openssl-compat.c revision 295367
1/* $Id: openssl-compat.c,v 1.19 2014/07/02 05:28:07 djm Exp $ */ 2 3/* 4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 5 * 6 * Permission to use, copy, modify, and distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 15 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 16 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS 20#include "includes.h" 21 22#ifdef WITH_OPENSSL 23 24#include <stdarg.h> 25#include <string.h> 26 27#ifdef USE_OPENSSL_ENGINE 28# include <openssl/engine.h> 29# include <openssl/conf.h> 30#endif 31 32#include "log.h" 33 34#include "openssl-compat.h" 35 36/* 37 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status 38 * We match major, minor, fix and status (not patch) for <1.0.0. 39 * After that, we acceptable compatible fix versions (so we 40 * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed 41 * within a patch series. 42 */ 43 44int 45ssh_compatible_openssl(long headerver, long libver) 46{ 47 long mask, hfix, lfix; 48 49 /* exact match is always OK */ 50 if (headerver == libver) 51 return 1; 52 53 /* for versions < 1.0.0, major,minor,fix,status must match */ 54 if (headerver < 0x1000000f) { 55 mask = 0xfffff00fL; /* major,minor,fix,status */ 56 return (headerver & mask) == (libver & mask); 57 } 58 59 /* 60 * For versions >= 1.0.0, major,minor,status must match and library 61 * fix version must be equal to or newer than the header. 62 */ 63 mask = 0xfff0000fL; /* major,minor,status */ 64 hfix = (headerver & 0x000ff000) >> 12; 65 lfix = (libver & 0x000ff000) >> 12; 66 if ( (headerver & mask) == (libver & mask) && lfix >= hfix) 67 return 1; 68 return 0; 69} 70 71#ifdef USE_OPENSSL_ENGINE 72void 73ssh_OpenSSL_add_all_algorithms(void) 74{ 75 OpenSSL_add_all_algorithms(); 76 77 /* Enable use of crypto hardware */ 78 ENGINE_load_builtin_engines(); 79 ENGINE_register_all_complete(); 80 OPENSSL_config(NULL); 81} 82#endif 83 84#endif /* WITH_OPENSSL */ 85