Attachment #202807 for bug #232901

Lines 2-8 Link Here

(-)./Makefile (-3 / +5 lines)
2		2
3	PORTNAME= librtmp	3	PORTNAME= librtmp
4	PORTVERSION= 2.4.20151223	4	PORTVERSION= 2.4.20151223
5	PORTREVISION= 3	5	PORTREVISION= 4
6	CATEGORIES= multimedia net	6	CATEGORIES= multimedia net
7	MASTER_SITES= LOCAL/hrs	7	MASTER_SITES= LOCAL/hrs
8	DISTNAME= rtmpdump-2.4.fa8646da	8	DISTNAME= rtmpdump-2.4.fa8646da
Lines 13-23 COMMENT= RTMP stream library Link Here
13	LICENSE= LGPL21+	13	LICENSE= LGPL21+
14	LICENSE_FILE= ${WRKSRC}/COPYING	14	LICENSE_FILE= ${WRKSRC}/COPYING
15		15
		16	LIB_DEPENDS= libgnutls.so:security/gnutls
		17
16	USES= pkgconfig tar:bz2 ssl	18	USES= pkgconfig tar:bz2 ssl
17	USE_LDCONFIG= yes	19	USE_LDCONFIG= yes
18		20
19	CFLAGS+= -I${OPENSSLINC}	21	CFLAGS+= -I${LOCALBASE}/include
20	LDFLAGS+= -L${OPENSSLLIB}	22	LDFLAGS+= -L${LOCALBASE}/lib
21	WRKSRC= ${WRKDIR}/${DISTNAME}/librtmp	23	WRKSRC= ${WRKDIR}/${DISTNAME}/librtmp
22		24
23	.include <bsd.port.mk>	25	.include <bsd.port.mk>

Lines 1-6 Link Here

(-)./files/patch-librtmp-Makefile (-3 / +7 lines)
1	--- Makefile.orig 2016-02-29 01:15:13 UTC	1	--- Makefile.orig 2016-02-29 01:15:13 UTC
2	+++ Makefile	2	+++ Makefile
3	@@ -1,19 +1,21 @@	3	@@ -1,36 +1,38 @@
4	VERSION=v2.4	4	VERSION=v2.4
5		5
6	-prefix=/usr/local	6	-prefix=/usr/local
Lines 25-32 Link Here
25	+AR?=$(CROSS_COMPILE)ar	25	+AR?=$(CROSS_COMPILE)ar
26		26
27	SYS=posix	27	SYS=posix
28	CRYPTO=OPENSSL	28	-CRYPTO=OPENSSL
29	@@ -23,14 +25,14 @@ DEF_OPENSSL=-DUSE_OPENSSL	29	-#CRYPTO=GNUTLS
		30	+#CRYPTO=OPENSSL
		31	+CRYPTO=GNUTLS
		32	DEF_POLARSSL=-DUSE_POLARSSL
		33	DEF_OPENSSL=-DUSE_OPENSSL
30	DEF_GNUTLS=-DUSE_GNUTLS	34	DEF_GNUTLS=-DUSE_GNUTLS
31	DEF_=-DNO_CRYPTO	35	DEF_=-DNO_CRYPTO
32	REQ_GNUTLS=gnutls,hogweed,nettle	36	REQ_GNUTLS=gnutls,hogweed,nettle




--- dh.h.orig	2016-02-29 01:15:13 UTC
+++ dh.h
@@ -253,20 +253,44 @@ DHInit(int nKeyBits)
   if (!dh)
     goto failed;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_new(dh->g);
 
   if (!dh->g)
     goto failed;
+#else
+  BIGNUM *g = NULL;
+  MP_new(g);
+  if (!g)
+    goto failed;
 
+  DH_set0_pqg(dh, NULL, g, NULL);
+#endif
+
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_gethex(dh->p, P1024, res);	/* prime P1024, see dhgroups.h */
+#else
+  BIGNUM* p = NULL;
+  DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL);
+  MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
+#endif
   if (!res)
     {
       goto failed;
     }
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_set_w(dh->g, 2);	/* base 2 */
+#else
+  MP_set_w(g, 2);   /* base 2 */
+  DH_set0_pqg(dh, NULL, g, NULL);
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   dh->length = nKeyBits;
+#else
+  DH_set_length(dh, nKeyBits);
+#endif
   return dh;
 
 failed:
@@ -293,12 +317,24 @@ DHGenerateKey(MDH *dh)
       MP_gethex(q1, Q1024, res);
       assert(res);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
       res = isValidPublicKey(dh->pub_key, dh->p, q1);
+#else
+      BIGNUM const* pub_key = NULL;
+      BIGNUM const* p = NULL;
+      DH_get0_key(dh, &pub_key, NULL);
+      DH_get0_pqg(dh, &p, NULL, NULL);
+      res = isValidPublicKey((BIGNUM*)pub_key, (BIGNUM*)p, q1);
+#endif
       if (!res)
 	{
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
 	  MP_free(dh->pub_key);
 	  MP_free(dh->priv_key);
 	  dh->pub_key = dh->priv_key = 0;
+#else
+          DH_free(dh);
+#endif
 	}
 
       MP_free(q1);
@@ -314,15 +350,29 @@ static int
 DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen)
 {
   int len;
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (!dh || !dh->pub_key)
+#else
+  BIGNUM const* pub_key = NULL;
+  DH_get0_key(dh, &pub_key, NULL);
+  if (!dh || !pub_key)
+#endif
     return 0;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   len = MP_bytes(dh->pub_key);
+#else
+  len = MP_bytes(pub_key);
+#endif
   if (len <= 0 || len > (int) nPubkeyLen)
     return 0;
 
   memset(pubkey, 0, nPubkeyLen);
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
+#else
+  MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len);
+#endif
   return 1;
 }
 
@@ -364,7 +414,13 @@ DHComputeSharedSecretKey(MDH *dh, uint8_t *pubkey, siz
   MP_gethex(q1, Q1024, len);
   assert(len);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (isValidPublicKey(pubkeyBn, dh->p, q1))
+#else
+  BIGNUM const* p = NULL;
+  DH_get0_pqg(dh, &p, NULL, NULL);
+  if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1))
+#endif
     res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
   else
     res = -1;
--- handshake.h.orig	2016-02-29 01:15:13 UTC
+++ handshake.h
@@ -31,9 +31,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 
 typedef arc4_context *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(arc4_context))
@@ -50,9 +50,9 @@ typedef arc4_context *	RC4_handle;
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 
 typedef struct arcfour_ctx*	RC4_handle;
@@ -64,14 +64,23 @@ typedef struct arcfour_ctx*	RC4_handle;
 
 #else	/* USE_OPENSSL */
 #include <openssl/sha.h>
+#include <openssl/ossl_typ.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
 #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH)
 #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
 #endif
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)       HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, buf, len)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_finish(ctx, dig, dlen)     HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx)
+#endif
 
 typedef RC4_KEY *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(RC4_KEY))
@@ -117,7 +126,7 @@ static void InitRC4Encryption
 {
   uint8_t digest[SHA256_DIGEST_LENGTH];
   unsigned int digestLen = 0;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   RC4_alloc(rc4keyIn);
   RC4_alloc(rc4keyOut);
@@ -266,7 +275,7 @@ HMACsha256(const uint8_t *message, size_t messageLen, 
 	   size_t keylen, uint8_t *digest)
 {
   unsigned int digestLen;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   HMAC_setup(ctx, key, keylen);
   HMAC_crunch(ctx, message, messageLen);
--- hashswf.c.orig	2016-02-29 01:15:13 UTC
+++ hashswf.c
@@ -37,9 +37,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 #define HMAC_close(ctx)
 #elif defined(USE_GNUTLS)
 #include <nettle/hmac.h>
@@ -48,20 +48,28 @@
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 #else	/* USE_OPENSSL */
 #include <openssl/ssl.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, (unsigned char *)buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
-#define HMAC_close(ctx)	HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
 #endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, (unsigned char *)buf, len)
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, (unsigned char *)dig, &dlen);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_close(ctx)	HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
+#endif
+#endif
 
 extern void RTMP_TLS_Init();
 extern TLS_CTX RTMP_TLS_ctx;
@@ -289,7 +297,7 @@ leave:
 struct info
 {
   z_stream *zs;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx;
   int first;
   int zlib;
   int size;

Return to bug 232901

Lines 1-249 Link Here

(-)./files/patch-openssl-1.1 (-249 lines)
1	--- dh.h.orig 2016-02-29 01:15:13 UTC
2	+++ dh.h
3	@@ -253,20 +253,44 @@ DHInit(int nKeyBits)
4	if (!dh)
5	goto failed;
6
7	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
8	MP_new(dh->g);
9
10	if (!dh->g)
11	goto failed;
12	+#else
13	+ BIGNUM *g = NULL;
14	+ MP_new(g);
15	+ if (!g)
16	+ goto failed;
17
18	+ DH_set0_pqg(dh, NULL, g, NULL);
19	+#endif
20	+
21	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
22	MP_gethex(dh->p, P1024, res); /* prime P1024, see dhgroups.h */
23	+#else
24	+ BIGNUM* p = NULL;
25	+ DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL);
26	+ MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
27	+#endif
28	if (!res)
29	{
30	goto failed;
31	}
32
33	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
34	MP_set_w(dh->g, 2); /* base 2 */
35	+#else
36	+ MP_set_w(g, 2); /* base 2 */
37	+ DH_set0_pqg(dh, NULL, g, NULL);
38	+#endif
39
40	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
41	dh->length = nKeyBits;
42	+#else
43	+ DH_set_length(dh, nKeyBits);
44	+#endif
45	return dh;
46
47	failed:
48	@@ -293,12 +317,24 @@ DHGenerateKey(MDH *dh)
49	MP_gethex(q1, Q1024, res);
50	assert(res);
51
52	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
53	res = isValidPublicKey(dh->pub_key, dh->p, q1);
54	+#else
55	+ BIGNUM const* pub_key = NULL;
56	+ BIGNUM const* p = NULL;
57	+ DH_get0_key(dh, &pub_key, NULL);
58	+ DH_get0_pqg(dh, &p, NULL, NULL);
59	+ res = isValidPublicKey((BIGNUM)pub_key, (BIGNUM)p, q1);
60	+#endif
61	if (!res)
62	{
63	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
64	MP_free(dh->pub_key);
65	MP_free(dh->priv_key);
66	dh->pub_key = dh->priv_key = 0;
67	+#else
68	+ DH_free(dh);
69	+#endif
70	}
71
72	MP_free(q1);
73	@@ -314,15 +350,29 @@ static int
74	DHGetPublicKey(MDH dh, uint8_t pubkey, size_t nPubkeyLen)
75	{
76	int len;
77	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
78	if (!dh \|\| !dh->pub_key)
79	+#else
80	+ BIGNUM const* pub_key = NULL;
81	+ DH_get0_key(dh, &pub_key, NULL);
82	+ if (!dh \|\| !pub_key)
83	+#endif
84	return 0;
85
86	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
87	len = MP_bytes(dh->pub_key);
88	+#else
89	+ len = MP_bytes(pub_key);
90	+#endif
91	if (len <= 0 \|\| len > (int) nPubkeyLen)
92	return 0;
93
94	memset(pubkey, 0, nPubkeyLen);
95	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
96	MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
97	+#else
98	+ MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len);
99	+#endif
100	return 1;
101	}
102
103	@@ -364,7 +414,13 @@ DHComputeSharedSecretKey(MDH dh, uint8_t pubkey, siz
104	MP_gethex(q1, Q1024, len);
105	assert(len);
106
107	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
108	if (isValidPublicKey(pubkeyBn, dh->p, q1))
109	+#else
110	+ BIGNUM const* p = NULL;
111	+ DH_get0_pqg(dh, &p, NULL, NULL);
112	+ if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1))
113	+#endif
114	res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
115	else
116	res = -1;
117	--- handshake.h.orig 2016-02-29 01:15:13 UTC
118	+++ handshake.h
119	@@ -31,9 +31,9 @@
120	#define SHA256_DIGEST_LENGTH 32
121	#endif
122	#define HMAC_CTX sha2_context
123	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
124	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
125	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
126	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
127	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
128	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
129
130	typedef arc4_context * RC4_handle;
131	#define RC4_alloc(h) *h = malloc(sizeof(arc4_context))
132	@@ -50,9 +50,9 @@ typedef arc4_context * RC4_handle;
133	#endif
134	#undef HMAC_CTX
135	#define HMAC_CTX struct hmac_sha256_ctx
136	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
137	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
138	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
139	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
140	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
141	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
142	#define HMAC_close(ctx)
143
144	typedef struct arcfour_ctx* RC4_handle;
145	@@ -64,14 +64,23 @@ typedef struct arcfour_ctx* RC4_handle;
146
147	#else /* USE_OPENSSL */
148	#include <openssl/sha.h>
149	+#include <openssl/ossl_typ.h>
150	#include <openssl/hmac.h>
151	#include <openssl/rc4.h>
152	#if OPENSSL_VERSION_NUMBER < 0x0090800 \|\| !defined(SHA256_DIGEST_LENGTH)
153	#error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
154	#endif
155	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
156	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, buf, len)
157	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
158	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
159	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
160	+#else
161	+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
162	+#endif
163	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, buf, len)
164	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
165	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
166	+#else
167	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx)
168	+#endif
169
170	typedef RC4_KEY * RC4_handle;
171	#define RC4_alloc(h) *h = malloc(sizeof(RC4_KEY))
172	@@ -117,7 +126,7 @@ static void InitRC4Encryption
173	{
174	uint8_t digest[SHA256_DIGEST_LENGTH];
175	unsigned int digestLen = 0;
176	- HMAC_CTX ctx;
177	+ HMAC_CTX* ctx = NULL;
178
179	RC4_alloc(rc4keyIn);
180	RC4_alloc(rc4keyOut);
181	@@ -266,7 +275,7 @@ HMACsha256(const uint8_t *message, size_t messageLen,
182	size_t keylen, uint8_t *digest)
183	{
184	unsigned int digestLen;
185	- HMAC_CTX ctx;
186	+ HMAC_CTX* ctx = NULL;
187
188	HMAC_setup(ctx, key, keylen);
189	HMAC_crunch(ctx, message, messageLen);
190	--- hashswf.c.orig 2016-02-29 01:15:13 UTC
191	+++ hashswf.c
192	@@ -37,9 +37,9 @@
193	#define SHA256_DIGEST_LENGTH 32
194	#endif
195	#define HMAC_CTX sha2_context
196	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
197	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
198	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
199	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
200	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
201	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
202	#define HMAC_close(ctx)
203	#elif defined(USE_GNUTLS)
204	#include <nettle/hmac.h>
205	@@ -48,20 +48,28 @@
206	#endif
207	#undef HMAC_CTX
208	#define HMAC_CTX struct hmac_sha256_ctx
209	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
210	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
211	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
212	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
213	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
214	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
215	#define HMAC_close(ctx)
216	#else /* USE_OPENSSL */
217	#include <openssl/ssl.h>
218	#include <openssl/sha.h>
219	#include <openssl/hmac.h>
220	#include <openssl/rc4.h>
221	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
222	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len)
223	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
224	-#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx)
225	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
226	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
227	+#else
228	+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
229	#endif
230	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, (unsigned char *)buf, len)
231	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, (unsigned char *)dig, &dlen);
232	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
233	+#define HMAC_close(ctx) HMAC_CTX_cleanup(ctx)
234	+#else
235	+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
236	+#endif
237	+#endif
238
239	extern void RTMP_TLS_Init();
240	extern TLS_CTX RTMP_TLS_ctx;
241	@@ -289,7 +297,7 @@ leave:
242	struct info
243	{
244	z_stream *zs;
245	- HMAC_CTX ctx;
246	+ HMAC_CTX *ctx;
247	int first;
248	int zlib;
249	int size;