OpenSSL library conflicts

[akallabeth]

Current android builds ship OpenSSL but the android library loader always prefers system provided libraries.
This leads to undefined (outdated) versions of OpenSSL being used

[MrCsabaToth]

@akallabeth , where would you put the WLog_INFO(TAG, "OpenSSL_Version=%s", SSLeay_version())?

[akallabeth]

@MrCsabaToth Can be done anywhere in aFreeRDP native code, a good place called whenever a connection is created is jni_freerdp_new

[MrCsabaToth]

I don't see SSLeay_version(). I see SSLeay_version(SSLEAY_VERSION). I'm trying to include <freerdp/crypto/crypto.h> or <freerdp/crypto/certificate.h> so I'd bring in <openssl/crypto.h> but I get an error that <openssl/crypto.h> is not found. I cannot see in the CMake forest what to modify to fix that. What IDE do you use on Linux to handle the C/C++ project part? I spent some hour on this, I'd like to sell my Note 3.

[akallabeth]

@MrCsabaToth I'm using Android Studio for that. You need to run scripts/android-build-freerdp.sh first to have all dependencies installed to the jniLibs folder of the project. As for the version function, yes, you're correct.

[MrCsabaToth]

@akallabeth The question is: how do I get it to compile? It doesn't compile right now: I get an error about <openssl/crypto.h> when <freerdp/crypto/crypto.h> tries to include it.

[akallabeth]

Ok, got it. Find attached a working patch that outputs OpenSSL version=<version> on context new.

0001-OpenSSL-version-check.patch.zip

[MrCsabaToth]

That Note3 was almost gone, factory resetted, but I ran this the last minute. It yielded: I/com.freerdp.core: [pid=15107:tid=b6fb7ec8] - OpenSSL version=OpenSSL 1.0.1k-fips 8 Jan 2015

[akallabeth]

@MrCsabaToth Thanks.

[MrCsabaToth]

I may still have the phone for a couple of more days.

[MrCsabaToth]

The OnePlus 3t yields I/com.freerdp.core: [pid=9075:tid=8d333fe8] - OpenSSL version=OpenSSL 1.0.2h 3 May 2016. Looks like that's the one which compiles.

[akallabeth]

ok, this proves what I was afraid of. the openssl version shipped with the device is preferred over the app provided version. In your case it looks like the compile options and version are incompatible with what aFreeRDP expects :/

[MrCsabaToth]

Since we compile our own openssl, can we tag it somehow and load that particular one? So patch something in the name after the GitHub download to make it custom and take advantage of that when we load it? Another question arises: why the official app store release of aFreeRDP works?

[akallabeth]

@MrCsabaToth I'm looking into that. The main difference between master and the release from the app store is that the build system has improved significantly. The old system used static OpenSSL builds which were replaced by shared library builds. The unexpected drawback is this regression introduced by dlopen which is quite different on android than it is on any other system I've worked with so far.

[MrCsabaToth]

That makes sense, static linking makes the loading strict. I had only my Android hat/glasses on, we need to think about multi platforms