[tor-commits] [tor/release-0.4.0] Do not warn about compatible OpenSSL upgrades

teor at torproject.org teor at torproject.org
Mon Aug 12 03:13:20 UTC 2019


commit 8c4e68438dd680b6b36f9b337b12d098b08db9d8
Author: Bernhard M. Wiedemann <bwiedemann at suse.de>
Date:   Mon Apr 15 13:57:24 2019 +0200

    Do not warn about compatible OpenSSL upgrades
    
    When releasing OpenSSL patch-level maintenance updates,
    we do not want to rebuild binaries using it.
    And since they guarantee ABI stability, we do not have to.
    
    Without this patch, warning messages were produced
    that confused users:
    https://bugzilla.opensuse.org/show_bug.cgi?id=1129411
    
    Fixes bug 30190; bugfix on 0.2.4.2-alpha commit 7607ad2bec
    
    Signed-off-by: Bernhard M. Wiedemann <bwiedemann at suse.de>
---
 changes/bug30190                       | 3 +++
 src/lib/crypt_ops/crypto_openssl_mgt.c | 8 ++++++++
 2 files changed, 11 insertions(+)

diff --git a/changes/bug30190 b/changes/bug30190
new file mode 100644
index 000000000..e2352c3b9
--- /dev/null
+++ b/changes/bug30190
@@ -0,0 +1,3 @@
+  o Minor bugfixes (lib):
+    do not log a warning for OpenSSL versions that should be compatible
+    Fixes bug 30190; bugfix on 0.2.4.2-alpha
diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.c b/src/lib/crypt_ops/crypto_openssl_mgt.c
index 60e4ea795..c97815f9a 100644
--- a/src/lib/crypt_ops/crypto_openssl_mgt.c
+++ b/src/lib/crypt_ops/crypto_openssl_mgt.c
@@ -213,6 +213,14 @@ crypto_openssl_early_init(void)
         !strcmp(version_str, OPENSSL_VERSION_TEXT)) {
       log_info(LD_CRYPTO, "OpenSSL version matches version from headers "
                  "(%lx: %s).", version_num, version_str);
+    } else if ((version_num & 0xffff0000) ==
+               (OPENSSL_VERSION_NUMBER & 0xffff0000)) {
+      log_notice(LD_CRYPTO,
+               "We compiled with OpenSSL %lx: %s and we "
+               "are running with OpenSSL %lx: %s. "
+               "These two versions should be binary compatible.",
+               (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
+               version_num, version_str);
     } else {
       log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the "
                "version we're running with. If you get weird crashes, that "





More information about the tor-commits mailing list