diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-01-09 17:40:11 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-01-10 11:15:35 -0500 |
| commit | d29a3907338bd012ce5707e0e052747da87b3ba4 (patch) | |
| tree | 25d027ada04ec74bac40609ab9b2321a971b593e /changes | |
| parent | b443d6a4fbfaac8d4a944d8b2a763666d1683ada (diff) | |
| download | tor-d29a3907338bd012ce5707e0e052747da87b3ba4.tar.gz tor-d29a3907338bd012ce5707e0e052747da87b3ba4.zip | |
Test for broken counter-mode at runtime
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.
Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.
fermenthor contributed a pretty essential fixup to this patch. Thanks!
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/aes_ctr_test | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/aes_ctr_test b/changes/aes_ctr_test new file mode 100644 index 0000000000..8b5af4572d --- /dev/null +++ b/changes/aes_ctr_test @@ -0,0 +1,5 @@ + o Minor bugfixes + - Test for the OpenSSL 1.0.0 counter mode bug at runtime, not compile + time. This is necessary because OpenSSL has been hacked to mis-report + its version on a few distributions. + Bugfix on Tor 0.2.3.11-alpha. |