[sr-dev] git:4.0:0bb77356: tls: proper check of libssl versions used for compilation and available on system

Victor Seva linuxmaniac at torreviejawireless.org
Wed Sep 28 17:43:06 CEST 2016 

Module: kamailio
Branch: 4.0
Commit: 0bb773561c8b41e770edb926cedc0968fa8b3ac2
URL: https://github.com/kamailio/kamailio/commit/0bb773561c8b41e770edb926cedc0968fa8b3ac2

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Victor Seva <linuxmaniac at torreviejawireless.org>
Date: 2016-09-28T17:39:00+02:00

tls: proper check of libssl versions used for compilation and available on system

- shift out the last 12bits, being the patch version and status (see man
  SSLeay)
- reported by Victor Seva, GH #662

(cherry picked from commit c38b4c7345a6806f48a0cdb07841e10bc962e1bf)
(cherry picked from commit 253909bf673c0a59e7adf578bb5df73eb157d0f2)
(cherry picked from commit 5632abc108bf8ed8157a77806ea80b962db3fa4f)
(cherry picked from commit 0a5f99b28d01d79cf2675df6d2a6220167e2476e)
(cherry picked from commit 35c30994c4c9ed7ffa78224b37af5ec972c7ca61)

---

Modified: modules/tls/tls_init.c

---

Diff:  https://github.com/kamailio/kamailio/commit/0bb773561c8b41e770edb926cedc0968fa8b3ac2.diff
Patch: https://github.com/kamailio/kamailio/commit/0bb773561c8b41e770edb926cedc0968fa8b3ac2.patch

---

diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
index b629afa..e02f07d 100644
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -503,8 +503,10 @@ int init_tls_h(void)
 #endif
 	ssl_version=SSLeay();
 	/* check if version have the same major minor and fix level
-	 * (e.g. 0.9.8a & 0.9.8c are ok, but 0.9.8 and 0.9.9x are not) */
-	if ((ssl_version>>8)!=(OPENSSL_VERSION_NUMBER>>8)){
+	 * (e.g. 0.9.8a & 0.9.8c are ok, but 0.9.8 and 0.9.9x are not)
+	 * - values is represented as 0xMMNNFFPPS: major minor fix patch status
+	 *   0x00090705f == 0.9.7e release */
+	if ((ssl_version>>12)!=(OPENSSL_VERSION_NUMBER>>12)){
 		LOG(L_CRIT, "ERROR: tls: init_tls_h: installed openssl library "
 				"version is too different from the library the ser tls module "
 				"was compiled with: installed \"%s\" (0x%08lx), compiled "

More information about the sr-dev mailing list