From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Fri, 3 Feb 2017 08:25:33 +0000 (+0200)
Subject: libasteriskssl: do nothing with OpenSSL >= 1.1
X-Git-Tag: 13.15.0-rc1~87^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99b40e72ae347d7047547836f7f897d3ea2bc8dc;p=thirdparty%2Fasterisk.git

libasteriskssl: do nothing with OpenSSL >= 1.1

OpenSSL 1.1 requires no explicit initialization. The hacks in the
library are not needed. They also happen to fail running Asterisk.

ASTERISK-26109 #close

Change-Id: I3b3efd5d80234a4c45a8ee58dcfe25b15d9ad100
---

diff --git a/main/libasteriskssl.c b/main/libasteriskssl.c
index bf5ecc1b30..9dea3df0b3 100644
--- a/main/libasteriskssl.c
+++ b/main/libasteriskssl.c
@@ -123,10 +123,13 @@ void ERR_free_strings(void)
 /*!
  * \internal
  * \brief Common OpenSSL initialization for all of Asterisk.
+ *
+ * Not needed for OpenSSL versions >= 1.1.0
  */
 int ast_ssl_init(void)
 {
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL) && defined(OPENSSL_VERSION_NUMBER) && \
+	OPENSSL_VERSION_NUMBER < 0x10100000L
 	unsigned int i;
 	int (*real_SSL_library_init)(void);
 	void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
@@ -191,7 +194,7 @@ int ast_ssl_init(void)
 
 	startup_complete = 1;
 
-#endif /* HAVE_OPENSSL */
+#endif /* HAVE_OPENSSL and its version < 1.1 */
 	return 0;
 }
 
diff --git a/main/tcptls.c b/main/tcptls.c
index 36a6c96590..4d110cda94 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -412,7 +412,7 @@ static int tcptls_stream_close(void *cookie)
 #else
 				ERR_remove_state(0);
 #endif	/* openssl == 1.0 */
-#endif  /* openssl >= 1.1 */
+#endif  /* openssl < 1.1 */
 			}
 
 			SSL_free(stream->ssl);