Merge branch 'maint-0.4.5' into maint-0.4.6

This commit is contained in:
Alexander Færøy 2021-11-08 14:16:19 +00:00
commit a78dafbf7c
3 changed files with 24 additions and 1 deletions

5
changes/bug40429 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (compilation):
- Fix our configuration logic to detect whether we had OpenSSL 3:
previously, our logic was reversed. This has no other effect than to
change whether we suppress deprecated API warnings. Fixes
bug 40429; bugfix on 0.3.5.13.

6
changes/ticket40511 Normal file
View File

@ -0,0 +1,6 @@
o Minor features (compilation):
- Give an error message if trying to build with a version of LibreSSL
known not to work with Tor. (There's an incompatibility with
LibreSSL versions 3.2.1 through 3.4.0 inclusive because of their
incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.)
Closes ticket 40511.

View File

@ -1116,7 +1116,7 @@ dnl warnings.
AC_MSG_CHECKING([for OpenSSL >= 3.0.0])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER <= 0x30000000L
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
#error "you_have_version_3"
#endif
]], [[]])],
@ -1134,6 +1134,18 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
[ AC_MSG_RESULT([no]) ],
[ AC_MSG_ERROR([OpenSSL is too old. We require 1.0.1 or later. You can specify a path to a newer one with --with-openssl-dir.]) ])
AC_MSG_CHECKING([whether LibreSSL TLS 1.3 APIs are busted])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
#if defined(LIBRESSL_VERSION_NUMBER) && \
LIBRESSL_VERSION_NUMBER >= 0x3020100fL && \
LIBRESSL_VERSION_NUMBER < 0x3040100fL
#error "oh no"
#endif
]], [[]])],
[ AC_MSG_RESULT([no]) ],
[ AC_MSG_ERROR([This version of LibreSSL won't work with Tor. Please upgrade to LibreSSL 3.4.1 or later. (Or downgrade to 3.2.0 if you really must.)]) ])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
#include <openssl/opensslv.h>
#include <openssl/evp.h>