From 99b40e72ae347d7047547836f7f897d3ea2bc8dc Mon Sep 17 00:00:00 2001
From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Fri, 3 Feb 2017 10:25:33 +0200
Subject: [PATCH] libasteriskssl: do nothing with OpenSSL >= 1.1

OpenSSL 1.1 requires no explicit initialization. The hacks in the
library are not needed. They also happen to fail running Asterisk.

ASTERISK-26109 #close

Change-Id: I3b3efd5d80234a4c45a8ee58dcfe25b15d9ad100
---
 main/libasteriskssl.c | 7 +++++--
 main/tcptls.c         | 2 +-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/main/libasteriskssl.c b/main/libasteriskssl.c
index bf5ecc1b30..9dea3df0b3 100644
--- a/main/libasteriskssl.c
+++ b/main/libasteriskssl.c
@@ -123,10 +123,13 @@ void ERR_free_strings(void)
 /*!
  * \internal
  * \brief Common OpenSSL initialization for all of Asterisk.
+ *
+ * Not needed for OpenSSL versions >= 1.1.0
  */
 int ast_ssl_init(void)
 {
-#ifdef HAVE_OPENSSL
+#if defined(HAVE_OPENSSL) && defined(OPENSSL_VERSION_NUMBER) && \
+	OPENSSL_VERSION_NUMBER < 0x10100000L
 	unsigned int i;
 	int (*real_SSL_library_init)(void);
 	void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
@@ -191,7 +194,7 @@ int ast_ssl_init(void)
 
 	startup_complete = 1;
 
-#endif /* HAVE_OPENSSL */
+#endif /* HAVE_OPENSSL and its version < 1.1 */
 	return 0;
 }
 
diff --git a/main/tcptls.c b/main/tcptls.c
index 36a6c96590..4d110cda94 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -412,7 +412,7 @@ static int tcptls_stream_close(void *cookie)
 #else
 				ERR_remove_state(0);
 #endif	/* openssl == 1.0 */
-#endif  /* openssl >= 1.1 */
+#endif  /* openssl < 1.1 */
 			}
 
 			SSL_free(stream->ssl);
-- 
2.47.2