mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
Support LibreSSL with opaque structures
Determining if OpenSSL structures are opaque now uses an autoconf check instead of comparing the version number. Some definitions have been moved to their own check as assumptions which were true for OpenSSL with opaque structures did not hold for LibreSSL. Closes ticket 21359.
This commit is contained in:
parent
0d4d9b6d88
commit
e9ec818c28
8
changes/21359
Normal file
8
changes/21359
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
o Testing
|
||||||
|
- tortls tests now use an autoconf check to determine if OpenSSL
|
||||||
|
structures are opaque, instead of an explicit version check.
|
||||||
|
See ticket 21359.
|
||||||
|
|
||||||
|
o Minor bugfixes (compilation)
|
||||||
|
- Support building with recent LibreSSL code that uses opaque
|
||||||
|
structures. Closes ticket 21359.
|
@ -677,6 +677,11 @@ AC_CHECK_FUNCS([ \
|
|||||||
dnl Check if OpenSSL has scrypt implementation.
|
dnl Check if OpenSSL has scrypt implementation.
|
||||||
AC_CHECK_FUNCS([ EVP_PBE_scrypt ])
|
AC_CHECK_FUNCS([ EVP_PBE_scrypt ])
|
||||||
|
|
||||||
|
dnl Check if OpenSSL structures are opaque
|
||||||
|
AC_CHECK_MEMBERS([SSL.state], , ,
|
||||||
|
[#include <openssl/ssl.h>
|
||||||
|
])
|
||||||
|
|
||||||
LIBS="$save_LIBS"
|
LIBS="$save_LIBS"
|
||||||
LDFLAGS="$save_LDFLAGS"
|
LDFLAGS="$save_LDFLAGS"
|
||||||
CPPFLAGS="$save_CPPFLAGS"
|
CPPFLAGS="$save_CPPFLAGS"
|
||||||
|
@ -38,9 +38,11 @@ ENABLE_GCC_WARNING(redundant-decls)
|
|||||||
#include "log_test_helpers.h"
|
#include "log_test_helpers.h"
|
||||||
#define NS_MODULE tortls
|
#define NS_MODULE tortls
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) \
|
#ifndef HAVE_SSL_STATE
|
||||||
&& !defined(LIBRESSL_VERSION_NUMBER)
|
|
||||||
#define OPENSSL_OPAQUE
|
#define OPENSSL_OPAQUE
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
|
||||||
#define SSL_STATE_STR "before SSL initialization"
|
#define SSL_STATE_STR "before SSL initialization"
|
||||||
#else
|
#else
|
||||||
#define SSL_STATE_STR "before/accept initialization"
|
#define SSL_STATE_STR "before/accept initialization"
|
||||||
@ -723,6 +725,26 @@ test_tortls_get_my_certs(void *ignored)
|
|||||||
(void)1;
|
(void)1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifndef HAVE_SSL_GET_CLIENT_CIPHERS
|
||||||
|
static SSL_CIPHER *
|
||||||
|
get_cipher_by_name(const char *name)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
const SSL_METHOD *method = SSLv23_method();
|
||||||
|
int num = method->num_ciphers();
|
||||||
|
|
||||||
|
for (i = 0; i < num; ++i) {
|
||||||
|
const SSL_CIPHER *cipher = method->get_cipher(i);
|
||||||
|
const char *ciphername = SSL_CIPHER_get_name(cipher);
|
||||||
|
if (!strcmp(ciphername, name)) {
|
||||||
|
return (SSL_CIPHER *)cipher;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef OPENSSL_OPAQUE
|
#ifndef OPENSSL_OPAQUE
|
||||||
static void
|
static void
|
||||||
test_tortls_get_ciphersuite_name(void *ignored)
|
test_tortls_get_ciphersuite_name(void *ignored)
|
||||||
@ -741,23 +763,6 @@ test_tortls_get_ciphersuite_name(void *ignored)
|
|||||||
tor_free(ctx);
|
tor_free(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
static SSL_CIPHER *
|
|
||||||
get_cipher_by_name(const char *name)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
const SSL_METHOD *method = SSLv23_method();
|
|
||||||
int num = method->num_ciphers();
|
|
||||||
for (i = 0; i < num; ++i) {
|
|
||||||
const SSL_CIPHER *cipher = method->get_cipher(i);
|
|
||||||
const char *ciphername = SSL_CIPHER_get_name(cipher);
|
|
||||||
if (!strcmp(ciphername, name)) {
|
|
||||||
return (SSL_CIPHER *)cipher;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
static SSL_CIPHER *
|
static SSL_CIPHER *
|
||||||
get_cipher_by_id(uint16_t id)
|
get_cipher_by_id(uint16_t id)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user