[tor-commits] [tor/master] Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks

nickm at torproject.org nickm at torproject.org
Wed May 9 12:23:32 UTC 2018 

commit 89cafc4afac37ee3c9186f5c600cdf2fba1d7d1c
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu May 3 13:33:14 2018 -0400

    Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks
    
    This is needed for libressl-2.6.4 compatibility, which we broke when
    we merged a15b2c57e1f901c53 to fix bug 19981.  Fixes bug 26005; bug
    not in any released Tor.
---
 src/common/aes.c       |  2 +-
 src/common/crypto.c    | 10 +++++-----
 src/common/tortls.c    |  4 ++--
 src/test/test_tortls.c |  2 +-
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/common/aes.c b/src/common/aes.c
index 95737cffc..efb4fe855 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -116,7 +116,7 @@ aes_cipher_free_(aes_cnt_cipher_t *cipher_)
   if (!cipher_)
     return;
   EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_;
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#ifdef OPENSSL_1_1_API
   EVP_CIPHER_CTX_reset(cipher);
 #else
   EVP_CIPHER_CTX_cleanup(cipher);
diff --git a/src/common/crypto.c b/src/common/crypto.c
index c98a96875..394346502 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -205,7 +205,7 @@ crypto_early_init(void)
 
     crypto_early_initialized_ = 1;
 
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#ifdef OPENSSL_1_1_API
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
                      OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
                      OPENSSL_INIT_ADD_ALL_CIPHERS |
@@ -1668,13 +1668,13 @@ memwipe(void *mem, uint8_t byte, size_t sz)
 int
 crypto_global_cleanup(void)
 {
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
+#ifndef OPENSSL_1_1_API
   EVP_cleanup();
 #endif
 #ifndef NEW_THREAD_API
   ERR_remove_thread_state(NULL);
 #endif
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
+#ifndef OPENSSL_1_1_API
   ERR_free_strings();
 #endif
 
@@ -1688,13 +1688,13 @@ crypto_global_cleanup(void)
   dh_param_p = dh_param_p_tls = dh_param_g = NULL;
 
 #ifndef DISABLE_ENGINES
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
+#ifndef OPENSSL_1_1_API
   ENGINE_cleanup();
 #endif
 #endif
 
   CONF_modules_unload(1);
-#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,1,0)
+#ifndef OPENSSL_1_1_API
   CRYPTO_cleanup_all_ex_data();
 #endif
 
diff --git a/src/common/tortls.c b/src/common/tortls.c
index cd236363f..4044a0e70 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -56,7 +56,7 @@ ENABLE_GCC_WARNING(redundant-decls)
 #include "container.h"
 #include <string.h>
 
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#ifdef OPENSSL_1_1_API
 #define X509_get_notBefore_const(cert) \
     X509_get0_notBefore(cert)
 #define X509_get_notAfter_const(cert) \
@@ -370,7 +370,7 @@ tor_tls_init(void)
   check_no_tls_errors();
 
   if (!tls_library_is_initialized) {
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#ifdef OPENSSL_1_1_API
     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
 #else
     SSL_library_init();
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index ef1be139a..ffa641ec4 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -205,7 +205,7 @@ test_tortls_tor_tls_get_error(void *data)
 static void
 library_init(void)
 {
-#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0)
+#ifdef OPENSSL_1_1_API
   OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
 #else
   SSL_library_init();

More information about the tor-commits mailing list