DTLS code cleaning

configure

@@ -7,8 +7,6 @@ cleanup() {
 	rm -rf ${TMPCPROGB}
 	rm -rf ${TH_TMPCPROGC}
 	rm -rf ${TH_TMPCPROGB}
-	rm -rf ${DTLS_TMPCPROGC}
-	rm -rf ${DTLS_TMPCPROGB}
 	rm -rf ${GCM_TMPCPROGC}
 	rm -rf ${GCM_TMPCPROGB}
 	rm -rf ${PQ_TMPCPROGC}
@@ -239,21 +237,6 @@ pthread_testbarriers() {
     fi
 }
 
-dtls_testlib() {
-
-    if [ -z "${TURN_NO_DTLS}" ] ; then
-    	${CC} ${DTLS_TMPCPROGC} -o ${DTLS_TMPCPROGB} ${OSCFLAGS} ${OSLIBS} 2>>/dev/null
-    	ER=$?
-    	if [ ${ER} -eq 0 ] ; then
-    	    return 1
-    	else
-    	    return 0
-    	fi
-    else
-		return 0
-    fi
-}
-
 gcm_testlib() {
 
     if [ -z "${TURN_NO_GCM}" ] ; then
@@ -686,19 +669,6 @@ int main(int argc, char** argv) {
 
 !
 
-DTLS_TMPCPROG=__test__ccomp__dtls__$$
-DTLS_TMPCPROGC=${TMPDIR}/${DTLS_TMPCPROG}.c
-DTLS_TMPCPROGB=${TMPDIR}/${DTLS_TMPCPROG}
-
-cat > ${DTLS_TMPCPROGC} <<!
-#include <stdlib.h>
-#include <openssl/ssl.h>
-#include <openssl/bio.h>
-int main(int argc, char** argv) {
-    return (((int)(BIO_CTRL_DGRAM_QUERY_MTU)) + argc + (int)(argv[argc][0]) + DTLSv1_listen(NULL,NULL));
-}
-!
-
 GCM_TMPCPROG=__test__ccomp__gcm__$$
 GCM_TMPCPROGC=${TMPDIR}/${GCM_TMPCPROG}.c
 GCM_TMPCPROGB=${TMPDIR}/${GCM_TMPCPROG}
@@ -961,24 +931,6 @@ else
     exit
 fi
 
-###########################
-# Can we use DTLS ?
-###########################
-
-if [ -z ${TURN_NO_DTLS} ] ; then 
-
-dtls_testlib
-ER=$?
-if [ ${ER} -eq 0 ] ; then
-	${ECHO_CMD} "WARNING: Cannot find DTLS support."
-	${ECHO_CMD} "Turning DTLS off."
-	TURN_NO_DTLS="-DTURN_NO_DTLS"
-fi
-
-else
-	TURN_NO_DTLS="-DTURN_NO_DTLS"
-fi
-
 ###########################
 # Can we use GCM cipher ?
 ###########################

src/apps/common/apputils.c

@@ -349,7 +349,7 @@ int set_socket_df(evutil_socket_t fd, int family, int value)
 static int get_mtu_from_ssl(SSL* ssl)
 {
   int ret = SOSO_MTU;
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   if(ssl)
 	  ret = BIO_ctrl(SSL_get_wbio(ssl), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
 #else
@@ -395,7 +395,7 @@ int decrease_mtu(SSL* ssl, int mtu, int verbose)
 	if (verbose)
 		TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "1. mtu to use: %d\n", mtu);
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 	SSL_set_mtu(ssl,mtu);
 	BIO_ctrl(SSL_get_wbio(ssl), BIO_CTRL_DGRAM_SET_MTU, mtu, NULL);
 #endif
@@ -416,7 +416,7 @@ int set_mtu_df(SSL* ssl, evutil_socket_t fd, int family, int mtu, int df_value,
   set_query_mtu(ssl);
   if(verbose) TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO,"3. mtu to use: %d\n",mtu);
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 
   SSL_set_mtu(ssl,mtu);
 
@@ -859,7 +859,7 @@ static const char* turn_get_method(const SSL_METHOD *method, const char* mdefaul
 				return "TLSv1.2";
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 
 			} else if(method == DTLSv1_server_method()) {
 				return "DTLSv1.0";
@@ -872,7 +872,6 @@ static const char* turn_get_method(const SSL_METHOD *method, const char* mdefaul
 			} else if(method == DTLSv1_2_client_method()) {
 				return "DTLSv1.2";
 #endif
-
 #endif
 			} else {
 				if(mdefault)

src/apps/common/apputils.h

@@ -70,36 +70,44 @@ extern int IS_TURN_SERVER;
 /* TLS */
 
 #if defined(TURN_NO_TLS)
-#define TLS_SUPPORTED 0
-#define TLSv1_1_SUPPORTED 0
-#define TLSv1_2_SUPPORTED 0
-#else
-#define TLS_SUPPORTED 1
-#if defined(SSL_TXT_TLSV1_1)
-#define TLSv1_1_SUPPORTED 1
-#else
-#define TLSv1_1_SUPPORTED 0
-#endif
 
-#if defined(SSL_TXT_TLSV1_2)
-#define TLSv1_2_SUPPORTED 1
+	#define TLS_SUPPORTED 0
+	#define TLSv1_1_SUPPORTED 0
+	#define TLSv1_2_SUPPORTED 0
+
 #else
-#define TLSv1_2_SUPPORTED 0
-#endif
+
+	#define TLS_SUPPORTED 1
+
+	#if defined(SSL_OP_NO_TLSv1_1)
+		#define TLSv1_1_SUPPORTED 1
+	#else
+		#define TLSv1_1_SUPPORTED 0
+	#endif
+
+	#if defined(SSL_OP_NO_TLSv1_2)
+		#define TLSv1_2_SUPPORTED 1
+	#else
+		#define TLSv1_2_SUPPORTED 0
+	#endif
+
 #endif
 
-#define OPENSSL_FIRST_DTLSv1_2_VERSION (0x10002003L)
+#if defined(TURN_NO_DTLS) || !defined(DTLS_CTRL_LISTEN)
+
+	#define DTLS_SUPPORTED 0
+	#define DTLSv1_2_SUPPORTED 0
 
-#if defined(TURN_NO_DTLS)
-#define DTLSv1_SUPPORTED 0
-#define DTLSv1_2_SUPPORTED 0
-#else
-#define DTLSv1_SUPPORTED 1
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_FIRST_DTLSv1_2_VERSION
-#define DTLSv1_2_SUPPORTED 1
 #else
-#define DTLSv1_2_SUPPORTED 0
-#endif
+
+	#define DTLS_SUPPORTED 1
+
+#if defined(SSL_OP_NO_DTLSv1_2)
+		#define DTLSv1_2_SUPPORTED 1
+	#else
+		#define DTLSv1_2_SUPPORTED 0
+	#endif
+
 #endif
 
 /////////// SSL //////////////////////////

src/apps/relay/dtls_listener.c

@@ -58,7 +58,7 @@ struct dtls_listener_relay_server_info {
   ioa_engine_handle e;
   turn_turnserver *ts;
   int verbose;
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   SSL_CTX *dtls_ctx;
 #if DTLSv1_2_SUPPORTED
   SSL_CTX *dtls_ctx_v1_2;
@@ -128,7 +128,7 @@ int get_dtls_version(const unsigned char* buf, int len) {
 
 ///////////// utils /////////////////////
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 
 static void calculate_cookie(SSL* ssl, unsigned char *cookie_secret, unsigned int cookie_length) {
   long rv=(long)ssl;
@@ -428,7 +428,7 @@ static int handle_udp_packet(dtls_listener_relay_server_type *server,
 
 		chs = NULL;
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		if (!turn_params.no_dtls &&
 			is_dtls_handshake_message(ioa_network_buffer_data(sm->m.sm.nd.nbh),
 			(int)ioa_network_buffer_get_size(sm->m.sm.nd.nbh))) {
@@ -537,7 +537,7 @@ static int create_new_connected_udp_socket(
 	ret->current_tos = s->current_tos;
 	ret->default_tos = s->default_tos;
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 	if (!turn_params.no_dtls
 			&& is_dtls_handshake_message(
 					ioa_network_buffer_data(server->sm.m.sm.nd.nbh),
@@ -898,13 +898,14 @@ static int init_server(dtls_listener_relay_server_type* server,
 
   if(!server) return -1;
 
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   server->dtls_ctx = e->dtls_ctx;
-#endif
 
 #if DTLSv1_2_SUPPORTED
   server->dtls_ctx_v1_2 = e->dtls_ctx_v1_2;
 #endif
+#endif
+
   server->ts = ts;
   server->connect_cb = send_socket;
 
@@ -921,7 +922,7 @@ static int init_server(dtls_listener_relay_server_type* server,
   
   server->e = e;
   
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   if(server->dtls_ctx) {
 
 #if defined(REQUEST_CLIENT_CERT)
@@ -934,7 +935,6 @@ static int init_server(dtls_listener_relay_server_type* server,
 	  SSL_CTX_set_cookie_generate_cb(server->dtls_ctx, generate_cookie);
 	  SSL_CTX_set_cookie_verify_cb(server->dtls_ctx, verify_cookie);
   }
-#endif
 
 #if DTLSv1_2_SUPPORTED
   if(server->dtls_ctx_v1_2) {
@@ -946,11 +946,10 @@ static int init_server(dtls_listener_relay_server_type* server,
 
   	  SSL_CTX_set_read_ahead(server->dtls_ctx_v1_2, 1);
 
-  #if DTLSv1_SUPPORTED
   	  SSL_CTX_set_cookie_generate_cb(server->dtls_ctx_v1_2, generate_cookie);
   	  SSL_CTX_set_cookie_verify_cb(server->dtls_ctx_v1_2, verify_cookie);
-  #endif
     }
+#endif
 #endif
 
   return create_server_socket(server, report_creation);

src/apps/relay/mainrelay.c

@@ -72,7 +72,7 @@ NULL, NULL,
 	NULL,
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 NULL,
 #endif
 #if DTLSv1_2_SUPPORTED
@@ -88,7 +88,7 @@ DH_1066, "", DEFAULT_EC_CURVE_NAME, "",
 0,
 #endif
 
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 1,
 #else
 0,
@@ -1228,7 +1228,7 @@ static void set_option(int c, char *value)
 #endif
 		break;
 	case NO_DTLS_OPT:
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		turn_params.no_dtls = get_bool_value(value);
 #else
 		turn_params.no_dtls = 1;
@@ -1618,7 +1618,7 @@ static void print_features(unsigned long mfn)
 	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "TLS supported\n");
 #endif
 
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "DTLS is not supported\n");
 #else
 	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "DTLS supported\n");
@@ -1666,11 +1666,7 @@ static void print_features(unsigned long mfn)
 	TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "OpenSSL multithreading is not supported (?!)\n");
 #endif
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
-	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "OpenSSL compile-time version 0x%llx: fresh enough\n",(unsigned long long)OPENSSL_VERSION_NUMBER);
-#else
-	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "OpenSSL compile-time version 0x%llx version: antique\n",(unsigned long long)OPENSSL_VERSION_NUMBER);
-#endif
+	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "OpenSSL compile-time version: %s\n",OPENSSL_VERSION_TEXT);
 
 	TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "Default Net Engine version: %d (%s)\n\n=====================================================\n\n", (int)turn_params.net_engine_version, turn_params.net_engine_version_txt[(int)turn_params.net_engine_version]);
 
@@ -1802,7 +1798,7 @@ int main(int argc, char **argv)
 	turn_params.no_tls = 1;
 #endif
 
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 	turn_params.no_dtls = 1;
 #endif
 
@@ -2525,12 +2521,13 @@ static void set_ctx(SSL_CTX* ctx, const char *protocol)
 		if(turn_params.no_tlsv1_1)
 			op |= SSL_OP_NO_TLSv1_1;
 #endif
+
 #if defined(SSL_OP_NO_TLSv1_2)
 		if(turn_params.no_tlsv1_2)
 			op |= SSL_OP_NO_TLSv1_2;
 #endif
 
-#if defined(SSL_OP_NO_DTLSv1) && DTLSv1_SUPPORTED
+#if defined(SSL_OP_NO_DTLSv1) && DTLS_SUPPORTED
 		if(turn_params.no_tlsv1)
 			op |= SSL_OP_NO_DTLSv1;
 #endif
@@ -2608,7 +2605,7 @@ static void openssl_setup(void)
 	}
 
 	if(!turn_params.no_dtls) {
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 		TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR, "ERROR: DTLS is not supported.\n");
 #else
 		if(OPENSSL_VERSION_NUMBER < 0x10000000L) {

src/apps/relay/mainrelay.h

@@ -187,11 +187,11 @@ typedef struct _turn_params_ {
 #endif
 #endif
   
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   SSL_CTX *dtls_ctx;
-#endif
 #if DTLSv1_2_SUPPORTED
   SSL_CTX *dtls_ctx_v1_2;
+#endif
 #endif
   
   DH_KEY_SIZE dh_key_size;

src/apps/relay/netengine.c

@@ -947,7 +947,7 @@ static ioa_engine_handle create_new_listener_engine(void)
 		    ,turn_params.tls_ctx_v1_2
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		    ,turn_params.dtls_ctx
 #endif
 #if DTLSv1_2_SUPPORTED
@@ -1003,7 +1003,7 @@ static void setup_listener(void)
 		    ,turn_params.tls_ctx_v1_2
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		    ,turn_params.dtls_ctx
 #endif
 #if DTLSv1_2_SUPPORTED
@@ -1577,7 +1577,7 @@ static void setup_relay_server(struct relay_server *rs, ioa_engine_handle e, int
 			    ,turn_params.tls_ctx_v1_2
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 			    ,turn_params.dtls_ctx
 #endif
 #if DTLSv1_2_SUPPORTED

src/apps/relay/ns_ioalib_engine_impl.c

@@ -440,7 +440,7 @@ void set_ssl_ctx(ioa_engine_handle e,
 		 ,SSL_CTX *tls_ctx_v1_2
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		 ,SSL_CTX *dtls_ctx
 #endif
 #if DTLSv1_2_SUPPORTED
@@ -456,7 +456,7 @@ void set_ssl_ctx(ioa_engine_handle e,
 	e->tls_ctx_v1_2 = tls_ctx_v1_2;
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 	e->dtls_ctx = dtls_ctx;
 #endif
 #if DTLSv1_2_SUPPORTED

src/apps/relay/ns_ioalib_impl.h

@@ -149,7 +149,7 @@ struct _ioa_engine
   SSL_CTX *tls_ctx_v1_2;
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
   SSL_CTX *dtls_ctx;
 #endif
 #if DTLSv1_2_SUPPORTED
@@ -262,7 +262,7 @@ void set_ssl_ctx(ioa_engine_handle e,
 		 ,SSL_CTX *tls_ctx_v1_2
 #endif
 #endif
-#if DTLSv1_SUPPORTED
+#if DTLS_SUPPORTED
 		 ,SSL_CTX *dtls_ctx
 #endif
 #if DTLSv1_2_SUPPORTED

src/apps/uclient/mainuclient.c

@@ -528,7 +528,7 @@ int main(int argc, char **argv)
 #endif
 #endif
 		} else {
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 		  fprintf(stderr,"ERROR: DTLS is not supported.\n");
 		  exit(-1);
 #else

src/apps/uclient/startuclient.c

@@ -98,7 +98,7 @@ static SSL* tls_connect(ioa_socket_raw fd, ioa_addr *remote_addr, int *try_again
 	if(use_tcp) {
 		SSL_set_fd(ssl, fd);
 	} else {
-#if !DTLSv1_SUPPORTED
+#if !DTLS_SUPPORTED
 	  UNUSED_ARG(remote_addr);
 	  fprintf(stderr,"ERROR: DTLS is not supported.\n");
 	  exit(-1);