RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

compile fixes for openssl >= 1.1.0 

Change-Id: I815c89dde5b6e85b9887dcaf04c25f0a45dcfd5c
pull/317/head
Richard Fuchs 9 years ago
parent
2b72fdec73
commit
1d5668d793
4 changed files with 77 additions and 22 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +47
    -12
      daemon/crypto.c
  2. +4
    -0
      daemon/dtls.c
  3. +8
    -2
      daemon/main.c
  4. +18
    -8
      daemon/stun.c

+ 47
- 12
daemon/crypto.c View File

@ -260,15 +260,26 @@ done:
}
static void aes_ctr_128_no_ctx(unsigned char *out, str *in, const unsigned char *key, const unsigned char *iv) {
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX *ctx;
unsigned char block[16];
int len;
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit_ex(&ctx, EVP_aes_128_ecb(), NULL, key, NULL);
aes_ctr_128(out, in, &ctx, iv);
EVP_EncryptFinal_ex(&ctx, block, &len);
EVP_CIPHER_CTX_cleanup(&ctx);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
ctx = EVP_CIPHER_CTX_new();
#else
EVP_CIPHER_CTX ctx_s;
ctx = &ctx_s;
EVP_CIPHER_CTX_init(ctx);
#endif
EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, NULL);
aes_ctr_128(out, in, ctx, iv);
EVP_EncryptFinal_ex(ctx, block, &len);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_CIPHER_CTX_free(ctx);
#else
EVP_CIPHER_CTX_cleanup(ctx);
#endif
}
/* rfc 3711 section 4.3.1 and 4.3.3
@ -463,15 +474,27 @@ static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r,
/* rfc 3711, sections 4.2 and 4.2.1 */
static int hmac_sha1_rtp(struct crypto_context *c, char *out, str *in, u_int64_t index) {
unsigned char hmac[20];
HMAC_CTX hc;
u_int32_t roc;
HMAC_CTX *hc;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
hc = HMAC_CTX_new();
#else
HMAC_CTX hc_s;
HMAC_CTX_init(&hc_s);
hc = &hc_s;
#endif
HMAC_Init(&hc, c->session_auth_key, c->params.crypto_suite->srtp_auth_key_len, EVP_sha1());
HMAC_Update(&hc, (unsigned char *) in->s, in->len);
HMAC_Init_ex(hc, c->session_auth_key, c->params.crypto_suite->srtp_auth_key_len, EVP_sha1(), NULL);
HMAC_Update(hc, (unsigned char *) in->s, in->len);
roc = htonl((index & 0xffffffff0000ULL) >> 16);
HMAC_Update(&hc, (unsigned char *) &roc, sizeof(roc));
HMAC_Final(&hc, hmac, NULL);
HMAC_CTX_cleanup(&hc);
HMAC_Update(hc, (unsigned char *) &roc, sizeof(roc));
HMAC_Final(hc, hmac, NULL);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
HMAC_CTX_free(hc);
#else
HMAC_CTX_cleanup(hc);
#endif
assert(sizeof(hmac) >= c->params.crypto_suite->srtp_auth_tag);
memcpy(out, hmac, c->params.crypto_suite->srtp_auth_tag);
@ -495,8 +518,12 @@ static int hmac_sha1_rtcp(struct crypto_context *c, char *out, str *in) {
static int aes_cm_session_key_init(struct crypto_context *c) {
evp_session_key_cleanup(c);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
c->session_key_ctx[0] = EVP_CIPHER_CTX_new();
#else
c->session_key_ctx[0] = g_slice_alloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(c->session_key_ctx[0]);
#endif
EVP_EncryptInit_ex(c->session_key_ctx[0], EVP_aes_128_ecb(), NULL,
(unsigned char *) c->session_key, NULL);
return 0;
@ -522,8 +549,12 @@ static int aes_f8_session_key_init(struct crypto_context *c) {
for (i = 0; i < k_e_len; i++)
m[i] ^= key[i];
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
c->session_key_ctx[1] = EVP_CIPHER_CTX_new();
#else
c->session_key_ctx[1] = g_slice_alloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(c->session_key_ctx[1]);
#endif
EVP_EncryptInit_ex(c->session_key_ctx[1], EVP_aes_128_ecb(), NULL, m, NULL);
return 0;
@ -538,8 +569,12 @@ static int evp_session_key_cleanup(struct crypto_context *c) {
continue;
EVP_EncryptFinal_ex(c->session_key_ctx[i], block, &len);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_CIPHER_CTX_free(c->session_key_ctx[i]);
#else
EVP_CIPHER_CTX_cleanup(c->session_key_ctx[i]);
g_slice_free1(sizeof(EVP_CIPHER_CTX), c->session_key_ctx[i]);
#endif
c->session_key_ctx[i] = NULL;
}


+ 4
- 0
daemon/dtls.c View File

@ -488,7 +488,11 @@ int dtls_connection_init(struct packet_stream *ps, int active, struct dtls_cert
dtls_connection_cleanup(d);
}
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
d->ssl_ctx = SSL_CTX_new(active ? DTLS_client_method() : DTLS_server_method());
#else
d->ssl_ctx = SSL_CTX_new(active ? DTLSv1_client_method() : DTLSv1_server_method());
#endif
if (!d->ssl_ctx)
goto error;


+ 8
- 2
daemon/main.c View File

@ -43,8 +43,6 @@ struct main_context {
static mutex_t *openssl_locks;
static GQueue interfaces = G_QUEUE_INIT;
static GQueue keyspaces = G_QUEUE_INIT;
static endpoint_t tcp_listen_ep;
@ -448,6 +446,9 @@ static void options(int *argc, char ***argv) {
}
#if OPENSSL_VERSION_NUMBER < 0x10100000L
static mutex_t *openssl_locks;
static void cb_openssl_threadid(CRYPTO_THREADID *tid) {
pthread_t me;
@ -476,6 +477,11 @@ static void make_OpenSSL_thread_safe(void) {
CRYPTO_THREADID_set_callback(cb_openssl_threadid);
CRYPTO_set_locking_callback(cb_openssl_lock);
}
#else
static void make_OpenSSL_thread_safe(void) {
;
}
#endif
static void early_init() {


+ 18
- 8
daemon/stun.c View File

@ -328,17 +328,27 @@ static void fingerprint(struct msghdr *mh, struct fingerprint *fp) {
static void __integrity(struct iovec *iov, int iov_cnt, str *pwd, char *digest) {
int i;
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
HMAC_CTX *ctx;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
ctx = HMAC_CTX_new();
#else
HMAC_CTX ctx_s;
HMAC_CTX_init(&ctx_s);
ctx = &ctx_s;
#endif
/* do we need to SASLprep here? */
HMAC_Init(&ctx, pwd->s, pwd->len, EVP_sha1());
HMAC_Init_ex(ctx, pwd->s, pwd->len, EVP_sha1(), NULL);
for (i = 0; i < iov_cnt; i++)
HMAC_Update(&ctx, iov[i].iov_base, iov[i].iov_len);
HMAC_Final(&ctx, (void *) digest, NULL);
HMAC_CTX_cleanup(&ctx);
HMAC_Update(ctx, iov[i].iov_base, iov[i].iov_len);
HMAC_Final(ctx, (void *) digest, NULL);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
HMAC_CTX_free(ctx);
#else
HMAC_CTX_cleanup(ctx);
#endif
}
static void integrity(struct msghdr *mh, struct msg_integrity *mi, str *pwd) {


Write Preview
Loading…
Cancel
Save