aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-02-01 10:39:59 -0500
committerNick Mathewson <nickm@torproject.org>2017-02-01 10:39:59 -0500
commit24551d64ad98f88977b81fd8df26837772f2902c (patch)
tree01e95166cfec7df9da38cbc6477074eea611e002
parentf1530d0e5a66f61c1d9f287cf0ae79f377b7d026 (diff)
parentb928095afc757ab8616642b48e3f22a0b39520b9 (diff)
downloadtor-24551d64ad98f88977b81fd8df26837772f2902c.tar.gz
tor-24551d64ad98f88977b81fd8df26837772f2902c.zip
Merge branch 'maint-0.2.9'
-rw-r--r--changes/213598
-rw-r--r--configure.ac5
-rw-r--r--src/test/test_tortls.c43
3 files changed, 37 insertions, 19 deletions
diff --git a/changes/21359 b/changes/21359
new file mode 100644
index 0000000000..cc9b377d52
--- /dev/null
+++ b/changes/21359
@@ -0,0 +1,8 @@
+
+ o Minor features (portability, compilationc)
+ - Support building with recent LibreSSL code that uses opaque
+ structures. Closes ticket 21359.
+ - Autoconf now check to determine if OpenSSL
+ structures are opaque, instead of explicitly checking for
+ OpenSSL version numbers.
+ Part of ticket 21359.
diff --git a/configure.ac b/configure.ac
index 3cddccc515..8d215b5e85 100644
--- a/configure.ac
+++ b/configure.ac
@@ -684,6 +684,11 @@ AC_CHECK_FUNCS([ \
dnl Check if OpenSSL has scrypt implementation.
AC_CHECK_FUNCS([ EVP_PBE_scrypt ])
+dnl Check if OpenSSL structures are opaque
+AC_CHECK_MEMBERS([SSL.state], , ,
+[#include <openssl/ssl.h>
+])
+
LIBS="$save_LIBS"
LDFLAGS="$save_LDFLAGS"
CPPFLAGS="$save_CPPFLAGS"
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index e2fee813bf..4bfcea211d 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -38,9 +38,11 @@ ENABLE_GCC_WARNING(redundant-decls)
#include "log_test_helpers.h"
#define NS_MODULE tortls
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) \
- && !defined(LIBRESSL_VERSION_NUMBER)
+#ifndef HAVE_SSL_STATE
#define OPENSSL_OPAQUE
+#endif
+
+#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
#define SSL_STATE_STR "before SSL initialization"
#else
#define SSL_STATE_STR "before/accept initialization"
@@ -723,6 +725,26 @@ test_tortls_get_my_certs(void *ignored)
(void)1;
}
+#ifndef HAVE_SSL_GET_CLIENT_CIPHERS
+static SSL_CIPHER *
+get_cipher_by_name(const char *name)
+{
+ int i;
+ const SSL_METHOD *method = SSLv23_method();
+ int num = method->num_ciphers();
+
+ for (i = 0; i < num; ++i) {
+ const SSL_CIPHER *cipher = method->get_cipher(i);
+ const char *ciphername = SSL_CIPHER_get_name(cipher);
+ if (!strcmp(ciphername, name)) {
+ return (SSL_CIPHER *)cipher;
+ }
+ }
+
+ return NULL;
+}
+#endif
+
#ifndef OPENSSL_OPAQUE
static void
test_tortls_get_ciphersuite_name(void *ignored)
@@ -742,23 +764,6 @@ test_tortls_get_ciphersuite_name(void *ignored)
}
static SSL_CIPHER *
-get_cipher_by_name(const char *name)
-{
- int i;
- const SSL_METHOD *method = SSLv23_method();
- int num = method->num_ciphers();
- for (i = 0; i < num; ++i) {
- const SSL_CIPHER *cipher = method->get_cipher(i);
- const char *ciphername = SSL_CIPHER_get_name(cipher);
- if (!strcmp(ciphername, name)) {
- return (SSL_CIPHER *)cipher;
- }
- }
-
- return NULL;
-}
-
-static SSL_CIPHER *
get_cipher_by_id(uint16_t id)
{
int i;