[Asterisk-code-review] res rtp asterisk: In Developer Mode, do not require OpenSSL. (asterisk[13])
Joshua Colp
asteriskteam at digium.com
Wed Aug 1 04:23:24 CDT 2018
Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/9739 )
Change subject: res_rtp_asterisk: In Developer Mode, do not require OpenSSL.
......................................................................
res_rtp_asterisk: In Developer Mode, do not require OpenSSL.
OpenSSL is an optional external library and should stay optional even when
Developer Mode is configured.
ASTERISK-27990
Change-Id: Ia68a4cd5474b26d45e0f43b04032ad598022853b
---
M res/res_rtp_asterisk.c
1 file changed, 18 insertions(+), 18 deletions(-)
Approvals:
Joshua Colp: Looks good to me, but someone else must approve; Approved for Submit
Richard Mudgett: Looks good to me, approved
diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index d101fcb..6f7e09e 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -270,7 +270,7 @@
enum ast_media_type stream_type;
};
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
struct dtls_details {
SSL *ssl; /*!< SSL session */
BIO *read_bio; /*!< Memory buffer for reading */
@@ -393,7 +393,7 @@
unsigned int ice_num_components; /*!< The number of ICE components */
#endif
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
SSL_CTX *ssl_ctx; /*!< SSL context */
enum ast_rtp_dtls_verify dtls_verify; /*!< What to verify */
enum ast_srtp_suite suite; /*!< SRTP crypto suite */
@@ -470,7 +470,7 @@
/* VP8: sequence number for the RTCP FIR FCI */
int firseq;
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
struct dtls_details dtls; /*!< DTLS state information */
#endif
@@ -524,7 +524,7 @@
static int ast_rtp_qos_set(struct ast_rtp_instance *instance, int tos, int cos, const char* desc);
static int ast_rtp_sendcng(struct ast_rtp_instance *instance, int level);
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
static int ast_rtp_activate(struct ast_rtp_instance *instance);
static void dtls_srtp_check_pending(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp);
static void dtls_srtp_start_timeout_timer(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp);
@@ -1543,7 +1543,7 @@
};
#endif
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
static int dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{
/* We don't want to actually verify the certificate so just accept what they have provided */
@@ -1999,13 +1999,13 @@
#ifdef HAVE_PJPROJECT
.ice = &ast_rtp_ice,
#endif
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
.dtls = &ast_rtp_dtls,
.activate = ast_rtp_activate,
#endif
};
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
/*! \pre instance is locked */
static void dtls_perform_handshake(struct ast_rtp_instance *instance, struct dtls_details *dtls, int rtcp)
{
@@ -2066,7 +2066,7 @@
}
}
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
dtls_perform_handshake(instance, &rtp->dtls, 0);
if (rtp->rtcp && rtp->rtcp->type == AST_RTP_INSTANCE_RTCP_STANDARD) {
@@ -2197,7 +2197,7 @@
return 1;
}
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
/*! \pre instance is locked */
static int dtls_srtp_handle_timeout(struct ast_rtp_instance *instance, int rtcp)
{
@@ -2521,7 +2521,7 @@
return len;
}
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
/* If this is an SSL packet pass it to OpenSSL for processing. RFC section for first byte value:
* https://tools.ietf.org/html/rfc5764#section-5.1.2 */
if ((*in >= 20) && (*in <= 63)) {
@@ -3225,7 +3225,7 @@
/* Record any information we may need */
rtp->sched = sched;
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
rtp->rekeyid = -1;
rtp->dtls.timeout_timer = -1;
#endif
@@ -3246,7 +3246,7 @@
struct timespec ts = { .tv_sec = wait.tv_sec, .tv_nsec = wait.tv_usec * 1000, };
#endif
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
ast_rtp_dtls_stop(instance);
#endif
@@ -5861,7 +5861,7 @@
return;
}
rtp->rtcp->s = -1;
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
rtp->rtcp->dtls.timeout_timer = -1;
#endif
rtp->rtcp->schedid = -1;
@@ -5924,7 +5924,7 @@
rtp_add_candidates_to_ice(instance, rtp, &rtp->rtcp->us, ast_sockaddr_port(&rtp->rtcp->us), AST_RTP_ICE_COMPONENT_RTCP, TRANSPORT_SOCKET_RTCP);
}
#endif
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
dtls_setup_rtcp(instance);
#endif
} else {
@@ -5944,7 +5944,7 @@
rtp->rtcp->s = rtp->s;
ast_rtp_instance_get_remote_address(instance, &addr);
ast_sockaddr_copy(&rtp->rtcp->them, &addr);
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
if (rtp->rtcp->dtls.ssl && rtp->rtcp->dtls.ssl != rtp->dtls.ssl) {
SSL_free(rtp->rtcp->dtls.ssl);
}
@@ -5972,7 +5972,7 @@
if (rtp->rtcp->s > -1 && rtp->rtcp->s != rtp->s) {
close(rtp->rtcp->s);
}
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
ao2_unlock(instance);
dtls_srtp_stop_timeout_timer(instance, rtp, 1);
ao2_lock(instance);
@@ -6234,7 +6234,7 @@
struct ast_rtp *rtp = ast_rtp_instance_get_data(instance);
struct ast_sockaddr addr = { {0,} };
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
ao2_unlock(instance);
AST_SCHED_DEL_UNREF(rtp->sched, rtp->rekeyid, ao2_ref(instance, -1));
@@ -6329,7 +6329,7 @@
return res;
}
-#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
static void dtls_perform_setup(struct dtls_details *dtls)
{
if (!dtls->ssl || !SSL_is_init_finished(dtls->ssl)) {
--
To view, visit https://gerrit.asterisk.org/9739
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia68a4cd5474b26d45e0f43b04032ad598022853b
Gerrit-Change-Number: 9739
Gerrit-PatchSet: 1
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20180801/7d3d4cbe/attachment-0001.html>
More information about the asterisk-code-review
mailing list