On Thu, 2018-10-11 at 14:54 +1100, Damien Miller wrote: > Hi, > > OpenSSH 7.9p1 is almost ready for release, so we would appreciate > testing > on as many platforms and systems as possible. This is a bugfix > release. The latest snapshot is still using OPENSSL_config() which was deprecated in OpenSSL 1.1.0: openssl-compat.c: In function 'ssh_OpenSSL_add_all_algorithms': openssl-compat.c:78:2: warning: 'OPENSSL_config' is deprecated [- Wdeprecated-declarations] OPENSSL_config(NULL); ^~~~~~~~~~~~~~ In file included from /usr/include/openssl/opensslconf.h:42, from /usr/include/openssl/engine.h:19, from openssl-compat.c:26: /usr/include/openssl/conf.h:92:1: note: declared here DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name)) ^~~~~~~~~~~~~~~~~~ Something like this can be used to properly initialize new OpenSSL versions: @@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, long libver) void ssh_OpenSSL_add_all_algorithms(void) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L OpenSSL_add_all_algorithms(); /* Enable use of crypto hardware */ ENGINE_load_builtin_engines(); +#if OPENSSL_VERSION_NUMBER < 0x10001000L ENGINE_register_all_complete(); +#endif OPENSSL_config(NULL); +#else + OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS | + OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); +#endif } #endif Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev