diff --git a/multimedia/crtmpserver/Makefile b/multimedia/crtmpserver/Makefile index f2b80d9ee6..e6ffcec4ce 100644 --- a/multimedia/crtmpserver/Makefile +++ b/multimedia/crtmpserver/Makefile @@ -1,4 +1,4 @@ -# +# # Copyright (C) 2010 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. @@ -8,29 +8,28 @@ include $(TOPDIR)/rules.mk PKG_NAME:=crtmpserver -PKG_REV:=b6fdcdb953d1e99c48a0c37a8c80f2cad2db443b -PKG_VERSION:=2012-07-18+git-$(PKG_REV) -PKG_RELEASE:=2 -PKG_BUILD_PARALLEL:=2 +PKG_SOURCE_DATE:=2015-10-04 +PKG_SOURCE_VERSION:=b866fffca37c3b967a8878499cd2b91aa2587f34 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_DATE).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/shiretu/crtmpserver/tar.gz/$(PKG_SOURCE_VERSION)? +PKG_HASH:=3744bef060129fda6f7902eb64f566b0d5049864dc542b2882c550b083ef82aa +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_SOURCE_VERSION) + PKG_MAINTAINER:=Thomas Heil PKG_LICENSE:=GPL-3.0 +PKG_LICENSE_FILES:=LICENSE - -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_MIRROR_HASH:=8d887996b6b8cb465ec59f3f713fca46161cbb804cacd2b5405f836083fb58ba -PKG_SOURCE_URL:=https://github.com/j0sh/crtmpserver.git -PKG_SOURCE_SUBDIR:=crtmpserver-$(PKG_VERSION) -PKG_SOURCE_VERSION:=$(PKG_REV) -PKG_SOURCE_PROTO:=git +PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk define Package/crtmpserver SECTION:=multimedia CATEGORY:=Multimedia - DEPENDS:=+libopenssl +libstdcpp +liblua + DEPENDS:=+libstdcpp +libopenssl +liblua TITLE:=C++ RTMP Server - URL:=http://www.rtmpd.com/ endef define Package/crtmpserver/description @@ -40,7 +39,7 @@ stream (live or recorded) in the following technologies: * To and from embedded devices: iPhone, Android * From surveillance cameras * IP-TV using MPEG-TS and RTSP/RTCP/RTP protocols - + Also, crtmpserver can be used as a high performance rendes-vous server. For example, it enables you to do: * Audio/Video conferencing @@ -63,7 +62,7 @@ define Build/Configure $(SED) 's,^TOOLCHAIN_BASE[[:space:]]*=.*,TOOLCHAIN_BASE=$(TS_BASE),' \ -e 's,^TOOLCHAIN_PREFIX[[:space:]]*=.*,TOOLCHAIN_PREFIX=$(TARGET_CROSS),' \ -e 's,^CCOMPILER[[:space:]]*=.*,CCOMPILER=$(TARGET_CC),' \ - -e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX),' \ + -e 's,^CXXCOMPILER[[:space:]]*=.*,CXXCOMPILER=$(TARGET_CXX) -std=gnu++03,' \ -e 's,^OPTIMIZATIONS[[:space:]]*=.*,OPTIMIZATIONS=-O2,' \ -e 's,^SSL_BASE[[:space:]]*=.*,SSL_BASE=$(STAGING_DIR)/usr,' \ linux-openwrt-uclibc.mk) diff --git a/multimedia/crtmpserver/patches/010-link-crypt-for-lua.patch b/multimedia/crtmpserver/patches/010-link-crypt-for-lua.patch deleted file mode 100644 index cc49523aec..0000000000 --- a/multimedia/crtmpserver/patches/010-link-crypt-for-lua.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/builders/make/compile.mk -+++ b/builders/make/compile.mk -@@ -72,7 +72,7 @@ TINYXML_OBJS = $(TINYXML_SRCS:.cpp=.tiny - - #common - COMMON_INCLUDE=$(LUA_INCLUDE) $(TINYXML_INCLUDE) $(SSL_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/common/include --COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml -+COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml -lcrypt - COMMON_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/common/src -type f -name "*.cpp") - COMMON_OBJS = $(COMMON_SRCS:.cpp=.common.o) - diff --git a/multimedia/crtmpserver/patches/020-add-rpath.patch b/multimedia/crtmpserver/patches/020-add-rpath.patch deleted file mode 100644 index 1ea8320335..0000000000 --- a/multimedia/crtmpserver/patches/020-add-rpath.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- a/builders/make/linux.mk -+++ b/builders/make/linux.mk -@@ -31,8 +31,8 @@ OPTIMIZATIONS = -O3 - COMPILE_FLAGS = $(FPIC) $(OPTIMIZATIONS) $(CFLAGS) - - #linking flags --dynamic_lib_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-soname,$(DYNAMIC_LIB_PREFIX)$(1)$(DYNAMIC_LIB_SUFIX) -Wl,-rpath,"\$$ORIGIN" --dynamic_exec_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-rpath,"\$$ORIGIN" -+dynamic_lib_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-soname,$(DYNAMIC_LIB_PREFIX)$(1)$(DYNAMIC_LIB_SUFIX) -Wl,-rpath,/usr/lib/crtmpserver -+dynamic_exec_flags = $(FPIC) $(OPTIMIZATIONS) -Wl,-rpath,/usr/lib/crtmpserver - - #compile switches - PLATFORM_DEFINES = \ diff --git a/multimedia/crtmpserver/patches/030-default-config.patch b/multimedia/crtmpserver/patches/030-default-config.patch index 2975f000c4..6580adcd59 100644 --- a/multimedia/crtmpserver/patches/030-default-config.patch +++ b/multimedia/crtmpserver/patches/030-default-config.patch @@ -27,21 +27,21 @@ -- the application will also be known by that names. It is optional --aliases= --{ -@@ -89,13 +89,6 @@ configuration= +@@ -87,13 +87,6 @@ configuration= + port=1935, + protocol="inboundRtmp" }, - { - ip="0.0.0.0", +- { +- ip="0.0.0.0", - port=8081, - protocol="inboundRtmps", - sslKey="server.key", - sslCert="server.crt" - }, -- { -- ip="0.0.0.0", + { + ip="0.0.0.0", port=8080, - protocol="inboundRtmpt" - }, -@@ -184,6 +177,7 @@ configuration= +@@ -206,6 +199,7 @@ configuration= name="samplefactory", description="asdsadasdsa", protocol="dynamiclinklibrary", diff --git a/multimedia/crtmpserver/patches/040-syslog.patch b/multimedia/crtmpserver/patches/040-syslog.patch new file mode 100644 index 0000000000..d45776d3c3 --- /dev/null +++ b/multimedia/crtmpserver/patches/040-syslog.patch @@ -0,0 +1,11 @@ +--- a/sources/common/src/utils/logging/syslogloglocation.cpp ++++ b/sources/common/src/utils/logging/syslogloglocation.cpp +@@ -35,8 +35,6 @@ SyslogLogLocation::SyslogLogLocation(Variant &configuration, string identifier, + _priorities[_WARNING_] = LOG_WARNING; + _priorities[_ERROR_] = LOG_ERR; + _priorities[_FATAL_] = LOG_ERR; +- _priorities[_PROD_ACCESS_] = LOG_ERR; +- _priorities[_PROD_ERROR_] = LOG_ERR; + _specificLevel = specificLevel; + _enforceLoggerName = (_configuration[CONF_LOG_APPENDER_NAME] != ""); + _pDefualtFormatter = NULL; diff --git a/multimedia/crtmpserver/patches/040-use-select.patch b/multimedia/crtmpserver/patches/040-use-select.patch deleted file mode 100644 index 380208e803..0000000000 --- a/multimedia/crtmpserver/patches/040-use-select.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/builders/make/linux.mk -+++ b/builders/make/linux.mk -@@ -38,7 +38,7 @@ dynamic_exec_flags = $(FPIC) $(OPTIMIZAT - PLATFORM_DEFINES = \ - -DLINUX \ - -DLITTLE_ENDIAN_BYTE_ALIGNED \ -- -DNET_EPOLL -+ -DNET_SELECT - - SSL_BASE=/usr/local - diff --git a/multimedia/crtmpserver/patches/050-add-missing-make-defines.patch b/multimedia/crtmpserver/patches/050-add-missing-make-defines.patch deleted file mode 100644 index 25694b8f70..0000000000 --- a/multimedia/crtmpserver/patches/050-add-missing-make-defines.patch +++ /dev/null @@ -1,41 +0,0 @@ ---- a/builders/make/compile.mk -+++ b/builders/make/compile.mk -@@ -58,7 +58,7 @@ DEFINES = $(PLATFORM_DEFINES) $(FEATURES - - #library paths - SSL_INCLUDE=-I$(SSL_BASE)/include --SSL_LIB=-L$(SSL_BASE)/lib -lssl -lcrypto -+SSL_LIB=-L$(SSL_BASE)/lib -lssl -lcrypto -ldl - - #lua - LUA_INCLUDE=-I$(PROJECT_BASE_PATH)/3rdparty/lua-dev -@@ -72,25 +72,25 @@ TINYXML_OBJS = $(TINYXML_SRCS:.cpp=.tiny - - #common - COMMON_INCLUDE=$(LUA_INCLUDE) $(TINYXML_INCLUDE) $(SSL_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/common/include --COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) -llua -ltinyxml -lcrypt -+COMMON_LIBS=$(SSL_LIB) -L$(OUTPUT_DYNAMIC) $(PROJECT_BASE_PATH)/builders/make/output/dynamic/liblua.so -ltinyxml -lcrypt -ldl - COMMON_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/common/src -type f -name "*.cpp") - COMMON_OBJS = $(COMMON_SRCS:.cpp=.common.o) - - #thelib - THELIB_INCLUDE=$(COMMON_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/thelib/include --THELIB_LIBS=$(COMMON_LIBS) -L$(OUTPUT_DYNAMIC) -lcommon -+THELIB_LIBS=$(COMMON_LIBS) -L$(OUTPUT_DYNAMIC) -lcommon -ldl - THELIB_SRCS = $(shell find $(PROJECT_BASE_PATH)/sources/thelib/src -type f -name "*.cpp") - THELIB_OBJS = $(THELIB_SRCS:.cpp=.thelib.o) - - #tests - TESTS_INCLUDE=$(THELIB_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/tests/include --TESTS_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -+TESTS_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -ldl - TESTS_SRCS=$(shell find $(PROJECT_BASE_PATH)/sources/tests/src -type f -name "*.cpp") - TESTS_OBJS=$(TESTS_SRCS:.cpp=.tests.o) - - #crtmpserver - CRTMPSERVER_INCLUDE=$(THELIB_INCLUDE) -I$(PROJECT_BASE_PATH)/sources/crtmpserver/include --CRTMPSERVER_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -+CRTMPSERVER_LIBS=$(THELIB_LIBS) -L$(OUTPUT_DYNAMIC) -lthelib -ldl - CRTMPSERVER_SRCS=$(shell find $(PROJECT_BASE_PATH)/sources/crtmpserver/src -type f -name "*.cpp") - CRTMPSERVER_OBJS_DYNAMIC=$(CRTMPSERVER_SRCS:.cpp=.crtmpserver_dynamic.o) - CRTMPSERVER_OBJS_STATIC=$(CRTMPSERVER_SRCS:.cpp=.crtmpserver_static.o) diff --git a/multimedia/crtmpserver/patches/060-add-missing-includes.patch b/multimedia/crtmpserver/patches/060-add-missing-includes.patch deleted file mode 100644 index 7b9da39a2b..0000000000 --- a/multimedia/crtmpserver/patches/060-add-missing-includes.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- a/sources/common/include/common.h -+++ b/sources/common/include/common.h -@@ -20,6 +20,10 @@ - #ifndef _COMMON_H - #define _COMMON_H - -+#include -+#include -+#include -+ - #include "defines.h" - #include "platform/platform.h" - #include "utils/utils.h" ---- a/sources/common/src/utils/logging/fileloglocation.cpp -+++ b/sources/common/src/utils/logging/fileloglocation.cpp -@@ -18,6 +18,10 @@ - */ - - -+#include -+#include -+#include -+ - #include "utils/logging/fileloglocation.h" - #include "utils/lua/luautils.h" - #include "utils/misc/file.h" diff --git a/multimedia/crtmpserver/patches/080-disable-apple-streaming.patch b/multimedia/crtmpserver/patches/070-disable-apple-streaming.patch similarity index 100% rename from multimedia/crtmpserver/patches/080-disable-apple-streaming.patch rename to multimedia/crtmpserver/patches/070-disable-apple-streaming.patch diff --git a/multimedia/crtmpserver/patches/070-missing-include-gcc-47.patch b/multimedia/crtmpserver/patches/070-missing-include-gcc-47.patch deleted file mode 100644 index 534046f075..0000000000 --- a/multimedia/crtmpserver/patches/070-missing-include-gcc-47.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/3rdparty/tinyxml/tinyxml.h -+++ b/3rdparty/tinyxml/tinyxml.h -@@ -39,6 +39,7 @@ distribution. - #include - #include - #include -+#include "lstate.h" - using namespace std; - - // Help out windows: diff --git a/multimedia/crtmpserver/patches/080-fix-define.patch b/multimedia/crtmpserver/patches/080-fix-define.patch new file mode 100644 index 0000000000..f835fc9d2e --- /dev/null +++ b/multimedia/crtmpserver/patches/080-fix-define.patch @@ -0,0 +1,11 @@ +--- a/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h ++++ b/sources/thelib/include/protocols/ts/basetsappprotocolhandler.h +@@ -18,7 +18,7 @@ + */ + + +-#if defined HAS_PROTOCOL_TS && defined HAS_MEDIA_TS ++#if defined HAS_PROTOCOL_TS || defined HAS_MEDIA_TS + #ifndef _BASETSAPPPROTOCOLHANDLER_H + #define _BASETSAPPPROTOCOLHANDLER_H + diff --git a/multimedia/crtmpserver/patches/080-musl-uint32_t.patch b/multimedia/crtmpserver/patches/080-musl-uint32_t.patch deleted file mode 100644 index 51d6712bfa..0000000000 --- a/multimedia/crtmpserver/patches/080-musl-uint32_t.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- a/sources/common/include/platform/linux/max.h -+++ b/sources/common/include/platform/linux/max.h -@@ -21,87 +21,7 @@ - #ifndef _MAX_H - #define _MAX_H - --#ifdef UINT64_MAX --#undef UINT64_MAX --#endif -- --#ifdef INT64_MAX --#undef INT64_MAX --#endif -- --#ifdef UINT32_MAX --#undef UINT32_MAX --#endif -- --#ifdef INT32_MAX --#undef INT32_MAX --#endif -- --#ifdef UINT16_MAX --#undef UINT16_MAX --#endif -- --#ifdef INT16_MAX --#undef INT16_MAX --#endif -- --#ifdef UINT8_MAX --#undef UINT8_MAX --#endif -- --#ifdef INT8_MAX --#undef INT8_MAX --#endif -- -- -- --#ifndef UINT64_MAX --#define UINT64_MAX ((uint64_t)(0xffffffffffffffffULL)) --#endif -- --#ifndef INT64_MAX --#define INT64_MAX ((int64_t)(0x7fffffffffffffffLL)) --#endif -- --#ifndef INT64_MIN --#define INT64_MIN ((int64_t)(0x8000000000000000LL)) --#endif -- --#ifndef UINT32_MAX --#define UINT32_MAX ((uint32_t)(0xffffffffUL)) --#endif -- --#ifndef INT32_MAX --#define INT32_MAX ((int32_t)(0x7fffffffL)) --#endif -- --#ifndef INT32_MIN --#define INT32_MIN ((int32_t)(0x80000000L)) --#endif -- --#ifndef UINT16_MAX --#define UINT16_MAX ((uint16_t)(0xffff)) --#endif -- --#ifndef INT16_MAX --#define INT16_MAX ((int16_t)(0x7fff)) --#endif -- --#ifndef INT16_MIN --#define INT16_MIN ((int16_t)(0x8000)) --#endif -- --#ifndef UINT8_MAX --#define UINT8_MAX ((uint8_t)(0xff)) --#endif -- --#ifndef INT8_MAX --#define INT8_MAX ((int8_t)(0x7f)) --#endif -- --#ifndef INT8_MIN --#define INT8_MIN ((int8_t)(0x80)) --#endif -+#include - - #endif /* _MAX_H */ - #endif /* LINUX */ diff --git a/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch b/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch new file mode 100644 index 0000000000..19ba6716d6 --- /dev/null +++ b/multimedia/crtmpserver/patches/090-openssl-1.1-compat.patch @@ -0,0 +1,494 @@ +--- a/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h ++++ b/sources/applications/applestreamingclient/include/protocols/aes/inboundaesprotocol.h +@@ -30,7 +30,7 @@ namespace app_applestreamingclient { + private: + IOBuffer _tempBuffer; + IOBuffer _inputBuffer; +- EVP_CIPHER_CTX _decContex; ++ EVP_CIPHER_CTX *_decContex; + bool _lastChunk; + uint8_t *_pIV; + uint8_t *_pKey; +--- a/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp ++++ b/sources/applications/applestreamingclient/src/protocols/aes/inboundaesprotocol.cpp +@@ -31,13 +31,12 @@ InboundAESProtocol::InboundAESProtocol() + memset(_pIV, 0, 16); + _pKey = new uint8_t[16]; + memset(_pKey, 0, 16); +- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); ++ _decContex = EVP_CIPHER_CTX_new(); + _totalDecrypted = 0; + } + + InboundAESProtocol::~InboundAESProtocol() { +- EVP_CIPHER_CTX_cleanup(&_decContex); +- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); ++ EVP_CIPHER_CTX_free(_decContex); + delete[] _pIV; + delete[] _pKey; + } +@@ -60,11 +59,9 @@ bool InboundAESProtocol::Initialize(Variant ¶meters) { + _inputBuffer.IgnoreAll(); + _tempBuffer.IgnoreAll(); + +- EVP_CIPHER_CTX_cleanup(&_decContex); +- memset(&_decContex, 0, sizeof (EVP_CIPHER_CTX)); +- EVP_CIPHER_CTX_init(&_decContex); +- EVP_DecryptInit_ex(&_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV); +- EVP_CIPHER_CTX_set_padding(&_decContex, 0); ++ EVP_CIPHER_CTX_reset(_decContex); ++ EVP_DecryptInit_ex(_decContex, EVP_aes_128_cbc(), NULL, _pKey, _pIV); ++ EVP_CIPHER_CTX_set_padding(_decContex, 0); + + return true; + } +@@ -105,14 +102,14 @@ bool InboundAESProtocol::SignalInputData(IOBuffer &buffer) { + int decryptedFinalSize = 0; + uint32_t padding = 0; + +- EVP_DecryptUpdate(&_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize); ++ EVP_DecryptUpdate(_decContex, pTempData, &decryptedSize, GETIBPOINTER(buffer), safeSize); + _totalDecrypted += decryptedSize; + + //6. Decrypt leftovers + bool transferCompleted = false; + if (((HTTPBufferProtocol *) GetFarProtocol())->TransferCompleted()) { + transferCompleted = true; +- EVP_DecryptFinal_ex(&_decContex, ++ EVP_DecryptFinal_ex(_decContex, + pTempData + decryptedSize, + &decryptedFinalSize); + _totalDecrypted += decryptedFinalSize; +--- a/sources/common/include/utils/misc/crypto.h ++++ b/sources/common/include/utils/misc/crypto.h +@@ -33,6 +33,7 @@ + #include + #include + #include ++#include "utils/misc/libcrypto-compat.h" + + /*! + @class DHWrapper +@@ -83,7 +84,7 @@ public: + bool CopySharedKey(uint8_t *pDst, int32_t dstLength); + private: + void Cleanup(); +- bool CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength); ++ bool CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength); + }; + + DLLEXP void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut, +--- /dev/null ++++ b/sources/common/include/utils/misc/libcrypto-compat.h +@@ -0,0 +1,26 @@ ++#ifndef LIBCRYPTO_COMPAT_H ++#define LIBCRYPTO_COMPAT_H ++ ++#include ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#include ++#include ++#include ++#include ++ ++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g); ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key); ++int DH_set_length(DH *dh, long length); ++ ++EVP_MD_CTX *EVP_MD_CTX_new(void); ++void EVP_MD_CTX_free(EVP_MD_CTX *ctx); ++#define EVP_MD_CTX_reset EVP_MD_CTX_cleanup ++ ++HMAC_CTX *HMAC_CTX_new(void); ++void HMAC_CTX_free(HMAC_CTX *ctx); ++#define HMAC_CTX_reset HMAC_CTX_cleanup ++ ++#endif /* OPENSSL_VERSION_NUMBER */ ++ ++#endif /* LIBCRYPTO_COMPAT_H */ +--- a/sources/common/src/utils/misc/crypto.cpp ++++ b/sources/common/src/utils/misc/crypto.cpp +@@ -35,6 +35,7 @@ DHWrapper::~DHWrapper() { + } + + bool DHWrapper::Initialize() { ++ BIGNUM *p = NULL, *g = NULL; + Cleanup(); + + //1. Create the DH +@@ -46,42 +47,53 @@ bool DHWrapper::Initialize() { + } + + //2. Create his internal p and g +- _pDH->p = BN_new(); +- if (_pDH->p == NULL) { ++ p = BN_new(); ++ if (p == NULL) { + FATAL("Unable to create p"); +- Cleanup(); +- return false; ++ goto return_error; + } +- _pDH->g = BN_new(); +- if (_pDH->g == NULL) { ++ g = BN_new(); ++ if (g == NULL) { + FATAL("Unable to create g"); +- Cleanup(); +- return false; ++ goto return_error; + } + + //3. initialize p, g and key length +- if (BN_hex2bn(&_pDH->p, P1024) == 0) { ++ if (BN_hex2bn(&p, P1024) == 0) { + FATAL("Unable to parse P1024"); +- Cleanup(); +- return false; ++ goto return_error; + } +- if (BN_set_word(_pDH->g, 2) != 1) { ++ if (BN_set_word(g, 2) != 1) { + FATAL("Unable to set g"); +- Cleanup(); +- return false; ++ goto return_error; ++ } ++ ++ //4. Set internal p and g ++ if (DH_set0_pqg(_pDH, p, NULL, g) != 1) { ++ FATAL("Unable to set internal p and g"); ++ goto return_error; + } ++ p = g = NULL; + +- //4. Set the key length +- _pDH->length = _bitsCount; ++ //5. Set the key length ++ if (DH_set_length(_pDH, _bitsCount) != 1) { ++ FATAL("Unable to set length"); ++ goto return_error; ++ } + +- //5. Generate private and public key ++ //6. Generate private and public key + if (DH_generate_key(_pDH) != 1) { + FATAL("Unable to generate DH public/private keys"); +- Cleanup(); +- return false; ++ goto return_error; + } + + return true; ++ ++return_error: ++ if (p != NULL) BN_free(p); ++ if (g != NULL) BN_free(g); ++ Cleanup(); ++ return false; + } + + bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) { +@@ -90,7 +102,9 @@ bool DHWrapper::CopyPublicKey(uint8_t *pDst, int32_t dstLength) { + return false; + } + +- return CopyKey(_pDH->pub_key, pDst, dstLength); ++ const BIGNUM *pub_key; ++ DH_get0_key(_pDH, &pub_key, NULL); ++ return CopyKey(pub_key, pDst, dstLength); + } + + bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) { +@@ -99,7 +113,9 @@ bool DHWrapper::CopyPrivateKey(uint8_t *pDst, int32_t dstLength) { + return false; + } + +- return CopyKey(_pDH->priv_key, pDst, dstLength); ++ const BIGNUM *priv_key; ++ DH_get0_key(_pDH, NULL, &priv_key); ++ return CopyKey(priv_key, pDst, dstLength); + } + + bool DHWrapper::CreateSharedKey(uint8_t *pPeerPublicKey, int32_t length) { +@@ -153,14 +169,6 @@ bool DHWrapper::CopySharedKey(uint8_t *pDst, int32_t dstLength) { + + void DHWrapper::Cleanup() { + if (_pDH != NULL) { +- if (_pDH->p != NULL) { +- BN_free(_pDH->p); +- _pDH->p = NULL; +- } +- if (_pDH->g != NULL) { +- BN_free(_pDH->g); +- _pDH->g = NULL; +- } + DH_free(_pDH); + _pDH = NULL; + } +@@ -177,7 +185,7 @@ void DHWrapper::Cleanup() { + } + } + +-bool DHWrapper::CopyKey(BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) { ++bool DHWrapper::CopyKey(const BIGNUM *pNum, uint8_t *pDst, int32_t dstLength) { + int32_t keySize = BN_num_bytes(pNum); + if ((keySize <= 0) || (dstLength <= 0) || (keySize > dstLength)) { + FATAL("CopyPublicKey failed due to either invalid DH state or invalid call"); +@@ -197,20 +205,21 @@ void InitRC4Encryption(uint8_t *secretKey, uint8_t *pubKeyIn, uint8_t *pubKeyOut + uint8_t digest[SHA256_DIGEST_LENGTH]; + unsigned int digestLen = 0; + +- HMAC_CTX ctx; +- HMAC_CTX_init(&ctx); +- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0); +- HMAC_Update(&ctx, pubKeyIn, 128); +- HMAC_Final(&ctx, digest, &digestLen); +- HMAC_CTX_cleanup(&ctx); ++ HMAC_CTX *ctx; ++ ctx = HMAC_CTX_new(); ++ if (ctx == NULL) ++ return; ++ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0); ++ HMAC_Update(ctx, pubKeyIn, 128); ++ HMAC_Final(ctx, digest, &digestLen); ++ HMAC_CTX_reset(ctx); + + RC4_set_key(rc4keyOut, 16, digest); + +- HMAC_CTX_init(&ctx); +- HMAC_Init_ex(&ctx, secretKey, 128, EVP_sha256(), 0); +- HMAC_Update(&ctx, pubKeyOut, 128); +- HMAC_Final(&ctx, digest, &digestLen); +- HMAC_CTX_cleanup(&ctx); ++ HMAC_Init_ex(ctx, secretKey, 128, EVP_sha256(), 0); ++ HMAC_Update(ctx, pubKeyOut, 128); ++ HMAC_Final(ctx, digest, &digestLen); ++ HMAC_CTX_free(ctx); + + RC4_set_key(rc4keyIn, 16, digest); + } +@@ -220,14 +229,17 @@ string md5(string source, bool textResult) { + } + + string md5(uint8_t *pBuffer, uint32_t length, bool textResult) { +- EVP_MD_CTX mdctx; ++ EVP_MD_CTX *mdctx; + unsigned char md_value[EVP_MAX_MD_SIZE]; + unsigned int md_len; + +- EVP_DigestInit(&mdctx, EVP_md5()); +- EVP_DigestUpdate(&mdctx, pBuffer, length); +- EVP_DigestFinal_ex(&mdctx, md_value, &md_len); +- EVP_MD_CTX_cleanup(&mdctx); ++ mdctx = EVP_MD_CTX_new(); ++ if (mdctx == NULL) ++ return ""; ++ EVP_DigestInit(mdctx, EVP_md5()); ++ EVP_DigestUpdate(mdctx, pBuffer, length); ++ EVP_DigestFinal_ex(mdctx, md_value, &md_len); ++ EVP_MD_CTX_free(mdctx); + + if (textResult) { + string result = ""; +@@ -259,12 +271,12 @@ void HMACsha256(const void *pData, uint32_t dataLength, + const void *pKey, uint32_t keyLength, void *pResult) { + unsigned int digestLen; + +- HMAC_CTX ctx; +- HMAC_CTX_init(&ctx); +- HMAC_Init_ex(&ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL); +- HMAC_Update(&ctx, (unsigned char *) pData, dataLength); +- HMAC_Final(&ctx, (unsigned char *) pResult, &digestLen); +- HMAC_CTX_cleanup(&ctx); ++ HMAC_CTX *ctx; ++ ctx = HMAC_CTX_new(); ++ HMAC_Init_ex(ctx, (unsigned char*) pKey, keyLength, EVP_sha256(), NULL); ++ HMAC_Update(ctx, (unsigned char *) pData, dataLength); ++ HMAC_Final(ctx, (unsigned char *) pResult, &digestLen); ++ HMAC_CTX_free(ctx); + + o_assert(digestLen == 32); + } +@@ -397,8 +409,8 @@ string unhex(const uint8_t *pBuffer, uint32_t length) { + } + + void CleanupSSL() { +-#ifndef NO_SSL_ENGINE_CLEANUP +- ERR_remove_state(0); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ERR_remove_thread_state(NULL); + ENGINE_cleanup(); + CONF_modules_unload(1); + ERR_free_strings(); +--- /dev/null ++++ b/sources/common/src/utils/misc/libcrypto-compat.cpp +@@ -0,0 +1,90 @@ ++/* ++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. ++ * ++ * Licensed under the OpenSSL license (the "License"). You may not use ++ * this file except in compliance with the License. You can obtain a copy ++ * in the file LICENSE in the source distribution or at ++ * https://www.openssl.org/source/license.html ++ */ ++ ++#include "utils/misc/libcrypto-compat.h" ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++#include ++ ++static void *OPENSSL_zalloc(size_t num) ++{ ++ void *ret = OPENSSL_malloc(num); ++ ++ if (ret != NULL) ++ memset(ret, 0, num); ++ return ret; ++} ++ ++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ /* If the fields p and g in d are NULL, the corresponding input ++ * parameters MUST be non-NULL. q may remain NULL. ++ */ ++ if ((dh->p == NULL && p == NULL) ++ || (dh->g == NULL && g == NULL)) ++ return 0; ++ ++ if (p != NULL) { ++ BN_free(dh->p); ++ dh->p = p; ++ } ++ if (q != NULL) { ++ BN_free(dh->q); ++ dh->q = q; ++ } ++ if (g != NULL) { ++ BN_free(dh->g); ++ dh->g = g; ++ } ++ ++ if (q != NULL) { ++ dh->length = BN_num_bits(q); ++ } ++ ++ return 1; ++} ++ ++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key) ++{ ++ if (pub_key != NULL) ++ *pub_key = dh->pub_key; ++ if (priv_key != NULL) ++ *priv_key = dh->priv_key; ++} ++ ++int DH_set_length(DH *dh, long length) ++{ ++ dh->length = length; ++ return 1; ++} ++ ++EVP_MD_CTX *EVP_MD_CTX_new(void) ++{ ++ return (EVP_MD_CTX *)OPENSSL_zalloc(sizeof(EVP_MD_CTX)); ++} ++ ++void EVP_MD_CTX_free(EVP_MD_CTX *ctx) ++{ ++ EVP_MD_CTX_cleanup(ctx); ++ OPENSSL_free(ctx); ++} ++ ++HMAC_CTX *HMAC_CTX_new(void) ++{ ++ return (HMAC_CTX *)OPENSSL_zalloc(sizeof(HMAC_CTX)); ++} ++ ++void HMAC_CTX_free(HMAC_CTX *ctx) ++{ ++ HMAC_CTX_cleanup(ctx); ++ OPENSSL_free(ctx); ++} ++ ++#endif /* OPENSSL_VERSION_NUMBER */ +--- a/sources/thelib/src/protocols/ssl/basesslprotocol.cpp ++++ b/sources/thelib/src/protocols/ssl/basesslprotocol.cpp +@@ -43,6 +43,7 @@ BaseSSLProtocol::~BaseSSLProtocol() { + bool BaseSSLProtocol::Initialize(Variant ¶meters) { + //1. Initialize the SSL library + if (!_libraryInitialized) { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + //3. This is the first time we use the library. So we have to + //initialize it first + SSL_library_init(); +@@ -55,6 +56,7 @@ bool BaseSSLProtocol::Initialize(Variant ¶meters) { + OpenSSL_add_all_algorithms(); + OpenSSL_add_all_ciphers(); + OpenSSL_add_all_digests(); ++#endif + + //initialize the random numbers generator + InitRandGenerator(); +@@ -211,6 +213,7 @@ string BaseSSLProtocol::GetSSLErrors() { + + string BaseSSLProtocol::DumpBIO(BIO *pBIO) { + string formatString; ++#if OPENSSL_VERSION_NUMBER < 0x10100000L + formatString = "method: %p\n"; + formatString += "callback: %p\n"; + formatString += "cb_arg: %p\n"; +@@ -240,6 +243,39 @@ string BaseSSLProtocol::DumpBIO(BIO *pBIO) { + pBIO->references, + (int64_t) pBIO->num_read, + (int64_t) pBIO->num_write); ++#else ++// Some of these are problematic in openssl >= 1.1, since ++// the BIO struct is opaque. ++ formatString = "method: %s\n"; ++ formatString += "callback: %p\n"; ++ formatString += "cb_arg: %p\n"; ++ formatString += "init: %d\n"; ++ formatString += "shutdown: %d\n"; ++ formatString += "flags: %d\n"; ++ formatString += "retry_reason: %d\n"; ++ formatString += "num: %d\n"; ++ formatString += "ptr: %p\n"; ++ formatString += "next_bio: %p\n"; ++ formatString += "prev_bio: %s\n"; ++ formatString += "references: %s\n"; ++ formatString += "num_read: %"PRId64"\n"; ++ formatString += "num_write: %"PRId64; ++ return format(STR(formatString), ++ BIO_method_name(pBIO), ++ BIO_get_callback(pBIO), ++ BIO_get_callback_arg(pBIO), ++ BIO_get_init(pBIO), ++ BIO_get_shutdown(pBIO), ++ BIO_get_flags(pBIO), ++ BIO_get_retry_reason(pBIO), ++ BIO_get_fd(pBIO, NULL), ++ BIO_get_data(pBIO), ++ BIO_next(pBIO), ++ "unknown", //prev_bio ++ "unknown", //references ++ BIO_number_read(pBIO), ++ BIO_number_written(pBIO)); ++#endif + } + + void BaseSSLProtocol::InitRandGenerator() { +--- a/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp ++++ b/sources/thelib/src/protocols/ssl/outboundsslprotocol.cpp +@@ -33,7 +33,7 @@ bool OutboundSSLProtocol::InitGlobalContext(Variant ¶meters) { + _pGlobalSSLContext = _pGlobalContexts[hash]; + if (_pGlobalSSLContext == NULL) { + //2. prepare the global ssl context +- _pGlobalSSLContext = SSL_CTX_new(TLSv1_method()); ++ _pGlobalSSLContext = SSL_CTX_new(SSLv23_method()); + if (_pGlobalSSLContext == NULL) { + FATAL("Unable to create global SSL context"); + return false;