#if (defined(HAVE_LIBMD5) || defined(HAVE_LIBMD) || defined(HAVE_MD5INIT))
#include <md5.h>
#elif defined(HAVE_LIBCRYPTO)
-#include <openssl/md5.h>
+ #ifndef OPENSSL_VERSION_NUMBER
+ #include <openssl/opensslv.h>
+ #endif
+ #if OPENSSL_VERSION_NUMBER < 0x30000000
+ #include <openssl/md5.h>
+ #else
+ #include <openssl/evp.h>
+ #endif
+#else
+ #include <apr_md5.h>
#endif
#ifndef WIN32
return SWITCH_STATUS_SUCCESS;
#elif defined(HAVE_LIBCRYPTO)
- MD5_CTX md5_context;
-
- MD5_Init(&md5_context);
- MD5_Update(&md5_context, input, inputLen);
- MD5_Final(digest, &md5_context);
+ #if OPENSSL_VERSION_NUMBER < 0x30000000
+ MD5_CTX md5_context;
+
+ MD5_Init(&md5_context);
+ MD5_Update(&md5_context, input, inputLen);
+ MD5_Final(digest, &md5_context);
+ #else
+ EVP_MD_CTX *md5_context;
+
+ /* MD5_Init */
+ md5_context = EVP_MD_CTX_new();
+ EVP_DigestInit_ex(md5_context, EVP_md5(), NULL);
+ /* MD5_Update */
+ EVP_DigestUpdate(md5_context, input, inputLen);
+ /* MD5_Final */
+ EVP_DigestFinal_ex(md5_context, digest, NULL);
+ EVP_MD_CTX_free(md5_context);
+ #endif
return SWITCH_STATUS_SUCCESS;
#else
//bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
- mkcert(&x509, &pkey, 4096, 0, 36500);
+ if (!mkcert(&x509, &pkey, 4096, 0, 36500)) {
+ switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Certificate generation failed\n");
+ goto end;
+ }
//RSA_print_fp(stdout, pkey->pkey.rsa, 0);
//X509_print_fp(stdout, x509);
{
X509 *x;
EVP_PKEY *pk;
+#if OPENSSL_VERSION_NUMBER < 0x30000000
RSA *rsa;
+#endif
X509_NAME *name=NULL;
switch_assert(pkeyp);
x = *x509p;
}
-#if OPENSSL_VERSION_NUMBER >= 0x10100000
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+ {
+ EVP_PKEY_CTX *ctx;
+
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ /* Setup the key context */
+ if ((!ctx) || (EVP_PKEY_keygen_init(ctx) <= 0) || (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) <= 0)) {
+ abort();
+ goto err;
+ }
+
+ /* Generate key */
+ if (EVP_PKEY_generate(ctx, &pk) <= 0) {
+ abort();
+ goto err;
+ }
+
+ EVP_PKEY_CTX_free(ctx);
+ }
+#elif OPENSSL_VERSION_NUMBER >= 0x10100000
rsa = RSA_new();
{
static const BN_ULONG ULONG_RSA_F4 = RSA_F4;
rsa = RSA_generate_key(bits, RSA_F4, NULL, NULL);
#endif
+#if OPENSSL_VERSION_NUMBER < 0x30000000
if (!EVP_PKEY_assign_RSA(pk, rsa)) {
abort();
}
rsa = NULL;
+#endif
X509_set_version(x, 2);
ASN1_INTEGER_set(X509_get_serialNumber(x), serial);
*/
X509_set_issuer_name(x, name);
- if (!X509_sign(x, pk, EVP_sha1()))
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+ if (!X509_sign(x, pk, EVP_sha256())) {
+#else
+ if (!X509_sign(x, pk, EVP_sha1())) {
+#endif
goto err;
+ }
*x509p = x;
*pkeyp = pk;
+
return(1);
- err:
+err:
+ ERR_print_errors_fp(stdout);
+
return(0);
}
const SSL_METHOD *ssl_method;
SSL_CTX *ssl_ctx;
BIO *bio;
+#if OPENSSL_VERSION_NUMBER >= 0x30000000
+ EVP_PKEY *dh_pk;
+#else
DH *dh;
+#endif
switch_status_t status = SWITCH_STATUS_SUCCESS;
#ifndef OPENSSL_NO_EC
#if OPENSSL_VERSION_NUMBER < 0x10002000L
switch_assert(dtls->ssl_ctx);
bio = BIO_new_file(dtls->pem, "r");
+#if OPENSSL_VERSION_NUMBER < 0x30000000
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (dh) {
SSL_CTX_set_tmp_dh(dtls->ssl_ctx, dh);
DH_free(dh);
}
+#else
+ if((dh_pk = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)) != NULL) {
+ SSL_CTX_set0_tmp_dh_pkey(dtls->ssl_ctx, dh_pk);
+ EVP_PKEY_free(dh_pk);
+ }
+ BIO_free(bio);
+#endif
SSL_CTX_set_mode(dtls->ssl_ctx, SSL_MODE_AUTO_RETRY);
//SSL_CTX_set_verify(dtls->ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
projects / thirdparty / freeswitch.git / commitdiff
