Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #8767 from neheb/cr2

Browse source 
[18.06] crtmpserver: Update to official git repo
This commit is contained in:
Rosen Penev 2019-05-07 10:35:45 -07:00 committed by GitHub
commit 41c85f8ef5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 539 additions and 227 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
multimedia/crtmpserver/Makefile
View file

@ -1,4 +1,4 @@
#
#
# Copyright (C) 2010 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
@ -8,29 +8,28 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=crtmpserver
PKG_REV:=b6fdcdb953d1e99c48a0c37a8c80f2cad2db443b
PKG_VERSION:=2012-07-18+git-$(PKG_REV)
PKG_RELEASE:=2
PKG_BUILD_PARALLEL:=2
PKG_SOURCE_DATE:=2015-10-04
PKG_SOURCE_VERSION:=b866fffca37c3b967a8878499cd2b91aa2587f34
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/shiretu/crtmpserver/tar.gz/$(PKG_SOURCE_VERSION)?
PKG_HASH:=3744bef060129fda6f7902eb64f566b0d5049864dc542b2882c550b083ef82aa
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-3.0
PKG_LICENSE_FILES:=LICENSE
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_MIRROR_HASH:=8d887996b6b8cb465ec59f3f713fca46161cbb804cacd2b5405f836083fb58ba
PKG_SOURCE_URL:=https://github.com/j0sh/crtmpserver.git
PKG_SOURCE_SUBDIR:=crtmpserver-$(PKG_VERSION)
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_SOURCE_PROTO:=git
PKG_BUILD_PARALLEL:=1
include $(INCLUDE_DIR)/package.mk
define Package/crtmpserver
SECTION:=multimedia
CATEGORY:=Multimedia
DEPENDS:=+libopenssl +libstdcpp +liblua
DEPENDS:=+libstdcpp +libopenssl +liblua
TITLE:=C++ RTMP Server
URL:=http://www.rtmpd.com/
endef
define Package/crtmpserver/description
@ -40,7 +39,7 @@ stream (live or recorded) in the following technologies:
* To and from embedded devices: iPhone, Android
* From surveillance cameras
* IP-TV using MPEG-TS and RTSP/RTCP/RTP protocols
Also, crtmpserver can be used as a high performance rendes-vous
server. For example, it enables you to do:
* Audio/Video conferencing
@ -63,7 +62,7 @@ define Build/Configure
$(SED) 's,^TOOLCHAIN_BASE[[:space:]]*=.*,TOOLCHAIN_BASE=$(TS_BASE),' \
-e 's,^TOOLCHAIN_PREFIX[[:space:]]*=.*,TOOLCHAIN_PREFIX=$(TARGET_CROSS),' \
-e 's,^CCOMPILER[[:space:]]*=.*,CCOMPILER=$(TARGET_CC),' \
-e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX),' \
-e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX) -std=gnu++03,' \
-e 's,^OPTIMIZATIONS[[:space:]]*=.*,OPTIMIZATIONS=-O2,' \
-e 's,^SSL_BASE[[:space:]]*=.*,SSL_BASE=$(STAGING_DIR)/usr,' \
linux-openwrt-uclibc.mk)

11
multimedia/crtmpserver/patches/010-link-crypt-for-lua.patch
View file

@ -1,11 +0,0 @@
--- a/builders/make/compile.mk
+++ b/builders/make/compile.mk
@@ -72,7 +72,7 @@ TINYXML_OBJS = $(TINYXML_SRCS:.cpp=.tiny
#common
COMMON_INCLUDE=$(LUA_INCLUDE) $(TINYXML_INCLUDE) $(SSL_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/common/include
-COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml
+COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml -lcrypt
COMMON_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/common/src -type f -name "*.cpp")
COMMON_OBJS = $(COMMON_SRCS:.cpp=.common.o)

13
multimedia/crtmpserver/patches/020-add-rpath.patch
View file

@ -1,13 +0,0 @@
--- a/builders/make/linux.mk
+++ b/builders/make/linux.mk
@@ -31,8 +31,8 @@ OPTIMIZATIONS = -O3
COMPILE_FLAGS = $(FPIC) $(OPTIMIZATIONS) $(CFLAGS)
#linking flags
-dynamic_lib_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-soname,$(DYNAMIC_LIB_PREFIX)$(1)$(DYNAMIC_LIB_SUFIX) -Wl,-rpath,"\$$ORIGIN"
-dynamic_exec_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-rpath,"\$$ORIGIN"
+dynamic_lib_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-soname,$(DYNAMIC_LIB_PREFIX)$(1)$(DYNAMIC_LIB_SUFIX) -Wl,-rpath,/usr/lib/crtmpserver
+dynamic_exec_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-rpath,/usr/lib/crtmpserver
#compile switches
PLATFORM_DEFINES = \

16
multimedia/crtmpserver/patches/030-default-config.patch
View file

@ -27,21 +27,21 @@
-- the application will also be known by that names. It is optional
--aliases=
--{
@@ -89,13 +89,6 @@ configuration=
@@ -87,13 +87,6 @@ configuration=
port=1935,
protocol="inboundRtmp"
},
{
ip="0.0.0.0",
- {
- ip="0.0.0.0",
- port=8081,
- protocol="inboundRtmps",
- sslKey="server.key",
- sslCert="server.crt"
- },
- {
- ip="0.0.0.0",
{
ip="0.0.0.0",
port=8080,
protocol="inboundRtmpt"
},
@@ -184,6 +177,7 @@ configuration=
@@ -206,6 +199,7 @@ configuration=
name="samplefactory",
description="asdsadasdsa",
protocol="dynamiclinklibrary",

11
multimedia/crtmpserver/patches/040-syslog.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/sources/common/src/utils/logging/syslogloglocation.cpp
+++ b/sources/common/src/utils/logging/syslogloglocation.cpp
@@ -35,8 +35,6 @@ SyslogLogLocation::SyslogLogLocation(Variant &configuration, string identifier,
_priorities[_WARNING_] = LOG_WARNING;
_priorities[_ERROR_] = LOG_ERR;
_priorities[_FATAL_] = LOG_ERR;
- _priorities[_PROD_ACCESS_] = LOG_ERR;
- _priorities[_PROD_ERROR_] = LOG_ERR;
_specificLevel = specificLevel;
_enforceLoggerName = (_configuration[CONF_LOG_APPENDER_NAME] != "");
_pDefualtFormatter = NULL;

11
multimedia/crtmpserver/patches/040-use-select.patch
View file

@ -1,11 +0,0 @@
--- a/builders/make/linux.mk
+++ b/builders/make/linux.mk
@@ -38,7 +38,7 @@ dynamic_exec_flags = $(FPIC) $(OPTIMIZAT
PLATFORM_DEFINES = \
-DLINUX \
-DLITTLE_ENDIAN_BYTE_ALIGNED \
- -DNET_EPOLL
+ -DNET_SELECT
SSL_BASE=/usr/local

41
multimedia/crtmpserver/patches/050-add-missing-make-defines.patch
View file

@ -1,41 +0,0 @@
--- a/builders/make/compile.mk
+++ b/builders/make/compile.mk
@@ -58,7 +58,7 @@ DEFINES = $(PLATFORM_DEFINES) $(FEATURES
#library paths
SSL_INCLUDE=-I$(SSL_BASE)/include
-SSL_LIB=-L$(SSL_BASE)/lib -lssl -lcrypto
+SSL_LIB=-L$(SSL_BASE)/lib -lssl -lcrypto -ldl
#lua
LUA_INCLUDE=-I$(PROJECT_BASE_PATH)/3rdparty/lua-dev
@@ -72,25 +72,25 @@ TINYXML_OBJS = $(TINYXML_SRCS:.cpp=.tiny
#common
COMMON_INCLUDE=$(LUA_INCLUDE) $(TINYXML_INCLUDE) $(SSL_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/common/include
-COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml -lcrypt
+COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) $(PROJECT_BASE_PATH)/builders/make/output/dynamic/liblua.so -ltinyxml -lcrypt -ldl
COMMON_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/common/src -type f -name "*.cpp")
COMMON_OBJS = $(COMMON_SRCS:.cpp=.common.o)
#thelib
THELIB_INCLUDE=$(COMMON_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/thelib/include
-THELIB_LIBS=$(COMMON_LIBS) -L$(OUTPUT_DYNAMIC) -lcommon
+THELIB_LIBS=$(COMMON_LIBS) -L$(OUTPUT_DYNAMIC) -lcommon -ldl
THELIB_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/thelib/src -type f -name "*.cpp")
THELIB_OBJS = $(THELIB_SRCS:.cpp=.thelib.o)
#tests
TESTS_INCLUDE=$(THELIB_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/tests/include
-TESTS_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib
+TESTS_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -ldl
TESTS_SRCS=$(shell find $(PROJECT_BASE_PATH)/sources/tests/src -type f -name "*.cpp")
TESTS_OBJS=$(TESTS_SRCS:.cpp=.tests.o)
#crtmpserver
CRTMPSERVER_INCLUDE=$(THELIB_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/crtmpserver/include
-CRTMPSERVER_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib
+CRTMPSERVER_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -ldl
CRTMPSERVER_SRCS=$(shell find $(PROJECT_BASE_PATH)/sources/crtmpserver/src -type f -name "*.cpp")
CRTMPSERVER_OBJS_DYNAMIC=$(CRTMPSERVER_SRCS:.cpp=.crtmpserver_dynamic.o)
CRTMPSERVER_OBJS_STATIC=$(CRTMPSERVER_SRCS:.cpp=.crtmpserver_static.o)

26
multimedia/crtmpserver/patches/060-add-missing-includes.patch
View file

@ -1,26 +0,0 @@
--- a/sources/common/include/common.h
+++ b/sources/common/include/common.h
@@ -20,6 +20,10 @@
#ifndef _COMMON_H
#define _COMMON_H
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+
#include "defines.h"
#include "platform/platform.h"
#include "utils/utils.h"
--- a/sources/common/src/utils/logging/fileloglocation.cpp
+++ b/sources/common/src/utils/logging/fileloglocation.cpp
@@ -18,6 +18,10 @@
*/
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+
#include "utils/logging/fileloglocation.h"
#include "utils/lua/luautils.h"
#include "utils/misc/file.h"

0
multimedia/crtmpserver/patches/080-disable-apple-streaming.patch → multimedia/crtmpserver/patches/070-disable-apple-streaming.patch
View file

10
multimedia/crtmpserver/patches/070-missing-include-gcc-47.patch
View file

@ -1,10 +0,0 @@
--- a/3rdparty/tinyxml/tinyxml.h
+++ b/3rdparty/tinyxml/tinyxml.h
@@ -39,6 +39,7 @@ distribution.
#include <string>
#include <iostream>
#include <sstream>
+#include "lstate.h"
using namespace std;
// Help out windows:

11
multimedia/crtmpserver/patches/080-fix-define.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h
+++ b/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h
@@ -18,7 +18,7 @@
*/
-#if defined HAS_PROTOCOL_TS && defined HAS_MEDIA_TS
+#if defined HAS_PROTOCOL_TS || defined HAS_MEDIA_TS
#ifndef _BASETSAPPPROTOCOLHANDLER_H
#define _BASETSAPPPROTOCOLHANDLER_H

91
multimedia/crtmpserver/patches/080-musl-uint32_t.patch
View file

@ -1,91 +0,0 @@
--- a/sources/common/include/platform/linux/max.h
+++ b/sources/common/include/platform/linux/max.h
@@ -21,87 +21,7 @@
#ifndef _MAX_H
#define _MAX_H
-#ifdef UINT64_MAX
-#undef UINT64_MAX
-#endif
-
-#ifdef INT64_MAX
-#undef INT64_MAX
-#endif
-
-#ifdef UINT32_MAX
-#undef UINT32_MAX
-#endif
-
-#ifdef INT32_MAX
-#undef INT32_MAX
-#endif
-
-#ifdef UINT16_MAX
-#undef UINT16_MAX
-#endif
-
-#ifdef INT16_MAX
-#undef INT16_MAX
-#endif
-
-#ifdef UINT8_MAX
-#undef UINT8_MAX
-#endif
-
-#ifdef INT8_MAX
-#undef INT8_MAX
-#endif
-
-
-
-#ifndef UINT64_MAX
-#define UINT64_MAX ((uint64_t)(0xffffffffffffffffULL))
-#endif
-
-#ifndef INT64_MAX
-#define INT64_MAX ((int64_t)(0x7fffffffffffffffLL))
-#endif
-
-#ifndef INT64_MIN
-#define INT64_MIN ((int64_t)(0x8000000000000000LL))
-#endif
-
-#ifndef UINT32_MAX
-#define UINT32_MAX ((uint32_t)(0xffffffffUL))
-#endif
-
-#ifndef INT32_MAX
-#define INT32_MAX ((int32_t)(0x7fffffffL))
-#endif
-
-#ifndef INT32_MIN
-#define INT32_MIN ((int32_t)(0x80000000L))
-#endif
-
-#ifndef UINT16_MAX
-#define UINT16_MAX ((uint16_t)(0xffff))
-#endif
-
-#ifndef INT16_MAX
-#define INT16_MAX ((int16_t)(0x7fff))
-#endif
-
-#ifndef INT16_MIN
-#define INT16_MIN ((int16_t)(0x8000))
-#endif
-
-#ifndef UINT8_MAX
-#define UINT8_MAX ((uint8_t)(0xff))
-#endif
-
-#ifndef INT8_MAX
-#define INT8_MAX ((int8_t)(0x7f))
-#endif
-
-#ifndef INT8_MIN
-#define INT8_MIN ((int8_t)(0x80))
-#endif
+#include <stdint.h>
#endif /* _MAX_H */
#endif /* LINUX */

494
multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch Normal file
View file

@ -0,0 +1,494 @@
--- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
+++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
@@ -30,7 +30,7 @@ namespace app_applestreamingclient {
private:
IOBuffer _tempBuffer;
IOBuffer _inputBuffer;
- EVP_CIPHER_CTX _decContex;
+ EVP_CIPHER_CTX *_decContex;
bool _lastChunk;
uint8_t *_pIV;
uint8_t *_pKey;
--- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
+++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol()
memset(_pIV, 0, 16);
_pKey = new uint8_t[16];
memset(_pKey, 0, 16);
- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
+ _decContex = EVP_CIPHER_CTX_new();
_totalDecrypted = 0;
}
InboundAESProtocol::~InboundAESProtocol() {
- EVP_CIPHER_CTX_cleanup(&_decContex);
- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
+ EVP_CIPHER_CTX_free(_decContex);
delete[] _pIV;
delete[] _pKey;
}
@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Variant &parameters) {
_inputBuffer.IgnoreAll();
_tempBuffer.IgnoreAll();
- EVP_CIPHER_CTX_cleanup(&_decContex);
- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
- EVP_CIPHER_CTX_init(&_decContex);
- EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
- EVP_CIPHER_CTX_set_padding(&_decContex, 0);
+ EVP_CIPHER_CTX_reset(_decContex);
+ EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
+ EVP_CIPHER_CTX_set_padding(_decContex, 0);
return true;
}
@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData(IOBuffer &buffer) {
int decryptedFinalSize = 0;
uint32_t padding = 0;
- EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
+ EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
_totalDecrypted += decryptedSize;
//6. Decrypt leftovers
bool transferCompleted = false;
if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) {
transferCompleted = true;
- EVP_DecryptFinal_ex(&_decContex,
+ EVP_DecryptFinal_ex(_decContex,
pTempData + decryptedSize,
&decryptedFinalSize);
_totalDecrypted += decryptedFinalSize;
--- a/sources/common/include/utils/misc/crypto.h
+++ b/sources/common/include/utils/misc/crypto.h
@@ -33,6 +33,7 @@
#include <openssl/aes.h>
#include <openssl/engine.h>
#include <openssl/conf.h>
+#include "utils/misc/libcrypto-compat.h"
/*!
@class DHWrapper
@@ -83,7 +84,7 @@ public:
bool CopySharedKey(uint8_t *pDst, int32_t dstLength);
private:
void Cleanup();
- bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
+ bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
};
DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut,
--- /dev/null
+++ b/sources/common/include/utils/misc/libcrypto-compat.h
@@ -0,0 +1,26 @@
+#ifndef LIBCRYPTO_COMPAT_H
+#define LIBCRYPTO_COMPAT_H
+
+#include <openssl/opensslv.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
+int DH_set_length(DH *dh, long length);
+
+EVP_MD_CTX *EVP_MD_CTX_new(void);
+void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
+#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup
+
+HMAC_CTX *HMAC_CTX_new(void);
+void HMAC_CTX_free(HMAC_CTX *ctx);
+#define HMAC_CTX_reset HMAC_CTX_cleanup
+
+#endif /* OPENSSL_VERSION_NUMBER */
+
+#endif /* LIBCRYPTO_COMPAT_H */
--- a/sources/common/src/utils/misc/crypto.cpp
+++ b/sources/common/src/utils/misc/crypto.cpp
@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() {
}
bool DHWrapper::Initialize() {
+ BIGNUM *p = NULL, *g = NULL;
Cleanup();
//1. Create the DH
@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() {
}
//2. Create his internal p and g
- _pDH->p = BN_new();
- if (_pDH->p == NULL) {
+ p = BN_new();
+ if (p == NULL) {
FATAL("Unable to create p");
- Cleanup();
- return false;
+ goto return_error;
}
- _pDH->g = BN_new();
- if (_pDH->g == NULL) {
+ g = BN_new();
+ if (g == NULL) {
FATAL("Unable to create g");
- Cleanup();
- return false;
+ goto return_error;
}
//3. initialize p, g and key length
- if (BN_hex2bn(&_pDH->p, P1024) == 0) {
+ if (BN_hex2bn(&p, P1024) == 0) {
FATAL("Unable to parse P1024");
- Cleanup();
- return false;
+ goto return_error;
}
- if (BN_set_word(_pDH->g, 2) != 1) {
+ if (BN_set_word(g, 2) != 1) {
FATAL("Unable to set g");
- Cleanup();
- return false;
+ goto return_error;
+ }
+
+ //4. Set internal p and g
+ if (DH_set0_pqg(_pDH, p, NULL, g) != 1) {
+ FATAL("Unable to set internal p and g");
+ goto return_error;
}
+ p = g = NULL;
- //4. Set the key length
- _pDH->length = _bitsCount;
+ //5. Set the key length
+ if (DH_set_length(_pDH, _bitsCount) != 1) {
+ FATAL("Unable to set length");
+ goto return_error;
+ }
- //5. Generate private and public key
+ //6. Generate private and public key
if (DH_generate_key(_pDH) != 1) {
FATAL("Unable to generate DH public/private keys");
- Cleanup();
- return false;
+ goto return_error;
}
return true;
+
+return_error:
+ if (p != NULL) BN_free(p);
+ if (g != NULL) BN_free(g);
+ Cleanup();
+ return false;
}
bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
return false;
}
- return CopyKey(_pDH->pub_key, pDst, dstLength);
+ const BIGNUM *pub_key;
+ DH_get0_key(_pDH, &pub_key, NULL);
+ return CopyKey(pub_key, pDst, dstLength);
}
bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
return false;
}
- return CopyKey(_pDH->priv_key, pDst, dstLength);
+ const BIGNUM *priv_key;
+ DH_get0_key(_pDH, NULL, &priv_key);
+ return CopyKey(priv_key, pDst, dstLength);
}
bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) {
@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *pDst, int32_t dstLength) {
void DHWrapper::Cleanup() {
if (_pDH != NULL) {
- if (_pDH->p != NULL) {
- BN_free(_pDH->p);
- _pDH->p = NULL;
- }
- if (_pDH->g != NULL) {
- BN_free(_pDH->g);
- _pDH->g = NULL;
- }
DH_free(_pDH);
_pDH = NULL;
}
@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() {
}
}
-bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
+bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
int32_t keySize = BN_num_bytes(pNum);
if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) {
FATAL("CopyPublicKey failed due to either invalid DH state or invalid call");
@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut
uint8_t digest[SHA256_DIGEST_LENGTH];
unsigned int digestLen = 0;
- HMAC_CTX ctx;
- HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
- HMAC_Update(&ctx, pubKeyIn, 128);
- HMAC_Final(&ctx, digest, &digestLen);
- HMAC_CTX_cleanup(&ctx);
+ HMAC_CTX *ctx;
+ ctx = HMAC_CTX_new();
+ if (ctx == NULL)
+ return;
+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
+ HMAC_Update(ctx, pubKeyIn, 128);
+ HMAC_Final(ctx, digest, &digestLen);
+ HMAC_CTX_reset(ctx);
RC4_set_key(rc4keyOut, 16, digest);
- HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
- HMAC_Update(&ctx, pubKeyOut, 128);
- HMAC_Final(&ctx, digest, &digestLen);
- HMAC_CTX_cleanup(&ctx);
+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
+ HMAC_Update(ctx, pubKeyOut, 128);
+ HMAC_Final(ctx, digest, &digestLen);
+ HMAC_CTX_free(ctx);
RC4_set_key(rc4keyIn, 16, digest);
}
@@ -220,14 +229,17 @@ string md5(string source, bool textResult) {
}
string md5(uint8_t *pBuffer, uint32_t length, bool textResult) {
- EVP_MD_CTX mdctx;
+ EVP_MD_CTX *mdctx;
unsigned char md_value[EVP_MAX_MD_SIZE];
unsigned int md_len;
- EVP_DigestInit(&mdctx, EVP_md5());
- EVP_DigestUpdate(&mdctx, pBuffer, length);
- EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
- EVP_MD_CTX_cleanup(&mdctx);
+ mdctx = EVP_MD_CTX_new();
+ if (mdctx == NULL)
+ return "";
+ EVP_DigestInit(mdctx, EVP_md5());
+ EVP_DigestUpdate(mdctx, pBuffer, length);
+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+ EVP_MD_CTX_free(mdctx);
if (textResult) {
string result = "";
@@ -259,12 +271,12 @@ void HMACsha256(const void *pData, uint32_t dataLength,
const void *pKey, uint32_t keyLength, void *pResult) {
unsigned int digestLen;
- HMAC_CTX ctx;
- HMAC_CTX_init(&ctx);
- HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
- HMAC_Update(&ctx, (unsigned char *) pData, dataLength);
- HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen);
- HMAC_CTX_cleanup(&ctx);
+ HMAC_CTX *ctx;
+ ctx = HMAC_CTX_new();
+ HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
+ HMAC_Update(ctx, (unsigned char *) pData, dataLength);
+ HMAC_Final(ctx, (unsigned char *) pResult, &digestLen);
+ HMAC_CTX_free(ctx);
o_assert(digestLen == 32);
}
@@ -397,8 +409,8 @@ string unhex(const uint8_t *pBuffer, uint32_t length) {
}
void CleanupSSL() {
-#ifndef NO_SSL_ENGINE_CLEANUP
- ERR_remove_state(0);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_remove_thread_state(NULL);
ENGINE_cleanup();
CONF_modules_unload(1);
ERR_free_strings();
--- /dev/null
+++ b/sources/common/src/utils/misc/libcrypto-compat.cpp
@@ -0,0 +1,90 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "utils/misc/libcrypto-compat.h"
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+#include <string.h>
+
+static void *OPENSSL_zalloc(size_t num)
+{
+ void *ret = OPENSSL_malloc(num);
+
+ if (ret != NULL)
+ memset(ret, 0, num);
+ return ret;
+}
+
+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
+{
+ /* If the fields p and g in d are NULL, the corresponding input
+ * parameters MUST be non-NULL. q may remain NULL.
+ */
+ if ((dh->p == NULL && p == NULL)
+ || (dh->g == NULL && g == NULL))
+ return 0;
+
+ if (p != NULL) {
+ BN_free(dh->p);
+ dh->p = p;
+ }
+ if (q != NULL) {
+ BN_free(dh->q);
+ dh->q = q;
+ }
+ if (g != NULL) {
+ BN_free(dh->g);
+ dh->g = g;
+ }
+
+ if (q != NULL) {
+ dh->length = BN_num_bits(q);
+ }
+
+ return 1;
+}
+
+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
+{
+ if (pub_key != NULL)
+ *pub_key = dh->pub_key;
+ if (priv_key != NULL)
+ *priv_key = dh->priv_key;
+}
+
+int DH_set_length(DH *dh, long length)
+{
+ dh->length = length;
+ return 1;
+}
+
+EVP_MD_CTX *EVP_MD_CTX_new(void)
+{
+ return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX));
+}
+
+void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
+{
+ EVP_MD_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+}
+
+HMAC_CTX *HMAC_CTX_new(void)
+{
+ return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX));
+}
+
+void HMAC_CTX_free(HMAC_CTX *ctx)
+{
+ HMAC_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+}
+
+#endif /* OPENSSL_VERSION_NUMBER */
--- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
+++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
@@ -43,6 +43,7 @@ BaseSSLProtocol::~BaseSSLProtocol() {
bool BaseSSLProtocol::Initialize(Variant &parameters) {
//1. Initialize the SSL library
if (!_libraryInitialized) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
//3. This is the first time we use the library. So we have to
//initialize it first
SSL_library_init();
@@ -55,6 +56,7 @@ bool BaseSSLProtocol::Initialize(Variant &parameters) {
OpenSSL_add_all_algorithms();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
+#endif
//initialize the random numbers generator
InitRandGenerator();
@@ -211,6 +213,7 @@ string BaseSSLProtocol::GetSSLErrors() {
string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
string formatString;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
formatString = "method: %p\n";
formatString += "callback: %p\n";
formatString += "cb_arg: %p\n";
@@ -240,6 +243,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
pBIO->references,
(int64_t) pBIO->num_read,
(int64_t) pBIO->num_write);
+#else
+// Some of these are problematic in openssl >= 1.1, since
+// the BIO struct is opaque.
+ formatString = "method: %s\n";
+ formatString += "callback: %p\n";
+ formatString += "cb_arg: %p\n";
+ formatString += "init: %d\n";
+ formatString += "shutdown: %d\n";
+ formatString += "flags: %d\n";
+ formatString += "retry_reason: %d\n";
+ formatString += "num: %d\n";
+ formatString += "ptr: %p\n";
+ formatString += "next_bio: %p\n";
+ formatString += "prev_bio: %s\n";
+ formatString += "references: %s\n";
+ formatString += "num_read: %"PRId64"\n";
+ formatString += "num_write: %"PRId64;
+ return format(STR(formatString),
+ BIO_method_name(pBIO),
+ BIO_get_callback(pBIO),
+ BIO_get_callback_arg(pBIO),
+ BIO_get_init(pBIO),
+ BIO_get_shutdown(pBIO),
+ BIO_get_flags(pBIO),
+ BIO_get_retry_reason(pBIO),
+ BIO_get_fd(pBIO, NULL),
+ BIO_get_data(pBIO),
+ BIO_next(pBIO),
+ "unknown", //prev_bio
+ "unknown", //references
+ BIO_number_read(pBIO),
+ BIO_number_written(pBIO));
+#endif
}
void BaseSSLProtocol::InitRandGenerator() {
--- a/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp
+++ b/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp
@@ -33,7 +33,7 @@ bool OutboundSSLProtocol::InitGlobalContext(Variant &parameters) {
_pGlobalSSLContext = _pGlobalContexts[hash];
if (_pGlobalSSLContext == NULL) {
//2. prepare the global ssl context
- _pGlobalSSLContext = SSL_CTX_new(TLSv1_method());
+ _pGlobalSSLContext = SSL_CTX_new(SSLv23_method());
if (_pGlobalSSLContext == NULL) {
FATAL("Unable to create global SSL context");
return false;