openssl-compat.c revision 323134 
1/*
2 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
13 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
14 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
18#include "includes.h"
19
20#ifdef WITH_OPENSSL
21
22#include <stdarg.h>
23#include <string.h>
24
25#ifdef USE_OPENSSL_ENGINE
26# include <openssl/engine.h>
27# include <openssl/conf.h>
28#endif
29
30#include "log.h"
31
32#include "openssl-compat.h"
33
34/*
35 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
36 * We match major, minor, fix and status (not patch) for <1.0.0.
37 * After that, we acceptable compatible fix versions (so we
38 * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
39 * within a patch series.
40 */
41
42int
43ssh_compatible_openssl(long headerver, long libver)
44{
45	long mask, hfix, lfix;
46
47	/* exact match is always OK */
48	if (headerver == libver)
49		return 1;
50
51	/* for versions < 1.0.0, major,minor,fix,status must match */
52	if (headerver < 0x1000000f) {
53		mask = 0xfffff00fL; /* major,minor,fix,status */
54		return (headerver & mask) == (libver & mask);
55	}
56
57	/*
58	 * For versions >= 1.0.0, major,minor,status must match and library
59	 * fix version must be equal to or newer than the header.
60	 */
61	mask = 0xfff0000fL; /* major,minor,status */
62	hfix = (headerver & 0x000ff000) >> 12;
63	lfix = (libver & 0x000ff000) >> 12;
64	if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
65		return 1;
66	return 0;
67}
68
69#ifdef	USE_OPENSSL_ENGINE
70void
71ssh_OpenSSL_add_all_algorithms(void)
72{
73	OpenSSL_add_all_algorithms();
74
75	/* Enable use of crypto hardware */
76	ENGINE_load_builtin_engines();
77	ENGINE_register_all_complete();
78	OPENSSL_config(NULL);
79}
80#endif
81
82#endif /* WITH_OPENSSL */
83