kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update pjsip patch to work with libressl after the latest update

Browse source 
to 2.7, which broke it.

PR:		216898
Submitted by:	OlivierW <olivierw1+bugzilla-freebsd@hotmail.com>
This commit is contained in:
Guido Falsi 2017-10-11 07:17:14 +00:00
parent 59c8ed6daa
commit 51ab38e87c
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=451734
1 changed files with 77 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

84
net/pjsip/files/patch-pjlib_src_pj_ssl__sock__ossl.c
View file

@ -1,7 +1,7 @@
--- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-01-24 05:41:05 UTC
--- pjlib/src/pj/ssl_sock_ossl.c.orig 2017-09-14 05:03:45 UTC
+++ pjlib/src/pj/ssl_sock_ossl.c
@@ -54,7 +54,7 @@
#include <openssl/engine.h>
@@ -53,7 +53,7 @@
#include <openssl/rand.h>
#include <openssl/opensslconf.h>
-#if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x1000200fL
@ -9,7 +9,7 @@
# include <openssl/obj_mac.h>
@@ -112,7 +112,7 @@ static unsigned get_nid_from_cid(unsigned cid)
@@ -111,7 +111,7 @@ static unsigned get_nid_from_cid(unsigned cid)
#endif
@ -18,7 +18,41 @@
# define OPENSSL_NO_SSL2 /* seems to be removed in 1.1.0 */
# define M_ASN1_STRING_data(x) ASN1_STRING_get0_data(x)
# define M_ASN1_STRING_length(x) ASN1_STRING_length(x)
@@ -452,7 +452,7 @@ static pj_status_t init_openssl(void)
@@ -126,7 +126,7 @@ static unsigned get_nid_from_cid(unsigned cid)
#ifdef _MSC_VER
-# if OPENSSL_VERSION_NUMBER >= 0x10100000L
+# if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
# pragma comment(lib, "libcrypto")
# pragma comment(lib, "libssl")
# pragma comment(lib, "crypt32")
@@ -535,13 +535,13 @@ static pj_status_t init_openssl(void)
pj_assert(status == PJ_SUCCESS);
/* Init OpenSSL lib */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
SSL_library_init();
SSL_load_error_strings();
#else
OPENSSL_init_ssl(0, NULL);
#endif
-#if OPENSSL_VERSION_NUMBER < 0x009080ffL
+#if OPENSSL_VERSION_NUMBER < 0x009080ffL || defined(LIBRESSL_VERSION_NUMBER)
/* This is now synonym of SSL_library_init() */
OpenSSL_add_all_algorithms();
#endif
@@ -556,7 +556,7 @@ static pj_status_t init_openssl(void)
int nid;
const char *cname;
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
meth = (SSL_METHOD*)SSLv23_server_method();
if (!meth)
meth = (SSL_METHOD*)TLSv1_server_method();
@@ -599,7 +599,7 @@ static pj_status_t init_openssl(void)
SSL_set_session(ssl, SSL_SESSION_new());
@ -27,7 +61,43 @@
openssl_curves_num = SSL_get_shared_curve(ssl,-1);
if (openssl_curves_num > PJ_ARRAY_SIZE(openssl_curves))
openssl_curves_num = PJ_ARRAY_SIZE(openssl_curves);
@@ -1069,7 +1069,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc
@@ -768,7 +768,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
BIO *bio;
DH *dh;
long options;
-#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L
+#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
EC_KEY *ecdh;
#endif
SSL_METHOD *ssl_method = NULL;
@@ -791,7 +791,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
ssock->param.proto = PJ_SSL_SOCK_PROTO_SSL23;
/* Determine SSL method to use */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
switch (ssock->param.proto) {
case PJ_SSL_SOCK_PROTO_TLS1:
ssl_method = (SSL_METHOD*)TLSv1_method();
@@ -927,7 +927,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
if (dh != NULL) {
if (SSL_CTX_set_tmp_dh(ctx, dh)) {
options = SSL_OP_CIPHER_SERVER_PREFERENCE |
- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L
+ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
SSL_OP_SINGLE_ECDH_USE |
#endif
SSL_OP_SINGLE_DH_USE;
@@ -995,7 +995,7 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
if (SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL)) {
PJ_LOG(4,(ssock->pool->obj_name, "SSL ECDH initialized "
"(automatic), faster PFS ciphers enabled"));
- #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L
+ #if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && !defined(LIBRESSL_VERSION_NUMBER)
} else {
/* enables AES-128 ciphers, to get AES-256 use NID_secp384r1 */
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
@@ -1228,7 +1228,7 @@ static pj_status_t set_cipher_list(pj_ssl_sock_t *ssoc
static pj_status_t set_curves_list(pj_ssl_sock_t *ssock)
{
@ -36,7 +106,7 @@
int ret;
int curves[PJ_SSL_SOCK_MAX_CURVES];
unsigned cnt;
@@ -1100,7 +1100,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc
@@ -1259,7 +1259,7 @@ static pj_status_t set_curves_list(pj_ssl_sock_t *ssoc
static pj_status_t set_sigalgs(pj_ssl_sock_t *ssock)
{