commit 472c9d762e5d0aef0b032774215dc9accd26cf04
parent e47287f00ebe4179ee412ceb2e3a967bab7a4423
Author: Nick Mathewson <nickm@torproject.org>
Date: Sun, 27 Apr 2025 10:03:04 -0400
Remove HAVE_SSL_STATE and SIZEOF_SHA_CTX
HAVE_SSL_STATE is always "no"; SIZEOF_SHA_CTX is never used.
Diffstat:
2 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/configure.ac b/configure.ac
@@ -1136,15 +1136,6 @@ AC_CHECK_FUNCS([ \
TLS_method \
])
-dnl Check if OpenSSL structures are opaque
-AC_CHECK_MEMBERS([SSL.state], , ,
-[#include <openssl/ssl.h>
-])
-
-AC_CHECK_SIZEOF(SHA_CTX, , [AC_INCLUDES_DEFAULT()
-#include <openssl/sha.h>
-])
-
fi # enable_nss
dnl We will someday make KECCAK_TINY optional, but for now we still need
diff --git a/src/test/test_tortls_openssl.c b/src/test/test_tortls_openssl.c
@@ -46,15 +46,19 @@ ENABLE_GCC_WARNING("-Wredundant-decls")
#include "test/log_test_helpers.h"
#include "test/test_tortls.h"
-#ifndef HAVE_SSL_STATE
-#define OPENSSL_OPAQUE
-#endif
-
-#if defined(OPENSSL_OPAQUE) && !defined(LIBRESSL_VERSION_NUMBER)
#define SSL_STATE_STR "before SSL initialization"
-#else
-#define SSL_STATE_STR "before/accept initialization"
-#endif
+
+/* Every version and fork of OpenSSL we support now qualifies as "opaque",
+ * in that it hides the members of important structures.
+ *
+ * That's a good thing, but it means we can't run a number of older tests
+ * that require the ability to poke at OpenSSL's internals.
+ *
+ * We're retaining these tests here, rather than removing them,
+ * in case anybody wants to port them to modern OpenSSL.
+ * (Some of them are probably not worth saving, though.)
+ */
+#define OPENSSL_OPAQUE
#ifndef OPENSSL_OPAQUE
static SSL_METHOD *
