Commit 75f3fbaa authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

LibreSSL compatibility fixes. 

LibreSSL, despite not having the OpenSSL 1.1 API, does define
OPENSSL_VERSION in crypto.h.  Additionally, it apparently annotates
some functions as returning NULL, so that our unit tests need to be
more careful about checking for NULL so they don't get compilation
warnings.

Closes ticket 26006.
parent 34e7dca9

changes/ticket26006

0 → 100644
+4 −0
Original line number Diff line number Diff line 
  o Minor features (compilation, portability):

    - Avoid some compilation warnings with recent versions

      of LibreSSL. Closes ticket 26006.

src/common/compat_openssl.h

+6 −1
Original line number Diff line number Diff line
@@ -8,6 +8,8 @@ 
#define TOR_COMPAT_OPENSSL_H



#include <openssl/opensslv.h>

// workaround for libressl; not needed in later Tor versions.

#include <openssl/crypto.h>



/**

 * \file compat_openssl.h
@@ -27,8 +29,11 @@ 
#define OPENSSL_1_1_API

#endif



#ifndef OPENSSL_1_1_API

#ifndef OPENSSL_VERSION

#define OPENSSL_VERSION SSLEAY_VERSION

#endif



#ifndef OPENSSL_1_1_API

#define OpenSSL_version(v) SSLeay_version(v)

#define OpenSSL_version_num() SSLeay()

#define RAND_OpenSSL() RAND_SSLeay()

src/test/test_tortls.c

+3 −0
Original line number Diff line number Diff line
@@ -840,8 +840,10 @@ test_tortls_classify_client_ciphers(void *ignored) 
  sk_SSL_CIPHER_zero(ciphers);



  one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384");

  tt_assert(one);

  one->id = 0x00ff;

  two = get_cipher_by_name("ECDHE-RSA-AES128-GCM-SHA256");

  tt_assert(two);

  two->id = 0x0000;

  sk_SSL_CIPHER_push(ciphers, one);

  tls->client_cipher_list_type = 0;
@@ -912,6 +914,7 @@ test_tortls_client_is_using_v2_ciphers(void *ignored) 


  ciphers = sk_SSL_CIPHER_new_null();

  SSL_CIPHER *one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384");

  tt_assert(one);

  one->id = 0x00ff;

  sk_SSL_CIPHER_push(ciphers, one);

  sess->ciphers = ciphers;