diff options
| author | Yawning Angel <yawning@schwanenlied.me> | 2015-11-06 19:02:56 +0000 |
|---|---|---|
| committer | Yawning Angel <yawning@schwanenlied.me> | 2015-11-06 19:02:56 +0000 |
| commit | 3e3ec750cd72fe1c946d8da6e4f07d87efe3d8ac (patch) | |
| tree | d51a63ed99eeaa191a2147d6b729a732a80a2597 /src/common/tortls.c | |
| parent | 5a370618859573ed1eb5dabbe0ed2e773a579817 (diff) | |
| download | tor-3e3ec750cd72fe1c946d8da6e4f07d87efe3d8ac.tar.gz tor-3e3ec750cd72fe1c946d8da6e4f07d87efe3d8ac.zip | |
Fix compilation with OpenSSL 1.1.0-dev.
OpenSSL changed the API:
* https://github.com/openssl/openssl/commit/5998e2903589e7b19e102ebff06521f2dcb60409
* https://github.com/openssl/openssl/commit/b0700d2c8de79252ba605748a075cf2e5d670da1
Diffstat (limited to 'src/common/tortls.c')
| -rw-r--r-- | src/common/tortls.c | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 1057cf40f0..cd36f9cc0b 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -384,7 +384,11 @@ tor_tls_init(void) #if (SIZEOF_VOID_P >= 8 && \ OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,1)) +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + long version = OpenSSL_version_num(); +#else long version = SSLeay(); +#endif /* LCOV_EXCL_START : we can't test these lines on the same machine */ if (version >= OPENSSL_V_SERIES(1,0,1)) { @@ -1525,7 +1529,6 @@ STATIC void tor_tls_server_info_callback(const SSL *ssl, int type, int val) { tor_tls_t *tls; - int ssl_state; (void) val; tor_tls_debug_state_callback(ssl, type, val); @@ -1533,10 +1536,16 @@ tor_tls_server_info_callback(const SSL *ssl, int type, int val) if (type != SSL_CB_ACCEPT_LOOP) return; - ssl_state = SSL_state(ssl); +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + OSSL_HANDSHAKE_STATE ssl_state = SSL_get_state(ssl); + if (ssl_state == TLS_ST_SW_SRVR_HELLO) + return; +#else + int ssl_state = SSL_state(ssl); if ((ssl_state != SSL3_ST_SW_SRVR_HELLO_A) && (ssl_state != SSL3_ST_SW_SRVR_HELLO_B)) return; +#endif tls = tor_tls_get_by_ssl(ssl); if (tls) { /* Check whether we're watching for renegotiates. If so, this is one! */ @@ -1892,13 +1901,16 @@ int tor_tls_handshake(tor_tls_t *tls) { int r; - int oldstate; tor_assert(tls); tor_assert(tls->ssl); tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE); check_no_tls_errors(); - oldstate = SSL_state(tls->ssl); +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + OSSL_HANDSHAKE_STATE oldstate = SSL_get_state(tls->ssl); +#else + int oldstate = SSL_state(tls->ssl); +#endif if (tls->isServer) { log_debug(LD_HANDSHAKE, "About to call SSL_accept on %p (%s)", tls, SSL_state_string_long(tls->ssl)); @@ -1908,7 +1920,12 @@ tor_tls_handshake(tor_tls_t *tls) SSL_state_string_long(tls->ssl)); r = SSL_connect(tls->ssl); } - if (oldstate != SSL_state(tls->ssl)) +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) + OSSL_HANDSHAKE_STATE newstate = SSL_get_state(tls->ssl); +#else + int newstate = SSL_state(tls->ssl); +#endif + if (oldstate != newstate) log_debug(LD_HANDSHAKE, "After call, %p was in state %s", tls, SSL_state_string_long(tls->ssl)); /* We need to call this here and not earlier, since OpenSSL has a penchant |