diff options
author | Damien Miller <djm@mindrot.org> | 2012-03-30 11:34:27 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-03-30 11:34:27 +1100 |
commit | 4d55734c16aa104afea1e446788b3bc7a53999e6 (patch) | |
tree | 3f2f86d60703afe751ce5001b6df78f464115b49 /entropy.c | |
parent | 67ccc86506212c12e60bffd9a0e924a84800cf00 (diff) |
- (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
openssh binaries on a newer fix release than they were compiled on.
with and ok dtucker@
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -211,9 +211,14 @@ seed_rng(void) | |||
211 | #endif | 211 | #endif |
212 | /* | 212 | /* |
213 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status | 213 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status |
214 | * We match major, minor, fix and status (not patch) | 214 | * We match major, minor, fix and status (not patch) for <1.0.0. |
215 | * After that, we acceptable compatible fix versions (so we | ||
216 | * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed | ||
217 | * within a patch series. | ||
215 | */ | 218 | */ |
216 | if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) | 219 | u_long version_mask = SSLeay() >= 0x1000000f ? ~0xffff0L : ~0xff0L; |
220 | if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) || | ||
221 | (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12)) | ||
217 | fatal("OpenSSL version mismatch. Built against %lx, you " | 222 | fatal("OpenSSL version mismatch. Built against %lx, you " |
218 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); | 223 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); |
219 | 224 | ||