Merge branch 'maint-0.2.9'

2025-02-25 07:07:52 +01:00 · 2017-02-01 10:39:59 -05:00 · 2017-02-01 10:39:59 -05:00 · 24551d64ad
commit 24551d64ad
parent f1530d0e5a b928095afc
3 changed files with 37 additions and 19 deletions
--- a/changes/21359
+++ b/changes/21359
@ -0,0 +1,8 @@
+
+  o Minor features (portability, compilationc)
+    - Support building with recent LibreSSL code that uses opaque
+      structures. Closes ticket 21359.
+    - Autoconf now check to determine if OpenSSL
+      structures are opaque, instead of explicitly checking for
+      OpenSSL version numbers. 
+      Part of ticket 21359.
--- a/configure.ac
+++ b/configure.ac
@ -684,6 +684,11 @@ AC_CHECK_FUNCS([ \
 dnl Check if OpenSSL has scrypt implementation.
 AC_CHECK_FUNCS([ EVP_PBE_scrypt ])

+dnl Check if OpenSSL structures are opaque
+AC_CHECK_MEMBERS([SSL.state], , ,
+[#include <openssl/ssl.h>
+])
+
 LIBS="$save_LIBS"
 LDFLAGS="$save_LDFLAGS"
 CPPFLAGS="$save_CPPFLAGS"
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@ -38,9 +38,11 @@ ENABLE_GCC_WARNING(redundant-decls)
 #include "log_test_helpers.h"
 #define NS_MODULE tortls

-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) \
-    && !defined(LIBRESSL_VERSION_NUMBER)
+#ifndef HAVE_SSL_STATE
 #define OPENSSL_OPAQUE
+#endif
+
+#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
 #define SSL_STATE_STR "before SSL initialization"
 #else
 #define SSL_STATE_STR "before/accept initialization"
@ -723,6 +725,26 @@ test_tortls_get_my_certs(void *ignored)
  (void)1;
 }

+#ifndef HAVE_SSL_GET_CLIENT_CIPHERS
+static SSL_CIPHER *
+get_cipher_by_name(const char *name)
+{
+  int i;
+  const SSL_METHOD *method = SSLv23_method();
+  int num = method->num_ciphers();
+
+  for (i = 0; i < num; ++i) {
+    const SSL_CIPHER *cipher = method->get_cipher(i);
+    const char *ciphername = SSL_CIPHER_get_name(cipher);
+    if (!strcmp(ciphername, name)) {
+      return (SSL_CIPHER *)cipher;
+    }
+  }
+
+  return NULL;
+}
+#endif
+
 #ifndef OPENSSL_OPAQUE
 static void
 test_tortls_get_ciphersuite_name(void *ignored)
@ -741,23 +763,6 @@ test_tortls_get_ciphersuite_name(void *ignored)
  tor_free(ctx);
 }

-static SSL_CIPHER *
-get_cipher_by_name(const char *name)
-{
-  int i;
-  const SSL_METHOD *method = SSLv23_method();
-  int num = method->num_ciphers();
-  for (i = 0; i < num; ++i) {
-    const SSL_CIPHER *cipher = method->get_cipher(i);
-    const char *ciphername = SSL_CIPHER_get_name(cipher);
-    if (!strcmp(ciphername, name)) {
-      return (SSL_CIPHER *)cipher;
-    }
-  }
-
-  return NULL;
-}
-
 static SSL_CIPHER *
 get_cipher_by_id(uint16_t id)
 {