openssl-compat.c revision 323134
1/* 2 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 13 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 14 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS 18#include "includes.h" 19 20#ifdef WITH_OPENSSL 21 22#include <stdarg.h> 23#include <string.h> 24 25#ifdef USE_OPENSSL_ENGINE 26# include <openssl/engine.h> 27# include <openssl/conf.h> 28#endif 29 30#include "log.h" 31 32#include "openssl-compat.h" 33 34/* 35 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status 36 * We match major, minor, fix and status (not patch) for <1.0.0. 37 * After that, we acceptable compatible fix versions (so we 38 * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed 39 * within a patch series. 40 */ 41 42int 43ssh_compatible_openssl(long headerver, long libver) 44{ 45 long mask, hfix, lfix; 46 47 /* exact match is always OK */ 48 if (headerver == libver) 49 return 1; 50 51 /* for versions < 1.0.0, major,minor,fix,status must match */ 52 if (headerver < 0x1000000f) { 53 mask = 0xfffff00fL; /* major,minor,fix,status */ 54 return (headerver & mask) == (libver & mask); 55 } 56 57 /* 58 * For versions >= 1.0.0, major,minor,status must match and library 59 * fix version must be equal to or newer than the header. 60 */ 61 mask = 0xfff0000fL; /* major,minor,status */ 62 hfix = (headerver & 0x000ff000) >> 12; 63 lfix = (libver & 0x000ff000) >> 12; 64 if ( (headerver & mask) == (libver & mask) && lfix >= hfix) 65 return 1; 66 return 0; 67} 68 69#ifdef USE_OPENSSL_ENGINE 70void 71ssh_OpenSSL_add_all_algorithms(void) 72{ 73 OpenSSL_add_all_algorithms(); 74 75 /* Enable use of crypto hardware */ 76 ENGINE_load_builtin_engines(); 77 ENGINE_register_all_complete(); 78 OPENSSL_config(NULL); 79} 80#endif 81 82#endif /* WITH_OPENSSL */ 83