Address OpenSSL initialization issues when using third-party libraries.

When Asterisk is used with various third-party libraries (CURL, PostgresSQL,
many others) that have the ability themselves to use OpenSSL, it is possible
for conflicts to arise in how the OpenSSL libraries are initialized and
shutdown. This patch addresses these conflicts by 'wrapping' the important
functions from the OpenSSL libraries in a new shared library that is part
of Asterisk itself, and is loaded in such a way as to ensure that *all*
calls to these functions will be dispatched through the Asterisk wrapper
functions, not the native functions.

This new library is optional, but enabled by default. See the CHANGES file
for documentation on how to disable it.

Along the way, this patch also makes a few other minor changes:

* Changes MODULES_DIR to ASTMODDIR throughout the build system, in order to
  more closely match what is used during run-time configuration.

* Corrects some errors in the configure script where AC_CHECK_TOOLS was used
  instead of AC_PATH_PROG.

* Adds a new variable for linker flags in the build system (DYLINK), used for
  producing true shared libraries (as opposed to the dynamically loadable
  modules that the build system produces for 'regular' Asterisk modules).

* Moves the Makefile bits that handle installation and uninstallation of the
  main Asterisk binary into main/Makefile from the top-level Makefile.

* Moves a couple of useful preprocessor macros from optional_api.h to
  asterisk.h.

Review: https://reviewboard.asterisk.org/r/1006/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353317 65c4cc65-6c06-0410-ace0-fbb531ad65f3
certified/11.2
Kevin P. Fleming 14 years ago
parent 82f313b7b8
commit 92ef8a6fe1

@ -16,6 +16,13 @@ Core
----
* The expression parser now recognizes the ABS() absolute value function,
which will convert negative floating point values to positive values.
* The Asterisk build system will now build and install a shared library
(libasteriskssl.so) used to wrap various initialization and shutdown functions
from the libssl and libcrypto libraries provided by OpenSSL. This is done so
that Asterisk can ensure that these functions do *not* get called by any
modules that are loaded into Asterisk, since they should only be called once
in any single process. If desired, this feature can be disabled by supplying
the "--disable-asteriskssl" option to the configure script.
CLI Changes
-------------------

@ -19,8 +19,10 @@
# _ASTLDFLAGS - linker flags (not libraries) provided by the build system
# LIBS - additional libraries, at top-level for all links,
# on a single object just for that object
# SOLINK - linker flags used only for creating shared objects (.so files),
# used for all .so links
# SOLINK - linker flags used only for creating dynamically loadable modules
# as .so files
# DYLINK - linker flags used only for creating shared libaries
# (.so files on Unix-type platforms, .dylib on Darwin)
#
# Values for ASTCFLAGS and ASTLDFLAGS can be specified in the
# environment when running make, as follows:
@ -49,13 +51,13 @@ export DESTDIR
export INSTALL_PATH # Additional prefix for the following paths
export ASTETCDIR # Path for config files
export ASTVARRUNDIR
export MODULES_DIR
export ASTSPOOLDIR
export ASTVARLIBDIR
export ASTDATADIR
export ASTDBDIR
export ASTLOGDIR
export ASTLIBDIR
export ASTMODDIR
export ASTMANDIR
export ASTHEADERDIR
export ASTSBINDIR
@ -71,7 +73,9 @@ export MENUSELECT_CFLAGS # Options selected in menuselect.
export AST_DEVMODE # Set to "yes" for additional compiler
# and runtime checks
export SOLINK # linker flags for shared objects
export _SOLINK # linker flags for all shared objects
export SOLINK # linker flags for loadable modules
export DYLINK # linker flags for shared libraries
export STATIC_BUILD # Additional cflags, set to -static
# for static builds. Probably
# should go directly to ASTLDFLAGS
@ -90,6 +94,8 @@ export AWK
export GREP
export MD5
export WGET_EXTRA_ARGS
export LDCONFIG
export LDCONFIG_FLAGS
# even though we could use '-include makeopts' here, use a wildcard
# lookup anyway, so that make won't try to build makeopts if it doesn't
@ -129,7 +135,6 @@ DEBUG=-g3
# Asterisk.conf is located in ASTETCDIR or by using the -C flag
# when starting Asterisk
ASTCONFPATH=$(ASTETCDIR)/asterisk.conf
MODULES_DIR=$(ASTLIBDIR)/modules
AGI_DIR=$(ASTDATADIR)/agi-bin
# If you use Apache, you may determine by a grep 'DocumentRoot' of your httpd.conf file
@ -194,6 +199,8 @@ ifeq ($(OSARCH),linux-gnu)
endif
endif
endif
# flag to tell 'ldconfig' to only process specified directories
LDCONFIG_FLAGS=-n
endif
ifeq ($(findstring -save-temps,$(_ASTCFLAGS) $(ASTCFLAGS)),)
@ -247,6 +254,8 @@ ifeq ($(OSARCH),FreeBSD)
# -V is understood by BSD Make, not by GNU make.
BSDVERSION=$(shell make -V OSVERSION -f /usr/share/mk/bsd.port.subdir.mk)
_ASTCFLAGS+=$(shell if test $(BSDVERSION) -lt 500016 ; then echo "-D_THREAD_SAFE"; fi)
# flag to tell 'ldconfig' to only process specified directories
LDCONFIG_FLAGS=-m
endif
ifeq ($(OSARCH),NetBSD)
@ -287,14 +296,17 @@ MOD_SUBDIRS_MENUSELECT_TREE:=$(MOD_SUBDIRS:%=%-menuselect-tree)
ifneq ($(findstring darwin,$(OSARCH)),)
_ASTCFLAGS+=-D__Darwin__
SOLINK=-bundle -Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace
_SOLINK=-Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace
ifeq ($(shell if test `/usr/bin/sw_vers -productVersion | cut -c4` -gt 5; then echo 6; else echo 0; fi),6)
SOLINK+=/usr/lib/bundle1.o
_SOLINK+=/usr/lib/bundle1.o
endif
SOLINK=-bundle $(_SOLINK)
DYLINK=-Xlinker -dylib $(_SOLINK)
_ASTLDFLAGS+=-L/usr/local/lib
else
# These are used for all but Darwin
SOLINK=-shared
DYLINK=$(SOLINK)
ifneq ($(findstring BSD,$(OSARCH)),)
_ASTLDFLAGS+=-L/usr/local/lib
endif
@ -302,10 +314,12 @@ endif
ifeq ($(OSARCH),SunOS)
SOLINK=-shared -fpic -L/usr/local/ssl/lib -lrt
DYLINK=$(SOLINK)
endif
ifeq ($(OSARCH),OpenBSD)
SOLINK=-shared -fpic
DYLINK=$(SOLINK)
endif
# comment to print directories during submakes
@ -530,7 +544,8 @@ NEWHEADERS=$(notdir $(wildcard include/asterisk/*.h))
OLDHEADERS=$(filter-out $(NEWHEADERS) $(notdir $(DESTDIR)$(ASTHEADERDIR)),$(notdir $(wildcard $(DESTDIR)$(ASTHEADERDIR)/*.h)))
installdirs:
$(INSTALL) -d "$(DESTDIR)$(MODULES_DIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTLIBDIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTMODDIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTSBINDIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTETCDIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTVARRUNDIR)"
@ -562,9 +577,10 @@ installdirs:
$(INSTALL) -d "$(DESTDIR)$(AGI_DIR)"
$(INSTALL) -d "$(DESTDIR)$(ASTDBDIR)"
bininstall: _cleantest_all installdirs $(SUBDIRS_INSTALL)
$(INSTALL) -m 755 main/asterisk "$(DESTDIR)$(ASTSBINDIR)/"
$(LN) -sf asterisk "$(DESTDIR)$(ASTSBINDIR)/rasterisk"
main-bininstall:
+@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" ASTLIBDIR="$(ASTLIBDIR)" $(SUBMAKE) -C main bininstall
bininstall: _cleantest_all installdirs $(SUBDIRS_INSTALL) main-bininstall
$(INSTALL) -m 755 contrib/scripts/astgenkey "$(DESTDIR)$(ASTSBINDIR)/"
$(INSTALL) -m 755 contrib/scripts/autosupport "$(DESTDIR)$(ASTSBINDIR)/"
if [ ! -f "$(DESTDIR)$(ASTSBINDIR)/safe_asterisk" -a ! -f /sbin/launchd ]; then \
@ -593,14 +609,14 @@ $(SUBDIRS_INSTALL):
+@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" $(SUBMAKE) -C $(@:-install=) install
NEWMODS:=$(foreach d,$(MOD_SUBDIRS),$(notdir $(wildcard $(d)/*.so)))
OLDMODS=$(filter-out $(NEWMODS) $(notdir $(DESTDIR)$(MODULES_DIR)),$(notdir $(wildcard $(DESTDIR)$(MODULES_DIR)/*.so)))
OLDMODS=$(filter-out $(NEWMODS) $(notdir $(DESTDIR)$(ASTMODDIR)),$(notdir $(wildcard $(DESTDIR)$(ASTMODDIR)/*.so)))
oldmodcheck:
@if [ -n "$(OLDMODS)" ]; then \
echo " WARNING WARNING WARNING" ;\
echo "" ;\
echo " Your Asterisk modules directory, located at" ;\
echo " $(DESTDIR)$(MODULES_DIR)" ;\
echo " $(DESTDIR)$(ASTMODDIR)" ;\
echo " contains modules that were not installed by this " ;\
echo " version of Asterisk. Please ensure that these" ;\
echo " modules are compatible with this version before" ;\
@ -687,7 +703,7 @@ samples: adsi
if [ "$(OVERWRITE)" = "y" ]; then \
echo "Updating asterisk.conf" ; \
sed -e 's|^astetcdir.*$$|astetcdir => $(ASTETCDIR)|' \
-e 's|^astmoddir.*$$|astmoddir => $(MODULES_DIR)|' \
-e 's|^astmoddir.*$$|astmoddir => $(ASTMODDIR)|' \
-e 's|^astvarlibdir.*$$|astvarlibdir => $(ASTVARLIBDIR)|' \
-e 's|^astdbdir.*$$|astdbdir => $(ASTDBDIR)|' \
-e 's|^astkeydir.*$$|astkeydir => $(ASTKEYDIR)|' \
@ -846,9 +862,11 @@ cleantest:
$(SUBDIRS_UNINSTALL):
+@$(SUBMAKE) -C $(@:-uninstall=) uninstall
_uninstall: $(SUBDIRS_UNINSTALL)
rm -f "$(DESTDIR)$(MODULES_DIR)/"*
rm -f "$(DESTDIR)$(ASTSBINDIR)/"*asterisk*
main-binuninstall:
+@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" ASTLIBDIR="$(ASTLIBDIR)" $(SUBMAKE) -C main binuninstall
_uninstall: $(SUBDIRS_UNINSTALL) main-binuninstall
rm -f "$(DESTDIR)$(ASTMODDIR)/"*
rm -f "$(DESTDIR)$(ASTSBINDIR)/astgenkey"
rm -f "$(DESTDIR)$(ASTSBINDIR)/autosupport"
rm -rf "$(DESTDIR)$(ASTHEADERDIR)"

@ -122,7 +122,7 @@ clean::
install:: all
@echo "Installing modules from `basename $(CURDIR)`..."
@for x in $(LOADABLE_MODS:%=%.so); do $(INSTALL) -m 755 $$x "$(DESTDIR)$(MODULES_DIR)" ; done
@for x in $(LOADABLE_MODS:%=%.so); do $(INSTALL) -m 755 $$x "$(DESTDIR)$(ASTMODDIR)" ; done
uninstall::

@ -8,7 +8,7 @@ cat << END
#define DEFAULT_CONFIG_FILE "${INSTALL_PATH}${ASTCONFPATH}"
#define DEFAULT_CONFIG_DIR "${INSTALL_PATH}${ASTETCDIR}"
#define DEFAULT_MODULE_DIR "${INSTALL_PATH}${MODULES_DIR}"
#define DEFAULT_MODULE_DIR "${INSTALL_PATH}${ASTMODDIR}"
#define DEFAULT_AGI_DIR "${INSTALL_PATH}${AGI_DIR}"
#define DEFAULT_LOG_DIR "${INSTALL_PATH}${ASTLOGDIR}"

@ -39,7 +39,7 @@ varrundir=$ASTVARRUNDIR
spooldir=$ASTSPOOLDIR
logdir=$ASTLOGDIR
confpath=$ASTCONFPATH
moddir=$MODULES_DIR
moddir=$ASTMODDIR
agidir=$AGI_DIR
Name: asterisk

355
configure vendored

@ -1,5 +1,5 @@
#! /bin/sh
# From configure.ac Revision: 350732 .
# From configure.ac Revision: 350839 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.68 for asterisk trunk.
#
@ -666,6 +666,7 @@ GC_CFLAGS
PBX_WEAKREF
PBX_PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP
PBX_PTHREAD_RWLOCK_INITIALIZER
AST_ASTERISKSSL
HAS_POLL
PBX_DYNAMIC_LIST
POW_LIB
@ -1046,6 +1047,9 @@ MD5
SOXMIX
PBX_FLEX
PBX_BISON
OPENSSL
SHA1SUM
LDCONFIG
DOWNLOAD
FETCH
XMLSTARLET
@ -1065,10 +1069,6 @@ FLEX
CMP
BISON
GNU_LD
ac_ct_OPENSSL
OPENSSL
ac_ct_SHA1SUM
SHA1SUM
ac_ct_AR
AR
ac_ct_STRIP
@ -1106,6 +1106,7 @@ astdbdir
astdatadir
astvarlibdir
astmandir
astmoddir
astlibdir
astheaderdir
astetcdir
@ -1248,6 +1249,7 @@ with_z
enable_xmldoc
enable_largefile
enable_internal_poll
enable_asteriskssl
'
ac_precious_vars='build_alias
host_alias
@ -1879,9 +1881,10 @@ Optional Features:
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--enable-dev-mode Turn on developer mode
--enable-coverage Turn on code coverage tracking (for gcov)
--disable-xmldoc Explicity disable XML documentation
--disable-xmldoc Explicitly disable XML documentation
--disable-largefile omit support for large files
--enable-internal-poll Use Asterisk's poll implementation
--disable-asteriskssl Disable Asterisk's SSL wrapper library
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@ -4515,7 +4518,8 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; }
astsbindir='${sbindir}'
astetcdir='${sysconfdir}/asterisk'
astheaderdir='${includedir}/asterisk'
astlibdir='${libdir}/asterisk'
astlibdir='${libdir}'
astmoddir='${libdir}/asterisk/modules'
astmandir='${mandir}'
astvarlibdir='${localstatedir}/lib/asterisk'
astdatadir='${astvarlibdir}'
@ -4561,7 +4565,7 @@ case "${host_os}" in
darwin*)
ac_default_prefix=/usr/local
if test ${prefix} = 'NONE'; then
astlibdir='/Library/Application Support/Asterisk/Modules'
astmoddir='/Library/Application Support/Asterisk/Modules'
astvarlibdir='/Library/Application Support/Asterisk'
astlogdir=/Library/Logs/Asterisk
astvarrundir='/Library/Application Support/Asterisk/Run'
@ -4578,6 +4582,7 @@ $as_echo "#define _DARWIN_UNLIMITED_SELECT 1" >>confdefs.h
astetcdir=/var/etc/asterisk
astsbindir=/opt/asterisk/sbin
astlibdir=/opt/asterisk/lib
astmoddir=/opt/asterisk/lib/modules
astheaderdir=/opt/asterisk/include
astmandir=/opt/asterisk/man
astvarlibdir=/var/opt/asterisk
@ -6396,206 +6401,6 @@ esac
fi
fi
if test -n "$ac_tool_prefix"; then
for ac_prog in sha1sum
do
# Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
set dummy $ac_tool_prefix$ac_prog; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_prog_SHA1SUM+:} false; then :
$as_echo_n "(cached) " >&6
else
if test -n "$SHA1SUM"; then
ac_cv_prog_SHA1SUM="$SHA1SUM" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_SHA1SUM="$ac_tool_prefix$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
SHA1SUM=$ac_cv_prog_SHA1SUM
if test -n "$SHA1SUM"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $SHA1SUM" >&5
$as_echo "$SHA1SUM" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
test -n "$SHA1SUM" && break
done
fi
if test -z "$SHA1SUM"; then
ac_ct_SHA1SUM=$SHA1SUM
for ac_prog in sha1sum
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_prog_ac_ct_SHA1SUM+:} false; then :
$as_echo_n "(cached) " >&6
else
if test -n "$ac_ct_SHA1SUM"; then
ac_cv_prog_ac_ct_SHA1SUM="$ac_ct_SHA1SUM" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_ac_ct_SHA1SUM="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
ac_ct_SHA1SUM=$ac_cv_prog_ac_ct_SHA1SUM
if test -n "$ac_ct_SHA1SUM"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_SHA1SUM" >&5
$as_echo "$ac_ct_SHA1SUM" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
test -n "$ac_ct_SHA1SUM" && break
done
if test "x$ac_ct_SHA1SUM" = x; then
SHA1SUM="$ac_aux_dir/build_tools/sha1sum-sh"
else
case $cross_compiling:$ac_tool_warned in
yes:)
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
ac_tool_warned=yes ;;
esac
SHA1SUM=$ac_ct_SHA1SUM
fi
fi
if test -n "$ac_tool_prefix"; then
for ac_prog in openssl
do
# Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
set dummy $ac_tool_prefix$ac_prog; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_prog_OPENSSL+:} false; then :
$as_echo_n "(cached) " >&6
else
if test -n "$OPENSSL"; then
ac_cv_prog_OPENSSL="$OPENSSL" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_OPENSSL="$ac_tool_prefix$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
OPENSSL=$ac_cv_prog_OPENSSL
if test -n "$OPENSSL"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $OPENSSL" >&5
$as_echo "$OPENSSL" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
test -n "$OPENSSL" && break
done
fi
if test -z "$OPENSSL"; then
ac_ct_OPENSSL=$OPENSSL
for ac_prog in openssl
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_prog_ac_ct_OPENSSL+:} false; then :
$as_echo_n "(cached) " >&6
else
if test -n "$ac_ct_OPENSSL"; then
ac_cv_prog_ac_ct_OPENSSL="$ac_ct_OPENSSL" # Let the user override the test.
else
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_prog_ac_ct_OPENSSL="$ac_prog"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
fi
fi
ac_ct_OPENSSL=$ac_cv_prog_ac_ct_OPENSSL
if test -n "$ac_ct_OPENSSL"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OPENSSL" >&5
$as_echo "$ac_ct_OPENSSL" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
test -n "$ac_ct_OPENSSL" && break
done
if test "x$ac_ct_OPENSSL" = x; then
OPENSSL=":"
else
case $cross_compiling:$ac_tool_warned in
yes:)
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
ac_tool_warned=yes ;;
esac
OPENSSL=$ac_ct_OPENSSL
fi
fi
GNU_LD=0
if test "x$with_gnu_ld" = "xyes" ; then
@ -7391,6 +7196,129 @@ fi
fi
fi
# Extract the first word of "ldconfig", so it can be a program name with args.
set dummy ldconfig; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_LDCONFIG+:} false; then :
$as_echo_n "(cached) " >&6
else
case $LDCONFIG in
[\\/]* | ?:[\\/]*)
ac_cv_path_LDCONFIG="$LDCONFIG" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_path_LDCONFIG="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
test -z "$ac_cv_path_LDCONFIG" && ac_cv_path_LDCONFIG=":"
;;
esac
fi
LDCONFIG=$ac_cv_path_LDCONFIG
if test -n "$LDCONFIG"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $LDCONFIG" >&5
$as_echo "$LDCONFIG" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
# Extract the first word of "sha1sum", so it can be a program name with args.
set dummy sha1sum; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_SHA1SUM+:} false; then :
$as_echo_n "(cached) " >&6
else
case $SHA1SUM in
[\\/]* | ?:[\\/]*)
ac_cv_path_SHA1SUM="$SHA1SUM" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_path_SHA1SUM="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
test -z "$ac_cv_path_SHA1SUM" && ac_cv_path_SHA1SUM="$ac_aux_dir/build_tools/sha1sum-sh"
;;
esac
fi
SHA1SUM=$ac_cv_path_SHA1SUM
if test -n "$SHA1SUM"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $SHA1SUM" >&5
$as_echo "$SHA1SUM" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
# Extract the first word of "openssl", so it can be a program name with args.
set dummy openssl; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
if ${ac_cv_path_OPENSSL+:} false; then :
$as_echo_n "(cached) " >&6
else
case $OPENSSL in
[\\/]* | ?:[\\/]*)
ac_cv_path_OPENSSL="$OPENSSL" # Let the user override the test with a path.
;;
*)
as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
for as_dir in $PATH
do
IFS=$as_save_IFS
test -z "$as_dir" && as_dir=.
for ac_exec_ext in '' $ac_executable_extensions; do
if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
ac_cv_path_OPENSSL="$as_dir/$ac_word$ac_exec_ext"
$as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
break 2
fi
done
done
IFS=$as_save_IFS
test -z "$ac_cv_path_OPENSSL" && ac_cv_path_OPENSSL=":"
;;
esac
fi
OPENSSL=$ac_cv_path_OPENSSL
if test -n "$OPENSSL"; then
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $OPENSSL" >&5
$as_echo "$OPENSSL" >&6; }
else
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for bison that supports parse-param" >&5
$as_echo_n "checking for bison that supports parse-param... " >&6; }
@ -14248,6 +14176,17 @@ fi
# Check whether --enable-asteriskssl was given.
if test "${enable_asteriskssl+set}" = set; then :
enableval=$enable_asteriskssl; case "${enableval}" in
y|ye|yes) AST_ASTERISKSSL=yes ;;
n|no) AST_ASTERISKSSL=no ;;
*) as_fn_error $? "bad value ${enableval} for --disable-asteriskssl" "$LINENO" 5 ;;
esac
else
AST_ASTERISKSSL=yes
fi
# https support (in main/http.c) uses funopen on BSD systems,

@ -47,7 +47,8 @@ AC_USE_SYSTEM_EXTENSIONS dnl note- does not work on FreeBSD
AC_SUBST([astsbindir], ['${sbindir}'])dnl
AC_SUBST([astetcdir], ['${sysconfdir}/asterisk'])dnl
AC_SUBST([astheaderdir], ['${includedir}/asterisk'])dnl
AC_SUBST([astlibdir], ['${libdir}/asterisk'])dnl
AC_SUBST([astlibdir], ['${libdir}'])dnl
AC_SUBST([astmoddir], ['${libdir}/asterisk/modules'])dnl
AC_SUBST([astmandir], ['${mandir}'])dnl
AC_SUBST([astvarlibdir], ['${localstatedir}/lib/asterisk'])dnl
AC_SUBST([astdatadir], ['${astvarlibdir}'])dnl
@ -93,7 +94,7 @@ case "${host_os}" in
darwin*)
ac_default_prefix=/usr/local
if test ${prefix} = 'NONE'; then
astlibdir='/Library/Application Support/Asterisk/Modules'
astmoddir='/Library/Application Support/Asterisk/Modules'
astvarlibdir='/Library/Application Support/Asterisk'
astlogdir=/Library/Logs/Asterisk
astvarrundir='/Library/Application Support/Asterisk/Run'
@ -106,6 +107,7 @@ case "${host_os}" in
astetcdir=/var/etc/asterisk
astsbindir=/opt/asterisk/sbin
astlibdir=/opt/asterisk/lib
astmoddir=/opt/asterisk/lib/modules
astheaderdir=/opt/asterisk/include
astmandir=/opt/asterisk/man
astvarlibdir=/var/opt/asterisk
@ -234,8 +236,6 @@ AC_PROG_EGREP
AC_CHECK_TOOLS([STRIP], [strip gstrip], :)
AC_CHECK_TOOLS([AR], [ar gar], :)
AC_CHECK_TOOLS([SHA1SUM], [sha1sum], $ac_aux_dir/build_tools/sha1sum-sh)
AC_CHECK_TOOLS([OPENSSL], [openssl], :)
GNU_LD=0
if test "x$with_gnu_ld" = "xyes" ; then
@ -271,6 +271,9 @@ else
fi
fi
AC_SUBST(DOWNLOAD)
AC_PATH_PROG([LDCONFIG], [ldconfig], :)
AC_PATH_PROG([SHA1SUM], [sha1sum], $ac_aux_dir/build_tools/sha1sum-sh)
AC_PATH_PROG([OPENSSL], [openssl], :)
AC_CACHE_CHECK([for bison that supports parse-param], [ac_cv_path_BISON2], [
if test "x$BISON" != "x:" ; then
@ -498,7 +501,7 @@ AC_SUBST(EDITLINE_LIB)
# Another mandatory item (unless it's explicitly disabled)
AC_ARG_ENABLE([xmldoc],
[AS_HELP_STRING([--disable-xmldoc],
[Explicity disable XML documentation])],
[Explicitly disable XML documentation])],
[case "${enableval}" in
y|ye|yes) disable_xmldoc=no ;;
n|no) disable_xmldoc=yes ;;
@ -637,7 +640,15 @@ AC_ARG_ENABLE([internal-poll],
esac])
AC_SUBST(HAS_POLL)
AC_ARG_ENABLE([asteriskssl],
[AS_HELP_STRING([--disable-asteriskssl],
[Disable Asterisk's SSL wrapper library])],
[case "${enableval}" in
y|ye|yes) AST_ASTERISKSSL=yes ;;
n|no) AST_ASTERISKSSL=no ;;
*) AC_MSG_ERROR(bad value ${enableval} for --disable-asteriskssl) ;;
esac], [AST_ASTERISKSSL=yes])
AC_SUBST(AST_ASTERISKSSL)
# https support (in main/http.c) uses funopen on BSD systems,
# fopencookie on linux

@ -224,4 +224,8 @@ struct ast_sched_context;
#define bzero 0x__dont_use_bzero__use_memset_instead""
#define bcopy 0x__dont_use_bcopy__use_memmove_instead()
/* Some handy macros for turning a preprocessor token into (effectively) a quoted string */
#define __stringify_1(x) #x
#define __stringify(x) __stringify_1(x)
#endif /* _ASTERISK_H */

@ -89,9 +89,6 @@
* WARNING WARNING WARNING WARNING WARNING
*/
#define __stringify_1(x) #x
#define __stringify(x) __stringify_1(x)
/*!
* \brief A common value for optional API stub functions to return
*

@ -18,7 +18,10 @@ all: asterisk
include $(ASTTOPDIR)/Makefile.moddir_rules
# Must include the extra ast_expr2.c, ast_expr2f.c, in case they need to be regenerated (because to force regeneration, we delete them)
SRC=$(wildcard *.c) ast_expr2.c ast_expr2f.c
SRC:=$(wildcard *.c) ast_expr2.c ast_expr2f.c
ifeq ($(AST_ASTERISKSSL),yes)
SRC:=$(filter-out libasteriskssl.c,$(SRC))
endif
OBJSFILTER=fskmodem_int.o fskmodem_float.o cygload.o buildinfo.o
OBJS=$(filter-out $(OBJSFILTER),$(SRC:.c=.o))
@ -26,14 +29,16 @@ OBJS=$(filter-out $(OBJSFILTER),$(SRC:.c=.o))
# otherwise modules will not have them available if none of the static
# objects use it.
OBJS+=stdtime/localtime.o
ifneq ($(firstword $(subst :, ,$(WEAKREF))),1)
OBJS+=../res/res_adsi.o
endif
AST_LIBS += $(OPENSSL_LIB)
ASTSSL_LIBS:=$(OPENSSL_LIB)
AST_LIBS+=$(BKTR_LIB)
AST_LIBS+=$(LIBXML2_LIB)
AST_LIBS+=$(SQLITE3_LIB)
AST_LIBS+=$(ASTSSL_LIBS)
ifneq ($(findstring $(OSARCH), linux-gnu uclinux linux-uclibc linux-gnueabi kfreebsd-gnu linux-gnueabihf),)
ifneq ($(findstring LOADABLE_MODULES,$(MENUSELECT_CFLAGS)),)
@ -89,7 +94,8 @@ ifeq ($(OSARCH),OpenBSD)
endif
ifeq ($(OSARCH),SunOS)
AST_LIBS+=-lpthread -ldl -lrt -lnsl -lsocket -lresolv -L/opt/ssl/lib -L/usr/local/ssl/lib
AST_LIBS+=-lpthread -ldl -lrt -lnsl -lsocket -lresolv
ASTSSL_LIBS+=-L/opt/ssl/lib -L/usr/local/ssl/lib
ASTLINK=
endif
@ -178,13 +184,61 @@ endif
$(OBJS): _ASTCFLAGS+=-DAST_MODULE=\"core\"
$(MAIN_TGT): $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS)
ifeq ($(AST_ASTERISKSSL),yes)
# The ABI *version* of the asteriskssl library; don't change this unless there truly is a
# non-backwards-compatible ABI change in the library
ASTSSL_SO_VERSION=1
ASTSSL_LDLIBS=-L. -lasteriskssl
ifeq ($(findstring darwin,$(OSARCH)),) # not Darwin
ASTSSL_LIB:=libasteriskssl.so
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): _ASTLDFLAGS+=-Wl,-soname=$(ASTSSL_LIB).$(ASTSSL_SO_VERSION)
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): _ASTCFLAGS+=-fPIC -DAST_MODULE=\"asteriskssl\"
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): LIBS+=$(ASTSSL_LIBS)
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): SO_SUPPRESS_SYMBOLS=-Wl,--version-script,libasteriskssl.exports,--warn-common
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): SOLINK=$(DYLINK)
# These rules are duplicated from $(ASTTOPDIR)/Makefile.rules because the library name
# being built does not match the "%.so" pattern; there are also additional steps
# required to build a proper shared library (as opposed to the 'loadable module'
# type that are built by the standard rules)
$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): libasteriskssl.o
ifeq ($(GNU_LD),1)
$(CMD_PREFIX) $(ASTTOPDIR)/build_tools/make_linker_version_script libasteriskssl "$(LINKER_SYMBOL_PREFIX)" "$(ASTTOPDIR)"
endif
$(ECHO_PREFIX) echo " [LD] $^ -> $@"
$(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(CC_LDFLAGS_SO) $^ $(CC_LIBS)
ifneq ($(LDCONFIG),)
$(LDCONFIG) $(LDCONFIG_FLAGS) .
endif
$(ASTSSL_LIB): $(ASTSSL_LIB).$(ASTSSL_SO_VERSION)
$(LN) -sf $< $@
else # Darwin
ASTSSL_LIB:=libasteriskssl.dylib
$(ASTSSL_LIB): _ASTCFLAGS+=-fPIC -DAST_MODULE=\"asteriskssl\"
$(ASTSSL_LIB): LIBS+=$(ASTSSL_LIBS)
$(ASTSSL_LIB): SOLINK=$(DYLINK)
# Special rules for building a shared library (not a dynamically loadable module)
$(ASTSSL_LIB): libasteriskssl.o
$(ECHO_PREFIX) echo " [LD] $^ -> $@"
$(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(CC_LDFLAGS_SO) $^ $(CC_LIBS)
endif
endif
$(MAIN_TGT): $(OBJS) $(ASTSSL_LIB) editline/libedit.a $(AST_EMBED_LDSCRIPTS)
@$(CC) -c -o buildinfo.o $(_ASTCFLAGS) buildinfo.c $(ASTCFLAGS)
$(ECHO_PREFIX) echo " [LD] $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) -> $@"
ifneq ($(findstring chan_h323,$(MENUSELECT_CHANNELS)),)
$(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(GMIMELDFLAGS)
$(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(OBJS) $(ASTSSL_LDLIBS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(GMIMELDFLAGS)
else
$(CMD_PREFIX) $(CXX) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(H323LDFLAGS) $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(H323LDLIBS) $(GMIMELDFLAGS)
$(CMD_PREFIX) $(CXX) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(H323LDFLAGS) $(OBJS) $(ASTSSL_LDLIBS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(H323LDLIBS) $(GMIMELDFLAGS)
endif
ifeq ($(GNU_LD),1)
@ -193,9 +247,28 @@ asterisk.exports: asterisk.exports.in
$(CMD_PREFIX) $(ASTTOPDIR)/build_tools/make_linker_version_script asterisk $(LINKER_SYMBOL_PREFIX)
endif
bininstall:
$(INSTALL) -m 755 $(MAIN_TGT) "$(DESTDIR)$(ASTSBINDIR)/"
ifeq ($(AST_ASTERISKSSL),yes)
$(INSTALL) -m 755 $(ASTSSL_LIB).$(ASTSSL_SO_VERSION) "$(DESTDIR)$(ASTLIBDIR)/"
$(LN) -sf "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB).$(ASTSSL_SO_VERSION)" "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB)"
ifneq ($(LDCONFIG),)
$(LDCONFIG) $(LDCONFIG_FLAGS) "$(DESTDIR)$(ASTLIBDIR)/"
endif
endif
$(LN) -sf asterisk "$(DESTDIR)$(ASTSBINDIR)/rasterisk"
binuninstall:
rm -f "$(DESTDIR)$(ASTSBINDIR)/$(MAIN_TGT)"
rm -f "$(DESTDIR)$(ASTSBINDIR)/rasterisk"
rm -f "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB).$(ASTSSL_SO_VERSION)"
ifneq ($(LDCONFIG),)
$(LDCONFIG) $(LDCONFIG_FLAGS) "$(DESTDIR)$(ASTLIBDIR)/"
endif
clean::
rm -f asterisk
rm -f asterisk.exports
rm -f asterisk libasteriskssl.o $(ASTSSL_LIB) $(ASTSSL_LIB).*
rm -f asterisk.exports libasteriskssl.exports
@if [ -f editline/Makefile ]; then $(MAKE) -C editline distclean ; fi
@$(MAKE) -C stdtime clean
rm -f libresample/src/*.o

@ -0,0 +1,235 @@
/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2009-2012, Digium, Inc.
*
* Russell Bryant <russell@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
/*!
* \file
* \brief Common OpenSSL support code
*
* \author Russell Bryant <russell@digium.com>
*/
#include "asterisk.h"
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#ifdef HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif
#include <dlfcn.h>
#include "asterisk/_private.h" /* ast_ssl_init() */
#include "asterisk/utils.h"
#include "asterisk/lock.h"
#ifdef HAVE_OPENSSL
#define get_OpenSSL_function(func) do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0)
static int startup_complete;
static ast_mutex_t *ssl_locks;
static int ssl_num_locks;
static unsigned long ssl_threadid(void)
{
return (unsigned long) pthread_self();
}
static void ssl_lock(int mode, int n, const char *file, int line)
{
if (n < 0 || n >= ssl_num_locks) {
ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - "
"ssl_num_locks '%d' - n '%d'\n",
ssl_num_locks, n);
return;
}
if (mode & CRYPTO_LOCK) {
ast_mutex_lock(&ssl_locks[n]);
} else {
ast_mutex_unlock(&ssl_locks[n]);
}
}
int SSL_library_init(void)
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
return 0;
}
void SSL_load_error_strings(void)
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void ERR_load_SSL_strings(void)
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void ERR_load_crypto_strings(void)
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void ERR_load_BIO_strings(void)
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void CRYPTO_set_id_callback(unsigned long (*func)(void))
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void CRYPTO_set_locking_callback(void (*func)(int mode,int type, const char *file, int line))
{
#if defined(AST_DEVMODE)
if (startup_complete) {
ast_debug(1, "Called after startup... ignoring!\n");
}
#endif
}
void ERR_free_strings(void)
{
/* we can't allow this to be called, ever */
}
#endif /* HAVE_OPENSSL */
/*!
* \internal
* \brief Common OpenSSL initialization for all of Asterisk.
*/
int ast_ssl_init(void)
{
#ifdef HAVE_OPENSSL
unsigned int i;
int (*real_SSL_library_init)(void);
void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void));
void (*real_CRYPTO_set_locking_callback)(void (*)(int, int, const char *, int));
void (*real_SSL_load_error_strings)(void);
void (*real_ERR_load_SSL_strings)(void);
void (*real_ERR_load_crypto_strings)(void);
void (*real_ERR_load_BIO_strings)(void);
const char *errstr;
/* clear any previous dynamic linker errors */
dlerror();
get_OpenSSL_function(SSL_library_init);
if ((errstr = dlerror()) != NULL) {
ast_debug(1, "unable to get real address of SSL_library_init: %s\n", errstr);
/* there is no way to continue in this situation... SSL will
* likely be broken in this process
*/
return -1;
} else {
real_SSL_library_init();
}
/* Make OpenSSL usage thread-safe. */
dlerror();
get_OpenSSL_function(CRYPTO_set_id_callback);
if ((errstr = dlerror()) != NULL) {
ast_debug(1, "unable to get real address of CRYPTO_set_id_callback: %s\n", errstr);
/* there is no way to continue in this situation... SSL will
* likely be broken in this process
*/
return -1;
} else {
real_CRYPTO_set_id_callback(ssl_threadid);
}
dlerror();
get_OpenSSL_function(CRYPTO_set_locking_callback);
if ((errstr = dlerror()) != NULL) {
ast_debug(1, "unable to get real address of CRYPTO_set_locking_callback: %s\n", errstr);
/* there is no way to continue in this situation... SSL will
* likely be broken in this process
*/
return -1;
} else {
ssl_num_locks = CRYPTO_num_locks();
if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
return -1;
}
for (i = 0; i < ssl_num_locks; i++) {
ast_mutex_init(&ssl_locks[i]);
}
real_CRYPTO_set_locking_callback(ssl_lock);
}
/* after this point, we don't check for errors from the dlsym() calls,
* under the assumption that if the ones above were successful, all
* the rest will be too. this assumption holds as long as OpenSSL still
* provides all of these functions.
*/
get_OpenSSL_function(SSL_load_error_strings);
real_SSL_load_error_strings();
get_OpenSSL_function(ERR_load_SSL_strings);
real_ERR_load_SSL_strings();
get_OpenSSL_function(ERR_load_crypto_strings);
real_ERR_load_crypto_strings();
get_OpenSSL_function(ERR_load_BIO_strings);
real_ERR_load_BIO_strings();
#if 0
/* currently this is just another call to SSL_library_init, so we don't call it */
OpenSSL_add_all_algorithms();
#endif
startup_complete = 1;
#endif /* HAVE_OPENSSL */
return 0;
}

@ -0,0 +1,4 @@
{
global:
*;
};

@ -1,100 +0,0 @@
/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2009, Digium, Inc.
*
* Russell Bryant <russell@digium.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
/*!
* \file
* \brief Common OpenSSL support code
*
* \author Russell Bryant <russell@digium.com>
*/
#include "asterisk.h"
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#ifdef HAVE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif
#include "asterisk/_private.h" /* ast_ssl_init() */
#include "asterisk/utils.h"
#include "asterisk/lock.h"
#ifdef HAVE_OPENSSL
static ast_mutex_t *ssl_locks;
static int ssl_num_locks;
static unsigned long ssl_threadid(void)
{
return (unsigned long)pthread_self();
}
static void ssl_lock(int mode, int n, const char *file, int line)
{
if (n < 0 || n >= ssl_num_locks) {
ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - "
"ssl_num_locks '%d' - n '%d'\n",
ssl_num_locks, n);
return;
}
if (mode & CRYPTO_LOCK) {
ast_mutex_lock(&ssl_locks[n]);
} else {
ast_mutex_unlock(&ssl_locks[n]);
}
}
#endif /* HAVE_OPENSSL */
/*!
* \internal
* \brief Common OpenSSL initialization for all of Asterisk.
*/
int ast_ssl_init(void)
{
#ifdef HAVE_OPENSSL
unsigned int i;
SSL_library_init();
SSL_load_error_strings();
ERR_load_crypto_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
/* Make OpenSSL thread-safe. */
CRYPTO_set_id_callback(ssl_threadid);
ssl_num_locks = CRYPTO_num_locks();
if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) {
return -1;
}
for (i = 0; i < ssl_num_locks; i++) {
ast_mutex_init(&ssl_locks[i]);
}
CRYPTO_set_locking_callback(ssl_lock);
#endif /* HAVE_OPENSSL */
return 0;
}

@ -34,6 +34,7 @@ XMLSTARLET=@XMLSTARLET@
MD5=@MD5@
SHA1SUM=@SHA1SUM@
OPENSSL=@OPENSSL@
LDCONFIG=@LDCONFIG@
BUILD_PLATFORM=@BUILD_PLATFORM@
BUILD_CPU=@BUILD_CPU@
@ -81,6 +82,7 @@ ASTSBINDIR = @astsbindir@
ASTETCDIR = @astetcdir@
ASTHEADERDIR = @astheaderdir@
ASTLIBDIR = @astlibdir@
ASTMODDIR = @astmoddir@
ASTMANDIR = @astmandir@
astvarlibdir = @astvarlibdir@
ASTVARLIBDIR = @astvarlibdir@
@ -96,6 +98,8 @@ NOISY_BUILD=@NOISY_BUILD@
AST_CODE_COVERAGE=@AST_CODE_COVERAGE@
AST_ASTERISKSSL=@AST_ASTERISKSSL@
AST_DECLARATION_AFTER_STATEMENT=@AST_DECLARATION_AFTER_STATEMENT@
AST_NO_STRICT_OVERFLOW=@AST_NO_STRICT_OVERFLOW@
AST_SHADOW_WARNINGS=@AST_SHADOW_WARNINGS@

Loading…
Cancel
Save