From 92ef8a6fe1fe2adb79f1e928ffaf909e9afade67 Mon Sep 17 00:00:00 2001 From: "Kevin P. Fleming" Date: Mon, 30 Jan 2012 21:21:16 +0000 Subject: [PATCH] Address OpenSSL initialization issues when using third-party libraries. When Asterisk is used with various third-party libraries (CURL, PostgresSQL, many others) that have the ability themselves to use OpenSSL, it is possible for conflicts to arise in how the OpenSSL libraries are initialized and shutdown. This patch addresses these conflicts by 'wrapping' the important functions from the OpenSSL libraries in a new shared library that is part of Asterisk itself, and is loaded in such a way as to ensure that *all* calls to these functions will be dispatched through the Asterisk wrapper functions, not the native functions. This new library is optional, but enabled by default. See the CHANGES file for documentation on how to disable it. Along the way, this patch also makes a few other minor changes: * Changes MODULES_DIR to ASTMODDIR throughout the build system, in order to more closely match what is used during run-time configuration. * Corrects some errors in the configure script where AC_CHECK_TOOLS was used instead of AC_PATH_PROG. * Adds a new variable for linker flags in the build system (DYLINK), used for producing true shared libraries (as opposed to the dynamically loadable modules that the build system produces for 'regular' Asterisk modules). * Moves the Makefile bits that handle installation and uninstallation of the main Asterisk binary into main/Makefile from the top-level Makefile. * Moves a couple of useful preprocessor macros from optional_api.h to asterisk.h. Review: https://reviewboard.asterisk.org/r/1006/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353317 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- CHANGES | 9 +- Makefile | 102 +++++---- Makefile.moddir_rules | 2 +- build_tools/make_defaults_h | 2 +- build_tools/mkpkgconfig | 2 +- configure | 355 +++++++++++++------------------- configure.ac | 57 ++--- include/asterisk.h | 4 + include/asterisk/optional_api.h | 3 - main/Makefile | 101 +++++++-- main/libasteriskssl.c | 235 +++++++++++++++++++++ main/libasteriskssl.exports.in | 4 + main/ssl.c | 100 --------- makeopts.in | 4 + 14 files changed, 586 insertions(+), 394 deletions(-) create mode 100644 main/libasteriskssl.c create mode 100644 main/libasteriskssl.exports.in delete mode 100644 main/ssl.c diff --git a/CHANGES b/CHANGES index 7beaa46b3e..2f52855d7d 100644 --- a/CHANGES +++ b/CHANGES @@ -16,6 +16,13 @@ Core ---- * The expression parser now recognizes the ABS() absolute value function, which will convert negative floating point values to positive values. + * The Asterisk build system will now build and install a shared library + (libasteriskssl.so) used to wrap various initialization and shutdown functions + from the libssl and libcrypto libraries provided by OpenSSL. This is done so + that Asterisk can ensure that these functions do *not* get called by any + modules that are loaded into Asterisk, since they should only be called once + in any single process. If desired, this feature can be disabled by supplying + the "--disable-asteriskssl" option to the configure script. CLI Changes ------------------- @@ -89,7 +96,7 @@ Parking ------------ * New per parking lot options: comebackcontext and comebackdialtime. See configs/features.conf.sample for more details. - + * Channel variable PARKER is now set when comebacktoorigin is disabled in a parking lot. diff --git a/Makefile b/Makefile index e1abdd50b4..a2c4fc9c74 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # # Asterisk -- A telephony toolkit for Linux. -# +# # Top level Makefile # # Copyright (C) 1999-2010, Digium, Inc. @@ -19,8 +19,10 @@ # _ASTLDFLAGS - linker flags (not libraries) provided by the build system # LIBS - additional libraries, at top-level for all links, # on a single object just for that object -# SOLINK - linker flags used only for creating shared objects (.so files), -# used for all .so links +# SOLINK - linker flags used only for creating dynamically loadable modules +# as .so files +# DYLINK - linker flags used only for creating shared libaries +# (.so files on Unix-type platforms, .dylib on Darwin) # # Values for ASTCFLAGS and ASTLDFLAGS can be specified in the # environment when running make, as follows: @@ -49,13 +51,13 @@ export DESTDIR export INSTALL_PATH # Additional prefix for the following paths export ASTETCDIR # Path for config files export ASTVARRUNDIR -export MODULES_DIR export ASTSPOOLDIR export ASTVARLIBDIR export ASTDATADIR export ASTDBDIR export ASTLOGDIR export ASTLIBDIR +export ASTMODDIR export ASTMANDIR export ASTHEADERDIR export ASTSBINDIR @@ -71,7 +73,9 @@ export MENUSELECT_CFLAGS # Options selected in menuselect. export AST_DEVMODE # Set to "yes" for additional compiler # and runtime checks -export SOLINK # linker flags for shared objects +export _SOLINK # linker flags for all shared objects +export SOLINK # linker flags for loadable modules +export DYLINK # linker flags for shared libraries export STATIC_BUILD # Additional cflags, set to -static # for static builds. Probably # should go directly to ASTLDFLAGS @@ -90,6 +94,8 @@ export AWK export GREP export MD5 export WGET_EXTRA_ARGS +export LDCONFIG +export LDCONFIG_FLAGS # even though we could use '-include makeopts' here, use a wildcard # lookup anyway, so that make won't try to build makeopts if it doesn't @@ -129,7 +135,6 @@ DEBUG=-g3 # Asterisk.conf is located in ASTETCDIR or by using the -C flag # when starting Asterisk ASTCONFPATH=$(ASTETCDIR)/asterisk.conf -MODULES_DIR=$(ASTLIBDIR)/modules AGI_DIR=$(ASTDATADIR)/agi-bin # If you use Apache, you may determine by a grep 'DocumentRoot' of your httpd.conf file @@ -150,7 +155,7 @@ LINKER_SYMBOL_PREFIX= # If the file .asterisk.makeopts is present in your home directory, you can # include all of your favorite menuselect options so that every time you download -# a new version of Asterisk, you don't have to run menuselect to set them. +# a new version of Asterisk, you don't have to run menuselect to set them. # The file /etc/asterisk.makeopts will also be included but can be overridden # by the file in your home directory. @@ -190,10 +195,12 @@ ifeq ($(OSARCH),linux-gnu) ifeq ($(SUB_PROC),xscale) OPTIONS+=-fsigned-char -mcpu=xscale else - OPTIONS+=-fsigned-char + OPTIONS+=-fsigned-char endif endif endif + # flag to tell 'ldconfig' to only process specified directories + LDCONFIG_FLAGS=-n endif ifeq ($(findstring -save-temps,$(_ASTCFLAGS) $(ASTCFLAGS)),) @@ -214,7 +221,7 @@ ifeq ($(AST_DEVMODE),yes) _ASTCFLAGS+=-Wunused _ASTCFLAGS+=$(AST_DECLARATION_AFTER_STATEMENT) _ASTCFLAGS+=$(AST_FORTIFY_SOURCE) - _ASTCFLAGS+=-Wundef + _ASTCFLAGS+=-Wundef _ASTCFLAGS+=-Wmissing-format-attribute _ASTCFLAGS+=-Wformat=2 ADDL_TARGETS+=validate-docs @@ -247,6 +254,8 @@ ifeq ($(OSARCH),FreeBSD) # -V is understood by BSD Make, not by GNU make. BSDVERSION=$(shell make -V OSVERSION -f /usr/share/mk/bsd.port.subdir.mk) _ASTCFLAGS+=$(shell if test $(BSDVERSION) -lt 500016 ; then echo "-D_THREAD_SAFE"; fi) + # flag to tell 'ldconfig' to only process specified directories + LDCONFIG_FLAGS=-m endif ifeq ($(OSARCH),NetBSD) @@ -287,14 +296,17 @@ MOD_SUBDIRS_MENUSELECT_TREE:=$(MOD_SUBDIRS:%=%-menuselect-tree) ifneq ($(findstring darwin,$(OSARCH)),) _ASTCFLAGS+=-D__Darwin__ - SOLINK=-bundle -Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace + _SOLINK=-Xlinker -macosx_version_min -Xlinker 10.4 -Xlinker -undefined -Xlinker dynamic_lookup -force_flat_namespace ifeq ($(shell if test `/usr/bin/sw_vers -productVersion | cut -c4` -gt 5; then echo 6; else echo 0; fi),6) - SOLINK+=/usr/lib/bundle1.o + _SOLINK+=/usr/lib/bundle1.o endif + SOLINK=-bundle $(_SOLINK) + DYLINK=-Xlinker -dylib $(_SOLINK) _ASTLDFLAGS+=-L/usr/local/lib else # These are used for all but Darwin SOLINK=-shared + DYLINK=$(SOLINK) ifneq ($(findstring BSD,$(OSARCH)),) _ASTLDFLAGS+=-L/usr/local/lib endif @@ -302,10 +314,12 @@ endif ifeq ($(OSARCH),SunOS) SOLINK=-shared -fpic -L/usr/local/ssl/lib -lrt + DYLINK=$(SOLINK) endif ifeq ($(OSARCH),OpenBSD) SOLINK=-shared -fpic + DYLINK=$(SOLINK) endif # comment to print directories during submakes @@ -339,12 +353,12 @@ else endif all: _cleantest_all - @echo " +--------- Asterisk Build Complete ---------+" - @echo " + Asterisk has successfully been built, and +" + @echo " +--------- Asterisk Build Complete ---------+" + @echo " + Asterisk has successfully been built, and +" @echo " + can be installed by running: +" @echo " + +" - @echo " + $(mK) install +" - @echo " +-------------------------------------------+" + @echo " + $(mK) install +" + @echo " +-------------------------------------------+" # For parallel builds, we must call cleantest *before* running the # other dependencies on _all. @@ -355,7 +369,7 @@ _all: makeopts $(SUBDIRS) doc/core-en_US.xml $(ADDL_TARGETS) makeopts: configure @echo "****" - @echo "**** The configure script must be executed before running '$(MAKE)'." + @echo "**** The configure script must be executed before running '$(MAKE)'." @echo "**** Please run \"./configure\"." @echo "****" @exit 1 @@ -509,7 +523,7 @@ else endif endif -update: +update: @if [ -d .svn ]; then \ echo "Updating from Subversion..." ; \ fromrev="`svn info | $(AWK) '/Revision: / {print $$2}'`"; \ @@ -530,7 +544,8 @@ NEWHEADERS=$(notdir $(wildcard include/asterisk/*.h)) OLDHEADERS=$(filter-out $(NEWHEADERS) $(notdir $(DESTDIR)$(ASTHEADERDIR)),$(notdir $(wildcard $(DESTDIR)$(ASTHEADERDIR)/*.h))) installdirs: - $(INSTALL) -d "$(DESTDIR)$(MODULES_DIR)" + $(INSTALL) -d "$(DESTDIR)$(ASTLIBDIR)" + $(INSTALL) -d "$(DESTDIR)$(ASTMODDIR)" $(INSTALL) -d "$(DESTDIR)$(ASTSBINDIR)" $(INSTALL) -d "$(DESTDIR)$(ASTETCDIR)" $(INSTALL) -d "$(DESTDIR)$(ASTVARRUNDIR)" @@ -562,9 +577,10 @@ installdirs: $(INSTALL) -d "$(DESTDIR)$(AGI_DIR)" $(INSTALL) -d "$(DESTDIR)$(ASTDBDIR)" -bininstall: _cleantest_all installdirs $(SUBDIRS_INSTALL) - $(INSTALL) -m 755 main/asterisk "$(DESTDIR)$(ASTSBINDIR)/" - $(LN) -sf asterisk "$(DESTDIR)$(ASTSBINDIR)/rasterisk" +main-bininstall: + +@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" ASTLIBDIR="$(ASTLIBDIR)" $(SUBMAKE) -C main bininstall + +bininstall: _cleantest_all installdirs $(SUBDIRS_INSTALL) main-bininstall $(INSTALL) -m 755 contrib/scripts/astgenkey "$(DESTDIR)$(ASTSBINDIR)/" $(INSTALL) -m 755 contrib/scripts/autosupport "$(DESTDIR)$(ASTSBINDIR)/" if [ ! -f "$(DESTDIR)$(ASTSBINDIR)/safe_asterisk" -a ! -f /sbin/launchd ]; then \ @@ -590,17 +606,17 @@ bininstall: _cleantest_all installdirs $(SUBDIRS_INSTALL) fi $(SUBDIRS_INSTALL): - +@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" $(SUBMAKE) -C $(@:-install=) install + +@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" $(SUBMAKE) -C $(@:-install=) install NEWMODS:=$(foreach d,$(MOD_SUBDIRS),$(notdir $(wildcard $(d)/*.so))) -OLDMODS=$(filter-out $(NEWMODS) $(notdir $(DESTDIR)$(MODULES_DIR)),$(notdir $(wildcard $(DESTDIR)$(MODULES_DIR)/*.so))) +OLDMODS=$(filter-out $(NEWMODS) $(notdir $(DESTDIR)$(ASTMODDIR)),$(notdir $(wildcard $(DESTDIR)$(ASTMODDIR)/*.so))) oldmodcheck: @if [ -n "$(OLDMODS)" ]; then \ echo " WARNING WARNING WARNING" ;\ echo "" ;\ echo " Your Asterisk modules directory, located at" ;\ - echo " $(DESTDIR)$(MODULES_DIR)" ;\ + echo " $(DESTDIR)$(ASTMODDIR)" ;\ echo " contains modules that were not installed by this " ;\ echo " version of Asterisk. Please ensure that these" ;\ echo " modules are compatible with this version before" ;\ @@ -624,14 +640,14 @@ install: badshell bininstall datafiles @if [ -x /usr/sbin/asterisk-post-install ]; then \ /usr/sbin/asterisk-post-install "$(DESTDIR)" . ; \ fi - @echo " +---- Asterisk Installation Complete -------+" + @echo " +---- Asterisk Installation Complete -------+" @echo " + +" @echo " + YOU MUST READ THE SECURITY DOCUMENT +" @echo " + +" - @echo " + Asterisk has successfully been installed. +" - @echo " + If you would like to install the sample +" + @echo " + Asterisk has successfully been installed. +" + @echo " + If you would like to install the sample +" @echo " + configuration files (overwriting any +" - @echo " + existing config files), run: +" + @echo " + existing config files), run: +" @echo " + +" @echo " + $(mK) samples +" @echo " + +" @@ -687,7 +703,7 @@ samples: adsi if [ "$(OVERWRITE)" = "y" ]; then \ echo "Updating asterisk.conf" ; \ sed -e 's|^astetcdir.*$$|astetcdir => $(ASTETCDIR)|' \ - -e 's|^astmoddir.*$$|astmoddir => $(MODULES_DIR)|' \ + -e 's|^astmoddir.*$$|astmoddir => $(ASTMODDIR)|' \ -e 's|^astvarlibdir.*$$|astvarlibdir => $(ASTVARLIBDIR)|' \ -e 's|^astdbdir.*$$|astdbdir => $(ASTDBDIR)|' \ -e 's|^astkeydir.*$$|astkeydir => $(ASTKEYDIR)|' \ @@ -729,7 +745,7 @@ webvmail: for x in images/*.gif; do \ $(INSTALL) -m 644 $$x "$(DESTDIR)$(HTTP_DOCSDIR)/_asterisk/"; \ done - @echo " +--------- Asterisk Web Voicemail ----------+" + @echo " +--------- Asterisk Web Voicemail ----------+" @echo " + +" @echo " + Asterisk Web Voicemail is installed in +" @echo " + your cgi-bin directory: +" @@ -745,11 +761,11 @@ webvmail: @echo " + in your Makefile of HTTP_CGIDIR and +" @echo " + HTTP_DOCSDIR +" @echo " + +" - @echo " +-------------------------------------------+" + @echo " +-------------------------------------------+" progdocs: (cat contrib/asterisk-ng-doxygen; echo "HAVE_DOT=$(HAVEDOT)"; \ - echo "PROJECT_NUMBER=$(ASTERISKVERSION)") | doxygen - + echo "PROJECT_NUMBER=$(ASTERISKVERSION)") | doxygen - install-logrotate: if [ ! -d "$(DESTDIR)$(ASTETCDIR)/../logrotate.d" ]; then \ @@ -836,7 +852,7 @@ sounds: $(MAKE) -C sounds all # If the cleancount has been changed, force a make clean. -# .cleancount is the global clean count, and .lastclean is the +# .cleancount is the global clean count, and .lastclean is the # last clean count we had cleantest: @@ -846,9 +862,11 @@ cleantest: $(SUBDIRS_UNINSTALL): +@$(SUBMAKE) -C $(@:-uninstall=) uninstall -_uninstall: $(SUBDIRS_UNINSTALL) - rm -f "$(DESTDIR)$(MODULES_DIR)/"* - rm -f "$(DESTDIR)$(ASTSBINDIR)/"*asterisk* +main-binuninstall: + +@DESTDIR="$(DESTDIR)" ASTSBINDIR="$(ASTSBINDIR)" ASTLIBDIR="$(ASTLIBDIR)" $(SUBMAKE) -C main binuninstall + +_uninstall: $(SUBDIRS_UNINSTALL) main-binuninstall + rm -f "$(DESTDIR)$(ASTMODDIR)/"* rm -f "$(DESTDIR)$(ASTSBINDIR)/astgenkey" rm -f "$(DESTDIR)$(ASTSBINDIR)/autosupport" rm -rf "$(DESTDIR)$(ASTHEADERDIR)" @@ -860,18 +878,18 @@ _uninstall: $(SUBDIRS_UNINSTALL) $(MAKE) -C sounds uninstall uninstall: _uninstall - @echo " +--------- Asterisk Uninstall Complete -----+" - @echo " + Asterisk binaries, sounds, man pages, +" - @echo " + headers, modules, and firmware builds, +" - @echo " + have all been uninstalled. +" + @echo " +--------- Asterisk Uninstall Complete -----+" + @echo " + Asterisk binaries, sounds, man pages, +" + @echo " + headers, modules, and firmware builds, +" + @echo " + have all been uninstalled. +" @echo " + +" @echo " + To remove ALL traces of Asterisk, +" @echo " + including configuration, spool +" @echo " + directories, and logs, run the following +" @echo " + command: +" @echo " + +" - @echo " + $(mK) uninstall-all +" - @echo " +-------------------------------------------+" + @echo " + $(mK) uninstall-all +" + @echo " +-------------------------------------------+" uninstall-all: _uninstall rm -rf "$(DESTDIR)$(ASTLIBDIR)" diff --git a/Makefile.moddir_rules b/Makefile.moddir_rules index e96342ee2e..2c922daf73 100644 --- a/Makefile.moddir_rules +++ b/Makefile.moddir_rules @@ -122,7 +122,7 @@ clean:: install:: all @echo "Installing modules from `basename $(CURDIR)`..." - @for x in $(LOADABLE_MODS:%=%.so); do $(INSTALL) -m 755 $$x "$(DESTDIR)$(MODULES_DIR)" ; done + @for x in $(LOADABLE_MODS:%=%.so); do $(INSTALL) -m 755 $$x "$(DESTDIR)$(ASTMODDIR)" ; done uninstall:: diff --git a/build_tools/make_defaults_h b/build_tools/make_defaults_h index 3f39dbc075..e6051e5f74 100755 --- a/build_tools/make_defaults_h +++ b/build_tools/make_defaults_h @@ -8,7 +8,7 @@ cat << END #define DEFAULT_CONFIG_FILE "${INSTALL_PATH}${ASTCONFPATH}" #define DEFAULT_CONFIG_DIR "${INSTALL_PATH}${ASTETCDIR}" -#define DEFAULT_MODULE_DIR "${INSTALL_PATH}${MODULES_DIR}" +#define DEFAULT_MODULE_DIR "${INSTALL_PATH}${ASTMODDIR}" #define DEFAULT_AGI_DIR "${INSTALL_PATH}${AGI_DIR}" #define DEFAULT_LOG_DIR "${INSTALL_PATH}${ASTLOGDIR}" diff --git a/build_tools/mkpkgconfig b/build_tools/mkpkgconfig index 699a91b90c..08ecb924e3 100755 --- a/build_tools/mkpkgconfig +++ b/build_tools/mkpkgconfig @@ -39,7 +39,7 @@ varrundir=$ASTVARRUNDIR spooldir=$ASTSPOOLDIR logdir=$ASTLOGDIR confpath=$ASTCONFPATH -moddir=$MODULES_DIR +moddir=$ASTMODDIR agidir=$AGI_DIR Name: asterisk diff --git a/configure b/configure index 7ef662f751..748ccfbc09 100755 --- a/configure +++ b/configure @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.ac Revision: 350732 . +# From configure.ac Revision: 350839 . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.68 for asterisk trunk. # @@ -666,6 +666,7 @@ GC_CFLAGS PBX_WEAKREF PBX_PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP PBX_PTHREAD_RWLOCK_INITIALIZER +AST_ASTERISKSSL HAS_POLL PBX_DYNAMIC_LIST POW_LIB @@ -1046,6 +1047,9 @@ MD5 SOXMIX PBX_FLEX PBX_BISON +OPENSSL +SHA1SUM +LDCONFIG DOWNLOAD FETCH XMLSTARLET @@ -1065,10 +1069,6 @@ FLEX CMP BISON GNU_LD -ac_ct_OPENSSL -OPENSSL -ac_ct_SHA1SUM -SHA1SUM ac_ct_AR AR ac_ct_STRIP @@ -1106,6 +1106,7 @@ astdbdir astdatadir astvarlibdir astmandir +astmoddir astlibdir astheaderdir astetcdir @@ -1248,6 +1249,7 @@ with_z enable_xmldoc enable_largefile enable_internal_poll +enable_asteriskssl ' ac_precious_vars='build_alias host_alias @@ -1879,9 +1881,10 @@ Optional Features: --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-dev-mode Turn on developer mode --enable-coverage Turn on code coverage tracking (for gcov) - --disable-xmldoc Explicity disable XML documentation + --disable-xmldoc Explicitly disable XML documentation --disable-largefile omit support for large files --enable-internal-poll Use Asterisk's poll implementation + --disable-asteriskssl Disable Asterisk's SSL wrapper library Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -4515,7 +4518,8 @@ $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } astsbindir='${sbindir}' astetcdir='${sysconfdir}/asterisk' astheaderdir='${includedir}/asterisk' -astlibdir='${libdir}/asterisk' +astlibdir='${libdir}' +astmoddir='${libdir}/asterisk/modules' astmandir='${mandir}' astvarlibdir='${localstatedir}/lib/asterisk' astdatadir='${astvarlibdir}' @@ -4561,7 +4565,7 @@ case "${host_os}" in darwin*) ac_default_prefix=/usr/local if test ${prefix} = 'NONE'; then - astlibdir='/Library/Application Support/Asterisk/Modules' + astmoddir='/Library/Application Support/Asterisk/Modules' astvarlibdir='/Library/Application Support/Asterisk' astlogdir=/Library/Logs/Asterisk astvarrundir='/Library/Application Support/Asterisk/Run' @@ -4578,6 +4582,7 @@ $as_echo "#define _DARWIN_UNLIMITED_SELECT 1" >>confdefs.h astetcdir=/var/etc/asterisk astsbindir=/opt/asterisk/sbin astlibdir=/opt/asterisk/lib + astmoddir=/opt/asterisk/lib/modules astheaderdir=/opt/asterisk/include astmandir=/opt/asterisk/man astvarlibdir=/var/opt/asterisk @@ -6396,206 +6401,6 @@ esac fi fi -if test -n "$ac_tool_prefix"; then - for ac_prog in sha1sum - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_SHA1SUM+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$SHA1SUM"; then - ac_cv_prog_SHA1SUM="$SHA1SUM" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_SHA1SUM="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -SHA1SUM=$ac_cv_prog_SHA1SUM -if test -n "$SHA1SUM"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SHA1SUM" >&5 -$as_echo "$SHA1SUM" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$SHA1SUM" && break - done -fi -if test -z "$SHA1SUM"; then - ac_ct_SHA1SUM=$SHA1SUM - for ac_prog in sha1sum -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_SHA1SUM+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_SHA1SUM"; then - ac_cv_prog_ac_ct_SHA1SUM="$ac_ct_SHA1SUM" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_SHA1SUM="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_SHA1SUM=$ac_cv_prog_ac_ct_SHA1SUM -if test -n "$ac_ct_SHA1SUM"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_SHA1SUM" >&5 -$as_echo "$ac_ct_SHA1SUM" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_SHA1SUM" && break -done - - if test "x$ac_ct_SHA1SUM" = x; then - SHA1SUM="$ac_aux_dir/build_tools/sha1sum-sh" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - SHA1SUM=$ac_ct_SHA1SUM - fi -fi - -if test -n "$ac_tool_prefix"; then - for ac_prog in openssl - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_OPENSSL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$OPENSSL"; then - ac_cv_prog_OPENSSL="$OPENSSL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OPENSSL="$ac_tool_prefix$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OPENSSL=$ac_cv_prog_OPENSSL -if test -n "$OPENSSL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OPENSSL" >&5 -$as_echo "$OPENSSL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$OPENSSL" && break - done -fi -if test -z "$OPENSSL"; then - ac_ct_OPENSSL=$OPENSSL - for ac_prog in openssl -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_OPENSSL+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$ac_ct_OPENSSL"; then - ac_cv_prog_ac_ct_OPENSSL="$ac_ct_OPENSSL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OPENSSL="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OPENSSL=$ac_cv_prog_ac_ct_OPENSSL -if test -n "$ac_ct_OPENSSL"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OPENSSL" >&5 -$as_echo "$ac_ct_OPENSSL" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$ac_ct_OPENSSL" && break -done - - if test "x$ac_ct_OPENSSL" = x; then - OPENSSL=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OPENSSL=$ac_ct_OPENSSL - fi -fi - GNU_LD=0 if test "x$with_gnu_ld" = "xyes" ; then @@ -7391,6 +7196,129 @@ fi fi fi +# Extract the first word of "ldconfig", so it can be a program name with args. +set dummy ldconfig; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_LDCONFIG+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $LDCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_LDCONFIG="$LDCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_LDCONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_LDCONFIG" && ac_cv_path_LDCONFIG=":" + ;; +esac +fi +LDCONFIG=$ac_cv_path_LDCONFIG +if test -n "$LDCONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LDCONFIG" >&5 +$as_echo "$LDCONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +# Extract the first word of "sha1sum", so it can be a program name with args. +set dummy sha1sum; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_SHA1SUM+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $SHA1SUM in + [\\/]* | ?:[\\/]*) + ac_cv_path_SHA1SUM="$SHA1SUM" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_SHA1SUM="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_SHA1SUM" && ac_cv_path_SHA1SUM="$ac_aux_dir/build_tools/sha1sum-sh" + ;; +esac +fi +SHA1SUM=$ac_cv_path_SHA1SUM +if test -n "$SHA1SUM"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SHA1SUM" >&5 +$as_echo "$SHA1SUM" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +# Extract the first word of "openssl", so it can be a program name with args. +set dummy openssl; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_OPENSSL+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $OPENSSL in + [\\/]* | ?:[\\/]*) + ac_cv_path_OPENSSL="$OPENSSL" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_OPENSSL="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_OPENSSL" && ac_cv_path_OPENSSL=":" + ;; +esac +fi +OPENSSL=$ac_cv_path_OPENSSL +if test -n "$OPENSSL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OPENSSL" >&5 +$as_echo "$OPENSSL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for bison that supports parse-param" >&5 $as_echo_n "checking for bison that supports parse-param... " >&6; } @@ -14248,6 +14176,17 @@ fi +# Check whether --enable-asteriskssl was given. +if test "${enable_asteriskssl+set}" = set; then : + enableval=$enable_asteriskssl; case "${enableval}" in + y|ye|yes) AST_ASTERISKSSL=yes ;; + n|no) AST_ASTERISKSSL=no ;; + *) as_fn_error $? "bad value ${enableval} for --disable-asteriskssl" "$LINENO" 5 ;; + esac +else + AST_ASTERISKSSL=yes +fi + # https support (in main/http.c) uses funopen on BSD systems, diff --git a/configure.ac b/configure.ac index 2f90be1868..ddf14a1147 100644 --- a/configure.ac +++ b/configure.ac @@ -47,7 +47,8 @@ AC_USE_SYSTEM_EXTENSIONS dnl note- does not work on FreeBSD AC_SUBST([astsbindir], ['${sbindir}'])dnl AC_SUBST([astetcdir], ['${sysconfdir}/asterisk'])dnl AC_SUBST([astheaderdir], ['${includedir}/asterisk'])dnl -AC_SUBST([astlibdir], ['${libdir}/asterisk'])dnl +AC_SUBST([astlibdir], ['${libdir}'])dnl +AC_SUBST([astmoddir], ['${libdir}/asterisk/modules'])dnl AC_SUBST([astmandir], ['${mandir}'])dnl AC_SUBST([astvarlibdir], ['${localstatedir}/lib/asterisk'])dnl AC_SUBST([astdatadir], ['${astvarlibdir}'])dnl @@ -93,7 +94,7 @@ case "${host_os}" in darwin*) ac_default_prefix=/usr/local if test ${prefix} = 'NONE'; then - astlibdir='/Library/Application Support/Asterisk/Modules' + astmoddir='/Library/Application Support/Asterisk/Modules' astvarlibdir='/Library/Application Support/Asterisk' astlogdir=/Library/Logs/Asterisk astvarrundir='/Library/Application Support/Asterisk/Run' @@ -106,6 +107,7 @@ case "${host_os}" in astetcdir=/var/etc/asterisk astsbindir=/opt/asterisk/sbin astlibdir=/opt/asterisk/lib + astmoddir=/opt/asterisk/lib/modules astheaderdir=/opt/asterisk/include astmandir=/opt/asterisk/man astvarlibdir=/var/opt/asterisk @@ -210,7 +212,7 @@ AH_BOTTOM( ) # cross-compile checks -if test "${cross_compiling}" = "yes"; +if test "${cross_compiling}" = "yes"; then AC_CHECK_TOOL(CC, gcc, :) AC_CHECK_TOOL(CXX, g++, :) @@ -234,8 +236,6 @@ AC_PROG_EGREP AC_CHECK_TOOLS([STRIP], [strip gstrip], :) AC_CHECK_TOOLS([AR], [ar gar], :) -AC_CHECK_TOOLS([SHA1SUM], [sha1sum], $ac_aux_dir/build_tools/sha1sum-sh) -AC_CHECK_TOOLS([OPENSSL], [openssl], :) GNU_LD=0 if test "x$with_gnu_ld" = "xyes" ; then @@ -271,6 +271,9 @@ else fi fi AC_SUBST(DOWNLOAD) +AC_PATH_PROG([LDCONFIG], [ldconfig], :) +AC_PATH_PROG([SHA1SUM], [sha1sum], $ac_aux_dir/build_tools/sha1sum-sh) +AC_PATH_PROG([OPENSSL], [openssl], :) AC_CACHE_CHECK([for bison that supports parse-param], [ac_cv_path_BISON2], [ if test "x$BISON" != "x:" ; then @@ -323,7 +326,7 @@ fi AC_CHECK_PROGS([MD5], [md5 md5sum gmd5sum digest]) if test "${MD5}" = "digest" ; then - MD5="${MD5} -a md5" + MD5="${MD5} -a md5" fi ACX_PTHREAD @@ -498,7 +501,7 @@ AC_SUBST(EDITLINE_LIB) # Another mandatory item (unless it's explicitly disabled) AC_ARG_ENABLE([xmldoc], [AS_HELP_STRING([--disable-xmldoc], - [Explicity disable XML documentation])], + [Explicitly disable XML documentation])], [case "${enableval}" in y|ye|yes) disable_xmldoc=no ;; n|no) disable_xmldoc=yes ;; @@ -622,7 +625,7 @@ AC_SUBST(PBX_DYNAMIC_LIST) LDFLAGS=${old_LDFLAGS} rm -f conftest.dynamics -AC_CHECK_HEADER([sys/poll.h], +AC_CHECK_HEADER([sys/poll.h], [HAS_POLL=1] AC_DEFINE([HAVE_SYS_POLL_H], 1, [Define to 1 if your system has working sys/poll.h]), ) @@ -637,7 +640,15 @@ AC_ARG_ENABLE([internal-poll], esac]) AC_SUBST(HAS_POLL) - +AC_ARG_ENABLE([asteriskssl], + [AS_HELP_STRING([--disable-asteriskssl], + [Disable Asterisk's SSL wrapper library])], + [case "${enableval}" in + y|ye|yes) AST_ASTERISKSSL=yes ;; + n|no) AST_ASTERISKSSL=no ;; + *) AC_MSG_ERROR(bad value ${enableval} for --disable-asteriskssl) ;; + esac], [AST_ASTERISKSSL=yes]) +AC_SUBST(AST_ASTERISKSSL) # https support (in main/http.c) uses funopen on BSD systems, # fopencookie on linux @@ -1482,7 +1493,7 @@ if test "${USE_IMAP_TK}" != "no"; then fi fi fi - fi + fi if test "${IMAP_TK_DIR}" = "system"; then #We will enter here if user specified "system" or if any of above checks failed AC_MSG_CHECKING([for system c-client library...]) @@ -1740,7 +1751,7 @@ if test "${USE_IMAP_TK}" != "no"; then AC_DEFINE([HAVE_IMAP_TK2006], 1, [Define if your system has the UW IMAP Toolkit c-client library version 2006 or greater.]) fi else - AC_MSG_RESULT(no) + AC_MSG_RESULT(no) fi CPPFLAGS="${saved_cppflags}" LIBS="${saved_libs}" @@ -1811,7 +1822,7 @@ AST_EXT_LIB_CHECK([OSS], [ossaudio], [], [sys/soundcard.h]) AST_EXT_LIB_CHECK([OSS], [ossaudio], [oss_ioctl_mixer], [soundcard.h]) PG_CONFIG=No -if test "${USE_PGSQL}" != "no"; then +if test "${USE_PGSQL}" != "no"; then if test "x${PGSQL_DIR}" != "x"; then AC_PATH_TOOL([PG_CONFIG], [pg_config], No, [${PGSQL_DIR}/bin]) if test x"${PG_CONFIG}" = xNo; then @@ -1837,7 +1848,7 @@ if test "${PG_CONFIG}" != No; then AC_MSG_NOTICE([*** including --without-postgres]) exit 1 fi - else + else AC_CHECK_LIB([pq], [PQescapeStringConn], AC_DEFINE_UNQUOTED([HAVE_PGSQL], 1, [Define to indicate the PostgreSQL library]), [], -L${PGSQL_libdir} -lz) @@ -1930,7 +1941,7 @@ if test "${USE_PWLIB}" != "no"; then fi AST_CHECK_PWLIB() AST_CHECK_PWLIB_VERSION([PWLib], [PWLIB], [ptbuildopts.h], [1], [9], [2], [P[[WT]]LIB_VERSION]) - + if test "${HAS_PWLIB:-unset}" != "unset"; then AST_CHECK_PWLIB_PLATFORM() @@ -1960,7 +1971,7 @@ if test "${PBX_PWLIB}" = "1" -a "${USE_OPENH323}" != "no" ; then [${PWLIB_INCLUDE}], [${PWLIB_LIB}]) fi -AST_EXT_LIB_CHECK([LUA], [lua5.1], [luaL_newstate], [lua5.1/lua.h], [-lm]) +AST_EXT_LIB_CHECK([LUA], [lua5.1], [luaL_newstate], [lua5.1/lua.h], [-lm]) if test "x${PBX_LUA}" = "x1" ; then if test x"${LUA_DIR}" = x; then LUA_INCLUDE="${LUA_INCLUDE} -I/usr/include/lua5.1" @@ -1968,9 +1979,9 @@ if test "x${PBX_LUA}" = "x1" ; then LUA_INCLUDE="${LUA_INCLUDE} -I${LUA_DIR}/lua5.1" fi fi - + # Some distributions (like SuSE) remove the 5.1 suffix. -AST_EXT_LIB_CHECK([LUA], [lua], [luaL_register], [lua.h], [-lm]) +AST_EXT_LIB_CHECK([LUA], [lua], [luaL_register], [lua.h], [-lm]) AST_EXT_LIB_CHECK([RADIUS], [radiusclient-ng], [rc_read_config], [radiusclient-ng.h]) @@ -2136,11 +2147,11 @@ if test "${USE_VPB}" != "no"; then [#include ], [int q = vpb_open(0,0);]) ], - [ AC_MSG_RESULT(yes) - ac_cv_lib_vpb_vpb_open="yes" + [ AC_MSG_RESULT(yes) + ac_cv_lib_vpb_vpb_open="yes" ], - [ AC_MSG_RESULT(no) - ac_cv_lib_vpb_vpb_open="no" + [ AC_MSG_RESULT(no) + ac_cv_lib_vpb_vpb_open="no" ] ) LIBS="${saved_libs}" @@ -2322,8 +2333,8 @@ fi AC_MSG_NOTICE(Package configured for: ) AC_MSG_NOTICE( OS type : $host_os) AC_MSG_NOTICE( Host CPU : $host_cpu) -AC_MSG_NOTICE( build-cpu:vendor:os: $build_cpu : $build_vendor : $build_os :) -AC_MSG_NOTICE( host-cpu:vendor:os: $host_cpu : $host_vendor : $host_os :) +AC_MSG_NOTICE( build-cpu:vendor:os: $build_cpu : $build_vendor : $build_os :) +AC_MSG_NOTICE( host-cpu:vendor:os: $host_cpu : $host_vendor : $host_os :) if test "${cross_compiling}" = "yes"; then AC_MSG_NOTICE( Cross Compilation = YES) fi diff --git a/include/asterisk.h b/include/asterisk.h index 1e9f076eb4..24e4c05128 100644 --- a/include/asterisk.h +++ b/include/asterisk.h @@ -224,4 +224,8 @@ struct ast_sched_context; #define bzero 0x__dont_use_bzero__use_memset_instead"" #define bcopy 0x__dont_use_bcopy__use_memmove_instead() +/* Some handy macros for turning a preprocessor token into (effectively) a quoted string */ +#define __stringify_1(x) #x +#define __stringify(x) __stringify_1(x) + #endif /* _ASTERISK_H */ diff --git a/include/asterisk/optional_api.h b/include/asterisk/optional_api.h index cb84881013..cc31ce0a6e 100644 --- a/include/asterisk/optional_api.h +++ b/include/asterisk/optional_api.h @@ -89,9 +89,6 @@ * WARNING WARNING WARNING WARNING WARNING */ -#define __stringify_1(x) #x -#define __stringify(x) __stringify_1(x) - /*! * \brief A common value for optional API stub functions to return * diff --git a/main/Makefile b/main/Makefile index 728b80591a..0662f22f3e 100644 --- a/main/Makefile +++ b/main/Makefile @@ -1,6 +1,6 @@ # # Asterisk -- A telephony toolkit for Linux. -# +# # Makefile to build main Asterisk binary # # Copyright (C) 1999-2006, Digium, Inc. @@ -18,7 +18,10 @@ all: asterisk include $(ASTTOPDIR)/Makefile.moddir_rules # Must include the extra ast_expr2.c, ast_expr2f.c, in case they need to be regenerated (because to force regeneration, we delete them) -SRC=$(wildcard *.c) ast_expr2.c ast_expr2f.c +SRC:=$(wildcard *.c) ast_expr2.c ast_expr2f.c +ifeq ($(AST_ASTERISKSSL),yes) +SRC:=$(filter-out libasteriskssl.c,$(SRC)) +endif OBJSFILTER=fskmodem_int.o fskmodem_float.o cygload.o buildinfo.o OBJS=$(filter-out $(OBJSFILTER),$(SRC:.c=.o)) @@ -26,14 +29,16 @@ OBJS=$(filter-out $(OBJSFILTER),$(SRC:.c=.o)) # otherwise modules will not have them available if none of the static # objects use it. OBJS+=stdtime/localtime.o + ifneq ($(firstword $(subst :, ,$(WEAKREF))),1) OBJS+=../res/res_adsi.o endif -AST_LIBS += $(OPENSSL_LIB) -AST_LIBS += $(BKTR_LIB) -AST_LIBS += $(LIBXML2_LIB) -AST_LIBS += $(SQLITE3_LIB) +ASTSSL_LIBS:=$(OPENSSL_LIB) +AST_LIBS+=$(BKTR_LIB) +AST_LIBS+=$(LIBXML2_LIB) +AST_LIBS+=$(SQLITE3_LIB) +AST_LIBS+=$(ASTSSL_LIBS) ifneq ($(findstring $(OSARCH), linux-gnu uclinux linux-uclibc linux-gnueabi kfreebsd-gnu linux-gnueabihf),) ifneq ($(findstring LOADABLE_MODULES,$(MENUSELECT_CFLAGS)),) @@ -78,7 +83,7 @@ endif ifneq ($(findstring $(OSARCH), mingw32 cygwin ),) AST_LIBS+=-lminires -ldl - ASTLINK+= -shared -Wl,--out-implib,libasterisk.a + ASTLINK+=-shared -Wl,--out-implib,libasterisk.a endif ifeq ($(OSARCH),NetBSD) AST_LIBS+=-lpthread -lcrypto -lm -L/usr/pkg/lib $(EDITLINE_LIB) @@ -89,7 +94,8 @@ ifeq ($(OSARCH),OpenBSD) endif ifeq ($(OSARCH),SunOS) - AST_LIBS+=-lpthread -ldl -lrt -lnsl -lsocket -lresolv -L/opt/ssl/lib -L/usr/local/ssl/lib + AST_LIBS+=-lpthread -ldl -lrt -lnsl -lsocket -lresolv + ASTSSL_LIBS+=-L/opt/ssl/lib -L/usr/local/ssl/lib ASTLINK= endif @@ -140,7 +146,7 @@ testexpr2: ast_expr2f.c ast_expr2.c ast_expr2.h $(CC) -g -c -Iinclude -DSTANDALONE ast_expr2f.c $(CC) -g -c -Iinclude -DSTANDALONE ast_expr2.c $(CC) -g -o testexpr2 ast_expr2f.o ast_expr2.o -lm - rm ast_expr2.o ast_expr2f.o + rm ast_expr2.o ast_expr2f.o db.o: _ASTCFLAGS+=$(SQLITE3_INCLUDE) @@ -178,13 +184,61 @@ endif $(OBJS): _ASTCFLAGS+=-DAST_MODULE=\"core\" -$(MAIN_TGT): $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) +ifeq ($(AST_ASTERISKSSL),yes) +# The ABI *version* of the asteriskssl library; don't change this unless there truly is a +# non-backwards-compatible ABI change in the library +ASTSSL_SO_VERSION=1 + +ASTSSL_LDLIBS=-L. -lasteriskssl + +ifeq ($(findstring darwin,$(OSARCH)),) # not Darwin +ASTSSL_LIB:=libasteriskssl.so + +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): _ASTLDFLAGS+=-Wl,-soname=$(ASTSSL_LIB).$(ASTSSL_SO_VERSION) +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): _ASTCFLAGS+=-fPIC -DAST_MODULE=\"asteriskssl\" +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): LIBS+=$(ASTSSL_LIBS) +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): SO_SUPPRESS_SYMBOLS=-Wl,--version-script,libasteriskssl.exports,--warn-common +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): SOLINK=$(DYLINK) + +# These rules are duplicated from $(ASTTOPDIR)/Makefile.rules because the library name +# being built does not match the "%.so" pattern; there are also additional steps +# required to build a proper shared library (as opposed to the 'loadable module' +# type that are built by the standard rules) +$(ASTSSL_LIB).$(ASTSSL_SO_VERSION): libasteriskssl.o +ifeq ($(GNU_LD),1) + $(CMD_PREFIX) $(ASTTOPDIR)/build_tools/make_linker_version_script libasteriskssl "$(LINKER_SYMBOL_PREFIX)" "$(ASTTOPDIR)" +endif + $(ECHO_PREFIX) echo " [LD] $^ -> $@" + $(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(CC_LDFLAGS_SO) $^ $(CC_LIBS) +ifneq ($(LDCONFIG),) + $(LDCONFIG) $(LDCONFIG_FLAGS) . +endif + +$(ASTSSL_LIB): $(ASTSSL_LIB).$(ASTSSL_SO_VERSION) + $(LN) -sf $< $@ + +else # Darwin +ASTSSL_LIB:=libasteriskssl.dylib + +$(ASTSSL_LIB): _ASTCFLAGS+=-fPIC -DAST_MODULE=\"asteriskssl\" +$(ASTSSL_LIB): LIBS+=$(ASTSSL_LIBS) +$(ASTSSL_LIB): SOLINK=$(DYLINK) + +# Special rules for building a shared library (not a dynamically loadable module) +$(ASTSSL_LIB): libasteriskssl.o + $(ECHO_PREFIX) echo " [LD] $^ -> $@" + $(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(CC_LDFLAGS_SO) $^ $(CC_LIBS) +endif + +endif + +$(MAIN_TGT): $(OBJS) $(ASTSSL_LIB) editline/libedit.a $(AST_EMBED_LDSCRIPTS) @$(CC) -c -o buildinfo.o $(_ASTCFLAGS) buildinfo.c $(ASTCFLAGS) $(ECHO_PREFIX) echo " [LD] $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) -> $@" ifneq ($(findstring chan_h323,$(MENUSELECT_CHANNELS)),) - $(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(GMIMELDFLAGS) + $(CMD_PREFIX) $(CC) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(OBJS) $(ASTSSL_LDLIBS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(GMIMELDFLAGS) else - $(CMD_PREFIX) $(CXX) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(H323LDFLAGS) $(OBJS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(H323LDLIBS) $(GMIMELDFLAGS) + $(CMD_PREFIX) $(CXX) $(STATIC_BUILD) -o $@ $(ASTLINK) $(AST_EMBED_LDFLAGS) $(_ASTLDFLAGS) $(ASTLDFLAGS) $(H323LDFLAGS) $(OBJS) $(ASTSSL_LDLIBS) editline/libedit.a $(AST_EMBED_LDSCRIPTS) buildinfo.o $(AST_LIBS) $(AST_EMBED_LIBS) $(H323LDLIBS) $(GMIMELDFLAGS) endif ifeq ($(GNU_LD),1) @@ -193,9 +247,28 @@ asterisk.exports: asterisk.exports.in $(CMD_PREFIX) $(ASTTOPDIR)/build_tools/make_linker_version_script asterisk $(LINKER_SYMBOL_PREFIX) endif +bininstall: + $(INSTALL) -m 755 $(MAIN_TGT) "$(DESTDIR)$(ASTSBINDIR)/" +ifeq ($(AST_ASTERISKSSL),yes) + $(INSTALL) -m 755 $(ASTSSL_LIB).$(ASTSSL_SO_VERSION) "$(DESTDIR)$(ASTLIBDIR)/" + $(LN) -sf "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB).$(ASTSSL_SO_VERSION)" "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB)" +ifneq ($(LDCONFIG),) + $(LDCONFIG) $(LDCONFIG_FLAGS) "$(DESTDIR)$(ASTLIBDIR)/" +endif +endif + $(LN) -sf asterisk "$(DESTDIR)$(ASTSBINDIR)/rasterisk" + +binuninstall: + rm -f "$(DESTDIR)$(ASTSBINDIR)/$(MAIN_TGT)" + rm -f "$(DESTDIR)$(ASTSBINDIR)/rasterisk" + rm -f "$(DESTDIR)$(ASTLIBDIR)/$(ASTSSL_LIB).$(ASTSSL_SO_VERSION)" +ifneq ($(LDCONFIG),) + $(LDCONFIG) $(LDCONFIG_FLAGS) "$(DESTDIR)$(ASTLIBDIR)/" +endif + clean:: - rm -f asterisk - rm -f asterisk.exports + rm -f asterisk libasteriskssl.o $(ASTSSL_LIB) $(ASTSSL_LIB).* + rm -f asterisk.exports libasteriskssl.exports @if [ -f editline/Makefile ]; then $(MAKE) -C editline distclean ; fi @$(MAKE) -C stdtime clean rm -f libresample/src/*.o diff --git a/main/libasteriskssl.c b/main/libasteriskssl.c new file mode 100644 index 0000000000..8b2d8b0a84 --- /dev/null +++ b/main/libasteriskssl.c @@ -0,0 +1,235 @@ +/* + * Asterisk -- An open source telephony toolkit. + * + * Copyright (C) 2009-2012, Digium, Inc. + * + * Russell Bryant + * + * See http://www.asterisk.org for more information about + * the Asterisk project. Please do not directly contact + * any of the maintainers of this project for assistance; + * the project provides a web site, mailing lists and IRC + * channels for your use. + * + * This program is free software, distributed under the terms of + * the GNU General Public License Version 2. See the LICENSE file + * at the top of the source tree. + */ + +/*! + * \file + * \brief Common OpenSSL support code + * + * \author Russell Bryant + */ + +#include "asterisk.h" + +ASTERISK_FILE_VERSION(__FILE__, "$Revision$") + +#ifdef HAVE_OPENSSL +#include +#include +#endif + +#include + +#include "asterisk/_private.h" /* ast_ssl_init() */ + +#include "asterisk/utils.h" +#include "asterisk/lock.h" + +#ifdef HAVE_OPENSSL + +#define get_OpenSSL_function(func) do { real_##func = dlsym(RTLD_NEXT, __stringify(func)); } while(0) + +static int startup_complete; + +static ast_mutex_t *ssl_locks; + +static int ssl_num_locks; + +static unsigned long ssl_threadid(void) +{ + return (unsigned long) pthread_self(); +} + +static void ssl_lock(int mode, int n, const char *file, int line) +{ + if (n < 0 || n >= ssl_num_locks) { + ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - " + "ssl_num_locks '%d' - n '%d'\n", + ssl_num_locks, n); + return; + } + + if (mode & CRYPTO_LOCK) { + ast_mutex_lock(&ssl_locks[n]); + } else { + ast_mutex_unlock(&ssl_locks[n]); + } +} + +int SSL_library_init(void) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif + return 0; +} + +void SSL_load_error_strings(void) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void ERR_load_SSL_strings(void) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void ERR_load_crypto_strings(void) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void ERR_load_BIO_strings(void) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void CRYPTO_set_id_callback(unsigned long (*func)(void)) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void CRYPTO_set_locking_callback(void (*func)(int mode,int type, const char *file, int line)) +{ +#if defined(AST_DEVMODE) + if (startup_complete) { + ast_debug(1, "Called after startup... ignoring!\n"); + } +#endif +} + +void ERR_free_strings(void) +{ + /* we can't allow this to be called, ever */ +} + +#endif /* HAVE_OPENSSL */ + +/*! + * \internal + * \brief Common OpenSSL initialization for all of Asterisk. + */ +int ast_ssl_init(void) +{ +#ifdef HAVE_OPENSSL + unsigned int i; + int (*real_SSL_library_init)(void); + void (*real_CRYPTO_set_id_callback)(unsigned long (*)(void)); + void (*real_CRYPTO_set_locking_callback)(void (*)(int, int, const char *, int)); + void (*real_SSL_load_error_strings)(void); + void (*real_ERR_load_SSL_strings)(void); + void (*real_ERR_load_crypto_strings)(void); + void (*real_ERR_load_BIO_strings)(void); + const char *errstr; + + /* clear any previous dynamic linker errors */ + dlerror(); + get_OpenSSL_function(SSL_library_init); + if ((errstr = dlerror()) != NULL) { + ast_debug(1, "unable to get real address of SSL_library_init: %s\n", errstr); + /* there is no way to continue in this situation... SSL will + * likely be broken in this process + */ + return -1; + } else { + real_SSL_library_init(); + } + + /* Make OpenSSL usage thread-safe. */ + + dlerror(); + get_OpenSSL_function(CRYPTO_set_id_callback); + if ((errstr = dlerror()) != NULL) { + ast_debug(1, "unable to get real address of CRYPTO_set_id_callback: %s\n", errstr); + /* there is no way to continue in this situation... SSL will + * likely be broken in this process + */ + return -1; + } else { + real_CRYPTO_set_id_callback(ssl_threadid); + } + + dlerror(); + get_OpenSSL_function(CRYPTO_set_locking_callback); + if ((errstr = dlerror()) != NULL) { + ast_debug(1, "unable to get real address of CRYPTO_set_locking_callback: %s\n", errstr); + /* there is no way to continue in this situation... SSL will + * likely be broken in this process + */ + return -1; + } else { + ssl_num_locks = CRYPTO_num_locks(); + if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) { + return -1; + } + for (i = 0; i < ssl_num_locks; i++) { + ast_mutex_init(&ssl_locks[i]); + } + real_CRYPTO_set_locking_callback(ssl_lock); + } + + /* after this point, we don't check for errors from the dlsym() calls, + * under the assumption that if the ones above were successful, all + * the rest will be too. this assumption holds as long as OpenSSL still + * provides all of these functions. + */ + + get_OpenSSL_function(SSL_load_error_strings); + real_SSL_load_error_strings(); + + get_OpenSSL_function(ERR_load_SSL_strings); + real_ERR_load_SSL_strings(); + + get_OpenSSL_function(ERR_load_crypto_strings); + real_ERR_load_crypto_strings(); + + get_OpenSSL_function(ERR_load_BIO_strings); + real_ERR_load_BIO_strings(); + +#if 0 + /* currently this is just another call to SSL_library_init, so we don't call it */ + OpenSSL_add_all_algorithms(); +#endif + + startup_complete = 1; + +#endif /* HAVE_OPENSSL */ + return 0; +} + diff --git a/main/libasteriskssl.exports.in b/main/libasteriskssl.exports.in new file mode 100644 index 0000000000..5db09cc022 --- /dev/null +++ b/main/libasteriskssl.exports.in @@ -0,0 +1,4 @@ +{ + global: + *; +}; diff --git a/main/ssl.c b/main/ssl.c deleted file mode 100644 index 40129f84f5..0000000000 --- a/main/ssl.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Asterisk -- An open source telephony toolkit. - * - * Copyright (C) 2009, Digium, Inc. - * - * Russell Bryant - * - * See http://www.asterisk.org for more information about - * the Asterisk project. Please do not directly contact - * any of the maintainers of this project for assistance; - * the project provides a web site, mailing lists and IRC - * channels for your use. - * - * This program is free software, distributed under the terms of - * the GNU General Public License Version 2. See the LICENSE file - * at the top of the source tree. - */ - -/*! - * \file - * \brief Common OpenSSL support code - * - * \author Russell Bryant - */ - -#include "asterisk.h" - -ASTERISK_FILE_VERSION(__FILE__, "$Revision$") - -#ifdef HAVE_OPENSSL -#include -#include -#endif - -#include "asterisk/_private.h" /* ast_ssl_init() */ - -#include "asterisk/utils.h" -#include "asterisk/lock.h" - -#ifdef HAVE_OPENSSL - -static ast_mutex_t *ssl_locks; - -static int ssl_num_locks; - -static unsigned long ssl_threadid(void) -{ - return (unsigned long)pthread_self(); -} - -static void ssl_lock(int mode, int n, const char *file, int line) -{ - if (n < 0 || n >= ssl_num_locks) { - ast_log(LOG_ERROR, "OpenSSL is full of LIES!!! - " - "ssl_num_locks '%d' - n '%d'\n", - ssl_num_locks, n); - return; - } - - if (mode & CRYPTO_LOCK) { - ast_mutex_lock(&ssl_locks[n]); - } else { - ast_mutex_unlock(&ssl_locks[n]); - } -} - -#endif /* HAVE_OPENSSL */ - -/*! - * \internal - * \brief Common OpenSSL initialization for all of Asterisk. - */ -int ast_ssl_init(void) -{ -#ifdef HAVE_OPENSSL - unsigned int i; - - SSL_library_init(); - SSL_load_error_strings(); - ERR_load_crypto_strings(); - ERR_load_BIO_strings(); - OpenSSL_add_all_algorithms(); - - /* Make OpenSSL thread-safe. */ - - CRYPTO_set_id_callback(ssl_threadid); - - ssl_num_locks = CRYPTO_num_locks(); - if (!(ssl_locks = ast_calloc(ssl_num_locks, sizeof(ssl_locks[0])))) { - return -1; - } - for (i = 0; i < ssl_num_locks; i++) { - ast_mutex_init(&ssl_locks[i]); - } - CRYPTO_set_locking_callback(ssl_lock); - -#endif /* HAVE_OPENSSL */ - return 0; -} - diff --git a/makeopts.in b/makeopts.in index c7a5eafc68..250998db01 100644 --- a/makeopts.in +++ b/makeopts.in @@ -34,6 +34,7 @@ XMLSTARLET=@XMLSTARLET@ MD5=@MD5@ SHA1SUM=@SHA1SUM@ OPENSSL=@OPENSSL@ +LDCONFIG=@LDCONFIG@ BUILD_PLATFORM=@BUILD_PLATFORM@ BUILD_CPU=@BUILD_CPU@ @@ -81,6 +82,7 @@ ASTSBINDIR = @astsbindir@ ASTETCDIR = @astetcdir@ ASTHEADERDIR = @astheaderdir@ ASTLIBDIR = @astlibdir@ +ASTMODDIR = @astmoddir@ ASTMANDIR = @astmandir@ astvarlibdir = @astvarlibdir@ ASTVARLIBDIR = @astvarlibdir@ @@ -96,6 +98,8 @@ NOISY_BUILD=@NOISY_BUILD@ AST_CODE_COVERAGE=@AST_CODE_COVERAGE@ +AST_ASTERISKSSL=@AST_ASTERISKSSL@ + AST_DECLARATION_AFTER_STATEMENT=@AST_DECLARATION_AFTER_STATEMENT@ AST_NO_STRICT_OVERFLOW=@AST_NO_STRICT_OVERFLOW@ AST_SHADOW_WARNINGS=@AST_SHADOW_WARNINGS@