diff options
author | Damien Miller <djm@mindrot.org> | 2012-03-30 11:34:27 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-03-30 11:34:27 +1100 |
commit | 4d55734c16aa104afea1e446788b3bc7a53999e6 (patch) | |
tree | 3f2f86d60703afe751ce5001b6df78f464115b49 /entropy.c | |
parent | 67ccc86506212c12e60bffd9a0e924a84800cf00 (diff) | |
download | openssh-git-4d55734c16aa104afea1e446788b3bc7a53999e6.tar.gz |
- (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
openssh binaries on a newer fix release than they were compiled on.
with and ok dtucker@
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -211,9 +211,14 @@ seed_rng(void) #endif /* * OpenSSL version numbers: MNNFFPPS: major minor fix patch status - * We match major, minor, fix and status (not patch) + * We match major, minor, fix and status (not patch) for <1.0.0. + * After that, we acceptable compatible fix versions (so we + * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed + * within a patch series. */ - if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) + u_long version_mask = SSLeay() >= 0x1000000f ? ~0xffff0L : ~0xff0L; + if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) || + (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12)) fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); |