From 89cafc4afac37ee3c9186f5c600cdf2fba1d7d1c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 3 May 2018 13:33:14 -0400 Subject: Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks This is needed for libressl-2.6.4 compatibility, which we broke when we merged a15b2c57e1f901c53 to fix bug 19981. Fixes bug 26005; bug not in any released Tor. --- src/common/aes.c | 2 +- src/common/crypto.c | 10 +++++----- src/common/tortls.c | 4 ++-- src/test/test_tortls.c | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/common/aes.c b/src/common/aes.c index 95737cffcc..efb4fe855c 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -116,7 +116,7 @@ aes_cipher_free_(aes_cnt_cipher_t *cipher_) if (!cipher_) return; EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_; -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#ifdef OPENSSL_1_1_API EVP_CIPHER_CTX_reset(cipher); #else EVP_CIPHER_CTX_cleanup(cipher); diff --git a/src/common/crypto.c b/src/common/crypto.c index c98a968757..3943465020 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -205,7 +205,7 @@ crypto_early_init(void) crypto_early_initialized_ = 1; -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ADD_ALL_CIPHERS | @@ -1668,13 +1668,13 @@ memwipe(void *mem, uint8_t byte, size_t sz) int crypto_global_cleanup(void) { -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) +#ifndef OPENSSL_1_1_API EVP_cleanup(); #endif #ifndef NEW_THREAD_API ERR_remove_thread_state(NULL); #endif -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) +#ifndef OPENSSL_1_1_API ERR_free_strings(); #endif @@ -1688,13 +1688,13 @@ crypto_global_cleanup(void) dh_param_p = dh_param_p_tls = dh_param_g = NULL; #ifndef DISABLE_ENGINES -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) +#ifndef OPENSSL_1_1_API ENGINE_cleanup(); #endif #endif CONF_modules_unload(1); -#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0) +#ifndef OPENSSL_1_1_API CRYPTO_cleanup_all_ex_data(); #endif diff --git a/src/common/tortls.c b/src/common/tortls.c index cd236363f8..4044a0e708 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -56,7 +56,7 @@ ENABLE_GCC_WARNING(redundant-decls) #include "container.h" #include -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#ifdef OPENSSL_1_1_API #define X509_get_notBefore_const(cert) \ X509_get0_notBefore(cert) #define X509_get_notAfter_const(cert) \ @@ -370,7 +370,7 @@ tor_tls_init(void) check_no_tls_errors(); if (!tls_library_is_initialized) { -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); #else SSL_library_init(); diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index ef1be139a6..ffa641ec41 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -205,7 +205,7 @@ test_tortls_tor_tls_get_error(void *data) static void library_init(void) { -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) +#ifdef OPENSSL_1_1_API OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL); #else SSL_library_init(); -- cgit v1.2.3-54-g00ecf