Package: asterisk / 1:13.14.1~dfsg-2+deb9u4

OpenSSL-1.1.0-support-2.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
From 99b40e72ae347d7047547836f7f897d3ea2bc8dc Mon Sep 17 00:00:00 2001
From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Fri, 03 Feb 2017 10:25:33 +0200
Subject: [PATCH] libasteriskssl: do nothing with OpenSSL >= 1.1

OpenSSL 1.1 requires no explicit initialization. The hacks in the
library are not needed. They also happen to fail running Asterisk.

ASTERISK-26109 #close

Change-Id: I3b3efd5d80234a4c45a8ee58dcfe25b15d9ad100
---

diff --git a/main/libasteriskssl.c b/main/libasteriskssl.c
index bf5ecc1..9dea3df 100644
--- a/main/libasteriskssl.c
+++ b/main/libasteriskssl.c
@@ -123,10 +123,13 @@
 /*!
  * \internal
  * \brief Common OpenSSL initialization for all of Asterisk.
+ *
+ * Not needed for OpenSSL versions >= 1.1.0
  */
 int ast_ssl_init(void)
 {
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL) && defined(OPENSSL_VERSION_NUMBER) && \
+	OPENSSL_VERSION_NUMBER < 0x10100000L
 	unsigned int i;
 	int (*real_SSL_library_init)(void);
 	void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
@@ -191,7 +194,7 @@
 
 	startup_complete = 1;
 
-#endif /* HAVE_OPENSSL */
+#endif /* HAVE_OPENSSL and its version < 1.1 */
 	return 0;
 }
 
diff --git a/main/tcptls.c b/main/tcptls.c
index 36a6c96..4d110cd 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -412,7 +412,7 @@
 #else
 				ERR_remove_state(0);
 #endif	/* openssl == 1.0 */
-#endif  /* openssl >= 1.1 */
+#endif  /* openssl < 1.1 */
 			}
 
 			SSL_free(stream->ssl);