diff options
| -rw-r--r-- | Makefile.in | 2 | ||||
| -rw-r--r-- | cipher-chachapoly-libcrypto.c | 3 | ||||
| -rw-r--r-- | cipher-chachapoly.c | 4 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | openbsd-compat/openssl-compat.h | 6 |
5 files changed, 15 insertions, 1 deletions
diff --git a/Makefile.in b/Makefile.in index e7549470..efbc62a4 100644 --- a/Makefile.in +++ b/Makefile.in @@ -103,7 +103,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ ssh-ed25519-sk.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o smult_curve25519_ref.o \ - poly1305.o chacha.o cipher-chachapoly.o \ + poly1305.o chacha.o cipher-chachapoly.o cipher-chachapoly-libcrypto.o \ ssh-ed25519.o digest-openssl.o digest-libc.o \ hmac.o sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o \ kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ diff --git a/cipher-chachapoly-libcrypto.c b/cipher-chachapoly-libcrypto.c index 960ac14c..2c0f80f2 100644 --- a/cipher-chachapoly-libcrypto.c +++ b/cipher-chachapoly-libcrypto.c @@ -18,6 +18,8 @@ #include "includes.h" +#if defined(HAVE_EVP_CHACHA20) || !defined(HAVE_BROKEN_CHACHA20) + #include <sys/types.h> #include <stdarg.h> /* needed for log.h */ #include <string.h> @@ -158,3 +160,4 @@ chachapoly_get_length(struct chachapoly_ctx *ctx, *plenp = PEEK_U32(buf); return 0; } +#endif /* defined(HAVE_EVP_CHACHA20) && !defined(HAVE_BROKEN_CHACHA20) */ diff --git a/cipher-chachapoly.c b/cipher-chachapoly.c index 42e8d40b..132cdeec 100644 --- a/cipher-chachapoly.c +++ b/cipher-chachapoly.c @@ -18,6 +18,8 @@ #include "includes.h" +#if !defined(HAVE_EVP_CHACHA20) || defined(HAVE_BROKEN_CHACHA20) + #include <sys/types.h> #include <stdarg.h> /* needed for log.h */ #include <string.h> @@ -130,3 +132,5 @@ chachapoly_get_length(struct chachapoly_ctx *ctx, *plenp = PEEK_U32(buf); return 0; } + +#endif /* !defined(HAVE_EVP_CHACHA20) || defined(HAVE_BROKEN_CHACHA20) */ diff --git a/configure.ac b/configure.ac index de6ad127..9cba9542 100644 --- a/configure.ac +++ b/configure.ac @@ -2804,6 +2804,7 @@ if test "x$openssl" = "xyes" ; then EVP_PKEY_get0_RSA \ EVP_MD_CTX_new \ EVP_MD_CTX_free \ + EVP_chacha20 \ ]) if test "x$openssl_engine" = "xyes" ; then diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index abdcb876..bcefd8f2 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -62,6 +62,12 @@ void ssh_libcrypto_init(void); # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 #endif +#ifdef LIBRESSL_VERSION_NUMBER +# if LIBRESSL_VERSION_NUMBER >= 0x3010000fL +# define HAVE_BROKEN_CHACHA20 +# endif +#endif + #ifndef OPENSSL_HAVE_EVPCTR # define EVP_aes_128_ctr evp_aes_128_ctr # define EVP_aes_192_ctr evp_aes_128_ctr |