[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Edit our openssl detection in autoconf to tolerate no-deprecated.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/master] Edit our openssl detection in autoconf to tolerate no-deprecated.
From: nickm@xxxxxxxxxxxxxx
Date: Mon, 30 Apr 2018 13:42:41 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 30 Apr 2018 09:43:04 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 8e562874a42a1a3eb982ba2df3ff1f3860db0d31
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Mon Mar 5 15:34:04 2018 -0500

    Edit our openssl detection in autoconf to tolerate no-deprecated.
    
    When openssl is built with no-deprecated, the TLSv1_1_method()
    function isn't visible in the headers.  That's sad, because that
    method is what we were looking at.
    
    Instead, we now look at SSL_CIPHER_get_id(), which is present in
    OpenSSL 1.0.1 and later, which is _not_ deprecated, and which is
    also present in LibreSSL.
    
    Fixes ticket 25353.  Not a bugfix exactly -- we never really worked
    with this configuration.
---
 configure.ac | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index 878f5a88b..aa2617b70 100644
--- a/configure.ac
+++ b/configure.ac
@@ -788,9 +788,18 @@ AC_ARG_WITH(ssl-dir,
 
 AC_MSG_NOTICE([Now, we'll look for OpenSSL >= 1.0.1])
 TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI $TOR_LIB_WS32],
-    [#include <openssl/ssl.h>],
-    [struct ssl_method_st; const struct ssl_method_st *TLSv1_1_method(void);],
-    [TLSv1_1_method();], [],
+    [#include <openssl/ssl.h>
+     char *getenv(const char *);],
+    [struct ssl_cipher_st;
+     unsigned SSL_CIPHER_get_id(const struct ssl_cipher_st *);
+     char *getenv(const char *);],
+    dnl This funny-looking test program calls getenv, so that the compiler
+    dnl will neither make code that call SSL_CIPHER_get_id(NULL) [producing
+    dnl a crash], nor optimize out the call to SSL_CIPHER_get_id().
+    dnl We look for SSL_cipher_get_id() because it is present in
+    dnl OpenSSL >=1.0.1, because it is not deprecated, and because Tor
+    dnl depends on it.
+    [if (getenv("THIS_SHOULDNT_BE_SET_X201803")) SSL_CIPHER_get_id((void *)0);], [],
     [/usr/local/opt/openssl /usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /opt/openssl])
 
 dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] Switch Travis to stable rust
Next by Author: [tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.1' into maint-0.3.2
Previous by thread: [tor-commits] [tor/master] Changes file for openssl no-deprecated work.
Next by thread: [tor-commits] [tor/master] Add support for openssl built with "no-deprecated".
Index(es):
- Author
- Thread