[tor-commits] [tor/release-0.2.5] Fix compilation with no-compression OpenSSL builds and forks

arma at torproject.org arma at torproject.org
Thu Jul 24 20:31:24 UTC 2014


commit 66798dfdc069ffc2ce1a9cb84529d2015dd3cd66
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Jul 17 11:25:56 2014 +0200

    Fix compilation with no-compression OpenSSL builds and forks
    
    Found because LibreSSL has OPENSSL_NO_COMP always-on, but this
    conflicts with the way that _we_ turn off compression.  Patch from
    dhill, who attributes it to "OpenBSD".  Fixes bug 12602; bugfix on
    0.2.1.1-alpha, which introduced this turn-compression-off code.
---
 changes/bug12602    |    5 +++++
 src/common/tortls.c |    2 ++
 2 files changed, 7 insertions(+)

diff --git a/changes/bug12602 b/changes/bug12602
new file mode 100644
index 0000000..29fa49a
--- /dev/null
+++ b/changes/bug12602
@@ -0,0 +1,5 @@
+  o Minor bugfixes (portability):
+    - Compile correctly with builds and forks of OpenSSL (such as
+      LibreSSL) that disable compression. Fixes bug 12602; bugfix on
+      0.2.1.1-alpha. Patch from "dhill".
+
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 8f3f6a7..751856d 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1345,10 +1345,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
     SSL_CTX_set_options(result->ctx,
                         SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
   }
+#ifndef OPENSSL_NO_COMP
   /* Don't actually allow compression; it uses ram and time, but the data
    * we transmit is all encrypted anyway. */
   if (result->ctx->comp_methods)
     result->ctx->comp_methods = NULL;
+#endif
 #ifdef SSL_MODE_RELEASE_BUFFERS
   SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
 #endif





More information about the tor-commits mailing list