid)
1059	RESOLVEFUNC(PEM_read_bio_PrivateKey)
1060	RESOLVEFUNC(PEM_read_bio_DSAPrivateKey)
1061	RESOLVEFUNC(PEM_read_bio_RSAPrivateKey)
1062	RESOLVEFUNC(PEM_read_bio_DHparams)
1063	RESOLVEFUNC(PEM_write_bio_DSAPrivateKey)
1064	RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
1065	RESOLVEFUNC(PEM_write_bio_PrivateKey)
1066	RESOLVEFUNC(PEM_read_bio_PUBKEY)
1067	RESOLVEFUNC(PEM_read_bio_DSA_PUBKEY)
1068	RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY)
1069	RESOLVEFUNC(PEM_write_bio_DSA_PUBKEY)
1070	RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY)
1071	RESOLVEFUNC(PEM_write_bio_PUBKEY)
1072	RESOLVEFUNC(RAND_seed)
1073	RESOLVEFUNC(RAND_status)
1074	RESOLVEFUNC(RAND_bytes)
1075	RESOLVEFUNC(RSA_new)
1076	RESOLVEFUNC(RSA_free)
1077	RESOLVEFUNC(SSL_CIPHER_description)
1078	RESOLVEFUNC(SSL_CIPHER_get_bits)
1079	RESOLVEFUNC(SSL_get_rbio)
1080	RESOLVEFUNC(SSL_CTX_check_private_key)
1081	RESOLVEFUNC(SSL_CTX_ctrl)
1082	RESOLVEFUNC(SSL_CTX_free)
1083	RESOLVEFUNC(SSL_CTX_new)
1084	RESOLVEFUNC(SSL_CTX_set_cipher_list)
1085	RESOLVEFUNC(SSL_CTX_callback_ctrl)
1086	RESOLVEFUNC(SSL_CTX_set_default_verify_paths)
1087	RESOLVEFUNC(SSL_CTX_set_verify)
1088	RESOLVEFUNC(SSL_CTX_set_verify_depth)
1089	RESOLVEFUNC(SSL_CTX_use_certificate)
1090	RESOLVEFUNC(SSL_CTX_use_certificate_file)
1091	RESOLVEFUNC(SSL_CTX_use_PrivateKey)
1092	RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
1093	RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
1094	RESOLVEFUNC(SSL_CTX_get_cert_store);
1095	RESOLVEFUNC(SSL_CONF_CTX_new);
1096	RESOLVEFUNC(SSL_CONF_CTX_free);
1097	RESOLVEFUNC(SSL_CONF_CTX_set_ssl_ctx);
1098	RESOLVEFUNC(SSL_CONF_CTX_set_flags);
1099	RESOLVEFUNC(SSL_CONF_CTX_finish);
1100	RESOLVEFUNC(SSL_CONF_cmd);
1101	RESOLVEFUNC(SSL_accept)
1102	RESOLVEFUNC(SSL_clear)
1103	RESOLVEFUNC(SSL_connect)
1104	RESOLVEFUNC(SSL_free)
1105	RESOLVEFUNC(SSL_get_ciphers)
1106	RESOLVEFUNC(SSL_get_current_cipher)
1107	RESOLVEFUNC(SSL_version)
1108	RESOLVEFUNC(SSL_get_error)
1109	RESOLVEFUNC(SSL_get_peer_cert_chain)
1110	RESOLVEFUNC(SSL_get_peer_certificate)
1111	RESOLVEFUNC(SSL_get_verify_result)
1112	RESOLVEFUNC(SSL_new)
1113	RESOLVEFUNC(SSL_get_SSL_CTX)
1114	RESOLVEFUNC(SSL_ctrl)
1115	RESOLVEFUNC(SSL_read)
1116	RESOLVEFUNC(SSL_set_accept_state)
1117	RESOLVEFUNC(SSL_set_bio)
1118	RESOLVEFUNC(SSL_set_connect_state)
1119	RESOLVEFUNC(SSL_shutdown)
1120	RESOLVEFUNC(SSL_in_init)
1121	RESOLVEFUNC(SSL_get_shutdown)
1122	RESOLVEFUNC(SSL_set_session)
1123	RESOLVEFUNC(SSL_SESSION_free)
1124	RESOLVEFUNC(SSL_get1_session)
1125	RESOLVEFUNC(SSL_get_session)
1126	RESOLVEFUNC(SSL_set_ex_data)
1127	RESOLVEFUNC(SSL_get_ex_data)
1128	RESOLVEFUNC(SSL_get_ex_data_X509_STORE_CTX_idx)
1129
1130	#ifndef OPENSSL_NO_PSK
1131	RESOLVEFUNC(SSL_set_psk_client_callback)
1132	RESOLVEFUNC(SSL_set_psk_server_callback)
1133	RESOLVEFUNC(SSL_CTX_use_psk_identity_hint)
1134	#endif // !OPENSSL_NO_PSK
1135
1136	RESOLVEFUNC(SSL_write)
1137	RESOLVEFUNC(X509_NAME_entry_count)
1138	RESOLVEFUNC(X509_NAME_get_entry)
1139	RESOLVEFUNC(X509_NAME_ENTRY_get_data)
1140	RESOLVEFUNC(X509_NAME_ENTRY_get_object)
1141	RESOLVEFUNC(X509_PUBKEY_get)
1142	RESOLVEFUNC(X509_STORE_free)
1143	RESOLVEFUNC(X509_STORE_new)
1144	RESOLVEFUNC(X509_STORE_add_cert)
1145	RESOLVEFUNC(X509_STORE_CTX_free)
1146	RESOLVEFUNC(X509_STORE_CTX_init)
1147	RESOLVEFUNC(X509_STORE_CTX_new)
1148	RESOLVEFUNC(X509_STORE_CTX_set_purpose)
1149	RESOLVEFUNC(X509_STORE_CTX_get_error)
1150	RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
1151	RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
1152	RESOLVEFUNC(X509_STORE_CTX_get0_store)
1153	RESOLVEFUNC(X509_cmp)
1154	RESOLVEFUNC(X509_STORE_CTX_get_ex_data)
1155	RESOLVEFUNC(X509_dup)
1156	RESOLVEFUNC(X509_print)
1157	RESOLVEFUNC(X509_digest)
1158	RESOLVEFUNC(X509_EXTENSION_get_object)
1159	RESOLVEFUNC(X509_free)
1160	RESOLVEFUNC(X509_gmtime_adj)
1161	RESOLVEFUNC(ASN1_TIME_free)
1162	RESOLVEFUNC(X509_get_ext)
1163	RESOLVEFUNC(X509_get_ext_count)
1164	RESOLVEFUNC(X509_get_ext_d2i)
1165	RESOLVEFUNC(X509V3_EXT_get)
1166	RESOLVEFUNC(X509V3_EXT_d2i)
1167	RESOLVEFUNC(X509_EXTENSION_get_critical)
1168	RESOLVEFUNC(X509_EXTENSION_get_data)
1169	RESOLVEFUNC(BASIC_CONSTRAINTS_free)
1170	RESOLVEFUNC(AUTHORITY_KEYID_free)
1171	RESOLVEFUNC(GENERAL_NAME_free)
1172	RESOLVEFUNC(ASN1_STRING_print)
1173	RESOLVEFUNC(X509_check_issued)
1174	RESOLVEFUNC(X509_get_issuer_name)
1175	RESOLVEFUNC(X509_get_subject_name)
1176	RESOLVEFUNC(X509_get_serialNumber)
1177	RESOLVEFUNC(X509_verify_cert)
1178	RESOLVEFUNC(d2i_X509)
1179	RESOLVEFUNC(i2d_X509)
1180	#if OPENSSL_VERSION_MAJOR < 3
1181	RESOLVEFUNC(SSL_CTX_load_verify_locations)
1182	#else
1183	RESOLVEFUNC(SSL_CTX_load_verify_dir)
1184	#endif // OPENSSL_VERSION_MAJOR
1185	RESOLVEFUNC(i2d_SSL_SESSION)
1186	RESOLVEFUNC(d2i_SSL_SESSION)
1187
1188	#ifndef OPENSSL_NO_NEXTPROTONEG
1189	RESOLVEFUNC(SSL_select_next_proto)
1190	RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb)
1191	RESOLVEFUNC(SSL_get0_next_proto_negotiated)
1192	RESOLVEFUNC(SSL_set_alpn_protos)
1193	RESOLVEFUNC(SSL_CTX_set_alpn_select_cb)
1194	RESOLVEFUNC(SSL_get0_alpn_selected)
1195	#endif // !OPENSSL_NO_NEXTPROTONEG
1196
1197	#if QT_CONFIG(dtls)
1198	RESOLVEFUNC(SSL_CTX_set_cookie_generate_cb)
1199	RESOLVEFUNC(SSL_CTX_set_cookie_verify_cb)
1200	RESOLVEFUNC(DTLS_server_method)
1201	RESOLVEFUNC(DTLS_client_method)
1202	#endif // dtls
1203
1204	RESOLVEFUNC(CRYPTO_malloc)
1205	RESOLVEFUNC(DH_new)
1206	RESOLVEFUNC(DH_free)
1207	RESOLVEFUNC(d2i_DHparams)
1208	RESOLVEFUNC(i2d_DHparams)
1209	#ifndef OPENSSL_NO_DEPRECATED_3_0
1210	RESOLVEFUNC(DH_check)
1211	#endif // OPENSSL_NO_DEPRECATED_3_0
1212	RESOLVEFUNC(BN_bin2bn)
1213
1214	#ifndef OPENSSL_NO_EC
1215	RESOLVEFUNC(EC_KEY_dup)
1216	RESOLVEFUNC(EC_KEY_new_by_curve_name)
1217	RESOLVEFUNC(EC_KEY_free)
1218	RESOLVEFUNC(EC_get_builtin_curves)
1219	#endif // OPENSSL_NO_EC
1220
1221	RESOLVEFUNC(PKCS12_parse)
1222	RESOLVEFUNC(d2i_PKCS12_bio)
1223	RESOLVEFUNC(PKCS12_free)
1224
1225	symbolsResolved.storeRelease(newValue: true);
1226	return true;
1227	}
1228	#endif // QT_CONFIG(library)
1229
1230	#else // !defined QT_LINKED_OPENSSL
1231
1232	bool q_resolveOpenSslSymbols()
1233	{
1234	#ifdef QT_NO_OPENSSL
1235	return false;
1236	#endif
1237	return true;
1238	}
1239	#endif // !defined QT_LINKED_OPENSSL
1240
1241	//==============================================================================
1242	// contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/
1243	// Based on X509_cmp_time() for intitial buffer hacking.
1244	//==============================================================================
1245	QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
1246	{
1247	size_t lTimeLength = aTime->length;
1248	char pString = (char* *) aTime->data;
1249	auto isValidPointer = [pString, lTimeLength](const char *const probe){
1250	return size_t(probe - pString) < lTimeLength;
1251	};
1252
1253	if (aTime->type == V_ASN1_UTCTIME) {
1254
1255	char lBuffer[`24`];
1256	char *pBuffer = lBuffer;
1257
1258	if ((lTimeLength < `11`) \|\| (lTimeLength > `17`))
1259	return QDateTime ();
1260
1261	memcpy(dest: pBuffer, src: pString, n: `10`);
1262	pBuffer += `10`;
1263	pString += `10`;
1264
1265	if ((pString == `'Z'`) \|\| (pString == `'-'`) \|\| (*pString == `'+'`)) {
1266	*pBuffer++ = `'0'`;
1267	*pBuffer++ = `'0'`;
1268	} else {
1269	pBuffer++ = pString++;
1270	if (!isValidPointer (pString)) // Nah.
1271	return {};
1272	pBuffer++ = pString++;
1273	if (!isValidPointer (pString)) // Nah.
1274	return {};
1275	// Skip any fractional seconds...
1276	if (*pString == `'.'`) {
1277	pString++;
1278	if (!isValidPointer (pString)) // Oh no, cannot dereference (see below).
1279	return {};
1280	while ((pString >= `'0'`) && (pString <= `'9'`)) {
1281	pString++;
1282	if (!isValidPointer (pString)) // No and no.
1283	return {};
1284	}
1285	}
1286	}
1287
1288	*pBuffer++ = `'Z'`;
1289	*pBuffer++ = `'\0'`;
1290
1291	time_t lSecondsFromUCT;
1292	if (*pString == `'Z'`) {
1293	lSecondsFromUCT = `0`;
1294	} else {
1295	if ((pString != `'+'`) && (pString != `'-'`))
1296	return QDateTime ();
1297
1298	if (!isValidPointer (pString + `4`)) {
1299	// What kind of input parameters we were provided with? To hell with them!
1300	return {};
1301	}
1302	lSecondsFromUCT = ((pString[`1`] - `'0'`) * `10` + (pString[`2`] - `'0'`)) * `60`;
1303	lSecondsFromUCT += (pString[`3`] - `'0'`) * `10` + (pString[`4`] - `'0'`);
1304	lSecondsFromUCT *= `60`;
1305	if (*pString == `'-'`)
1306	lSecondsFromUCT = -lSecondsFromUCT;
1307	}
1308
1309	tm lTime;
1310	lTime.tm_sec = ((lBuffer[`10`] - `'0'`) * `10`) + (lBuffer[`11`] - `'0'`);
1311	lTime.tm_min = ((lBuffer[`8`] - `'0'`) * `10`) + (lBuffer[`9`] - `'0'`);
1312	lTime.tm_hour = ((lBuffer[`6`] - `'0'`) * `10`) + (lBuffer[`7`] - `'0'`);
1313	lTime.tm_mday = ((lBuffer[`4`] - `'0'`) * `10`) + (lBuffer[`5`] - `'0'`);
1314	lTime.tm_mon = (((lBuffer[`2`] - `'0'`) * `10`) + (lBuffer[`3`] - `'0'`)) - `1`;
1315	lTime.tm_year = ((lBuffer[`0`] - `'0'`) * `10`) + (lBuffer[`1`] - `'0'`);
1316	if (lTime.tm_year < `50`)
1317	lTime.tm_year += `100`; // RFC 2459
1318
1319	QDate resDate(lTime.tm_year + `1900`, lTime.tm_mon + `1`, lTime.tm_mday);
1320	QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1321
1322	QDateTime result(resDate, resTime, Qt::UTC);
1323	result = result.addSecs(secs: lSecondsFromUCT);
1324	return result;
1325
1326	} else if (aTime->type == V_ASN1_GENERALIZEDTIME) {
1327
1328	if (lTimeLength < `15`)
1329	return QDateTime (); // hopefully never triggered
1330
1331	// generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2)
1332	tm lTime;
1333	lTime.tm_sec = ((pString[`12`] - `'0'`) * `10`) + (pString[`13`] - `'0'`);
1334	lTime.tm_min = ((pString[`10`] - `'0'`) * `10`) + (pString[`11`] - `'0'`);
1335	lTime.tm_hour = ((pString[`8`] - `'0'`) * `10`) + (pString[`9`] - `'0'`);
1336	lTime.tm_mday = ((pString[`6`] - `'0'`) * `10`) + (pString[`7`] - `'0'`);
1337	lTime.tm_mon = (((pString[`4`] - `'0'`) * `10`) + (pString[`5`] - `'0'`));
1338	lTime.tm_year = ((pString[`0`] - `'0'`) * `1000`) + ((pString[`1`] - `'0'`) * `100`) +
1339	((pString[`2`] - `'0'`) * `10`) + (pString[`3`] - `'0'`);
1340
1341	QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday);
1342	QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1343
1344	QDateTime result(resDate, resTime, Qt::UTC);
1345	return result;
1346
1347	} else {
1348	qCWarning(lcSsl, "unsupported date format detected");
1349	return QDateTime ();
1350	}
1351
1352	}
1353
1354	QT_END_NAMESPACE
1355

source code of qtbase/src/network/ssl/qsslsocket_openssl_symbols.cpp