[tor-commits] [tor/release-0.2.5] Fix compilation with no-compression OpenSSL builds and forks
arma at torproject.org
arma at torproject.org
Thu Jul 24 20:31:24 UTC 2014
commit 66798dfdc069ffc2ce1a9cb84529d2015dd3cd66
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Jul 17 11:25:56 2014 +0200
Fix compilation with no-compression OpenSSL builds and forks
Found because LibreSSL has OPENSSL_NO_COMP always-on, but this
conflicts with the way that _we_ turn off compression. Patch from
dhill, who attributes it to "OpenBSD". Fixes bug 12602; bugfix on
0.2.1.1-alpha, which introduced this turn-compression-off code.
---
changes/bug12602 | 5 +++++
src/common/tortls.c | 2 ++
2 files changed, 7 insertions(+)
diff --git a/changes/bug12602 b/changes/bug12602
new file mode 100644
index 0000000..29fa49a
--- /dev/null
+++ b/changes/bug12602
@@ -0,0 +1,5 @@
+ o Minor bugfixes (portability):
+ - Compile correctly with builds and forks of OpenSSL (such as
+ LibreSSL) that disable compression. Fixes bug 12602; bugfix on
+ 0.2.1.1-alpha. Patch from "dhill".
+
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 8f3f6a7..751856d 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1345,10 +1345,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
SSL_CTX_set_options(result->ctx,
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
}
+#ifndef OPENSSL_NO_COMP
/* Don't actually allow compression; it uses ram and time, but the data
* we transmit is all encrypted anyway. */
if (result->ctx->comp_methods)
result->ctx->comp_methods = NULL;
+#endif
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
More information about the tor-commits
mailing list