From 2a365413ebc7ab0055bd4c2fc11697666fc90f7b Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sun, 6 Nov 2016 21:01:25 -0500
Subject: [PATCH] Always Use EVP_aes_*_ctr() with openssl 1.1

(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration
for counter mode on more architectures.  So it won't work if we try
the older approach, and it might help if we try the newer one.)

Fixes bug 20588.
---
 changes/bug20588 | 3 +++
 src/common/aes.c | 9 ++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 changes/bug20588

diff --git a/changes/bug20588 b/changes/bug20588
new file mode 100644
index 000000000..be199b2de
--- /dev/null
+++ b/changes/bug20588
@@ -0,0 +1,3 @@
+  o Minor bugfixes (portability):
+    - Fix compilation with OpenSSL 1.1 and less commonly-used
+      CPU architectures. Closes ticket 20588.
diff --git a/src/common/aes.c b/src/common/aes.c
index 15970a73f..8edfc5d33 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -73,7 +73,14 @@
  * gives us, and the best possible counter-mode implementation, and combine
  * them.
  */
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) &&               \
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0)
+
+/* With newer OpenSSL versions, the older fallback modes don't compile.  So
+ * don't use them, even if we lack specific acceleration. */
+
+#define USE_EVP_AES_CTR
+
+#elif OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) &&               \
   (defined(__i386) || defined(__i386__) || defined(_M_IX86) ||          \
    defined(__x86_64) || defined(__x86_64__) ||                          \
    defined(_M_AMD64) || defined(_M_X64) || defined(__INTEL__))          \