From a4b105c99b5a7963be5286f03eaa7925e77c7fc2 Mon Sep 17 00:00:00 2001 From: Alexander Traud Date: Fri, 27 Jul 2018 15:54:11 +0200 Subject: [PATCH] res_rtp_asterisk: In Developer Mode, do not require OpenSSL. OpenSSL is an optional external library and should stay optional even when Developer Mode is configured. ASTERISK-27990 Change-Id: Ia68a4cd5474b26d45e0f43b04032ad598022853b --- res/res_rtp_asterisk.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c index d101fcb2eb..6f7e09eb4a 100644 --- a/res/res_rtp_asterisk.c +++ b/res/res_rtp_asterisk.c @@ -270,7 +270,7 @@ struct rtp_learning_info { enum ast_media_type stream_type; }; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) struct dtls_details { SSL *ssl; /*!< SSL session */ BIO *read_bio; /*!< Memory buffer for reading */ @@ -393,7 +393,7 @@ struct ast_rtp { unsigned int ice_num_components; /*!< The number of ICE components */ #endif -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) SSL_CTX *ssl_ctx; /*!< SSL context */ enum ast_rtp_dtls_verify dtls_verify; /*!< What to verify */ enum ast_srtp_suite suite; /*!< SRTP crypto suite */ @@ -470,7 +470,7 @@ struct ast_rtcp { /* VP8: sequence number for the RTCP FIR FCI */ int firseq; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) struct dtls_details dtls; /*!< DTLS state information */ #endif @@ -524,7 +524,7 @@ static void ast_rtp_stop(struct ast_rtp_instance *instance); static int ast_rtp_qos_set(struct ast_rtp_instance *instance, int tos, int cos, const char* desc); static int ast_rtp_sendcng(struct ast_rtp_instance *instance, int level); -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) static int ast_rtp_activate(struct ast_rtp_instance *instance); static void dtls_srtp_check_pending(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp); static void dtls_srtp_start_timeout_timer(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp); @@ -1543,7 +1543,7 @@ static struct ast_rtp_engine_ice ast_rtp_ice = { }; #endif -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) static int dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) { /* We don't want to actually verify the certificate so just accept what they have provided */ @@ -1999,13 +1999,13 @@ static struct ast_rtp_engine asterisk_rtp_engine = { #ifdef HAVE_PJPROJECT .ice = &ast_rtp_ice, #endif -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) .dtls = &ast_rtp_dtls, .activate = ast_rtp_activate, #endif }; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) /*! \pre instance is locked */ static void dtls_perform_handshake(struct ast_rtp_instance *instance, struct dtls_details *dtls, int rtcp) { @@ -2066,7 +2066,7 @@ static void ast_rtp_on_ice_complete(pj_ice_sess *ice, pj_status_t status) } } -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) dtls_perform_handshake(instance, &rtp->dtls, 0); if (rtp->rtcp && rtp->rtcp->type == AST_RTP_INSTANCE_RTCP_STANDARD) { @@ -2197,7 +2197,7 @@ static inline int rtcp_debug_test_addr(struct ast_sockaddr *addr) return 1; } -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) /*! \pre instance is locked */ static int dtls_srtp_handle_timeout(struct ast_rtp_instance *instance, int rtcp) { @@ -2521,7 +2521,7 @@ static int __rtp_recvfrom(struct ast_rtp_instance *instance, void *buf, size_t s return len; } -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) /* If this is an SSL packet pass it to OpenSSL for processing. RFC section for first byte value: * https://tools.ietf.org/html/rfc5764#section-5.1.2 */ if ((*in >= 20) && (*in <= 63)) { @@ -3225,7 +3225,7 @@ static int ast_rtp_new(struct ast_rtp_instance *instance, /* Record any information we may need */ rtp->sched = sched; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) rtp->rekeyid = -1; rtp->dtls.timeout_timer = -1; #endif @@ -3246,7 +3246,7 @@ static int ast_rtp_destroy(struct ast_rtp_instance *instance) struct timespec ts = { .tv_sec = wait.tv_sec, .tv_nsec = wait.tv_usec * 1000, }; #endif -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) ast_rtp_dtls_stop(instance); #endif @@ -5861,7 +5861,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro return; } rtp->rtcp->s = -1; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) rtp->rtcp->dtls.timeout_timer = -1; #endif rtp->rtcp->schedid = -1; @@ -5924,7 +5924,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro rtp_add_candidates_to_ice(instance, rtp, &rtp->rtcp->us, ast_sockaddr_port(&rtp->rtcp->us), AST_RTP_ICE_COMPONENT_RTCP, TRANSPORT_SOCKET_RTCP); } #endif -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) dtls_setup_rtcp(instance); #endif } else { @@ -5944,7 +5944,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro rtp->rtcp->s = rtp->s; ast_rtp_instance_get_remote_address(instance, &addr); ast_sockaddr_copy(&rtp->rtcp->them, &addr); -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) if (rtp->rtcp->dtls.ssl && rtp->rtcp->dtls.ssl != rtp->dtls.ssl) { SSL_free(rtp->rtcp->dtls.ssl); } @@ -5972,7 +5972,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro if (rtp->rtcp->s > -1 && rtp->rtcp->s != rtp->s) { close(rtp->rtcp->s); } -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) ao2_unlock(instance); dtls_srtp_stop_timeout_timer(instance, rtp, 1); ao2_lock(instance); @@ -6234,7 +6234,7 @@ static void ast_rtp_stop(struct ast_rtp_instance *instance) struct ast_rtp *rtp = ast_rtp_instance_get_data(instance); struct ast_sockaddr addr = { {0,} }; -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) ao2_unlock(instance); AST_SCHED_DEL_UNREF(rtp->sched, rtp->rekeyid, ao2_ref(instance, -1)); @@ -6329,7 +6329,7 @@ static int ast_rtp_sendcng(struct ast_rtp_instance *instance, int level) return res; } -#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP) static void dtls_perform_setup(struct dtls_details *dtls) { if (!dtls->ssl || !SSL_is_init_finished(dtls->ssl)) {