PKG_MAINTAINER:=Mislav Novakovic <mislav.novakovic@sartura.hr>
PKG_NAME:=libssh
-PKG_VERSION:=0.7.6
-PKG_RELEASE:=4
+PKG_VERSION:=0.9.3
+PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://www.libssh.org/files/0.7/
-PKG_HASH:=1d607d3859274f755942324afb0f887ee22edd157f9596a2e69e3a28ec6d1092
+PKG_SOURCE_URL:=https://www.libssh.org/files/0.9/
+PKG_HASH:=2c8b5f894dced58b3d629f16f3afa6562c20b4bdc894639163cf657833688f0c
PKG_CPE_ID:=cpe:/a:libssh:libssh
CMAKE_INSTALL:=1
+CMAKE_BINARY_SUBDIR:=build
PKG_BUILD_PARALLEL:=1
PKG_USE_MIPS16:=0
+++ /dev/null
-From f81ca6161223e3566ce78a427571235fb6848fe9 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 29 Aug 2018 18:41:15 +0200
-Subject: [PATCH 1/8] misc: Add strndup implementation if not provides by the
- OS
-
-Fixes T112
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 247983e9820fd264cb5a59c14cc12846c028bd08)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- ConfigureChecks.cmake | 1 +
- config.h.cmake | 3 +++
- include/libssh/priv.h | 4 ++++
- src/misc.c | 21 +++++++++++++++++++++
- 4 files changed, 29 insertions(+)
-
---- a/ConfigureChecks.cmake
-+++ b/ConfigureChecks.cmake
-@@ -115,6 +115,7 @@ endif (NOT WITH_GCRYPT)
-
- check_function_exists(isblank HAVE_ISBLANK)
- check_function_exists(strncpy HAVE_STRNCPY)
-+check_function_exists(strndup HAVE_STRNDUP)
- check_function_exists(strtoull HAVE_STRTOULL)
-
- if (NOT WIN32)
---- a/config.h.cmake
-+++ b/config.h.cmake
-@@ -103,6 +103,9 @@
- /* Define to 1 if you have the `strncpy' function. */
- #cmakedefine HAVE_STRNCPY 1
-
-+/* Define to 1 if you have the `strndup' function. */
-+#cmakedefine HAVE_STRNDUP 1
-+
- /* Define to 1 if you have the `cfmakeraw' function. */
- #cmakedefine HAVE_CFMAKERAW 1
-
---- a/include/libssh/priv.h
-+++ b/include/libssh/priv.h
-@@ -43,6 +43,10 @@
- # endif
- #endif /* !defined(HAVE_STRTOULL) */
-
-+#if !defined(HAVE_STRNDUP)
-+char *strndup(const char *s, size_t n);
-+#endif /* ! HAVE_STRNDUP */
-+
- #ifdef HAVE_BYTESWAP_H
- #include <byteswap.h>
- #endif
---- a/src/misc.c
-+++ b/src/misc.c
-@@ -1028,6 +1028,27 @@ int ssh_match_group(const char *group, c
- return 0;
- }
-
-+#if !defined(HAVE_STRNDUP)
-+char *strndup(const char *s, size_t n)
-+{
-+ char *x = NULL;
-+
-+ if (n + 1 < n) {
-+ return NULL;
-+ }
-+
-+ x = malloc(n + 1);
-+ if (x == NULL) {
-+ return NULL;
-+ }
-+
-+ memcpy(x, s, n);
-+ x[n] = '\0';
-+
-+ return x;
-+}
-+#endif /* ! HAVE_STRNDUP */
-+
- /** @} */
-
- /* vim: set ts=4 sw=4 et cindent: */
+++ /dev/null
-From e4c6d591df6a9c34c1ff3ec9f367c7257122bef3 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 17 Oct 2018 07:23:10 +0200
-Subject: [PATCH 2/8] packet: Add missing break in ssh_packet_incoming_filter()
-
-CID 1396239
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit fe618a35dc4be3e73ddf29d0c4a96b98d3b9c48f)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/packet.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/packet.c
-+++ b/src/packet.c
-@@ -285,6 +285,7 @@ static enum ssh_packet_filter_result_e s
- (session->dh_handshake_state != DH_STATE_FINISHED))
- {
- rc = SSH_PACKET_DENIED;
-+ break;
- }
-
- rc = SSH_PACKET_ALLOWED;
+++ /dev/null
-From 734e3ce6747a5ed120b93a1ff253b3fde5f20024 Mon Sep 17 00:00:00 2001
-From: Meng Tan <mtan@wallix.com>
-Date: Wed, 17 Oct 2018 14:50:08 +0200
-Subject: [PATCH 3/8] server: Set correct state after sending INFO_REQUEST (Kbd
- Interactive)
-
-Signed-off-by: Meng Tan <mtan@wallix.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 4ea46eecce9f4e676150fe27fec34e1570b70ace)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/server.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/server.c
-+++ b/src/server.c
-@@ -976,6 +976,7 @@ int ssh_message_auth_interactive_request
- msg->session->kbdint->prompts = NULL;
- msg->session->kbdint->echo = NULL;
- }
-+ msg->session->auth.state = SSH_AUTH_STATE_INFO;
-
- return rc;
- }
+++ /dev/null
-From 3fe7510b261098e3937ab5417935916a46e6727b Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Fri, 19 Oct 2018 11:40:44 +0200
-Subject: [PATCH 4/8] messages: Check that the requested service is
- 'ssh-connection'
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 9c200d3ef4f62d724d3bae2563b81c38cc31e215)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/messages.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
---- a/src/messages.c
-+++ b/src/messages.c
-@@ -649,6 +649,7 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_
- ssh_message msg = NULL;
- char *service = NULL;
- char *method = NULL;
-+ int cmp;
- int rc;
-
- (void)user;
-@@ -675,6 +676,13 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_
- service, method,
- msg->auth_request.username);
-
-+ cmp = strcmp(service, "ssh-connection");
-+ if (cmp != 0) {
-+ SSH_LOG(SSH_LOG_WARNING,
-+ "Invalid service request: %s",
-+ service);
-+ goto end;
-+ }
-
- if (strcmp(method, "none") == 0) {
- msg->auth_request.method = SSH_AUTH_METHOD_NONE;
+++ /dev/null
-From acb0e4f401440ca325e441064d2cb4b896fb9a3d Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 17 Oct 2018 17:32:54 +0200
-Subject: [PATCH 5/8] examples: Explicitly track auth state in
- samplesshd-kbdint
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit 0ff566b6dde5cd27653aa35280feceefad5d5224)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- examples/samplesshd-kbdint.c | 20 ++++++++++++++++----
- 1 file changed, 16 insertions(+), 4 deletions(-)
-
---- a/examples/samplesshd-kbdint.c
-+++ b/examples/samplesshd-kbdint.c
-@@ -23,6 +23,7 @@ clients must be made or how a client sho
- #include <stdlib.h>
- #include <string.h>
- #include <stdio.h>
-+#include <stdbool.h>
-
- #define SSHD_USER "libssh"
- #define SSHD_PASSWORD "libssh"
-@@ -36,6 +37,7 @@ clients must be made or how a client sho
- #endif
-
- static int port = 22;
-+static bool authenticated = false;
-
- #ifdef WITH_PCAP
- static const char *pcap_file = "debug.server.pcap";
-@@ -61,11 +63,20 @@ static void cleanup_pcap(void) {
- #endif
-
-
--static int auth_password(const char *user, const char *password){
-- if(strcmp(user, SSHD_USER))
-+static int auth_password(const char *user, const char *password)
-+{
-+ int cmp;
-+
-+ cmp = strcmp(user, SSHD_USER);
-+ if (cmp != 0) {
- return 0;
-- if(strcmp(password, SSHD_PASSWORD))
-+ }
-+ cmp = strcmp(password, SSHD_PASSWORD);
-+ if (cmp != 0) {
- return 0;
-+ }
-+
-+ authenticated = true;
- return 1; // authenticated
- }
- #ifdef HAVE_ARGP_H
-@@ -200,6 +211,7 @@ static int kbdint_check_response(ssh_ses
- return 0;
- }
-
-+ authenticated = true;
- return 1;
- }
-
-@@ -328,7 +340,7 @@ int main(int argc, char **argv){
-
- /* proceed to authentication */
- auth = authenticate(session);
-- if(!auth){
-+ if (!auth || !authenticated) {
- printf("Authentication error: %s\n", ssh_get_error(session));
- ssh_disconnect(session);
- return 1;
+++ /dev/null
-From 7ad80ba1cc48f7af1f192692d100a6255d97b843 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Wed, 24 Oct 2018 19:57:17 +0200
-Subject: [PATCH 6/8] server: Fix compile error
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/server.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/src/server.c
-+++ b/src/server.c
-@@ -976,7 +976,7 @@ int ssh_message_auth_interactive_request
- msg->session->kbdint->prompts = NULL;
- msg->session->kbdint->echo = NULL;
- }
-- msg->session->auth.state = SSH_AUTH_STATE_INFO;
-+ msg->session->auth_state = SSH_AUTH_STATE_INFO;
-
- return rc;
- }
+++ /dev/null
-From 103973215443f6e02e010114a3f7ac19eb6f3c8c Mon Sep 17 00:00:00 2001
-From: Meng Tan <mtan@wallix.com>
-Date: Thu, 25 Oct 2018 17:06:06 +0200
-Subject: [PATCH 7/8] gssapi: Set correct state after sending GSSAPI_RESPONSE
- (select mechanism OID)
-
-Signed-off-by: Meng Tan <mtan@wallix.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit bce8d567053232debd6ec490af5a7d27e1160f39)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/gssapi.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/gssapi.c
-+++ b/src/gssapi.c
-@@ -120,6 +120,7 @@ static int ssh_gssapi_send_response(ssh_
- ssh_set_error_oom(session);
- return SSH_ERROR;
- }
-+ session->auth_state = SSH_AUTH_STATE_GSSAPI_TOKEN;
-
- packet_send(session);
- SSH_LOG(SSH_LOG_PACKET,
+++ /dev/null
-From 9d5cf209df4c260546e1468cc15fbbbfba3097c6 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sat, 27 Oct 2018 22:15:56 +0200
-Subject: [PATCH 8/8] libcrypto: Fix memory leak in evp_final()
-
-Fixes T116
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
-(cherry picked from commit a2807474621e51b386ea26ce2a01d2b1aa295c7b)
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- src/libcrypto.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/libcrypto.c
-+++ b/src/libcrypto.c
-@@ -165,6 +165,7 @@ void evp_update(EVPCTX ctx, const void *
- void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen)
- {
- EVP_DigestFinal(ctx, md, mdlen);
-+ EVP_MD_CTX_free(ctx);
- }
- #endif
-
+++ /dev/null
-From a8523d83c242c6f71dbf69fab0ca91d768e78f05 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sun, 6 Nov 2016 12:07:32 +0100
-Subject: [PATCH] threads: Use new API call for OpenSSL CRYPTO THREADID
-
-BUG: https://red.libssh.org/issues/222
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
----
- ConfigureChecks.cmake | 4 ++++
- config.h.cmake | 3 +++
- src/threads.c | 19 +++++++++++++++++--
- 3 files changed, 24 insertions(+), 2 deletions(-)
-
-diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
-index 0a53c5b1..43179d8f 100644
---- a/ConfigureChecks.cmake
-+++ b/ConfigureChecks.cmake
-@@ -95,6 +95,10 @@ if (OPENSSL_FOUND)
- set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
- set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
- check_function_exists(CRYPTO_ctr128_encrypt HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT)
-+
-+ set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR})
-+ set(CMAKE_REQUIRED_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
-+ check_function_exists(CRYPTO_THREADID_set_callback HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK)
- endif()
-
- if (CMAKE_HAVE_PTHREAD_H)
-diff --git a/config.h.cmake b/config.h.cmake
-index 3e7f7939..b87fea5c 100644
---- a/config.h.cmake
-+++ b/config.h.cmake
-@@ -79,6 +79,9 @@
- /* Define to 1 if you have the `CRYPTO_ctr128_encrypt' function. */
- #cmakedefine HAVE_OPENSSL_CRYPTO_CTR128_ENCRYPT 1
-
-+/* Define to 1 if you have the `CRYPTO_THREADID_set_callback' function. */
-+#cmakedefine HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK 1
-+
- /* Define to 1 if you have the `snprintf' function. */
- #cmakedefine HAVE_SNPRINTF 1
-
-diff --git a/src/threads.c b/src/threads.c
-index 7f3a304e..062c3b84 100644
---- a/src/threads.c
-+++ b/src/threads.c
-@@ -116,6 +116,15 @@ static void libcrypto_lock_callback(int mode, int i, const char *file, int line)
- }
- }
-
-+#ifdef HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK
-+static void libcrypto_THREADID_callback(CRYPTO_THREADID *id)
-+{
-+ unsigned long thread_id = (*user_callbacks->thread_id)();
-+
-+ CRYPTO_THREADID_set_numeric(id, thread_id);
-+}
-+#endif /* HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK */
-+
- static int libcrypto_thread_init(void){
- int n=CRYPTO_num_locks();
- int i;
-@@ -127,8 +136,14 @@ static int libcrypto_thread_init(void){
- for (i=0;i<n;++i){
- user_callbacks->mutex_init(&libcrypto_mutexes[i]);
- }
-- CRYPTO_set_id_callback(user_callbacks->thread_id);
-- CRYPTO_set_locking_callback(libcrypto_lock_callback);
-+
-+#ifdef HAVE_OPENSSL_CRYPTO_THREADID_SET_CALLBACK
-+ CRYPTO_THREADID_set_callback(libcrypto_THREADID_callback);
-+#else
-+ CRYPTO_set_id_callback(user_callbacks->thread_id);
-+#endif
-+
-+ CRYPTO_set_locking_callback(libcrypto_lock_callback);
-
- return SSH_OK;
- }
---
-2.19.1
-
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -35,10 +35,6 @@ include(DefineInstallationPaths)
- include(DefineOptions.cmake)
- include(CPackConfig.cmake)
-
--# disallow in-source build
--include(MacroEnsureOutOfSourceBuild)
--macro_ensure_out_of_source_build("${PROJECT_NAME} requires an out of source build. Please create a separate build directory and run 'cmake /path/to/${PROJECT_NAME} [options]' there.")
--
- # search for libraries
- if (WITH_ZLIB)
- find_package(ZLIB REQUIRED)
+diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
+index c8bb2aa..344ba59 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -5,7 +5,6 @@ include(CheckFunctionExists)
include(CheckLibraryExists)
include(CheckTypeSize)
- include(CheckCXXSourceCompiles)
+ include(CheckStructHasMember)
-include(TestBigEndian)
- set(PACKAGE ${APPLICATION_NAME})
- set(VERSION ${APPLICATION_VERSION})
-@@ -276,6 +275,8 @@ if (WITH_GSSAPI AND NOT GSSAPI_FOUND)
+ set(PACKAGE ${PROJECT_NAME})
+ set(VERSION ${PROJECT_VERSION})
+@@ -465,6 +464,8 @@ if (WITH_GSSAPI AND NOT GSSAPI_FOUND)
endif (WITH_GSSAPI AND NOT GSSAPI_FOUND)
# ENDIAN
- test_big_endian(WORDS_BIGENDIAN)
-endif (NOT WIN32)
+if (WITH_BIG_ENDIAN)
-+ set(WORDS_BIGENDIAN 1)
++ set(WORDS_BIGENDIAN 1)
+else (WITH_BIG_ENDIAN)
-+ set(WORDS_BIGENDIAN 0)
++ set(WORDS_BIGENDIAN 0)
+endif (WITH_BIG_ENDIAN)
+++ /dev/null
-From 8d5cf617d53d0545a0d141abf94396c28ca7e736 Mon Sep 17 00:00:00 2001
-From: Andreas Schneider <asn@cryptomilk.org>
-Date: Sun, 29 Oct 2017 16:06:14 +0100
-Subject: [PATCH] pki_crypto: Don't use deprecated function with newer
- OpenSSL
-
-Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 9e27436c..34d6e81c 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -451,11 +451,24 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
-
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
-+#if OPENSSL_VERSION_NUMBER > 0x10100000L
-+ rc = DSA_generate_parameters_ex(key->dsa,
-+ parameter,
-+ NULL, /* seed */
-+ 0, /* seed_len */
-+ NULL, /* counter_ret */
-+ NULL, /* h_ret */
-+ NULL); /* cb */
-+ if (rc != 1) {
-+ return SSH_ERROR;
-+ }
-+#else
- key->dsa = DSA_generate_parameters(parameter, NULL, 0, NULL, NULL,
- NULL, NULL);
- if(key->dsa == NULL){
- return SSH_ERROR;
- }
-+#endif
- rc = DSA_generate_key(key->dsa);
- if (rc != 1){
- DSA_free(key->dsa);
---
-2.19.1
-
+++ /dev/null
-From ab67e42d6a0529f5fb81ee86049bf10abe99f839 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Tue, 7 Nov 2017 09:38:40 +0100
-Subject: [PATCH] pki_crypto: Avoid segfault with OpenSSL 1.1.0
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 34d6e81c..30f49a81 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -452,6 +452,10 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
- #if OPENSSL_VERSION_NUMBER > 0x10100000L
-+ key->dsa = DSA_new();
-+ if (!key->dsa) {
-+ return SSH_ERROR;
-+ }
- rc = DSA_generate_parameters_ex(key->dsa,
- parameter,
- NULL, /* seed */
---
-2.19.1
-
+++ /dev/null
-From c39f7578765859d7416e4140c92d034c8cae3341 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Wed, 8 Nov 2017 15:35:08 +0100
-Subject: [PATCH] pki_crypto: Avoid potential memory leak
-
-Signed-off-by: Jakub Jelen <jjelen@redhat.com>
-Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
----
- src/pki_crypto.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index 30f49a81..d9f7753a 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -453,7 +453,7 @@ int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
- #if OPENSSL_VERSION_NUMBER > 0x10100000L
- key->dsa = DSA_new();
-- if (!key->dsa) {
-+ if (key->dsa == NULL) {
- return SSH_ERROR;
- }
- rc = DSA_generate_parameters_ex(key->dsa,
-@@ -464,6 +464,8 @@ int pki_key_generate_dss(ssh_key key, int parameter){
- NULL, /* h_ret */
- NULL); /* cb */
- if (rc != 1) {
-+ DSA_free(key->dsa);
-+ key->dsa = NULL;
- return SSH_ERROR;
- }
- #else
---
-2.19.1
-
+++ /dev/null
-From 8349ff1ec3d001aa85cc94a9004509cca8ebf036 Mon Sep 17 00:00:00 2001
-From: Rosen Penev <rosenp@gmail.com>
-Date: Wed, 7 Nov 2018 17:17:53 -0800
-Subject: [PATCH] crypto: Fix compilation for OpenSSL without deprecated
- APIs
-
-Added missing bn.h include.
-
-Made engine.h include conditional, otherwise it would fail.
-
-DSA_generate_parameters was deprecated long before 1.1.0.
-
-Signed-off-by: Rosen Penev <rosenp@gmail.com>
----
- src/libcrypto-compat.c | 5 ++++-
- src/libcrypto-compat.h | 1 +
- src/pki_crypto.c | 2 +-
- 3 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c
-index 4b1f36a5..b8b4f11a 100644
---- a/src/libcrypto-compat.c
-+++ b/src/libcrypto-compat.c
-@@ -8,9 +8,12 @@
- */
-
- #include <string.h>
--#include <openssl/engine.h>
- #include "libcrypto-compat.h"
-
-+#ifndef OPENSSL_NO_ENGINE
-+#include <openssl/engine.h>
-+#endif
-+
- static void *OPENSSL_zalloc(size_t num)
- {
- void *ret = OPENSSL_malloc(num);
-diff --git a/src/libcrypto-compat.h b/src/libcrypto-compat.h
-index 21542c65..00e4f2a3 100644
---- a/src/libcrypto-compat.h
-+++ b/src/libcrypto-compat.h
-@@ -10,6 +10,7 @@
- #include <openssl/dh.h>
- #include <openssl/evp.h>
- #include <openssl/hmac.h>
-+#include <openssl/bn.h>
-
- int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
- int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
-diff --git a/src/pki_crypto.c b/src/pki_crypto.c
-index d9f7753a..c1aac409 100644
---- a/src/pki_crypto.c
-+++ b/src/pki_crypto.c
-@@ -451,7 +451,7 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
-
- int pki_key_generate_dss(ssh_key key, int parameter){
- int rc;
--#if OPENSSL_VERSION_NUMBER > 0x10100000L
-+#if OPENSSL_VERSION_NUMBER > 0x00908000L
- key->dsa = DSA_new();
- if (key->dsa == NULL) {
- return SSH_ERROR;
---
-2.19.1
-
+++ /dev/null
---- a/cmake/Modules/DefineCompilerFlags.cmake
-+++ b/cmake/Modules/DefineCompilerFlags.cmake
-@@ -1,7 +1,6 @@
- # define system dependent compiler flags
-
- include(CheckCCompilerFlag)
--include(CheckCCompilerFlagSSP)
-
- if (UNIX AND NOT WIN32)
- #
-@@ -21,11 +20,6 @@ if (UNIX AND NOT WIN32)
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIC")
- endif (WITH_FPIC)
-
-- check_c_compiler_flag_ssp("-fstack-protector" WITH_STACK_PROTECTOR)
-- if (WITH_STACK_PROTECTOR)
-- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fstack-protector")
-- endif (WITH_STACK_PROTECTOR)
--
- if (CMAKE_BUILD_TYPE)
- string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE_LOWER)
- if (CMAKE_BUILD_TYPE_LOWER MATCHES (release|relwithdebinfo|minsizerel))
+++ /dev/null
---- a/src/dh.c
-+++ b/src/dh.c
-@@ -131,11 +131,15 @@ int ssh_get_random(void *where, int len, int strong){
-
- return 1;
- #elif defined HAVE_LIBCRYPTO
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- if (strong) {
- return RAND_bytes(where,len);
- } else {
- return RAND_pseudo_bytes(where,len);
- }
-+#else
-+ return RAND_bytes(where,len);
-+#endif
- #endif
-
- /* never reached */
-@@ -198,7 +202,9 @@ int ssh_crypto_init(void) {
- }
- bignum_bin2bn(p_group14_value, P_GROUP14_LEN, p_group14);
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- OpenSSL_add_all_algorithms();
-+#endif
-
- #endif
-
-@@ -219,8 +225,10 @@ void ssh_crypto_finalize(void) {
- #ifdef HAVE_LIBGCRYPT
- gcry_control(GCRYCTL_TERM_SECMEM);
- #elif defined HAVE_LIBCRYPTO
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- EVP_cleanup();
- CRYPTO_cleanup_all_ex_data();
-+#endif
- #endif
- ssh_crypto_initialized=0;
- }
+++ /dev/null
---- a/src/threads.c
-+++ b/src/threads.c
-@@ -106,6 +106,8 @@ static int libgcrypt_thread_init(void){
-
- static void **libcrypto_mutexes;
-
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+
- static void libcrypto_lock_callback(int mode, int i, const char *file, int line){
- (void)file;
- (void)line;
-@@ -160,6 +162,16 @@ static void libcrypto_thread_finalize(void){
-
- }
-
-+#else
-+
-+static int libcrypto_thread_init(void){
-+ return SSH_OK;
-+}
-+
-+static void libcrypto_thread_finalize(void){
-+}
-+#endif
-+
- #endif
-
- /** @internal
projects / feed / packages.git / commitdiff