[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
Rosen Penev
rosenp at gmail.com
Tue Nov 20 08:24:41 AEDT 2018
OpenSSL 1.1.0 has deprecated this function.
---
configure.ac | 1 +
openbsd-compat/openssl-compat.c | 2 ++
openbsd-compat/openssl-compat.h | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/configure.ac b/configure.ac
index 3f7fe2cd..db2aade8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then
])
# LibreSSL/OpenSSL 1.1x API
AC_CHECK_FUNCS([ \
+ OpenSSL_add_all_algorithms \
OPENSSL_init_crypto \
DH_get0_key \
DH_get0_pqg \
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 5ade8f0b..71e049bd 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -70,7 +70,9 @@ ssh_compatible_openssl(long headerver, long libver)
void
ssh_OpenSSL_add_all_algorithms(void)
{
+#ifdef HAVE_OPENSSL_ADD_ALL_ALGORITHMS
OpenSSL_add_all_algorithms();
+#endif
/* Enable use of crypto hardware */
ENGINE_load_builtin_engines();
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index b87ce59e..3ebdcca1 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -113,6 +113,10 @@ void ssh_OpenSSL_add_all_algorithms(void);
#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
+#if !defined(USE_OPENSSL_ENGINE) && !defined(HAVE_OPENSSL_ADD_ALL_ALGORITHMS)
+# define OpenSSL_add_all_algorithms
+#endif
+
/* LibreSSL/OpenSSL 1.1x API compat */
#ifndef HAVE_DSA_GET0_PQG
void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
--
2.19.1
More information about the openssh-unix-dev
mailing list