[Bug 138] Incorrect OpenSSL version requirment?
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Mar 9 04:35:11 EST 2002
http://bugzilla.mindrot.org/show_bug.cgi?id=138
markus at openbsd.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From markus at openbsd.org 2002-03-09 04:35 -------
what happens if you additionally replace
cipher_init from cipher.c with
void
cipher_init(CipherContext *cc, Cipher *cipher,
const u_char *key, u_int keylen, const u_char *iv, u_int ivlen,
int encrypt)
{
static int dowarn = 1;
EVP_CIPHER *type;
int klen;
if (cipher->number == SSH_CIPHER_DES) {
if (dowarn) {
error("Warning: use of DES is strongly discouraged "
"due to cryptographic weaknesses");
dowarn = 0;
}
if (keylen > 8)
keylen = 8;
}
cc->plaintext = (cipher->number == SSH_CIPHER_NONE);
if (keylen < cipher->key_len)
fatal("cipher_init: key length %d is insufficient for %s.",
keylen, cipher->name);
if (iv != NULL && ivlen < cipher->block_size)
fatal("cipher_init: iv length %d is insufficient for %s.",
ivlen, cipher->name);
cc->cipher = cipher;
type = (*cipher->evptype)();
if (type->key_len < cipher->key_len)
type->key_len = cipher->key_len;
EVP_CIPHER_CTX_init(&cc->evp);
EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv,
(encrypt == CIPHER_ENCRYPT));
}
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list