Announce: OpenSSH 7.2 released
The Doctor
doctor at doctor.nl2k.ab.ca
Mon Feb 29 15:20:55 AEDT 2016
On Sun, Feb 28, 2016 at 07:12:27PM -0700, Damien Miller wrote:
> OpenSSH 7.2 has just been released. It will be available from the
> mirrors listed at http://www.openssh.com/ shortly.
>
> OpenSSH is a 100% complete SSH protocol 2.0 implementation and
> includes sftp client and server support. OpenSSH also includes
> transitional support for the legacy SSH 1.3 and 1.5 protocols
> that may be enabled at compile-time.
>
> Once again, we would like to thank the OpenSSH community for their
> continued support of the project, especially those who contributed
> code or patches, reported bugs, tested snapshots or donated to the
> project. More information on donations may be found at:
> http://www.openssh.com/donations.html
>
> Future deprecation notice
> =========================
>
> We plan on retiring more legacy cryptography in a near-future
> release, specifically:
>
> * Refusing all RSA keys smaller than 1024 bits (the current minimum
> is 768 bits)
>
> This list reflects our current intentions, but please check the final
> release notes for future releases.
>
> Potentially-incompatible changes
> ================================
>
> This release disables a number of legacy cryptographic algorithms
> by default in ssh:
>
> * Several ciphers blowfish-cbc, cast128-cbc, all arcfour variants
> and the rijndael-cbc aliases for AES.
>
> * MD5-based and truncated HMAC algorithms.
>
> These algorithms are already disabled by default in sshd.
>
All right can we get this openssl 1.1 ready?
Looks like not too much needs to be done
in cipher.h
line 69 needs to be changed to
EVP_CIPHER_CTX *evp;
In sshkey.c
replace pk->type to EVP_PKEY_type
Just cipher.c
we get
/usr/bin/gcc -g -O2 -Wall -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fno-builtin-memset -I. -I. -I/usr/contrib//include -DSSHDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/usr/contrib/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/contrib/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/contrib/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/contrib/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/contrib/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher.c -o cipher.o
cipher.c: In function `cipher_init':
cipher.c:329: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type
cipher.c:331: warning: passing arg 1 of `EVP_CipherInit' from incompatible pointer type
cipher.c:337: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c:341: warning: passing arg 1 of `EVP_CIPHER_CTX_key_length' from incompatible pointer type
cipher.c:343: warning: passing arg 1 of `EVP_CIPHER_CTX_set_key_length' from incompatible pointer type
cipher.c:348: warning: passing arg 1 of `EVP_CipherInit' from incompatible pointer type
cipher.c:360: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type
cipher.c:367: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type
cipher.c: In function `cipher_crypt':
cipher.c:414: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c:419: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c:424: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type
cipher.c:431: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type
cipher.c:435: warning: passing arg 1 of `EVP_Cipher' from incompatible pointer type
cipher.c:440: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c: In function `cipher_cleanup':
cipher.c:471: warning: passing arg 1 of `EVP_CIPHER_CTX_reset' from incompatible pointer type
cipher.c: In function `cipher_get_keyiv_len':
cipher.c:518: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type
cipher.c: In function `cipher_get_keyiv':
cipher.c:550: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type
cipher.c:564: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c:567: request for member `iv' in something not a structure or union
cipher.c: In function `cipher_set_keyiv':
cipher.c:598: warning: passing arg 1 of `EVP_CIPHER_CTX_iv_length' from incompatible pointer type
cipher.c:604: warning: passing arg 1 of `EVP_CIPHER_CTX_ctrl' from incompatible pointer type
cipher.c:607: request for member `iv' in something not a structure or union
cipher.c: In function `cipher_get_keycontext':
cipher.c:633: request for member `cipher' in something not a structure or union
cipher.c:636: request for member `cipher_data' in something not a structure or union
cipher.c: In function `cipher_set_keycontext':
cipher.c:652: request for member `cipher' in something not a structure or union
cipher.c:653: request for member `cipher_data' in something not a structure or union
*** Error code 1
Stop.
Looks like change in evp.h are the source of these errors.
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
God,Queen and country!Never Satan President Republic!Beware AntiChrist rising!
http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism
Broadcasting the truth for 25 years
More information about the openssh-unix-dev
mailing list