[asterisk-bugs] [JIRA] (ASTERISK-26744) Asterisk fails to start up when using OpenSSL 1.1.0

Bernhard (JIRA) noreply at issues.asterisk.org
Mon Jan 23 11:56:10 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-26744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=234817#comment-234817 ] 

Bernhard commented on ASTERISK-26744:
-------------------------------------

I understand that you make contributors sign a license agreement. However, I don't feel comfortable signing it for a one-liner.

Here is some letters and symbols that I do not care for at all now or in the future, but might help you understand what I meant with avoiding initialization altogether in {{ast_ssl_init}}:

{noformat}
-#ifdef HAVE_OPENSSL
+	/**
+	 * none of these initializations are required for OpenSSL >= 1.1.0
+	 */
+#if defined(HAVE_OPENSSL) && (!defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L)
{noformat}

This fixes the issue for me.

> Asterisk fails to start up when using OpenSSL 1.1.0
> ---------------------------------------------------
>
>                 Key: ASTERISK-26744
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-26744
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>    Affects Versions: GIT
>         Environment: Debian testing (stretch) using libssl-dev 1.1.0c-2
>            Reporter: Bernhard
>
> After manually applying https://gerrit.asterisk.org/#/c/4753/1 (currently pending review), compilation of asterisk succeeds (gerrit git master). Compilation fails for 14.2.1, also see https://issues.asterisk.org/jira/browse/ASTERISK-26109
> However, asterisk fails to start up issuing message: "SSL initialization failed" on the console.
> It turns out that {{ast_ssl_init}} returns -1 since {{SSL_library_init}} is now a macro, so {{get_OpenSSL_function}} using the dynamic linker fails to lookup the real {{SSL_library_init}} function.
> As far as my research went, all the initialization done in {{ast_ssl_init}} is obsolete as of OpenSSL 1.1.0, so IMHO the compiler directive testing for {{HAVE_OPENSSL}} should be extended to hide the code for OpenSSL >= 1.1.0.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list