package/resiprocate: fix build with OpenSSL 3.x

Backport upstream commits needed for compatibility with OpenSSL 3.x. Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-07-16 15:12:05 +02:00 · 2023-07-16 15:12:05 +02:00 · 70a4016412
commit 70a4016412
parent 66d38cfcfd
3 changed files with 92 additions and 0 deletions
--- a/package/resiprocate/0002-rutil-OpenSSLInit-disable-use-of-legacy-OpenSSL-memo.patch
+++ b/package/resiprocate/0002-rutil-OpenSSLInit-disable-use-of-legacy-OpenSSL-memo.patch
@ -0,0 +1,39 @@
+From e7c33f4e078e6e5dfa7dea796fa4ffb88f48a37a Mon Sep 17 00:00:00 2001
+From: Daniel Pocock <daniel@pocock.pro>
+Date: Thu, 4 Aug 2022 10:55:30 +0200
+Subject: [PATCH] rutil: OpenSSLInit: disable use of legacy OpenSSL memory leak
+ checking with OpenSSL 3.0 and later
+
+Upstream:
+https://github.com/resiprocate/resiprocate/commit/e7c33f4e078e6e5dfa7dea796fa4ffb88f48a37a
+
+Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
+---
+ rutil/ssl/OpenSSLInit.cxx | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/rutil/ssl/OpenSSLInit.cxx b/rutil/ssl/OpenSSLInit.cxx
+index d42486f96b..65afed09fe 100644
+--- a/rutil/ssl/OpenSSLInit.cxx
+++ b/rutil/ssl/OpenSSLInit.cxx
+@@ -69,14 +69,19 @@ OpenSSLInit::OpenSSLInit()
+ 	CRYPTO_set_dynlock_lock_callback(::resip_OpenSSLInit_dynLockFunction);
+ #endif
+ 
+/* The OpenSSL memory leak checking has been deprecated since
+   OpenSSL v3.0.  OpenSSL developers recommend that we rely
+   on modern compilers to provide the same functionality. */
+ #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ 	CRYPTO_malloc_debug_init();
+ 	CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+-#else
+#elsif (OPENSSL_VERSION_NUMBER < 0x30000000L)
+ 	CRYPTO_set_mem_debug(1);
+ #endif
+ 
+#if (OPENSSL_VERSION_NUMBER < 0x30000000L) || defined(LIBRESSL_VERSION_NUMBER)
+ 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+#endif
+ 
+ 	SSL_library_init();
+ 	SSL_load_error_strings();
--- a/package/resiprocate/0003-rutil-fix-typo-in-preprocessor-condition.patch
+++ b/package/resiprocate/0003-rutil-fix-typo-in-preprocessor-condition.patch
@ -0,0 +1,26 @@
+From 53302195c339dfaa104788a50aa900a48dbff777 Mon Sep 17 00:00:00 2001
+From: Andrey Semashev <andrey.semashev@gmail.com>
+Date: Sat, 10 Sep 2022 12:15:06 +0200
+Subject: [PATCH] rutil: fix typo in preprocessor condition
+
+Upstream:
+https://github.com/resiprocate/resiprocate/commit/53302195c339dfaa104788a50aa900a48dbff777
+
+Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
+---
+ rutil/ssl/OpenSSLInit.cxx | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rutil/ssl/OpenSSLInit.cxx b/rutil/ssl/OpenSSLInit.cxx
+index 65afed09fe..0d87a9f9d8 100644
+--- a/rutil/ssl/OpenSSLInit.cxx
+++ b/rutil/ssl/OpenSSLInit.cxx
+@@ -75,7 +75,7 @@ OpenSSLInit::OpenSSLInit()
+ #if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
+ 	CRYPTO_malloc_debug_init();
+ 	CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+-#elsif (OPENSSL_VERSION_NUMBER < 0x30000000L)
+#elif (OPENSSL_VERSION_NUMBER < 0x30000000L)
+ 	CRYPTO_set_mem_debug(1);
+ #endif
+ 
--- a/package/resiprocate/0004-resip-stack-ssl-Security-cxx-remove-deprecated-OpenS.patch
+++ b/package/resiprocate/0004-resip-stack-ssl-Security-cxx-remove-deprecated-OpenS.patch
@ -0,0 +1,27 @@
+From 88f98702d908549d888aa7f0ee1b0763e09662b1 Mon Sep 17 00:00:00 2001
+From: Daniel Pocock <daniel@pocock.pro>
+Date: Thu, 4 Aug 2022 11:09:43 +0200
+Subject: [PATCH] resip/stack: ssl/Security.cxx: remove deprecated OpenSSL
+ ERR_GET_FUNC, not required
+
+Upstream:
+https://github.com/resiprocate/resiprocate/commit/88f98702d908549d888aa7f0ee1b0763e09662b1
+
+Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
+---
+ resip/stack/ssl/Security.cxx | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/resip/stack/ssl/Security.cxx b/resip/stack/ssl/Security.cxx
+index 75dc6d838a..23c2ebbf09 100644
+--- a/resip/stack/ssl/Security.cxx
+++ b/resip/stack/ssl/Security.cxx
+@@ -967,7 +967,7 @@ BaseSecurity::addPrivateKeyPEM( PEMType type,
+          char buffer[120];
+          unsigned long err = ERR_get_error();
+          ERR_error_string(err, buffer);
+-         if(ERR_GET_LIB(err) == ERR_LIB_EVP && ERR_GET_FUNC(err) == EVP_F_EVP_DECRYPTFINAL_EX && ERR_GET_REASON(err) == EVP_R_BAD_DECRYPT)
+         if(ERR_GET_LIB(err) == ERR_LIB_EVP && ERR_GET_REASON(err) == EVP_R_BAD_DECRYPT)
+          {
+             ErrLog(<< "Could not read private key (error=" << buffer << ") - likely incorrect password provided, may load correctly when transports are added with appropriate password");
+          }