<p>George Joseph <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/9057">View Change</a></p><div style="white-space:pre-wrap">Approvals:
Joshua Colp: Looks good to me, but someone else must approve
George Joseph: Looks good to me, approved; Approved for Submit
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">tcptls.h: Repair ./configure --with-ssl=PATH.<br><br>asterisk/tcptls.h was included (explicitly, implicitly, or transitively). Those<br>inclusions got replaced by forward declarations. As side effect, the inclusions<br>got completed.<br><br>ASTERISK-27878<br><br>Change-Id: I9d102728e30336d6522e5e4ae9e964013a0835f7<br>---<br>M include/asterisk/iostream.h<br>M include/asterisk/tcptls.h<br>M main/Makefile<br>M main/iostream.c<br>M main/tcptls.c<br>5 files changed, 71 insertions(+), 42 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/include/asterisk/iostream.h b/include/asterisk/iostream.h<br>index b4cdeb2..17376ea 100644<br>--- a/include/asterisk/iostream.h<br>+++ b/include/asterisk/iostream.h<br>@@ -25,21 +25,19 @@<br> * \brief Generic abstraction for input/output streams.<br> */<br> <br>+#include "asterisk.h" /* for size_t, ssize_t, HAVE_OPENSSL */<br>+<br> #if defined(HAVE_OPENSSL)<br> #define DO_SSL /* comment in/out if you want to support ssl */<br> #endif<br> <br>-#ifdef DO_SSL<br>-#include <openssl/ssl.h><br>-#include <openssl/err.h><br>-#include <openssl/x509v3.h><br>-#else<br>-/* declare dummy types so we can define a pointer to them */<br>-typedef struct {} SSL;<br>-typedef struct {} SSL_CTX;<br>-#endif /* DO_SSL */<br>+struct ssl_st; /* forward declaration */<br>+struct ssl_ctx_st; /* forward declaration */<br>+struct timeval; /* forward declaration */<br>+typedef struct ssl_st SSL;<br>+typedef struct ssl_ctx_st SSL_CTX;<br> <br>-struct ast_iostream;<br>+struct ast_iostream; /* forward declaration */<br> <br> /*!<br> * \brief Disable the iostream timeout timer.<br>diff --git a/include/asterisk/tcptls.h b/include/asterisk/tcptls.h<br>index 9cf9fd6..0a6e25e 100644<br>--- a/include/asterisk/tcptls.h<br>+++ b/include/asterisk/tcptls.h<br>@@ -46,18 +46,20 @@<br> * be run earlier in the startup process so modules have it available.<br> *<br> * \ref AstTlsOverview<br>- *<br>- * \todo For SIP, the SubjectAltNames should be checked on verification<br>- * of the certificate. (Check RFC 5922)<br>- *<br> */<br> <br> #ifndef _ASTERISK_TCPTLS_H<br> #define _ASTERISK_TCPTLS_H<br> <br>-#include "asterisk/netsock2.h"<br>-#include "asterisk/utils.h"<br>+#include <pthread.h> /* for pthread_t */<br>+#include <sys/param.h> /* for MAXHOSTNAMELEN */<br>+<br> #include "asterisk/iostream.h"<br>+#include "asterisk/netsock2.h" /* for ast_sockaddr */<br>+#include "asterisk/utils.h" /* for ast_flags */<br>+<br>+struct ssl_ctx_st; /* forward declaration */<br>+typedef struct ssl_ctx_st SSL_CTX;<br> <br> /*! SSL support */<br> #define AST_CERTFILE "asterisk.pem"<br>diff --git a/main/Makefile b/main/Makefile<br>index 393ad1a..5f02937 100644<br>--- a/main/Makefile<br>+++ b/main/Makefile<br>@@ -306,6 +306,7 @@<br> <br> endif<br> <br>+iostream.o: _ASTCFLAGS+=$(OPENSSL_INCLUDE)<br> tcptls.o: _ASTCFLAGS+=$(OPENSSL_INCLUDE) -Wno-deprecated-declarations<br> <br> $(MAIN_TGT): $(OBJS) $(MOD_OBJS) $(ASTSSL_LIB) $(ASTPJ_LIB)<br>diff --git a/main/iostream.c b/main/iostream.c<br>index 4cddd43..58c7f1e 100644<br>--- a/main/iostream.c<br>+++ b/main/iostream.c<br>@@ -18,12 +18,23 @@<br> <br> #include "asterisk.h"<br> <br>-#include <fcntl.h><br>-#include <stdarg.h><br>+#include "asterisk/iostream.h" /* for DO_SSL */<br> <br>-#include "asterisk/utils.h"<br>-#include "asterisk/astobj2.h"<br>-#include "asterisk/iostream.h"<br>+#include <fcntl.h> /* for O_NONBLOCK */<br>+#ifdef DO_SSL<br>+#include <openssl/err.h> /* for ERR_error_string */<br>+#include <openssl/opensslv.h> /* for OPENSSL_VERSION_NUMBER */<br>+#include <openssl/ssl.h> /* for SSL_get_error, SSL_free, SSL_... */<br>+#endif<br>+#include <sys/socket.h> /* for shutdown, SHUT_RDWR */<br>+#include <sys/time.h> /* for timeval */<br>+<br>+#include "asterisk/astobj2.h" /* for ao2_alloc_options, ao2_alloc_... */<br>+#include "asterisk/logger.h" /* for ast_debug, ast_log, LOG_ERROR */<br>+#include "asterisk/strings.h" /* for asterisk/threadstorage.h */<br>+#include "asterisk/threadstorage.h" /* for ast_threadstorage_get, AST_TH... */<br>+#include "asterisk/time.h" /* for ast_remaining_ms, ast_tvnow */<br>+#include "asterisk/utils.h" /* for ast_wait_for_input, ast_wait_... */<br> <br> struct ast_iostream {<br> SSL *ssl;<br>diff --git a/main/tcptls.c b/main/tcptls.c<br>index 8ffeabb..8507391 100644<br>--- a/main/tcptls.c<br>+++ b/main/tcptls.c<br>@@ -25,31 +25,48 @@<br> * \author Brett Bryant <brettbryant@gmail.com><br> */<br> <br>-/*** MODULEINFO<br>- <use type="external">openssl</use><br>- <support_level>core</support_level><br>- ***/<br>-<br> #include "asterisk.h"<br> <br>+#include "asterisk/tcptls.h" /* for ast_tls_config, ast_tcptls_se... */<br>+#include "asterisk/iostream.h" /* for DO_SSL, ast_iostream_close, a... */<br>+<br> #ifdef HAVE_FCNTL_H<br>-#include <fcntl.h><br>-#endif<br>+#include <fcntl.h> /* for O_NONBLOCK */<br>+#endif /* HAVE_FCNTL_H */<br>+#include <netinet/in.h> /* for IPPROTO_TCP */<br>+#ifdef DO_SSL<br>+#include <openssl/asn1.h> /* for ASN1_STRING_to_UTF8 */<br>+#include <openssl/crypto.h> /* for OPENSSL_free */<br>+#include <openssl/opensslconf.h> /* for OPENSSL_NO_SSL3_METHOD, OPENS... */<br>+#include <openssl/opensslv.h> /* for OPENSSL_VERSION_NUMBER */<br>+#include <openssl/safestack.h> /* for STACK_OF */<br>+#include <openssl/ssl.h> /* for SSL_CTX_free, SSL_get_error, ... */<br>+#include <openssl/x509.h> /* for X509_free, X509_NAME_ENTRY_ge... */<br>+#include <openssl/x509v3.h> /* for GENERAL_NAME, sk_GENERAL_NAME... */<br>+#ifndef OPENSSL_NO_DH<br>+#include <openssl/bio.h> /* for BIO_free, BIO_new_file */<br>+#include <openssl/dh.h> /* for DH_free */<br>+#include <openssl/pem.h> /* for PEM_read_bio_DHparams */<br>+#endif /* OPENSSL_NO_DH */<br>+#ifndef OPENSSL_NO_EC<br>+#include <openssl/ec.h> /* for EC_KEY_free, EC_KEY_new_by_cu... */<br>+#endif /* OPENSSL_NO_EC */<br>+#endif /* DO_SSL */<br>+#include <pthread.h> /* for pthread_cancel, pthread_join */<br>+#include <signal.h> /* for pthread_kill, SIGURG */<br>+#include <sys/socket.h> /* for setsockopt, shutdown, socket */<br>+#include <sys/stat.h> /* for stat */<br> <br>-#include <signal.h><br>-#include <sys/stat.h><br>-<br>-#include "asterisk/compat.h"<br>-#include "asterisk/tcptls.h"<br>-#include "asterisk/io.h"<br>-#include "asterisk/http.h"<br>-#include "asterisk/utils.h"<br>-#include "asterisk/strings.h"<br>-#include "asterisk/options.h"<br>-#include "asterisk/manager.h"<br>-#include "asterisk/astobj2.h"<br>-#include "asterisk/pbx.h"<br>-#include "asterisk/app.h"<br>+#include "asterisk/app.h" /* for ast_read_textfile */<br>+#include "asterisk/astobj2.h" /* for ao2_ref, ao2_t_ref, ao2_alloc */<br>+#include "asterisk/compat.h" /* for strcasecmp */<br>+#include "asterisk/config.h" /* for ast_parse_arg, ast_parse_flag... */<br>+#include "asterisk/io.h" /* for ast_sd_get_fd */<br>+#include "asterisk/lock.h" /* for AST_PTHREADT_NULL */<br>+#include "asterisk/logger.h" /* for ast_log, LOG_ERROR, ast_debug */<br>+#include "asterisk/netsock2.h" /* for ast_sockaddr_copy, ast_sockad... */<br>+#include "asterisk/pbx.h" /* for ast_thread_inhibit_escalations */<br>+#include "asterisk/utils.h" /* for ast_true, ast_free, ast_wait_... */<br> <br> static void session_instance_destructor(void *obj)<br> {<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/9057">change 9057</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/9057"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: I9d102728e30336d6522e5e4ae9e964013a0835f7 </div>
<div style="display:none"> Gerrit-Change-Number: 9057 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@digium.com> </div>