From 2115f11b5402fdea68f42220eb71dca316b19b74 Mon Sep 17 00:00:00 2001
From: Alexander Traud <pabstraud@compuserve.com>
Date: Tue, 5 May 2015 18:35:16 +0200
Subject: tcptls: Avoiding ERR_remove_state in OpenSSL.

ERR_remove_state was deprecated with OpenSSL 1.0.0 and was replaced by
ERR_remove_thread_state. ERR_load_SSL_strings and ERR_load_BIO_strings were
called by SSL_load_error_strings already and got removed. These changes allow
OpenSSL forks like BoringSSL to be used with Asterisk.

ASTERISK-25043 #close
Reported by: Alexander Traud
patches:
  asterisk_with_BoringSSL.patch uploaded by Alexander Traud (License 6520)

Change-Id: If1c0871ece21a7e0763fafbd2fa023ae49d4d629
(cherry picked from commit 247fef66537b59649e7571d64e2c574a106dbd65)
---
 main/tcptls.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'main/tcptls.c')

diff --git a/main/tcptls.c b/main/tcptls.c
index 92fee604d..1b0c26ad2 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -400,7 +400,11 @@ static int tcptls_stream_close(void *cookie)
 
 			if (!stream->ssl->server) {
 				/* For client threads, ensure that the error stack is cleared */
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+				ERR_remove_thread_state(NULL);
+#else
 				ERR_remove_state(0);
+#endif	/* OPENSSL_VERSION_NUMBER >= 0x10000000L */
 			}
 
 			SSL_free(stream->ssl);
-- 
cgit v1.2.3