Attachment #202872 for bug #232901

Lines 2-8 Link Here

(-)multimedia/librtmp/Makefile (-2 / +3 lines)
2		2
3	PORTNAME= librtmp	3	PORTNAME= librtmp
4	PORTVERSION= 2.4.20151223	4	PORTVERSION= 2.4.20151223
5	PORTREVISION= 3	5	PORTREVISION= 4
6	CATEGORIES= multimedia net	6	CATEGORIES= multimedia net
7	MASTER_SITES= LOCAL/hrs	7	MASTER_SITES= LOCAL/hrs
8	DISTNAME= rtmpdump-2.4.fa8646da	8	DISTNAME= rtmpdump-2.4.fa8646da
Lines 18-23 Link Here
18		18
19	CFLAGS+= -I${OPENSSLINC}	19	CFLAGS+= -I${OPENSSLINC}
20	LDFLAGS+= -L${OPENSSLLIB}	20	LDFLAGS+= -L${OPENSSLLIB}
21	WRKSRC= ${WRKDIR}/${DISTNAME}/librtmp	21	PATCH_WRKSRC= ${WRKDIR}/${DISTNAME}
		22	WRKSRC= ${WRKDIR}/${DISTNAME}/librtmp
22		23
23	.include <bsd.port.mk>	24	.include <bsd.port.mk>

Lines 1-5 Link Here

(-)multimedia/librtmp/files/patch-librtmp-Makefile (-2 / +2 lines)
1	--- Makefile.orig 2016-02-29 01:15:13 UTC	1	--- librtmp/Makefile.orig 2016-02-29 01:15:13 UTC
2	+++ Makefile	2	+++ librtmp/Makefile
3	@@ -1,19 +1,21 @@	3	@@ -1,19 +1,21 @@
4	VERSION=v2.4	4	VERSION=v2.4
5		5




--- librtmp/dh.h.orig	2016-02-29 01:15:13 UTC
+++ librtmp/dh.h
@@ -194,7 +194,7 @@ typedef BIGNUM * MP_t;
 
 /* RFC 2631, Section 2.1.5, http://www.ietf.org/rfc/rfc2631.txt */
 static int
-isValidPublicKey(MP_t y, MP_t p, MP_t q)
+isValidPublicKey(const MP_t y, const MP_t p, const MP_t q)
 {
   int ret = TRUE;
   MP_t bn;
@@ -253,20 +253,43 @@ DHInit(int nKeyBits)
   if (!dh)
     goto failed;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_new(dh->g);
 
   if (!dh->g)
     goto failed;
+#else
+  BIGNUM *g;
 
+  MP_new(g);
+  if (g == NULL)
+    goto failed;
+#endif
+
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_gethex(dh->p, P1024, res);	/* prime P1024, see dhgroups.h */
+#else
+  const BIGNUM *p = DH_get0_p(dh);
+
+  MP_gethex(p, P1024, res);	/* prime P1024, see dhgroups.h */
+#endif
   if (!res)
     {
       goto failed;
     }
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_set_w(dh->g, 2);	/* base 2 */
+#else
+  MP_set_w(g, 2);	/* base 2 */
+  DH_set0_pqg(dh, p, NULL, g);
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   dh->length = nKeyBits;
+#else
+  DH_set_length(dh, nKeyBits);
+#endif
   return dh;
 
 failed:
@@ -293,12 +316,20 @@ DHGenerateKey(MDH *dh)
       MP_gethex(q1, Q1024, res);
       assert(res);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
       res = isValidPublicKey(dh->pub_key, dh->p, q1);
+#else
+      res = isValidPublicKey(DH_get0_pub_key(dh), DH_get0_p(dh), q1);
+#endif
       if (!res)
 	{
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
 	  MP_free(dh->pub_key);
 	  MP_free(dh->priv_key);
 	  dh->pub_key = dh->priv_key = 0;
+#else
+          DH_set0_key(dh, NULL, NULL);
+#endif
 	}
 
       MP_free(q1);
@@ -314,15 +345,27 @@ static int
 DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen)
 {
   int len;
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (!dh || !dh->pub_key)
+#else
+  if (!dh || !DH_get0_pub_key(dh))
     return 0;
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   len = MP_bytes(dh->pub_key);
+#else
+  len = MP_bytes(DH_get0_pub_key(dh));
+#endif
   if (len <= 0 || len > (int) nPubkeyLen)
     return 0;
 
   memset(pubkey, 0, nPubkeyLen);
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
+#else
+  MP_setbin(DH_get0_pub_key(dh), pubkey + (nPubkeyLen - len), len);
+#endif
   return 1;
 }
 
@@ -364,7 +407,11 @@ DHComputeSharedSecretKey(MDH *dh, uint8_t *pubkey, siz
   MP_gethex(q1, Q1024, len);
   assert(len);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (isValidPublicKey(pubkeyBn, dh->p, q1))
+#else
+  if (isValidPublicKey(pubkeyBn, DH_get0_p(dh), q1))
+#endif
     res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
   else
     res = -1;




--- librtmp/handshake.h.orig	2016-02-29 01:15:13 UTC
+++ librtmp/handshake.h
@@ -31,9 +31,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 
 typedef arc4_context *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(arc4_context))
@@ -50,9 +50,9 @@ typedef arc4_context *	RC4_handle;
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 
 typedef struct arcfour_ctx*	RC4_handle;
@@ -69,9 +69,23 @@ typedef struct arcfour_ctx*	RC4_handle;
 #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH)
 #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
 #endif
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)	do { \
+		if (ctx == NULL) \
+			ctx = HMAC_CTX_new(); \
+		else \
+			HMAC_CTX_reset(ctx); \
+		HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0); \
+	} while (0)
+#endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, buf, len)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx); ctx = NULL
+#endif
 
 typedef RC4_KEY *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(RC4_KEY))
@@ -117,7 +131,7 @@ static void InitRC4Encryption
 {
   uint8_t digest[SHA256_DIGEST_LENGTH];
   unsigned int digestLen = 0;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx = NULL;
 
   RC4_alloc(rc4keyIn);
   RC4_alloc(rc4keyOut);
@@ -266,7 +280,7 @@ HMACsha256(const uint8_t *message, size_t messageLen, 
 	   size_t keylen, uint8_t *digest)
 {
   unsigned int digestLen;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx = NULL;
 
   HMAC_setup(ctx, key, keylen);
   HMAC_crunch(ctx, message, messageLen);




--- librtmp/hashswf.c.orig	2016-02-29 01:15:13 UTC
+++ librtmp/hashswf.c
@@ -37,9 +37,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 #define HMAC_close(ctx)
 #elif defined(USE_GNUTLS)
 #include <nettle/hmac.h>
@@ -48,20 +48,28 @@
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 #else	/* USE_OPENSSL */
 #include <openssl/ssl.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, (unsigned char *)buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
-#define HMAC_close(ctx)	HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)	ctx = HMAC_CTX_new(); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
 #endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, (unsigned char *)buf, len)
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, (unsigned char *)dig, &dlen);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_close(ctx)	HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_close(ctx)	HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
+#endif
+#endif
 
 extern void RTMP_TLS_Init();
 extern TLS_CTX RTMP_TLS_ctx;
@@ -289,7 +297,7 @@ leave:
 struct info
 {
   z_stream *zs;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx;
   int first;
   int zlib;
   int size;

Lines 1-5 Link Here

(-)multimedia/librtmp/files/patch-librtmp-librtmp.pc.in (-2 / +2 lines)
1	--- librtmp.pc.in.orig 2016-02-29 01:15:13 UTC	1	--- librtmp/librtmp.pc.in.orig 2016-02-29 01:15:13 UTC
2	+++ librtmp.pc.in	2	+++ librtmp/librtmp.pc.in
3	@@ -8,6 +8,6 @@ Description: RTMP implementation	3	@@ -8,6 +8,6 @@ Description: RTMP implementation
4	Version: @VERSION@	4	Version: @VERSION@
5	Requires: @CRYPTO_REQ@	5	Requires: @CRYPTO_REQ@




--- dh.h.orig	2016-02-29 01:15:13 UTC
+++ dh.h
@@ -253,20 +253,44 @@ DHInit(int nKeyBits)
   if (!dh)
     goto failed;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_new(dh->g);
 
   if (!dh->g)
     goto failed;
+#else
+  BIGNUM *g = NULL;
+  MP_new(g);
+  if (!g)
+    goto failed;
 
+  DH_set0_pqg(dh, NULL, g, NULL);
+#endif
+
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_gethex(dh->p, P1024, res);	/* prime P1024, see dhgroups.h */
+#else
+  BIGNUM* p = NULL;
+  DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL);
+  MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
+#endif
   if (!res)
     {
       goto failed;
     }
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_set_w(dh->g, 2);	/* base 2 */
+#else
+  MP_set_w(g, 2);   /* base 2 */
+  DH_set0_pqg(dh, NULL, g, NULL);
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   dh->length = nKeyBits;
+#else
+  DH_set_length(dh, nKeyBits);
+#endif
   return dh;
 
 failed:
@@ -293,12 +317,24 @@ DHGenerateKey(MDH *dh)
       MP_gethex(q1, Q1024, res);
       assert(res);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
       res = isValidPublicKey(dh->pub_key, dh->p, q1);
+#else
+      BIGNUM const* pub_key = NULL;
+      BIGNUM const* p = NULL;
+      DH_get0_key(dh, &pub_key, NULL);
+      DH_get0_pqg(dh, &p, NULL, NULL);
+      res = isValidPublicKey((BIGNUM*)pub_key, (BIGNUM*)p, q1);
+#endif
       if (!res)
 	{
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
 	  MP_free(dh->pub_key);
 	  MP_free(dh->priv_key);
 	  dh->pub_key = dh->priv_key = 0;
+#else
+          DH_free(dh);
+#endif
 	}
 
       MP_free(q1);
@@ -314,15 +350,29 @@ static int
 DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen)
 {
   int len;
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (!dh || !dh->pub_key)
+#else
+  BIGNUM const* pub_key = NULL;
+  DH_get0_key(dh, &pub_key, NULL);
+  if (!dh || !pub_key)
+#endif
     return 0;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   len = MP_bytes(dh->pub_key);
+#else
+  len = MP_bytes(pub_key);
+#endif
   if (len <= 0 || len > (int) nPubkeyLen)
     return 0;
 
   memset(pubkey, 0, nPubkeyLen);
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
+#else
+  MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len);
+#endif
   return 1;
 }
 
@@ -364,7 +414,13 @@ DHComputeSharedSecretKey(MDH *dh, uint8_t *pubkey, siz
   MP_gethex(q1, Q1024, len);
   assert(len);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (isValidPublicKey(pubkeyBn, dh->p, q1))
+#else
+  BIGNUM const* p = NULL;
+  DH_get0_pqg(dh, &p, NULL, NULL);
+  if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1))
+#endif
     res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
   else
     res = -1;
--- handshake.h.orig	2016-02-29 01:15:13 UTC
+++ handshake.h
@@ -31,9 +31,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 
 typedef arc4_context *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(arc4_context))
@@ -50,9 +50,9 @@ typedef arc4_context *	RC4_handle;
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 
 typedef struct arcfour_ctx*	RC4_handle;
@@ -64,14 +64,23 @@ typedef struct arcfour_ctx*	RC4_handle;
 
 #else	/* USE_OPENSSL */
 #include <openssl/sha.h>
+#include <openssl/ossl_typ.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
 #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH)
 #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
 #endif
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)       HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, buf, len)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_finish(ctx, dig, dlen)     HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx)
+#endif
 
 typedef RC4_KEY *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(RC4_KEY))
@@ -117,7 +126,7 @@ static void InitRC4Encryption
 {
   uint8_t digest[SHA256_DIGEST_LENGTH];
   unsigned int digestLen = 0;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   RC4_alloc(rc4keyIn);
   RC4_alloc(rc4keyOut);
@@ -266,7 +275,7 @@ HMACsha256(const uint8_t *message, size_t messageLen, 
 	   size_t keylen, uint8_t *digest)
 {
   unsigned int digestLen;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   HMAC_setup(ctx, key, keylen);
   HMAC_crunch(ctx, message, messageLen);
--- hashswf.c.orig	2016-02-29 01:15:13 UTC
+++ hashswf.c
@@ -37,9 +37,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 #define HMAC_close(ctx)
 #elif defined(USE_GNUTLS)
 #include <nettle/hmac.h>
@@ -48,20 +48,28 @@
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 #else	/* USE_OPENSSL */
 #include <openssl/ssl.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, (unsigned char *)buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
-#define HMAC_close(ctx)	HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
 #endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, (unsigned char *)buf, len)
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, (unsigned char *)dig, &dlen);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_close(ctx)	HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
+#endif
+#endif
 
 extern void RTMP_TLS_Init();
 extern TLS_CTX RTMP_TLS_ctx;
@@ -289,7 +297,7 @@ leave:
 struct info
 {
   z_stream *zs;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx;
   int first;
   int zlib;
   int size;

Return to bug 232901

Line 0 Link Here

(-)multimedia/librtmp/files/patch-librtmp-dh.h (+116 lines)
		1	--- librtmp/dh.h.orig 2016-02-29 01:15:13 UTC
		2	+++ librtmp/dh.h
		3	@@ -194,7 +194,7 @@ typedef BIGNUM * MP_t;
		4
		5	/* RFC 2631, Section 2.1.5, http://www.ietf.org/rfc/rfc2631.txt */
		6	static int
		7	-isValidPublicKey(MP_t y, MP_t p, MP_t q)
		8	+isValidPublicKey(const MP_t y, const MP_t p, const MP_t q)
		9	{
		10	int ret = TRUE;
		11	MP_t bn;
		12	@@ -253,20 +253,43 @@ DHInit(int nKeyBits)
		13	if (!dh)
		14	goto failed;
		15
		16	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
		17	MP_new(dh->g);
		18
		19	if (!dh->g)
		20	goto failed;
		21	+#else
		22	+ BIGNUM *g;
		23
		24	+ MP_new(g);
		25	+ if (g == NULL)
		26	+ goto failed;
		27	+#endif
		28	+
		29	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
		30	MP_gethex(dh->p, P1024, res); /* prime P1024, see dhgroups.h */
		31	+#else
		32	+ const BIGNUM *p = DH_get0_p(dh);
		33	+
		34	+ MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
		35	+#endif
		36	if (!res)
		37	{
		38	goto failed;
		39	}
		40
		41	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
		42	MP_set_w(dh->g, 2); /* base 2 */
		43	+#else
		44	+ MP_set_w(g, 2); /* base 2 */
		45	+ DH_set0_pqg(dh, p, NULL, g);
		46	+#endif
		47
		48	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
		49	dh->length = nKeyBits;
		50	+#else
		51	+ DH_set_length(dh, nKeyBits);
		52	+#endif
		53	return dh;
		54
		55	failed:
		56	@@ -293,12 +316,20 @@ DHGenerateKey(MDH *dh)
		57	MP_gethex(q1, Q1024, res);
		58	assert(res);
		59
		60	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
		61	res = isValidPublicKey(dh->pub_key, dh->p, q1);
		62	+#else
		63	+ res = isValidPublicKey(DH_get0_pub_key(dh), DH_get0_p(dh), q1);
		64	+#endif
65	if (!res)
66	{
67	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
68	MP_free(dh->pub_key);
69	MP_free(dh->priv_key);
70	dh->pub_key = dh->priv_key = 0;
71	+#else
72	+ DH_set0_key(dh, NULL, NULL);
73	+#endif
74	}
75
76	MP_free(q1);
77	@@ -314,15 +345,27 @@ static int
78	DHGetPublicKey(MDH dh, uint8_t pubkey, size_t nPubkeyLen)
79	{
80	int len;
81	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
82	if (!dh \|\| !dh->pub_key)
83	+#else
84	+ if (!dh \|\| !DH_get0_pub_key(dh))
85	return 0;
86	+#endif
87
88	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
89	len = MP_bytes(dh->pub_key);
90	+#else
91	+ len = MP_bytes(DH_get0_pub_key(dh));
92	+#endif
93	if (len <= 0 \|\| len > (int) nPubkeyLen)
94	return 0;
95
96	memset(pubkey, 0, nPubkeyLen);
97	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
98	MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
99	+#else
100	+ MP_setbin(DH_get0_pub_key(dh), pubkey + (nPubkeyLen - len), len);
101	+#endif
102	return 1;
103	}
104
105	@@ -364,7 +407,11 @@ DHComputeSharedSecretKey(MDH dh, uint8_t pubkey, siz
106	MP_gethex(q1, Q1024, len);
107	assert(len);
108
109	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
110	if (isValidPublicKey(pubkeyBn, dh->p, q1))
111	+#else
112	+ if (isValidPublicKey(pubkeyBn, DH_get0_p(dh), q1))
113	+#endif
114	res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
115	else
116	res = -1;

Line 0 Link Here

(-)multimedia/librtmp/files/patch-librtmp-handshake.h (+73 lines)
		1	--- librtmp/handshake.h.orig 2016-02-29 01:15:13 UTC
		2	+++ librtmp/handshake.h
		3	@@ -31,9 +31,9 @@
		4	#define SHA256_DIGEST_LENGTH 32
		5	#endif
		6	#define HMAC_CTX sha2_context
		7	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
		8	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
		9	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
		10	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
		11	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
		12	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
		13
		14	typedef arc4_context * RC4_handle;
		15	#define RC4_alloc(h) *h = malloc(sizeof(arc4_context))
		16	@@ -50,9 +50,9 @@ typedef arc4_context * RC4_handle;
		17	#endif
		18	#undef HMAC_CTX
		19	#define HMAC_CTX struct hmac_sha256_ctx
		20	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
		21	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
		22	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
		23	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
		24	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
		25	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
		26	#define HMAC_close(ctx)
		27
		28	typedef struct arcfour_ctx* RC4_handle;
		29	@@ -69,9 +69,23 @@ typedef struct arcfour_ctx* RC4_handle;
		30	#if OPENSSL_VERSION_NUMBER < 0x0090800 \|\| !defined(SHA256_DIGEST_LENGTH)
		31	#error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
		32	#endif
		33	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
		34	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, buf, len)
		35	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
		36	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
		37	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
		38	+#else
		39	+#define HMAC_setup(ctx, key, len) do { \
		40	+ if (ctx == NULL) \
		41	+ ctx = HMAC_CTX_new(); \
		42	+ else \
		43	+ HMAC_CTX_reset(ctx); \
		44	+ HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0); \
		45	+ } while (0)
		46	+#endif
		47	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, buf, len)
		48	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
		49	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
		50	+#else
		51	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx); ctx = NULL
		52	+#endif
		53
		54	typedef RC4_KEY * RC4_handle;
		55	#define RC4_alloc(h) *h = malloc(sizeof(RC4_KEY))
		56	@@ -117,7 +131,7 @@ static void InitRC4Encryption
		57	{
		58	uint8_t digest[SHA256_DIGEST_LENGTH];
		59	unsigned int digestLen = 0;
		60	- HMAC_CTX ctx;
		61	+ HMAC_CTX *ctx = NULL;
		62
		63	RC4_alloc(rc4keyIn);
		64	RC4_alloc(rc4keyOut);
65	@@ -266,7 +280,7 @@ HMACsha256(const uint8_t *message, size_t messageLen,
66	size_t keylen, uint8_t *digest)
67	{
68	unsigned int digestLen;
69	- HMAC_CTX ctx;
70	+ HMAC_CTX *ctx = NULL;
71
72	HMAC_setup(ctx, key, keylen);
73	HMAC_crunch(ctx, message, messageLen);

Line 0 Link Here

(-)multimedia/librtmp/files/patch-librtmp-hashswf.c (+60 lines)
	1	--- librtmp/hashswf.c.orig 2016-02-29 01:15:13 UTC
	2	+++ librtmp/hashswf.c
	3	@@ -37,9 +37,9 @@
	4	#define SHA256_DIGEST_LENGTH 32
	5	#endif
	6	#define HMAC_CTX sha2_context
	7	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
	8	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
	9	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
	10	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
	11	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
	12	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
	13	#define HMAC_close(ctx)
	14	#elif defined(USE_GNUTLS)
	15	#include <nettle/hmac.h>
	16	@@ -48,20 +48,28 @@
	17	#endif
	18	#undef HMAC_CTX
	19	#define HMAC_CTX struct hmac_sha256_ctx
	20	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
	21	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
	22	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
	23	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
	24	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
	25	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
	26	#define HMAC_close(ctx)
	27	#else /* USE_OPENSSL */
	28	#include <openssl/ssl.h>
	29	#include <openssl/sha.h>
	30	#include <openssl/hmac.h>
	31	#include <openssl/rc4.h>
	32	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
	33	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len)
	34	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
	35	-#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx)
	36	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	37	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
	38	+#else
	39	+#define HMAC_setup(ctx, key, len) ctx = HMAC_CTX_new(); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
	40	#endif
	41	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, (unsigned char *)buf, len)
	42	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, (unsigned char *)dig, &dlen);
	43	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
	44	+#define HMAC_close(ctx) HMAC_CTX_cleanup(ctx)
	45	+#else
	46	+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
	47	+#endif
	48	+#endif
	49
	50	extern void RTMP_TLS_Init();
	51	extern TLS_CTX RTMP_TLS_ctx;
	52	@@ -289,7 +297,7 @@ leave:
	53	struct info
	54	{
	55	z_stream *zs;
	56	- HMAC_CTX ctx;
	57	+ HMAC_CTX *ctx;
	58	int first;
	59	int zlib;
	60	int size;

Lines 1-249 Link Here

(-)multimedia/librtmp/files/patch-openssl-1.1 (-249 lines)
1	--- dh.h.orig 2016-02-29 01:15:13 UTC
2	+++ dh.h
3	@@ -253,20 +253,44 @@ DHInit(int nKeyBits)
4	if (!dh)
5	goto failed;
6
7	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
8	MP_new(dh->g);
9
10	if (!dh->g)
11	goto failed;
12	+#else
13	+ BIGNUM *g = NULL;
14	+ MP_new(g);
15	+ if (!g)
16	+ goto failed;
17
18	+ DH_set0_pqg(dh, NULL, g, NULL);
19	+#endif
20	+
21	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
22	MP_gethex(dh->p, P1024, res); /* prime P1024, see dhgroups.h */
23	+#else
24	+ BIGNUM* p = NULL;
25	+ DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL);
26	+ MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
27	+#endif
28	if (!res)
29	{
30	goto failed;
31	}
32
33	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
34	MP_set_w(dh->g, 2); /* base 2 */
35	+#else
36	+ MP_set_w(g, 2); /* base 2 */
37	+ DH_set0_pqg(dh, NULL, g, NULL);
38	+#endif
39
40	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
41	dh->length = nKeyBits;
42	+#else
43	+ DH_set_length(dh, nKeyBits);
44	+#endif
45	return dh;
46
47	failed:
48	@@ -293,12 +317,24 @@ DHGenerateKey(MDH *dh)
49	MP_gethex(q1, Q1024, res);
50	assert(res);
51
52	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
53	res = isValidPublicKey(dh->pub_key, dh->p, q1);
54	+#else
55	+ BIGNUM const* pub_key = NULL;
56	+ BIGNUM const* p = NULL;
57	+ DH_get0_key(dh, &pub_key, NULL);
58	+ DH_get0_pqg(dh, &p, NULL, NULL);
59	+ res = isValidPublicKey((BIGNUM)pub_key, (BIGNUM)p, q1);
60	+#endif
61	if (!res)
62	{
63	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
64	MP_free(dh->pub_key);
65	MP_free(dh->priv_key);
66	dh->pub_key = dh->priv_key = 0;
67	+#else
68	+ DH_free(dh);
69	+#endif
70	}
71
72	MP_free(q1);
73	@@ -314,15 +350,29 @@ static int
74	DHGetPublicKey(MDH dh, uint8_t pubkey, size_t nPubkeyLen)
75	{
76	int len;
77	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
78	if (!dh \|\| !dh->pub_key)
79	+#else
80	+ BIGNUM const* pub_key = NULL;
81	+ DH_get0_key(dh, &pub_key, NULL);
82	+ if (!dh \|\| !pub_key)
83	+#endif
84	return 0;
85
86	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
87	len = MP_bytes(dh->pub_key);
88	+#else
89	+ len = MP_bytes(pub_key);
90	+#endif
91	if (len <= 0 \|\| len > (int) nPubkeyLen)
92	return 0;
93
94	memset(pubkey, 0, nPubkeyLen);
95	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
96	MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
97	+#else
98	+ MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len);
99	+#endif
100	return 1;
101	}
102
103	@@ -364,7 +414,13 @@ DHComputeSharedSecretKey(MDH dh, uint8_t pubkey, siz
104	MP_gethex(q1, Q1024, len);
105	assert(len);
106
107	+#if !defined(USE_OPENSSL) \|\| !defined(OPENSSL_VERSION_NUMBER) \|\| OPENSSL_VERSION_NUMBER < 0x10100000L
108	if (isValidPublicKey(pubkeyBn, dh->p, q1))
109	+#else
110	+ BIGNUM const* p = NULL;
111	+ DH_get0_pqg(dh, &p, NULL, NULL);
112	+ if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1))
113	+#endif
114	res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
115	else
116	res = -1;
117	--- handshake.h.orig 2016-02-29 01:15:13 UTC
118	+++ handshake.h
119	@@ -31,9 +31,9 @@
120	#define SHA256_DIGEST_LENGTH 32
121	#endif
122	#define HMAC_CTX sha2_context
123	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
124	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
125	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
126	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
127	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
128	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
129
130	typedef arc4_context * RC4_handle;
131	#define RC4_alloc(h) *h = malloc(sizeof(arc4_context))
132	@@ -50,9 +50,9 @@ typedef arc4_context * RC4_handle;
133	#endif
134	#undef HMAC_CTX
135	#define HMAC_CTX struct hmac_sha256_ctx
136	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
137	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
138	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
139	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
140	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
141	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
142	#define HMAC_close(ctx)
143
144	typedef struct arcfour_ctx* RC4_handle;
145	@@ -64,14 +64,23 @@ typedef struct arcfour_ctx* RC4_handle;
146
147	#else /* USE_OPENSSL */
148	#include <openssl/sha.h>
149	+#include <openssl/ossl_typ.h>
150	#include <openssl/hmac.h>
151	#include <openssl/rc4.h>
152	#if OPENSSL_VERSION_NUMBER < 0x0090800 \|\| !defined(SHA256_DIGEST_LENGTH)
153	#error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
154	#endif
155	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
156	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, buf, len)
157	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
158	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
159	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
160	+#else
161	+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
162	+#endif
163	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, buf, len)
164	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
165	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
166	+#else
167	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx)
168	+#endif
169
170	typedef RC4_KEY * RC4_handle;
171	#define RC4_alloc(h) *h = malloc(sizeof(RC4_KEY))
172	@@ -117,7 +126,7 @@ static void InitRC4Encryption
173	{
174	uint8_t digest[SHA256_DIGEST_LENGTH];
175	unsigned int digestLen = 0;
176	- HMAC_CTX ctx;
177	+ HMAC_CTX* ctx = NULL;
178
179	RC4_alloc(rc4keyIn);
180	RC4_alloc(rc4keyOut);
181	@@ -266,7 +275,7 @@ HMACsha256(const uint8_t *message, size_t messageLen,
182	size_t keylen, uint8_t *digest)
183	{
184	unsigned int digestLen;
185	- HMAC_CTX ctx;
186	+ HMAC_CTX* ctx = NULL;
187
188	HMAC_setup(ctx, key, keylen);
189	HMAC_crunch(ctx, message, messageLen);
190	--- hashswf.c.orig 2016-02-29 01:15:13 UTC
191	+++ hashswf.c
192	@@ -37,9 +37,9 @@
193	#define SHA256_DIGEST_LENGTH 32
194	#endif
195	#define HMAC_CTX sha2_context
196	-#define HMAC_setup(ctx, key, len) sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
197	-#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(&ctx, buf, len)
198	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
199	+#define HMAC_setup(ctx, key, len) sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
200	+#define HMAC_crunch(ctx, buf, len) sha2_hmac_update(ctx, buf, len)
201	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
202	#define HMAC_close(ctx)
203	#elif defined(USE_GNUTLS)
204	#include <nettle/hmac.h>
205	@@ -48,20 +48,28 @@
206	#endif
207	#undef HMAC_CTX
208	#define HMAC_CTX struct hmac_sha256_ctx
209	-#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(&ctx, len, key)
210	-#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(&ctx, len, buf)
211	-#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
212	+#define HMAC_setup(ctx, key, len) hmac_sha256_set_key(ctx, len, key)
213	+#define HMAC_crunch(ctx, buf, len) hmac_sha256_update(ctx, len, buf)
214	+#define HMAC_finish(ctx, dig, dlen) dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
215	#define HMAC_close(ctx)
216	#else /* USE_OPENSSL */
217	#include <openssl/ssl.h>
218	#include <openssl/sha.h>
219	#include <openssl/hmac.h>
220	#include <openssl/rc4.h>
221	-#define HMAC_setup(ctx, key, len) HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
222	-#define HMAC_crunch(ctx, buf, len) HMAC_Update(&ctx, (unsigned char *)buf, len)
223	-#define HMAC_finish(ctx, dig, dlen) HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
224	-#define HMAC_close(ctx) HMAC_CTX_cleanup(&ctx)
225	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
226	+#define HMAC_setup(ctx, key, len) HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
227	+#else
228	+#define HMAC_setup(ctx, key, len) HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
229	#endif
230	+#define HMAC_crunch(ctx, buf, len) HMAC_Update(ctx, (unsigned char *)buf, len)
231	+#define HMAC_finish(ctx, dig, dlen) HMAC_Final(ctx, (unsigned char *)dig, &dlen);
232	+#if OPENSSL_VERSION_NUMBER < 0x10100000L
233	+#define HMAC_close(ctx) HMAC_CTX_cleanup(ctx)
234	+#else
235	+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
236	+#endif
237	+#endif
238
239	extern void RTMP_TLS_Init();
240	extern TLS_CTX RTMP_TLS_ctx;
241	@@ -289,7 +297,7 @@ leave:
242	struct info
243	{
244	z_stream *zs;
245	- HMAC_CTX ctx;
246	+ HMAC_CTX *ctx;
247	int first;
248	int zlib;
249	int size;