5 files changed, 62 insertions, 32 deletions
diff --git a/changes/readable_ssl_versions b/changes/readable_ssl_versions
new file mode 100644
index 000000000..f34998c08
--- /dev/null
+++ b/changes/readable_ssl_versions
@@ -0,0 +1,6 @@
+  o Code simplification and refactoring:
+    - Use macros to indicate OpenSSL versions, so we don't need to worry
+      about accidental hexadecimal bit shifts.
+    - Remove some workaround code for OpenSSL 0.9.6, which is no longer
+      supported.
+
diff --git a/src/common/aes.c b/src/common/aes.c
index 9487cdd51..5791e6676 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -17,7 +17,8 @@
 #include <openssl/aes.h>
 #include <openssl/evp.h>
 #include <openssl/engine.h>
-#if OPENSSL_VERSION_NUMBER >= 0x1000001fL
+#include "crypto.h"
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V(1,0,0,'a')
 /* See comments about which counter mode implementation to use below. */
 #include <openssl/modes.h>
 #define USE_OPENSSL_CTR
diff --git a/src/common/crypto.c b/src/common/crypto.c
index d1d823da7..35d6dfadc 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -60,7 +60,7 @@
 #include "container.h"
 #include "compat.h"
 
-#if OPENSSL_VERSION_NUMBER < 0x00907000l
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,7)
 #error "We require OpenSSL >= 0.9.7"
 #endif
 
@@ -72,7 +72,7 @@
 /** Longest recognized */
 #define MAX_DNS_LABEL_SIZE 63
 
-#if OPENSSL_VERSION_NUMBER < 0x00908000l
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,8)
 /** @{ */
 /** On OpenSSL versions before 0.9.8, there is no working SHA256
  * implementation, so we use Tom St Denis's nice speedy one, slightly adapted
@@ -452,7 +452,7 @@ crypto_pk_generate_key_with_bits(crypto_pk_env_t *env, int bits)
 
   if (env->key)
     RSA_free(env->key);
-#if OPENSSL_VERSION_NUMBER < 0x00908000l
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,8)
   /* In OpenSSL 0.9.7, RSA_generate_key is all we have. */
   env->key = RSA_generate_key(bits, 65537, NULL, NULL);
 #else
@@ -1723,7 +1723,7 @@ crypto_hmac_sha256(char *hmac_out,
                    const char *key, size_t key_len,
                    const char *msg, size_t msg_len)
 {
-#if (OPENSSL_VERSION_NUMBER >= 0x00908000l)
+#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(0,9,8)
   /* If we've got OpenSSL >=0.9.8 we can use its hmac implementation. */
   tor_assert(key_len < INT_MAX);
   tor_assert(msg_len < INT_MAX);
@@ -2360,13 +2360,6 @@ crypto_dh_free(crypto_dh_env_t *dh)
  * work for us too. */
 #define ADD_ENTROPY 32
 
-/** True iff we should use OpenSSL's RAND_poll function to add entropy to its
- * pool.
- *
- * Use RAND_poll if OpenSSL is 0.9.6 release or later.  (The "f" means
- *"release".)  */
-#define HAVE_RAND_POLL (OPENSSL_VERSION_NUMBER >= 0x0090600fl)
-
 /** True iff it's safe to use RAND_poll after setup.
  *
  * Versions of OpenSSL prior to 0.9.7k and 0.9.8c had a bug where RAND_poll
@@ -2374,9 +2367,9 @@ crypto_dh_free(crypto_dh_env_t *dh)
  * that fd without checking whether it fit in the fd_set.  Thus, if the
  * system has not just been started up, it is unsafe to call */
 #define RAND_POLL_IS_SAFE                       \
-  ((OPENSSL_VERSION_NUMBER >= 0x009070afl &&    \
-    OPENSSL_VERSION_NUMBER <= 0x00907fffl) ||   \
-   (OPENSSL_VERSION_NUMBER >= 0x0090803fl))
+  ((OPENSSL_VERSION_NUMBER >= OPENSSL_V(0,9,7,'j') &&        \
+    OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,8)) ||     \
+   OPENSSL_VERSION_NUMBER >= OPENSSL_V(0,9,8,'c'))
 
 /** Set the seed of the weak RNG to a random value. */
 static void
@@ -2410,8 +2403,7 @@ crypto_seed_rng(int startup)
   size_t n;
 #endif
 
-#if HAVE_RAND_POLL
-  /* OpenSSL 0.9.6 adds a RAND_poll function that knows about more kinds of
+  /* OpenSSL has a RAND_poll function that knows about more kinds of
    * entropy than we do.  We'll try calling that, *and* calling our own entropy
    * functions.  If one succeeds, we'll accept the RNG as seeded. */
   if (startup || RAND_POLL_IS_SAFE) {
@@ -2419,7 +2411,6 @@ crypto_seed_rng(int startup)
     if (rand_poll_status == 0)
       log_warn(LD_CRYPTO, "RAND_poll() failed.");
   }
-#endif
 
 #ifdef MS_WINDOWS
   if (!provider_set) {
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 771c49c2d..478365444 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -16,6 +16,38 @@
 #include <stdio.h>
 #include "torint.h"
 
+/*
+  Macro to create an arbitrary OpenSSL version number as used by
+  OPENSSL_VERSION_NUMBER or SSLeay(), since the actual numbers are a bit hard
+  to read.
+
+  Don't use this directly, instead use one of the other OPENSSL_V macros
+  below.
+
+  The format is: 4 bits major, 8 bits minor, 8 bits fix, 8 bits patch, 4 bit
+  status.
+ */
+#define OPENSSL_VER(a,b,c,d,e)                                \
+  (((a)<<28) |                                                \
+   ((b)<<20) |                                                \
+   ((c)<<12) |                                                \
+   ((d)<< 4) |                                                \
+    (e))
+/** An openssl release number.  For example, OPENSSL_V(0,9,8,'j') is the
+ * version for the released version of 0.9.8j */
+#define OPENSSL_V(a,b,c,d) \
+  OPENSSL_VER((a),(b),(c),(d)-'a'+1,0xf)
+/** An openssl release number for the first release in the series.  For
+ * example, OPENSSL_V_NOPATCH(1,0,0) is the first released version of OpenSSL
+ * 1.0.0. */
+#define OPENSSL_V_NOPATCH(a,b,c) \
+  OPENSSL_VER((a),(b),(c),0,0xf)
+/** The first version that would occur for any alpha or beta in an openssl
+ * series. For example, OPENSSL_V_SERIES(0,9,8) is greater than any released
+ * 0.9.7, and less than any released 0.9.8. */
+#define OPENSSL_V_SERIES(a,b,c) \
+  OPENSSL_VER((a),(b),(c),0,0)
+
 /** Length of the output of our message digest. */
 #define DIGEST_LEN 20
 /** Length of the output of our second (improved) message digests.  (For now
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 832f74418..834e5f182 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -44,10 +44,6 @@
 #include <openssl/bio.h>
 #include <openssl/opensslv.h>
 
-#if OPENSSL_VERSION_NUMBER < 0x00907000l
-#error "We require OpenSSL >= 0.9.7"
-#endif
-
 #ifdef USE_BUFFEREVENTS
 #include <event2/bufferevent_ssl.h>
 #include <event2/buffer.h>
@@ -65,6 +61,10 @@
 #include "container.h"
 #include <string.h>
 
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,7)
+#error "We require OpenSSL >= 0.9.7"
+#endif
+
 /* Enable the "v2" TLS handshake.
  */
 #define V2_HANDSHAKE_SERVER
@@ -79,9 +79,9 @@
 
 #define ADDR(tls) (((tls) && (tls)->address) ? tls->address : "peer")
 
-#if (OPENSSL_VERSION_NUMBER  <  0x0090813fL ||    \
-     (OPENSSL_VERSION_NUMBER >= 0x00909000L &&    \
-      OPENSSL_VERSION_NUMBER <  0x1000006fL))
+#if (OPENSSL_VERSION_NUMBER  <  OPENSSL_V(0,9,8,'s') ||         \
+     (OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(0,9,9) &&      \
+      OPENSSL_VERSION_NUMBER <  OPENSSL_V(1,0,0,'f')))
 /* This is a version of OpenSSL before 0.9.8s/1.0.0f. It does not have
  * the CVE-2011-4657 fix, and as such it can't use RELEASE_BUFFERS and
  * SSL3 safely at the same time.
@@ -474,18 +474,18 @@ tor_tls_init(void)
      * program should be allowed to use renegotiation unless it first passed
      * a test of intelligence and determination.
      */
-    if (version >= 0x009080c0L && version < 0x009080d0L) {
+    if (version > OPENSSL_V(0,9,8,'k') && version <= OPENSSL_V(0,9,8,'l')) {
       log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8l; "
                  "I will try SSL3_FLAGS to enable renegotation.",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_flag = 1;
       use_unsafe_renegotiation_op = 1;
-    } else if (version >= 0x009080d0L) {
+    } else if (version > OPENSSL_V(0,9,8,'l')) {
       log_notice(LD_GENERAL, "OpenSSL %s looks like version 0.9.8m or later; "
                  "I will try SSL_OP to enable renegotiation",
                  SSLeay_version(SSLEAY_VERSION));
       use_unsafe_renegotiation_op = 1;
-    } else if (version < 0x009080c0L) {
+    } else if (version <= OPENSSL_V(0,9,8,'k')) {
       log_notice(LD_GENERAL, "OpenSSL %s [%lx] looks like it's older than "
                  "0.9.8l, but some vendors have backported 0.9.8l's "
                  "renegotiation code to earlier versions, and some have "
@@ -770,7 +770,7 @@ tor_cert_decode(const uint8_t *certificate, size_t certificate_len)
   if (certificate_len > INT_MAX)
     return NULL;
 
-#if OPENSSL_VERSION_NUMBER < 0x00908000l
+#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(0,9,8)
   /* This ifdef suppresses a type warning.  Take out this case once everybody
    * is using OpenSSL 0.9.8 or later. */
   x509 = d2i_X509(NULL, (unsigned char**)&cp, (int)certificate_len);
@@ -1177,9 +1177,9 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
 #ifdef DISABLE_SSL3_HANDSHAKE
       1 ||
 #endif
-      SSLeay()  <  0x0090813fL ||
-      (SSLeay() >= 0x00909000L &&
-       SSLeay() <  0x1000006fL)) {
+      SSLeay()  <  OPENSSL_V(0,9,8,'s') ||
+      (SSLeay() >= OPENSSL_V_SERIES(0,9,9) &&
+       SSLeay() <  OPENSSL_V(1,0,0,'f'))) {
     /* And not SSL3 if it's subject to CVE-2011-4657. */
     log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
              "might otherwise be vulnerable to CVE-2011-4657 "