[packages/gpac.git] / openssl.patch

From e64a7d229fdcb5c190064b7860ade50124dcc735 Mon Sep 17 00:00:00 2001
From: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri, 6 Oct 2017 16:46:18 +0200
Subject: [PATCH] compatibility with OpenSSL 1.1.x (#616)

---
 src/utils/downloader.c | 40 +++++++++++++++++++++++++++++-----------
 1 file changed, 29 insertions(+), 11 deletions(-)

diff --git a/src/utils/downloader.c b/src/utils/downloader.c
index b8c923b88..3b7d37b41 100644
--- a/src/utils/downloader.c
+++ b/src/utils/downloader.c
@@ -204,7 +204,7 @@ struct __gf_download_manager
 	u32 limit_data_rate, read_buf_size;
 	u64 max_cache_size;
 	Bool allow_broken_certificate;
-	
+
 	GF_List *skip_proxy_servers;
 	GF_List *credentials;
 	GF_List *cache_entries;
@@ -392,10 +392,18 @@ static Bool init_ssl_lib() {
 		GF_LOG(GF_LOG_ERROR, GF_LOG_NETWORK, ("[HTTPS] Error while initializing Random Number generator, failed to init SSL !\n"));
 		return GF_TRUE;
 	}
+
+	/* per https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html
+	** As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required.
+	** Similarly it will also automatically deinitialise as required.
+	*/
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	SSL_library_init();
 	SSL_load_error_strings();
 	SSLeay_add_all_algorithms();
 	SSLeay_add_ssl_algorithms();
+#endif
+
 	_ssl_is_initialized = GF_TRUE;
 	GF_LOG(GF_LOG_DEBUG, GF_LOG_NETWORK, ("[HTTPS] Initalization of SSL library complete.\n"));
 	return GF_FALSE;
@@ -422,6 +430,7 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
 	}
 
 	switch (mode) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	case 0:
 		meth = SSLv23_client_method();
 		break;
@@ -436,6 +445,11 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
 	case 3:
 		meth = TLSv1_client_method();
 		break;
+#else /* for openssl 1.1+ this is the prefered method */
+	case 0:
+		meth = TLS_client_method();
+		break;
+#endif
 	default:
 		goto error;
 	}
@@ -1225,7 +1239,7 @@ static GF_Err gf_dm_read_data(GF_DownloadSession *sess, char *data, u32 data_siz
 		gf_mx_v(sess->mx);
 		return GF_IP_CONNECTION_CLOSED;
 	}
-	
+
 #ifdef GPAC_HAS_SSL
 	if (sess->ssl) {
 		s32 size;
@@ -1451,7 +1465,11 @@ static void gf_dm_connect(GF_DownloadSession *sess)
 							const GENERAL_NAME *altname = sk_GENERAL_NAME_value(altnames, i);
 							if (altname->type == GEN_DNS)
 							{
-								unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
+								#if OPENSSL_VERSION_NUMBER < 0x10100000L
+									unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
+								#else
+									unsigned char *altname_str = (unsigned char *)ASN1_STRING_get0_data(altname->d.ia5);
+								#endif
 								gf_list_add(valid_names, altname_str);
 							}
 						}
Commit	Line	Data
ebe39204 AM	1	From e64a7d229fdcb5c190064b7860ade50124dcc735 Mon Sep 17 00:00:00 2001
	2	From: Aurelien David <aurelien.david@telecom-paristech.fr>
	3	Date: Fri, 6 Oct 2017 16:46:18 +0200
	4	Subject: [PATCH] compatibility with OpenSSL 1.1.x (#616)
	5
	6	---
	7	src/utils/downloader.c \| 40 +++++++++++++++++++++++++++++-----------
	8	1 file changed, 29 insertions(+), 11 deletions(-)
	9
	10	diff --git a/src/utils/downloader.c b/src/utils/downloader.c
	11	index b8c923b88..3b7d37b41 100644
	12	--- a/src/utils/downloader.c
	13	+++ b/src/utils/downloader.c
	14	@@ -204,7 +204,7 @@ struct __gf_download_manager
	15	u32 limit_data_rate, read_buf_size;
	16	u64 max_cache_size;
	17	Bool allow_broken_certificate;
	18	-
	19	+
	20	GF_List *skip_proxy_servers;
	21	GF_List *credentials;
	22	GF_List *cache_entries;
	23	@@ -392,10 +392,18 @@ static Bool init_ssl_lib() {
	24	GF_LOG(GF_LOG_ERROR, GF_LOG_NETWORK, ("[HTTPS] Error while initializing Random Number generator, failed to init SSL !\n"));
	25	return GF_TRUE;
	26	}
	27	+
	28	+ /* per https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html
	29	+ ** As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required.
	30	+ ** Similarly it will also automatically deinitialise as required.
	31	+ */
	32	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	33	SSL_library_init();
	34	SSL_load_error_strings();
	35	SSLeay_add_all_algorithms();
	36	SSLeay_add_ssl_algorithms();
	37	+#endif
	38	+
	39	_ssl_is_initialized = GF_TRUE;
	40	GF_LOG(GF_LOG_DEBUG, GF_LOG_NETWORK, ("[HTTPS] Initalization of SSL library complete.\n"));
	41	return GF_FALSE;
	42	@@ -422,6 +430,7 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
	43	}
	44
	45	switch (mode) {
	46	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	47	case 0:
	48	meth = SSLv23_client_method();
	49	break;
	50	@@ -436,6 +445,11 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
	51	case 3:
	52	meth = TLSv1_client_method();
	53	break;
	54	+#else /* for openssl 1.1+ this is the prefered method */
	55	+ case 0:
	56	+ meth = TLS_client_method();
	57	+ break;
	58	+#endif
	59	default:
	60	goto error;
	61	}
	62	@@ -1225,7 +1239,7 @@ static GF_Err gf_dm_read_data(GF_DownloadSession sess, char data, u32 data_siz
	63	gf_mx_v(sess->mx);
	64	return GF_IP_CONNECTION_CLOSED;
65	}
66	-
67	+
68	#ifdef GPAC_HAS_SSL
69	if (sess->ssl) {
70	s32 size;
71	@@ -1451,7 +1465,11 @@ static void gf_dm_connect(GF_DownloadSession *sess)
72	const GENERAL_NAME *altname = sk_GENERAL_NAME_value(altnames, i);
73	if (altname->type == GEN_DNS)
74	{
75	- unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
76	+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
77	+ unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
78	+ #else
79	+ unsigned char altname_str = (unsigned char )ASN1_STRING_get0_data(altname->d.ia5);
80	+ #endif
81	gf_list_add(valid_names, altname_str);
82	}
83	}
84