mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-01-11 18:05:37 +00:00
Code Issues 1 Projects Releases Wiki Activity

dtls: Disable OpenSSL 3.0 deprecation warnings for now

Browse source 
Fedora 36 ships with OpenSSL 3.0, which deprecates all low-level APIs,
so this code needs to be rewritten. There is no easy fix in the
porting guide, and it recommends disabling the warnings if you can't
use the high-level API.

https://wiki.openssl.org/index.php/OpenSSL_3.0#Upgrading_to_OpenSSL_3.0_from_OpenSSL_1.1.1

Here's the replacement API:

https://www.openssl.org/docs/man3.0/man7/migration_guide.html#Deprecated-low-level-object-creation

Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/2818>
This commit is contained in:
Nirbheek Chauhan 2022-05-25 16:03:22 +05:30 committed by Tim-Philipp Müller
parent ba06a8a79d
commit a93b5f06f1
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
subprojects/gst-plugins-bad/ext/dtls/gstdtlscertificate.c
View file

@ -221,14 +221,24 @@ init_generated (GstDtlsCertificate * self)
#if OPENSSL_VERSION_NUMBER < 0x10100001L #if OPENSSL_VERSION_NUMBER < 0x10100001L
rsa = RSA_generate_key (2048, RSA_F4, NULL, NULL); rsa = RSA_generate_key (2048, RSA_F4, NULL, NULL);
#else #else
/*
* OpenSSL 3.0 deprecated all low-level APIs, so we need to rewrite this code
* to get rid of the warnings. The porting guide explicitly recommends
* disabling the warnings if this is not feasible, so let's do that for now:
* https://wiki.openssl.org/index.php/OpenSSL_3.0#Upgrading_to_OpenSSL_3.0_from_OpenSSL_1.1.1
*/
G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
rsa = RSA_new (); rsa = RSA_new ();
G_GNUC_END_IGNORE_DEPRECATIONS;
if (rsa != NULL) { if (rsa != NULL) {
BIGNUM *e = BN_new (); BIGNUM *e = BN_new ();
G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
if (e == NULL || !BN_set_word (e, RSA_F4) if (e == NULL || !BN_set_word (e, RSA_F4)
|| !RSA_generate_key_ex (rsa, 2048, e, NULL)) { || !RSA_generate_key_ex (rsa, 2048, e, NULL)) {
RSA_free (rsa); RSA_free (rsa);
rsa = NULL; rsa = NULL;
} }
G_GNUC_END_IGNORE_DEPRECATIONS;
if (e) if (e)
BN_free (e); BN_free (e);
} }
@ -236,16 +246,20 @@ init_generated (GstDtlsCertificate * self)
if (!rsa) { if (!rsa) {
GST_WARNING_OBJECT (self, "failed to generate RSA"); GST_WARNING_OBJECT (self, "failed to generate RSA");
G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
EVP_PKEY_free (priv->private_key); EVP_PKEY_free (priv->private_key);
G_GNUC_END_IGNORE_DEPRECATIONS;
priv->private_key = NULL; priv->private_key = NULL;
X509_free (priv->x509); X509_free (priv->x509);
priv->x509 = NULL; priv->x509 = NULL;
return; return;
} }
G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
if (!EVP_PKEY_assign_RSA (priv->private_key, rsa)) { if (!EVP_PKEY_assign_RSA (priv->private_key, rsa)) {
GST_WARNING_OBJECT (self, "failed to assign RSA"); GST_WARNING_OBJECT (self, "failed to assign RSA");
RSA_free (rsa); RSA_free (rsa);
G_GNUC_END_IGNORE_DEPRECATIONS;
rsa = NULL; rsa = NULL;
EVP_PKEY_free (priv->private_key); EVP_PKEY_free (priv->private_key);
priv->private_key = NULL; priv->private_key = NULL;
@ -259,7 +273,9 @@ init_generated (GstDtlsCertificate * self)
/* Set a random 64 bit integer as serial number */ /* Set a random 64 bit integer as serial number */
serial_number = BN_new (); serial_number = BN_new ();
G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
BN_pseudo_rand (serial_number, 64, 0, 0); BN_pseudo_rand (serial_number, 64, 0, 0);
G_GNUC_END_IGNORE_DEPRECATIONS;
asn1_serial_number = X509_get_serialNumber (priv->x509); asn1_serial_number = X509_get_serialNumber (priv->x509);
BN_to_ASN1_INTEGER (serial_number, asn1_serial_number); BN_to_ASN1_INTEGER (serial_number, asn1_serial_number);
BN_free (serial_number); BN_free (serial_number);