Tor  0.4.7.0-alpha-dev
crypto_openssl_mgt.h
Go to the documentation of this file.
1 /* Copyright (c) 2001, Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file crypto_openssl_mgt.h
9  *
10  * \brief Headers for crypto_openssl_mgt.c
11  **/
12 
13 #ifndef TOR_CRYPTO_OPENSSL_H
14 #define TOR_CRYPTO_OPENSSL_H
15 
16 #include "orconfig.h"
17 
18 #ifdef ENABLE_OPENSSL
19 #include <openssl/opensslv.h>
20 /*
21  Macro to create an arbitrary OpenSSL version number as used by
22  OPENSSL_VERSION_NUMBER or SSLeay(), since the actual numbers are a bit hard
23  to read.
24 
25  Don't use this directly, instead use one of the other OPENSSL_V macros
26  below.
27 
28  The format is: 4 bits major, 8 bits minor, 8 bits fix, 8 bits patch, 4 bit
29  status.
30  */
31 #define OPENSSL_VER(a,b,c,d,e) \
32  (((a)<<28) | \
33  ((b)<<20) | \
34  ((c)<<12) | \
35  ((d)<< 4) | \
36  (e))
37 /** An openssl release number. For example, OPENSSL_V(0,9,8,'j') is the
38  * version for the released version of 0.9.8j */
39 #define OPENSSL_V(a,b,c,d) \
40  OPENSSL_VER((a),(b),(c),(d)-'a'+1,0xf)
41 /** An openssl release number for the first release in the series. For
42  * example, OPENSSL_V_NOPATCH(1,0,0) is the first released version of OpenSSL
43  * 1.0.0. */
44 #define OPENSSL_V_NOPATCH(a,b,c) \
45  OPENSSL_VER((a),(b),(c),0,0xf)
46 /** The first version that would occur for any alpha or beta in an openssl
47  * series. For example, OPENSSL_V_SERIES(0,9,8) is greater than any released
48  * 0.9.7, and less than any released 0.9.8. */
49 #define OPENSSL_V_SERIES(a,b,c) \
50  OPENSSL_VER((a),(b),(c),0,0)
51 
52 #ifdef OPENSSL_NO_ENGINE
53 /* Android's OpenSSL seems to have removed all of its Engine support. */
54 #define DISABLE_ENGINES
55 #endif
56 
57 #if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && \
58  !defined(LIBRESSL_VERSION_NUMBER)
59 /* OpenSSL as of 1.1.0pre4 has an "new" thread API, which doesn't require
60  * setting up various callbacks.
61  *
62  * OpenSSL 1.1.0pre4 has a messed up `ERR_remove_thread_state()` prototype,
63  * while the previous one was restored in pre5, and the function made a no-op
64  * (along with a deprecated annotation, which produces a compiler warning).
65  *
66  * While it is possible to support all three versions of the thread API,
67  * a version that existed only for one snapshot pre-release is kind of
68  * pointless, so let's not.
69  */
70 #define NEW_THREAD_API
71 #endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && ... */
72 
73 void crypto_openssl_log_errors(int severity, const char *doing);
74 
75 /* global openssl state */
76 const char * crypto_openssl_get_version_str(void);
77 const char * crypto_openssl_get_header_version_str(void);
78 
79 void crypto_openssl_early_init(void);
80 int crypto_openssl_late_init(int useAccel, const char *accelName,
81  const char *accelDir);
82 
85 
86 #endif /* defined(ENABLE_OPENSSL) */
87 
88 #endif /* !defined(TOR_CRYPTO_OPENSSL_H) */
void crypto_openssl_early_init(void)
void crypto_openssl_thread_cleanup(void)
int crypto_openssl_late_init(int useAccel, const char *accelName, const char *accelDir)
void crypto_openssl_global_cleanup(void)
void crypto_openssl_log_errors(int severity, const char *doing)