summaryrefslogtreecommitdiff
path: root/net-im/coturn
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2024-11-08 03:03:28 +0000
committerV3n3RiX <venerix@koprulu.sector>2024-11-08 03:03:28 +0000
commit2cd9ff612e84f0c1ef63c9e9e13be53fe576cc2b (patch)
tree6e975e18646dac9f4b55fab980271a027428cc4d /net-im/coturn
parentabe17cf152eeb7571da8db4b25a30465644a41ba (diff)
gentoo auto-resync : 08:11:2024 - 03:03:27
Diffstat (limited to 'net-im/coturn')
-rw-r--r--net-im/coturn/Manifest3
-rw-r--r--net-im/coturn/coturn-4.6.0.ebuild98
-rw-r--r--net-im/coturn/files/coturn-4.6.0-openssl3.patch356
3 files changed, 0 insertions, 457 deletions
diff --git a/net-im/coturn/Manifest b/net-im/coturn/Manifest
index 3089c2714184..961006ff0e4f 100644
--- a/net-im/coturn/Manifest
+++ b/net-im/coturn/Manifest
@@ -1,12 +1,9 @@
AUX coturn-4.5.2-respect-TMPDIR.patch 479 BLAKE2B 75e20f0927bcb080c354579d2dd0d7d3674a1f41cf4644519499b0b2fd17c819a613fa94b9cceac68bb7e442228e9996265cf358005924458710e4fefab2c3bd SHA512 660fdfa1284c5abd5075fd0bce9f123ab0caac9b18cf499fba78022368b04c2904be0df477b7c5070a8cca46b5ac53d686664015747718c228d8c1aa2a1e8945
-AUX coturn-4.6.0-openssl3.patch 11812 BLAKE2B 2c989408bbe9b742a16341516421e526cd159da74cabd18cf038aa5ed473cca13a41fe857fc566e13eb3e884a72d9c5201f90b7584dc314017ca3425c367df3e SHA512 c71f0b1d5830670c58994445bfd98818b24171d4e4aac170ed67b495a87db680dad36cd1eed4f0ae1e80e42f9567e9f28d5ca8847e8c9fe68909b7fae42f3744
AUX coturn.conf 46 BLAKE2B 8ae3300f7a0a6e09fde5259b660ec69c7b15cd08d2edcd7a5f77db9beda773d313b5625c44f75b922efc6205b06d17aadcfba98c8b8c8638b6a8de12801245b1 SHA512 f5b813fef017b995d036fc968c6b44cd969867c0233d36ef450357ab5f104a9f38fb27100c22fa14ed4ef49ec410e86c077f400ba7cde1b0e2466368fd02a2dc
AUX coturn.service 470 BLAKE2B 21b1cc005b5b91a8cb80b05a45afc16d73ad88e5b0a851294a6fab79d01a3bebbd048dc0bdd2423b62c2b56fe16dece95613846ad45bc9d5c3642a79fa726eff SHA512 f4228af88e51a38b06b0f91e1494d4e61a9a9f18cbab9fe85c323267e28045ebaae2832bae114da6e326cf22bf8efbd2bd5677cbcdde8fe994eca60802a6dc66
AUX logrotate.coturn 345 BLAKE2B 26edd2ad44d947bf943757fb3e3255cafea64fac5d495402bbc3a7088ed6ffd822cc8f07010669f9faf856eb8a893d9ba9ab48d4b417f8c3fd27772ffb71cae0 SHA512 ebfadc7e6435061b7120baffce76a65c224768ab85e59e3b8cd140e394fa6e4eaa258eccce76f3152fd6a1adab0c84e39feb51663c76359401e04df4d8db2c1d
AUX turnserver.init 633 BLAKE2B 78da89afc2be30bac969bb2a393d454d32ba77e199f2ccb5e34557ce34cf3a242402210afe6e30400b4a47ef9dc7880cded44a1932f7769f21f4143261a3569e SHA512 3b86b2186499c96ec0cfd3a124ea058a622c21cc870e079414f6055f7ba85830a5b85c424c809c010144f9270fcada80ef20bcab4cbc9c7fe0949b24fef02b59
-DIST coturn-4.6.0.tar.gz 474423 BLAKE2B b70ecd1f333f4f9f37adcab6f5fd3406aa0eb962488b7cae4a30c9339cf7b11b2bfedd1fa70bd3b0c32bf82702d39eb22278506521f71e0cb6aaadee9d3c3d05 SHA512 a80ea1b8d9c78b8f9fc632517a0246cb0d2d4ff21c59d53827f026fb3a145a01b3bec637af94a96b525c35251cb5e9e209ba7f368f08e12ef61220bcb784637c
DIST coturn-4.6.2.tar.gz 506275 BLAKE2B 0755e5ab8a5aa87606a604f7ebda81dfd1e5ae04e394316d841954f2d45caafccab43c17aee6de241b7b3e8483a4f7b54f68b915921b36621929d60127d1084b SHA512 ab8457921952a00b34111c03f2e5a2a9035977566270fdf9c8b9b777346645a8b233574134c0ef1c3aa2cf84bd89fbc82648678144c68ac0dff1712ce503b731
-EBUILD coturn-4.6.0.ebuild 2474 BLAKE2B 7a81afdb915486a7be151062c4025b7dabe4641c6392c52b1f7f44eaee8a7af702abac7099ca76e221a56278832070eb2d36371db4f387aca8cda29431461149 SHA512 745fd66e91b4a2b6d23d32c2259e7ff7f5bfca236baceaaa792e6c04bd9ba8a03f2abace55a70854693d82db37c2b6d5b689407d75a56a40309cbcfcb797201f
EBUILD coturn-4.6.2.ebuild 2239 BLAKE2B 3cd9b86adc41d20ffb80c4f0b7e293f45be3e5570900f711816d45430f54b820457f0f88659efe24cc6fdc0c0788549fa8f4ff5b6740a4c7a3bc29955ddb7da8 SHA512 7390bc878a1ca7dba04a5076aff1ca5ecaaf5c9db297f4a1d3bcb5a917a942581fb4876a7e07ff9b22448b0b91a2cf5487cad5670bfc9cfabd0821a7e3aa8f2e
EBUILD coturn-9999.ebuild 2239 BLAKE2B 3cd9b86adc41d20ffb80c4f0b7e293f45be3e5570900f711816d45430f54b820457f0f88659efe24cc6fdc0c0788549fa8f4ff5b6740a4c7a3bc29955ddb7da8 SHA512 7390bc878a1ca7dba04a5076aff1ca5ecaaf5c9db297f4a1d3bcb5a917a942581fb4876a7e07ff9b22448b0b91a2cf5487cad5670bfc9cfabd0821a7e3aa8f2e
MISC metadata.xml 408 BLAKE2B 0105aa40210140e67d836f67867c65a3a42aaf0fb29515072ea357818eab1da26fcfd3fd436a23aaa0b139b3aa917dbf253f6eaf42421db011fe2d01163d4e94 SHA512 b2e3da210628f283adfa1dcd6b4ea62c3e49e2dc390e8addf15e286af7bfa2bfae90116c714f011f55f99ffb21ee598033e5ddade23f7bab2f03cc7a06f1512a
diff --git a/net-im/coturn/coturn-4.6.0.ebuild b/net-im/coturn/coturn-4.6.0.ebuild
deleted file mode 100644
index 92b69c62eba0..000000000000
--- a/net-im/coturn/coturn-4.6.0.ebuild
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit toolchain-funcs systemd tmpfiles
-
-DESCRIPTION="coturn TURN server project"
-HOMEPAGE="https://github.com/coturn/coturn"
-
-if [[ ${PV} == *9999 ]]; then
- EGIT_REPO_URI="https://github.com/coturn/coturn.git"
- inherit git-r3
- #S="${WORKDIR}/${PN}-master"
-else
- SRC_URI="https://github.com/coturn/coturn/archive/${PV}.tar.gz -> ${P}.tar.gz"
- KEYWORDS="~amd64 ~arm64 ~x86"
-fi
-
-LICENSE="BSD"
-SLOT="0"
-IUSE="mongodb mysql postgres redis sqlite"
-
-RDEPEND="
- acct-group/turnserver
- acct-user/turnserver
- >dev-libs/libevent-2.1.8:=
- dev-libs/openssl:=
- mongodb? ( dev-libs/mongo-c-driver )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:* )
- redis? ( dev-libs/hiredis:= )
- sqlite? ( dev-db/sqlite )
-"
-DEPEND="${RDEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-4.5.2-respect-TMPDIR.patch
- "${FILESDIR}"/${P}-openssl3.patch
-)
-
-src_configure() {
- if [[ -n "${AR}" ]]; then
- sed 's:ARCHIVERCMD="ar -r":ARCHIVERCMD="${AR} -r":g' -i "${S}/configure"
- fi
-
- sed 's:MANPREFIX}/man/:MANPREFIX}/:g' -i "${S}/Makefile.in" || die "sed for mandir failed"
- sed 's:#log-file=/var/tmp/turn.log:log-file=/var/log/turnserver.log:' \
- -i "${S}/examples/etc/turnserver.conf" || die "sed for logdir failed"
- sed 's:#simple-log:simple-log:' -i "${S}/examples/etc/turnserver.conf" \
- || die "sed for simple-log failed"
- sed '/INSTALL_DIR} examples\/script/a \ \${INSTALL_DIR} examples\/ca \${DESTDIR}${EXAMPLESDIR}' \
- -i "${S}/Makefile.in" || die "sed for example ca failed"
-
- if ! use mongodb; then
- export TURN_NO_MONGO=yes
- fi
- if ! use mysql; then
- export TURN_NO_MYSQL=yes
- fi
- if ! use postgres; then
- export TURN_NO_PQ=yes
- fi
- if ! use redis; then
- export TURN_NO_HIREDIS=yes
- fi
- if ! use sqlite; then
- export TURN_NO_SQLITE=yes
- fi
-
- tc-export CC
-
- export ARCHIVERCMD="$(tc-getAR) -r"
- export PKGCONFIG="$(tc-getPKG_CONFIG)"
- export DOCSDIR="/usr/share/doc/${PN}-${PV}"
-
- econf $(use_with sqlite)
-}
-
-src_install() {
- default
-
- newinitd "${FILESDIR}/turnserver.init" turnserver
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/logrotate.${PN}" "${PN}"
-
- systemd_dounit "${FILESDIR}/${PN}.service"
- dotmpfiles "${FILESDIR}/${PN}.conf"
-}
-
-pkg_postinst() {
- tmpfiles_process ${PN}.conf
-
- elog "You need to copy ${EROOT}/etc/turnserver.conf.default to"
- elog "${EROOT}/etc/turnserver.conf and do your settings there."
-}
diff --git a/net-im/coturn/files/coturn-4.6.0-openssl3.patch b/net-im/coturn/files/coturn-4.6.0-openssl3.patch
deleted file mode 100644
index 19b88048af50..000000000000
--- a/net-im/coturn/files/coturn-4.6.0-openssl3.patch
+++ /dev/null
@@ -1,356 +0,0 @@
-https://github.com/coturn/coturn/commit/9af9f6306ab73c3403f9e11086b1936e9148f7de
-https://github.com/coturn/coturn/commit/4ce784a8781ab086c150e2b9f5641b1a37fd9b31
-https://github.com/coturn/coturn/commit/9370bb742d976166a51032760da1ecedefb92267
-https://github.com/coturn/coturn/commit/d72a2a8920b80ce66b36e22b2c22f308ad06c424
-
-From 9af9f6306ab73c3403f9e11086b1936e9148f7de Mon Sep 17 00:00:00 2001
-From: Pavel Punsky <eakraly@users.noreply.github.com>
-Date: Wed, 14 Sep 2022 03:29:26 -0700
-Subject: [PATCH] Fix renegotiation flag for older version of openssl (#978)
-
-`SSL_OP_NO_RENEGOTIATION` is only supported in openssl-1.1.0 and above
-Older versions have `SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS `
-
-Fixes #977 and #952
-
-Test:
-Build in a docker container running running openssl-1.0.2g (ubuntu
-16.04) successfully (without the fix getting the same errors)
---- a/src/apps/relay/dtls_listener.c
-+++ b/src/apps/relay/dtls_listener.c
-@@ -295,8 +295,17 @@ static ioa_socket_handle dtls_server_input_handler(dtls_listener_relay_server_ty
- SSL_set_accept_state(connecting_ssl);
-
- SSL_set_bio(connecting_ssl, NULL, wbio);
-- SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE | SSL_OP_NO_RENEGOTIATION);
--
-+ SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-+ | SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
-+#endif
-+#else
-+#if defined(SSL_OP_NO_RENEGOTIATION)
-+ | SSL_OP_NO_RENEGOTIATION
-+#endif
-+#endif
-+ );
- SSL_set_max_cert_list(connecting_ssl, 655350);
-
- ioa_socket_handle rc = dtls_accept_client_connection(server, s, connecting_ssl,
-@@ -581,7 +590,17 @@ static int create_new_connected_udp_socket(
-
- SSL_set_bio(connecting_ssl, NULL, wbio);
-
-- SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE | SSL_OP_NO_RENEGOTIATION);
-+ SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-+ | SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
-+#endif
-+#else
-+#if defined(SSL_OP_NO_RENEGOTIATION)
-+ | SSL_OP_NO_RENEGOTIATION
-+#endif
-+#endif
-+ );
-
- SSL_set_max_cert_list(connecting_ssl, 655350);
- int rc = ssl_read(ret->fd, connecting_ssl, server->sm.m.sm.nd.nbh,
---- a/src/apps/relay/ns_ioalib_engine_impl.c
-+++ b/src/apps/relay/ns_ioalib_engine_impl.c
-@@ -1428,7 +1428,17 @@ static void set_socket_ssl(ioa_socket_handle s, SSL *ssl)
- if(ssl) {
- SSL_set_app_data(ssl,s);
- SSL_set_info_callback(ssl, (ssl_info_callback_t)ssl_info_callback);
-- SSL_set_options(ssl, SSL_OP_NO_RENEGOTIATION);
-+ SSL_set_options(ssl,
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-+ SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
-+#endif
-+#else
-+#if defined(SSL_OP_NO_RENEGOTIATION)
-+ SSL_OP_NO_RENEGOTIATION
-+#endif
-+#endif
-+ );
- }
- }
- }
-
-From 4ce784a8781ab086c150e2b9f5641b1a37fd9b31 Mon Sep 17 00:00:00 2001
-From: Pavel Punsky <eakraly@users.noreply.github.com>
-Date: Fri, 16 Sep 2022 00:46:45 -0700
-Subject: [PATCH] Improve openssl3 and FIPS support (#955)
-
-openssl-3.0 deprecated some APIs and introduced new APIs instead:
-
-`SSL_get_peer_certificate ` -> `SSL_get1_peer_certificate `
-`FIPS_mode()`->`EVP_default_properties_is_fips_enabled()`
-`EVP_MD_CTX_set_flags()`->`EVP_default_properties_enable_fips()`
-specifically for enabling FIPS mode
-
-This change should workaround that by ifdef-ing old/new versions of
-openssl and APIs - so pre-3.0 use existing APIs (so not change there)
-and >=3.0 will use new APIs (whether it actually works or not is still
-TBD as this is just a first step in openssl-3.0 support)
-
-Should fix #886
-
-Test Plan:
-Run CI build that supports ubuntu-20.04 (openssl-1.1.1) and ubuntu-22.04
-(openssl-3.0.2)
-Both builds pass
-None of them have FIPS support (which for 1.1.x stays the same as
-before)
-
-Co-authored-by: Pavel Punsky <pavel.punsky@epicgames.com>
---- a/src/apps/relay/ns_ioalib_engine_impl.c
-+++ b/src/apps/relay/ns_ioalib_engine_impl.c
-@@ -1868,7 +1868,11 @@ int ssl_read(evutil_socket_t fd, SSL* ssl, ioa_network_buffer_handle nbh, int ve
-
- } else if (!if1 && if2) {
-
-+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-+ if(verbose && SSL_get1_peer_certificate(ssl)) {
-+#else
- if(verbose && SSL_get_peer_certificate(ssl)) {
-+#endif
- printf("\n------------------------------------------------------------\n");
- X509_NAME_print_ex_fp(stdout, X509_get_subject_name(SSL_get_peer_certificate(ssl)), 1,
- XN_FLAG_MULTILINE);
---- a/src/apps/uclient/startuclient.c
-+++ b/src/apps/uclient/startuclient.c
-@@ -138,7 +138,11 @@ static SSL* tls_connect(ioa_socket_raw fd, ioa_addr *remote_addr, int *try_again
- if (rc > 0) {
- TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO,"%s: client session connected with cipher %s, method=%s\n",__FUNCTION__,
- SSL_get_cipher(ssl),turn_get_ssl_method(ssl,NULL));
-+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
-+ if(clnet_verbose && SSL_get1_peer_certificate(ssl)) {
-+#else
- if(clnet_verbose && SSL_get_peer_certificate(ssl)) {
-+#endif
- TURN_LOG_FUNC(TURN_LOG_LEVEL_INFO, "------------------------------------------------------------\n");
- X509_NAME_print_ex_fp(stdout, X509_get_subject_name(SSL_get_peer_certificate(ssl)), 1,
- XN_FLAG_MULTILINE);
---- a/src/client/ns_turn_msg.c
-+++ b/src/client/ns_turn_msg.c
-@@ -248,12 +248,22 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c
- if (FIPS_mode()) {
- EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- }
--#endif
-+#endif // defined EVP_MD_CTX_FLAG_NON_FIPS_ALLOW && !defined(LIBRESSL_VERSION_NUMBER)
- EVP_DigestInit_ex(&ctx,EVP_md5(), NULL);
- EVP_DigestUpdate(&ctx,str,strl);
- EVP_DigestFinal(&ctx,key,&keylen);
- EVP_MD_CTX_cleanup(&ctx);
--#else
-+#elif OPENSSL_VERSION_NUMBER >= 0x30000000L
-+ unsigned int keylen = 0;
-+ EVP_MD_CTX *ctx = EVP_MD_CTX_new();
-+ if (EVP_default_properties_is_fips_enabled(NULL)) {
-+ EVP_default_properties_enable_fips(NULL, 0);
-+ }
-+ EVP_DigestInit_ex(ctx,EVP_md5(), NULL);
-+ EVP_DigestUpdate(ctx,str,strl);
-+ EVP_DigestFinal(ctx,key,&keylen);
-+ EVP_MD_CTX_free(ctx);
-+#else // OPENSSL_VERSION_NUMBER < 0x10100000L
- unsigned int keylen = 0;
- EVP_MD_CTX *ctx = EVP_MD_CTX_new();
- #if defined EVP_MD_CTX_FLAG_NON_FIPS_ALLOW && ! defined(LIBRESSL_VERSION_NUMBER)
-@@ -265,7 +275,7 @@ int stun_produce_integrity_key_str(const uint8_t *uname, const uint8_t *realm, c
- EVP_DigestUpdate(ctx,str,strl);
- EVP_DigestFinal(ctx,key,&keylen);
- EVP_MD_CTX_free(ctx);
--#endif
-+#endif // OPENSSL_VERSION_NUMBER < 0X10100000L
- ret = 0;
- }
-
-
-From 9370bb742d976166a51032760da1ecedefb92267 Mon Sep 17 00:00:00 2001
-From: Pavel Punsky <eakraly@users.noreply.github.com>
-Date: Fri, 16 Sep 2022 23:29:32 -0700
-Subject: [PATCH] Fix a warning (#988)
-
-There are too many defines that are, eventually, used in one place so
-just inlining.
-
-Current code generates following warning:
-```
-warning: macro expansion producing 'defined' has undefined behavior [-Wexpansion-to-defined]
-```
-
-With the fix there is no warning
-
-Co-authored-by: Pavel Punsky <pavel.punsky@epicgames.com>
---- a/src/apps/relay/netengine.c
-+++ b/src/apps/relay/netengine.c
-@@ -31,13 +31,7 @@
- #include "mainrelay.h"
-
- //////////// Backward compatibility with OpenSSL 1.0.x //////////////
--#define HAVE_OPENSSL11_API (!(OPENSSL_VERSION_NUMBER < 0x10100001L || defined LIBRESSL_VERSION_NUMBER))
--
--#ifndef HAVE_SSL_CTX_UP_REF
--#define HAVE_SSL_CTX_UP_REF HAVE_OPENSSL11_API
--#endif
--
--#if !HAVE_SSL_CTX_UP_REF
-+#if (OPENSSL_VERSION_NUMBER < 0x10100001L || defined LIBRESSL_VERSION_NUMBER)
- #define SSL_CTX_up_ref(ctx) CRYPTO_add(&(ctx)->references, 1, CRYPTO_LOCK_SSL_CTX)
- #endif
-
-
-From d72a2a8920b80ce66b36e22b2c22f308ad06c424 Mon Sep 17 00:00:00 2001
-From: Pavel Punsky <eakraly@users.noreply.github.com>
-Date: Mon, 24 Oct 2022 13:06:35 -0700
-Subject: [PATCH] Cleanup openssl initialization (#1012)
-
-Rewriting openssl initialization code (threading support to make it
-cleaner
-
-- Regroup functions so that there is one ifdef (for old code and new
-code)
-- Modern openssl (>1.0.2) does not need any synchornization routines so
-they are empty
-- Old openssl (<=1.0.2) now require `OPENSSL_THREADS` which allows
-running multiple threads in turnserver. Not having turnserver
-multi-threaded is a huge waste. `OPENSSL_THREADS` is now a requirement.
-
-
-Test Plan:
-- CI builds pass for openssl versions 1.0.2, 1.1.1, 3.0, including tests
---- a/src/apps/relay/mainrelay.c
-+++ b/src/apps/relay/mainrelay.c
-@@ -1345,7 +1345,6 @@ static void set_option(int c, char *value)
- STRCPY(turn_params.relay_ifname, value);
- break;
- case 'm':
--#if defined(OPENSSL_THREADS)
- if(atoi(value)>MAX_NUMBER_OF_GENERAL_RELAY_SERVERS) {
- TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: max number of relay threads is 128.\n");
- turn_params.general_relay_servers_number = MAX_NUMBER_OF_GENERAL_RELAY_SERVERS;
-@@ -1354,9 +1353,6 @@ static void set_option(int c, char *value)
- } else {
- turn_params.general_relay_servers_number = atoi(value);
- }
--#else
-- TURN_LOG_FUNC(TURN_LOG_LEVEL_WARNING, "WARNING: OpenSSL version is too old OR does not support threading,\n I am using single thread for relaying.\n");
--#endif
- break;
- case 'd':
- STRCPY(turn_params.listener_ifname, value);
-@@ -2645,9 +2641,8 @@ int main(int argc, char **argv)
-
- ////////// OpenSSL locking ////////////////////////////////////////
-
--#if defined(OPENSSL_THREADS)
--
--static char some_buffer[65536];
-+#if defined(OPENSSL_THREADS)
-+#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0
-
- //array larger than anything that OpenSSL may need:
- static pthread_mutex_t mutex_buf[256];
-@@ -2665,76 +2660,52 @@ void coturn_locking_function(int mode, int n, const char *file, int line) {
- }
- }
-
--#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- void coturn_id_function(CRYPTO_THREADID *ctid);
- void coturn_id_function(CRYPTO_THREADID *ctid)
- {
- UNUSED_ARG(ctid);
- CRYPTO_THREADID_set_numeric(ctid, (unsigned long)pthread_self());
- }
--#else
--unsigned long coturn_id_function(void);
--unsigned long coturn_id_function(void)
--{
-- return (unsigned long)pthread_self();
--}
--#endif
--
--#endif
-
- static int THREAD_setup(void) {
--
--#if defined(OPENSSL_THREADS)
--
-- int i;
--
-- some_buffer[0] = 0;
--
-+ int i;
- for (i = 0; i < CRYPTO_num_locks(); i++) {
- pthread_mutex_init(&(mutex_buf[i]), NULL);
- }
-
- mutex_buf_initialized = 1;
--
--#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER <= OPENSSL_VERSION_1_1_1
- CRYPTO_THREADID_set_callback(coturn_id_function);
--#else
-- CRYPTO_set_id_callback(coturn_id_function);
--#endif
--
- CRYPTO_set_locking_callback(coturn_locking_function);
--#endif
--
- return 1;
- }
-
- int THREAD_cleanup(void);
- int THREAD_cleanup(void) {
-+ int i;
-
--#if defined(OPENSSL_THREADS)
-+ if (!mutex_buf_initialized)
-+ return 0;
-
-- int i;
--
-- if (!mutex_buf_initialized)
-- return 0;
-+ CRYPTO_THREADID_set_callback(NULL);
-+ CRYPTO_set_locking_callback(NULL);
-+ for (i = 0; i < CRYPTO_num_locks(); i++) {
-+ pthread_mutex_destroy(&(mutex_buf[i]));
-+ }
-
--#if OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER <= OPENSSL_VERSION_1_1_1
-- CRYPTO_THREADID_set_callback(NULL);
-+ mutex_buf_initialized = 0;
-+ return 1;
-+}
- #else
-- CRYPTO_set_id_callback(NULL);
--#endif
--
-- CRYPTO_set_locking_callback(NULL);
-- for (i = 0; i < CRYPTO_num_locks(); i++) {
-- pthread_mutex_destroy(&(mutex_buf[i]));
-- }
--
-- mutex_buf_initialized = 0;
--
--#endif
-+static int THREAD_setup(void) {
-+ return 1;
-+}
-
-- return 1;
-+int THREAD_cleanup(void);
-+int THREAD_cleanup(void){
-+ return 1;
- }
-+#endif /* OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0 */
-+#endif /* defined(OPENSSL_THREADS) */
-
- static void adjust_key_file_name(char *fn, const char* file_title, int critical)
- {
-