Fix build against openSSL 1.1

3 files changed, 450 insertions, 32 deletions

diff --git a/.SRCINFO b/.SRCINFO
index 2842a77a609a..f87392800443 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,9 +1,9 @@
 # Generated by mksrcinfo v8
-# Sat Feb 11 16:51:26 UTC 2017
+# Mon Jun  5 10:37:14 UTC 2017
 pkgbase = mingw-w64-qt4
 	pkgdesc = A cross-platform application and UI framework (mingw-w64)
 	pkgver = 4.8.7
-	pkgrel = 1
+	pkgrel = 2
 	url = http://qt-project.org/
 	arch = i686
 	arch = x86_64
@@ -44,20 +44,22 @@ pkgbase = mingw-w64-qt4
 	source = qt-dont-set-qt-dll-define-for-static-builds.patch
 	source = qt4-fix-linking-against-static-dbus.patch
 	source = qt-everywhere-opensource-src-4.8.7-gcc6.patch
-	md5sums = d990ee66bf7ab0c785589776f35ba6ad
-	md5sums = 3759f73b9c872ce692b7067daef134a9
-	md5sums = db6257762e051f2b7b18745dca2df43d
-	md5sums = 2cba45b6c52c20aa51265d61c1dd9856
-	md5sums = 6faad05e8897d3d88cc5b0f5205b2bdc
-	md5sums = 91d01b6d31887f78c7933c04544c5758
-	md5sums = 28660113fcb05f62ace400187eb8580a
-	md5sums = 63dc5a13265ed82b2ba3abd0aa7a59f7
-	md5sums = 7f8e12ad3b140e773c7a1f76cdd800f2
-	md5sums = 3fe6e419c1f21c59062db1f562c1f9bf
-	md5sums = 22fc6f20aa6af060c640fc3b9af888a9
-	md5sums = b6d9bcdd1df5115e7063d08bf75c2fd1
-	md5sums = 84a802e6619be4f43b2a9be0ec1a11ef
-	md5sums = 8ba77cd8f325c38daca8eadc982395a4
+	source = qt4-openssl-1.1.patch
+	sha256sums = e2882295097e47fe089f8ac741a95fef47e0a73a3f3cdf21b56990638f626ea0
+	sha256sums = 71f6e368bd7b14089d1e312f86970d1d5aa649b8e5c7f1f55b7381ec5d841755
+	sha256sums = 59d9355c66a810f56d56c3debc2c8f93412cea0e047f08745589e7a2492693e8
+	sha256sums = 73916d59566843f6b9ab8b9091a328b6443e09ca0478bb5c0f8a64777b69d4f5
+	sha256sums = 321603e3993efabc4dce5c4369d87ad407b7b95a6e63327a7e9ca832ee218666
+	sha256sums = 1e0eb85e1a88438ee1f99b5d27b775bf7d077bebf5de2e57fe831d0e39ce6df1
+	sha256sums = 08a98118a235681209848dfa204d9bf8a57248b58ad1670b5d1d42677c647cf2
+	sha256sums = 5e6a61ced784d7d24c65d81e769b67b8f6066a33581c8b17cdf374a4c723cd23
+	sha256sums = 21a36a92b988ed0054d07d97933d0392c4bbd651e005dab43257e0b0480a054c
+	sha256sums = fba6cf2b0bd5f6229b21b1cf4adf093c216a10c97255527d71979599b7047be8
+	sha256sums = 4a758b90b2768cef4877ae1b5bafca69902b88633a18d5ec3d5c6bb0064510a5
+	sha256sums = 9a8ad8953e465a141b53e9b925eb0bcd34832b2fe88d6a5237fb3abcaa4fa1a5
+	sha256sums = 5f9286d16cce0a1b1585102074cc06007053751fe7e351773c173be768e6c957
+	sha256sums = aaa073195b6fc47ebdc241574da4a29e7ba0a1ae51bdf9a64b866c683f30684a
+	sha256sums = ff3ddb5428cd2ff243558dc0c75b35f470077e9204bbc989ddcba04c866c1b68
 
 pkgname = mingw-w64-qt4
 
diff --git a/PKGBUILD b/PKGBUILD
index 204a10eeb90d..8a6323c1c589 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,7 +4,7 @@
 
 pkgname=mingw-w64-qt4
 pkgver=4.8.7
-pkgrel=1
+pkgrel=2
 pkgdesc='A cross-platform application and UI framework (mingw-w64)'
 arch=('i686' 'x86_64')
 url="http://qt-project.org/"
@@ -39,21 +39,23 @@ source=("http://download.qt-project.org/official_releases/qt/4.8/${pkgver}/${_pk
         'qt-4.8.1-fix-activeqt-compilation.patch'
         'qt-dont-set-qt-dll-define-for-static-builds.patch'
         'qt4-fix-linking-against-static-dbus.patch'
-        'qt-everywhere-opensource-src-4.8.7-gcc6.patch')
-md5sums=('d990ee66bf7ab0c785589776f35ba6ad'
-         '3759f73b9c872ce692b7067daef134a9'
-         'db6257762e051f2b7b18745dca2df43d'
-         '2cba45b6c52c20aa51265d61c1dd9856'
-         '6faad05e8897d3d88cc5b0f5205b2bdc'
-         '91d01b6d31887f78c7933c04544c5758'
-         '28660113fcb05f62ace400187eb8580a'
-         '63dc5a13265ed82b2ba3abd0aa7a59f7'
-         '7f8e12ad3b140e773c7a1f76cdd800f2'
-         '3fe6e419c1f21c59062db1f562c1f9bf'
-         '22fc6f20aa6af060c640fc3b9af888a9'
-         'b6d9bcdd1df5115e7063d08bf75c2fd1'
-         '84a802e6619be4f43b2a9be0ec1a11ef'
-         '8ba77cd8f325c38daca8eadc982395a4')
+        'qt-everywhere-opensource-src-4.8.7-gcc6.patch'
+         qt4-openssl-1.1.patch)
+sha256sums=('e2882295097e47fe089f8ac741a95fef47e0a73a3f3cdf21b56990638f626ea0'
+            '71f6e368bd7b14089d1e312f86970d1d5aa649b8e5c7f1f55b7381ec5d841755'
+            '59d9355c66a810f56d56c3debc2c8f93412cea0e047f08745589e7a2492693e8'
+            '73916d59566843f6b9ab8b9091a328b6443e09ca0478bb5c0f8a64777b69d4f5'
+            '321603e3993efabc4dce5c4369d87ad407b7b95a6e63327a7e9ca832ee218666'
+            '1e0eb85e1a88438ee1f99b5d27b775bf7d077bebf5de2e57fe831d0e39ce6df1'
+            '08a98118a235681209848dfa204d9bf8a57248b58ad1670b5d1d42677c647cf2'
+            '5e6a61ced784d7d24c65d81e769b67b8f6066a33581c8b17cdf374a4c723cd23'
+            '21a36a92b988ed0054d07d97933d0392c4bbd651e005dab43257e0b0480a054c'
+            'fba6cf2b0bd5f6229b21b1cf4adf093c216a10c97255527d71979599b7047be8'
+            '4a758b90b2768cef4877ae1b5bafca69902b88633a18d5ec3d5c6bb0064510a5'
+            '9a8ad8953e465a141b53e9b925eb0bcd34832b2fe88d6a5237fb3abcaa4fa1a5'
+            '5f9286d16cce0a1b1585102074cc06007053751fe7e351773c173be768e6c957'
+            'aaa073195b6fc47ebdc241574da4a29e7ba0a1ae51bdf9a64b866c683f30684a'
+            'ff3ddb5428cd2ff243558dc0c75b35f470077e9204bbc989ddcba04c866c1b68')
 
 _architectures="i686-w64-mingw32 x86_64-w64-mingw32"
 
@@ -118,6 +120,11 @@ prepare() {
   # GCC 6
   patch -Np1 -i "${srcdir}"/qt-everywhere-opensource-src-4.8.7-gcc6.patch
 
+  # Fix build with OpenSSL 1.1 (Debian + OpenMandriva)
+  patch -p1 -i "$srcdir"/qt4-openssl-1.1.patch
+  # qsslsocket_openssl_symbols.cpp:312:11: error: ‘_q_CRYPTO_free’ was not declared
+  sed -i "123iDEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG)" src/network/ssl/qsslsocket_openssl_symbols.cpp
+
   # Cross-compilation qmake target.
   mkdir -p mkspecs/win32-g++-cross
   mkdir -p mkspecs/win32-g++-cross-x64
diff --git a/qt4-openssl-1.1.patch b/qt4-openssl-1.1.patch
new file mode 100644
index 000000000000..87baef871b85
--- /dev/null
+++ b/qt4-openssl-1.1.patch
@@ -0,0 +1,409 @@
+Description: Compile with openssl-1.1.0
+ * Most changes are related to openssl structures are now opaque. 
+ * The network/ssl threading setup has been disabled because the
+   old openssl threading model has been removed and is apparently
+   no longer needed.
+ * A number of new functions had to be imported (see changes to
+   src/network/ssl/qsslsocket_openssl_symbols.cpp) 
+Author: Gert Wollny  <gw.fossdev@gmail.com>
+Last-Update: 2016-06-28
+Bug-Debian: http://bugs.debian.org/828522
+
+--- a/src/network/ssl/qsslcertificate.cpp
++++ b/src/network/ssl/qsslcertificate.cpp
+@@ -259,10 +259,10 @@
+ QByteArray QSslCertificate::version() const
+ {
+     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+-    if (d->versionString.isEmpty() && d->x509)
++    if (d->versionString.isEmpty() && d->x509) {
+         d->versionString =
+-            QByteArray::number(qlonglong(q_ASN1_INTEGER_get(d->x509->cert_info->version)) + 1);
+-
++	    QByteArray::number(qlonglong(q_X509_get_version(d->x509)) + 1);
++    }
+     return d->versionString;
+ }
+ 
+@@ -276,7 +276,7 @@
+ {
+     QMutexLocker lock(QMutexPool::globalInstanceGet(d.data()));
+     if (d->serialNumberString.isEmpty() && d->x509) {
+-        ASN1_INTEGER *serialNumber = d->x509->cert_info->serialNumber;
++        ASN1_INTEGER *serialNumber = q_X509_get_serialNumber(d->x509);
+         // if we cannot convert to a long, just output the hexadecimal number
+         if (serialNumber->length > 4) {
+             QByteArray hexString;
+@@ -489,24 +489,33 @@
+     QSslKey key;
+ 
+     key.d->type = QSsl::PublicKey;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     X509_PUBKEY *xkey = d->x509->cert_info->key;
++#else
++    X509_PUBKEY *xkey = q_X509_get_X509_PUBKEY(d->x509);
++#endif
+     EVP_PKEY *pkey = q_X509_PUBKEY_get(xkey);
+     Q_ASSERT(pkey);
+ 
+-    if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) {
++    int key_id;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++    key_id = q_EVP_PKEY_type(pkey->type);
++#else
++    key_id = q_EVP_PKEY_base_id(pkey);
++#endif
++    if (key_id == EVP_PKEY_RSA) {
+         key.d->rsa = q_EVP_PKEY_get1_RSA(pkey);
+         key.d->algorithm = QSsl::Rsa;
+         key.d->isNull = false;
+-    } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA) {
++    } else if (key_id == EVP_PKEY_DSA) {
+         key.d->dsa = q_EVP_PKEY_get1_DSA(pkey);
+         key.d->algorithm = QSsl::Dsa;
+         key.d->isNull = false;
+-    } else if (q_EVP_PKEY_type(pkey->type) == EVP_PKEY_DH) {
++    } else if (key_id == EVP_PKEY_DH) {
+         // DH unsupported
+     } else {
+         // error?
+     }
+-
+     q_EVP_PKEY_free(pkey);
+     return key;
+ }
+--- a/src/network/ssl/qsslkey.cpp
++++ b/src/network/ssl/qsslkey.cpp
+@@ -321,8 +321,19 @@
+ {
+     if (d->isNull)
+         return -1;
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     return (d->algorithm == QSsl::Rsa)
+            ? q_BN_num_bits(d->rsa->n) : q_BN_num_bits(d->dsa->p);
++#else
++    if (d->algorithm == QSsl::Rsa) {
++        return q_RSA_bits(d->rsa);
++    }else{
++        BIGNUM *p = NULL;
++        q_DSA_get0_pqg(d->dsa, &p, NULL, NULL);
++	return q_BN_num_bits(p);
++    }
++#endif
++
+ }
+ 
+ /*!
+--- a/src/network/ssl/qsslsocket_openssl.cpp
++++ b/src/network/ssl/qsslsocket_openssl.cpp
+@@ -93,6 +93,7 @@
+ bool QSslSocketPrivate::s_loadedCiphersAndCerts = false;
+ bool QSslSocketPrivate::s_loadRootCertsOnDemand = false;
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ /* \internal
+ 
+     From OpenSSL's thread(3) manual page:
+@@ -174,6 +175,8 @@
+ }
+ } // extern "C"
+ 
++#endif //OPENSSL_VERSION_NUMBER >= 0x10100000L
++
+ QSslSocketBackendPrivate::QSslSocketBackendPrivate()
+     : ssl(0),
+       ctx(0),
+@@ -222,9 +225,12 @@
+             ciph.d->encryptionMethod = descriptionList.at(4).mid(4);
+         ciph.d->exportable = (descriptionList.size() > 6 && descriptionList.at(6) == QLatin1String("export"));
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+         ciph.d->bits = cipher->strength_bits;
+         ciph.d->supportedBits = cipher->alg_bits;
+-
++#else
++	ciph.d->bits = q_SSL_CIPHER_get_bits(cipher, &ciph.d->supportedBits);
++#endif
+     }
+     return ciph;
+ }
+@@ -367,7 +373,7 @@
+         //
+         // See also: QSslContext::fromConfiguration()
+         if (caCertificate.expiryDate() >= QDateTime::currentDateTime()) {
+-            q_X509_STORE_add_cert(ctx->cert_store, (X509 *)caCertificate.handle());
++	  q_X509_STORE_add_cert(q_SSL_CTX_get_cert_store(ctx), (X509 *)caCertificate.handle());
+         }
+     }
+ 
+@@ -504,8 +510,10 @@
+ */
+ void QSslSocketPrivate::deinitialize()
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     q_CRYPTO_set_id_callback(0);
+     q_CRYPTO_set_locking_callback(0);
++#endif
+ }
+ 
+ /*!
+@@ -526,13 +534,17 @@
+         return false;
+ 
+     // Check if the library itself needs to be initialized.
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+     QMutexLocker locker(openssl_locks()->initLock());
++#endif
+     if (!s_libraryLoaded) {
+         s_libraryLoaded = true;
+ 
+         // Initialize OpenSSL.
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+         q_CRYPTO_set_id_callback(id_function);
+         q_CRYPTO_set_locking_callback(locking_function);
++#endif
+         if (q_SSL_library_init() != 1)
+             return false;
+         q_SSL_load_error_strings();
+@@ -571,7 +583,9 @@
+ 
+ void QSslSocketPrivate::ensureCiphersAndCertsLoaded()
+ {
+-    QMutexLocker locker(openssl_locks()->initLock());
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++  QMutexLocker locker(openssl_locks()->initLock());
++#endif
+     if (s_loadedCiphersAndCerts)
+         return;
+     s_loadedCiphersAndCerts = true;
+@@ -663,13 +677,18 @@
+     STACK_OF(SSL_CIPHER) *supportedCiphers = q_SSL_get_ciphers(mySsl);
+     for (int i = 0; i < q_sk_SSL_CIPHER_num(supportedCiphers); ++i) {
+         if (SSL_CIPHER *cipher = q_sk_SSL_CIPHER_value(supportedCiphers, i)) {
+-            if (cipher->valid) {
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++	  if (cipher->valid) {
++#endif
+                 QSslCipher ciph = QSslSocketBackendPrivate::QSslCipher_from_SSL_CIPHER(cipher);
+                 if (!ciph.isNull()) {
+                     if (!ciph.name().toLower().startsWith(QLatin1String("adh")))
+                         ciphers << ciph;
+                 }
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+             }
++#endif
+         }
+     }
+ 
+--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
++++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -399,7 +399,25 @@
+ 		PEM_ASN1_write_bio((int (*)(void*, unsigned char**))q_i2d_DSAPrivateKey,PEM_STRING_DSA,\
+ 			bp,(char *)x,enc,kstr,klen,cb,u)
+ #endif
++
++X509_STORE * q_SSL_CTX_get_cert_store(const SSL_CTX *ctx);
++ASN1_INTEGER * q_X509_get_serialNumber(X509 *x);
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define q_SSL_CTX_set_options(ctx,op) q_SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
++#define q_X509_get_version(x) X509_get_version(x)
++#else
++int q_EVP_PKEY_id(const EVP_PKEY *pkey);
++int q_EVP_PKEY_base_id(const EVP_PKEY *pkey);
++int q_SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
++long q_SSL_CTX_set_options(SSL_CTX *ctx, long options);
++long q_X509_get_version(X509 *x);
++X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x);
++int q_RSA_bits(const RSA *rsa);
++int q_DSA_security_bits(const DSA *dsa);
++void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g);
++#endif
++
+ #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
+ #define q_SKM_sk_value(type, st,i) ((type * (*)(const STACK_OF(type) *, int))q_sk_value)(st, i)
+ #define q_sk_GENERAL_NAME_num(st) q_SKM_sk_num(GENERAL_NAME, (st))
+@@ -410,8 +428,15 @@
+ #define q_sk_SSL_CIPHER_value(st, i) q_SKM_sk_value(SSL_CIPHER, (st), (i))
+ #define q_SSL_CTX_add_extra_chain_cert(ctx,x509) \
+         q_SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define q_X509_get_notAfter(x) X509_get_notAfter(x)
+ #define q_X509_get_notBefore(x) X509_get_notBefore(x)
++#else
++ASN1_TIME *q_X509_get_notAfter(X509 *x);
++ASN1_TIME *q_X509_get_notBefore(X509 *x);
++#endif
++
+ #define q_EVP_PKEY_assign_RSA(pkey,rsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ 					(char *)(rsa))
+ #define q_EVP_PKEY_assign_DSA(pkey,dsa) q_EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
++++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+@@ -290,6 +290,22 @@
+ DEFINEFUNC(void, OPENSSL_add_all_algorithms_conf, void, DUMMYARG, return, DUMMYARG)
+ DEFINEFUNC3(int, SSL_CTX_load_verify_locations, SSL_CTX *ctx, ctx, const char *CAfile, CAfile, const char *CApath, CApath, return 0, return)
+ DEFINEFUNC(long, SSLeay, void, DUMMYARG, return 0, return)
++DEFINEFUNC(X509_STORE *, SSL_CTX_get_cert_store, const SSL_CTX *ctx, ctx, return 0, return)
++
++DEFINEFUNC(ASN1_INTEGER *, X509_get_serialNumber, X509 *x, x, return 0, return)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++DEFINEFUNC(int, EVP_PKEY_id, const EVP_PKEY *pkey, pkey, return 0, return)
++DEFINEFUNC(int, EVP_PKEY_base_id, const EVP_PKEY *pkey, pkey, return 0, return)
++DEFINEFUNC2(int, SSL_CIPHER_get_bits, const SSL_CIPHER *cipher, cipher, int *alg_bits, alg_bits, return 0, return)
++DEFINEFUNC2(long, SSL_CTX_set_options, SSL_CTX *ctx, ctx, long options, options, return 0, return)
++DEFINEFUNC(long, X509_get_version, X509 *x, x, return 0, return)
++DEFINEFUNC(X509_PUBKEY *, X509_get_X509_PUBKEY, X509 *x, x, return 0, return)
++DEFINEFUNC(int, RSA_bits,  const RSA *rsa, rsa, return 0, return)
++DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return)
++DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return)
++DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return)
++DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return)
++#endif
+ 
+ #ifdef Q_OS_SYMBIAN
+ #define RESOLVEFUNC(func, ordinal, lib) \
+@@ -801,6 +817,7 @@
+     RESOLVEFUNC(SSL_CTX_use_PrivateKey)
+     RESOLVEFUNC(SSL_CTX_use_RSAPrivateKey)
+     RESOLVEFUNC(SSL_CTX_use_PrivateKey_file)
++    RESOLVEFUNC(SSL_CTX_get_cert_store)
+     RESOLVEFUNC(SSL_accept)
+     RESOLVEFUNC(SSL_clear)
+     RESOLVEFUNC(SSL_connect)
+@@ -823,6 +840,23 @@
+     RESOLVEFUNC(SSL_set_connect_state)
+     RESOLVEFUNC(SSL_shutdown)
+     RESOLVEFUNC(SSL_write)
++
++    RESOLVEFUNC(X509_get_serialNumber)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++    RESOLVEFUNC(SSL_CTX_ctrl)
++    RESOLVEFUNC(EVP_PKEY_id)
++    RESOLVEFUNC(EVP_PKEY_base_id)
++    RESOLVEFUNC(SSL_CIPHER_get_bits)
++    RESOLVEFUNC(SSL_CTX_set_options)
++    RESOLVEFUNC(X509_get_version)
++    RESOLVEFUNC(X509_get_X509_PUBKEY)
++    RESOLVEFUNC(RSA_bits)
++    RESOLVEFUNC(DSA_security_bits)
++    RESOLVEFUNC(DSA_get0_pqg)
++    RESOLVEFUNC(X509_get_notAfter)
++    RESOLVEFUNC(X509_get_notBefore)
++#endif
++
+ #ifndef OPENSSL_NO_SSL2
+     RESOLVEFUNC(SSLv2_client_method)
+ #endif
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp.0131~	2017-03-15 02:22:37.053244125 +0100
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslkey.cpp	2017-03-15 02:22:37.055244057 +0100
+@@ -328,7 +328,7 @@ int QSslKey::length() const
+     if (d->algorithm == QSsl::Rsa) {
+         return q_RSA_bits(d->rsa);
+     }else{
+-        BIGNUM *p = NULL;
++        const BIGNUM *p = NULL;
+         q_DSA_get0_pqg(d->dsa, &p, NULL, NULL);
+ 	return q_BN_num_bits(p);
+     }
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp.0131~	2017-03-15 02:22:37.054244091 +0100
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols.cpp	2017-03-15 02:29:41.155236836 +0100
+@@ -111,16 +111,16 @@ DEFINEFUNC(int, ASN1_STRING_length, ASN1
+ DEFINEFUNC2(int, ASN1_STRING_to_UTF8, unsigned char **a, a, ASN1_STRING *b, b, return 0, return);
+ DEFINEFUNC4(long, BIO_ctrl, BIO *a, a, int b, b, long c, c, void *d, d, return -1, return)
+ DEFINEFUNC(int, BIO_free, BIO *a, a, return 0, return)
+-DEFINEFUNC(BIO *, BIO_new, BIO_METHOD *a, a, return 0, return)
++DEFINEFUNC(BIO *, BIO_new, const BIO_METHOD *a, a, return 0, return)
+ DEFINEFUNC2(BIO *, BIO_new_mem_buf, void *a, a, int b, b, return 0, return)
+ DEFINEFUNC3(int, BIO_read, BIO *a, a, void *b, b, int c, c, return -1, return)
+-DEFINEFUNC(BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
++DEFINEFUNC(const BIO_METHOD *, BIO_s_mem, void, DUMMYARG, return 0, return)
+ DEFINEFUNC3(int, BIO_write, BIO *a, a, const void *b, b, int c, c, return -1, return)
+ DEFINEFUNC(int, BN_num_bits, const BIGNUM *a, a, return 0, return)
+ DEFINEFUNC(int, CRYPTO_num_locks, DUMMYARG, DUMMYARG, return 0, return)
+ DEFINEFUNC(void, CRYPTO_set_locking_callback, void (*a)(int, int, const char *, int), a, return, DUMMYARG)
+ DEFINEFUNC(void, CRYPTO_set_id_callback, unsigned long (*a)(), a, return, DUMMYARG)
+-DEFINEFUNC(void, CRYPTO_free, void *a, a, return, DUMMYARG)
++DEFINEFUNC(void, OPENSSL_free, void *a, a, return, DUMMYARG)
+ DEFINEFUNC(void, DSA_free, DSA *a, a, return, DUMMYARG)
+ #if  OPENSSL_VERSION_NUMBER < 0x00908000L
+ DEFINEFUNC3(X509 *, d2i_X509, X509 **a, a, unsigned char **b, b, long c, c, return 0, return)
+@@ -300,7 +300,7 @@ DEFINEFUNC(int, RSA_bits,  const RSA *rs
+ DEFINEFUNC(int, DSA_security_bits, const DSA *dsa, dsa, return 0, return)
+ DEFINEFUNC(ASN1_TIME *, X509_get_notAfter, X509 *x, x, return 0, return)
+ DEFINEFUNC(ASN1_TIME *, X509_get_notBefore, X509 *x, x, return 0, return)
+-DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, BIGNUM **p, p, BIGNUM **q, q, BIGNUM **g, g, return, return)
++DEFINEFUNC4(void, DSA_get0_pqg, const DSA *d, d, const BIGNUM **p, p, const BIGNUM **q, q, const BIGNUM **g, g, return, return)
+ #endif
+ 
+ #ifdef Q_OS_SYMBIAN
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h.0131~	2017-03-15 02:22:37.054244091 +0100
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslsocket_openssl_symbols_p.h	2017-03-15 02:29:50.192986268 +0100
+@@ -59,6 +59,9 @@
+ QT_BEGIN_NAMESPACE
+ 
+ #define DUMMYARG
++#ifndef OPENSSL_NO_SSL2
++#define OPENSSL_NO_SSL2 1
++#endif
+ 
+ #if !defined QT_LINKED_OPENSSL
+ // **************** Shared declarations ******************
+@@ -207,16 +210,16 @@ int q_ASN1_STRING_length(ASN1_STRING *a)
+ int q_ASN1_STRING_to_UTF8(unsigned char **a, ASN1_STRING *b);
+ long q_BIO_ctrl(BIO *a, int b, long c, void *d);
+ int q_BIO_free(BIO *a);
+-BIO *q_BIO_new(BIO_METHOD *a);
++BIO *q_BIO_new(const BIO_METHOD *a);
+ BIO *q_BIO_new_mem_buf(void *a, int b);
+ int q_BIO_read(BIO *a, void *b, int c);
+-BIO_METHOD *q_BIO_s_mem();
++const BIO_METHOD *q_BIO_s_mem();
+ int q_BIO_write(BIO *a, const void *b, int c);
+ int q_BN_num_bits(const BIGNUM *a);
+ int q_CRYPTO_num_locks();
+ void q_CRYPTO_set_locking_callback(void (*a)(int, int, const char *, int));
+ void q_CRYPTO_set_id_callback(unsigned long (*a)());
+-void q_CRYPTO_free(void *a);
++void q_OPENSSL_free(void *a);
+ void q_DSA_free(DSA *a);
+ #if OPENSSL_VERSION_NUMBER >= 0x00908000L
+ // 0.9.8 broke SC and BC by changing this function's signature.
+@@ -326,7 +329,6 @@ void q_SSL_set_accept_state(SSL *a);
+ void q_SSL_set_connect_state(SSL *a);
+ int q_SSL_shutdown(SSL *a);
+ #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+-const SSL_METHOD *q_SSLv2_client_method();
+ const SSL_METHOD *q_SSLv3_client_method();
+ const SSL_METHOD *q_SSLv23_client_method();
+ const SSL_METHOD *q_TLSv1_client_method();
+@@ -335,7 +337,6 @@ const SSL_METHOD *q_SSLv3_server_method(
+ const SSL_METHOD *q_SSLv23_server_method();
+ const SSL_METHOD *q_TLSv1_server_method();
+ #else
+-SSL_METHOD *q_SSLv2_client_method();
+ SSL_METHOD *q_SSLv3_client_method();
+ SSL_METHOD *q_SSLv23_client_method();
+ SSL_METHOD *q_TLSv1_client_method();
+@@ -415,7 +416,7 @@ long q_X509_get_version(X509 *x);
+ X509_PUBKEY * q_X509_get_X509_PUBKEY(X509 *x);
+ int q_RSA_bits(const RSA *rsa);
+ int q_DSA_security_bits(const DSA *dsa);
+-void q_DSA_get0_pqg(const DSA *d, BIGNUM **p, BIGNUM **q, BIGNUM **g);
++void q_DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+ #endif
+ 
+ #define q_SKM_sk_num(type, st) ((int (*)(const STACK_OF(type) *))q_sk_num)(st)
+--- qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp.omv~	2017-03-15 02:27:18.143322736 +0100
++++ qt-everywhere-opensource-src-4.8.7/src/network/ssl/qsslcertificate.cpp	2017-03-15 02:29:56.215819741 +0100
+@@ -696,7 +696,7 @@
+         unsigned char *data = 0;
+         int size = q_ASN1_STRING_to_UTF8(&data, q_X509_NAME_ENTRY_get_data(e));
+         info[QString::fromUtf8(obj)] = QString::fromUtf8((char*)data, size);
+-        q_CRYPTO_free(data);
++        q_OPENSSL_free(data);
+     }
+     return info;
+ }