From 0116eae59a35e4303ca179d6b0fb0302a83e87a1 Mon Sep 17 00:00:00 2001 From: Yawning Angel Date: Fri, 24 Jun 2016 22:20:41 +0000 Subject: [PATCH] Bug19499: Fix GCC warnings when building against bleeding edge OpenSSL. The previous version of the new accessors didn't specify const but it was changed in master. --- changes/bug19499 | 4 ++++ src/common/crypto.c | 24 ++++++++++++------------ src/tools/tor-checkkey.c | 4 ++-- 3 files changed, 18 insertions(+), 14 deletions(-) create mode 100644 changes/bug19499 diff --git a/changes/bug19499 b/changes/bug19499 new file mode 100644 index 000000000..5db49bb74 --- /dev/null +++ b/changes/bug19499 @@ -0,0 +1,4 @@ + o Minor features (build): + - Tor now again builds with the recent OpenSSL 1.1 development branch + (tested against 1.1.0-pre6-dev). + diff --git a/src/common/crypto.c b/src/common/crypto.c index 8d990d334..2b96324d3 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -145,7 +145,7 @@ struct crypto_dh_t { }; static int setup_openssl_threading(void); -static int tor_check_dh_key(int severity, BIGNUM *bn); +static int tor_check_dh_key(int severity, const BIGNUM *bn); /** Return the number of bytes added by padding method padding. */ @@ -466,7 +466,7 @@ crypto_pk_private_ok(const crypto_pk_t *k) if (!k || !k->key) return 0; - BIGNUM *p, *q; + const BIGNUM *p, *q; RSA_get0_factors(k->key, &p, &q); return p != NULL; /* XXX/yawning: Should we check q? */ #else @@ -890,10 +890,10 @@ crypto_pk_public_exponent_ok(crypto_pk_t *env) tor_assert(env); tor_assert(env->key); - BIGNUM *e; + const BIGNUM *e; #ifdef OPENSSL_1_1_API - BIGNUM *n, *d; + const BIGNUM *n, *d; RSA_get0_key(env->key, &n, &e, &d); #else e = env->key->e; @@ -919,11 +919,11 @@ crypto_pk_cmp_keys(const crypto_pk_t *a, const crypto_pk_t *b) if (an_argument_is_null) return result; - BIGNUM *a_n, *a_e; - BIGNUM *b_n, *b_e; + const BIGNUM *a_n, *a_e; + const BIGNUM *b_n, *b_e; #ifdef OPENSSL_1_1_API - BIGNUM *a_d, *b_d; + const BIGNUM *a_d, *b_d; RSA_get0_key(a->key, &a_n, &a_e, &a_d); RSA_get0_key(b->key, &b_n, &b_e, &b_d); #else @@ -975,7 +975,7 @@ crypto_pk_num_bits(crypto_pk_t *env) /* It's so stupid that there's no other way to check that n is valid * before calling RSA_bits(). */ - BIGNUM *n, *e, *d; + const BIGNUM *n, *e, *d; RSA_get0_key(env->key, &n, &e, &d); tor_assert(n != NULL); @@ -2420,7 +2420,7 @@ crypto_dh_generate_public(crypto_dh_t *dh) * recreating the DH object. I have no idea what sort of aliasing madness * can occur here, so do the check, and just bail on failure. */ - BIGNUM *pub_key, *priv_key; + const BIGNUM *pub_key, *priv_key; DH_get0_key(dh->dh, &pub_key, &priv_key); if (tor_check_dh_key(LOG_WARN, pub_key)<0) { log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-" @@ -2451,10 +2451,10 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len) int bytes; tor_assert(dh); - BIGNUM *dh_pub; + const BIGNUM *dh_pub; #ifdef OPENSSL_1_1_API - BIGNUM *dh_priv; + const BIGNUM *dh_priv; DH_get0_key(dh->dh, &dh_pub, &dh_priv); #else dh_pub = dh->dh->pub_key; @@ -2493,7 +2493,7 @@ crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len) * See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips. */ static int -tor_check_dh_key(int severity, BIGNUM *bn) +tor_check_dh_key(int severity, const BIGNUM *bn) { BIGNUM *x; char *s; diff --git a/src/tools/tor-checkkey.c b/src/tools/tor-checkkey.c index 8e957c254..3e16fd033 100644 --- a/src/tools/tor-checkkey.c +++ b/src/tools/tor-checkkey.c @@ -72,9 +72,9 @@ main(int c, char **v) } else { rsa = crypto_pk_get_rsa_(env); - BIGNUM *rsa_n; + const BIGNUM *rsa_n; #ifdef OPENSSL_1_1_API - BIGNUM *rsa_e, *rsa_d; + const BIGNUM *rsa_e, *rsa_d; RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); #else rsa_n = rsa->n;