diff options
| author | Andre Heider | 2023-06-14 08:09:56 +0000 |
|---|---|---|
| committer | Jiri Slachta | 2026-02-23 19:12:42 +0000 |
| commit | 9ad2f4625388af8ea00a7bf97518e4da158e79fc (patch) | |
| tree | 3af469be1a50ffeb536f14f0147958f209f49ec7 | |
| parent | 04c1b2a250959821fe3e5ba0371a4bc534314284 (diff) | |
| download | telephony-9ad2f4625388af8ea00a7bf97518e4da158e79fc.tar.gz | |
asterix: fix build with CONFIG_OPENSSL_NO_DEPRECATED
Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
| -rw-r--r-- | net/asterisk/patches/200-res_crypto-fix-compilation.patch | 20 | ||||
| -rw-r--r-- | net/asterisk/patches/201-Fix-compilation-with-OPENSSL_NO_DEPRECATED.patch | 61 |
2 files changed, 81 insertions, 0 deletions
diff --git a/net/asterisk/patches/200-res_crypto-fix-compilation.patch b/net/asterisk/patches/200-res_crypto-fix-compilation.patch new file mode 100644 index 0000000..d632f98 --- /dev/null +++ b/net/asterisk/patches/200-res_crypto-fix-compilation.patch @@ -0,0 +1,20 @@ +From 2e296a9a6864dd18ae44ad3c9a224cb41be09a3e Mon Sep 17 00:00:00 2001 +From: Andre Heider <a.heider@gmail.com> +Date: Thu, 20 Oct 2022 10:02:37 +0200 +Subject: [PATCH] res_crypto: fix compilation + +res_crypto.c:383:84: error: 'RSA_PKCS1_PADDING' undeclared (first use in this function) +--- + res/res_crypto.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/res/res_crypto.c ++++ b/res/res_crypto.c +@@ -39,6 +39,7 @@ + #include <openssl/err.h> /* for ERR_print_errors_fp */ + #include <openssl/ssl.h> /* for NID_sha1, RSA */ + #include <openssl/evp.h> /* for EVP_PKEY, EVP_sha1(), ... */ ++#include <openssl/rsa.h> /* for EVP_PKEY_CTX_set_rsa_padding(), ... */ + #include <openssl/md5.h> /* for MD5_DIGEST_LENGTH */ + #include <openssl/sha.h> /* for SHA_DIGEST_LENGTH */ + diff --git a/net/asterisk/patches/201-Fix-compilation-with-OPENSSL_NO_DEPRECATED.patch b/net/asterisk/patches/201-Fix-compilation-with-OPENSSL_NO_DEPRECATED.patch new file mode 100644 index 0000000..3b7bc8a --- /dev/null +++ b/net/asterisk/patches/201-Fix-compilation-with-OPENSSL_NO_DEPRECATED.patch @@ -0,0 +1,61 @@ +From 0f6efaf64d11fc6b06621576ea90d06b7bba9dcd Mon Sep 17 00:00:00 2001 +From: Andre Heider <a.heider@gmail.com> +Date: Tue, 21 Feb 2023 13:23:36 +0100 +Subject: [PATCH] Fix compilation with OPENSSL_NO_DEPRECATED + +--- + main/tcptls.c | 10 ++++------ + res/res_rtp_asterisk.c | 2 +- + 2 files changed, 5 insertions(+), 7 deletions(-) + +--- a/main/tcptls.c ++++ b/main/tcptls.c +@@ -46,8 +46,7 @@ + #include <openssl/x509v3.h> /* for GENERAL_NAME, sk_GENERAL_NAME... */ + #ifndef OPENSSL_NO_DH + #include <openssl/bio.h> /* for BIO_free, BIO_new_file */ +-#include <openssl/dh.h> /* for DH_free */ +-#include <openssl/pem.h> /* for PEM_read_bio_DHparams */ ++#include <openssl/pem.h> /* for PEM_read_bio_Parameters */ + #endif /* OPENSSL_NO_DH */ + #ifndef OPENSSL_NO_EC + #include <openssl/ec.h> /* for EC_KEY_free, EC_KEY_new_by_cu... */ +@@ -189,7 +188,7 @@ static void *handle_tcptls_connection(vo + || (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) { + X509 *peer; + long res; +- peer = SSL_get_peer_certificate(ssl); ++ peer = SSL_get1_peer_certificate(ssl); + if (!peer) { + ast_log(LOG_ERROR, "No SSL certificate to verify from peer '%s'\n", + ast_sockaddr_stringify(&tcptls_session->remote_address)); +@@ -530,16 +529,15 @@ static int __ssl_setup(struct ast_tls_co + if (!ast_strlen_zero(cfg->pvtfile)) { + BIO *bio = BIO_new_file(cfg->pvtfile, "r"); + if (bio != NULL) { +- DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); ++ EVP_PKEY *dh = PEM_read_bio_Parameters(bio, NULL); + if (dh != NULL) { +- if (SSL_CTX_set_tmp_dh(cfg->ssl_ctx, dh)) { ++ if (SSL_CTX_set0_tmp_dh_pkey(cfg->ssl_ctx, dh)) { + long options = SSL_OP_CIPHER_SERVER_PREFERENCE | SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE; + options = SSL_CTX_set_options(cfg->ssl_ctx, options); + if (!suppress_progress_msgs) { + ast_verb(2, "TLS/SSL DH initialized, PFS cipher-suites enabled\n"); + } + } +- DH_free(dh); + } + BIO_free(bio); + } +--- a/res/res_rtp_asterisk.c ++++ b/res/res_rtp_asterisk.c +@@ -3122,7 +3122,7 @@ static int dtls_srtp_setup(struct ast_rt + if (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_FINGERPRINT) { + X509 *certificate; + +- if (!(certificate = SSL_get_peer_certificate(dtls->ssl))) { ++ if (!(certificate = SSL_get1_peer_certificate(dtls->ssl))) { + ast_log(LOG_WARNING, "No certificate was provided by the peer on RTP instance '%p'\n", instance); + return -1; + } |