crtmpserver: Remove

It has several compilation bugs in addition to being under no development. There are also alternatives in the tree. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-14 16:59:27 -07:00 · 2019-10-14 16:59:27 -07:00 · 63913d9849
commit 63913d9849
parent 21e195f657
7 changed files with 0 additions and 707 deletions
--- a/multimedia/crtmpserver/Makefile
+++ b/multimedia/crtmpserver/Makefile
@ -1,98 +0,0 @@
-#
-# Copyright (C) 2010 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=crtmpserver
-PKG_SOURCE_DATE:=2015-10-04
-PKG_SOURCE_VERSION:=b866fffca37c3b967a8878499cd2b91aa2587f34
-PKG_RELEASE:=2
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz
-PKG_SOURCE_URL:=https://codeload.github.com/shiretu/crtmpserver/tar.gz/$(PKG_SOURCE_VERSION)?
-PKG_HASH:=3744bef060129fda6f7902eb64f566b0d5049864dc542b2882c550b083ef82aa
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION)
-
-PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
-PKG_LICENSE:=GPL-3.0
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/crtmpserver
-  SECTION:=multimedia
-  CATEGORY:=Multimedia
-  DEPENDS:=+libstdcpp +libopenssl +liblua
-  TITLE:=C++ RTMP Server
-endef
-
-define Package/crtmpserver/description
-C++ RTMP Server it is a high performance streaming server able to
-stream (live or recorded) in the following technologies:
- * To and from Flash (RTMP,RTMPE, RTMPS, RTMPT, RTMPTE)
- * To and from embedded devices: iPhone, Android
- * From surveillance cameras
- * IP-TV using MPEG-TS and RTSP/RTCP/RTP protocols
-
-Also, crtmpserver can be used as a high performance rendes-vous
-server. For example, it enables you to do:
- * Audio/Video conferencing
- * Online gaming
- * Online collaboration
- * Simple/complex chat applications
-endef
-
-define Package/crtmpserver/conffiles
-/etc/crtmpserver.lua
-endef
-
-# XXX: this hack handles the usr/bin vs bin difference of backfire and trunk
-TS_BASE:=$(wildcard $(TOOLCHAIN_DIR)/bin/$(TARGET_CC))
-TS_BASE:=$(dir $(if $(TS_BASE),$(TS_BASE),$(wildcard $(TOOLCHAIN_DIR)/usr/bin/$(TARGET_CC))))
-
-define Build/Configure
-	(cd $(PKG_BUILD_DIR)/builders/make; \
-		cp linux.mk linux-openwrt-uclibc.mk; \
-		$(SED) 's,^TOOLCHAIN_BASE[[:space:]]*=.*,TOOLCHAIN_BASE=$(TS_BASE),' \
-			-e 's,^TOOLCHAIN_PREFIX[[:space:]]*=.*,TOOLCHAIN_PREFIX=$(TARGET_CROSS),' \
-			-e 's,^CCOMPILER[[:space:]]*=.*,CCOMPILER=$(TARGET_CC),' \
-			-e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX) -std=gnu++03,' \
-			-e 's,^OPTIMIZATIONS[[:space:]]*=.*,OPTIMIZATIONS=-O2,' \
-			-e 's,^SSL_BASE[[:space:]]*=.*,SSL_BASE=$(STAGING_DIR)/usr,' \
-			linux-openwrt-uclibc.mk)
-	(cd $(PKG_BUILD_DIR)/sources/common/include/; \
-		echo '#define CRTMPSERVER_VERSION_RELEASE_NUMBER "$(PKG_VERSION)\n"' > version.h; \
-		echo '#define CRTMPSERVER_VERSION_CODE_NAME "Git\n"'                >> version.h)
-endef
-
-define Build/Compile
-	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/builders/make \
-		PLATFORM=linux-openwrt-uclibc -Wno-error -j6
-endef
-
-define Package/crtmpserver/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/builders/make/output/dynamic/crtmpserver $(1)/usr/bin/
-	$(INSTALL_DIR) $(1)/usr/lib/crtmpserver
-	$(CP) $(PKG_BUILD_DIR)/builders/make/output/dynamic/*.so $(1)/usr/lib/crtmpserver/
-	$(foreach app,flvplayback samplefactory admin stresstest appselector vptests applestreamingclient proxypublish, \
-		$(INSTALL_DIR) $(1)/usr/lib/crtmpserver/$(app); \
-		$(INSTALL_BIN) $(PKG_BUILD_DIR)/builders/make/output/dynamic/applications/$(app)/lib$(app).so \
-			$(1)/usr/lib/crtmpserver/$(app)/; \
-	)
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_CONF) $(PKG_BUILD_DIR)/builders/make/output/dynamic/crtmpserver.lua $(1)/etc/
-	$(INSTALL_DIR) $(1)/usr/share/crtmpserver/appselector
-	$(INSTALL_DIR) $(1)/usr/share/crtmpserver/media
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_BIN) ./files/crtmpserver.init $(1)/etc/init.d/crtmpserver
-endef
-
-$(eval $(call BuildPackage,crtmpserver))
-
--- a/multimedia/crtmpserver/files/crtmpserver.init
+++ b/multimedia/crtmpserver/files/crtmpserver.init
@ -1,30 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2009-2010 OpenWrt.org
-
-START=99
-STOP=80
-
-SERVICE_USE_PID=1
-
-CRTMPSERVER_BIN="/usr/bin/crtmpserver"
-CRTMPSERVER_CONFIG="/etc/crtmpserver.lua"
-CRTMPSERVER_PID="/var/run/crtmpserver.pid"
-
-start()
-{
-        echo "start $CRTMPSERVER_BIN"
-        start-stop-daemon -S -x "$CRTMPSERVER_BIN" -- --daemon --pid="$CRTMPSERVER_PID" \
-                "$CRTMPSERVER_CONFIG"
-}
-stop() {
-
-        echo "stop $CRTMPSERVER_BIN"
-        start-stop-daemon  -K -x $CRTMPSERVER_BIN -p $CRTMPSERVER_PID
-}
-
-reload()
-{
-        stop
-        start
-}
-
--- a/multimedia/crtmpserver/patches/030-default-config.patch
+++ b/multimedia/crtmpserver/patches/030-default-config.patch
@ -1,51 +0,0 @@
--- a/builders/cmake/crtmpserver/crtmpserver.lua
-+++ b/builders/cmake/crtmpserver/crtmpserver.lua
-@@ -4,7 +4,7 @@ configuration=
- {
- 	-- if true, the server will run as a daemon.
- 	-- NOTE: all console appenders will be ignored if this is a daemon
-	daemon=false,
-+	daemon=true,
- 	-- the OS's path separator. Used in composing paths
- 	pathSeparator="/",
- 
-@@ -44,7 +44,7 @@ configuration=
- 	{
- 		-- this is the root directory of all applications
- 		-- usually this is relative to the binary execuable
-		rootDirectory="applications",
-+		rootDirectory="/usr/lib/crtmpserver",
- 		
- 		
- 		--this is where the applications array starts
-@@ -68,7 +68,7 @@ configuration=
- 			-- this is the folder from where the current application gets it's content.
- 			-- It is optional. If not specified, it will be defaulted to:
- 			-- <rootDirectory>/<name>/mediaFolder
-			-- mediaFolder="/some/directory/where/media/files/are/stored"
-+			mediaFolder="/media",
- 			-- the application will also be known by that names. It is optional
- 			--aliases=
- 			--{
-@@ -87,13 +87,6 @@ configuration=
- 					port=1935,
- 					protocol="inboundRtmp"
- 				},
-				{
-					ip="0.0.0.0",
-					port=8081,
-					protocol="inboundRtmps",
-					sslKey="server.key",
-					sslCert="server.crt"
-				},
- 				{
- 					ip="0.0.0.0",
- 					port=8080,
-@@ -206,6 +199,7 @@ configuration=
- 			name="samplefactory",
- 			description="asdsadasdsa",
- 			protocol="dynamiclinklibrary",
-+			mediaFolder="/usr/share/ctmpserver/media",
- 			aliases=
- 			{
- 				"httpOutboundTest"
--- a/multimedia/crtmpserver/patches/040-syslog.patch
+++ b/multimedia/crtmpserver/patches/040-syslog.patch
@ -1,11 +0,0 @@
--- a/sources/common/src/utils/logging/syslogloglocation.cpp
-+++ b/sources/common/src/utils/logging/syslogloglocation.cpp
-@@ -35,8 +35,6 @@ SyslogLogLocation::SyslogLogLocation(Variant &configuration, string identifier,
- 	_priorities[_WARNING_] = LOG_WARNING;
- 	_priorities[_ERROR_] = LOG_ERR;
- 	_priorities[_FATAL_] = LOG_ERR;
-	_priorities[_PROD_ACCESS_] = LOG_ERR;
-	_priorities[_PROD_ERROR_] = LOG_ERR;
- 	_specificLevel = specificLevel;
- 	_enforceLoggerName = (_configuration[CONF_LOG_APPENDER_NAME] != "");
- 	_pDefualtFormatter = NULL;
--- a/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch
+++ b/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch
@ -1,12 +0,0 @@
--- a/builders/make/apps.mk
-+++ b/builders/make/apps.mk
-@@ -110,6 +110,6 @@ vptests: thelib $(VPTESTS_OBJS)
- %.vptests.o: %.cpp
- 	$(CXXCOMPILER) $(COMPILE_FLAGS) $(DEFINES) $(VPTESTS_INCLUDE) -c $< -o $@
- 
-ALL_APPS_OBJS= $(ADMIN_OBJS) $(APPLESTREAMINGCLIENT_OBJS) $(APPSELECTOR_OBJS) $(FLVPLAYBACK_OBJS) $(PROXYPUBLISH_OBJS) $(SAMPLEFACTORY_OBJS) $(STRESSTEST_OBJS) $(VPTESTS_OBJS)
-ACTIVE_APPS= -DHAS_APP_ADMIN -DHAS_APP_APPLESTREAMINGCLIENT -DHAS_APP_APPSELECTOR -DHAS_APP_FLVPLAYBACK -DHAS_APP_PROXYPUBLISH -DHAS_APP_SAMPLEFACTORY -DHAS_APP_STRESSTEST -DHAS_APP_VPTESTS
-applications: thelib admin applestreamingclient appselector flvplayback proxypublish samplefactory stresstest vptests
-+ALL_APPS_OBJS= $(ADMIN_OBJS) $(APPSELECTOR_OBJS) $(FLVPLAYBACK_OBJS) $(PROXYPUBLISH_OBJS) $(SAMPLEFACTORY_OBJS) $(STRESSTEST_OBJS) $(VPTESTS_OBJS)
-+ACTIVE_APPS= -DHAS_APP_ADMIN -DHAS_APP_APPSELECTOR -DHAS_APP_FLVPLAYBACK -DHAS_APP_PROXYPUBLISH -DHAS_APP_SAMPLEFACTORY -DHAS_APP_STRESSTEST -DHAS_APP_VPTESTS
-+applications: thelib admin appselector flvplayback proxypublish samplefactory stresstest vptests
--- a/multimedia/crtmpserver/patches/080-fix-define.patch
+++ b/multimedia/crtmpserver/patches/080-fix-define.patch
@ -1,11 +0,0 @@
--- a/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h
-+++ b/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h
-@@ -18,7 +18,7 @@
-  */
- 
- 
-#if defined HAS_PROTOCOL_TS && defined HAS_MEDIA_TS
-+#if defined HAS_PROTOCOL_TS || defined HAS_MEDIA_TS
- #ifndef _BASETSAPPPROTOCOLHANDLER_H
- #define	_BASETSAPPPROTOCOLHANDLER_H
- 
--- a/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch
+++ b/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch
@ -1,494 +0,0 @@
--- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
-+++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h
-@@ -30,7 +30,7 @@ namespace app_applestreamingclient {
- 	private:
- 		IOBuffer _tempBuffer;
- 		IOBuffer _inputBuffer;
-		EVP_CIPHER_CTX _decContex;
-+		EVP_CIPHER_CTX *_decContex;
- 		bool _lastChunk;
- 		uint8_t *_pIV;
- 		uint8_t *_pKey;
--- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
-+++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp
-@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol()
- 	memset(_pIV, 0, 16);
- 	_pKey = new uint8_t[16];
- 	memset(_pKey, 0, 16);
-	memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-+	_decContex = EVP_CIPHER_CTX_new();
- 	_totalDecrypted = 0;
- }
- 
- InboundAESProtocol::~InboundAESProtocol() {
-	EVP_CIPHER_CTX_cleanup(&_decContex);
-	memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-+	EVP_CIPHER_CTX_free(_decContex);
- 	delete[] _pIV;
- 	delete[] _pKey;
- }
-@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Variant &parameters) {
- 	_inputBuffer.IgnoreAll();
- 	_tempBuffer.IgnoreAll();
- 
-	EVP_CIPHER_CTX_cleanup(&_decContex);
-	memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX));
-	EVP_CIPHER_CTX_init(&_decContex);
-	EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
-	EVP_CIPHER_CTX_set_padding(&_decContex, 0);
-+	EVP_CIPHER_CTX_reset(_decContex);
-+	EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV);
-+	EVP_CIPHER_CTX_set_padding(_decContex, 0);
- 
- 	return true;
- }
-@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData(IOBuffer &buffer) {
- 	int decryptedFinalSize = 0;
- 	uint32_t padding = 0;
- 
-	EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
-+	EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize);
- 	_totalDecrypted += decryptedSize;
- 
- 	//6. Decrypt leftovers
- 	bool transferCompleted = false;
- 	if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) {
- 		transferCompleted = true;
-		EVP_DecryptFinal_ex(&_decContex,
-+		EVP_DecryptFinal_ex(_decContex,
- 				pTempData + decryptedSize,
- 				&decryptedFinalSize);
- 		_totalDecrypted += decryptedFinalSize;
--- a/sources/common/include/utils/misc/crypto.h
-+++ b/sources/common/include/utils/misc/crypto.h
-@@ -33,6 +33,7 @@
- #include <openssl/aes.h>
- #include <openssl/engine.h>
- #include <openssl/conf.h>
-+#include "utils/misc/libcrypto-compat.h"
- 
- /*!
- 	@class DHWrapper
-@@ -83,7 +84,7 @@ public:
- 	bool CopySharedKey(uint8_t *pDst, int32_t dstLength);
- private:
- 	void Cleanup();
-	bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
-+	bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength);
- };
- 
- DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut,
--- /dev/null
-+++ b/sources/common/include/utils/misc/libcrypto-compat.h
-@@ -0,0 +1,26 @@
-+#ifndef LIBCRYPTO_COMPAT_H
-+#define LIBCRYPTO_COMPAT_H
-+
-+#include <openssl/opensslv.h>
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
-+#include <openssl/bn.h>
-+#include <openssl/dh.h>
-+#include <openssl/evp.h>
-+#include <openssl/hmac.h>
-+
-+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
-+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
-+int DH_set_length(DH *dh, long length);
-+
-+EVP_MD_CTX *EVP_MD_CTX_new(void);
-+void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
-+#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup
-+
-+HMAC_CTX *HMAC_CTX_new(void);
-+void HMAC_CTX_free(HMAC_CTX *ctx);
-+#define HMAC_CTX_reset HMAC_CTX_cleanup
-+
-+#endif /* OPENSSL_VERSION_NUMBER */
-+
-+#endif /* LIBCRYPTO_COMPAT_H */
--- a/sources/common/src/utils/misc/crypto.cpp
-+++ b/sources/common/src/utils/misc/crypto.cpp
-@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() {
- }
- 
- bool DHWrapper::Initialize() {
-+	BIGNUM *p = NULL, *g = NULL;
- 	Cleanup();
- 
- 	//1. Create the DH
-@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() {
- 	}
- 
- 	//2. Create his internal p and g
-	_pDH->p = BN_new();
-	if (_pDH->p == NULL) {
-+	p = BN_new();
-+	if (p == NULL) {
- 		FATAL("Unable to create p");
-		Cleanup();
-		return false;
-+		goto return_error;
- 	}
-	_pDH->g = BN_new();
-	if (_pDH->g == NULL) {
-+	g = BN_new();
-+	if (g == NULL) {
- 		FATAL("Unable to create g");
-		Cleanup();
-		return false;
-+		goto return_error;
- 	}
- 
- 	//3. initialize p, g and key length
-	if (BN_hex2bn(&_pDH->p, P1024) == 0) {
-+	if (BN_hex2bn(&p, P1024) == 0) {
- 		FATAL("Unable to parse P1024");
-		Cleanup();
-		return false;
-+		goto return_error;
- 	}
-	if (BN_set_word(_pDH->g, 2) != 1) {
-+	if (BN_set_word(g, 2) != 1) {
- 		FATAL("Unable to set g");
-		Cleanup();
-		return false;
-+		goto return_error;
-+	}
-+
-+	//4. Set internal p and g
-+	if (DH_set0_pqg(_pDH, p, NULL, g) != 1) {
-+		FATAL("Unable to set internal p and g");
-+		goto return_error;
- 	}
-+	p = g = NULL;
- 
-	//4. Set the key length
-	_pDH->length = _bitsCount;
-+	//5. Set the key length
-+	if (DH_set_length(_pDH, _bitsCount) != 1) {
-+		FATAL("Unable to set length");
-+		goto return_error;
-+	}
- 
-	//5. Generate private and public key
-+	//6. Generate private and public key
- 	if (DH_generate_key(_pDH) != 1) {
- 		FATAL("Unable to generate DH public/private keys");
-		Cleanup();
-		return false;
-+		goto return_error;
- 	}
- 
- 	return true;
-+
-+return_error:
-+	if (p != NULL) BN_free(p);
-+	if (g != NULL) BN_free(g);
-+	Cleanup();
-+	return false;
- }
- 
- bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
-@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) {
- 		return false;
- 	}
- 
-	return CopyKey(_pDH->pub_key, pDst, dstLength);
-+	const BIGNUM *pub_key;
-+	DH_get0_key(_pDH, &pub_key, NULL);
-+	return CopyKey(pub_key, pDst, dstLength);
- }
- 
- bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
-@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) {
- 		return false;
- 	}
- 
-	return CopyKey(_pDH->priv_key, pDst, dstLength);
-+	const BIGNUM *priv_key;
-+	DH_get0_key(_pDH, NULL, &priv_key);
-+	return CopyKey(priv_key, pDst, dstLength);
- }
- 
- bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) {
-@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *pDst, int32_t dstLength) {
- 
- void DHWrapper::Cleanup() {
- 	if (_pDH != NULL) {
-		if (_pDH->p != NULL) {
-			BN_free(_pDH->p);
-			_pDH->p = NULL;
-		}
-		if (_pDH->g != NULL) {
-			BN_free(_pDH->g);
-			_pDH->g = NULL;
-		}
- 		DH_free(_pDH);
- 		_pDH = NULL;
- 	}
-@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() {
- 	}
- }
- 
-bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
-+bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) {
- 	int32_t keySize = BN_num_bytes(pNum);
- 	if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) {
- 		FATAL("CopyPublicKey failed due to either invalid DH state or invalid call");
-@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut
- 	uint8_t digest[SHA256_DIGEST_LENGTH];
- 	unsigned int digestLen = 0;
- 
-	HMAC_CTX ctx;
-	HMAC_CTX_init(&ctx);
-	HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
-	HMAC_Update(&ctx, pubKeyIn, 128);
-	HMAC_Final(&ctx, digest, &digestLen);
-	HMAC_CTX_cleanup(&ctx);
-+	HMAC_CTX *ctx;
-+	ctx = HMAC_CTX_new();
-+	if (ctx == NULL)
-+		return;
-+	HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
-+	HMAC_Update(ctx, pubKeyIn, 128);
-+	HMAC_Final(ctx, digest, &digestLen);
-+	HMAC_CTX_reset(ctx);
- 
- 	RC4_set_key(rc4keyOut, 16, digest);
- 
-	HMAC_CTX_init(&ctx);
-	HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0);
-	HMAC_Update(&ctx, pubKeyOut, 128);
-	HMAC_Final(&ctx, digest, &digestLen);
-	HMAC_CTX_cleanup(&ctx);
-+	HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0);
-+	HMAC_Update(ctx, pubKeyOut, 128);
-+	HMAC_Final(ctx, digest, &digestLen);
-+	HMAC_CTX_free(ctx);
- 
- 	RC4_set_key(rc4keyIn, 16, digest);
- }
-@@ -220,14 +229,17 @@ string md5(string source, bool textResult) {
- }
- 
- string md5(uint8_t *pBuffer, uint32_t length, bool textResult) {
-	EVP_MD_CTX mdctx;
-+	EVP_MD_CTX *mdctx;
- 	unsigned char md_value[EVP_MAX_MD_SIZE];
- 	unsigned int md_len;
- 
-	EVP_DigestInit(&mdctx, EVP_md5());
-	EVP_DigestUpdate(&mdctx, pBuffer, length);
-	EVP_DigestFinal_ex(&mdctx, md_value, &md_len);
-	EVP_MD_CTX_cleanup(&mdctx);
-+	mdctx = EVP_MD_CTX_new();
-+	if (mdctx == NULL)
-+		return "";
-+	EVP_DigestInit(mdctx, EVP_md5());
-+	EVP_DigestUpdate(mdctx, pBuffer, length);
-+	EVP_DigestFinal_ex(mdctx, md_value, &md_len);
-+	EVP_MD_CTX_free(mdctx);
- 
- 	if (textResult) {
- 		string result = "";
-@@ -259,12 +271,12 @@ void HMACsha256(const void *pData, uint32_t dataLength,
- 		const void *pKey, uint32_t keyLength, void *pResult) {
- 	unsigned int digestLen;
- 
-	HMAC_CTX ctx;
-	HMAC_CTX_init(&ctx);
-	HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
-	HMAC_Update(&ctx, (unsigned char *) pData, dataLength);
-	HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen);
-	HMAC_CTX_cleanup(&ctx);
-+	HMAC_CTX *ctx;
-+	ctx = HMAC_CTX_new();
-+	HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL);
-+	HMAC_Update(ctx, (unsigned char *) pData, dataLength);
-+	HMAC_Final(ctx, (unsigned char *) pResult, &digestLen);
-+	HMAC_CTX_free(ctx);
- 
- 	o_assert(digestLen == 32);
- }
-@@ -397,8 +409,8 @@ string unhex(const uint8_t *pBuffer, uint32_t length) {
- }
- 
- void CleanupSSL() {
-#ifndef NO_SSL_ENGINE_CLEANUP
-	ERR_remove_state(0);
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+	ERR_remove_thread_state(NULL);
- 	ENGINE_cleanup();
- 	CONF_modules_unload(1);
- 	ERR_free_strings();
--- /dev/null
-+++ b/sources/common/src/utils/misc/libcrypto-compat.cpp
-@@ -0,0 +1,90 @@
-+/*
-+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
-+ *
-+ * Licensed under the OpenSSL license (the "License").  You may not use
-+ * this file except in compliance with the License.  You can obtain a copy
-+ * in the file LICENSE in the source distribution or at
-+ * https://www.openssl.org/source/license.html
-+ */
-+
-+#include "utils/misc/libcrypto-compat.h"
-+
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
-+#include <string.h>
-+
-+static void *OPENSSL_zalloc(size_t num)
-+{
-+    void *ret = OPENSSL_malloc(num);
-+
-+    if (ret != NULL)
-+        memset(ret, 0, num);
-+    return ret;
-+}
-+
-+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-+{
-+    /* If the fields p and g in d are NULL, the corresponding input
-+     * parameters MUST be non-NULL.  q may remain NULL.
-+     */
-+    if ((dh->p == NULL && p == NULL)
-+        || (dh->g == NULL && g == NULL))
-+        return 0;
-+
-+    if (p != NULL) {
-+        BN_free(dh->p);
-+        dh->p = p;
-+    }
-+    if (q != NULL) {
-+        BN_free(dh->q);
-+        dh->q = q;
-+    }
-+    if (g != NULL) {
-+        BN_free(dh->g);
-+        dh->g = g;
-+    }
-+
-+    if (q != NULL) {
-+        dh->length = BN_num_bits(q);
-+    }
-+
-+    return 1;
-+}
-+
-+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
-+{
-+    if (pub_key != NULL)
-+        *pub_key = dh->pub_key;
-+    if (priv_key != NULL)
-+        *priv_key = dh->priv_key;
-+}
-+
-+int DH_set_length(DH *dh, long length)
-+{
-+    dh->length = length;
-+    return 1;
-+}
-+
-+EVP_MD_CTX *EVP_MD_CTX_new(void)
-+{
-+    return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX));
-+}
-+
-+void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
-+{
-+    EVP_MD_CTX_cleanup(ctx);
-+    OPENSSL_free(ctx);
-+}
-+
-+HMAC_CTX *HMAC_CTX_new(void)
-+{
-+    return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX));
-+}
-+
-+void HMAC_CTX_free(HMAC_CTX *ctx)
-+{
-+    HMAC_CTX_cleanup(ctx);
-+    OPENSSL_free(ctx);
-+}
-+
-+#endif /* OPENSSL_VERSION_NUMBER */
--- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
-+++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp
-@@ -43,6 +43,7 @@ BaseSSLProtocol::~BaseSSLProtocol() {
- bool BaseSSLProtocol::Initialize(Variant &parameters) {
- 	//1. Initialize the SSL library
- 	if (!_libraryInitialized) {
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 		//3. This is the first time we use the library. So we have to
- 		//initialize it first
- 		SSL_library_init();
-@@ -55,6 +56,7 @@ bool BaseSSLProtocol::Initialize(Variant &parameters) {
- 		OpenSSL_add_all_algorithms();
- 		OpenSSL_add_all_ciphers();
- 		OpenSSL_add_all_digests();
-+#endif
- 
- 		//initialize the random numbers generator
- 		InitRandGenerator();
-@@ -211,6 +213,7 @@ string BaseSSLProtocol::GetSSLErrors() {
- 
- string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
- 	string formatString;
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- 	formatString = "method: %p\n";
- 	formatString += "callback: %p\n";
- 	formatString += "cb_arg: %p\n";
-@@ -240,6 +243,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBIO) {
- 			pBIO->references,
- 			(int64_t) pBIO->num_read,
- 			(int64_t) pBIO->num_write);
-+#else
-+// Some of these are problematic in openssl >= 1.1, since
-+// the BIO struct is opaque.
-+	formatString = "method: %s\n";
-+	formatString += "callback: %p\n";
-+	formatString += "cb_arg: %p\n";
-+	formatString += "init: %d\n";
-+	formatString += "shutdown: %d\n";
-+	formatString += "flags: %d\n";
-+	formatString += "retry_reason: %d\n";
-+	formatString += "num: %d\n";
-+	formatString += "ptr: %p\n";
-+	formatString += "next_bio: %p\n";
-+	formatString += "prev_bio: %s\n";
-+	formatString += "references: %s\n";
-+	formatString += "num_read: %"PRId64"\n";
-+	formatString += "num_write: %"PRId64;
-+	return format(STR(formatString),
-+			BIO_method_name(pBIO),
-+			BIO_get_callback(pBIO),
-+			BIO_get_callback_arg(pBIO),
-+			BIO_get_init(pBIO),
-+			BIO_get_shutdown(pBIO),
-+			BIO_get_flags(pBIO),
-+			BIO_get_retry_reason(pBIO),
-+			BIO_get_fd(pBIO, NULL),
-+			BIO_get_data(pBIO),
-+			BIO_next(pBIO),
-+			"unknown", //prev_bio
-+			"unknown", //references
-+			BIO_number_read(pBIO),
-+			BIO_number_written(pBIO));
-+#endif
- }
- 
- void BaseSSLProtocol::InitRandGenerator() {
--- a/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp
-+++ b/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp
-@@ -33,7 +33,7 @@ bool OutboundSSLProtocol::InitGlobalContext(Variant &parameters) {
- 	_pGlobalSSLContext = _pGlobalContexts[hash];
- 	if (_pGlobalSSLContext == NULL) {
- 		//2. prepare the global ssl context
-		_pGlobalSSLContext = SSL_CTX_new(TLSv1_method());
-+		_pGlobalSSLContext = SSL_CTX_new(SSLv23_method());
- 		if (_pGlobalSSLContext == NULL) {
- 			FATAL("Unable to create global SSL context");
- 			return false;