Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.1k views
in Technique[技术] by (71.8m points)

android - How to update OpenSSL version in CSipSimple?

I am using CSipSimple code for my application. But unfortunately, Google Playstore has raised a warning: You are using a vulnerable version of OpenSSL

I want to update the OpenSSL version from existing code.

Here is some reference which I have followed. CSipSimple-OpenSSL But I am stuck at step 5 there are no such command

m: command not found

Am I following incorrect steps? If any one have already done with this, then please help me or provide some steps/link.

Any help would be really appreciated

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

mm is for make module, this is available within the Android source project build, so you will need to set up a build environment, within the modules provided is the OpenSSL on Android platform (from which the readme file you're referencing is taken) . Setting up a build environment will take at least a day or two by itself so I wouldn't recommend it unless you already have it for a different reason.. Additionally, Android dropped support for OpenSSL in their latest release and are using BoringSSL. To my knowledge, the best way to achieve what you want here, is to cross compile and build OpenSSL from source following the guidelines on the open ssl wiki, creating .a files and statically referencing them in your app. This is also the recommended way in order to avoid referencing system libraries on N and later versions.

EDIT: To add the libraries to my project as prebuilt static libraries, I created an openssl folder under my jni directory containing lib/ (which contain the .a files for the architectures I support), include/ which has the necessary includes (you can find that under the openssl version you downloaded) and Android.mk which has the following:

include $(CLEAR_VARS) 
LOCAL_MODULE := libssl
LOCAL_SRC_FILES := lib/$(TARGET_ARCH_ABI)/libssl.a
include $(PREBUILT_STATIC_LIBRARY)
include $(CLEAR_VARS)
LOCAL_MODULE := libcrypto
LOCAL_SRC_FILES := lib/$(TARGET_ARCH_ABI)/libcrypto.a
include $(PREBUILT_STATIC_LIBRARY)

Then, to use the library within another jni module I added the following to its Android.mk file:

LOCAL_C_INCLUDES := $(LOCAL_PATH)/../openssl/include
LOCAL_STATIC_LIBRARIES := libssl libcrypto

This is also similar to what's been done here, except that it's not recommended to use .a files provided by non-openssl source.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...