[Bug 3873] New: Don't include an unused EVP_CIPHER_CTX_get_iv() stub
    bugzilla-daemon at mindrot.org 
    bugzilla-daemon at mindrot.org
       
    Tue Oct  7 05:44:57 AEDT 2025
    
    
  
https://bugzilla.mindrot.org/show_bug.cgi?id=3873
            Bug ID: 3873
           Summary: Don't include an unused EVP_CIPHER_CTX_get_iv() stub
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: FreeBSD
            Status: NEW
          Severity: trivial
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jlduran at gmail.com
Created attachment 3902
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3902&action=edit
FreeBSD patch
Obtained from FreeBSD, verbatim commit message:
This stub isn't actually used on modern versions of OpenSSL for which
OpenSSH uses EVP_CIPHER_CTX_get_updated_iv instead via a wrapper macro.
However, the wrapper macro conflicted with the existing namespace
macro triggering an error on GCC:
In file included from crypto/openssh/sshd-session.c:65:
crypto/openssh/openbsd-compat/openssl-compat.h:71:11: error:
"EVP_CIPHER_CTX_get_iv" redefined [-Werror]
   71 | #  define EVP_CIPHER_CTX_get_iv EVP_CIPHER_CTX_get_updated_iv
      |           ^~~~~~~~~~~~~~~~~~~~~
In file included from <command-line>:
crypto/openssh/ssh_namespace.h:12:9: note: this is the location of the
previous definition
   12 | #define EVP_CIPHER_CTX_get_iv                  
Fssh_EVP_CIPHER_CTX_get_iv
      |         ^~~~~~~~~~~~~~~~~~~~~
The error was masked on clang due to MIT krb5 adding a blanket
-Wno-macro-redefined.  Building sshd-session without Kerberos support
was sufficient to trigger a warning from clang.
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
    
    
More information about the openssh-bugs
mailing list