Commit 11c7e657 authored by Alexander Færøy's avatar Alexander Færøy 🍍
Browse files

Merge branch 'maint-0.3.5' into maint-0.4.4

parents 48dd8793 42ba87d9
Pipeline #6650 passed with stage
in 20 minutes and 30 seconds
o Minor features (compatibility):
- Remove an assertion function related to TLS renegotiation.
It was used nowhere outside the unit tests, and it was breaking
compilation with recent alpha releases of OpenSSL 3.0.0.
Closes ticket 40399.
......@@ -108,7 +108,6 @@ int tor_tls_handshake(tor_tls_t *tls);
int tor_tls_finish_handshake(tor_tls_t *tls);
void tor_tls_unblock_renegotiation(tor_tls_t *tls);
void tor_tls_block_renegotiation(tor_tls_t *tls);
void tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls);
int tor_tls_get_pending_bytes(tor_tls_t *tls);
size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
......
......@@ -646,13 +646,6 @@ tor_tls_block_renegotiation(tor_tls_t *tls)
/* We don't support renegotiation with NSS. */
}
void
tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls)
{
tor_assert(tls);
/* We don't support renegotiation with NSS. */
}
int
tor_tls_get_pending_bytes(tor_tls_t *tls)
{
......
......@@ -1190,19 +1190,6 @@ tor_tls_block_renegotiation(tor_tls_t *tls)
#endif
}
/** Assert that the flags that allow legacy renegotiation are still set */
void
tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls)
{
#if defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && \
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION != 0
long options = SSL_get_options(tls->ssl);
tor_assert(0 != (options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION));
#else
(void) tls;
#endif /* defined(SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION) && ... */
}
/**
* Tell the TLS library that the underlying socket for <b>tls</b> has been
* closed, and the library should not attempt to free that socket itself.
......
......@@ -1143,25 +1143,6 @@ test_tortls_unblock_renegotiation(void *ignored)
}
#endif /* !defined(OPENSSL_OPAQUE) */
#ifndef OPENSSL_OPAQUE
static void
test_tortls_assert_renegotiation_unblocked(void *ignored)
{
(void)ignored;
tor_tls_t *tls;
tls = tor_malloc_zero(sizeof(tor_tls_t));
tls->ssl = tor_malloc_zero(sizeof(SSL));
tor_tls_unblock_renegotiation(tls);
tor_tls_assert_renegotiation_unblocked(tls);
/* No assertion here - this test will fail if tor_assert is turned on
* and things are bad. */
tor_free(tls->ssl);
tor_free(tls);
}
#endif /* !defined(OPENSSL_OPAQUE) */
static void
test_tortls_set_logged_address(void *ignored)
{
......@@ -2224,7 +2205,6 @@ struct testcase_t tortls_openssl_tests[] = {
INTRUSIVE_TEST_CASE(server_info_callback, 0),
LOCAL_TEST_CASE(get_write_overhead_ratio, TT_FORK),
LOCAL_TEST_CASE(is_server, 0),
INTRUSIVE_TEST_CASE(assert_renegotiation_unblocked, 0),
INTRUSIVE_TEST_CASE(block_renegotiation, 0),
INTRUSIVE_TEST_CASE(unblock_renegotiation, 0),
INTRUSIVE_TEST_CASE(set_renegotiate_callback, 0),
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment