- (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old

OpenSSL; ok tim
author: djm <djm> 2006-03-16 07:22:18 +0000
committer: djm <djm> 2006-03-16 07:22:18 +0000
commit: 2519bf979ba797888d9cb01ea14bc3f44dc84994 (patch)
tree: 7e5bb2ef74651da3b55c6989faf8ef8224d8b41d /kex.c
parent: 6ad7e512d2a843af39508749f4713d83aaa5d19f (diff)
download: openssh-2519bf979ba797888d9cb01ea14bc3f44dc84994.tar.gz
1 files changed, 6 insertions, 4 deletions
diff --git a/kex.c b/kex.c
index 8610a7da..23d8d292 100644
--- a/kex.c
+++ b/kex.c
@@ -44,12 +44,12 @@ RCSID("$OpenBSD: kex.c,v 1.66 2006/03/07 09:07:40 djm Exp $");
 
 #define KEX_COOKIE_LEN	16
 
-#if OPENSSL_VERSION_NUMBER < 0x00907000L
-# define evp_ssh_sha256() NULL
-#elif defined(HAVE_EVP_SHA256)
+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+# if defined(HAVE_EVP_SHA256)
 # define evp_ssh_sha256 EVP_sha256
-#else
+# else
 extern const EVP_MD *evp_ssh_sha256(void);
+# endif
 #endif
 
 /* prototype */
@@ -309,9 +309,11 @@ choose_kex(Kex *k, char *client, char *server)
 	} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
 		k->kex_type = KEX_DH_GEX_SHA1;
 		k->evp_md = EVP_sha1();
+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
 	} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
 		k->kex_type = KEX_DH_GEX_SHA256;
 		k->evp_md = evp_ssh_sha256();
+#endif
 	} else
 		fatal("bad kex alg %s", k->name);
 }
author	djm <djm>	2006-03-16 07:22:18 +0000
committer	djm <djm>	2006-03-16 07:22:18 +0000
commit	2519bf979ba797888d9cb01ea14bc3f44dc84994 (patch)
tree	7e5bb2ef74651da3b55c6989faf8ef8224d8b41d /kex.c
parent	6ad7e512d2a843af39508749f4713d83aaa5d19f (diff)
download	openssh-2519bf979ba797888d9cb01ea14bc3f44dc84994.tar.gz