summaryrefslogtreecommitdiff
path: root/openbsd-compat
diff options
context:
space:
mode:
Diffstat (limited to 'openbsd-compat')
-rw-r--r--openbsd-compat/Makefile.in1
-rw-r--r--openbsd-compat/bsd-asprintf.c9
-rw-r--r--openbsd-compat/bsd-misc.c8
-rw-r--r--openbsd-compat/libressl-api-compat.c636
-rw-r--r--openbsd-compat/openssl-compat.c6
-rw-r--r--openbsd-compat/openssl-compat.h136
-rw-r--r--openbsd-compat/port-linux.c1
-rw-r--r--openbsd-compat/port-uw.c3
-rw-r--r--openbsd-compat/setproctitle.c2
-rw-r--r--openbsd-compat/xcrypt.c3
10 files changed, 799 insertions, 6 deletions
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index 2fd9b952b..c1e14cbd0 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -85,6 +85,7 @@ COMPAT= arc4random.o \
85 getrrsetbyname-ldns.o \ 85 getrrsetbyname-ldns.o \
86 kludge-fd_set.o \ 86 kludge-fd_set.o \
87 openssl-compat.o \ 87 openssl-compat.o \
88 libressl-api-compat.o \
88 xcrypt.o 89 xcrypt.o
89 90
90PORTS= port-aix.o \ 91PORTS= port-aix.o \
diff --git a/openbsd-compat/bsd-asprintf.c b/openbsd-compat/bsd-asprintf.c
index 822367154..109277271 100644
--- a/openbsd-compat/bsd-asprintf.c
+++ b/openbsd-compat/bsd-asprintf.c
@@ -19,6 +19,15 @@
19 19
20#include "includes.h" 20#include "includes.h"
21 21
22/*
23 * Don't let systems with broken printf(3) avoid our replacements
24 * via asprintf(3)/vasprintf(3) calling libc internally.
25 */
26#if defined(BROKEN_SNPRINTF)
27# undef HAVE_VASPRINTF
28# undef HAVE_ASPRINTF
29#endif
30
22#ifndef HAVE_VASPRINTF 31#ifndef HAVE_VASPRINTF
23 32
24#include <errno.h> 33#include <errno.h>
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index b6893e171..5d7540a70 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -313,12 +313,12 @@ getsid(pid_t pid)
313#undef fflush 313#undef fflush
314int _ssh_compat_fflush(FILE *f) 314int _ssh_compat_fflush(FILE *f)
315{ 315{
316 int r1, r2, r3; 316 int r1, r2;
317 317
318 if (f == NULL) { 318 if (f == NULL) {
319 r2 = fflush(stdout); 319 r1 = fflush(stdout);
320 r3 = fflush(stderr); 320 r2 = fflush(stderr);
321 if (r1 == -1 || r2 == -1 || r3 == -1) 321 if (r1 == -1 || r2 == -1)
322 return -1; 322 return -1;
323 return 0; 323 return 0;
324 } 324 }
diff --git a/openbsd-compat/libressl-api-compat.c b/openbsd-compat/libressl-api-compat.c
new file mode 100644
index 000000000..de3e64a63
--- /dev/null
+++ b/openbsd-compat/libressl-api-compat.c
@@ -0,0 +1,636 @@
1/* $OpenBSD: dsa_lib.c,v 1.29 2018/04/14 07:09:21 tb Exp $ */
2/* $OpenBSD: rsa_lib.c,v 1.37 2018/04/14 07:09:21 tb Exp $ */
3/* $OpenBSD: evp_lib.c,v 1.17 2018/09/12 06:35:38 djm Exp $ */
4/* $OpenBSD: dh_lib.c,v 1.32 2018/05/02 15:48:38 tb Exp $ */
5/* $OpenBSD: p_lib.c,v 1.24 2018/05/30 15:40:50 tb Exp $ */
6/* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */
7/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8 * All rights reserved.
9 *
10 * This package is an SSL implementation written
11 * by Eric Young (eay@cryptsoft.com).
12 * The implementation was written so as to conform with Netscapes SSL.
13 *
14 * This library is free for commercial and non-commercial use as long as
15 * the following conditions are aheared to. The following conditions
16 * apply to all code found in this distribution, be it the RC4, RSA,
17 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
18 * included with this distribution is covered by the same copyright terms
19 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
20 *
21 * Copyright remains Eric Young's, and as such any Copyright notices in
22 * the code are not to be removed.
23 * If this package is used in a product, Eric Young should be given attribution
24 * as the author of the parts of the library used.
25 * This can be in the form of a textual message at program startup or
26 * in documentation (online or textual) provided with the package.
27 *
28 * Redistribution and use in source and binary forms, with or without
29 * modification, are permitted provided that the following conditions
30 * are met:
31 * 1. Redistributions of source code must retain the copyright
32 * notice, this list of conditions and the following disclaimer.
33 * 2. Redistributions in binary form must reproduce the above copyright
34 * notice, this list of conditions and the following disclaimer in the
35 * documentation and/or other materials provided with the distribution.
36 * 3. All advertising materials mentioning features or use of this software
37 * must display the following acknowledgement:
38 * "This product includes cryptographic software written by
39 * Eric Young (eay@cryptsoft.com)"
40 * The word 'cryptographic' can be left out if the rouines from the library
41 * being used are not cryptographic related :-).
42 * 4. If you include any Windows specific code (or a derivative thereof) from
43 * the apps directory (application code) you must include an acknowledgement:
44 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
45 *
46 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
49 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
56 * SUCH DAMAGE.
57 *
58 * The licence and distribution terms for any publically available version or
59 * derivative of this code cannot be changed. i.e. this code cannot simply be
60 * copied and put under another distribution licence
61 * [including the GNU Public Licence.]
62 */
63
64/* $OpenBSD: dsa_asn1.c,v 1.22 2018/06/14 17:03:19 jsing Exp $ */
65/* $OpenBSD: ecs_asn1.c,v 1.9 2018/03/17 15:24:44 tb Exp $ */
66/* $OpenBSD: digest.c,v 1.30 2018/04/14 07:09:21 tb Exp $ */
67/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
68 * project 2000.
69 */
70/* ====================================================================
71 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
72 *
73 * Redistribution and use in source and binary forms, with or without
74 * modification, are permitted provided that the following conditions
75 * are met:
76 *
77 * 1. Redistributions of source code must retain the above copyright
78 * notice, this list of conditions and the following disclaimer.
79 *
80 * 2. Redistributions in binary form must reproduce the above copyright
81 * notice, this list of conditions and the following disclaimer in
82 * the documentation and/or other materials provided with the
83 * distribution.
84 *
85 * 3. All advertising materials mentioning features or use of this
86 * software must display the following acknowledgment:
87 * "This product includes software developed by the OpenSSL Project
88 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
89 *
90 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
91 * endorse or promote products derived from this software without
92 * prior written permission. For written permission, please contact
93 * licensing@OpenSSL.org.
94 *
95 * 5. Products derived from this software may not be called "OpenSSL"
96 * nor may "OpenSSL" appear in their names without prior written
97 * permission of the OpenSSL Project.
98 *
99 * 6. Redistributions of any form whatsoever must retain the following
100 * acknowledgment:
101 * "This product includes software developed by the OpenSSL Project
102 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
103 *
104 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
105 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
106 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
107 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
108 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
109 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
110 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
111 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
112 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
113 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
114 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
115 * OF THE POSSIBILITY OF SUCH DAMAGE.
116 * ====================================================================
117 *
118 * This product includes cryptographic software written by Eric Young
119 * (eay@cryptsoft.com). This product includes software written by Tim
120 * Hudson (tjh@cryptsoft.com).
121 *
122 */
123
124/* $OpenBSD: rsa_meth.c,v 1.2 2018/09/12 06:35:38 djm Exp $ */
125/*
126 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
127 *
128 * Permission to use, copy, modify, and distribute this software for any
129 * purpose with or without fee is hereby granted, provided that the above
130 * copyright notice and this permission notice appear in all copies.
131 *
132 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
133 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
134 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
135 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
136 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
137 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
138 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
139 */
140
141#include "includes.h"
142
143#ifdef WITH_OPENSSL
144
145#include <sys/types.h>
146
147#include <stdlib.h>
148#include <string.h>
149
150#include <openssl/err.h>
151#include <openssl/bn.h>
152#include <openssl/dsa.h>
153#include <openssl/rsa.h>
154#include <openssl/evp.h>
155#include <openssl/ecdsa.h>
156#include <openssl/dh.h>
157
158#ifndef HAVE_DSA_GET0_PQG
159void
160DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
161{
162 if (p != NULL)
163 *p = d->p;
164 if (q != NULL)
165 *q = d->q;
166 if (g != NULL)
167 *g = d->g;
168}
169#endif /* HAVE_DSA_GET0_PQG */
170
171#ifndef HAVE_DSA_SET0_PQG
172int
173DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g)
174{
175 if ((d->p == NULL && p == NULL) || (d->q == NULL && q == NULL) ||
176 (d->g == NULL && g == NULL))
177 return 0;
178
179 if (p != NULL) {
180 BN_free(d->p);
181 d->p = p;
182 }
183 if (q != NULL) {
184 BN_free(d->q);
185 d->q = q;
186 }
187 if (g != NULL) {
188 BN_free(d->g);
189 d->g = g;
190 }
191
192 return 1;
193}
194#endif /* HAVE_DSA_SET0_PQG */
195
196#ifndef HAVE_DSA_GET0_KEY
197void
198DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key)
199{
200 if (pub_key != NULL)
201 *pub_key = d->pub_key;
202 if (priv_key != NULL)
203 *priv_key = d->priv_key;
204}
205#endif /* HAVE_DSA_GET0_KEY */
206
207#ifndef HAVE_DSA_SET0_KEY
208int
209DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key)
210{
211 if (d->pub_key == NULL && pub_key == NULL)
212 return 0;
213
214 if (pub_key != NULL) {
215 BN_free(d->pub_key);
216 d->pub_key = pub_key;
217 }
218 if (priv_key != NULL) {
219 BN_free(d->priv_key);
220 d->priv_key = priv_key;
221 }
222
223 return 1;
224}
225#endif /* HAVE_DSA_SET0_KEY */
226
227#ifndef HAVE_RSA_GET0_KEY
228void
229RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
230{
231 if (n != NULL)
232 *n = r->n;
233 if (e != NULL)
234 *e = r->e;
235 if (d != NULL)
236 *d = r->d;
237}
238#endif /* HAVE_RSA_GET0_KEY */
239
240#ifndef HAVE_RSA_SET0_KEY
241int
242RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
243{
244 if ((r->n == NULL && n == NULL) || (r->e == NULL && e == NULL))
245 return 0;
246
247 if (n != NULL) {
248 BN_free(r->n);
249 r->n = n;
250 }
251 if (e != NULL) {
252 BN_free(r->e);
253 r->e = e;
254 }
255 if (d != NULL) {
256 BN_free(r->d);
257 r->d = d;
258 }
259
260 return 1;
261}
262#endif /* HAVE_RSA_SET0_KEY */
263
264#ifndef HAVE_RSA_GET0_CRT_PARAMS
265void
266RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1,
267 const BIGNUM **iqmp)
268{
269 if (dmp1 != NULL)
270 *dmp1 = r->dmp1;
271 if (dmq1 != NULL)
272 *dmq1 = r->dmq1;
273 if (iqmp != NULL)
274 *iqmp = r->iqmp;
275}
276#endif /* HAVE_RSA_GET0_CRT_PARAMS */
277
278#ifndef HAVE_RSA_SET0_CRT_PARAMS
279int
280RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
281{
282 if ((r->dmp1 == NULL && dmp1 == NULL) ||
283 (r->dmq1 == NULL && dmq1 == NULL) ||
284 (r->iqmp == NULL && iqmp == NULL))
285 return 0;
286
287 if (dmp1 != NULL) {
288 BN_free(r->dmp1);
289 r->dmp1 = dmp1;
290 }
291 if (dmq1 != NULL) {
292 BN_free(r->dmq1);
293 r->dmq1 = dmq1;
294 }
295 if (iqmp != NULL) {
296 BN_free(r->iqmp);
297 r->iqmp = iqmp;
298 }
299
300 return 1;
301}
302#endif /* HAVE_RSA_SET0_CRT_PARAMS */
303
304#ifndef HAVE_RSA_GET0_FACTORS
305void
306RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
307{
308 if (p != NULL)
309 *p = r->p;
310 if (q != NULL)
311 *q = r->q;
312}
313#endif /* HAVE_RSA_GET0_FACTORS */
314
315#ifndef HAVE_RSA_SET0_FACTORS
316int
317RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
318{
319 if ((r->p == NULL && p == NULL) || (r->q == NULL && q == NULL))
320 return 0;
321
322 if (p != NULL) {
323 BN_free(r->p);
324 r->p = p;
325 }
326 if (q != NULL) {
327 BN_free(r->q);
328 r->q = q;
329 }
330
331 return 1;
332}
333#endif /* HAVE_RSA_SET0_FACTORS */
334
335#ifndef HAVE_EVP_CIPHER_CTX_GET_IV
336int
337EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len)
338{
339 if (ctx == NULL)
340 return 0;
341 if (EVP_CIPHER_CTX_iv_length(ctx) < 0)
342 return 0;
343 if (len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
344 return 0;
345 if (len > EVP_MAX_IV_LENGTH)
346 return 0; /* sanity check; shouldn't happen */
347 /*
348 * Skip the memcpy entirely when the requested IV length is zero,
349 * since the iv pointer may be NULL or invalid.
350 */
351 if (len != 0) {
352 if (iv == NULL)
353 return 0;
354# ifdef HAVE_EVP_CIPHER_CTX_IV
355 memcpy(iv, EVP_CIPHER_CTX_iv(ctx), len);
356# else
357 memcpy(iv, ctx->iv, len);
358# endif /* HAVE_EVP_CIPHER_CTX_IV */
359 }
360 return 1;
361}
362#endif /* HAVE_EVP_CIPHER_CTX_GET_IV */
363
364#ifndef HAVE_EVP_CIPHER_CTX_SET_IV
365int
366EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx, const unsigned char *iv, size_t len)
367{
368 if (ctx == NULL)
369 return 0;
370 if (EVP_CIPHER_CTX_iv_length(ctx) < 0)
371 return 0;
372 if (len != (size_t)EVP_CIPHER_CTX_iv_length(ctx))
373 return 0;
374 if (len > EVP_MAX_IV_LENGTH)
375 return 0; /* sanity check; shouldn't happen */
376 /*
377 * Skip the memcpy entirely when the requested IV length is zero,
378 * since the iv pointer may be NULL or invalid.
379 */
380 if (len != 0) {
381 if (iv == NULL)
382 return 0;
383# ifdef HAVE_EVP_CIPHER_CTX_IV_NOCONST
384 memcpy(EVP_CIPHER_CTX_iv_noconst(ctx), iv, len);
385# else
386 memcpy(ctx->iv, iv, len);
387# endif /* HAVE_EVP_CIPHER_CTX_IV_NOCONST */
388 }
389 return 1;
390}
391#endif /* HAVE_EVP_CIPHER_CTX_SET_IV */
392
393#ifndef HAVE_DSA_SIG_GET0
394void
395DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
396{
397 if (pr != NULL)
398 *pr = sig->r;
399 if (ps != NULL)
400 *ps = sig->s;
401}
402#endif /* HAVE_DSA_SIG_GET0 */
403
404#ifndef HAVE_DSA_SIG_SET0
405int
406DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
407{
408 if (r == NULL || s == NULL)
409 return 0;
410
411 BN_clear_free(sig->r);
412 sig->r = r;
413 BN_clear_free(sig->s);
414 sig->s = s;
415
416 return 1;
417}
418#endif /* HAVE_DSA_SIG_SET0 */
419
420#ifndef HAVE_ECDSA_SIG_GET0
421void
422ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
423{
424 if (pr != NULL)
425 *pr = sig->r;
426 if (ps != NULL)
427 *ps = sig->s;
428}
429#endif /* HAVE_ECDSA_SIG_GET0 */
430
431#ifndef HAVE_ECDSA_SIG_SET0
432int
433ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
434{
435 if (r == NULL || s == NULL)
436 return 0;
437
438 BN_clear_free(sig->r);
439 BN_clear_free(sig->s);
440 sig->r = r;
441 sig->s = s;
442 return 1;
443}
444#endif /* HAVE_ECDSA_SIG_SET0 */
445
446#ifndef HAVE_DH_GET0_PQG
447void
448DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g)
449{
450 if (p != NULL)
451 *p = dh->p;
452 if (q != NULL)
453 *q = dh->q;
454 if (g != NULL)
455 *g = dh->g;
456}
457#endif /* HAVE_DH_GET0_PQG */
458
459#ifndef HAVE_DH_SET0_PQG
460int
461DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
462{
463 if ((dh->p == NULL && p == NULL) || (dh->g == NULL && g == NULL))
464 return 0;
465
466 if (p != NULL) {
467 BN_free(dh->p);
468 dh->p = p;
469 }
470 if (q != NULL) {
471 BN_free(dh->q);
472 dh->q = q;
473 }
474 if (g != NULL) {
475 BN_free(dh->g);
476 dh->g = g;
477 }
478
479 return 1;
480}
481#endif /* HAVE_DH_SET0_PQG */
482
483#ifndef HAVE_DH_GET0_KEY
484void
485DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
486{
487 if (pub_key != NULL)
488 *pub_key = dh->pub_key;
489 if (priv_key != NULL)
490 *priv_key = dh->priv_key;
491}
492#endif /* HAVE_DH_GET0_KEY */
493
494#ifndef HAVE_DH_SET0_KEY
495int
496DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
497{
498 if (pub_key != NULL) {
499 BN_free(dh->pub_key);
500 dh->pub_key = pub_key;
501 }
502 if (priv_key != NULL) {
503 BN_free(dh->priv_key);
504 dh->priv_key = priv_key;
505 }
506
507 return 1;
508}
509#endif /* HAVE_DH_SET0_KEY */
510
511#ifndef HAVE_DH_SET_LENGTH
512int
513DH_set_length(DH *dh, long length)
514{
515 if (length < 0 || length > INT_MAX)
516 return 0;
517
518 dh->length = length;
519 return 1;
520}
521#endif /* HAVE_DH_SET_LENGTH */
522
523#ifndef HAVE_RSA_METH_FREE
524void
525RSA_meth_free(RSA_METHOD *meth)
526{
527 if (meth != NULL) {
528 free((char *)meth->name);
529 free(meth);
530 }
531}
532#endif /* HAVE_RSA_METH_FREE */
533
534#ifndef HAVE_RSA_METH_DUP
535RSA_METHOD *
536RSA_meth_dup(const RSA_METHOD *meth)
537{
538 RSA_METHOD *copy;
539
540 if ((copy = calloc(1, sizeof(*copy))) == NULL)
541 return NULL;
542 memcpy(copy, meth, sizeof(*copy));
543 if ((copy->name = strdup(meth->name)) == NULL) {
544 free(copy);
545 return NULL;
546 }
547
548 return copy;
549}
550#endif /* HAVE_RSA_METH_DUP */
551
552#ifndef HAVE_RSA_METH_SET1_NAME
553int
554RSA_meth_set1_name(RSA_METHOD *meth, const char *name)
555{
556 char *copy;
557
558 if ((copy = strdup(name)) == NULL)
559 return 0;
560 free((char *)meth->name);
561 meth->name = copy;
562 return 1;
563}
564#endif /* HAVE_RSA_METH_SET1_NAME */
565
566#ifndef HAVE_RSA_METH_GET_FINISH
567int
568(*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa)
569{
570 return meth->finish;
571}
572#endif /* HAVE_RSA_METH_GET_FINISH */
573
574#ifndef HAVE_RSA_METH_SET_PRIV_ENC
575int
576RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen,
577 const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
578{
579 meth->rsa_priv_enc = priv_enc;
580 return 1;
581}
582#endif /* HAVE_RSA_METH_SET_PRIV_ENC */
583
584#ifndef HAVE_RSA_METH_SET_PRIV_DEC
585int
586RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen,
587 const unsigned char *from, unsigned char *to, RSA *rsa, int padding))
588{
589 meth->rsa_priv_dec = priv_dec;
590 return 1;
591}
592#endif /* HAVE_RSA_METH_SET_PRIV_DEC */
593
594#ifndef HAVE_RSA_METH_SET_FINISH
595int
596RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa))
597{
598 meth->finish = finish;
599 return 1;
600}
601#endif /* HAVE_RSA_METH_SET_FINISH */
602
603#ifndef HAVE_EVP_PKEY_GET0_RSA
604RSA *
605EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
606{
607 if (pkey->type != EVP_PKEY_RSA) {
608 /* EVPerror(EVP_R_EXPECTING_AN_RSA_KEY); */
609 return NULL;
610 }
611 return pkey->pkey.rsa;
612}
613#endif /* HAVE_EVP_PKEY_GET0_RSA */
614
615#ifndef HAVE_EVP_MD_CTX_NEW
616EVP_MD_CTX *
617EVP_MD_CTX_new(void)
618{
619 return calloc(1, sizeof(EVP_MD_CTX));
620}
621#endif /* HAVE_EVP_MD_CTX_NEW */
622
623#ifndef HAVE_EVP_MD_CTX_FREE
624void
625EVP_MD_CTX_free(EVP_MD_CTX *ctx)
626{
627 if (ctx == NULL)
628 return;
629
630 EVP_MD_CTX_cleanup(ctx);
631
632 free(ctx);
633}
634#endif /* HAVE_EVP_MD_CTX_FREE */
635
636#endif /* WITH_OPENSSL */
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 259fccbec..8b4a36274 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -75,7 +75,13 @@ ssh_OpenSSL_add_all_algorithms(void)
75 /* Enable use of crypto hardware */ 75 /* Enable use of crypto hardware */
76 ENGINE_load_builtin_engines(); 76 ENGINE_load_builtin_engines();
77 ENGINE_register_all_complete(); 77 ENGINE_register_all_complete();
78
79#if OPENSSL_VERSION_NUMBER < 0x10001000L
78 OPENSSL_config(NULL); 80 OPENSSL_config(NULL);
81#else
82 OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
83 OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL);
84#endif
79} 85}
80#endif 86#endif
81 87
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 2ae42bacf..9e0264c04 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -24,6 +24,8 @@
24#include <openssl/evp.h> 24#include <openssl/evp.h>
25#include <openssl/rsa.h> 25#include <openssl/rsa.h>
26#include <openssl/dsa.h> 26#include <openssl/dsa.h>
27#include <openssl/ecdsa.h>
28#include <openssl/dh.h>
27 29
28int ssh_compatible_openssl(long, long); 30int ssh_compatible_openssl(long, long);
29 31
@@ -96,5 +98,139 @@ void ssh_OpenSSL_add_all_algorithms(void);
96 98
97#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ 99#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
98 100
101/* LibreSSL/OpenSSL 1.1x API compat */
102#ifndef HAVE_DSA_GET0_PQG
103void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q,
104 const BIGNUM **g);
105#endif /* HAVE_DSA_GET0_PQG */
106
107#ifndef HAVE_DSA_SET0_PQG
108int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g);
109#endif /* HAVE_DSA_SET0_PQG */
110
111#ifndef HAVE_DSA_GET0_KEY
112void DSA_get0_key(const DSA *d, const BIGNUM **pub_key,
113 const BIGNUM **priv_key);
114#endif /* HAVE_DSA_GET0_KEY */
115
116#ifndef HAVE_DSA_SET0_KEY
117int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key);
118#endif /* HAVE_DSA_SET0_KEY */
119
120#ifndef HAVE_EVP_CIPHER_CTX_GET_IV
121int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx,
122 unsigned char *iv, size_t len);
123#endif /* HAVE_EVP_CIPHER_CTX_GET_IV */
124
125#ifndef HAVE_EVP_CIPHER_CTX_SET_IV
126int EVP_CIPHER_CTX_set_iv(EVP_CIPHER_CTX *ctx,
127 const unsigned char *iv, size_t len);
128#endif /* HAVE_EVP_CIPHER_CTX_SET_IV */
129
130#ifndef HAVE_RSA_GET0_KEY
131void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e,
132 const BIGNUM **d);
133#endif /* HAVE_RSA_GET0_KEY */
134
135#ifndef HAVE_RSA_SET0_KEY
136int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
137#endif /* HAVE_RSA_SET0_KEY */
138
139#ifndef HAVE_RSA_GET0_CRT_PARAMS
140void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1,
141 const BIGNUM **iqmp);
142#endif /* HAVE_RSA_GET0_CRT_PARAMS */
143
144#ifndef HAVE_RSA_SET0_CRT_PARAMS
145int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
146#endif /* HAVE_RSA_SET0_CRT_PARAMS */
147
148#ifndef HAVE_RSA_GET0_FACTORS
149void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
150#endif /* HAVE_RSA_GET0_FACTORS */
151
152#ifndef HAVE_RSA_SET0_FACTORS
153int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
154#endif /* HAVE_RSA_SET0_FACTORS */
155
156#ifndef DSA_SIG_GET0
157void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
158#endif /* DSA_SIG_GET0 */
159
160#ifndef DSA_SIG_SET0
161int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s);
162#endif /* DSA_SIG_SET0 */
163
164#ifndef HAVE_ECDSA_SIG_GET0
165void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
166#endif /* HAVE_ECDSA_SIG_GET0 */
167
168#ifndef HAVE_ECDSA_SIG_SET0
169int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
170#endif /* HAVE_ECDSA_SIG_SET0 */
171
172#ifndef HAVE_DH_GET0_PQG
173void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q,
174 const BIGNUM **g);
175#endif /* HAVE_DH_GET0_PQG */
176
177#ifndef HAVE_DH_SET0_PQG
178int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
179#endif /* HAVE_DH_SET0_PQG */
180
181#ifndef HAVE_DH_GET0_KEY
182void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
183#endif /* HAVE_DH_GET0_KEY */
184
185#ifndef HAVE_DH_SET0_KEY
186int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
187#endif /* HAVE_DH_SET0_KEY */
188
189#ifndef HAVE_DH_SET_LENGTH
190int DH_set_length(DH *dh, long length);
191#endif /* HAVE_DH_SET_LENGTH */
192
193#ifndef HAVE_RSA_METH_FREE
194void RSA_meth_free(RSA_METHOD *meth);
195#endif /* HAVE_RSA_METH_FREE */
196
197#ifndef HAVE_RSA_METH_DUP
198RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth);
199#endif /* HAVE_RSA_METH_DUP */
200
201#ifndef HAVE_RSA_METH_SET1_NAME
202int RSA_meth_set1_name(RSA_METHOD *meth, const char *name);
203#endif /* HAVE_RSA_METH_SET1_NAME */
204
205#ifndef HAVE_RSA_METH_GET_FINISH
206int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa);
207#endif /* HAVE_RSA_METH_GET_FINISH */
208
209#ifndef HAVE_RSA_METH_SET_PRIV_ENC
210int RSA_meth_set_priv_enc(RSA_METHOD *meth, int (*priv_enc)(int flen,
211 const unsigned char *from, unsigned char *to, RSA *rsa, int padding));
212#endif /* HAVE_RSA_METH_SET_PRIV_ENC */
213
214#ifndef HAVE_RSA_METH_SET_PRIV_DEC
215int RSA_meth_set_priv_dec(RSA_METHOD *meth, int (*priv_dec)(int flen,
216 const unsigned char *from, unsigned char *to, RSA *rsa, int padding));
217#endif /* HAVE_RSA_METH_SET_PRIV_DEC */
218
219#ifndef HAVE_RSA_METH_SET_FINISH
220int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish)(RSA *rsa));
221#endif /* HAVE_RSA_METH_SET_FINISH */
222
223#ifndef HAVE_EVP_PKEY_GET0_RSA
224RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
225#endif /* HAVE_EVP_PKEY_GET0_RSA */
226
227#ifndef HAVE_EVP_MD_CTX_new
228EVP_MD_CTX *EVP_MD_CTX_new(void);
229#endif /* HAVE_EVP_MD_CTX_new */
230
231#ifndef HAVE_EVP_MD_CTX_free
232void EVP_MD_CTX_free(EVP_MD_CTX *ctx);
233#endif /* HAVE_EVP_MD_CTX_free */
234
99#endif /* WITH_OPENSSL */ 235#endif /* WITH_OPENSSL */
100#endif /* _OPENSSL_COMPAT_H */ 236#endif /* _OPENSSL_COMPAT_H */
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index 8c5325cc3..622988822 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -26,6 +26,7 @@
26#include <stdarg.h> 26#include <stdarg.h>
27#include <string.h> 27#include <string.h>
28#include <stdio.h> 28#include <stdio.h>
29#include <stdlib.h>
29 30
30#include "log.h" 31#include "log.h"
31#include "xmalloc.h" 32#include "xmalloc.h"
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index 9edb1b481..132213131 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -60,6 +60,9 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
60 /* Just use the supplied fake password if authctxt is invalid */ 60 /* Just use the supplied fake password if authctxt is invalid */
61 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; 61 char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
62 62
63 if (pw_password == NULL)
64 return 0;
65
63 /* Check for users with no password. */ 66 /* Check for users with no password. */
64 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) 67 if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
65 return (1); 68 return (1);
diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
index 2b15c6e00..dbd1a95a0 100644
--- a/openbsd-compat/setproctitle.c
+++ b/openbsd-compat/setproctitle.c
@@ -125,7 +125,7 @@ setproctitle(const char *fmt, ...)
125#if SPT_TYPE != SPT_NONE 125#if SPT_TYPE != SPT_NONE
126 va_list ap; 126 va_list ap;
127 char buf[1024], ptitle[1024]; 127 char buf[1024], ptitle[1024];
128 size_t len; 128 size_t len = 0;
129 int r; 129 int r;
130 extern char *__progname; 130 extern char *__progname;
131#if SPT_TYPE == SPT_PSTAT 131#if SPT_TYPE == SPT_PSTAT
diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c
index c9c6283cc..360b187af 100644
--- a/openbsd-compat/xcrypt.c
+++ b/openbsd-compat/xcrypt.c
@@ -82,7 +82,8 @@ pick_salt(void)
82 strlcpy(salt, "xx", sizeof(salt)); 82 strlcpy(salt, "xx", sizeof(salt));
83 setpwent(); 83 setpwent();
84 while ((pw = getpwent()) != NULL) { 84 while ((pw = getpwent()) != NULL) {
85 passwd = shadow_pw(pw); 85 if ((passwd = shadow_pw(pw)) == NULL)
86 continue;
86 if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) { 87 if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) {
87 typelen = p - passwd + 1; 88 typelen = p - passwd + 1;
88 strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); 89 strlcpy(salt, passwd, MIN(typelen, sizeof(salt)));