Commit 6a88d8f6 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

When enabling NSS, disable OpenSSL.

We used to link both libraries at once, but now that I'm working on
TLS, there's nothing left to keep OpenSSL around for when NSS is
enabled.

Note that this patch causes a couple of places that still assumed
OpenSSL to be disabled when NSS is enabled
   - tor-gencert
   - pbkdf2
parent 1992c761
......@@ -224,6 +224,9 @@ static void
test_crypto_openssl_version(void *arg)
{
(void)arg;
#ifdef ENABLE_NSS
tt_skip();
#else
const char *version = crypto_openssl_get_version_str();
const char *h_version = crypto_openssl_get_header_version_str();
tt_assert(version);
......@@ -243,6 +246,7 @@ test_crypto_openssl_version(void *arg)
tt_int_op(a, OP_GE, 0);
tt_int_op(b, OP_GE, 0);
tt_int_op(c, OP_GE, 0);
#endif
done:
;
......
......@@ -18,7 +18,9 @@
#include <libscrypt.h>
#endif
#ifdef ENABLE_OPENSSL
#include <openssl/evp.h>
#endif
/** Run unit tests for our secret-to-key passphrase hashing functionality. */
static void
......
bin_PROGRAMS+= src/tools/tor-resolve src/tools/tor-gencert src/tools/tor-print-ed-signing-cert
bin_PROGRAMS+= src/tools/tor-resolve src/tools/tor-print-ed-signing-cert
if COVERAGE_ENABLED
noinst_PROGRAMS+= src/tools/tor-cov-resolve src/tools/tor-cov-gencert
noinst_PROGRAMS+= src/tools/tor-cov-resolve
endif
src_tools_tor_resolve_SOURCES = src/tools/tor-resolve.c
......@@ -20,6 +20,10 @@ src_tools_tor_cov_resolve_LDADD = \
@TOR_LIB_MATH@ @TOR_LIB_WS32@
endif
if USE_NSS
# ...
else
bin_PROGRAMS += src/tools/tor-gencert
src_tools_tor_gencert_SOURCES = src/tools/tor-gencert.c
src_tools_tor_gencert_LDFLAGS = @TOR_LDFLAGS_zlib@ $(TOR_LDFLAGS_CRYPTLIB)
src_tools_tor_gencert_LDADD = \
......@@ -28,6 +32,7 @@ src_tools_tor_gencert_LDADD = \
$(rust_ldadd) \
@TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ $(TOR_LIBS_CRYPTLIB) \
@TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ @CURVE25519_LIBS@
endif
src_tools_tor_print_ed_signing_cert_SOURCES = src/tools/tor-print-ed-signing-cert.c
src_tools_tor_print_ed_signing_cert_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@
......@@ -38,7 +43,11 @@ src_tools_tor_print_ed_signing_cert_LDADD = \
@TOR_LIB_MATH@ $(TOR_LIBS_CRYPTLIB) \
@TOR_LIB_WS32@ @TOR_LIB_USERENV@
if USE_NSS
# ...
else
if COVERAGE_ENABLED
noinst_PROGRAMS += src/tools/tor-cov-gencert
src_tools_tor_cov_gencert_SOURCES = src/tools/tor-gencert.c
src_tools_tor_cov_gencert_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
src_tools_tor_cov_gencert_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
......@@ -49,6 +58,7 @@ src_tools_tor_cov_gencert_LDADD = \
@TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ $(TOR_LIBS_CRYPTLIB) \
@TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
endif
endif
if BUILD_LIBTORRUNNER
noinst_LIBRARIES += src/tools/libtorrunner.a
......
......@@ -17,6 +17,7 @@
#include "lib/crypt_ops/crypto_init.h"
#include "lib/crypt_ops/crypto_openssl_mgt.h"
#ifdef ENABLE_OPENSSL
/* Some versions of OpenSSL declare X509_STORE_CTX_set_verify_cb twice in
* x509.h and x509_vfy.h. Suppress the GCC warning so we can build with
* -Wredundant-decl. */
......@@ -30,6 +31,7 @@ DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/err.h>
ENABLE_GCC_WARNING(redundant-decls)
#endif
#include <errno.h>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment