[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #25353 [Core Tor/Tor]: Configure fails with some OpenSSL 1.1.0 built with no-deprecated.
#25353: Configure fails with some OpenSSL 1.1.0 built with no-deprecated.
-------------------------------------------------+-------------------------
Reporter: laomaiweng | Owner: nickm
Type: defect | Status:
| accepted
Priority: Medium | Milestone: Tor:
| 0.3.4.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.2.7.2-alpha
Severity: Normal | Resolution:
Keywords: openssl, tor-ssl, 033-backport, | Actual Points:
032-backport, 033-must |
Parent ID: #19429 | Points: 1
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by nickm):
I've had a partial success here.
My branch `bug25353_032` replaces the `TLSv1_1_method()` check with a
`SSL_CIPHER_get_id()` test. (You can see my public repository at
https://gitweb.torproject.org/nickm/tor.git .)
The problem here, though, is that this change is not enough to make Tor
compile when OpenSSL is built with no-deprecated. Tor uses the following
deprecated functions:
{{{
CRYPTO_cleanup_all_ex_data
ENGINE_cleanup
ERR_free_strings
ERR_load_crypto_strings
EVP_CIPHER_CTX_cleanup
EVP_cleanup
OpenSSL_add_all_algorithms
SSL_library_init
SSL_load_error_strings
X509_get_notAfter
X509_get_notBefore
}}}
The number of functions here makes me think that we should postpone
compatibility with `no-deprecated` OpenSSL until 0.3.4. What do you
think?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25353#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs