diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-08-23 11:30:18 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-09-16 13:28:29 -0400 |
| commit | 991bec67ee41fd7f3c12e9194d96491b51bedd50 (patch) | |
| tree | ca97cfe01e65293ee523bb7e8de3c007801ea9af /src/lib | |
| parent | 035166e7bf30645f6da9d39374f5e9c9efe867f8 (diff) | |
| download | tor-991bec67ee41fd7f3c12e9194d96491b51bedd50.tar.gz tor-991bec67ee41fd7f3c12e9194d96491b51bedd50.zip | |
When Tor is compiled with NSS, don't claim support for LinkAuth=1
Closes ticket 27288
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/crypt_ops/crypto_init.c | 11 | ||||
| -rw-r--r-- | src/lib/crypt_ops/crypto_init.h | 2 | ||||
| -rw-r--r-- | src/lib/tls/tortls.h | 4 |
3 files changed, 17 insertions, 0 deletions
diff --git a/src/lib/crypt_ops/crypto_init.c b/src/lib/crypt_ops/crypto_init.c index c731662d49..9d6e2da0d0 100644 --- a/src/lib/crypt_ops/crypto_init.c +++ b/src/lib/crypt_ops/crypto_init.c @@ -191,3 +191,14 @@ crypto_get_header_version_string(void) return crypto_nss_get_header_version_str(); #endif } + +/** Return true iff Tor is using the NSS library. */ +int +tor_is_using_nss(void) +{ +#ifdef ENABLE_NSS + return 1; +#else + return 0; +#endif +} diff --git a/src/lib/crypt_ops/crypto_init.h b/src/lib/crypt_ops/crypto_init.h index 5b6d65d48c..b71f144276 100644 --- a/src/lib/crypt_ops/crypto_init.h +++ b/src/lib/crypt_ops/crypto_init.h @@ -31,4 +31,6 @@ const char *crypto_get_library_name(void); const char *crypto_get_library_version_string(void); const char *crypto_get_header_version_string(void); +int tor_is_using_nss(void); + #endif /* !defined(TOR_CRYPTO_H) */ diff --git a/src/lib/tls/tortls.h b/src/lib/tls/tortls.h index 3f1098bbac..81db5ce5a9 100644 --- a/src/lib/tls/tortls.h +++ b/src/lib/tls/tortls.h @@ -126,6 +126,10 @@ int tor_tls_server_got_renegotiate(tor_tls_t *tls); MOCK_DECL(int,tor_tls_cert_matches_key,(const tor_tls_t *tls, const struct tor_x509_cert_t *cert)); MOCK_DECL(int,tor_tls_get_tlssecrets,(tor_tls_t *tls, uint8_t *secrets_out)); +#ifdef ENABLE_OPENSSL +/* OpenSSL lets us see these master secrets; NSS sensibly does not. */ +#define HAVE_WORKING_TOR_TLS_GET_TLSSECRETS +#endif MOCK_DECL(int,tor_tls_export_key_material,( tor_tls_t *tls, uint8_t *secrets_out, const uint8_t *context, |