From: Alexander Traud <pabstraud@compuserve.com>
Date: Sun, 20 May 2018 11:36:51 +0000 (+0200)
Subject: libasteriskssl: Allow OpenSSL 1.0.2 configured with no-deprecated.
X-Git-Tag: 15.5.0-rc1~55^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f2971d5eb37815c5e9d019c4c8ee63c8af841a91;p=thirdparty%2Fasterisk.git

libasteriskssl: Allow OpenSSL 1.0.2 configured with no-deprecated.

Use CRYPTO_set_id_callback(.) only with OpenSSL 0.9.8 and older.

ASTERISK-27867

Change-Id: Iadd58d5bf6f538eb224203970a4e88e26f259655
---

diff --git a/main/libasteriskssl.c b/main/libasteriskssl.c
index e2e256f8ff..215ad6a0b6 100644
--- a/main/libasteriskssl.c
+++ b/main/libasteriskssl.c
@@ -1,7 +1,7 @@
 /*
  * Asterisk -- An open source telephony toolkit.
  *
- * Copyright (C) 2009-2012, Digium, Inc.
+ * Copyright (C) 2009-2018, Digium, Inc.
  *
  * Russell Bryant <russell@digium.com>
  *
@@ -23,26 +23,28 @@
  * \author Russell Bryant <russell@digium.com>
  */
 
-/*** MODULEINFO
-	<support_level>core</support_level>
- ***/
-
 #include "asterisk.h"
 
-#include "asterisk/_private.h" /* ast_ssl_init() */
+#include "asterisk/_private.h"   /* ast_ssl_init() */
 
 #ifdef HAVE_OPENSSL
-#include <openssl/ssl.h>
-#include <openssl/err.h>
+#include <openssl/opensslv.h>    /* for OPENSSL_VERSION_NUMBER */
 #endif
 
 #if defined(HAVE_OPENSSL) && \
-	(!defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
-
-#include <dlfcn.h>
+	(defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L)
+
+#include <dlfcn.h>               /* for dlerror, dlsym, RTLD_NEXT */
+#include <openssl/crypto.h>      /* for CRYPTO_num_locks, CRYPTO_set_id_call... */
+#include <openssl/err.h>         /* for ERR_free_strings */
+#include <openssl/ssl.h>         /* for SSL_library_init, SSL_load_error_str... */
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
+#include <pthread.h>             /* for pthread_self */
+#endif
 
-#include "asterisk/utils.h"
-#include "asterisk/lock.h"
+#include "asterisk/lock.h"       /* for ast_mutex_t, ast_mutex_init, ast_mut... */
+#include "asterisk/logger.h"     /* for ast_debug, ast_log, LOG_ERROR */
+#include "asterisk/utils.h"      /* for ast_calloc */
 
 #define get_OpenSSL_function(func) do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0)
 
@@ -52,10 +54,12 @@ static ast_mutex_t *ssl_locks;
 
 static int ssl_num_locks;
 
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
 static unsigned long ssl_threadid(void)
 {
 	return (unsigned long) pthread_self();
 }
+#endif
 
 static void ssl_lock(int mode, int n, const char *file, int line)
 {
@@ -92,6 +96,7 @@ void SSL_load_error_strings(void)
 #endif
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
 void CRYPTO_set_id_callback(unsigned long (*func)(void))
 {
 #if defined(AST_DEVMODE)
@@ -100,6 +105,7 @@ void CRYPTO_set_id_callback(unsigned long (*func)(void))
 	}
 #endif
 }
+#endif
 
 void CRYPTO_set_locking_callback(void (*func)(int mode,int type, const char *file, int line))
 {
@@ -125,7 +131,9 @@ int ast_ssl_init(void)
 {
 	unsigned int i;
 	int (*real_SSL_library_init)(void);
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
 	void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
+#endif
 	void (*real_CRYPTO_set_locking_callback)(void (*)(int, int, const char *, int));
 	void (*real_SSL_load_error_strings)(void);
 	const char *errstr;
@@ -145,6 +153,7 @@ int ast_ssl_init(void)
 
 	/* Make OpenSSL usage thread-safe. */
 
+#if OPENSSL_VERSION_NUMBER < 0x10000000L
 	dlerror();
 	get_OpenSSL_function(CRYPTO_set_id_callback);
 	if ((errstr = dlerror()) != NULL) {
@@ -156,6 +165,7 @@ int ast_ssl_init(void)
 	} else {
 		real_CRYPTO_set_id_callback(ssl_threadid);
 	}
+#endif
 
 	dlerror();
 	get_OpenSSL_function(CRYPTO_set_locking_callback);