[asterisk-bugs] [JIRA] (ASTERISK-25043) [patch] Avoiding ERR_remove_state in OpenSSL
Alexander Traud (JIRA)
noreply at issues.asterisk.org
Fri May 1 07:55:32 CDT 2015
Alexander Traud created ASTERISK-25043:
------------------------------------------
Summary: [patch] Avoiding ERR_remove_state in OpenSSL
Key: ASTERISK-25043
URL: https://issues.asterisk.org/jira/browse/ASTERISK-25043
Project: Asterisk
Issue Type: Improvement
Security Level: None
Components: Channels/chan_sip/TCP-TLS
Affects Versions: SVN
Reporter: Alexander Traud
Severity: Minor
Attachments: asterisk_with_BoringSSL.patch
Since OpenSSL 1.0.0, the symbol _ERR_remove_state_ is [deprecated|https://www.openssl.org/docs/crypto/ERR_remove_state.html]. Already, some forks of OpenSSL do not ship with that symbol anymore and compiling fails (sometimes linking fails, sometimes fail at runtime).
The same with _ERR_load_SSL_strings_ which is called by {{SSL_load_error_strings}}, since OpenSSL 0.9.6 (or even earlier). _ERR_load_BIO_strings_ is called by _ERR_load_crypto_strings_ which is called by _ERR_load_SSL_strings_, again since 0.9.6 or even earlier. Consequently, these calls can be removed without any side effects.
This patch was tested with BoringSSL (2311) on Ubuntu (14.04.2 LTS):
{noformat}sudo apt-get install cmake git golang-go
cd /usr/src/
git clone https://boringssl.googlesource.com/boringssl
cd boringssl/
cmake -DBUILD_SHARED_LIBS=1 ./
make
cp ./crypto/libcrypto.so ./
cp ./ssl/libssl.so ./
cd /usr/src/asterisk*
make distclean
LDFLAGS='-Wl,-rpath /usr/src/boringssl' ./configure --with-ssl='/usr/src/boringssl'
make
sudo make install{noformat}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list