commit 13a2acba3c951a049f89b2c553e3139008032fe8 Merge: 48a51c5f8 f2fca5197 Author: Nick Mathewson <nickm@torproject.org> Date: Tue Jan 23 14:02:45 2018 -0500 Merge remote-tracking branch 'ffmancera/bug24658-openssl' src/common/aes.c | 1 + src/common/compat_openssl.h | 2 +- src/common/crypto.c | 131 +----------------------------------- src/common/crypto.h | 35 ---------- src/common/crypto_curve25519.h | 1 + src/common/crypto_openssl_mgt.c | 145 ++++++++++++++++++++++++++++++++++++++++ src/common/crypto_openssl_mgt.h | 85 +++++++++++++++++++++++ src/common/include.am | 2 + 8 files changed, 236 insertions(+), 166 deletions(-) diff --cc src/common/crypto.c index b519caed0,3fba2da5d..3ff3a98e0 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@@ -3494,14 -3363,7 +3366,13 @@@ crypto_global_cleanup(void } #endif /* !defined(NEW_THREAD_API) */ - tor_free(crypto_openssl_version_str); - tor_free(crypto_openssl_header_version_str); + crypto_openssl_free_all(); + + crypto_early_initialized_ = 0; + crypto_global_initialized_ = 0; + have_seeded_siphash = 0; + siphash_unset_global_key(); + return 0; } diff --cc src/common/crypto.h index eca115fa7,879af45fe..3caa23773 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@@ -19,43 -19,9 +19,10 @@@ #include "torint.h" #include "testsupport.h" #include "compat.h" +#include "util.h" - #include <openssl/engine.h> #include "keccak-tiny/keccak-tiny.h" - /* - Macro to create an arbitrary OpenSSL version number as used by - OPENSSL_VERSION_NUMBER or SSLeay(), since the actual numbers are a bit hard - to read. - - Don't use this directly, instead use one of the other OPENSSL_V macros - below. - - The format is: 4 bits major, 8 bits minor, 8 bits fix, 8 bits patch, 4 bit - status. - */ - #define OPENSSL_VER(a,b,c,d,e) \ - (((a)<<28) | \ - ((b)<<20) | \ - ((c)<<12) | \ - ((d)<< 4) | \ - (e)) - /** An openssl release number. For example, OPENSSL_V(0,9,8,'j') is the - * version for the released version of 0.9.8j */ - #define OPENSSL_V(a,b,c,d) \ - OPENSSL_VER((a),(b),(c),(d)-'a'+1,0xf) - /** An openssl release number for the first release in the series. For - * example, OPENSSL_V_NOPATCH(1,0,0) is the first released version of OpenSSL - * 1.0.0. */ - #define OPENSSL_V_NOPATCH(a,b,c) \ - OPENSSL_VER((a),(b),(c),0,0xf) - /** The first version that would occur for any alpha or beta in an openssl - * series. For example, OPENSSL_V_SERIES(0,9,8) is greater than any released - * 0.9.7, and less than any released 0.9.8. */ - #define OPENSSL_V_SERIES(a,b,c) \ - OPENSSL_VER((a),(b),(c),0,0) - /** Length of the output of our message digest. */ #define DIGEST_LEN 20 /** Length of the output of our second (improved) message digests. (For now