[asterisk-bugs] [JIRA] (ASTERISK-27906) [patch] res_crypto: Allow OpenSSL configured with no-deprecated.

Asterisk Team (JIRA) noreply at issues.asterisk.org
Wed Aug 8 10:06:59 CDT 2018


     [ https://issues.asterisk.org/jira/browse/ASTERISK-27906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Asterisk Team updated ASTERISK-27906:
-------------------------------------

    Target Release Version/s: 16.0.0

> [patch] res_crypto: Allow OpenSSL configured with no-deprecated.
> ----------------------------------------------------------------
>
>                 Key: ASTERISK-27906
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27906
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Resources/res_crypto
>    Affects Versions: 13.21.0, 15.4.0
>            Reporter: Alexander Traud
>            Assignee: Alexander Traud
>            Severity: Minor
>      Target Release: 13.22.0, 15.5.0, 16.0.0
>
>
> When OpenSSL is built from source, options can be configured. One option is to build without anything deprecated. This is the best option to test forward compatibility. However, this reveals that Asterisk did not include its used OpenSSL headers correctly. In case of the module {{res_crypto.c}}, the header {{rsa.h}} was missing.
> *Steps to reproduce* (Ubuntu 18.04 LTS){code}
> sudo apt install build-essential pkg-config libedit-dev libjansson-dev libsqlite3-dev uuid-dev libxslt1-dev
> sudo apt install libssl-dev
> cd ~/Downloads
> wget www.openssl.org/source/openssl-1.0.2o.tar.gz
> tar -zxf ./openssl-*.tar.gz
> cd ./openssl-*
> ./config shared no-deprecated
> make
> export SSL_HOME=$PWD
> cd ~/Downloads
> wget downloads.asterisk.org/pub/telephony/asterisk/asterisk-13-current.tar.gz
> tar -zxf ./asterisk-*.tar.gz
> cd ./asterisk-*
> LDFLAGS="-Wl,-rpath $SSL_HOME" ./configure --with-crypto=$SSL_HOME --with-ssl=$SSL_HOME
> make{code}OpenSSL headers in the system were required {{sudo apt install libssl-dev}} because in Asterisk {{--with-ssl}} does not work correctly, yet. See ASTERISK-27865 and its section Notes whether this is still needed. 
> As side effect, this patch updates all remaining header includes with the help of [iwyu|https://issues.asterisk.org/jira/browse/ASTERISK-25591]:
> *added*
> * openssl/pem
> * openssl/rsa (that was the origin reason)
> * openssl/sha
> * asterisk/compat
> * asterisk/linkedlists
> * asterisk/logger
> * asterisk/options
> *removed*
> * asterisk/lock
> In July 2007, Commit [84f325a|https://github.com/asterisk/asterisk/commit/84f325abb2e866a9a04545886f80256bcb053f75#diff-a45504f5141683b14f835a34a15ba55d] removed all symbols which used {{asterisk/lock.h}}, which explains why neither iwyu nor I find any use for it.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list