[PATCH] cipher: fix dhgex for non-GCM ciphers for OpenSSL 3.0

Marc Kleine-Budde mkl at pengutronix.de
Thu Dec 10 18:43:53 AEDT 2020

On 12/10/20 12:29 AM, Damien Miller wrote:
>> Are you interested in another take on a patch to fix OpenSSH with the current
>> OpenSSL-3.0?
> It looks like OpenSSL are considering renaming the API. I think we can wait
> for them to make up their minds before proceeding. If the go ahead with
> the plan to rename EVP_CIPHER_CTX_get_iv_state to get_running_iv then the
> fix will be a single #define in one of our compat headers AFAIK.

Yes, but the name of EVP_CIPHER_CTX_get_iv_state(),
EVP_CIPHER_CTX_get_running_iv() or something else is not the only problem. The
other problem is the going-to-be-renamed OpenSSL function EVP_CIPHER_CTX_get_iv().

See my patch on trying to work around this with the current situation:



Pengutronix e.K.                 | Marc Kleine-Budde           |
Embedded Linux                   | https://www.pengutronix.de  |
Vertretung West/Dortmund         | Phone: +49-231-2826-924     |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-5555 |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20201210/580e9001/attachment.asc>

More information about the openssh-unix-dev mailing list