1043840dfSDag-Erling Smørgrav /* 2043840dfSDag-Erling Smørgrav * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 3043840dfSDag-Erling Smørgrav * 4043840dfSDag-Erling Smørgrav * Permission to use, copy, modify, and distribute this software for any 5043840dfSDag-Erling Smørgrav * purpose with or without fee is hereby granted, provided that the above 6043840dfSDag-Erling Smørgrav * copyright notice and this permission notice appear in all copies. 7043840dfSDag-Erling Smørgrav * 8043840dfSDag-Erling Smørgrav * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9043840dfSDag-Erling Smørgrav * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10043840dfSDag-Erling Smørgrav * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11043840dfSDag-Erling Smørgrav * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12043840dfSDag-Erling Smørgrav * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 13043840dfSDag-Erling Smørgrav * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 14043840dfSDag-Erling Smørgrav * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15043840dfSDag-Erling Smørgrav */ 16043840dfSDag-Erling Smørgrav 17a0ee8cc6SDag-Erling Smørgrav #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS 18043840dfSDag-Erling Smørgrav #include "includes.h" 19043840dfSDag-Erling Smørgrav 20bc5531deSDag-Erling Smørgrav #ifdef WITH_OPENSSL 21bc5531deSDag-Erling Smørgrav 224a421b63SDag-Erling Smørgrav #include <stdarg.h> 234a421b63SDag-Erling Smørgrav #include <string.h> 244a421b63SDag-Erling Smørgrav 25761efaa7SDag-Erling Smørgrav #ifdef USE_OPENSSL_ENGINE 26761efaa7SDag-Erling Smørgrav # include <openssl/engine.h> 274a421b63SDag-Erling Smørgrav # include <openssl/conf.h> 28761efaa7SDag-Erling Smørgrav #endif 29761efaa7SDag-Erling Smørgrav 304a421b63SDag-Erling Smørgrav #include "log.h" 314a421b63SDag-Erling Smørgrav 32043840dfSDag-Erling Smørgrav #include "openssl-compat.h" 33043840dfSDag-Erling Smørgrav 34a0ee8cc6SDag-Erling Smørgrav /* 35a0ee8cc6SDag-Erling Smørgrav * OpenSSL version numbers: MNNFFPPS: major minor fix patch status 36a0ee8cc6SDag-Erling Smørgrav * We match major, minor, fix and status (not patch) for <1.0.0. 37a0ee8cc6SDag-Erling Smørgrav * After that, we acceptable compatible fix versions (so we 38a0ee8cc6SDag-Erling Smørgrav * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed 39a0ee8cc6SDag-Erling Smørgrav * within a patch series. 40a0ee8cc6SDag-Erling Smørgrav */ 41a0ee8cc6SDag-Erling Smørgrav 42043840dfSDag-Erling Smørgrav int 43a0ee8cc6SDag-Erling Smørgrav ssh_compatible_openssl(long headerver, long libver) 44043840dfSDag-Erling Smørgrav { 45a0ee8cc6SDag-Erling Smørgrav long mask, hfix, lfix; 46a0ee8cc6SDag-Erling Smørgrav 47a0ee8cc6SDag-Erling Smørgrav /* exact match is always OK */ 48a0ee8cc6SDag-Erling Smørgrav if (headerver == libver) 49043840dfSDag-Erling Smørgrav return 1; 50a0ee8cc6SDag-Erling Smørgrav 51a0ee8cc6SDag-Erling Smørgrav /* for versions < 1.0.0, major,minor,fix,status must match */ 52a0ee8cc6SDag-Erling Smørgrav if (headerver < 0x1000000f) { 53a0ee8cc6SDag-Erling Smørgrav mask = 0xfffff00fL; /* major,minor,fix,status */ 54a0ee8cc6SDag-Erling Smørgrav return (headerver & mask) == (libver & mask); 55043840dfSDag-Erling Smørgrav } 56043840dfSDag-Erling Smørgrav 57a0ee8cc6SDag-Erling Smørgrav /* 58a0ee8cc6SDag-Erling Smørgrav * For versions >= 1.0.0, major,minor,status must match and library 59a0ee8cc6SDag-Erling Smørgrav * fix version must be equal to or newer than the header. 60a0ee8cc6SDag-Erling Smørgrav */ 61a0ee8cc6SDag-Erling Smørgrav mask = 0xfff0000fL; /* major,minor,status */ 62a0ee8cc6SDag-Erling Smørgrav hfix = (headerver & 0x000ff000) >> 12; 63a0ee8cc6SDag-Erling Smørgrav lfix = (libver & 0x000ff000) >> 12; 64a0ee8cc6SDag-Erling Smørgrav if ( (headerver & mask) == (libver & mask) && lfix >= hfix) 65043840dfSDag-Erling Smørgrav return 1; 664a421b63SDag-Erling Smørgrav return 0; 674a421b63SDag-Erling Smørgrav } 684a421b63SDag-Erling Smørgrav 69761efaa7SDag-Erling Smørgrav #ifdef USE_OPENSSL_ENGINE 70761efaa7SDag-Erling Smørgrav void 71e146993eSDag-Erling Smørgrav ssh_OpenSSL_add_all_algorithms(void) 72761efaa7SDag-Erling Smørgrav { 73e146993eSDag-Erling Smørgrav OpenSSL_add_all_algorithms(); 74761efaa7SDag-Erling Smørgrav 75761efaa7SDag-Erling Smørgrav /* Enable use of crypto hardware */ 76761efaa7SDag-Erling Smørgrav ENGINE_load_builtin_engines(); 77761efaa7SDag-Erling Smørgrav ENGINE_register_all_complete(); 78*2f513db7SEd Maste 79*2f513db7SEd Maste #if OPENSSL_VERSION_NUMBER < 0x10001000L 80b15c8340SDag-Erling Smørgrav OPENSSL_config(NULL); 81*2f513db7SEd Maste #else 82*2f513db7SEd Maste OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | 83*2f513db7SEd Maste OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL); 84*2f513db7SEd Maste #endif 85761efaa7SDag-Erling Smørgrav } 86761efaa7SDag-Erling Smørgrav #endif 87bc5531deSDag-Erling Smørgrav 88bc5531deSDag-Erling Smørgrav #endif /* WITH_OPENSSL */ 89