<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1006/">https://reviewboard.asterisk.org/r/1006/</a>
</td>
</tr>
</table>
<br />
<pre style="white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">If you want to build this code, please pull it from:
http://svn.asterisk.org/svn/asterisk/team/libasteriskssl
Grabbing the patch from ReviewBoard won't result in a buildable and linkable tree, due to limitations of what the patch and ReviewBoard can handle.</pre>
<br />
<p>- Kevin</p>
<br />
<p>On January 18th, 2012, 3:03 p.m., Kevin Fleming wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By Kevin Fleming.</div>
<p style="color: grey;"><i>Updated Jan. 18, 2012, 3:03 p.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">During the devcon after AstriCon 2010, we got a report that using PostgreSQL from within Asterisk, when the PostgreSQL connections are configured to use SSL/TLS to connect to the database server, can cause random crashes and other bizarre behavior. The reporter said this was known to be an issue with some other packages as well (notably Kamailio), and had to do with both Asterisk and the PostgreSQL libraries assuming they "owned" the OpenSSL libraries in the process' memory space, and thus calling initialization code twice (or worse).
This patch addresses this problem by using dynamic linker functionality to *wrap* the real OpenSSL initialization functions (and some other dangerous ones) with versions that don't actually do anything, and then calling the real ones only *one* time during Asterisk startup. To make this work, the SSL functionality that is normally built into the main Asterisk binary now must be built into a dynamic library (libasteriskssl.so), which is installed into the standard dynamic library location on the system (this is *not* an Asterisk loadable module, just a regular dynamic library).
As part of this patch, the usage of ASTLIBDIR throughout the build system to refer to the directory where Asterisk loadable modules are installed was changed to ASTMODDIR (which matches how it is referred to in the source code and in asterisk.conf), and a new definition of ASTLIBDIR was created to point to the system's dynamic library directory.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Compiles and runs on Linux x86-64 with no apparent change in behavior. The Makefile bits to install libasteriskssl.so in the right place will probably have to be checked by Solaris, Darwin and *BSD users to get them right.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/trunk/Makefile.moddir_rules <span style="color: grey">(351448)</span></li>
<li>/trunk/build_tools/make_defaults_h <span style="color: grey">(351448)</span></li>
<li>/trunk/build_tools/mkpkgconfig <span style="color: grey">(351448)</span></li>
<li>/trunk/configure <span style="color: grey">(UNKNOWN)</span></li>
<li>/trunk/configure.ac <span style="color: grey">(351448)</span></li>
<li>/trunk/include/asterisk.h <span style="color: grey">(351448)</span></li>
<li>/trunk/include/asterisk/optional_api.h <span style="color: grey">(351448)</span></li>
<li>/trunk/main/Makefile <span style="color: grey">(351448)</span></li>
<li>/trunk/main/ssl.c <span style="color: grey">(351409)</span></li>
<li>/trunk/main/ssl.c <span style="color: grey">(351448)</span></li>
<li>/trunk/makeopts.in <span style="color: grey">(351448)</span></li>
<li>/trunk/Makefile <span style="color: grey">(351448)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1006/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>