On Sun, Feb 28, 2016 at 07:12:27PM -0700, Damien Miller wrote: > OpenSSH 7.2 has just been released. It will be available from the > mirrors listed at http://www.openssh.com/ shortly. > > OpenSSH is a 100% complete SSH protocol 2.0 implementation and > includes sftp client and server support. OpenSSH also includes > transitional support for the legacy SSH 1.3 and 1.5 protocols > that may be enabled at compile-time. > > Once again, we would like to thank the OpenSSH community for their > continued support of the project, especially those who contributed > code or patches, reported bugs, tested snapshots or donated to the > project. More information on donations may be found at: > http://www.openssh.com/donations.html > > Future deprecation notice > ========================= > > We plan on retiring more legacy cryptography in a near-future > release, specifically: > > * Refusing all RSA keys smaller than 1024 bits (the current minimum > is 768 bits) > > This list reflects our current intentions, but please check the final > release notes for future releases. > > Potentially-incompatible changes > ================================ > > This release disables a number of legacy cryptographic algorithms > by default in ssh: > > * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants > and the rijndael-cbc aliases for AES. > > * MD5-based and truncated HMAC algorithms. > > These algorithms are already disabled by default in sshd. > All right can we get this openssl 1.1 ready? Looks like not too much needs to be done in cipher.h line 69 needs to be changed to EVP_CIPHER_CTX *evp; In sshkey.c replace pk->type to EVP_PKEY_type Just cipher.c we get /usr/bin/gcc -g -O2 -Wall -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -I. -I. -I/usr/contrib//include -DSSHDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/usr/contrib/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/contrib/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/contrib/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/contrib/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/contrib/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher.c -o cipher.o cipher.c: In function `cipher_init': cipher.c:329: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type cipher.c:331: warning: passing arg 1 of `EVP_CipherInit' from incompatible pointer type cipher.c:337: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c:341: warning: passing arg 1 of `EVP_CIPHER_CTX_key_length' from incompatible pointer type cipher.c:343: warning: passing arg 1 of `EVP_CIPHER_CTX_set_key_length' from incompatible pointer type cipher.c:348: warning: passing arg 1 of `EVP_CipherInit' from incompatible pointer type cipher.c:360: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type cipher.c:367: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type cipher.c: In function `cipher_crypt': cipher.c:414: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c:419: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c:424: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type cipher.c:431: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type cipher.c:435: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type cipher.c:440: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c: In function `cipher_cleanup': cipher.c:471: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type cipher.c: In function `cipher_get_keyiv_len': cipher.c:518: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type cipher.c: In function `cipher_get_keyiv': cipher.c:550: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type cipher.c:564: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c:567: request for member `iv' in something not a structure or union cipher.c: In function `cipher_set_keyiv': cipher.c:598: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type cipher.c:604: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type cipher.c:607: request for member `iv' in something not a structure or union cipher.c: In function `cipher_get_keycontext': cipher.c:633: request for member `cipher' in something not a structure or union cipher.c:636: request for member `cipher_data' in something not a structure or union cipher.c: In function `cipher_set_keycontext': cipher.c:652: request for member `cipher' in something not a structure or union cipher.c:653: request for member `cipher_data' in something not a structure or union *** Error code 1 Stop. Looks like change in evp.h are the source of these errors. -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Broadcasting the truth for 25 years _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev