cURL-build-win32/patch/librtmp_openssl.diff

 librtmp/dh.h        | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 librtmp/handshake.h | 31 +++++++++++++++++++-----------
 librtmp/hashswf.c   | 30 ++++++++++++++++++-----------
 librtmp/rtmp.c      |  5 -----
 librtmp/rtmp_sys.h  |  1 -
 rtmpsrv.c           |  3 ---
 rtmpsuck.c          |  8 --------
 thread.c            |  6 +++---
 8 files changed, 96 insertions(+), 42 deletions(-)

diff --git a/librtmp/dh.h b/librtmp/dh.h
index 5fc3f32..da8259e 100644
--- a/librtmp/dh.h
+++ b/librtmp/dh.h
@@ -253,20 +253,42 @@ DHInit(int nKeyBits)
   if (!dh)
     goto failed;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_new(dh->g);
 
   if (!dh->g)
     goto failed;
+#else
+  BIGNUM *g = NULL;
+  MP_new(g);
+  if (!g)
+    goto failed;
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_gethex(dh->p, P1024, res);	/* prime P1024, see dhgroups.h */
+#else
+  BIGNUM* p = NULL;
+  DH_get0_pqg(dh, (BIGNUM const**)&p, NULL, NULL);
+  MP_gethex(p, P1024, res); /* prime P1024, see dhgroups.h */
+#endif
   if (!res)
     {
       goto failed;
     }
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_set_w(dh->g, 2);	/* base 2 */
+#else
+  MP_set_w(g, 2);   /* base 2 */
+  DH_set0_pqg(dh, p, NULL, g);
+#endif
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   dh->length = nKeyBits;
+#else
+  DH_set_length(dh, nKeyBits);
+#endif
   return dh;
 
 failed:
@@ -293,12 +315,24 @@ DHGenerateKey(MDH *dh)
       MP_gethex(q1, Q1024, res);
       assert(res);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
       res = isValidPublicKey(dh->pub_key, dh->p, q1);
+#else
+      BIGNUM const* pub_key = NULL;
+      BIGNUM const* p = NULL;
+      DH_get0_key(dh, &pub_key, NULL);
+      DH_get0_pqg(dh, &p, NULL, NULL);
+      res = isValidPublicKey((BIGNUM*)pub_key, (BIGNUM*)p, q1);
+#endif
       if (!res)
 	{
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
 	  MP_free(dh->pub_key);
 	  MP_free(dh->priv_key);
 	  dh->pub_key = dh->priv_key = 0;
+#else
+          DH_free(dh);
+#endif
 	}
 
       MP_free(q1);
@@ -314,15 +348,29 @@ static int
 DHGetPublicKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen)
 {
   int len;
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (!dh || !dh->pub_key)
+#else
+  BIGNUM const* pub_key = NULL;
+  DH_get0_key(dh, &pub_key, NULL);
+  if (!dh || !pub_key)
+#endif
     return 0;
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   len = MP_bytes(dh->pub_key);
+#else
+  len = MP_bytes(pub_key);
+#endif
   if (len <= 0 || len > (int) nPubkeyLen)
     return 0;
 
   memset(pubkey, 0, nPubkeyLen);
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   MP_setbin(dh->pub_key, pubkey + (nPubkeyLen - len), len);
+#else
+  MP_setbin(pub_key, pubkey + (nPubkeyLen - len), len);
+#endif
   return 1;
 }
 
@@ -364,7 +412,13 @@ DHComputeSharedSecretKey(MDH *dh, uint8_t *pubkey, size_t nPubkeyLen,
   MP_gethex(q1, Q1024, len);
   assert(len);
 
+#if !defined(USE_OPENSSL) || !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x10100000L
   if (isValidPublicKey(pubkeyBn, dh->p, q1))
+#else
+  BIGNUM const* p = NULL;
+  DH_get0_pqg(dh, &p, NULL, NULL);
+  if (isValidPublicKey(pubkeyBn, (BIGNUM*)p, q1))
+#endif
     res = MDH_compute_key(secret, nPubkeyLen, pubkeyBn, dh);
   else
     res = -1;
diff --git a/librtmp/handshake.h b/librtmp/handshake.h
index 0438486..3522e0f 100644
--- a/librtmp/handshake.h
+++ b/librtmp/handshake.h
@@ -31,9 +31,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 
 typedef arc4_context *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(arc4_context))
@@ -50,9 +50,9 @@ typedef arc4_context *	RC4_handle;
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 
 typedef struct arcfour_ctx*	RC4_handle;
@@ -64,14 +64,23 @@ typedef struct arcfour_ctx*	RC4_handle;
 
 #else	/* USE_OPENSSL */
 #include <openssl/sha.h>
+#include <openssl/ossl_typ.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
 #if OPENSSL_VERSION_NUMBER < 0x0090800 || !defined(SHA256_DIGEST_LENGTH)
 #error Your OpenSSL is too old, need 0.9.8 or newer with SHA256
 #endif
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, dig, &dlen); HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)	ctx = HMAC_CTX_new(); HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, buf, len)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, dig, &dlen); HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_finish(ctx, dig, dlen)     HMAC_Final(ctx, dig, &dlen); HMAC_CTX_free(ctx)
+#endif
 
 typedef RC4_KEY *	RC4_handle;
 #define RC4_alloc(h)	*h = malloc(sizeof(RC4_KEY))
@@ -117,7 +126,7 @@ static void InitRC4Encryption
 {
   uint8_t digest[SHA256_DIGEST_LENGTH];
   unsigned int digestLen = 0;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   RC4_alloc(rc4keyIn);
   RC4_alloc(rc4keyOut);
@@ -266,7 +275,7 @@ HMACsha256(const uint8_t *message, size_t messageLen, const uint8_t *key,
 	   size_t keylen, uint8_t *digest)
 {
   unsigned int digestLen;
-  HMAC_CTX ctx;
+  HMAC_CTX* ctx = NULL;
 
   HMAC_setup(ctx, key, keylen);
   HMAC_crunch(ctx, message, messageLen);
diff --git a/librtmp/hashswf.c b/librtmp/hashswf.c
index 32b2eed..9a5fda3 100644
--- a/librtmp/hashswf.c
+++ b/librtmp/hashswf.c
@@ -37,9 +37,9 @@
 #define SHA256_DIGEST_LENGTH	32
 #endif
 #define HMAC_CTX	sha2_context
-#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(&ctx, (unsigned char *)key, len, 0)
-#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(&ctx, buf, len)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(&ctx, dig)
+#define HMAC_setup(ctx, key, len)	sha2_hmac_starts(ctx, (unsigned char *)key, len, 0)
+#define HMAC_crunch(ctx, buf, len)	sha2_hmac_update(ctx, buf, len)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; sha2_hmac_finish(ctx, dig)
 #define HMAC_close(ctx)
 #elif defined(USE_GNUTLS)
 #include <nettle/hmac.h>
@@ -48,19 +48,27 @@
 #endif
 #undef HMAC_CTX
 #define HMAC_CTX	struct hmac_sha256_ctx
-#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(&ctx, len, key)
-#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(&ctx, len, buf)
-#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(&ctx, SHA256_DIGEST_LENGTH, dig)
+#define HMAC_setup(ctx, key, len)	hmac_sha256_set_key(ctx, len, key)
+#define HMAC_crunch(ctx, buf, len)	hmac_sha256_update(ctx, len, buf)
+#define HMAC_finish(ctx, dig, dlen)	dlen = SHA256_DIGEST_LENGTH; hmac_sha256_digest(ctx, SHA256_DIGEST_LENGTH, dig)
 #define HMAC_close(ctx)
 #else	/* USE_OPENSSL */
 #include <openssl/ssl.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <openssl/rc4.h>
-#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(&ctx); HMAC_Init_ex(&ctx, (unsigned char *)key, len, EVP_sha256(), 0)
-#define HMAC_crunch(ctx, buf, len)	HMAC_Update(&ctx, (unsigned char *)buf, len)
-#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(&ctx, (unsigned char *)dig, &dlen);
-#define HMAC_close(ctx)	HMAC_CTX_cleanup(&ctx)
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_setup(ctx, key, len)	HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, (unsigned char *)key, len, EVP_sha256(), 0)
+#else
+#define HMAC_setup(ctx, key, len)	ctx = HMAC_CTX_new(); HMAC_CTX_reset(ctx); HMAC_Init_ex(ctx, key, len, EVP_sha256(), 0)
+#endif
+#define HMAC_crunch(ctx, buf, len)	HMAC_Update(ctx, (unsigned char *)buf, len)
+#define HMAC_finish(ctx, dig, dlen)	HMAC_Final(ctx, (unsigned char *)dig, &dlen);
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#define HMAC_close(ctx)	HMAC_CTX_cleanup(ctx)
+#else
+#define HMAC_close(ctx) HMAC_CTX_reset(ctx); HMAC_CTX_free(ctx)
+#endif
 #endif
 
 extern void RTMP_TLS_Init();
@@ -298,7 +306,7 @@ leave:
 struct info
 {
   z_stream *zs;
-  HMAC_CTX ctx;
+  HMAC_CTX *ctx;
   int first;
   int zlib;
   int size;
diff --git a/librtmp/rtmp.c b/librtmp/rtmp.c
index 0865689..24f61ba 100644
--- a/librtmp/rtmp.c
+++ b/librtmp/rtmp.c
@@ -1902,7 +1902,6 @@ SendFCUnpublish(RTMP *r)
 
 SAVC(publish);
 SAVC(live);
-SAVC(record);
 
 static int
 SendPublish(RTMP *r)
@@ -2904,8 +2903,6 @@ AVC("NetStream.Play.PublishNotify");
 static const AVal av_NetStream_Play_UnpublishNotify =
 AVC("NetStream.Play.UnpublishNotify");
 static const AVal av_NetStream_Publish_Start = AVC("NetStream.Publish.Start");
-static const AVal av_NetConnection_Connect_Rejected =
-AVC("NetConnection.Connect.Rejected");
 
 /* Returns 0 for OK/Failed/error, 1 for 'Stop or Complete' */
 static int
@@ -3552,7 +3549,6 @@ RTMP_ReadPacket(RTMP *r, RTMPPacket *packet)
   uint8_t hbuf[RTMP_MAX_HEADER_SIZE] = { 0 };
   char *header = (char *)hbuf;
   int nSize, hSize, nToRead, nChunk;
-  int didAlloc = FALSE;
   int extendedTimestamp;
 
   RTMP_Log(RTMP_LOGDEBUG2, "%s: fd=%d", __FUNCTION__, r->m_sb.sb_socket);
@@ -3679,7 +3675,6 @@ RTMP_ReadPacket(RTMP *r, RTMPPacket *packet)
 	  RTMP_Log(RTMP_LOGDEBUG, "%s, failed to allocate packet", __FUNCTION__);
 	  return FALSE;
 	}
-      didAlloc = TRUE;
       packet->m_headerType = (hbuf[0] & 0xc0) >> 6;
     }
 
diff --git a/librtmp/rtmp_sys.h b/librtmp/rtmp_sys.h
index 85d7e53..32c2bde 100644
--- a/librtmp/rtmp_sys.h
+++ b/librtmp/rtmp_sys.h
@@ -37,7 +37,6 @@
 #define GetSockError()	WSAGetLastError()
 #define SetSockError(e)	WSASetLastError(e)
 #define setsockopt(a,b,c,d,e)	(setsockopt)(a,b,c,(const char *)d,(int)e)
-#define EWOULDBLOCK	WSAETIMEDOUT	/* we don't use nonblocking, but we do use timeouts */
 #define sleep(n)	Sleep(n*1000)
 #define msleep(n)	Sleep(n)
 #define SET_RCVTIMEO(tv,s)	int tv = s*1000
diff --git a/rtmpsrv.c b/rtmpsrv.c
index 5df4d3a..17ffd9e 100644
--- a/rtmpsrv.c
+++ b/rtmpsrv.c
@@ -152,11 +152,9 @@ SAVC(flashVer);
 SAVC(swfUrl);
 SAVC(pageUrl);
 SAVC(tcUrl);
-SAVC(fpad);
 SAVC(capabilities);
 SAVC(audioCodecs);
 SAVC(videoCodecs);
-SAVC(videoFunction);
 SAVC(objectEncoding);
 SAVC(_result);
 SAVC(createStream);
@@ -167,7 +165,6 @@ SAVC(mode);
 SAVC(level);
 SAVC(code);
 SAVC(description);
-SAVC(secureToken);
 
 static int
 SendConnectResult(RTMP *r, double txn)
diff --git a/rtmpsuck.c b/rtmpsuck.c
index e886179..c2b869c 100644
--- a/rtmpsuck.c
+++ b/rtmpsuck.c
@@ -124,21 +124,13 @@ SAVC(flashVer);
 SAVC(swfUrl);
 SAVC(pageUrl);
 SAVC(tcUrl);
-SAVC(fpad);
-SAVC(capabilities);
 SAVC(audioCodecs);
 SAVC(videoCodecs);
-SAVC(videoFunction);
 SAVC(objectEncoding);
-SAVC(_result);
-SAVC(createStream);
 SAVC(play);
 SAVC(closeStream);
-SAVC(fmsVer);
-SAVC(mode);
 SAVC(level);
 SAVC(code);
-SAVC(secureToken);
 SAVC(onStatus);
 SAVC(close);
 static const AVal av_NetStream_Failed = AVC("NetStream.Failed");
diff --git a/thread.c b/thread.c
index 0913c98..9de42ea 100644
--- a/thread.c
+++ b/thread.c
@@ -29,13 +29,13 @@
 HANDLE
 ThreadCreate(thrfunc *routine, void *args)
 {
-  HANDLE thd;
+  uintptr_t thd;
 
-  thd = (HANDLE) _beginthread(routine, 0, args);
+  thd = _beginthread(routine, 0, args);
   if (thd == -1L)
     RTMP_LogPrintf("%s, _beginthread failed with %d\n", __FUNCTION__, errno);
 
-  return thd;
+  return (HANDLE) thd;
 }
 #else
 pthread_t