From 63913d9849ce1222d92b6137ef33e7cace21d078 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Mon, 14 Oct 2019 16:59:27 -0700 Subject: [PATCH] crtmpserver: Remove It has several compilation bugs in addition to being under no development. There are also alternatives in the tree. Signed-off-by: Rosen Penev --- multimedia/crtmpserver/Makefile | 98 ---- multimedia/crtmpserver/files/crtmpserver.init | 30 -- .../patches/030-default-config.patch | 51 -- .../crtmpserver/patches/040-syslog.patch | 11 - .../patches/070-disable-apple-streaming.patch | 12 - .../crtmpserver/patches/080-fix-define.patch | 11 - .../patches/090-openssl-1.1-compat.patch | 494 ------------------ 7 files changed, 707 deletions(-) delete mode 100644 multimedia/crtmpserver/Makefile delete mode 100644 multimedia/crtmpserver/files/crtmpserver.init delete mode 100644 multimedia/crtmpserver/patches/030-default-config.patch delete mode 100644 multimedia/crtmpserver/patches/040-syslog.patch delete mode 100644 multimedia/crtmpserver/patches/070-disable-apple-streaming.patch delete mode 100644 multimedia/crtmpserver/patches/080-fix-define.patch delete mode 100644 multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch diff --git a/multimedia/crtmpserver/Makefile b/multimedia/crtmpserver/Makefile deleted file mode 100644 index 0a19c1def..000000000 --- a/multimedia/crtmpserver/Makefile +++ /dev/null @@ -1,98 +0,0 @@ -# -# Copyright (C) 2010 OpenWrt.org -# -# This is free software, licensed under the GNU General Public License v2. -# See /LICENSE for more information. -# - -include $(TOPDIR)/rules.mk - -PKG_NAME:=crtmpserver -PKG_SOURCE_DATE:=2015-10-04 -PKG_SOURCE_VERSION:=b866fffca37c3b967a8878499cd2b91aa2587f34 -PKG_RELEASE:=2 - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz -PKG_SOURCE_URL:=https://codeload.github.com/shiretu/crtmpserver/tar.gz/$(PKG_SOURCE_VERSION)? -PKG_HASH:=3744bef060129fda6f7902eb64f566b0d5049864dc542b2882c550b083ef82aa -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION) - -PKG_MAINTAINER:=Thomas Heil -PKG_LICENSE:=GPL-3.0 -PKG_LICENSE_FILES:=LICENSE - -PKG_BUILD_PARALLEL:=1 - -include $(INCLUDE_DIR)/package.mk - -define Package/crtmpserver - SECTION:=multimedia - CATEGORY:=Multimedia - DEPENDS:=+libstdcpp +libopenssl +liblua - TITLE:=C++ RTMP Server -endef - -define Package/crtmpserver/description -C++ RTMP Server it is a high performance streaming server able to -stream (live or recorded) in the following technologies: - * To and from Flash (RTMP,RTMPE, RTMPS, RTMPT, RTMPTE) - * To and from embedded devices: iPhone, Android - * From surveillance cameras - * IP-TV using MPEG-TS and RTSP/RTCP/RTP protocols - -Also, crtmpserver can be used as a high performance rendes-vous -server. For example, it enables you to do: - * Audio/Video conferencing - * Online gaming - * Online collaboration - * Simple/complex chat applications -endef - -define Package/crtmpserver/conffiles -/etc/crtmpserver.lua -endef - -# XXX: this hack handles the usr/bin vs bin difference of backfire and trunk -TS_BASE:=$(wildcard $(TOOLCHAIN_DIR)/bin/$(TARGET_CC)) -TS_BASE:=$(dir $(if $(TS_BASE),$(TS_BASE),$(wildcard $(TOOLCHAIN_DIR)/usr/bin/$(TARGET_CC)))) - -define Build/Configure - (cd $(PKG_BUILD_DIR)/builders/make; \ - cp linux.mk linux-openwrt-uclibc.mk; \ - $(SED) 's,^TOOLCHAIN_BASE[[:space:]]*=.*,TOOLCHAIN_BASE=$(TS_BASE),' \ - -e 's,^TOOLCHAIN_PREFIX[[:space:]]*=.*,TOOLCHAIN_PREFIX=$(TARGET_CROSS),' \ - -e 's,^CCOMPILER[[:space:]]*=.*,CCOMPILER=$(TARGET_CC),' \ - -e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX) -std=gnu++03,' \ - -e 's,^OPTIMIZATIONS[[:space:]]*=.*,OPTIMIZATIONS=-O2,' \ - -e 's,^SSL_BASE[[:space:]]*=.*,SSL_BASE=$(STAGING_DIR)/usr,' \ - linux-openwrt-uclibc.mk) - (cd $(PKG_BUILD_DIR)/sources/common/include/; \ - echo '#define CRTMPSERVER_VERSION_RELEASE_NUMBER "$(PKG_VERSION)\n"' > version.h; \ - echo '#define CRTMPSERVER_VERSION_CODE_NAME "Git\n"' >> version.h) -endef - -define Build/Compile - +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR)/builders/make \ - PLATFORM=linux-openwrt-uclibc -Wno-error -j6 -endef - -define Package/crtmpserver/install - $(INSTALL_DIR) $(1)/usr/bin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/builders/make/output/dynamic/crtmpserver $(1)/usr/bin/ - $(INSTALL_DIR) $(1)/usr/lib/crtmpserver - $(CP) $(PKG_BUILD_DIR)/builders/make/output/dynamic/*.so $(1)/usr/lib/crtmpserver/ - $(foreach app,flvplayback samplefactory admin stresstest appselector vptests applestreamingclient proxypublish, \ - $(INSTALL_DIR) $(1)/usr/lib/crtmpserver/$(app); \ - $(INSTALL_BIN) $(PKG_BUILD_DIR)/builders/make/output/dynamic/applications/$(app)/lib$(app).so \ - $(1)/usr/lib/crtmpserver/$(app)/; \ - ) - $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) $(PKG_BUILD_DIR)/builders/make/output/dynamic/crtmpserver.lua $(1)/etc/ - $(INSTALL_DIR) $(1)/usr/share/crtmpserver/appselector - $(INSTALL_DIR) $(1)/usr/share/crtmpserver/media - $(INSTALL_DIR) $(1)/etc/init.d - $(INSTALL_BIN) ./files/crtmpserver.init $(1)/etc/init.d/crtmpserver -endef - -$(eval $(call BuildPackage,crtmpserver)) - diff --git a/multimedia/crtmpserver/files/crtmpserver.init b/multimedia/crtmpserver/files/crtmpserver.init deleted file mode 100644 index cea35121b..000000000 --- a/multimedia/crtmpserver/files/crtmpserver.init +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh /etc/rc.common -# Copyright (C) 2009-2010 OpenWrt.org - -START=99 -STOP=80 - -SERVICE_USE_PID=1 - -CRTMPSERVER_BIN="/usr/bin/crtmpserver" -CRTMPSERVER_CONFIG="/etc/crtmpserver.lua" -CRTMPSERVER_PID="/var/run/crtmpserver.pid" - -start() -{ - echo "start $CRTMPSERVER_BIN" - start-stop-daemon -S -x "$CRTMPSERVER_BIN" -- --daemon --pid="$CRTMPSERVER_PID" \ - "$CRTMPSERVER_CONFIG" -} -stop() { - - echo "stop $CRTMPSERVER_BIN" - start-stop-daemon -K -x $CRTMPSERVER_BIN -p $CRTMPSERVER_PID -} - -reload() -{ - stop - start -} - diff --git a/multimedia/crtmpserver/patches/030-default-config.patch b/multimedia/crtmpserver/patches/030-default-config.patch deleted file mode 100644 index 6580adcd5..000000000 --- a/multimedia/crtmpserver/patches/030-default-config.patch +++ /dev/null @@ -1,51 +0,0 @@ ---- a/builders/cmake/crtmpserver/crtmpserver.lua -+++ b/builders/cmake/crtmpserver/crtmpserver.lua -@@ -4,7 +4,7 @@ configuration= - { - -- if true, the server will run as a daemon. - -- NOTE: all console appenders will be ignored if this is a daemon -- daemon=false, -+ daemon=true, - -- the OS's path separator. Used in composing paths - pathSeparator="/", - -@@ -44,7 +44,7 @@ configuration= - { - -- this is the root directory of all applications - -- usually this is relative to the binary execuable -- rootDirectory="applications", -+ rootDirectory="/usr/lib/crtmpserver", - - - --this is where the applications array starts -@@ -68,7 +68,7 @@ configuration= - -- this is the folder from where the current application gets it's content. - -- It is optional. If not specified, it will be defaulted to: - -- //mediaFolder -- -- mediaFolder="/some/directory/where/media/files/are/stored" -+ mediaFolder="/media", - -- the application will also be known by that names. It is optional - --aliases= - --{ -@@ -87,13 +87,6 @@ configuration= - port=1935, - protocol="inboundRtmp" - }, -- { -- ip="0.0.0.0", -- port=8081, -- protocol="inboundRtmps", -- sslKey="server.key", -- sslCert="server.crt" -- }, - { - ip="0.0.0.0", - port=8080, -@@ -206,6 +199,7 @@ configuration= - name="samplefactory", - description="asdsadasdsa", - protocol="dynamiclinklibrary", -+ mediaFolder="/usr/share/ctmpserver/media", - aliases= - { - "httpOutboundTest" diff --git a/multimedia/crtmpserver/patches/040-syslog.patch b/multimedia/crtmpserver/patches/040-syslog.patch deleted file mode 100644 index d45776d3c..000000000 --- a/multimedia/crtmpserver/patches/040-syslog.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/sources/common/src/utils/logging/syslogloglocation.cpp -+++ b/sources/common/src/utils/logging/syslogloglocation.cpp -@@ -35,8 +35,6 @@ SyslogLogLocation::SyslogLogLocation(Variant &configuration, string identifier, - _priorities[_WARNING_] = LOG_WARNING; - _priorities[_ERROR_] = LOG_ERR; - _priorities[_FATAL_] = LOG_ERR; -- _priorities[_PROD_ACCESS_] = LOG_ERR; -- _priorities[_PROD_ERROR_] = LOG_ERR; - _specificLevel = specificLevel; - _enforceLoggerName = (_configuration[CONF_LOG_APPENDER_NAME] != ""); - _pDefualtFormatter = NULL; diff --git a/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch b/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch deleted file mode 100644 index cde14fe4b..000000000 --- a/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/builders/make/apps.mk -+++ b/builders/make/apps.mk -@@ -110,6 +110,6 @@ vptests: thelib $(VPTESTS_OBJS) - %.vptests.o: %.cpp - $(CXXCOMPILER) $(COMPILE_FLAGS) $(DEFINES) $(VPTESTS_INCLUDE) -c $< -o $@ - --ALL_APPS_OBJS= $(ADMIN_OBJS) $(APPLESTREAMINGCLIENT_OBJS) $(APPSELECTOR_OBJS) $(FLVPLAYBACK_OBJS) $(PROXYPUBLISH_OBJS) $(SAMPLEFACTORY_OBJS) $(STRESSTEST_OBJS) $(VPTESTS_OBJS) --ACTIVE_APPS= -DHAS_APP_ADMIN -DHAS_APP_APPLESTREAMINGCLIENT -DHAS_APP_APPSELECTOR -DHAS_APP_FLVPLAYBACK -DHAS_APP_PROXYPUBLISH -DHAS_APP_SAMPLEFACTORY -DHAS_APP_STRESSTEST -DHAS_APP_VPTESTS --applications: thelib admin applestreamingclient appselector flvplayback proxypublish samplefactory stresstest vptests -+ALL_APPS_OBJS= $(ADMIN_OBJS) $(APPSELECTOR_OBJS) $(FLVPLAYBACK_OBJS) $(PROXYPUBLISH_OBJS) $(SAMPLEFACTORY_OBJS) $(STRESSTEST_OBJS) $(VPTESTS_OBJS) -+ACTIVE_APPS= -DHAS_APP_ADMIN -DHAS_APP_APPSELECTOR -DHAS_APP_FLVPLAYBACK -DHAS_APP_PROXYPUBLISH -DHAS_APP_SAMPLEFACTORY -DHAS_APP_STRESSTEST -DHAS_APP_VPTESTS -+applications: thelib admin appselector flvplayback proxypublish samplefactory stresstest vptests diff --git a/multimedia/crtmpserver/patches/080-fix-define.patch b/multimedia/crtmpserver/patches/080-fix-define.patch deleted file mode 100644 index f835fc9d2..000000000 --- a/multimedia/crtmpserver/patches/080-fix-define.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h -+++ b/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h -@@ -18,7 +18,7 @@ - */ - - --#if defined HAS_PROTOCOL_TS && defined HAS_MEDIA_TS -+#if defined HAS_PROTOCOL_TS || defined HAS_MEDIA_TS - #ifndef _BASETSAPPPROTOCOLHANDLER_H - #define _BASETSAPPPROTOCOLHANDLER_H - diff --git a/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch b/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch deleted file mode 100644 index 19ba6716d..000000000 --- a/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch +++ /dev/null @@ -1,494 +0,0 @@ ---- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h -+++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h -@@ -30,7 +30,7 @@ namespace app_applestreamingclient { - private: - IOBuffer _tempBuffer; - IOBuffer _inputBuffer; -- EVP_CIPHER_CTX _decContex; -+ EVP_CIPHER_CTX *_decContex; - bool _lastChunk; - uint8_t *_pIV; - uint8_t *_pKey; ---- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp -+++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp -@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol() - memset(_pIV, 0, 16); - _pKey = new uint8_t[16]; - memset(_pKey, 0, 16); -- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); -+ _decContex = EVP_CIPHER_CTX_new(); - _totalDecrypted = 0; - } - - InboundAESProtocol::~InboundAESProtocol() { -- EVP_CIPHER_CTX_cleanup(&_decContex); -- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); -+ EVP_CIPHER_CTX_free(_decContex); - delete[] _pIV; - delete[] _pKey; - } -@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Variant ¶meters) { - _inputBuffer.IgnoreAll(); - _tempBuffer.IgnoreAll(); - -- EVP_CIPHER_CTX_cleanup(&_decContex); -- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); -- EVP_CIPHER_CTX_init(&_decContex); -- EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV); -- EVP_CIPHER_CTX_set_padding(&_decContex, 0); -+ EVP_CIPHER_CTX_reset(_decContex); -+ EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV); -+ EVP_CIPHER_CTX_set_padding(_decContex, 0); - - return true; - } -@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData(IOBuffer &buffer) { - int decryptedFinalSize = 0; - uint32_t padding = 0; - -- EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize); -+ EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize); - _totalDecrypted += decryptedSize; - - //6. Decrypt leftovers - bool transferCompleted = false; - if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) { - transferCompleted = true; -- EVP_DecryptFinal_ex(&_decContex, -+ EVP_DecryptFinal_ex(_decContex, - pTempData + decryptedSize, - &decryptedFinalSize); - _totalDecrypted += decryptedFinalSize; ---- a/sources/common/include/utils/misc/crypto.h -+++ b/sources/common/include/utils/misc/crypto.h -@@ -33,6 +33,7 @@ - #include - #include - #include -+#include "utils/misc/libcrypto-compat.h" - - /*! - @class DHWrapper -@@ -83,7 +84,7 @@ public: - bool CopySharedKey(uint8_t *pDst, int32_t dstLength); - private: - void Cleanup(); -- bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength); -+ bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength); - }; - - DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut, ---- /dev/null -+++ b/sources/common/include/utils/misc/libcrypto-compat.h -@@ -0,0 +1,26 @@ -+#ifndef LIBCRYPTO_COMPAT_H -+#define LIBCRYPTO_COMPAT_H -+ -+#include -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+#include -+#include -+#include -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); -+int DH_set_length(DH *dh, long length); -+ -+EVP_MD_CTX *EVP_MD_CTX_new(void); -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx); -+#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup -+ -+HMAC_CTX *HMAC_CTX_new(void); -+void HMAC_CTX_free(HMAC_CTX *ctx); -+#define HMAC_CTX_reset HMAC_CTX_cleanup -+ -+#endif /* OPENSSL_VERSION_NUMBER */ -+ -+#endif /* LIBCRYPTO_COMPAT_H */ ---- a/sources/common/src/utils/misc/crypto.cpp -+++ b/sources/common/src/utils/misc/crypto.cpp -@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() { - } - - bool DHWrapper::Initialize() { -+ BIGNUM *p = NULL, *g = NULL; - Cleanup(); - - //1. Create the DH -@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() { - } - - //2. Create his internal p and g -- _pDH->p = BN_new(); -- if (_pDH->p == NULL) { -+ p = BN_new(); -+ if (p == NULL) { - FATAL("Unable to create p"); -- Cleanup(); -- return false; -+ goto return_error; - } -- _pDH->g = BN_new(); -- if (_pDH->g == NULL) { -+ g = BN_new(); -+ if (g == NULL) { - FATAL("Unable to create g"); -- Cleanup(); -- return false; -+ goto return_error; - } - - //3. initialize p, g and key length -- if (BN_hex2bn(&_pDH->p, P1024) == 0) { -+ if (BN_hex2bn(&p, P1024) == 0) { - FATAL("Unable to parse P1024"); -- Cleanup(); -- return false; -+ goto return_error; - } -- if (BN_set_word(_pDH->g, 2) != 1) { -+ if (BN_set_word(g, 2) != 1) { - FATAL("Unable to set g"); -- Cleanup(); -- return false; -+ goto return_error; -+ } -+ -+ //4. Set internal p and g -+ if (DH_set0_pqg(_pDH, p, NULL, g) != 1) { -+ FATAL("Unable to set internal p and g"); -+ goto return_error; - } -+ p = g = NULL; - -- //4. Set the key length -- _pDH->length = _bitsCount; -+ //5. Set the key length -+ if (DH_set_length(_pDH, _bitsCount) != 1) { -+ FATAL("Unable to set length"); -+ goto return_error; -+ } - -- //5. Generate private and public key -+ //6. Generate private and public key - if (DH_generate_key(_pDH) != 1) { - FATAL("Unable to generate DH public/private keys"); -- Cleanup(); -- return false; -+ goto return_error; - } - - return true; -+ -+return_error: -+ if (p != NULL) BN_free(p); -+ if (g != NULL) BN_free(g); -+ Cleanup(); -+ return false; - } - - bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) { -@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) { - return false; - } - -- return CopyKey(_pDH->pub_key, pDst, dstLength); -+ const BIGNUM *pub_key; -+ DH_get0_key(_pDH, &pub_key, NULL); -+ return CopyKey(pub_key, pDst, dstLength); - } - - bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) { -@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) { - return false; - } - -- return CopyKey(_pDH->priv_key, pDst, dstLength); -+ const BIGNUM *priv_key; -+ DH_get0_key(_pDH, NULL, &priv_key); -+ return CopyKey(priv_key, pDst, dstLength); - } - - bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) { -@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *pDst, int32_t dstLength) { - - void DHWrapper::Cleanup() { - if (_pDH != NULL) { -- if (_pDH->p != NULL) { -- BN_free(_pDH->p); -- _pDH->p = NULL; -- } -- if (_pDH->g != NULL) { -- BN_free(_pDH->g); -- _pDH->g = NULL; -- } - DH_free(_pDH); - _pDH = NULL; - } -@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() { - } - } - --bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) { -+bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) { - int32_t keySize = BN_num_bytes(pNum); - if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) { - FATAL("CopyPublicKey failed due to either invalid DH state or invalid call"); -@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut - uint8_t digest[SHA256_DIGEST_LENGTH]; - unsigned int digestLen = 0; - -- HMAC_CTX ctx; -- HMAC_CTX_init(&ctx); -- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0); -- HMAC_Update(&ctx, pubKeyIn, 128); -- HMAC_Final(&ctx, digest, &digestLen); -- HMAC_CTX_cleanup(&ctx); -+ HMAC_CTX *ctx; -+ ctx = HMAC_CTX_new(); -+ if (ctx == NULL) -+ return; -+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0); -+ HMAC_Update(ctx, pubKeyIn, 128); -+ HMAC_Final(ctx, digest, &digestLen); -+ HMAC_CTX_reset(ctx); - - RC4_set_key(rc4keyOut, 16, digest); - -- HMAC_CTX_init(&ctx); -- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0); -- HMAC_Update(&ctx, pubKeyOut, 128); -- HMAC_Final(&ctx, digest, &digestLen); -- HMAC_CTX_cleanup(&ctx); -+ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0); -+ HMAC_Update(ctx, pubKeyOut, 128); -+ HMAC_Final(ctx, digest, &digestLen); -+ HMAC_CTX_free(ctx); - - RC4_set_key(rc4keyIn, 16, digest); - } -@@ -220,14 +229,17 @@ string md5(string source, bool textResult) { - } - - string md5(uint8_t *pBuffer, uint32_t length, bool textResult) { -- EVP_MD_CTX mdctx; -+ EVP_MD_CTX *mdctx; - unsigned char md_value[EVP_MAX_MD_SIZE]; - unsigned int md_len; - -- EVP_DigestInit(&mdctx, EVP_md5()); -- EVP_DigestUpdate(&mdctx, pBuffer, length); -- EVP_DigestFinal_ex(&mdctx, md_value, &md_len); -- EVP_MD_CTX_cleanup(&mdctx); -+ mdctx = EVP_MD_CTX_new(); -+ if (mdctx == NULL) -+ return ""; -+ EVP_DigestInit(mdctx, EVP_md5()); -+ EVP_DigestUpdate(mdctx, pBuffer, length); -+ EVP_DigestFinal_ex(mdctx, md_value, &md_len); -+ EVP_MD_CTX_free(mdctx); - - if (textResult) { - string result = ""; -@@ -259,12 +271,12 @@ void HMACsha256(const void *pData, uint32_t dataLength, - const void *pKey, uint32_t keyLength, void *pResult) { - unsigned int digestLen; - -- HMAC_CTX ctx; -- HMAC_CTX_init(&ctx); -- HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL); -- HMAC_Update(&ctx, (unsigned char *) pData, dataLength); -- HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen); -- HMAC_CTX_cleanup(&ctx); -+ HMAC_CTX *ctx; -+ ctx = HMAC_CTX_new(); -+ HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL); -+ HMAC_Update(ctx, (unsigned char *) pData, dataLength); -+ HMAC_Final(ctx, (unsigned char *) pResult, &digestLen); -+ HMAC_CTX_free(ctx); - - o_assert(digestLen == 32); - } -@@ -397,8 +409,8 @@ string unhex(const uint8_t *pBuffer, uint32_t length) { - } - - void CleanupSSL() { --#ifndef NO_SSL_ENGINE_CLEANUP -- ERR_remove_state(0); -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ ERR_remove_thread_state(NULL); - ENGINE_cleanup(); - CONF_modules_unload(1); - ERR_free_strings(); ---- /dev/null -+++ b/sources/common/src/utils/misc/libcrypto-compat.cpp -@@ -0,0 +1,90 @@ -+/* -+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. -+ * -+ * Licensed under the OpenSSL license (the "License"). You may not use -+ * this file except in compliance with the License. You can obtain a copy -+ * in the file LICENSE in the source distribution or at -+ * https://www.openssl.org/source/license.html -+ */ -+ -+#include "utils/misc/libcrypto-compat.h" -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ -+#include -+ -+static void *OPENSSL_zalloc(size_t num) -+{ -+ void *ret = OPENSSL_malloc(num); -+ -+ if (ret != NULL) -+ memset(ret, 0, num); -+ return ret; -+} -+ -+int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p == NULL && p == NULL) -+ || (dh->g == NULL && g == NULL)) -+ return 0; -+ -+ if (p != NULL) { -+ BN_free(dh->p); -+ dh->p = p; -+ } -+ if (q != NULL) { -+ BN_free(dh->q); -+ dh->q = q; -+ } -+ if (g != NULL) { -+ BN_free(dh->g); -+ dh->g = g; -+ } -+ -+ if (q != NULL) { -+ dh->length = BN_num_bits(q); -+ } -+ -+ return 1; -+} -+ -+void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) -+{ -+ if (pub_key != NULL) -+ *pub_key = dh->pub_key; -+ if (priv_key != NULL) -+ *priv_key = dh->priv_key; -+} -+ -+int DH_set_length(DH *dh, long length) -+{ -+ dh->length = length; -+ return 1; -+} -+ -+EVP_MD_CTX *EVP_MD_CTX_new(void) -+{ -+ return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX)); -+} -+ -+void EVP_MD_CTX_free(EVP_MD_CTX *ctx) -+{ -+ EVP_MD_CTX_cleanup(ctx); -+ OPENSSL_free(ctx); -+} -+ -+HMAC_CTX *HMAC_CTX_new(void) -+{ -+ return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX)); -+} -+ -+void HMAC_CTX_free(HMAC_CTX *ctx) -+{ -+ HMAC_CTX_cleanup(ctx); -+ OPENSSL_free(ctx); -+} -+ -+#endif /* OPENSSL_VERSION_NUMBER */ ---- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp -+++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp -@@ -43,6 +43,7 @@ BaseSSLProtocol::~BaseSSLProtocol() { - bool BaseSSLProtocol::Initialize(Variant ¶meters) { - //1. Initialize the SSL library - if (!_libraryInitialized) { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - //3. This is the first time we use the library. So we have to - //initialize it first - SSL_library_init(); -@@ -55,6 +56,7 @@ bool BaseSSLProtocol::Initialize(Variant ¶meters) { - OpenSSL_add_all_algorithms(); - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); -+#endif - - //initialize the random numbers generator - InitRandGenerator(); -@@ -211,6 +213,7 @@ string BaseSSLProtocol::GetSSLErrors() { - - string BaseSSLProtocol::DumpBIO(BIO *pBIO) { - string formatString; -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - formatString = "method: %p\n"; - formatString += "callback: %p\n"; - formatString += "cb_arg: %p\n"; -@@ -240,6 +243,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBIO) { - pBIO->references, - (int64_t) pBIO->num_read, - (int64_t) pBIO->num_write); -+#else -+// Some of these are problematic in openssl >= 1.1, since -+// the BIO struct is opaque. -+ formatString = "method: %s\n"; -+ formatString += "callback: %p\n"; -+ formatString += "cb_arg: %p\n"; -+ formatString += "init: %d\n"; -+ formatString += "shutdown: %d\n"; -+ formatString += "flags: %d\n"; -+ formatString += "retry_reason: %d\n"; -+ formatString += "num: %d\n"; -+ formatString += "ptr: %p\n"; -+ formatString += "next_bio: %p\n"; -+ formatString += "prev_bio: %s\n"; -+ formatString += "references: %s\n"; -+ formatString += "num_read: %"PRId64"\n"; -+ formatString += "num_write: %"PRId64; -+ return format(STR(formatString), -+ BIO_method_name(pBIO), -+ BIO_get_callback(pBIO), -+ BIO_get_callback_arg(pBIO), -+ BIO_get_init(pBIO), -+ BIO_get_shutdown(pBIO), -+ BIO_get_flags(pBIO), -+ BIO_get_retry_reason(pBIO), -+ BIO_get_fd(pBIO, NULL), -+ BIO_get_data(pBIO), -+ BIO_next(pBIO), -+ "unknown", //prev_bio -+ "unknown", //references -+ BIO_number_read(pBIO), -+ BIO_number_written(pBIO)); -+#endif - } - - void BaseSSLProtocol::InitRandGenerator() { ---- a/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp -+++ b/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp -@@ -33,7 +33,7 @@ bool OutboundSSLProtocol::InitGlobalContext(Variant ¶meters) { - _pGlobalSSLContext = _pGlobalContexts[hash]; - if (_pGlobalSSLContext == NULL) { - //2. prepare the global ssl context -- _pGlobalSSLContext = SSL_CTX_new(TLSv1_method()); -+ _pGlobalSSLContext = SSL_CTX_new(SSLv23_method()); - if (_pGlobalSSLContext == NULL) { - FATAL("Unable to create global SSL context"); - return false;