[sr-dev] git:4.4:406c02f7: tls: do kerberos and zlib init checks only for libssl < 1.1.0

Daniel-Constantin Mierla miconda at gmail.com
Fri Mar 31 13:01:49 CEST 2017 

Module: kamailio
Branch: 4.4
Commit: 406c02f7b76ada56d6e1f73e763fecb05c1f51c5
URL: https://github.com/kamailio/kamailio/commit/406c02f7b76ada56d6e1f73e763fecb05c1f51c5

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2017-03-31T13:01:24+02:00

tls: do kerberos and zlib init checks only for libssl < 1.1.0

- using string matching inside libssl compile flags is no longer
  reliable
- reported by GH #1050

(cherry picked from commit e59fa823b7b9513d3d1adb958d5e8ec055082d83)
(cherry picked from commit b12ac4ea9efae41b83a2664ea4f25b1d59bc2032)

---

Modified: modules/tls/tls_init.c

---

Diff:  https://github.com/kamailio/kamailio/commit/406c02f7b76ada56d6e1f73e763fecb05c1f51c5.diff
Patch: https://github.com/kamailio/kamailio/commit/406c02f7b76ada56d6e1f73e763fecb05c1f51c5.patch

---

diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c
index af2d4c5..133bc7f 100644
--- a/modules/tls/tls_init.c
+++ b/modules/tls/tls_init.c
@@ -563,11 +563,13 @@ int init_tls_h(void)
 {
 	/*struct socket_info* si;*/
 	long ssl_version;
+#if OPENSSL_VERSION_NUMBER < 0x010100000L
 	int lib_kerberos;
 	int lib_zlib;
 	int kerberos_support;
 	int comp_support;
 	const char* lib_cflags;
+#endif
 	int low_mem_threshold1;
 	int low_mem_threshold2;
 	str tls_grp;
@@ -603,6 +605,10 @@ int init_tls_h(void)
 		else
 			return -1; /* safer to exit */
 	}
+
+/* check kerberos support using compile flags only for version < 1.1.0 */
+#if OPENSSL_VERSION_NUMBER < 0x010100000L
+
 #ifdef TLS_KERBEROS_SUPPORT
 	kerberos_support=1;
 #else
@@ -672,6 +678,9 @@ int init_tls_h(void)
 			" kerberos support will be disabled...\n");
 	}
 	#endif
+
+#endif /* libssl version < 1.1.0 (OPENSSL_VERSION_NUMBER < 0x010100000L) */
+
 	/* set free memory threshold for openssl bug #1491 workaround */
 	low_mem_threshold1 = cfg_get(tls, tls_cfg, low_mem_threshold1);
 	low_mem_threshold2 = cfg_get(tls, tls_cfg, low_mem_threshold2);

More information about the sr-dev mailing list