On Sunday, May 7, 2023 3:53 PM, Sebastian Andrzej Siewior wrote: >OpenSSL 3.1.0 uses the same ABI as OpenSSL 3.0.x series. Further 3.1.x release are >just stable updates and no ABI change (is expected) just like the 3.0.x series. > >Relax the version check for OpenSSL 3+ and rely on ABI compatibility. > >Signed-off-by: Sebastian Andrzej Siewior <sebastian@xxxxxxxxxxxxx> >--- > openbsd-compat/openssl-compat.c | 4 ++++ > 1 file changed, 4 insertions(+) > >diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c >index c1749210d586f..5b35253f1d19b 100644 >--- a/openbsd-compat/openssl-compat.c >+++ b/openbsd-compat/openssl-compat.c >@@ -54,6 +54,10 @@ ssh_compatible_openssl(long headerver, long libver) > return (headerver & mask) == (libver & mask); > } > >+ /* For versions > 3.0.0, we rely on upstream's ABI */ >+ if (headerver > 0x3000000f) >+ return 1; >+ Is this not already covered using the --without-openssl-header-check configuration option? --Randall _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
