[asterisk-commits] kpfleming: branch kpfleming/libasteriskssl r352089 - in /team/kpfleming/libas...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Sun Jan 22 09:09:28 CST 2012 

Author: kpfleming
Date: Sun Jan 22 09:09:21 2012
New Revision: 352089

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=352089
Log:
Simplify libasteriskssl wrapping of OpenSSL functions.

The Unix ABI specifies how the dynamic linker behaves; after some research,
it has become apparent that the ABI will ensure that any symbols defined
in libasteriskssl.so *will* be used instead of the same-named symbols defined
in libssl.so, as long as libasteriskssl.so appears in the list of libraries
specified to the linker *before* libssl.so. This means it is safe for the
main Asterisk binary to be linked to both libraries, and thus libasteriskssl.so
does not need to wrap any libssl functions except for the initialization and
shutdown functions.


Modified:
    team/kpfleming/libasteriskssl/configure
    team/kpfleming/libasteriskssl/configure.ac
    team/kpfleming/libasteriskssl/include/asterisk/autoconfig.h.in
    team/kpfleming/libasteriskssl/main/Makefile
    team/kpfleming/libasteriskssl/main/libasteriskssl.c

Modified: team/kpfleming/libasteriskssl/configure.ac
URL: http://svnview.digium.com/svn/asterisk/team/kpfleming/libasteriskssl/configure.ac?view=diff&rev=352089&r1=352088&r2=352089
==============================================================================
--- team/kpfleming/libasteriskssl/configure.ac (original)
+++ team/kpfleming/libasteriskssl/configure.ac Sun Jan 22 09:09:21 2012
@@ -648,9 +648,6 @@
 		*) AC_MSG_ERROR(bad value ${enableval} for --disable-asteriskssl)  ;;
 	esac], [AST_ASTERISKSSL=yes])
 AC_SUBST(AST_ASTERISKSSL)
-if test "${AST_ASTERISKSSL}" != "no" ; then
-   AC_DEFINE([AST_ASTERISKSSL], 1, [Define to 1 if the Asterisk SSL wrapper library is being built.])
-fi
 
 # https support (in main/http.c) uses funopen on BSD systems,
 # fopencookie on linux

Modified: team/kpfleming/libasteriskssl/include/asterisk/autoconfig.h.in
URL: http://svnview.digium.com/svn/asterisk/team/kpfleming/libasteriskssl/include/asterisk/autoconfig.h.in?view=diff&rev=352089&r1=352088&r2=352089
==============================================================================
--- team/kpfleming/libasteriskssl/include/asterisk/autoconfig.h.in (original)
+++ team/kpfleming/libasteriskssl/include/asterisk/autoconfig.h.in Sun Jan 22 09:09:21 2012
@@ -6,9 +6,6 @@
 #include "asterisk/buildopts.h"
 
 
-
-/* Define to 1 if the Asterisk SSL wrapper library should be built. */
-#undef AST_ASTERISKSSL
 
 /* Define to 1 if internal poll should be used. */
 #undef AST_POLL_COMPAT

Modified: team/kpfleming/libasteriskssl/main/Makefile
URL: http://svnview.digium.com/svn/asterisk/team/kpfleming/libasteriskssl/main/Makefile?view=diff&rev=352089&r1=352088&r2=352089
==============================================================================
--- team/kpfleming/libasteriskssl/main/Makefile (original)
+++ team/kpfleming/libasteriskssl/main/Makefile Sun Jan 22 09:09:21 2012
@@ -34,13 +34,11 @@
 OBJS+=../res/res_adsi.o
 endif
 
-ASTSSL_LIBS+=$(OPENSSL_LIB)
+ASTSSL_LIBS:=$(OPENSSL_LIB)
 AST_LIBS+=$(BKTR_LIB)
 AST_LIBS+=$(LIBXML2_LIB)
 AST_LIBS+=$(SQLITE3_LIB)
-ifeq ($(AST_ASTERISKSSL),no)
 AST_LIBS+=$(ASTSSL_LIBS)
-endif
 
 ifneq ($(findstring $(OSARCH), linux-gnu uclinux linux-uclibc linux-gnueabi kfreebsd-gnu linux-gnueabihf),)
   ifneq ($(findstring LOADABLE_MODULES,$(MENUSELECT_CFLAGS)),)

Modified: team/kpfleming/libasteriskssl/main/libasteriskssl.c
URL: http://svnview.digium.com/svn/asterisk/team/kpfleming/libasteriskssl/main/libasteriskssl.c?view=diff&rev=352089&r1=352088&r2=352089
==============================================================================
--- team/kpfleming/libasteriskssl/main/libasteriskssl.c (original)
+++ team/kpfleming/libasteriskssl/main/libasteriskssl.c Sun Jan 22 09:09:21 2012
@@ -1,7 +1,7 @@
 /*
  * Asterisk -- An open source telephony toolkit.
  *
- * Copyright (C) 2009, Digium, Inc.
+ * Copyright (C) 2009-2012, Digium, Inc.
  *
  * Russell Bryant <russell at digium.com>
  *
@@ -138,167 +138,6 @@
 {
 	/* we can't allow this to be called, ever */
 }
-
-/* if we are building the full Asterisk SSL wrapper library, a lot more
- * functions from libssl need to be wrapped.
- */
-#ifdef AST_ASTERISKSSL
-
-static int (*real_SSL_CTX_check_private_key)(const SSL_CTX *ctx);
-
-int SSL_CTX_check_private_key(const SSL_CTX *ctx)
-{
-	return real_SSL_CTX_check_private_key(ctx);
-}
-
-static int (*real_SSL_CTX_load_verify_locations)(SSL_CTX *ctx, const char *CAfile, const char *CApath);
-
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath)
-{
-	return real_SSL_CTX_load_verify_locations(ctx, CAfile, CApath);
-}
-
-static SSL_CTX *(*real_SSL_CTX_new)(const SSL_METHOD *method);
-
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *method)
-{
-	return real_SSL_CTX_new(method);
-}
-
-static int (*real_SSL_CTX_set_cipher_list)(SSL_CTX *ctx, const char *str);
-
-int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
-{
-	return real_SSL_CTX_set_cipher_list(ctx, str);
-}
-
-static int (*real_SSL_CTX_use_PrivateKey_file)(SSL_CTX *ctx, const char *file, int type);
-
-int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-{
-	return real_SSL_CTX_use_PrivateKey_file(ctx, file, type);
-}
-
-static int (*real_SSL_CTX_use_certificate_file)(SSL_CTX *ctx, const char *file, int type);
-
-int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
-{
-	return real_SSL_CTX_use_certificate_file(ctx, file, type);
-}
-
-static int (*real_SSL_accept)(SSL *ssl);
-
-int SSL_accept(SSL *ssl)
-{
-	return real_SSL_accept(ssl);
-}
-
-static int (*real_SSL_connect)(SSL *ssl);
-
-int SSL_connect(SSL *ssl)
-{
-	return real_SSL_connect(ssl);
-}
-
-static void (*real_SSL_free)(SSL *ssl);
-
-void SSL_free(SSL *ssl)
-{
-	return real_SSL_free(ssl);
-}
-
-static int (*real_SSL_get_error)(const SSL *ssl, int ret);
-
-int SSL_get_error(const SSL *ssl, int ret)
-{
-	return real_SSL_get_error(ssl, ret);
-}
-
-static int (*real_SSL_get_fd)(const SSL *ssl);
-
-int SSL_get_fd(const SSL *ssl)
-{
-	return real_SSL_get_fd(ssl);
-}
-
-static X509 *(*real_SSL_get_peer_certificate)(const SSL *ssl);
-
-X509 *SSL_get_peer_certificate(const SSL *ssl)
-{
-	return real_SSL_get_peer_certificate(ssl);
-}
-
-static long (*real_SSL_get_verify_result)(const SSL *ssl);
-
-long SSL_get_verify_result(const SSL *ssl)
-{
-	return real_SSL_get_verify_result(ssl);
-}
-
-static SSL *(*real_SSL_new)(SSL_CTX *ctx);
-
-SSL *SSL_new(SSL_CTX *ctx)
-{
-	return real_SSL_new(ctx);
-}
-
-static int (*real_SSL_read)(SSL *ssl, void *buf, int num);
-
-int SSL_read(SSL *ssl, void *buf, int num)
-{
-	return real_SSL_read(ssl, buf, num);
-}
-
-static int (*real_SSL_set_fd)(SSL *ssl, int fd);
-
-int SSL_set_fd(SSL *ssl, int fd)
-{
-	return real_SSL_set_fd(ssl, fd);
-}
-
-static int (*real_SSL_shutdown)(SSL *ssl);
-
-int SSL_shutdown(SSL *ssl)
-{
-	return real_SSL_shutdown(ssl);
-}
-
-static int (*real_SSL_write)(SSL *ssl, const void *buf, int num);
-
-int SSL_write(SSL *ssl, const void *buf, int num)
-{
-	return real_SSL_write(ssl, buf, num);
-}
-
-static const SSL_METHOD *(*real_SSLv23_client_method)(void);
-
-const SSL_METHOD *SSLv23_client_method(void)
-{
-	return real_SSLv23_client_method();
-}
-
-static const SSL_METHOD *(*real_SSLv23_server_method)(void);
-
-const SSL_METHOD *SSLv23_server_method(void)
-{
-	return real_SSLv23_server_method();
-}
-
-static const SSL_METHOD *(*real_SSLv3_client_method)(void);
-
-const SSL_METHOD *SSLv3_client_method(void)
-{
-	return real_SSLv3_client_method();
-}
-
-static const SSL_METHOD *(*real_TLSv1_client_method)(void);
-
-const SSL_METHOD *TLSv1_client_method(void)
-{
-	return real_TLSv1_client_method();
-}
-
-#endif /* AST_ASTERISKSSL */
 
 #endif /* HAVE_OPENSSL */
 
@@ -383,35 +222,6 @@
 	get_OpenSSL_function(ERR_load_BIO_strings);
 	real_ERR_load_BIO_strings();
 
-#ifdef AST_ASTERISKSSL
-	/* now retrieve the pointers to all the OpenSSL library functions used
-	 * by code in the main Asterisk binary, so that we can route them through
-	 * this library.
-	 */
-	get_OpenSSL_function(SSL_CTX_check_private_key);
-	get_OpenSSL_function(SSL_CTX_load_verify_locations);
-	get_OpenSSL_function(SSL_CTX_new);
-	get_OpenSSL_function(SSL_CTX_set_cipher_list);
-	get_OpenSSL_function(SSL_CTX_use_PrivateKey_file);
-	get_OpenSSL_function(SSL_CTX_use_certificate_file);
-	get_OpenSSL_function(SSL_accept);
-	get_OpenSSL_function(SSL_connect);
-	get_OpenSSL_function(SSL_free);
-	get_OpenSSL_function(SSL_get_error);
-	get_OpenSSL_function(SSL_get_fd);
-	get_OpenSSL_function(SSL_get_peer_certificate);
-	get_OpenSSL_function(SSL_get_verify_result);
-	get_OpenSSL_function(SSL_new);
-	get_OpenSSL_function(SSL_read);
-	get_OpenSSL_function(SSL_set_fd);
-	get_OpenSSL_function(SSL_shutdown);
-	get_OpenSSL_function(SSL_write);
-	get_OpenSSL_function(SSLv23_client_method);
-	get_OpenSSL_function(SSLv23_server_method);
-	get_OpenSSL_function(SSLv3_client_method);
-	get_OpenSSL_function(TLSv1_client_method);
-#endif /* AST_ASTERISKSSL */
-
 #if 0
 	/* currently this is just another call to SSL_library_init, so we don't call it */
 	OpenSSL_add_all_algorithms();

More information about the asterisk-commits mailing list