refine build with openssl 1.1.0+ (semigodking#114)

no patch needed, just use DISABLE_SHADOWSOCKS, and backward compatibility with openssl 1.0.x when ENABLE_HTTPS_PROXY.
smiley-yoyo · Mar 13, 2019 · 6f58724 · 6f58724
1 parent 53cad23
commit 6f58724
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 28 deletions.
diff --git a/Makefile b/Makefile
@@ -1,6 +1,13 @@
+ifdef DISABLE_SHADOWSOCKS
+OBJS := parser.o main.o redsocks.o log.o direct.o ipcache.o autoproxy.o http-connect.o \
+        socks4.o socks5.o http-relay.o base.o base64.o md5.o http-auth.o utils.o redudp.o socks5-udp.o \
+        tcpdns.o gen/version.o
+override CFLAGS += -DDISABLE_SHADOWSOCKS
+else
 OBJS := parser.o main.o redsocks.o log.o direct.o ipcache.o autoproxy.o encrypt.o shadowsocks.o http-connect.o \
         socks4.o socks5.o http-relay.o base.o base64.o md5.o http-auth.o utils.o redudp.o socks5-udp.o shadowsocks-udp.o \
         tcpdns.o gen/version.o
+endif
 SRCS := $(OBJS:.o=.c)
 CONF := config.h
 DEPS := .depend

diff --git a/README.md b/README.md
@@ -58,6 +58,11 @@ $ git apply patches/disable-ss.patch
 $ make
 ```
 
+To compile on newer systems with OpenSSL 1.1.1+ (just disable shadowsocks support, no patch need and worked with ENABLE_HTTPS_PROXY. DO NOT APPLY THE PATCH!):
+```
+$ make DISABLE_SHADOWSOCKS=true
+```
+
 Since this variant of redsocks is customized for running with Openwrt, please
 read documents here (http://wiki.openwrt.org/doc/devel/crosscompile) for how
 to cross compile.

diff --git a/https-connect.c b/https-connect.c
@@ -106,8 +106,12 @@ static int httpsc_instance_init(struct redsocks_instance_t *instance)
 {
     httpsc_instance * httpsc = (httpsc_instance *)(instance + 1);
     SSL_CTX * ctx = NULL;
-
-    ctx = SSL_CTX_new(SSLv23_client_method());
+
+    #if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+        ctx = SSL_CTX_new(SSLv23_client_method());
+    #else
+        ctx = SSL_CTX_new(TLS_client_method());
+    #endif
     if (!ctx)
     {
         unsigned long err = ERR_get_error();
@@ -148,7 +152,7 @@ static void httpsc_event_cb(struct bufferevent *buffev, short what, void *_arg)
     else
 #endif
         log_ssl_error(client, client->relay);
-    redsocks_log_errno(client, LOG_DEBUG, "%s, what: " event_fmt_str, 
+    redsocks_log_errno(client, LOG_DEBUG, "%s, what: " event_fmt_str,
                             buffev == client->client?"client":"relay",
                             event_fmt(what));
 
@@ -159,7 +163,7 @@ static void httpsc_event_cb(struct bufferevent *buffev, short what, void *_arg)
         {
             if (!(client->relay_evshut & EV_WRITE) && client->relay_connected)
                 // when we got EOF from client, we need to shutdown relay's write
-                process_shutdown_on_write_(client, client->client, client->relay); 
+                process_shutdown_on_write_(client, client->client, client->relay);
         }
         else
         {
@@ -226,12 +230,12 @@ static int httpsc_connect_relay(redsocks_client *client)
     struct timeval tv = {client->instance->config.timeout, 0};
 
     if (!sclient->ssl)
-        sclient->ssl = SSL_new(httpsc->ctx); 
+        sclient->ssl = SSL_new(httpsc->ctx);
 
     // Allowing binding relay socket to specified IP for outgoing connections
     client->relay = red_connect_relay_ssl(interface, &client->instance->config.relayaddr,
                                       sclient->ssl,
-                                      httpsc_read_cb, 
+                                      httpsc_read_cb,
                                       NULL,
                                       httpsc_event_cb, client, &tv);
     if (!client->relay) {

diff --git a/redsocks.c b/redsocks.c
@@ -3,8 +3,8 @@
  *
  * This code is based on redsocks project developed by Leonid Evdokimov.
  * Licensed under the Apache License, Version 2.0 (the "License").
- * 
- * 
+ *
+ *
  * Copyright (C) 2007-2011 Leonid Evdokimov <[email protected]>
  *
  * Licensed under the Apache License, Version 2.0 (the "License"); you may not
@@ -56,15 +56,19 @@ extern relay_subsys https_connect_subsys;
 extern relay_subsys http_relay_subsys;
 extern relay_subsys socks4_subsys;
 extern relay_subsys socks5_subsys;
+#if !defined(DISABLE_SHADOWSOCKS)
 extern relay_subsys shadowsocks_subsys;
+#endif
 static relay_subsys *relay_subsystems[] =
 {
     &direct_connect_subsys,
     &http_connect_subsys,
     &http_relay_subsys,
     &socks4_subsys,
     &socks5_subsys,
+#if !defined(DISABLE_SHADOWSOCKS)
     &shadowsocks_subsys,
+#endif
 #if defined(ENABLE_HTTPS_PROXY)
     &https_connect_subsys,
 #endif
@@ -179,7 +183,7 @@ static int redsocks_onenter(parser_section *section)
             (strcmp(entry->key, "autoproxy") == 0) ? (void*)&instance->config.autoproxy :
             (strcmp(entry->key, "timeout") == 0) ? (void*)&instance->config.timeout:
             NULL;
-    section->data = instance;   
+    section->data = instance;
     return 0;
 }
 
@@ -387,9 +391,9 @@ int redsocks_start_relay(redsocks_client *client)
                                      event_cb,
                                      client);
 
-    error = bufferevent_enable(client->client, 
-                client->client_evshut == EV_READ ? EV_WRITE : 
-                client->client_evshut == EV_WRITE ? EV_READ : 
+    error = bufferevent_enable(client->client,
+                client->client_evshut == EV_READ ? EV_WRITE :
+                client->client_evshut == EV_WRITE ? EV_READ :
                 client->client_evshut == (EV_READ|EV_WRITE) ? 0 : EV_READ | EV_WRITE);
     if (!error)
         error = bufferevent_enable(client->relay, EV_READ | EV_WRITE);
@@ -506,7 +510,7 @@ void redsocks_event_error(struct bufferevent *buffev, short what, void *_arg)
 
     if (!(what & BEV_EVENT_ERROR))
         errno = redsocks_socket_geterrno(client, buffev);
-    redsocks_log_errno(client, LOG_DEBUG, "%s, what: " event_fmt_str, 
+    redsocks_log_errno(client, LOG_DEBUG, "%s, what: " event_fmt_str,
                             buffev == client->client?"client":"relay",
                             event_fmt(what));
 
@@ -674,7 +678,7 @@ int redsocks_connect_relay(redsocks_client *client)
 
     // Allowing binding relay socket to specified IP for outgoing connections
     client->relay = red_connect_relay(interface, &client->instance->config.relayaddr,
-                                      NULL, 
+                                      NULL,
                                       redsocks_relay_connected,
                                       redsocks_event_error, client, &tv);
     if (!client->relay) {
@@ -782,7 +786,7 @@ static void redsocks_accept_client(int fd, short what, void *_arg)
 
     // everything seems to be ok, let's allocate some memory
     if (self->config.autoproxy)
-        client = calloc(1, sizeof(redsocks_client) + 
+        client = calloc(1, sizeof(redsocks_client) +
                             self->relay_ss->payload_len + autoproxy_subsys.payload_len
                             );
     else
@@ -809,9 +813,9 @@ static void redsocks_accept_client(int fd, short what, void *_arg)
     if (!client->client) {
         log_errno(LOG_ERR, "bufferevent_socket_new");
         goto fail;
-    }   
+    }
     bufferevent_setcb(client->client, NULL, NULL, redsocks_event_error, client);
-    
+
     client_fd = -1;
 
     // enable reading to handle EOF from client
@@ -893,7 +897,7 @@ static void redsocks_dump_instance(redsocks_instance *instance)
               red_inet_ntop(&instance->config.bindaddr, addr_str, sizeof(addr_str)));
     list_for_each_entry(client, &instance->clients, list)
         redsocks_dump_client(client, LOG_INFO);
-    
+
     log_error(LOG_INFO, "End of client list.");
 }
 
@@ -905,9 +909,9 @@ static void redsocks_debug_dump()
         redsocks_dump_instance(instance);
 }
 
-/* Audit is required to clean up hung connections. 
+/* Audit is required to clean up hung connections.
  * Not all connections are closed gracefully by both ends. In any case that
- * either far end of client or far end of relay does not close connection 
+ * either far end of client or far end of relay does not close connection
  * gracefully, we got hung connections.
  */
 static void redsocks_audit_instance(redsocks_instance *instance)
@@ -925,7 +929,7 @@ static void redsocks_audit_instance(redsocks_instance *instance)
 
         if (now - client->last_event >= REDSOCKS_AUDIT_INTERVAL){
             /* Only take actions if no touch of the client for at least an audit cycle.*/
-            /* drop this client if either end disconnected */   
+            /* drop this client if either end disconnected */
             if ((client->client_evshut == EV_WRITE && client->relay_evshut == EV_READ)
                 || (client->client_evshut == EV_READ && client->relay_evshut == EV_WRITE)
                 || (client->client_evshut == (EV_READ|EV_WRITE) && client->relay_evshut == EV_WRITE)
@@ -963,11 +967,11 @@ static int redsocks_init_instance(redsocks_instance *instance)
     int error;
     evutil_socket_t fd = -1;
 
-    if (instance->relay_ss->instance_init 
+    if (instance->relay_ss->instance_init
         && instance->relay_ss->instance_init(instance)) {
         log_errno(LOG_ERR, "Failed to init relay subsystem.");
         goto fail;
-    } 
+    }
 
     fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
     if (fd == -1) {

diff --git a/redudp.c b/redudp.c
@@ -3,8 +3,8 @@
  *
  * This code is based on redsocks project developed by Leonid Evdokimov.
  * Licensed under the Apache License, Version 2.0 (the "License").
- * 
- * 
+ *
+ *
  * redsocks - transparent TCP-to-proxy redirector
  * Copyright (C) 2007-2011 Leonid Evdokimov <[email protected]>
  *
@@ -65,11 +65,15 @@ struct bound_udp4 {
 };
 
 extern udprelay_subsys socks5_udp_subsys;
+#if !defined(DISABLE_SHADOWSOCKS)
 extern udprelay_subsys shadowsocks_udp_subsys;
+#endif
 static udprelay_subsys *relay_subsystems[] =
 {
     &socks5_udp_subsys,
+    #if !defined(DISABLE_SHADOWSOCKS)
     &shadowsocks_udp_subsys,
+    #endif
 };
 /***********************************************************************
  * Helpers
@@ -263,7 +267,7 @@ void redudp_bump_timeout(redudp_client *client)
     }
 }
 
-void redudp_fwd_pkt_to_sender(redudp_client *client, void *buf, size_t len, 
+void redudp_fwd_pkt_to_sender(redudp_client *client, void *buf, size_t len,
                               struct sockaddr_in * srcaddr)
 {
     size_t sent;
@@ -541,11 +545,11 @@ static int redudp_init_instance(redudp_instance *instance)
     char buf1[RED_INET_ADDRSTRLEN], buf2[RED_INET_ADDRSTRLEN];
 
     instance->shared_buff = &shared_buff[0];
-    if (instance->relay_ss->instance_init 
+    if (instance->relay_ss->instance_init
         && instance->relay_ss->instance_init(instance)) {
         log_errno(LOG_ERR, "Failed to init UDP relay subsystem.");
         goto fail;
-    } 
+    }
 
     fd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
     if (fd == -1) {