1*a0ee8cc6SDag-Erling Smørgrav /* $Id: openssl-compat.c,v 1.19 2014/07/02 05:28:07 djm Exp $ */ 2043840dfSDag-Erling Smørgrav 3043840dfSDag-Erling Smørgrav /* 4043840dfSDag-Erling Smørgrav * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 5043840dfSDag-Erling Smørgrav * 6043840dfSDag-Erling Smørgrav * Permission to use, copy, modify, and distribute this software for any 7043840dfSDag-Erling Smørgrav * purpose with or without fee is hereby granted, provided that the above 8043840dfSDag-Erling Smørgrav * copyright notice and this permission notice appear in all copies. 9043840dfSDag-Erling Smørgrav * 10043840dfSDag-Erling Smørgrav * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11043840dfSDag-Erling Smørgrav * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12043840dfSDag-Erling Smørgrav * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13043840dfSDag-Erling Smørgrav * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14043840dfSDag-Erling Smørgrav * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER 15043840dfSDag-Erling Smørgrav * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING 16043840dfSDag-Erling Smørgrav * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17043840dfSDag-Erling Smørgrav */ 18043840dfSDag-Erling Smørgrav 19*a0ee8cc6SDag-Erling Smørgrav #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS 20043840dfSDag-Erling Smørgrav #include "includes.h" 21043840dfSDag-Erling Smørgrav 224a421b63SDag-Erling Smørgrav #include <stdarg.h> 234a421b63SDag-Erling Smørgrav #include <string.h> 244a421b63SDag-Erling Smørgrav 25761efaa7SDag-Erling Smørgrav #ifdef USE_OPENSSL_ENGINE 26761efaa7SDag-Erling Smørgrav # include <openssl/engine.h> 274a421b63SDag-Erling Smørgrav # include <openssl/conf.h> 28761efaa7SDag-Erling Smørgrav #endif 29761efaa7SDag-Erling Smørgrav 304a421b63SDag-Erling Smørgrav #include "log.h" 314a421b63SDag-Erling Smørgrav 32043840dfSDag-Erling Smørgrav #include "openssl-compat.h" 33043840dfSDag-Erling Smørgrav 34*a0ee8cc6SDag-Erling Smørgrav /* 35*a0ee8cc6SDag-Erling Smørgrav * OpenSSL version numbers: MNNFFPPS: major minor fix patch status 36*a0ee8cc6SDag-Erling Smørgrav * We match major, minor, fix and status (not patch) for <1.0.0. 37*a0ee8cc6SDag-Erling Smørgrav * After that, we acceptable compatible fix versions (so we 38*a0ee8cc6SDag-Erling Smørgrav * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed 39*a0ee8cc6SDag-Erling Smørgrav * within a patch series. 40*a0ee8cc6SDag-Erling Smørgrav */ 41*a0ee8cc6SDag-Erling Smørgrav 42043840dfSDag-Erling Smørgrav int 43*a0ee8cc6SDag-Erling Smørgrav ssh_compatible_openssl(long headerver, long libver) 44043840dfSDag-Erling Smørgrav { 45*a0ee8cc6SDag-Erling Smørgrav long mask, hfix, lfix; 46*a0ee8cc6SDag-Erling Smørgrav 47*a0ee8cc6SDag-Erling Smørgrav /* exact match is always OK */ 48*a0ee8cc6SDag-Erling Smørgrav if (headerver == libver) 49043840dfSDag-Erling Smørgrav return 1; 50*a0ee8cc6SDag-Erling Smørgrav 51*a0ee8cc6SDag-Erling Smørgrav /* for versions < 1.0.0, major,minor,fix,status must match */ 52*a0ee8cc6SDag-Erling Smørgrav if (headerver < 0x1000000f) { 53*a0ee8cc6SDag-Erling Smørgrav mask = 0xfffff00fL; /* major,minor,fix,status */ 54*a0ee8cc6SDag-Erling Smørgrav return (headerver & mask) == (libver & mask); 55043840dfSDag-Erling Smørgrav } 56043840dfSDag-Erling Smørgrav 57*a0ee8cc6SDag-Erling Smørgrav /* 58*a0ee8cc6SDag-Erling Smørgrav * For versions >= 1.0.0, major,minor,status must match and library 59*a0ee8cc6SDag-Erling Smørgrav * fix version must be equal to or newer than the header. 60*a0ee8cc6SDag-Erling Smørgrav */ 61*a0ee8cc6SDag-Erling Smørgrav mask = 0xfff0000fL; /* major,minor,status */ 62*a0ee8cc6SDag-Erling Smørgrav hfix = (headerver & 0x000ff000) >> 12; 63*a0ee8cc6SDag-Erling Smørgrav lfix = (libver & 0x000ff000) >> 12; 64*a0ee8cc6SDag-Erling Smørgrav if ( (headerver & mask) == (libver & mask) && lfix >= hfix) 65043840dfSDag-Erling Smørgrav return 1; 664a421b63SDag-Erling Smørgrav return 0; 674a421b63SDag-Erling Smørgrav } 684a421b63SDag-Erling Smørgrav 69761efaa7SDag-Erling Smørgrav #ifdef USE_OPENSSL_ENGINE 70761efaa7SDag-Erling Smørgrav void 71e146993eSDag-Erling Smørgrav ssh_OpenSSL_add_all_algorithms(void) 72761efaa7SDag-Erling Smørgrav { 73e146993eSDag-Erling Smørgrav OpenSSL_add_all_algorithms(); 74761efaa7SDag-Erling Smørgrav 75761efaa7SDag-Erling Smørgrav /* Enable use of crypto hardware */ 76761efaa7SDag-Erling Smørgrav ENGINE_load_builtin_engines(); 77761efaa7SDag-Erling Smørgrav ENGINE_register_all_complete(); 78b15c8340SDag-Erling Smørgrav OPENSSL_config(NULL); 79761efaa7SDag-Erling Smørgrav } 80761efaa7SDag-Erling Smørgrav #endif 81