openssl_symbols.cpp source code [qtopcua/src/opcua/x509/openssl_symbols.cpp]

1	// Copyright (C) 2019 The Qt Company Ltd.
2	// Copyright (C) 2014 BlackBerry Limited. All rights reserved.
3	// Copyright (C) 2016 Richard J. Moore <rich@kde.org>
4	// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
5
6	/****************************************************************************
7	**
8	** In addition, as a special exception, the copyright holders listed above give
9	** permission to link the code of its release of Qt with the OpenSSL project's
10	** "OpenSSL" library (or modified versions of the "OpenSSL" library that use the
11	** same license as the original version), and distribute the linked executables.
12	**
13	** You must comply with the GNU General Public License version 2 in all
14	** respects for all of the code used other than the "OpenSSL" code. If you
15	** modify this file, you may extend this exception to your version of the file,
16	** but you are not obligated to do so. If you do not wish to do so, delete
17	** this exception statement from your version of this file.
18	**
19	****************************************************************************/
20
21	#include "openssl_symbols_p.h"
22	#include <QtCore/qurl.h>
23	#include <QtCore/qset.h>
24
25	#ifdef Q_OS_WIN
26	# include <private/qsystemlibrary_p.h>
27	#elif QT_CONFIG(library)
28	# include <QtCore/qlibrary.h>
29	#endif
30	#include <QtCore/qmutex.h>
31	#include <QtCore/qdatetime.h>
32	#include <QtCore/qtimezone.h>
33	#if defined(Q_OS_UNIX)
34	#include <QtCore/qdir.h>
35	#endif
36	#include <memory>
37	#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
38	#include <link.h>
39	#endif
40	#ifdef Q_OS_DARWIN
41	#include "private/qcore_mac_p.h"
42	#endif
43
44	#include <algorithm>
45
46	QT_BEGIN_NAMESPACE
47
48	Q_LOGGING_CATEGORY(lcSsl, "qt.opcua.ssl");
49
50
51	/*
52	Note to maintainer:
53	-------------------
54
55	We load OpenSSL symbols dynamically. Because symbols are known to
56	disappear, and signatures sometimes change, between releases, we need to
57	be careful about how this is done. To ensure we don't end up dereferencing
58	null function pointers, and continue running even if certain functions are
59	missing, we define helper functions for each of the symbols we load from
60	OpenSSL, all prefixed with "q_" (declared in
61	qsslsocket_openssl_symbols_p.h). So instead of calling SSL_connect
62	directly, we call q_SSL_connect, which is a function that checks if the
63	actual SSL_connect fptr is null, and returns a failure if it is, or calls
64	SSL_connect if it isn't.
65
66	This requires a somewhat tedious process of declaring each function we
67	want to call in OpenSSL thrice: once with the q_, in _p.h, once using the
68	DEFINEFUNC macros below, and once in the function that actually resolves
69	the symbols, below the DEFINEFUNC declarations below.
70
71	There's one DEFINEFUNC macro declared for every number of arguments
72	exposed by OpenSSL (feel free to extend when needed). The easiest thing to
73	do is to find an existing entry that matches the arg count of the function
74	you want to import, and do the same.
75
76	The first macro arg is the function return type. The second is the
77	verbatim name of the function/symbol. Then follows a list of N pairs of
78	argument types with a variable name, and just the variable name (char a,*
79	a, char b, b, etc). Finally there's two arguments - a suitable return*
80	statement for the error case (for an int function, return 0 or return -1
81	is usually right). Then either just "return" or DUMMYARG, the latter being
82	for void functions.
83
84	Note: Take into account that these macros and declarations are processed
85	at compile-time, and the result depends on the OpenSSL headers the
86	compiling host has installed, but the symbols are resolved at run-time,
87	possibly with a different version of OpenSSL.
88	*/
89
90	#ifndef QT_LINKED_OPENSSL
91
92	namespace {
93	void qsslSocketUnresolvedSymbolWarning(const char *functionName)
94	{
95	qCWarning(lcSsl, "QSslSocket: cannot call unresolved function %s", functionName);
96	}
97
98	#if QT_CONFIG(library)
99	void qsslSocketCannotResolveSymbolWarning(const char *functionName)
100	{
101	qCWarning(lcSsl, "QSslSocket: cannot resolve %s", functionName);
102	}
103	#endif
104
105	}
106
107	#endif // QT_LINKED_OPENSSL
108
109	#if QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
110
111	// Below are the functions first introduced in version 1.1:
112
113	DEFINEFUNC(const unsigned char , ASN1_STRING_get0_data, const* ASN1_STRING a, a, return* nullptr, return)
114	DEFINEFUNC2(int, OPENSSL_init_ssl, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS settings, settings, return* `0`, return)
115	DEFINEFUNC2(int, OPENSSL_init_crypto, uint64_t opts, opts, const OPENSSL_INIT_SETTINGS settings, settings, return* `0`, return)
116	DEFINEFUNC(BIO , BIO_new, const* BIO_METHOD a, a, return* nullptr, return)
117	DEFINEFUNC(const BIO_METHOD , BIO_s_mem, void, DUMMYARG, return* nullptr, return)
118	DEFINEFUNC2(int, BN_is_word, BIGNUM a, a, BN_ULONG w, w, return* `0`, return)
119	DEFINEFUNC(int, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX c, c, return* `0`, return)
120	DEFINEFUNC(int, EVP_PKEY_base_id, EVP_PKEY a, a, return* NID_undef, return)
121	DEFINEFUNC(int, RSA_bits, RSA a, a, return* `0`, return)
122	DEFINEFUNC(int, DSA_bits, DSA a, a, return* `0`, return)
123	DEFINEFUNC(int, OPENSSL_sk_num, OPENSSL_STACK a, a, return* -`1`, return)
124	DEFINEFUNC2(void, OPENSSL_sk_pop_free, OPENSSL_STACK a, a, void* (b)(void), b, return**, DUMMYARG)
125	DEFINEFUNC(OPENSSL_STACK , OPENSSL_sk_new_null, DUMMYARG, DUMMYARG, return* nullptr, return)
126	DEFINEFUNC2(void, OPENSSL_sk_push, OPENSSL_STACK a, a, void* b, b, return*, DUMMYARG)
127	DEFINEFUNC(void, OPENSSL_sk_free, OPENSSL_STACK a, a, return*, DUMMYARG)
128	DEFINEFUNC2(void , OPENSSL_sk_value, OPENSSL_STACK a, a, int b, b, return nullptr, return)
129	DEFINEFUNC(int, SSL_session_reused, SSL a, a, return* `0`, return)
130	DEFINEFUNC2(unsigned long, SSL_CTX_set_options, SSL_CTX ctx, ctx, unsigned* long op, op, return `0`, return)
131	#ifdef TLS1_3_VERSION
132	DEFINEFUNC2(int, SSL_CTX_set_ciphersuites, SSL_CTX ctx, ctx, const* char str, str, return* `0`, return)
133	#endif
134	DEFINEFUNC3(size_t, SSL_get_client_random, SSL a, a, unsigned* char out, out, size_t outlen, outlen, return* `0`, return)
135	DEFINEFUNC3(size_t, SSL_SESSION_get_master_key, const SSL_SESSION ses, ses, unsigned* char out, out, size_t outlen, outlen, return* `0`, return)
136	DEFINEFUNC6(int, CRYPTO_get_ex_new_index, int class_index, class_index, long argl, argl, void argp, argp, CRYPTO_EX_new new_func, new_func, CRYPTO_EX_dup dup_func, dup_func, CRYPTO_EX_free free_func, free_func, return -`1`, return)
137	DEFINEFUNC2(unsigned long, SSL_set_options, SSL ssl, ssl, unsigned* long op, op, return `0`, return)
138
139	DEFINEFUNC(const SSL_METHOD , TLS_method, DUMMYARG, DUMMYARG, return* nullptr, return)
140	DEFINEFUNC(const SSL_METHOD , TLS_client_method, DUMMYARG, DUMMYARG, return* nullptr, return)
141	DEFINEFUNC(const SSL_METHOD , TLS_server_method, DUMMYARG, DUMMYARG, return* nullptr, return)
142	DEFINEFUNC(void, X509_up_ref, X509 a, a, return*, DUMMYARG)
143	DEFINEFUNC(ASN1_TIME , X509_getm_notBefore, X509 a, a, return nullptr, return)
144	DEFINEFUNC(ASN1_TIME , X509_getm_notAfter, X509 a, a, return nullptr, return)
145	DEFINEFUNC(long, X509_get_version, X509 a, a, return* -`1`, return)
146	DEFINEFUNC(EVP_PKEY , X509_get_pubkey, X509 a, a, return nullptr, return)
147	DEFINEFUNC2(void, X509_STORE_set_verify_cb, X509_STORE a, a, X509_STORE_CTX_verify_cb verify_cb, verify_cb, return*, DUMMYARG)
148	DEFINEFUNC(STACK_OF(X509) , X509_STORE_CTX_get0_chain, X509_STORE_CTX a, a, return nullptr, return)
149	DEFINEFUNC3(void, CRYPTO_free, void str, str, const* char file, file, int* line, line, return, DUMMYARG)
150	DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return `0`, return)
151	DEFINEFUNC(const char , OpenSSL_version, int* a, a, return nullptr, return)
152	DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION session, session, return* `0`, return)
153	DEFINEFUNC4(void, DH_get0_pqg, const DH dh, dh, const* BIGNUM *p, p, const* BIGNUM *q, q, const* BIGNUM g, g, return**, DUMMYARG)
154	DEFINEFUNC(int, DH_bits, DH dh, dh, return* `0`, return)
155
156	DEFINEFUNC2(void, BIO_set_data, BIO a, a, void* ptr, ptr, return*, DUMMYARG)
157	DEFINEFUNC(void , BIO_get_data, BIO a, a, return nullptr, return)
158	DEFINEFUNC2(void, BIO_set_init, BIO a, a, int* init, init, return, DUMMYARG)
159	DEFINEFUNC(int, BIO_get_shutdown, BIO a, a, return* -`1`, return)
160	DEFINEFUNC2(void, BIO_set_shutdown, BIO a, a, int* shut, shut, return, DUMMYARG)
161
162
163	#else // QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
164
165	// Functions below are either deprecated or removed in OpenSSL >= 1.1:
166
167	DEFINEFUNC(unsigned char , ASN1_STRING_data, ASN1_STRING a, a, return nullptr, return)
168
169	#ifdef SSLEAY_MACROS
170	DEFINEFUNC3(void , ASN1_dup, i2d_of_void a, a, d2i_of_void b, b, char* c, c, return* nullptr, return)
171	#endif
172	DEFINEFUNC2(BIO , BIO_new_file, const* char filename, filename, const* char mode, mode, return* nullptr, return)
173	DEFINEFUNC(void, ERR_clear_error, DUMMYARG, DUMMYARG, return, DUMMYARG)
174	DEFINEFUNC(BIO , BIO_new, BIO_METHOD a, a, return nullptr, return)
175	DEFINEFUNC(BIO_METHOD , BIO_s_mem, void, DUMMYARG, return* nullptr, return)
176	DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return `0`, return)
177	DEFINEFUNC(void, CRYPTO_set_locking_callback, void (a)(int, int, const* char , int), a, return*, DUMMYARG)
178	DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (a)(), a, return*, DUMMYARG)
179	DEFINEFUNC(void, CRYPTO_free, void a, a, return*, DUMMYARG)
180	DEFINEFUNC(unsigned long, ERR_peek_last_error, DUMMYARG, DUMMYARG, return `0`, return)
181	DEFINEFUNC(void, ERR_free_strings, void, DUMMYARG, return, DUMMYARG)
182	DEFINEFUNC(void, EVP_CIPHER_CTX_cleanup, EVP_CIPHER_CTX a, a, return*, DUMMYARG)
183	DEFINEFUNC(void, EVP_CIPHER_CTX_init, EVP_CIPHER_CTX a, a, return*, DUMMYARG)
184
185	#ifdef SSLEAY_MACROS
186	DEFINEFUNC6(void , PEM_ASN1_read_bio, d2i_of_void a, a, const char b, b, BIO c, c, void *d, d, pem_password_cb e, e, void f, f, return* nullptr, return)
187	DEFINEFUNC6(void , PEM_ASN1_write_bio, d2i_of_void a, a, const char b, b, BIO c, c, void *d, d, pem_password_cb e, e, void f, f, return* nullptr, return)
188	#endif // SSLEAY_MACROS
189
190	DEFINEFUNC(int, sk_num, STACK a, a, return* -`1`, return)
191	DEFINEFUNC2(void, sk_pop_free, STACK a, a, void* (b)(void), b, return**, DUMMYARG)
192
193	DEFINEFUNC(_STACK , sk_new_null, DUMMYARG, DUMMYARG, return* nullptr, return)
194	DEFINEFUNC2(void, sk_push, _STACK a, a, void* b, b, return*, DUMMYARG)
195	DEFINEFUNC(void, sk_free, _STACK a, a, return*, DUMMYARG)
196	DEFINEFUNC2(void , sk_value, STACK a, a, int b, b, return nullptr, return)
197
198	DEFINEFUNC(int, SSL_library_init, void, DUMMYARG, return -`1`, return)
199	DEFINEFUNC(void, SSL_load_error_strings, void, DUMMYARG, return, DUMMYARG)
200
201	#if OPENSSL_VERSION_NUMBER >= 0x10001000L
202	DEFINEFUNC5(int, SSL_get_ex_new_index, long argl, argl, void argp, argp, CRYPTO_EX_new new_func, new_func, CRYPTO_EX_dup dup_func, dup_func, CRYPTO_EX_free free_func, free_func, return -`1`, return)
203	#endif // OPENSSL_VERSION_NUMBER >= 0x10001000L
204
205	DEFINEFUNC(STACK_OF(X509) , X509_STORE_CTX_get_chain, X509_STORE_CTX a, a, return nullptr, return)
206
207	#ifdef SSLEAY_MACROS
208	DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA a, a, unsigned* char b, b, return -`1`, return**)
209	DEFINEFUNC2(int, i2d_RSAPrivateKey, const RSA a, a, unsigned* char b, b, return -`1`, return**)
210	#ifndef OPENSSL_NO_EC
211	DEFINEFUNC2(int, i2d_ECPrivateKey, const EC_KEY a, a, unsigned* char b, b, return -`1`, return**)
212	#endif
213	DEFINEFUNC3(RSA , d2i_RSAPrivateKey, RSA a, a, unsigned* char *b, b, long* c, c, return nullptr, return)
214	DEFINEFUNC3(DSA , d2i_DSAPrivateKey, DSA a, a, unsigned* char *b, b, long* c, c, return nullptr, return)
215	#ifndef OPENSSL_NO_EC
216	DEFINEFUNC3(EC_KEY , d2i_ECPrivateKey, EC_KEY a, a, unsigned* char *b, b, long* c, c, return nullptr, return)
217	#endif
218	#endif
219
220	DEFINEFUNC(char , CONF_get1_default_config_file, DUMMYARG, DUMMYARG, return* nullptr, return)
221	DEFINEFUNC(void, OPENSSL_add_all_algorithms_noconf, void, DUMMYARG, return, DUMMYARG)
222	DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG)
223	DEFINEFUNC(long, SSLeay, void, DUMMYARG, return `0`, return)
224	DEFINEFUNC(const char , SSLeay_version, int* a, a, return nullptr, return)
225	DEFINEFUNC(void, ERR_load_crypto_strings, void, DUMMYARG, return, return)
226
227	#endif // QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
228
229	DEFINEFUNC(long, ASN1_INTEGER_get, ASN1_INTEGER a, a, return* `0`, return)
230	DEFINEFUNC2(int, ASN1_INTEGER_cmp, const ASN1_INTEGER a, a, const* ASN1_INTEGER b, b, return* `1`, return)
231	DEFINEFUNC(int, ASN1_STRING_length, ASN1_STRING a, a, return* `0`, return)
232	DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char *a, a, ASN1_STRING b, b, return `0`, return)
233	DEFINEFUNC4(long, BIO_ctrl, BIO a, a, int* b, b, long c, c, void d, d, return* -`1`, return)
234	DEFINEFUNC(int, BIO_free, BIO a, a, return* `0`, return)
235	DEFINEFUNC(void, BIO_free_all, BIO a, a, return, return*)
236	DEFINEFUNC2(BIO , BIO_new_mem_buf, void* a, a, int* b, b, return nullptr, return)
237	DEFINEFUNC3(int, BIO_read, BIO a, a, void* b, b, int* c, c, return -`1`, return)
238
239	DEFINEFUNC3(int, BIO_write, BIO a, a, const* void b, b, int* c, c, return -`1`, return)
240	DEFINEFUNC(int, BN_num_bits, const BIGNUM a, a, return* `0`, return)
241	DEFINEFUNC2(BN_ULONG, BN_mod_word, const BIGNUM a, a, BN_ULONG w, w, return* static_cast<BN_ULONG>(-`1`), return)
242	DEFINEFUNC2(int, BN_set_word, BIGNUM a, a, BN_ULONG w, w, return* `0`, return)
243	DEFINEFUNC(BIGNUM , BN_new, void, DUMMYARG, return* nullptr, return)
244	DEFINEFUNC(void, BN_clear, BIGNUM bignum, bignum, return, return*)
245	DEFINEFUNC(void, BN_free, BIGNUM bignum, bignum, return, return*)
246	DEFINEFUNC(void, BN_clear_free, BIGNUM bignum, bignum, return, return*)
247	#ifndef OPENSSL_NO_EC
248	DEFINEFUNC(const EC_GROUP, EC_KEY_get0_group, const* EC_KEY* k, k, return nullptr, return)
249	DEFINEFUNC(int, EC_GROUP_get_degree, const EC_GROUP* g, g, return `0`, return)
250	#endif
251	DEFINEFUNC(DSA , DSA_new, DUMMYARG, DUMMYARG, return* nullptr, return)
252	DEFINEFUNC(void, DSA_free, DSA a, a, return*, DUMMYARG)
253	DEFINEFUNC3(X509 , d2i_X509, X509 a, a, const* unsigned char *b, b, long* c, c, return nullptr, return)
254	DEFINEFUNC2(char , ERR_error_string, unsigned* long a, a, char b, b, return* nullptr, return)
255	DEFINEFUNC3(void, ERR_error_string_n, unsigned long e, e, char b, b, size_t len, len, return*, DUMMYARG)
256	DEFINEFUNC(unsigned long, ERR_get_error, DUMMYARG, DUMMYARG, return `0`, return)
257	DEFINEFUNC(EVP_CIPHER_CTX , EVP_CIPHER_CTX_new, void, DUMMYARG, return* nullptr, return)
258	DEFINEFUNC(void, EVP_CIPHER_CTX_free, EVP_CIPHER_CTX a, a, return*, DUMMYARG)
259	DEFINEFUNC4(int, EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX ctx, ctx, int* type, type, int arg, arg, void ptr, ptr, return* `0`, return)
260	DEFINEFUNC2(int, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX ctx, ctx, int* keylen, keylen, return `0`, return)
261	DEFINEFUNC5(int, EVP_CipherInit, EVP_CIPHER_CTX ctx, ctx, const* EVP_CIPHER type, type, const* unsigned char key, key, const* unsigned char iv, iv, int* enc, enc, return `0`, return)
262	DEFINEFUNC6(int, EVP_CipherInit_ex, EVP_CIPHER_CTX ctx, ctx, const* EVP_CIPHER cipher, cipher, ENGINE impl, impl, const unsigned char key, key, const* unsigned char iv, iv, int* enc, enc, return `0`, return)
263	DEFINEFUNC5(int, EVP_CipherUpdate, EVP_CIPHER_CTX ctx, ctx, unsigned* char out, out, int* outl, outl, const* unsigned char in, in, int* inl, inl, return `0`, return)
264	DEFINEFUNC3(int, EVP_CipherFinal, EVP_CIPHER_CTX ctx, ctx, unsigned* char out, out, int* outl, outl, return* `0`, return)
265	DEFINEFUNC(const EVP_MD , EVP_get_digestbyname, const* char name, name, return* nullptr, return)
266	DEFINEFUNC(const EVP_MD , EVP_sha1, DUMMYARG, DUMMYARG, return* nullptr, return)
267	DEFINEFUNC(const EVP_MD , EVP_sha256, DUMMYARG, DUMMYARG, return* nullptr, return)
268	DEFINEFUNC(const EVP_CIPHER , EVP_aes_256_gcm, DUMMYARG, DUMMYARG, return* nullptr, return)
269	DEFINEFUNC(const EVP_CIPHER , EVP_aes_128_cbc, DUMMYARG, DUMMYARG, return* nullptr, return)
270	DEFINEFUNC3(int, EVP_PKEY_assign, EVP_PKEY a, a, int* b, b, char c, c, return* -`1`, return)
271	DEFINEFUNC2(int, EVP_PKEY_set1_RSA, EVP_PKEY a, a, RSA b, b, return -`1`, return)
272	DEFINEFUNC2(int, EVP_PKEY_set1_DSA, EVP_PKEY a, a, DSA b, b, return -`1`, return)
273	DEFINEFUNC2(int, EVP_PKEY_set1_DH, EVP_PKEY a, a, DH b, b, return -`1`, return)
274	#ifndef OPENSSL_NO_EC
275	DEFINEFUNC2(int, EVP_PKEY_set1_EC_KEY, EVP_PKEY a, a, EC_KEY b, b, return -`1`, return)
276	#endif
277	DEFINEFUNC(void, EVP_PKEY_free, EVP_PKEY a, a, return*, DUMMYARG)
278	DEFINEFUNC(DSA , EVP_PKEY_get1_DSA, EVP_PKEY a, a, return nullptr, return)
279	DEFINEFUNC(RSA , EVP_PKEY_get1_RSA, EVP_PKEY a, a, return nullptr, return)
280	DEFINEFUNC(DH , EVP_PKEY_get1_DH, EVP_PKEY a, a, return nullptr, return)
281	#ifndef OPENSSL_NO_EC
282	DEFINEFUNC(EC_KEY , EVP_PKEY_get1_EC_KEY, EVP_PKEY a, a, return nullptr, return)
283	#endif
284	DEFINEFUNC(EVP_PKEY , EVP_PKEY_new, DUMMYARG, DUMMYARG, return* nullptr, return)
285	DEFINEFUNC(int, EVP_PKEY_type, int a, a, return NID_undef, return)
286	DEFINEFUNC2(int, i2d_X509, X509 a, a, unsigned* char b, b, return -`1`, return**)
287	DEFINEFUNC(const char , OBJ_nid2sn, int* a, a, return nullptr, return)
288	DEFINEFUNC(const char , OBJ_nid2ln, int* a, a, return nullptr, return)
289	DEFINEFUNC(int, OBJ_sn2nid, const char s, s, return* `0`, return)
290	DEFINEFUNC(int, OBJ_ln2nid, const char s, s, return* `0`, return)
291	DEFINEFUNC3(int, i2t_ASN1_OBJECT, char a, a, int* b, b, ASN1_OBJECT c, c, return* -`1`, return)
292	DEFINEFUNC4(int, OBJ_obj2txt, char a, a, int* b, b, ASN1_OBJECT c, c, int* d, d, return -`1`, return)
293
294	DEFINEFUNC(int, OBJ_obj2nid, const ASN1_OBJECT a, a, return* NID_undef, return)
295	DEFINEFUNC4(X509_EXTENSION* , X509V3_EXT_conf_nid, LHASH_OF(CONF_VALUE) conf, conf, X509V3_CTX ctx, ctx, int ext_nid, ext_nid, char value, value, return* NULL, return)
296
297	#ifndef SSLEAY_MACROS
298	DEFINEFUNC4(EVP_PKEY , PEM_read_bio_PrivateKey, BIO a, a, EVP_PKEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
299	DEFINEFUNC4(DSA , PEM_read_bio_DSAPrivateKey, BIO a, a, DSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
300	DEFINEFUNC4(RSA , PEM_read_bio_RSAPrivateKey, BIO a, a, RSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
301	#ifndef OPENSSL_NO_EC
302	DEFINEFUNC4(EC_KEY , PEM_read_bio_ECPrivateKey, BIO a, a, EC_KEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
303	#endif
304	DEFINEFUNC4(DH , PEM_read_bio_DHparams, BIO a, a, DH *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
305	DEFINEFUNC7(int, PEM_write_bio_DSAPrivateKey, BIO a, a, DSA b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
306	DEFINEFUNC7(int, PEM_write_bio_RSAPrivateKey, BIO a, a, RSA b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
307	DEFINEFUNC7(int, PEM_write_bio_PrivateKey, BIO a, a, EVP_PKEY b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
308	DEFINEFUNC7(int, PEM_write_bio_PKCS8PrivateKey, BIO a, a, EVP_PKEY b, b, const EVP_CIPHER c, c, char* d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
309	#ifndef OPENSSL_NO_EC
310	DEFINEFUNC7(int, PEM_write_bio_ECPrivateKey, BIO a, a, EC_KEY b, b, const EVP_CIPHER c, c, unsigned* char d, d, int* e, e, pem_password_cb f, f, void* g, g, return* `0`, return)
311	#endif
312	#endif // !SSLEAY_MACROS
313	DEFINEFUNC4(EVP_PKEY , PEM_read_bio_PUBKEY, BIO a, a, EVP_PKEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
314	DEFINEFUNC4(DSA , PEM_read_bio_DSA_PUBKEY, BIO a, a, DSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
315	DEFINEFUNC4(RSA , PEM_read_bio_RSA_PUBKEY, BIO a, a, RSA *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
316	#ifndef OPENSSL_NO_EC
317	DEFINEFUNC4(EC_KEY , PEM_read_bio_EC_PUBKEY, BIO a, a, EC_KEY *b, b, pem_password_cb c, c, void d, d, return* nullptr, return)
318	#endif
319	DEFINEFUNC2(int, PEM_write_bio_DSA_PUBKEY, BIO a, a, DSA b, b, return `0`, return)
320	DEFINEFUNC2(int, PEM_write_bio_RSA_PUBKEY, BIO a, a, RSA b, b, return `0`, return)
321	DEFINEFUNC2(int, PEM_write_bio_PUBKEY, BIO a, a, EVP_PKEY b, b, return `0`, return)
322	#ifndef OPENSSL_NO_EC
323	DEFINEFUNC2(int, PEM_write_bio_EC_PUBKEY, BIO a, a, EC_KEY b, b, return `0`, return)
324	#endif
325	DEFINEFUNC2(void, RAND_seed, const void a, a, int* b, b, return, DUMMYARG)
326	DEFINEFUNC(int, RAND_status, void, DUMMYARG, return -`1`, return)
327	DEFINEFUNC2(int, RAND_bytes, unsigned char b, b, int* n, n, return `0`, return)
328	DEFINEFUNC(RSA , RSA_new, DUMMYARG, DUMMYARG, return* nullptr, return)
329	DEFINEFUNC4(int, RSA_generate_key_ex, RSA rsa, rsa, int* bits, bits, BIGNUM e, e, BN_GENCB cb, cb, return `0`, return)
330	DEFINEFUNC(void, RSA_free, RSA a, a, return*, DUMMYARG)
331	DEFINEFUNC(X509_STORE , SSL_CTX_get_cert_store, const* SSL_CTX a, a, return* nullptr, return)
332	DEFINEFUNC2(int, X509_cmp, X509 a, a, X509 b, b, return -`1`, return)
333	DEFINEFUNC4(int, X509_digest, const X509 x509, x509, const* EVP_MD type, type, unsigned* char md, md, unsigned* int len, len, return* -`1`, return)
334	#ifndef SSLEAY_MACROS
335	DEFINEFUNC(X509 , X509_dup, X509 a, a, return nullptr, return)
336	#endif
337	DEFINEFUNC2(void, X509_print, BIO a, a, X509 b, b, return, DUMMYARG);
338	DEFINEFUNC(ASN1_OBJECT , X509_EXTENSION_get_object, X509_EXTENSION a, a, return nullptr, return)
339	DEFINEFUNC(void, X509_free, X509 a, a, return*, DUMMYARG)
340	//Q_AUTOTEST_EXPORT ASN1_TIME q_X509_gmtime_adj(ASN1_TIME s, long adj);
341	DEFINEFUNC2(ASN1_TIME , X509_gmtime_adj, ASN1_TIME s, s, long adj, adj, return nullptr, return)
342	DEFINEFUNC(void, ASN1_TIME_free, ASN1_TIME t, t, return*, DUMMYARG)
343	DEFINEFUNC2(X509_EXTENSION , X509_get_ext, X509 a, a, int b, b, return nullptr, return)
344	DEFINEFUNC(int, X509_get_ext_count, X509 a, a, return* `0`, return)
345	DEFINEFUNC4(void , X509_get_ext_d2i, X509 a, a, int b, b, int c, c, int* d, d, return* nullptr, return)
346	DEFINEFUNC(const X509V3_EXT_METHOD , X509V3_EXT_get, X509_EXTENSION a, a, return nullptr, return)
347	DEFINEFUNC(void , X509V3_EXT_d2i, X509_EXTENSION a, a, return nullptr, return)
348	DEFINEFUNC(int, X509_EXTENSION_get_critical, X509_EXTENSION a, a, return* `0`, return)
349	DEFINEFUNC(ASN1_OCTET_STRING , X509_EXTENSION_get_data, X509_EXTENSION a, a, return nullptr, return)
350	DEFINEFUNC(void, BASIC_CONSTRAINTS_free, BASIC_CONSTRAINTS a, a, return*, DUMMYARG)
351	DEFINEFUNC(void, AUTHORITY_KEYID_free, AUTHORITY_KEYID a, a, return*, DUMMYARG)
352	DEFINEFUNC(void, GENERAL_NAME_free, GENERAL_NAME a, a, return*, DUMMYARG)
353	DEFINEFUNC2(int, ASN1_STRING_print, BIO a, a, const* ASN1_STRING b, b, return* `0`, return)
354	DEFINEFUNC2(int, X509_check_issued, X509 a, a, X509 b, b, return -`1`, return)
355	DEFINEFUNC(X509_NAME , X509_get_issuer_name, X509 a, a, return nullptr, return)
356	DEFINEFUNC(X509_NAME , X509_get_subject_name, X509 a, a, return nullptr, return)
357	DEFINEFUNC(ASN1_INTEGER , X509_get_serialNumber, X509 a, a, return nullptr, return)
358	DEFINEFUNC(int, X509_verify_cert, X509_STORE_CTX a, a, return* -`1`, return)
359	DEFINEFUNC(int, X509_NAME_entry_count, X509_NAME a, a, return* `0`, return)
360	DEFINEFUNC2(X509_NAME_ENTRY , X509_NAME_get_entry, X509_NAME a, a, int b, b, return nullptr, return)
361	DEFINEFUNC(ASN1_STRING , X509_NAME_ENTRY_get_data, X509_NAME_ENTRY a, a, return nullptr, return)
362	DEFINEFUNC(ASN1_OBJECT , X509_NAME_ENTRY_get_object, X509_NAME_ENTRY a, a, return nullptr, return)
363	DEFINEFUNC(EVP_PKEY , X509_PUBKEY_get, X509_PUBKEY a, a, return nullptr, return)
364	DEFINEFUNC(void, X509_STORE_free, X509_STORE a, a, return*, DUMMYARG)
365	DEFINEFUNC(X509_STORE , X509_STORE_new, DUMMYARG, DUMMYARG, return* nullptr, return)
366	DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE a, a, X509 b, b, return `0`, return)
367	DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX a, a, return*, DUMMYARG)
368	DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX a, a, X509_STORE b, b, X509 c, c, STACK_OF(X509) d, d, return -`1`, return)
369	DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX a, a, int* b, b, return -`1`, return)
370	DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX a, a, return* -`1`, return)
371	DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX a, a, return* -`1`, return)
372	DEFINEFUNC(X509 , X509_STORE_CTX_get_current_cert, X509_STORE_CTX a, a, return nullptr, return)
373	DEFINEFUNC(X509_STORE_CTX , X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return* nullptr, return)
374	DEFINEFUNC2(void , X509_STORE_CTX_get_ex_data, X509_STORE_CTX ctx, ctx, int idx, idx, return nullptr, return)
375	DEFINEFUNC(int, SSL_get_ex_data_X509_STORE_CTX_idx, DUMMYARG, DUMMYARG, return -`1`, return)
376	DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX ctx, ctx, const* char CAfile, CAfile, const* char CApath, CApath, return* `0`, return)
377	DEFINEFUNC2(int, i2d_SSL_SESSION, SSL_SESSION in, in, unsigned* char pp, pp, return `0`, return**)
378	DEFINEFUNC3(SSL_SESSION , d2i_SSL_SESSION, SSL_SESSION a, a, const* unsigned char *pp, pp, long* length, length, return nullptr, return)
379	#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG)
380	DEFINEFUNC6(int, SSL_select_next_proto, unsigned char *out, out, unsigned* char *outlen, outlen,
381	const unsigned char in, in, unsigned* int inlen, inlen,
382	const unsigned char client, client, unsigned* int client_len, client_len,
383	return -`1`, return)
384	DEFINEFUNC3(void, SSL_CTX_set_next_proto_select_cb, SSL_CTX *s, s,
385	int (cb) (SSL ssl, unsigned char **out,
386	unsigned char *outlen,
387	const unsigned char *in,
388	unsigned int inlen, void *arg), cb,
389	void arg, arg, return*, DUMMYARG)
390	DEFINEFUNC3(void, SSL_get0_next_proto_negotiated, const SSL *s, s,
391	const unsigned char *data, data, unsigned* len, len, return*, DUMMYARG)
392	#if OPENSSL_VERSION_NUMBER >= 0x10002000L
393	DEFINEFUNC3(int, SSL_set_alpn_protos, SSL s, s, const* unsigned char *protos, protos,
394	unsigned protos_len, protos_len, return -`1`, return)
395	DEFINEFUNC3(void, SSL_CTX_set_alpn_select_cb, SSL_CTX *s, s,
396	int (cb) (SSL ssl, const unsigned char **out,
397	unsigned char *outlen,
398	const unsigned char *in,
399	unsigned int inlen, void *arg), cb,
400	void arg, arg, return*, DUMMYARG)
401	DEFINEFUNC3(void, SSL_get0_alpn_selected, const SSL s, s, const* unsigned char **data, data,
402	unsigned len, len, return*, DUMMYARG)
403	#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...
404	#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
405
406	DEFINEFUNC2(void, BIO_set_flags, BIO b, b, int* flags, flags, return, DUMMYARG)
407	DEFINEFUNC2(void, BIO_clear_flags, BIO b, b, int* flags, flags, return, DUMMYARG)
408	DEFINEFUNC2(void , BIO_get_ex_data, BIO b, b, int idx, idx, return nullptr, return)
409	DEFINEFUNC3(int, BIO_set_ex_data, BIO b, b, int* idx, idx, void data, data, return* -`1`, return)
410
411	DEFINEFUNC3(void , CRYPTO_malloc, size_t num, num, const* char file, file, int* line, line, return nullptr, return)
412	DEFINEFUNC(DH , DH_new, DUMMYARG, DUMMYARG, return* nullptr, return)
413	DEFINEFUNC(void, DH_free, DH dh, dh, return*, DUMMYARG)
414	DEFINEFUNC3(DH , d2i_DHparams, DHa, a, const* unsigned char *pp, pp, long* length, length, return nullptr, return)
415	DEFINEFUNC2(int, i2d_DHparams, DH a, a, unsigned* char p, p, return -`1`, return**)
416	DEFINEFUNC2(int, DH_check, DH dh, dh, int* codes, codes, return* `0`, return)
417	DEFINEFUNC3(BIGNUM , BN_bin2bn, const* unsigned char s, s, int* len, len, BIGNUM ret, ret, return* nullptr, return)
418	#ifndef OPENSSL_NO_EC
419	DEFINEFUNC(EC_KEY , EC_KEY_dup, const* EC_KEY ec, ec, return* nullptr, return)
420	DEFINEFUNC(EC_KEY , EC_KEY_new_by_curve_name, int* nid, nid, return nullptr, return)
421	DEFINEFUNC(void, EC_KEY_free, EC_KEY ecdh, ecdh, return*, DUMMYARG)
422	DEFINEFUNC2(size_t, EC_get_builtin_curves, EC_builtin_curve * r, r, size_t nitems, nitems, return `0`, return)
423	#if OPENSSL_VERSION_NUMBER >= 0x10002000L
424	DEFINEFUNC(int, EC_curve_nist2nid, const char name, name, return* `0`, return)
425	#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
426	#endif // OPENSSL_NO_EC
427
428	DEFINEFUNC5(int, PKCS12_parse, PKCS12 p12, p12, const* char pass, pass, EVP_PKEY *pkey, pkey, \
429	X509 cert, cert, STACK_OF(X509) ca, ca, return `1`, return);
430	DEFINEFUNC2(PKCS12 , d2i_PKCS12_bio, BIO bio, bio, PKCS12 pkcs12, pkcs12, return nullptr, return**);
431	DEFINEFUNC(void, PKCS12_free, PKCS12 pkcs12, pkcs12, return*, DUMMYARG)
432
433	DEFINEFUNC(X509_REQ, X509_REQ_new, void, DUMMYARG, return* NULL, return);
434	DEFINEFUNC(void, X509_REQ_free, X509_REQ req, req, return, return*);
435	#if OPENSSL_VERSION_NUMBER >= 0x10100000L
436	DEFINEFUNC(X509_NAME, X509_REQ_get_subject_name, X509_REQ req, req, return NULL, return);
437	DEFINEFUNC2(EVP_PKEY_CTX, EVP_PKEY_CTX_new_id, int* id, id, ENGINE e, e, return* NULL, return);
438	DEFINEFUNC(void, EVP_PKEY_CTX_free, EVP_PKEY_CTX ctx, ctx, return, return*);
439	DEFINEFUNC(int, EVP_PKEY_keygen_init, EVP_PKEY_CTX ctx, ctx, return* `0`, return);
440	DEFINEFUNC2(int, EVP_PKEY_keygen, EVP_PKEY_CTX ctx, ctx, EVP_PKEY pkey, pkey, return* `0`, return);
441	DEFINEFUNC5(int, RSA_pkey_ctx_ctrl, EVP_PKEY_CTX ctx, ctx, int* optype, optype, int cmd, cmd, int p1, p1, void p2, p2, return* `0`, return)
442
443	#endif
444	DEFINEFUNC7(int, X509_NAME_add_entry_by_txt, X509_NAME name, name, const* char field, field, int* type, type, const unsigned char bytes, bytes, int* len, len, int loc, loc, int set, set, return `0`, return);
445	DEFINEFUNC7(int, X509_NAME_add_entry_by_OBJ, X509_NAME name, name, const* ASN1_OBJECT obj, obj, int* type, type, const unsigned char bytes, bytes, int* len, len, int loc, loc, int set, set, return `0`, return);
446	DEFINEFUNC2(ASN1_OBJECT , OBJ_txt2obj, const* char s, s, int* no_name, no_name, return NULL, return);
447	DEFINEFUNC2(int, X509_REQ_set_pubkey, X509_REQ x, x, EVP_PKEY pkey, pkey, return `0`, return);
448	DEFINEFUNC3(int, X509_REQ_sign, X509_REQ x, x, EVP_PKEY pkey, pkey, const EVP_MD md, md, return* `0`, return);
449	DEFINEFUNC2(int, PEM_write_bio_X509_REQ, BIO bp, bp, X509_REQ x, x, return `0`, return);
450	DEFINEFUNC2(int, PEM_write_bio_X509_REQ_NEW, BIO bp, bp, X509_REQ x, x, return `0`, return);
451	DEFINEFUNC2(int, X509_REQ_set_version, X509_REQ x, x, long* version, version, return `0`, return);
452	DEFINEFUNC2(int, X509_REQ_add_extensions, X509_REQ req, req, STACK_OF(X509_EXTENSION) exts, exts, return `0`, return)
453	DEFINEFUNC(void, X509_EXTENSION_free, X509_EXTENSION ext, ext, return, return*)
454	DEFINEFUNC2(int, X509_EXTENSION_set_critical, X509_EXTENSION ex, ex, int* crit, crit, return `0`, return)
455	DEFINEFUNC3(X509, X509_REQ_to_X509, X509_REQ r, r, int days, days, EVP_PKEY pkey, pkey, return* NULL, return)
456	DEFINEFUNC2(int, PEM_write_bio_X509, BIO bp, bp, X509 x, x, return `0`, return)
457	DEFINEFUNC(X509, X509_new, void, DUMMYARG, return* NULL, return)
458	DEFINEFUNC2(int, ASN1_INTEGER_set, ASN1_INTEGER a, a, long* v, v, return `0`, return)
459	DEFINEFUNC2(int, X509_set_pubkey,X509 x, x, EVP_PKEY key, key, return `0`, return)
460	DEFINEFUNC2(int, X509_set_issuer_name, X509 x, x, X509_NAME name, name, return `0`, return)
461	DEFINEFUNC3(int, X509_sign, X509 x, x, EVP_PKEY key, key, const EVP_MD md, md, return* `0`, return)
462	DEFINEFUNC3(int, X509_add_ext, X509 x, x, X509_EXTENSION ex, ex, int loc, loc, return `0`, return)
463	DEFINEFUNC2(int, X509_set_version, X509 x, x, long* version, version, return `0`, return)
464	DEFINEFUNC2(int, X509_set_subject_name, X509 x, x, X509_NAME name, name, return `0`, return)
465	DEFINEFUNC(ASN1_OCTET_STRING , ASN1_OCTET_STRING_new, void, DUMMYARG, return* NULL, return)
466	DEFINEFUNC4(int, X509_pubkey_digest, const X509 data, data, const* EVP_MD type, type, unsigned* char md, md, unsigned* int len, len, return* `0`, return)
467	DEFINEFUNC3(int, ASN1_OCTET_STRING_set, ASN1_OCTET_STRING str, str, const* unsigned char data, data, int* len, len, return `0`, return)
468	DEFINEFUNC5(int, X509_add1_ext_i2d, X509 x, x, int* nid, nid, void value, value, int* crit, crit, unsigned long flags, flags, return `0`, return)
469	DEFINEFUNC(void, ASN1_OCTET_STRING_free, ASN1_OCTET_STRING a, a, return, return*)
470	DEFINEFUNC(ASN1_INTEGER , ASN1_INTEGER_new, void, DUMMYARG, return* NULL, return)
471	DEFINEFUNC(GENERAL_NAMES , GENERAL_NAMES_new, void, DUMMYARG, return* NULL, return)
472	DEFINEFUNC(GENERAL_NAME , GENERAL_NAME_new, void, DUMMYARG, return* NULL, return)
473	DEFINEFUNC(X509_NAME , X509_NAME_dup, X509_NAME xn, xn, return NULL, return)
474	DEFINEFUNC2(int, X509_set_serialNumber, X509 x, x, ASN1_INTEGER serial, serial, return `0`, return)
475	DEFINEFUNC(AUTHORITY_KEYID , AUTHORITY_KEYID_new, void, DUMMYARG, return* NULL, return)
476	DEFINEFUNC(ASN1_INTEGER , ASN1_INTEGER_dup, const* ASN1_INTEGER x, x, return* NULL, return)
477	DEFINEFUNC4(int, X509_NAME_digest, const X509_NAME data, data, const* EVP_MD type, type, unsigned* char md, md, unsigned* int len, len, return* `0`, return)
478	DEFINEFUNC(void, ASN1_INTEGER_free, ASN1_INTEGER a, a, return, return*)
479	DEFINEFUNC2(int, i2d_X509_REQ_bio, BIO bp, bp, X509_REQ req, req, return `0`, return)
480	DEFINEFUNC2(int, i2d_X509_bio, BIO bp, bp, X509 x509, x509, return `0`, return)
481
482	#define RESOLVEFUNC(func) \
483	if (!(_q_##func = _q_PTR_##func(libs.ssl ->resolve(#func))) \
484	&& !(_q_##func = _q_PTR_##func(libs.crypto ->resolve(#func)))) \
485	qsslSocketCannotResolveSymbolWarning(#func);
486
487	#if !defined QT_LINKED_OPENSSL
488
489	#if !QT_CONFIG(library)
490	bool q_resolveOpenSslSymbols()
491	{
492	qCWarning(lcSsl, "QSslSocket: unable to resolve symbols. Qt is configured without the "
493	"'library' feature, which means runtime resolving of libraries won't work.");
494	qCWarning(lcSsl, "Either compile Qt statically or with support for runtime resolving "
495	"of libraries.");
496	return false;
497	}
498	#else
499
500	# ifdef Q_OS_UNIX
501	struct NumericallyLess
502	{
503	typedef bool result_type;
504	result_type operator()(const QStringView &lhs, const QStringView &rhs) const
505	{
506	bool ok = false;
507	int b = `0`;
508	int a = lhs.toInt(ok: &ok);
509	if (ok)
510	b = rhs.toInt(ok: &ok);
511	if (ok) {
512	// both toInt succeeded
513	return a < b;
514	} else {
515	// compare as strings;
516	return lhs < rhs;
517	}
518	}
519	};
520
521	struct LibGreaterThan
522	{
523	typedef bool result_type;
524	result_type operator()(const QString &lhs, const QString &rhs) const
525	{
526	const QList<QStringView> lhsparts = QStringView {lhs}.split(sep: QLatin1Char (`'.'`));
527	const QList<QStringView> rhsparts = QStringView {rhs}.split(sep: QLatin1Char (`'.'`));
528	Q_ASSERT(lhsparts.size() > `1` && rhsparts.size() > `1`);
529
530	// note: checking rhs < lhs, the same as lhs > rhs
531	return std::lexicographical_compare(first1: rhsparts.begin() + `1`, last1: rhsparts.end(),
532	first2: lhsparts.begin() + `1`, last2: lhsparts.end(),
533	comp: NumericallyLess ());
534	}
535	};
536
537	#if defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID)
538	static int dlIterateCallback(struct dl_phdr_info info, size_t size, void* *data)
539	{
540	if (size < sizeof (info->dlpi_addr) + sizeof (info->dlpi_name))
541	return `1`;
542	QSet<QString> paths = (QSet<QString> )data;
543	QString path = QString::fromLocal8Bit(ba: info->dlpi_name);
544	if (!path.isEmpty()) {
545	QFileInfo fi(path);
546	path = fi.absolutePath();
547	if (!path.isEmpty())
548	paths->insert(value: path);
549	}
550	return `0`;
551	}
552	#endif
553
554	static QStringList libraryPathList()
555	{
556	QStringList paths;
557	# ifdef Q_OS_DARWIN
558	paths = QString::fromLatin1(qgetenv("DYLD_LIBRARY_PATH"))
559	.split(QLatin1Char(`':'`), QString::SkipEmptyParts);
560
561	// search in .app/Contents/Frameworks
562	UInt32 packageType;
563	CFBundleGetPackageInfo(CFBundleGetMainBundle(), &packageType, nullptr);
564	if (packageType == FOUR_CHAR_CODE(`'APPL'`)) {
565	QUrl bundleUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyBundleURL(CFBundleGetMainBundle())));
566	QUrl frameworksUrl = QUrl::fromCFURL(QCFType<CFURLRef>(CFBundleCopyPrivateFrameworksURL(CFBundleGetMainBundle())));
567	paths << bundleUrl.resolved(frameworksUrl).path();
568	}
569	# else
570	paths = QString::fromLatin1(ba: qgetenv(varName: "LD_LIBRARY_PATH"))
571	.split(sep: QLatin1Char (`':'`), behavior: Qt::SkipEmptyParts);
572	# endif
573	paths << QLatin1String ("/lib") << QLatin1String ("/usr/lib") << QLatin1String ("/usr/local/lib");
574	paths << QLatin1String ("/lib64") << QLatin1String ("/usr/lib64") << QLatin1String ("/usr/local/lib64");
575	paths << QLatin1String ("/lib32") << QLatin1String ("/usr/lib32") << QLatin1String ("/usr/local/lib32");
576
577	#if defined(Q_OS_ANDROID)
578	paths << QLatin1String("/system/lib");
579	#elif defined(Q_OS_LINUX)
580	// discover paths of already loaded libraries
581	QSet<QString> loadedPaths;
582	dl_iterate_phdr(callback: dlIterateCallback, data: &loadedPaths);
583	paths.append(other: loadedPaths.values());
584	#endif
585
586	return paths;
587	}
588
589	Q_NEVER_INLINE
590	static QStringList findAllLibs(QLatin1String filter)
591	{
592	const QStringList paths = libraryPathList();
593	QStringList found;
594	const QStringList filters((QString (filter)));
595
596	for (const QString &path : paths) {
597	QDir dir(path);
598	QStringList entryList = dir.entryList(nameFilters: filters, filters: QDir::Files);
599
600	std::sort(first: entryList.begin(), last: entryList.end(), comp: LibGreaterThan ());
601	for (const QString &entry : std::as_const(t&: entryList))
602	found << path + QLatin1Char (`'/'`) + entry;
603	}
604
605	return found;
606	}
607
608	static QStringList findAllLibSsl()
609	{
610	return findAllLibs(filter: QLatin1String ("libssl.*"));
611	}
612
613	static QStringList findAllLibCrypto()
614	{
615	return findAllLibs(filter: QLatin1String ("libcrypto.*"));
616	}
617	# endif
618
619	#ifdef Q_OS_WIN
620
621	struct LoadedOpenSsl {
622	std::unique_ptr<QSystemLibrary> ssl, crypto;
623	};
624
625	static bool tryToLoadOpenSslWin32Library(QLatin1String ssleay32LibName, QLatin1String libeay32LibName, LoadedOpenSsl &result)
626	{
627	auto ssleay32 = std::make_unique<QSystemLibrary>(ssleay32LibName);
628	if (!ssleay32->load(false)) {
629	return FALSE;
630	}
631
632	auto libeay32 = std::make_unique<QSystemLibrary>(libeay32LibName);
633	if (!libeay32->load(false)) {
634	return FALSE;
635	}
636
637	result.ssl = std::move(ssleay32);
638	result.crypto = std::move(libeay32);
639	return TRUE;
640	}
641
642	static LoadedOpenSsl loadOpenSsl()
643	{
644	LoadedOpenSsl result;
645
646	#if QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
647	// With OpenSSL 1.1 the names have changed to libssl-1_1(-x64) and libcrypto-1_1(-x64), for builds using
648	// MSVC and GCC, (-x64 suffix for 64-bit builds).
649
650	#ifdef Q_PROCESSOR_X86_64
651	#define QT_SSL_SUFFIX "-x64"
652	#else // !Q_PROCESSOFR_X86_64
653	#define QT_SSL_SUFFIX
654	#endif // !Q_PROCESSOR_x86_64
655
656	#if QT_CONFIG(opensslv11)
657	tryToLoadOpenSslWin32Library(QLatin1String("libssl-1_1" QT_SSL_SUFFIX),
658	QLatin1String("libcrypto-1_1" QT_SSL_SUFFIX), result);
659	#elif QT_CONFIG(opensslv30)
660	tryToLoadOpenSslWin32Library(QLatin1String("libssl-3" QT_SSL_SUFFIX),
661	QLatin1String("libcrypto-3" QT_SSL_SUFFIX), result);
662	#endif
663
664	#undef QT_SSL_SUFFIX
665
666	#else // QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
667
668	// When OpenSSL is built using MSVC then the libraries are named 'ssleay32.dll' and 'libeay32'dll'.
669	// When OpenSSL is built using GCC then different library names are used (depending on the OpenSSL version)
670	// The oldest version of a GCC-based OpenSSL which can be detected by the code below is 0.9.8g (released in 2007)
671	if (!tryToLoadOpenSslWin32Library(QLatin1String("ssleay32"), QLatin1String("libeay32"), result)) {
672	if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-10"), QLatin1String("libcrypto-10"), result)) {
673	if (!tryToLoadOpenSslWin32Library(QLatin1String("libssl-8"), QLatin1String("libcrypto-8"), result)) {
674	tryToLoadOpenSslWin32Library(QLatin1String("libssl-7"), QLatin1String("libcrypto-7"), result);
675	}
676	}
677	}
678	#endif // !QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
679
680	return result;
681	}
682	#else
683
684	struct LoadedOpenSsl {
685	std::unique_ptr<QLibrary> ssl, crypto;
686	};
687
688	static LoadedOpenSsl loadOpenSsl()
689	{
690	LoadedOpenSsl result = {.ssl: std::make_unique<QLibrary>(), .crypto: std::make_unique<QLibrary>()};
691
692	# if defined(Q_OS_UNIX)
693	QLibrary * const libssl = result.ssl.get();
694	QLibrary * const libcrypto = result.crypto.get();
695
696	// Try to find the libssl library on the system.
697	//
698	// Up until Qt 4.3, this only searched for the "ssl" library at version -1, that
699	// is, libssl.so on most Unix systems. However, the .so file isn't present in
700	// user installations because it's considered a development file.
701	//
702	// The right thing to do is to load the library at the major version we know how
703	// to work with: the SHLIB_VERSION_NUMBER version (macro defined in opensslv.h)
704	//
705	// However, OpenSSL is a well-known case of binary-compatibility breakage. To
706	// avoid such problems, many system integrators and Linux distributions change
707	// the soname of the binary, letting the full version number be the soname. So
708	// we'll find libssl.so.0.9.7, libssl.so.0.9.8, etc. in the system. For that
709	// reason, we will search a few common paths (see findAllLibSsl() above) in hopes
710	// we find one that works.
711	//
712	// If that fails, for OpenSSL 1.0 we also try some fallbacks -- look up
713	// libssl.so with a hardcoded soname. The reason is QTBUG-68156: the binary
714	// builds of Qt happen (at the time of this writing) on RHEL machines,
715	// which change SHLIB_VERSION_NUMBER to a non-portable string. When running
716	// those binaries on the target systems, this code won't pick up
717	// libssl.so.MODIFIED_SHLIB_VERSION_NUMBER because it doesn't exist there.
718	// Given that the only 1.0 supported release (at the time of this writing)
719	// is 1.0.2, with soname "1.0.0", give that a try too. Note that we mandate
720	// OpenSSL >= 1.0.0 with a configure-time check, and OpenSSL has kept binary
721	// compatibility between 1.0.0 and 1.0.2.
722	//
723	// It is important, however, to try the canonical name and the unversioned name
724	// without going through the loop. By not specifying a path, we let the system
725	// dlopen(3) function determine it for us. This will include any DT_RUNPATH or
726	// DT_RPATH tags on our library header as well as other system-specific search
727	// paths. See the man page for dlopen(3) on your system for more information.
728
729	#ifdef Q_OS_OPENBSD
730	libcrypto->setLoadHints(QLibrary::ExportExternalSymbolsHint);
731	#endif
732	#if defined(SHLIB_VERSION_NUMBER) && !defined(Q_OS_QNX) // on QNX, the libs are always libssl.so and libcrypto.so
733	// first attempt: the canonical name is libssl.so.<SHLIB_VERSION_NUMBER>
734	libssl->setFileNameAndVersion(QLatin1String("ssl"), QLatin1String(SHLIB_VERSION_NUMBER));
735	libcrypto->setFileNameAndVersion(QLatin1String("crypto"), QLatin1String(SHLIB_VERSION_NUMBER));
736	if (libcrypto->load() && libssl->load()) {
737	// libssl.so.<SHLIB_VERSION_NUMBER> and libcrypto.so.<SHLIB_VERSION_NUMBER> found
738	return result;
739	} else {
740	libssl->unload();
741	libcrypto->unload();
742	}
743
744	#if !QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
745	// first-and-half attempts: for OpenSSL 1.0 try to load some hardcoded sonames:
746	// - "1.0.0" is the official upstream one
747	// - "1.0.2" is found on some distributions (e.g. Debian) that patch OpenSSL
748	static const QLatin1String fallbackSonames[] = {
749	QLatin1String("1.0.0"),
750	QLatin1String("1.0.2")
751	};
752
753	for (auto fallbackSoname : fallbackSonames) {
754	libssl->setFileNameAndVersion(QLatin1String("ssl"), fallbackSoname);
755	libcrypto->setFileNameAndVersion(QLatin1String("crypto"), fallbackSoname);
756	if (libcrypto->load() && libssl->load()) {
757	return result;
758	} else {
759	libssl->unload();
760	libcrypto->unload();
761	}
762	}
763	#endif
764	#endif
765
766	#ifndef Q_OS_DARWIN
767	// second attempt: find the development files libssl.so and libcrypto.so
768	//
769	// disabled on macOS/iOS:
770	// macOS's /usr/lib/libssl.dylib, /usr/lib/libcrypto.dylib will be picked up in the third
771	// attempt, _after_ <bundle>/Contents/Frameworks has been searched.
772	// iOS does not ship a system libssl.dylib, libcrypto.dylib in the first place.
773	# if defined(Q_OS_ANDROID)
774	// OpenSSL 1.1.x must be suffixed otherwise it will use the system libcrypto.so libssl.so which on API-21 are OpenSSL 1.0 not 1.1
775	auto openSSLSuffix = [](const QByteArray &defaultSuffix = {}) {
776	auto suffix = qgetenv("ANDROID_OPENSSL_SUFFIX");
777	if (suffix.isEmpty())
778	return defaultSuffix;
779	return suffix;
780	};
781	# if QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
782	static QString suffix = QString::fromLatin1(openSSLSuffix("_1_1"));
783	# else
784	static QString suffix = QString::fromLatin1(openSSLSuffix());
785	# endif
786	libssl->setFileNameAndVersion(QLatin1String("ssl") + suffix, -`1`);
787	libcrypto->setFileNameAndVersion(QLatin1String("crypto") + suffix, -`1`);
788	# else
789	libssl->setFileNameAndVersion(fileName: QLatin1String ("ssl"), verNum: -`1`);
790	libcrypto->setFileNameAndVersion(fileName: QLatin1String ("crypto"), verNum: -`1`);
791	# endif
792	if (libcrypto->load() && libssl->load()) {
793	// libssl.so.0 and libcrypto.so.0 found
794	return result;
795	} else {
796	libssl->unload();
797	libcrypto->unload();
798	}
799	#endif
800
801	// third attempt: loop on the most common library paths and find libssl
802	const QStringList sslList = findAllLibSsl();
803	const QStringList cryptoList = findAllLibCrypto();
804
805	for (const QString &crypto : cryptoList) {
806	libcrypto->setFileNameAndVersion(fileName: crypto, verNum: -`1`);
807	if (libcrypto->load()) {
808	QFileInfo fi(crypto);
809	QString version = fi.completeSuffix();
810
811	for (const QString &ssl : sslList) {
812	if (!ssl.endsWith(s: version))
813	continue;
814
815	libssl->setFileNameAndVersion(fileName: ssl, verNum: -`1`);
816
817	if (libssl->load()) {
818	// libssl.so.x and libcrypto.so.x found
819	return result;
820	} else {
821	libssl->unload();
822	}
823	}
824	}
825	libcrypto->unload();
826	}
827
828	// failed to load anything
829	result = {};
830	return result;
831
832	# else
833	// not implemented for this platform yet
834	return result;
835	# endif
836	}
837	#endif
838
839	static QBasicMutex symbolResolveMutex;
840	static QBasicAtomicInt symbolsResolved = Q_BASIC_ATOMIC_INITIALIZER(false);
841	static bool triedToResolveSymbols = false;
842
843	bool q_resolveOpenSslSymbols()
844	{
845	if (symbolsResolved.loadAcquire())
846	return true;
847	QMutexLocker locker(&symbolResolveMutex);
848	if (symbolsResolved.loadRelaxed())
849	return true;
850	if (triedToResolveSymbols)
851	return false;
852	triedToResolveSymbols = true;
853
854	LoadedOpenSsl libs = loadOpenSsl();
855	if (!libs.ssl \|\| !libs.crypto)
856	// failed to load them
857	return false;
858
859	#if QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
860	RESOLVEFUNC(X509_REQ_get_subject_name) // v1.1.0
861	RESOLVEFUNC(OPENSSL_init_ssl)
862	RESOLVEFUNC(OPENSSL_init_crypto)
863	RESOLVEFUNC(ASN1_STRING_get0_data)
864	RESOLVEFUNC(EVP_CIPHER_CTX_reset)
865	RESOLVEFUNC(EVP_PKEY_base_id)
866	RESOLVEFUNC(RSA_bits)
867	RESOLVEFUNC(OPENSSL_sk_new_null)
868	RESOLVEFUNC(OPENSSL_sk_push)
869	RESOLVEFUNC(OPENSSL_sk_free)
870	RESOLVEFUNC(OPENSSL_sk_num)
871	RESOLVEFUNC(OPENSSL_sk_pop_free)
872	RESOLVEFUNC(OPENSSL_sk_value)
873	RESOLVEFUNC(DH_get0_pqg)
874	RESOLVEFUNC(CRYPTO_get_ex_new_index)
875	RESOLVEFUNC(X509_up_ref)
876	RESOLVEFUNC(X509_STORE_CTX_get0_chain)
877	RESOLVEFUNC(X509_getm_notBefore)
878	RESOLVEFUNC(X509_getm_notAfter)
879	RESOLVEFUNC(X509_get_version)
880	RESOLVEFUNC(X509_get_pubkey)
881	RESOLVEFUNC(X509_STORE_set_verify_cb)
882	RESOLVEFUNC(CRYPTO_free)
883	RESOLVEFUNC(OpenSSL_version_num)
884	RESOLVEFUNC(OpenSSL_version)
885	if (!_q_OpenSSL_version) {
886	// Apparently, we were built with OpenSSL 1.1 enabled but are now using
887	// a wrong library.
888	qCWarning(lcSsl, "Incompatible version of OpenSSL");
889	return false;
890	}
891
892	RESOLVEFUNC(DH_bits)
893
894	RESOLVEFUNC(BIO_set_data)
895	RESOLVEFUNC(BIO_get_data)
896	RESOLVEFUNC(BIO_set_init)
897	RESOLVEFUNC(BIO_get_shutdown)
898	RESOLVEFUNC(BIO_set_shutdown)
899	RESOLVEFUNC(EVP_PKEY_CTX_new_id)
900	RESOLVEFUNC(EVP_PKEY_CTX_free)
901	RESOLVEFUNC(EVP_PKEY_keygen_init)
902	RESOLVEFUNC(EVP_PKEY_keygen);
903	RESOLVEFUNC(RSA_pkey_ctx_ctrl);
904	RESOLVEFUNC(BIO_free_all)
905	RESOLVEFUNC(X509_REQ_new)
906	RESOLVEFUNC(X509_REQ_set_version)
907	RESOLVEFUNC(OBJ_txt2obj)
908	RESOLVEFUNC(X509_NAME_add_entry_by_OBJ)
909	RESOLVEFUNC(X509_REQ_add_extensions)
910	RESOLVEFUNC(X509_EXTENSION_free)
911	RESOLVEFUNC(X509_REQ_set_pubkey)
912	RESOLVEFUNC(X509_REQ_sign)
913	RESOLVEFUNC(PEM_write_bio_X509_REQ)
914	RESOLVEFUNC(X509_REQ_free)
915
916	#else // !opensslv11
917
918	RESOLVEFUNC(ASN1_STRING_data)
919
920	#ifdef SSLEAY_MACROS
921	RESOLVEFUNC(ASN1_dup)
922	#endif // SSLEAY_MACROS
923	RESOLVEFUNC(BIO_new_file)
924	RESOLVEFUNC(ERR_clear_error)
925	RESOLVEFUNC(ERR_load_crypto_strings)
926	RESOLVEFUNC(CRYPTO_free)
927	RESOLVEFUNC(CRYPTO_num_locks)
928	RESOLVEFUNC(CRYPTO_set_id_callback)
929	RESOLVEFUNC(CRYPTO_set_locking_callback)
930	RESOLVEFUNC(ERR_peek_last_error)
931	RESOLVEFUNC(ERR_free_strings)
932	RESOLVEFUNC(EVP_CIPHER_CTX_cleanup)
933	RESOLVEFUNC(EVP_CIPHER_CTX_init)
934
935	#ifdef SSLEAY_MACROS // ### verify
936	RESOLVEFUNC(PEM_ASN1_read_bio)
937	#endif // SSLEAY_MACROS
938
939	RESOLVEFUNC(sk_new_null)
940	RESOLVEFUNC(sk_push)
941	RESOLVEFUNC(sk_free)
942	RESOLVEFUNC(sk_num)
943	RESOLVEFUNC(sk_pop_free)
944	RESOLVEFUNC(sk_value)
945	RESOLVEFUNC(X509_STORE_CTX_get_chain)
946	#ifdef SSLEAY_MACROS
947	RESOLVEFUNC(i2d_RSAPrivateKey)
948	RESOLVEFUNC(d2i_RSAPrivateKey)
949	#endif
950
951	RESOLVEFUNC(CONF_get1_default_config_file)
952	RESOLVEFUNC(OPENSSL_add_all_algorithms_noconf)
953	RESOLVEFUNC(OPENSSL_add_all_algorithms_conf)
954	RESOLVEFUNC(SSLeay)
955	RESOLVEFUNC(X509_REQ_new)
956	RESOLVEFUNC(X509_REQ_free)
957	RESOLVEFUNC(X509_NAME_add_entry_by_txt)
958	RESOLVEFUNC(X509_NAME_add_entry_by_OBJ)
959	RESOLVEFUNC(OBJ_txt2obj)
960	RESOLVEFUNC(X509_REQ_add_extensions)
961
962	RESOLVEFUNC(X509_REQ_set_pubkey)
963	RESOLVEFUNC(X509_REQ_sign)
964	RESOLVEFUNC(PEM_write_bio_X509_REQ)
965	RESOLVEFUNC(PEM_write_bio_X509_REQ_NEW)
966	RESOLVEFUNC(X509_REQ_set_version)
967	RESOLVEFUNC(BIO_free_all)
968	RESOLVEFUNC(X509_EXTENSION_free)
969
970	if (!_q_SSLeay \|\| q_SSLeay() >= `0x10100000L`) {
971	// OpenSSL 1.1 has deprecated and removed SSLeay. We consider a failure to
972	// resolve this symbol as a failure to resolve symbols.
973	// The right operand of '\|\|' above is ... a bit of paranoia.
974	qCWarning(lcSsl, "Incompatible version of OpenSSL");
975	return false;
976	}
977
978
979	RESOLVEFUNC(SSLeay_version)
980
981	#ifndef OPENSSL_NO_EC
982	#if OPENSSL_VERSION_NUMBER >= 0x10002000L
983	if (q_SSLeay() >= `0x10002000L`)
984	RESOLVEFUNC(EC_curve_nist2nid)
985	#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
986	#endif // OPENSSL_NO_EC
987
988
989	#endif // !opensslv11
990
991	RESOLVEFUNC(ASN1_INTEGER_get)
992	RESOLVEFUNC(ASN1_INTEGER_cmp)
993	RESOLVEFUNC(ASN1_STRING_length)
994	RESOLVEFUNC(ASN1_STRING_to_UTF8)
995	RESOLVEFUNC(BIO_ctrl)
996	RESOLVEFUNC(BIO_free)
997	RESOLVEFUNC(BIO_new)
998	RESOLVEFUNC(BIO_new_mem_buf)
999	RESOLVEFUNC(BIO_read)
1000	RESOLVEFUNC(BIO_s_mem)
1001	RESOLVEFUNC(BIO_write)
1002	RESOLVEFUNC(BIO_set_flags)
1003	RESOLVEFUNC(BIO_clear_flags)
1004	RESOLVEFUNC(BIO_set_ex_data)
1005	RESOLVEFUNC(BIO_get_ex_data)
1006	RESOLVEFUNC(X509V3_EXT_conf_nid)
1007	RESOLVEFUNC(X509_EXTENSION_set_critical)
1008
1009	#ifndef OPENSSL_NO_EC
1010	RESOLVEFUNC(EC_KEY_get0_group)
1011	RESOLVEFUNC(EC_GROUP_get_degree)
1012	#endif
1013	RESOLVEFUNC(BN_num_bits)
1014	#if QT_CONFIG(opensslv11) \| QT_CONFIG(opensslv30)
1015	RESOLVEFUNC(BN_is_word)
1016	#endif
1017	RESOLVEFUNC(BN_mod_word)
1018	RESOLVEFUNC(BN_set_word)
1019	RESOLVEFUNC(BN_new)
1020	RESOLVEFUNC(BN_free)
1021	RESOLVEFUNC(BN_clear)
1022	RESOLVEFUNC(BN_clear_free)
1023	RESOLVEFUNC(ERR_error_string)
1024	RESOLVEFUNC(ERR_error_string_n)
1025	RESOLVEFUNC(ERR_get_error)
1026	RESOLVEFUNC(EVP_CIPHER_CTX_new)
1027	RESOLVEFUNC(EVP_CIPHER_CTX_free)
1028	RESOLVEFUNC(EVP_CIPHER_CTX_ctrl)
1029	RESOLVEFUNC(EVP_CIPHER_CTX_set_key_length)
1030	RESOLVEFUNC(EVP_CipherInit)
1031	RESOLVEFUNC(EVP_CipherInit_ex)
1032	RESOLVEFUNC(EVP_CipherUpdate)
1033	RESOLVEFUNC(EVP_CipherFinal)
1034	RESOLVEFUNC(EVP_get_digestbyname)
1035	RESOLVEFUNC(EVP_sha1)
1036	RESOLVEFUNC(EVP_sha256)
1037	RESOLVEFUNC(EVP_aes_256_gcm)
1038	RESOLVEFUNC(EVP_aes_128_cbc)
1039	RESOLVEFUNC(EVP_PKEY_assign)
1040	RESOLVEFUNC(EVP_PKEY_set1_RSA)
1041	RESOLVEFUNC(EVP_PKEY_set1_DH)
1042	#ifndef OPENSSL_NO_EC
1043	RESOLVEFUNC(EVP_PKEY_set1_EC_KEY)
1044	#endif
1045	RESOLVEFUNC(EVP_PKEY_free)
1046	RESOLVEFUNC(EVP_PKEY_get1_RSA)
1047	RESOLVEFUNC(EVP_PKEY_get1_DH)
1048	#ifndef OPENSSL_NO_EC
1049	RESOLVEFUNC(EVP_PKEY_get1_EC_KEY)
1050	#endif
1051	RESOLVEFUNC(EVP_PKEY_new)
1052	RESOLVEFUNC(EVP_PKEY_type)
1053	RESOLVEFUNC(OBJ_nid2sn)
1054	RESOLVEFUNC(OBJ_nid2ln)
1055	RESOLVEFUNC(OBJ_sn2nid)
1056	RESOLVEFUNC(OBJ_ln2nid)
1057	RESOLVEFUNC(i2t_ASN1_OBJECT)
1058	RESOLVEFUNC(OBJ_obj2txt)
1059	RESOLVEFUNC(OBJ_obj2nid)
1060
1061	#ifndef SSLEAY_MACROS
1062	RESOLVEFUNC(PEM_read_bio_PrivateKey)
1063	RESOLVEFUNC(PEM_write_bio_PKCS8PrivateKey)
1064	RESOLVEFUNC(PEM_read_bio_RSAPrivateKey)
1065	#ifndef OPENSSL_NO_EC
1066	RESOLVEFUNC(PEM_read_bio_ECPrivateKey)
1067	#endif
1068	RESOLVEFUNC(PEM_read_bio_DHparams)
1069	RESOLVEFUNC(PEM_write_bio_RSAPrivateKey)
1070	RESOLVEFUNC(PEM_write_bio_PrivateKey)
1071	#ifndef OPENSSL_NO_EC
1072	RESOLVEFUNC(PEM_write_bio_ECPrivateKey)
1073	#endif
1074	#endif // !SSLEAY_MACROS
1075
1076	RESOLVEFUNC(PEM_read_bio_PUBKEY)
1077	RESOLVEFUNC(PEM_read_bio_RSA_PUBKEY)
1078	#ifndef OPENSSL_NO_EC
1079	RESOLVEFUNC(PEM_read_bio_EC_PUBKEY)
1080	#endif
1081	RESOLVEFUNC(PEM_write_bio_RSA_PUBKEY)
1082	RESOLVEFUNC(PEM_write_bio_PUBKEY)
1083	#ifndef OPENSSL_NO_EC
1084	RESOLVEFUNC(PEM_write_bio_EC_PUBKEY)
1085	#endif
1086	RESOLVEFUNC(RAND_seed)
1087	RESOLVEFUNC(RAND_status)
1088	RESOLVEFUNC(RAND_bytes)
1089	RESOLVEFUNC(RSA_new)
1090	RESOLVEFUNC(RSA_generate_key_ex);
1091	RESOLVEFUNC(RSA_free)
1092	RESOLVEFUNC(X509_NAME_entry_count)
1093	RESOLVEFUNC(X509_NAME_get_entry)
1094	RESOLVEFUNC(X509_NAME_ENTRY_get_data)
1095	RESOLVEFUNC(X509_NAME_ENTRY_get_object)
1096	RESOLVEFUNC(X509_PUBKEY_get)
1097	RESOLVEFUNC(X509_STORE_free)
1098	RESOLVEFUNC(X509_STORE_new)
1099	RESOLVEFUNC(X509_STORE_add_cert)
1100	RESOLVEFUNC(X509_STORE_CTX_free)
1101	RESOLVEFUNC(X509_STORE_CTX_init)
1102	RESOLVEFUNC(X509_STORE_CTX_new)
1103	RESOLVEFUNC(X509_STORE_CTX_set_purpose)
1104	RESOLVEFUNC(X509_STORE_CTX_get_error)
1105	RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
1106	RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
1107	RESOLVEFUNC(X509_cmp)
1108	RESOLVEFUNC(X509_STORE_CTX_get_ex_data)
1109
1110	#ifndef SSLEAY_MACROS
1111	RESOLVEFUNC(X509_dup)
1112	#endif
1113	RESOLVEFUNC(X509_print)
1114	RESOLVEFUNC(X509_digest)
1115	RESOLVEFUNC(X509_EXTENSION_get_object)
1116	RESOLVEFUNC(X509_free)
1117	RESOLVEFUNC(X509_gmtime_adj)
1118	RESOLVEFUNC(ASN1_TIME_free)
1119	RESOLVEFUNC(X509_get_ext)
1120	RESOLVEFUNC(X509_get_ext_count)
1121	RESOLVEFUNC(X509_get_ext_d2i)
1122	RESOLVEFUNC(X509V3_EXT_get)
1123	RESOLVEFUNC(X509V3_EXT_d2i)
1124	RESOLVEFUNC(X509_EXTENSION_get_critical)
1125	RESOLVEFUNC(X509_EXTENSION_get_data)
1126	RESOLVEFUNC(BASIC_CONSTRAINTS_free)
1127	RESOLVEFUNC(AUTHORITY_KEYID_free)
1128	RESOLVEFUNC(GENERAL_NAME_free)
1129	RESOLVEFUNC(ASN1_STRING_print)
1130	RESOLVEFUNC(X509_check_issued)
1131	RESOLVEFUNC(X509_get_issuer_name)
1132	RESOLVEFUNC(X509_get_subject_name)
1133	RESOLVEFUNC(X509_get_serialNumber)
1134	RESOLVEFUNC(X509_verify_cert)
1135	RESOLVEFUNC(d2i_X509)
1136	RESOLVEFUNC(i2d_X509)
1137	RESOLVEFUNC(SSL_CTX_load_verify_locations)
1138	RESOLVEFUNC(i2d_SSL_SESSION)
1139	RESOLVEFUNC(d2i_SSL_SESSION)
1140	#if OPENSSL_VERSION_NUMBER >= 0x1000100fL && !defined(OPENSSL_NO_NEXTPROTONEG)
1141	RESOLVEFUNC(SSL_select_next_proto)
1142	RESOLVEFUNC(SSL_CTX_set_next_proto_select_cb)
1143	RESOLVEFUNC(SSL_get0_next_proto_negotiated)
1144	#endif // OPENSSL_VERSION_NUMBER >= 0x1000100fL ...
1145	#if OPENSSL_VERSION_NUMBER >= 0x10002000L
1146	RESOLVEFUNC(SSL_set_alpn_protos)
1147	RESOLVEFUNC(SSL_CTX_set_alpn_select_cb)
1148	RESOLVEFUNC(SSL_get0_alpn_selected)
1149	#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L ...
1150	RESOLVEFUNC(CRYPTO_malloc)
1151	RESOLVEFUNC(DH_new)
1152	RESOLVEFUNC(DH_free)
1153	RESOLVEFUNC(d2i_DHparams)
1154	RESOLVEFUNC(i2d_DHparams)
1155	RESOLVEFUNC(DH_check)
1156	RESOLVEFUNC(BN_bin2bn)
1157	#ifndef OPENSSL_NO_EC
1158	RESOLVEFUNC(EC_KEY_dup)
1159	RESOLVEFUNC(EC_KEY_new_by_curve_name)
1160	RESOLVEFUNC(EC_KEY_free)
1161	RESOLVEFUNC(EC_get_builtin_curves)
1162	#endif // OPENSSL_NO_EC
1163	RESOLVEFUNC(PKCS12_parse)
1164	RESOLVEFUNC(d2i_PKCS12_bio)
1165	RESOLVEFUNC(PKCS12_free)
1166	RESOLVEFUNC(X509_REQ_to_X509)
1167	RESOLVEFUNC(PEM_write_bio_X509)
1168	RESOLVEFUNC(X509_new)
1169	RESOLVEFUNC(ASN1_INTEGER_set)
1170	RESOLVEFUNC(X509_set_pubkey)
1171	RESOLVEFUNC(X509_set_issuer_name)
1172	RESOLVEFUNC(X509_sign)
1173	RESOLVEFUNC(X509_add_ext)
1174	RESOLVEFUNC(X509_set_version)
1175	RESOLVEFUNC(X509_set_subject_name)
1176	RESOLVEFUNC(ASN1_OCTET_STRING_new)
1177	RESOLVEFUNC(X509_pubkey_digest)
1178	RESOLVEFUNC(ASN1_OCTET_STRING_set)
1179	RESOLVEFUNC(X509_add1_ext_i2d)
1180	RESOLVEFUNC(ASN1_OCTET_STRING_free)
1181	RESOLVEFUNC(ASN1_INTEGER_new)
1182	RESOLVEFUNC(GENERAL_NAMES_new)
1183	RESOLVEFUNC(GENERAL_NAME_new)
1184	RESOLVEFUNC(X509_NAME_dup)
1185	RESOLVEFUNC(X509_set_serialNumber)
1186	RESOLVEFUNC(AUTHORITY_KEYID_new)
1187	RESOLVEFUNC(ASN1_INTEGER_dup)
1188	RESOLVEFUNC(X509_NAME_digest)
1189	RESOLVEFUNC(ASN1_INTEGER_free)
1190	RESOLVEFUNC(i2d_X509_REQ_bio)
1191	RESOLVEFUNC(i2d_X509_bio)
1192
1193	symbolsResolved.storeRelease(newValue: true);
1194	return true;
1195	}
1196	#endif // QT_CONFIG(library)
1197
1198	#else // !defined QT_LINKED_OPENSSL
1199
1200	bool q_resolveOpenSslSymbols()
1201	{
1202	#ifdef QT_NO_OPENSSL
1203	return false;
1204	#endif
1205	return true;
1206	}
1207	#endif // !defined QT_LINKED_OPENSSL
1208
1209	//==============================================================================
1210	// contributed by Jay Case of Sarvega, Inc.; http://sarvega.com/
1211	// Based on X509_cmp_time() for initial buffer hacking.
1212	//==============================================================================
1213	QDateTime q_getTimeFromASN1(const ASN1_TIME *aTime)
1214	{
1215	size_t lTimeLength = aTime->length;
1216	char pString = (char* *) aTime->data;
1217
1218	if (aTime->type == V_ASN1_UTCTIME) {
1219
1220	char lBuffer[`24`];
1221	char *pBuffer = lBuffer;
1222
1223	if ((lTimeLength < `11`) \|\| (lTimeLength > `17`))
1224	return QDateTime ();
1225
1226	memcpy(dest: pBuffer, src: pString, n: `10`);
1227	pBuffer += `10`;
1228	pString += `10`;
1229
1230	if ((pString == `'Z'`) \|\| (pString == `'-'`) \|\| (*pString == `'+'`)) {
1231	*pBuffer++ = `'0'`;
1232	*pBuffer++ = `'0'`;
1233	} else {
1234	pBuffer++ = pString++;
1235	pBuffer++ = pString++;
1236	// Skip any fractional seconds...
1237	if (*pString == `'.'`) {
1238	pString++;
1239	while ((pString >= `'0'`) && (pString <= `'9'`))
1240	pString++;
1241	}
1242	}
1243
1244	*pBuffer++ = `'Z'`;
1245	*pBuffer++ = `'\0'`;
1246
1247	time_t lSecondsFromUCT;
1248	if (*pString == `'Z'`) {
1249	lSecondsFromUCT = `0`;
1250	} else {
1251	if ((pString != `'+'`) && (pString != `'-'`))
1252	return QDateTime ();
1253
1254	lSecondsFromUCT = ((pString[`1`] - `'0'`) * `10` + (pString[`2`] - `'0'`)) * `60`;
1255	lSecondsFromUCT += (pString[`3`] - `'0'`) * `10` + (pString[`4`] - `'0'`);
1256	lSecondsFromUCT *= `60`;
1257	if (*pString == `'-'`)
1258	lSecondsFromUCT = -lSecondsFromUCT;
1259	}
1260
1261	tm lTime;
1262	lTime.tm_sec = ((lBuffer[`10`] - `'0'`) * `10`) + (lBuffer[`11`] - `'0'`);
1263	lTime.tm_min = ((lBuffer[`8`] - `'0'`) * `10`) + (lBuffer[`9`] - `'0'`);
1264	lTime.tm_hour = ((lBuffer[`6`] - `'0'`) * `10`) + (lBuffer[`7`] - `'0'`);
1265	lTime.tm_mday = ((lBuffer[`4`] - `'0'`) * `10`) + (lBuffer[`5`] - `'0'`);
1266	lTime.tm_mon = (((lBuffer[`2`] - `'0'`) * `10`) + (lBuffer[`3`] - `'0'`)) - `1`;
1267	lTime.tm_year = ((lBuffer[`0`] - `'0'`) * `10`) + (lBuffer[`1`] - `'0'`);
1268	if (lTime.tm_year < `50`)
1269	lTime.tm_year += `100`; // RFC 2459
1270
1271	QDate resDate(lTime.tm_year + `1900`, lTime.tm_mon + `1`, lTime.tm_mday);
1272	QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1273
1274	QDateTime result(resDate, resTime, QTimeZone::UTC);
1275	result = result.addSecs(secs: lSecondsFromUCT);
1276	return result;
1277
1278	} else if (aTime->type == V_ASN1_GENERALIZEDTIME) {
1279
1280	if (lTimeLength < `15`)
1281	return QDateTime (); // hopefully never triggered
1282
1283	// generalized time is always YYYYMMDDHHMMSSZ (RFC 2459, section 4.1.2.5.2)
1284	tm lTime;
1285	lTime.tm_sec = ((pString[`12`] - `'0'`) * `10`) + (pString[`13`] - `'0'`);
1286	lTime.tm_min = ((pString[`10`] - `'0'`) * `10`) + (pString[`11`] - `'0'`);
1287	lTime.tm_hour = ((pString[`8`] - `'0'`) * `10`) + (pString[`9`] - `'0'`);
1288	lTime.tm_mday = ((pString[`6`] - `'0'`) * `10`) + (pString[`7`] - `'0'`);
1289	lTime.tm_mon = (((pString[`4`] - `'0'`) * `10`) + (pString[`5`] - `'0'`));
1290	lTime.tm_year = ((pString[`0`] - `'0'`) * `1000`) + ((pString[`1`] - `'0'`) * `100`) +
1291	((pString[`2`] - `'0'`) * `10`) + (pString[`3`] - `'0'`);
1292
1293	QDate resDate(lTime.tm_year, lTime.tm_mon, lTime.tm_mday);
1294	QTime resTime(lTime.tm_hour, lTime.tm_min, lTime.tm_sec);
1295
1296	QDateTime result(resDate, resTime, QTimeZone::UTC);
1297	return result;
1298
1299	} else {
1300	qCWarning(lcSsl, "unsupported date format detected");
1301	return QDateTime ();
1302	}
1303
1304	}
1305
1306	QT_END_NAMESPACE
1307

source code of qtopcua/src/opcua/x509/openssl_symbols.cpp