Re: Call for testing: OpenSSH 7.9

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Thu, 2018-10-11 at 14:54 +1100, Damien Miller wrote:
> Hi,
> 
> OpenSSH 7.9p1 is almost ready for release, so we would appreciate
> testing
> on as many platforms and systems as possible. This is a bugfix
> release.

The latest snapshot is still using OPENSSL_config() which was
deprecated in OpenSSL 1.1.0:

openssl-compat.c: In function 'ssh_OpenSSL_add_all_algorithms':
openssl-compat.c:78:2: warning: 'OPENSSL_config' is deprecated [-
Wdeprecated-declarations]
  OPENSSL_config(NULL);
  ^~~~~~~~~~~~~~
In file included from /usr/include/openssl/opensslconf.h:42,
                 from /usr/include/openssl/engine.h:19,
                 from openssl-compat.c:26:
/usr/include/openssl/conf.h:92:1: note: declared here
 DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
 ^~~~~~~~~~~~~~~~~~


Something like this can be used to properly initialize new OpenSSL
versions:


@@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, long libver)
 void
 ssh_OpenSSL_add_all_algorithms(void)
 {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	OpenSSL_add_all_algorithms();
 
 	/* Enable use of crypto hardware */
 	ENGINE_load_builtin_engines();
+#if OPENSSL_VERSION_NUMBER < 0x10001000L
 	ENGINE_register_all_complete();
+#endif
 	OPENSSL_config(NULL);
+#else
+	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS |
+	    OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG,
NULL);
+#endif
 }
 #endif


Regards,
-- 
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux