From ef7fe1b186e84686ee0be0b0e822f3e500cda201 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=82=96=E5=BF=97=E5=AE=8F?= <hondaxiao@tencent.com>
Date: Wed, 11 Oct 2023 20:52:25 +0800
Subject: [PATCH] Fix bug for upgrading to OpenSSL 3.0. v5.0.189 (#3827)

The fix is for the DH_set_length error. As shown in lines 2-5, OpenSSL
3.0 added a check for length, which allowed this issue to be exposed.
```
1 if (dh->params.q == NULL) {
2       /* secret exponent length, must satisfy 2^(l-1) <= p */
3        if (dh->length != 0
4            && dh->length >= BN_num_bits(dh->params.p))
5            goto err;
6        l = dh->length ? dh->length : BN_num_bits(dh->params.p) - 1;
7        if (!BN_priv_rand_ex(priv_key, l, BN_RAND_TOP_ONE,
8                             BN_RAND_BOTTOM_ANY, 0, ctx))
9            goto err;
        ... ...
    }
```

---------

Co-authored-by: john <hondaxiao@tencent.com>
---
 trunk/doc/CHANGELOG.md                             | 1 +
 trunk/src/core/srs_core_version5.hpp               | 2 +-
 trunk/src/protocol/srs_protocol_rtmp_handshake.cpp | 5 +----
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/trunk/doc/CHANGELOG.md b/trunk/doc/CHANGELOG.md
index bf180e9591..e75c3b1e66 100644
--- a/trunk/doc/CHANGELOG.md
+++ b/trunk/doc/CHANGELOG.md
@@ -7,6 +7,7 @@ The changelog for SRS.
 <a name="v5-changes"></a>
 
 ## SRS 5.0 Changelog
+* v5.0, 2023-10-11, Merge [#3827](https://github.com/ossrs/srs/pull/3827): Fix bug for upgrading to OpenSSL 3.0. v5.0.189 (#3827)
 * v5.0, 2023-10-10, Merge [#3825](https://github.com/ossrs/srs/pull/3825): SRT: Fix the missing config mss. v5.0.188 (#3825)
 * v5.0, 2023-10-08, Merge [#3824](https://github.com/ossrs/srs/pull/3824): Solve the problem of inaccurate HLS TS duration. v5.0.187 (#3824)
 * v5.0, 2023-10-08, Merge [#3815](https://github.com/ossrs/srs/pull/3815): Use new cache image name. v5.0.186 (#3815)
diff --git a/trunk/src/core/srs_core_version5.hpp b/trunk/src/core/srs_core_version5.hpp
index 2fa96adcc4..c4b5686a05 100644
--- a/trunk/src/core/srs_core_version5.hpp
+++ b/trunk/src/core/srs_core_version5.hpp
@@ -9,6 +9,6 @@
 
 #define VERSION_MAJOR       5
 #define VERSION_MINOR       0
-#define VERSION_REVISION    188
+#define VERSION_REVISION    189
 
 #endif
diff --git a/trunk/src/protocol/srs_protocol_rtmp_handshake.cpp b/trunk/src/protocol/srs_protocol_rtmp_handshake.cpp
index b84734cf3d..f904555814 100644
--- a/trunk/src/protocol/srs_protocol_rtmp_handshake.cpp
+++ b/trunk/src/protocol/srs_protocol_rtmp_handshake.cpp
@@ -327,10 +327,7 @@ namespace srs_internal
             return srs_error_new(ERROR_OpenSslSetG, "set word");
         }
         
-        // 4. Set the key length
-        DH_set_length(pdh, bits_count);
-        
-        // 5. Generate private and public key
+        // 4. Generate private and public key
         // @see ./test/dhtest.c:152
         if (!DH_generate_key(pdh)) {
             return srs_error_new(ERROR_OpenSslGenerateDHKeys, "dh generate key");