- (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add

RSA_get_default_method() for the benefit of openssl versions that don't have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott, ok djm@.
2011-01-22 09:37:01 +11:00 · 2011-01-22 09:37:01 +11:00 · 79241377df
parent e323ebc250
commit 79241377df
4 changed files with 27 additions and 5 deletions
--- a/6
+++ b/6
@ -1,3 +1,9 @@
+20110122
+ - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
+   RSA_get_default_method() for the benefit of openssl versions that don't
+   have it (at least openssl-engine-0.9.6b).  Found and tested by Kevin Brott,
+   ok djm@.
+
 20110119
 - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
   of RPM so build completes. Signatures were changed to .asc since 4.1p1.
--- a/configure.ac
+++ b/configure.ac
@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.468 2011/01/19 12:12:30 djm Exp $
+# $Id: configure.ac,v 1.469 2011/01/21 22:37:05 dtucker Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

 AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
-AC_REVISION($Revision: 1.468 $)
+AC_REVISION($Revision: 1.469 $)
 AC_CONFIG_SRCDIR([ssh.c])

 # local macros
@ -2180,7 +2180,7 @@ int main(void) { SSLeay_add_all_algorithms(); }
 	]
 )

-AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex)
+AC_CHECK_FUNCS(RSA_generate_key_ex DSA_generate_parameters_ex BN_is_prime_ex RSA_get_default_method)

 AC_ARG_WITH(ssl-engine,
 	[  --with-ssl-engine       Enable OpenSSL (hardware) ENGINE support ],
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.12 2010/12/04 21:46:05 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */

 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -26,6 +26,10 @@
 # include <openssl/conf.h>
 #endif

+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+# include <openssl/rsa.h>
+#endif
+
 #include "log.h"

 #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
@ -120,6 +124,14 @@ DSA_generate_parameters_ex(DSA *dsa, int bits, const unsigned char *seed,
 }
 #endif

+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+RSA_METHOD *
+RSA_get_default_method(void)
+{
+	return RSA_PKCS1_SSLeay();
+}
+#endif
+
 #ifdef	USE_OPENSSL_ENGINE
 void
 ssh_SSLeay_add_all_algorithms(void)
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.17 2010/12/04 12:20:50 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */

 /*
 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -78,6 +78,10 @@ extern const EVP_CIPHER *evp_acss(void);
 # define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
 #endif

+#ifndef HAVE_RSA_GET_DEFAULT_METHOD
+RSA_METHOD *RSA_get_default_method(void);
+#endif
+
 /*
 * We overload some of the OpenSSL crypto functions with ssh_* equivalents
 * which cater for older and/or less featureful OpenSSL version.