- rel 2; typo fix

[packages/gpac.git] / openssl.patch

From e64a7d229fdcb5c190064b7860ade50124dcc735 Mon Sep 17 00:00:00 2001
From: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Fri, 6 Oct 2017 16:46:18 +0200
Subject: [PATCH] compatibility with OpenSSL 1.1.x (#616)

---
 src/utils/downloader.c | 40 +++++++++++++++++++++++++++++-----------
 1 file changed, 29 insertions(+), 11 deletions(-)

diff --git a/src/utils/downloader.c b/src/utils/downloader.c
index b8c923b88..3b7d37b41 100644
--- a/src/utils/downloader.c
+++ b/src/utils/downloader.c
@@ -204,7 +204,7 @@ struct __gf_download_manager
        u32 limit_data_rate, read_buf_size;
        u64 max_cache_size;
        Bool allow_broken_certificate;
-       
+
        GF_List *skip_proxy_servers;
        GF_List *credentials;
        GF_List *cache_entries;
@@ -392,10 +392,18 @@ static Bool init_ssl_lib() {
                GF_LOG(GF_LOG_ERROR, GF_LOG_NETWORK, ("[HTTPS] Error while initializing Random Number generator, failed to init SSL !\n"));
                return GF_TRUE;
        }
+
+       /* per https://www.openssl.org/docs/man1.1.0/ssl/OPENSSL_init_ssl.html
+       ** As of version 1.1.0 OpenSSL will automatically allocate all resources that it needs so no explicit initialisation is required.
+       ** Similarly it will also automatically deinitialise as required.
+       */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
        SSL_library_init();
        SSL_load_error_strings();
        SSLeay_add_all_algorithms();
        SSLeay_add_ssl_algorithms();
+#endif
+
        _ssl_is_initialized = GF_TRUE;
        GF_LOG(GF_LOG_DEBUG, GF_LOG_NETWORK, ("[HTTPS] Initalization of SSL library complete.\n"));
        return GF_FALSE;
@@ -422,6 +430,7 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
        }
 
        switch (mode) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
        case 0:
                meth = SSLv23_client_method();
                break;
@@ -436,6 +445,11 @@ static int ssl_init(GF_DownloadManager *dm, u32 mode)
        case 3:
                meth = TLSv1_client_method();
                break;
+#else /* for openssl 1.1+ this is the prefered method */
+       case 0:
+               meth = TLS_client_method();
+               break;
+#endif
        default:
                goto error;
        }
@@ -1225,7 +1239,7 @@ static GF_Err gf_dm_read_data(GF_DownloadSession *sess, char *data, u32 data_siz
                gf_mx_v(sess->mx);
                return GF_IP_CONNECTION_CLOSED;
        }
-       
+
 #ifdef GPAC_HAS_SSL
        if (sess->ssl) {
                s32 size;
@@ -1451,7 +1465,11 @@ static void gf_dm_connect(GF_DownloadSession *sess)
                                                        const GENERAL_NAME *altname = sk_GENERAL_NAME_value(altnames, i);
                                                        if (altname->type == GEN_DNS)
                                                        {
-                                                               unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
+                                                               #if OPENSSL_VERSION_NUMBER < 0x10100000L
+                                                                       unsigned char *altname_str = ASN1_STRING_data(altname->d.ia5);
+                                                               #else
+                                                                       unsigned char *altname_str = (unsigned char *)ASN1_STRING_get0_data(altname->d.ia5);
+                                                               #endif
                                                                gf_list_add(valid_names, altname_str);
                                                        }
                                                }