nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Always Use EVP_aes_*_ctr() with openssl 1.1

Browse Source 
(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration
for counter mode on more architectures.  So it won't work if we try
the older approach, and it might help if we try the newer one.)

Fixes bug 20588.
This commit is contained in:
Nick Mathewson 2016-11-06 21:01:25 -05:00
parent 1122137fa0
commit 2a365413eb
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changes/bug20588 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (portability):
- Fix compilation with OpenSSL 1.1 and less commonly-used
CPU architectures. Closes ticket 20588.

9
src/common/aes.c
View File

@ -73,7 +73,14 @@
* gives us, and the best possible counter-mode implementation, and combine * gives us, and the best possible counter-mode implementation, and combine
* them. * them.
*/ */
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) && \ #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0)
/* With newer OpenSSL versions, the older fallback modes don't compile. So
* don't use them, even if we lack specific acceleration. */
#define USE_EVP_AES_CTR
#elif OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) && \
(defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
defined(__x86_64) || defined(__x86_64__) || \ defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) || defined(__INTEL__)) \ defined(_M_AMD64) || defined(_M_X64) || defined(__INTEL__)) \