Call for testing: OpenSSH-5.7

Bert Wesarg bert.wesarg at googlemail.com
Thu Jan 27 05:18:38 EST 2011 

On Fri, Jan 21, 2011 at 09:29, Darren Tucker <dtucker at zip.com.au> wrote:
> On Thu, Jan 20, 2011 at 06:20:14PM -0800, Kevin Brott wrote:
>> Hrm - that doesn't quite seem to work ...
>
> OK, I found I forgot to add the "HAVE_" in front of the symbol and I'm
> guessing that I need to include the rsa header (although I didn't need
> it on my test installation).
>
> Please try this patch.
>
> Index: configure.ac
> ===================================================================
> RCS file: /home/dtucker/openssh/cvs/openssh/configure.ac,v
> retrieving revision 1.468
> diff -u -p -r1.468 configure.ac
> --- configure.ac        19 Jan 2011 12:12:30 -0000      1.468
> +++ configure.ac        20 Jan 2011 07:04:06 -0000
> @@ -2180,7 +2180,7 @@ int main(void) { SSLeay_add_all_algorith
>        ]
>  )
>
> -AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex)
> +AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex RSA_get_default_method)
>
>  AC_ARG_WITH(ssl-engine,
>        [  --with-ssl-engine       Enable OpenSSL (hardware) ENGINE support ],
> Index: openbsd-compat/openssl-compat.c
> ===================================================================
> RCS file: /home/dtucker/openssh/cvs/openssh/openbsd-compat/openssl-compat.c,v
> retrieving revision 1.12
> diff -u -p -r1.12 openssl-compat.c
> --- openbsd-compat/openssl-compat.c     4 Dec 2010 21:46:05 -0000       1.12
> +++ openbsd-compat/openssl-compat.c     21 Jan 2011 07:53:40 -0000
> @@ -26,6 +26,10 @@
>  # include <openssl/conf.h>
>  #endif
>
> +#ifndef HAVE_RSA_GET_DEFAULT_METHOD
> +# include <openssl/rsa.h>
> +#endif
> +
>  #include "log.h"
>
>  #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
> @@ -120,6 +124,14 @@ DSA_generate_parameters_ex(DSA *dsa, int
>  }
>  #endif
>
> +#ifndef HAVE_RSA_GET_DEFAULT_METHOD
> +RSA_METHOD *
> +RSA_get_default_method(void)
> +{
> +       return RSA_PKCS1_SSLeay();
> +}
> +#endif
> +
>  #ifdef USE_OPENSSL_ENGINE
>  void
>  ssh_SSLeay_add_all_algorithms(void)
> Index: openbsd-compat/openssl-compat.h
> ===================================================================
> RCS file: /home/dtucker/openssh/cvs/openssh/openbsd-compat/openssl-compat.h,v
> retrieving revision 1.17
> diff -u -p -r1.17 openssl-compat.h
> --- openbsd-compat/openssl-compat.h     4 Dec 2010 12:20:50 -0000       1.17
> +++ openbsd-compat/openssl-compat.h     21 Jan 2011 08:02:14 -0000
> @@ -78,6 +78,10 @@ extern const EVP_CIPHER *evp_acss(void);
>  # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
>  #endif
>
> +#ifndef HAVE_RSA_GET_DEFAULT_METHOD
> +RSA_METHOD *RSA_get_default_method(void);
> +#endif

This function returns a const RSA_METHOD* on my system with
libssl-0.9.8k-7ubuntu8.5.

Bert

More information about the openssh-unix-dev mailing list