Bug#828240: asterisk: FTBFS with openssl 1.1.0

Stepan Golosunov stepan at golosunov.pp.ru
Mon Nov 7 06:20:56 UTC 2016


06.11.2016 в 23:39:41 +0100 Bernhard Schmidt написал(а):
> On Sun, Nov 06, 2016 at 04:39:03PM +0400, Stepan Golosunov wrote:
> > 06.11.2016 в 16:18:32 +0400 Stepan Golosunov написал:

> > > #if defined(HAVE_OPENSSL) && OPENSSL_VERSION_NUMBER >= 0x10100000L
> > > /* No explicit initialization is needed with OpenSSL 1.1.0.
> > >    All the functions called or overridden in this file were removed. */
> > > #undef HAVE_OPENSSL
> > > #endif

> Thanks a lot, your suggestion together with 
> https://anonscm.debian.org/cgit/pkg-voip/asterisk.git/commit/?id=ec0143a92f4ced996be419bf49115be8f236e3ea
> 
> leads to something that builds and runs. Yay!
> 
> @Tzafrir: What do you think of this? Your patch is touching
> main/libasteriskssl.c as well, but Stepan suggested to drop even more. 

Note that code in ast_ssl_init would still call functions from
libssl1.0.2, even if compiled with OpenSSL 1.1.0 (but with the wrong
value for CRYPTO_num_locks(), 1 instead of 41). Or return -1 if
libssl.so.1.0.2 is not loaded.

(Though not running that code can be problematic if libssl1.0.2 is
not only loaded but actually used via some third library.)

And I suspect that OPENSSL_API_COMPAT is wrong value for conditional
compilation (it's not defined in OpenSSL 1.0.2 for example).



More information about the Pkg-voip-maintainers mailing list