Module: kamailio
Branch: master
Commit: 8d84c6210fa7071d3ea96f219d486cc1b41dc119
URL: 
https://github.com/kamailio/kamailio/commit/8d84c6210fa7071d3ea96f219d486cc1b41dc119

Author: Morten Tryfoss <mor...@tryfoss.no>
Committer: Daniel-Constantin Mierla <mico...@gmail.com>
Date: 2023-10-11T13:19:04+02:00

cdp: Disable TLS support for openssl versions older than 1.1.0

---

Modified: src/modules/cdp/cdp_mod.c
Modified: src/modules/cdp/cdp_tls.c
Modified: src/modules/cdp/receiver.c

---

Diff:  
https://github.com/kamailio/kamailio/commit/8d84c6210fa7071d3ea96f219d486cc1b41dc119.diff
Patch: 
https://github.com/kamailio/kamailio/commit/8d84c6210fa7071d3ea96f219d486cc1b41dc119.patch

---

diff --git a/src/modules/cdp/cdp_mod.c b/src/modules/cdp/cdp_mod.c
index d63e5206d90..5f776f57a1f 100644
--- a/src/modules/cdp/cdp_mod.c
+++ b/src/modules/cdp/cdp_mod.c
@@ -239,6 +239,7 @@ static int cdp_init(void)
                return 1;
        }
 
+       #if OPENSSL_VERSION_NUMBER >= 0x10100000L
        if(enable_tls) {
                init_ssl_methods();
                method = tls_parse_method(&tls_method);
@@ -247,6 +248,12 @@ static int cdp_init(void)
                        return -1;
                }
        }
+       #else
+       if(enable_tls) {
+               LM_ERR("TLS requires openssl 1.1.0 or newer\n");
+               return -1;
+       }
+       #endif
 
        register_procs(2 + config->workers + 2 * config->peers_cnt);
        cfg_register_child(2 + config->workers + 2 * config->peers_cnt);
diff --git a/src/modules/cdp/cdp_tls.c b/src/modules/cdp/cdp_tls.c
index 6c7fb9a1f45..903445b676d 100644
--- a/src/modules/cdp/cdp_tls.c
+++ b/src/modules/cdp/cdp_tls.c
@@ -1,3 +1,4 @@
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
 #include "cdp_tls.h"
 
 cfg_option_t methods[] = {{"TLSv1", .val = TLS_USE_TLSv1},
@@ -255,3 +256,4 @@ int to_ssl(SSL_CTX **tls_ctx_p, SSL **tls_conn_p, int 
tcp_sock, int method)
        }
        return 0;
 }
+#endif
\ No newline at end of file
diff --git a/src/modules/cdp/receiver.c b/src/modules/cdp/receiver.c
index 3c6223a758a..0a15ce3aaeb 100644
--- a/src/modules/cdp/receiver.c
+++ b/src/modules/cdp/receiver.c
@@ -813,10 +813,12 @@ int receive_loop(peer *original_peer)
                                                                p->R_sock = fd;
                                                        }
 
+                                                       #if 
OPENSSL_VERSION_NUMBER >= 0x10100000L
                                                        if(enable_tls) {
                                                                
to_ssl(&sp2->tls_ctx, &sp2->tls_conn,
                                                                                
sp->tcp_socket, method);
                                                        }
+                                                       #endif
                                                } else {
                                                        sp2 = 
add_serviced_peer(NULL);
                                                        if(!sp2) {
@@ -824,10 +826,12 @@ int receive_loop(peer *original_peer)
                                                                continue;
                                                        }
                                                        sp2->tcp_socket = fd;
+                                                       #if 
OPENSSL_VERSION_NUMBER >= 0x10100000L
                                                        if(enable_tls) {
                                                                
to_ssl(&sp2->tls_ctx, &sp2->tls_conn,
                                                                                
sp->tcp_socket, method);
                                                        }
+                                                       #endif
                                                }
                                        }
                                }
@@ -879,7 +883,9 @@ int receive_loop(peer *original_peer)
                                                                                
sp->p ? sp->p->fqdn.s : "",
                                                                                
sp->tcp_socket, strerror(errno));
                                                                
AAAFreeMessage(&msg);
+                                                               #if 
OPENSSL_VERSION_NUMBER >= 0x10100000L
                                                                
cleanup_ssl(sp->tls_ctx, sp->tls_conn);
+                                                               #endif
                                                                
close(sp->tcp_socket);
                                                                goto drop_peer;
                                                        }
@@ -892,7 +898,9 @@ int receive_loop(peer *original_peer)
                                                                                
sp->p ? sp->p->fqdn.s : "",
                                                                                
sp->tcp_socket, cnt, msg->buf.len);
                                                                
AAAFreeMessage(&msg);
+                                                               #if 
OPENSSL_VERSION_NUMBER >= 0x10100000L
                                                                
cleanup_ssl(sp->tls_ctx, sp->tls_conn);
+                                                               #endif
                                                                
close(sp->tcp_socket);
                                                                goto drop_peer;
                                                        }

_______________________________________________
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org

Reply via email to