diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | authfile.c | 4 |
2 files changed, 8 insertions, 0 deletions
| @@ -1,3 +1,7 @@ | |||
| 1 | 20091107 | ||
| 2 | - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private | ||
| 3 | keys when built with OpenSSL versions that don't do AES. | ||
| 4 | |||
| 1 | 20091105 | 5 | 20091105 |
| 2 | - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with | 6 | - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with |
| 3 | older versions of OpenSSL. | 7 | older versions of OpenSSL. |
diff --git a/authfile.c b/authfile.c index fc12c00c7..3fbe11b0e 100644 --- a/authfile.c +++ b/authfile.c | |||
| @@ -187,7 +187,11 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, | |||
| 187 | int success = 0; | 187 | int success = 0; |
| 188 | int len = strlen(_passphrase); | 188 | int len = strlen(_passphrase); |
| 189 | u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; | 189 | u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; |
| 190 | #if (OPENSSL_VERSION_NUMBER < 0x00907000L) | ||
| 191 | const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; | ||
| 192 | #else | ||
| 190 | const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL; | 193 | const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL; |
| 194 | #endif | ||
| 191 | 195 | ||
| 192 | if (len > 0 && len <= 4) { | 196 | if (len > 0 && len <= 4) { |
| 193 | error("passphrase too short: have %d bytes, need > 4", len); | 197 | error("passphrase too short: have %d bytes, need > 4", len); |