Merge branch 'maint-0.2.9'

3 files changed, 37 insertions, 19 deletions

diff --git a/changes/21359 b/changes/21359
new file mode 100644
index 0000000000..cc9b377d52
--- /dev/null
+++ b/changes/21359
@@ -0,0 +1,8 @@
+
+  o Minor features (portability, compilationc)
+    - Support building with recent LibreSSL code that uses opaque
+      structures. Closes ticket 21359.
+    - Autoconf now check to determine if OpenSSL
+      structures are opaque, instead of explicitly checking for
+      OpenSSL version numbers. 
+      Part of ticket 21359.
diff --git a/configure.ac b/configure.ac
index 3cddccc515..8d215b5e85 100644
--- a/configure.ac
+++ b/configure.ac
@@ -684,6 +684,11 @@ AC_CHECK_FUNCS([ \
 dnl Check if OpenSSL has scrypt implementation.
 AC_CHECK_FUNCS([ EVP_PBE_scrypt ])
 
+dnl Check if OpenSSL structures are opaque
+AC_CHECK_MEMBERS([SSL.state], , ,
+[#include <openssl/ssl.h>
+])
+
 LIBS="$save_LIBS"
 LDFLAGS="$save_LDFLAGS"
 CPPFLAGS="$save_CPPFLAGS"
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index e2fee813bf..4bfcea211d 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -38,9 +38,11 @@ ENABLE_GCC_WARNING(redundant-decls)
 #include "log_test_helpers.h"
 #define NS_MODULE tortls
 
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) \
-    && !defined(LIBRESSL_VERSION_NUMBER)
+#ifndef HAVE_SSL_STATE
 #define OPENSSL_OPAQUE
+#endif
+
+#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
 #define SSL_STATE_STR "before SSL initialization"
 #else
 #define SSL_STATE_STR "before/accept initialization"
@@ -723,6 +725,26 @@ test_tortls_get_my_certs(void *ignored)
   (void)1;
 }
 
+#ifndef HAVE_SSL_GET_CLIENT_CIPHERS
+static SSL_CIPHER *
+get_cipher_by_name(const char *name)
+{
+  int i;
+  const SSL_METHOD *method = SSLv23_method();
+  int num = method->num_ciphers();
+
+  for (i = 0; i < num; ++i) {
+    const SSL_CIPHER *cipher = method->get_cipher(i);
+    const char *ciphername = SSL_CIPHER_get_name(cipher);
+    if (!strcmp(ciphername, name)) {
+      return (SSL_CIPHER *)cipher;
+    }
+  }
+
+  return NULL;
+}
+#endif
+
 #ifndef OPENSSL_OPAQUE
 static void
 test_tortls_get_ciphersuite_name(void *ignored)
@@ -742,23 +764,6 @@ test_tortls_get_ciphersuite_name(void *ignored)
 }
 
 static SSL_CIPHER *
-get_cipher_by_name(const char *name)
-{
-  int i;
-  const SSL_METHOD *method = SSLv23_method();
-  int num = method->num_ciphers();
-  for (i = 0; i < num; ++i) {
-    const SSL_CIPHER *cipher = method->get_cipher(i);
-    const char *ciphername = SSL_CIPHER_get_name(cipher);
-    if (!strcmp(ciphername, name)) {
-      return (SSL_CIPHER *)cipher;
-    }
-  }
-
-  return NULL;
-}
-
-static SSL_CIPHER *
 get_cipher_by_id(uint16_t id)
 {
   int i;