LibreSSL doesn't support the ENGINE API and defines the
OPENSSL_NO_ENGINE feature flag, tor uses that feature flag, but misses
to include openssl/opensslconf.h which is necessary to pull in the
feature flags at least with LibreSSL, therefore add that include.
Details
Details
- Reviewers
yuri
Diff Detail
Diff Detail
- Repository
- R11 FreeBSD ports repository
- Lint
Lint Skipped - Unit
Tests Skipped - Build Status
Buildable 54847 Build 51736: arc lint + arc unit
Event Timeline
| security/tor/files/patch-src_lib_crypt__ops_crypto__openssl__mgt.c | ||
|---|---|---|
| 12 ↗ | (On Diff #131065) | Doesn't this #endif statement break the original code structure? |
| security/tor/files/patch-src_lib_crypt__ops_crypto__openssl__mgt.c | ||
|---|---|---|
| 12 ↗ | (On Diff #131065) | It certainly does, thanks a lot for spotting this massive brainfart. I must have misread the #else as an #endif. I'll do some more testing with the fixed logic first, to make sure I really only disable logging of what LibreSSL currently doesn't provide, then update the review accordingly. |
Comment Actions
Having another look was very helpful, turned out the few ENGINE_* calls LibreSSL *does* provide are just stubs returning NULL. Even code disabling engines based on the OPENSSL_NO_ENGINE feature flag was already there, it just didn't work because opensslconf.h was not included, which is necessary at least with LibreSSL to get the feature flags. This might even be a fix for upstream now ...