Commit 0bd55ed9 authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

Always Use EVP_aes_*_ctr() with openssl 1.1

(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration
for counter mode on more architectures.  So it won't work if we try
the older approach, and it might help if we try the newer one.)

Fixes bug 20588.
parent f6a3d213
Loading
Loading
Loading
Loading

changes/bug20588

0 → 100644
+3 −0
Original line number Diff line number Diff line
  o Minor bugfixes (portability):
    - Fix compilation with OpenSSL 1.1 and less commonly-used
      CPU architectures. Closes ticket 20588.
+8 −1
Original line number Diff line number Diff line
@@ -56,7 +56,14 @@ ENABLE_GCC_WARNING(redundant-decls)
 * gives us, and the best possible counter-mode implementation, and combine
 * them.
 */
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) &&               \
#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0)

/* With newer OpenSSL versions, the older fallback modes don't compile.  So
 * don't use them, even if we lack specific acceleration. */

#define USE_EVP_AES_CTR

#elif OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) &&               \
  (defined(__i386) || defined(__i386__) || defined(_M_IX86) ||          \
   defined(__x86_64) || defined(__x86_64__) ||                          \
   defined(_M_AMD64) || defined(_M_X64) || defined(__INTEL__))          \