Call for testing: OpenSSH 7.9
Jakub Jelen
jjelen at redhat.com
Sat Oct 13 00:47:57 AEDT 2018
On Thu, 2018-10-11 at 14:54 +1100, Damien Miller wrote:
> Hi,
>
> OpenSSH 7.9p1 is almost ready for release, so we would appreciate
> testing
> on as many platforms and systems as possible. This is a bugfix
> release.
The latest snapshot is still using OPENSSL_config() which was
deprecated in OpenSSL 1.1.0:
openssl-compat.c: In function 'ssh_OpenSSL_add_all_algorithms':
openssl-compat.c:78:2: warning: 'OPENSSL_config' is deprecated [-
Wdeprecated-declarations]
OPENSSL_config(NULL);
^~~~~~~~~~~~~~
In file included from /usr/include/openssl/opensslconf.h:42,
from /usr/include/openssl/engine.h:19,
from openssl-compat.c:26:
/usr/include/openssl/conf.h:92:1: note: declared here
DEPRECATEDIN_1_1_0(void OPENSSL_config(const char *config_name))
^~~~~~~~~~~~~~~~~~
Something like this can be used to properly initialize new OpenSSL
versions:
@@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, long libver)
void
ssh_OpenSSL_add_all_algorithms(void)
{
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
OpenSSL_add_all_algorithms();
/* Enable use of crypto hardware */
ENGINE_load_builtin_engines();
+#if OPENSSL_VERSION_NUMBER < 0x10001000L
ENGINE_register_all_complete();
+#endif
OPENSSL_config(NULL);
+#else
+ OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_DIGESTS |
+ OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG,
NULL);
+#endif
}
#endif
Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
More information about the openssh-unix-dev
mailing list