From 75f3fbaa3c7316fcef3509ef1e3813b94d8c4c8a Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 2 May 2018 08:18:48 -0400 Subject: [PATCH] LibreSSL compatibility fixes. LibreSSL, despite not having the OpenSSL 1.1 API, does define OPENSSL_VERSION in crypto.h. Additionally, it apparently annotates some functions as returning NULL, so that our unit tests need to be more careful about checking for NULL so they don't get compilation warnings. Closes ticket 26006. --- changes/ticket26006 | 4 ++++ src/common/compat_openssl.h | 7 ++++++- src/test/test_tortls.c | 3 +++ 3 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 changes/ticket26006 diff --git a/changes/ticket26006 b/changes/ticket26006 new file mode 100644 index 000000000..e33e3f1cd --- /dev/null +++ b/changes/ticket26006 @@ -0,0 +1,4 @@ + o Minor features (compilation, portability): + - Avoid some compilation warnings with recent versions + of LibreSSL. Closes ticket 26006. + diff --git a/src/common/compat_openssl.h b/src/common/compat_openssl.h index 1bfe18807..76679872b 100644 --- a/src/common/compat_openssl.h +++ b/src/common/compat_openssl.h @@ -8,6 +8,8 @@ #define TOR_COMPAT_OPENSSL_H #include +// workaround for libressl; not needed in later Tor versions. +#include /** * \file compat_openssl.h @@ -27,8 +29,11 @@ #define OPENSSL_1_1_API #endif -#ifndef OPENSSL_1_1_API +#ifndef OPENSSL_VERSION #define OPENSSL_VERSION SSLEAY_VERSION +#endif + +#ifndef OPENSSL_1_1_API #define OpenSSL_version(v) SSLeay_version(v) #define OpenSSL_version_num() SSLeay() #define RAND_OpenSSL() RAND_SSLeay() diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 47455cff8..5028a9540 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -840,8 +840,10 @@ test_tortls_classify_client_ciphers(void *ignored) sk_SSL_CIPHER_zero(ciphers); one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384"); + tt_assert(one); one->id = 0x00ff; two = get_cipher_by_name("ECDHE-RSA-AES128-GCM-SHA256"); + tt_assert(two); two->id = 0x0000; sk_SSL_CIPHER_push(ciphers, one); tls->client_cipher_list_type = 0; @@ -912,6 +914,7 @@ test_tortls_client_is_using_v2_ciphers(void *ignored) ciphers = sk_SSL_CIPHER_new_null(); SSL_CIPHER *one = get_cipher_by_name("ECDHE-RSA-AES256-GCM-SHA384"); + tt_assert(one); one->id = 0x00ff; sk_SSL_CIPHER_push(ciphers, one); sess->ciphers = ciphers;