8581151d51
Fixes CVE-2021-38385: https://blog.torproject.org/node/2062 Rebased patch 0001. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
95 lines
3.7 KiB
Diff
95 lines
3.7 KiB
Diff
From ba6b8ee5b6dee19493a150c3715b0e202440d206 Mon Sep 17 00:00:00 2001
|
|
From: Bernd Kuhls <bernd.kuhls@t-online.de>
|
|
Date: Thu, 24 Jan 2019 18:19:51 +0100
|
|
Subject: [PATCH] Fix static linking with OpenSSL
|
|
|
|
Adjust link order of libz to solve bug with static linking
|
|
and remove host paths when looking for openssl.
|
|
|
|
[Vincent:
|
|
- Adapt the patch to make it apply on the new version.]
|
|
[Bernd: rebased for tor-0.2.7.6, 0.2.8.10, 0.2.9.9, 0.3.1.7, 0.3.2.10,
|
|
0.3.4.8, 0.3.5.7, 0.4.4.5, 0.4.5.6 & 0.4.6.7]
|
|
[Fabrice: fix detection of openssl functions in 0.3.5.8]
|
|
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
|
|
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
|
|
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|
---
|
|
configure.ac | 4 ++--
|
|
src/test/include.am | 8 ++++----
|
|
src/tools/include.am | 4 ++--
|
|
4 files changed, 9 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
index 05e1392cf..580befa6b 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -1074,7 +1074,7 @@ AC_ARG_WITH(ssl-dir,
|
|
])
|
|
|
|
AC_MSG_NOTICE([Now, we'll look for OpenSSL >= 1.0.1])
|
|
-TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI $TOR_LIB_WS32 $TOR_LIB_CRYPT32],
|
|
+TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto -lz $TOR_LIB_GDI $TOR_LIB_WS32 $TOR_LIB_CRYPT32],
|
|
[#include <openssl/ssl.h>
|
|
char *getenv(const char *);],
|
|
[struct ssl_cipher_st;
|
|
@@ -1104,7 +1104,7 @@ dnl Now check for particular openssl functions.
|
|
save_LIBS="$LIBS"
|
|
save_LDFLAGS="$LDFLAGS"
|
|
save_CPPFLAGS="$CPPFLAGS"
|
|
-LIBS="$TOR_OPENSSL_LIBS $LIBS"
|
|
+LIBS="$TOR_OPENSSL_LIBS -lz $LIBS"
|
|
LDFLAGS="$TOR_LDFLAGS_openssl $LDFLAGS"
|
|
CPPFLAGS="$TOR_CPPFLAGS_openssl $CPPFLAGS"
|
|
|
|
diff --git a/src/test/include.am b/src/test/include.am
|
|
index ecb768957..39a622e88 100644
|
|
--- a/src/test/include.am
|
|
+++ b/src/test/include.am
|
|
@@ -399,8 +399,8 @@ src_test_test_ntor_cl_LDFLAGS = @TOR_LDFLAGS_zlib@ $(TOR_LDFLAGS_CRYPTLIB)
|
|
src_test_test_ntor_cl_LDADD = \
|
|
libtor.a \
|
|
$(rust_ldadd) \
|
|
- @TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \
|
|
- $(TOR_LIBS_CRYPTLIB) @TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ \
|
|
+ @TOR_LIB_MATH@ \
|
|
+ $(TOR_LIBS_CRYPTLIB) @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ \
|
|
@CURVE25519_LIBS@ @TOR_LZMA_LIBS@ @TOR_TRACE_LIBS@
|
|
src_test_test_ntor_cl_AM_CPPFLAGS = \
|
|
$(AM_CPPFLAGS)
|
|
@@ -409,8 +409,8 @@
|
|
src_test_test_hs_ntor_cl_LDFLAGS = @TOR_LDFLAGS_zlib@ $(TOR_LDFLAGS_CRYPTLIB)
|
|
src_test_test_hs_ntor_cl_LDADD = \
|
|
libtor.a \
|
|
- @TOR_ZLIB_LIBS@ @TOR_LIB_MATH@ \
|
|
- $(TOR_LIBS_CRYPTLIB) @TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@ \
|
|
+ @TOR_LIB_MATH@ \
|
|
+ $(TOR_LIBS_CRYPTLIB) @TOR_ZLIB_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@ \
|
|
@CURVE25519_LIBS@ @TOR_TRACE_LIBS@
|
|
src_test_test_hs_ntor_cl_AM_CPPFLAGS = \
|
|
$(AM_CPPFLAGS)
|
|
diff --git a/src/tools/include.am b/src/tools/include.am
|
|
index f7aa7e0d1..4c4e8aa7a 100644
|
|
--- a/src/tools/include.am
|
|
+++ b/src/tools/include.am
|
|
@@ -35,7 +35,7 @@ src_tools_tor_gencert_LDADD = \
|
|
$(TOR_CRYPTO_LIBS) \
|
|
$(TOR_UTIL_LIBS) \
|
|
$(rust_ldadd) \
|
|
- @TOR_LIB_MATH@ @TOR_ZLIB_LIBS@ $(TOR_LIBS_CRYPTLIB) \
|
|
+ @TOR_LIB_MATH@ $(TOR_LIBS_CRYPTLIB) @TOR_ZLIB_LIBS@ \
|
|
@TOR_LIB_WS32@ @TOR_LIB_IPHLPAPI@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@ @TOR_LIB_USERENV@ @CURVE25519_LIBS@
|
|
endif
|
|
|
|
@@ -45,7 +45,7 @@ src_tools_tor_print_ed_signing_cert_LDADD = \
|
|
src/trunnel/libor-trunnel.a \
|
|
$(TOR_CRYPTO_LIBS) \
|
|
$(TOR_UTIL_LIBS) \
|
|
- @TOR_LIB_MATH@ $(TOR_LIBS_CRYPTLIB) \
|
|
+ @TOR_LIB_MATH@ $(TOR_LIBS_CRYPTLIB) @TOR_ZLIB_LIBS@ \
|
|
@TOR_LIB_WS32@ @TOR_LIB_USERENV@ @TOR_LIB_SHLWAPI@ @TOR_LIB_GDI@
|
|
|
|
if USE_NSS
|
|
--
|
|
2.20.1
|