OpenSSL 1.1.0 support

Jakub Jelen jjelen at
Wed Nov 2 20:29:55 AEDT 2016

On 11/02/2016 01:43 AM, Colin Watson wrote:
> On Sun, Sep 18, 2016 at 08:22:31PM +0200, Kurt Roeckx wrote:
>> Attached is a patch that add supports for building against OpenSSL
>> 1.1.0. I also made a github pull request for it at:
> Hi,
> Debian unstable now has OpenSSL 1.1.0 as the default, so I'll have to
> take some kind of positive action if I want my OpenSSH packages to keep
> building cleanly.  I know it's a big patch, but is anyone likely to be
> able to look at Kurt's changes soon?  I'm not very comfortable with
> applying a change of this size as a local patch.
Hello Colin,
Fedora Rawhide has already OpenSSL 1.1.0 and we use the patch based on 
the Kurt's one (after fixing initial bugs and extending for GSSAPI and 
SSH1 client support). The full Fedora patch is available in our git [1].

The current set of patches are rebased on current upstream is attached 
with few more tweaks needed to build, pass testsuite and make it work. 
The upstream review and insight would be helpful.



Jakub Jelen
Software Engineer
Security Technologies
Red Hat

-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-openssl-1.1.0.patch
Type: text/x-patch
Size: 123076 bytes
Desc: not available
URL: <>

More information about the openssh-unix-dev mailing list