From 78f43c5d033d5717b0da1cb0f4443188a264932c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 27 Dec 2011 20:31:23 -0500 Subject: Require openssl 1.0.0a for using openssl's ctr-mode implementation Previously we required 1.0.0, but there was a bug in the 1.0.0 counter mode. Found by Pascal. Fixes bug 4779. A more elegant solution would be good here if somebody has time to code one. --- changes/bug4779 | 4 ++++ src/common/aes.c | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 changes/bug4779 diff --git a/changes/bug4779 b/changes/bug4779 new file mode 100644 index 0000000000..4535a2b04d --- /dev/null +++ b/changes/bug4779 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Do not use OpenSSL 1.0.0's counter mode: it has a critical bug + that was fixed in OpenSSL 1.0.0a. Fixes bug 4779; bugfix on + Tor 0.2.3.9-alpha. Found by Pascal. diff --git a/src/common/aes.c b/src/common/aes.c index cec6899817..9487cdd51c 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -17,7 +17,7 @@ #include #include #include -#if OPENSSL_VERSION_NUMBER >= 0x10000000L +#if OPENSSL_VERSION_NUMBER >= 0x1000001fL /* See comments about which counter mode implementation to use below. */ #include #define USE_OPENSSL_CTR @@ -45,7 +45,9 @@ * Here we have a counter mode that's faster than the one shipping with * OpenSSL pre-1.0 (by about 10%!). But OpenSSL 1.0.0 added a counter mode * implementation faster than the one here (by about 7%). So we pick which - * one to used based on the Openssl version above. + * one to used based on the Openssl version above. (OpenSSL 1.0.0a fixed a + * critical bug in that counter mode implementation, so we actually require + * that one.) */ /*======================================================================*/ -- cgit v1.2.3-54-g00ecf