summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog4
-rw-r--r--configure.ac15
-rw-r--r--openbsd-compat/openssl-compat.h11
3 files changed, 26 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 5e832e7d..798f5452 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20130211
+ - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old
+ libcrypto that lacks EVP_CIPHER_CTX_ctrl
+
20130208
- (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer;
patch from Iain Morgan in bz#2059
diff --git a/configure.ac b/configure.ac
index 6df09e21..e96e81e6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.502 2013/02/08 00:50:09 dtucker Exp $
+# $Id: configure.ac,v 1.503 2013/02/10 23:39:13 djm Exp $
#
# Copyright (c) 1999-2004 Damien Miller
#
@@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.502 $)
+AC_REVISION($Revision: 1.503 $)
AC_CONFIG_SRCDIR([ssh.c])
AC_LANG([C])
@@ -2339,7 +2339,12 @@ AC_LINK_IFELSE(
#include <openssl/evp.h>
]], [[
exit(EVP_aes_128_gcm() == NULL ||
- EVP_aes_256_gcm() == NULL);
+ EVP_aes_256_gcm() == NULL ||
+ EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
+ EVP_CTRL_GCM_IV_GEN == 0 ||
+ EVP_CTRL_GCM_SET_TAG == 0 ||
+ EVP_CTRL_GCM_GET_TAG == 0 ||
+ EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
]])],
[
AC_MSG_RESULT([yes])
@@ -2351,6 +2356,10 @@ AC_LINK_IFELSE(
]
)
+AC_SEARCH_LIBS([EVP_CIPHER_CTX_ctrl], [crypto],
+ [AC_DEFINE([HAVE_EVP_CIPHER_CTX_CTRL], [1],
+ [Define if libcrypto has EVP_CIPHER_CTX_ctrl])])
+
AC_MSG_CHECKING([if EVP_DigestUpdate returns an int])
AC_LINK_IFELSE(
[AC_LANG_PROGRAM([[
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index eca62769..6c4d68de 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.22 2013/01/20 11:31:37 djm Exp $ */
+/* $Id: openssl-compat.h,v 1.23 2013/02/10 23:39:15 djm Exp $ */
/*
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -79,6 +79,15 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
# define EVP_CTRL_GCM_GET_TAG -1
#endif
+/* Replace missing EVP_CIPHER_CTX_ctrl() with something that returns failure */
+#ifndef HAVE_EVP_CIPHER_CTX_CTRL
+# ifdef OPENSSL_HAVE_EVPGCM
+# error AES-GCM enabled without EVP_CIPHER_CTX_ctrl /* shouldn't happen */
+# else
+# define EVP_CIPHER_CTX_ctrl(a,b,c,d) (0)
+# endif
+#endif
+
#if OPENSSL_VERSION_NUMBER < 0x00907000L
#define EVP_X_STATE(evp) &(evp).c
#define EVP_X_STATE_LEN(evp) sizeof((evp).c)
View Lorry Controller Status