summaryrefslogtreecommitdiff
path: root/openbsd-compat/openssl-compat.h
AgeCommit message (Collapse)Author
2018-11-16Fix check for OpenSSL 1.0.1 exactly.Darren Tucker
Both INSTALL and configure.ac claim OpenSSL >= 1.0.1 is supported; fix compile-time check for 1.0.1 to match.
2018-11-09fix compilation with openssl built without ECCEneas U de Queiroz
ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be guarded by OPENSSL_HAS_ECC Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
2018-10-28Update check for minimum OpenSSL version.Darren Tucker
2018-10-28Use detected version functions in openssl compat.Darren Tucker
Use detected functions in compat layer instead of guessing based on versions. Really fixes builds with LibreSSL, not just configure.
2018-10-26fix builds on OpenSSL <= 1.0.xDamien Miller
I thought OpenSSL 1.0.x offered the new-style OpenSSL_version_num() API to obtain version number, but they don't.
2018-09-13adapt -portable to OpenSSL 1.1x APIDamien Miller
Polyfill missing API with replacement functions extracted from LibreSSL
2016-10-28Move OPENSSL_NO_RIPEMD160 to compat.Darren Tucker
Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the ripemd160 MACs.
2016-08-17Remove obsolete CVS $Id from source files.Darren Tucker
Since -portable switched to git the CVS $Id tags are no longer being updated and are becoming increasingly misleading. Remove them.
2015-01-15support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] add include guardDamien Miller
2014-08-30 - (djm) [openbsd-compat/openssl-compat.h] addDamien Miller
OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
2014-07-21- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bitsDarren Tucker
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2014-06-17 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}Darren Tucker
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] Move the OpenSSL header/library version test into its own function and add tests for it. Fix it to allow fix version upgrades (but not downgrades). Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). ok djm@ chl@
2014-02-13 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compatDarren Tucker
code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
2014-01-17 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.cDarren Tucker
openbsd-compat/openssl-compat.h] Add compatibility layer for older openssl versions. ok djm@
2013-02-12 - djm@cvs.openbsd.org 2013/01/26 06:11:05Damien Miller
[Makefile.in acss.c acss.h cipher-acss.c cipher.c] [openbsd-compat/openssl-compat.h] remove ACSS, now that it is gone from libcrypto too
2013-02-11 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on oldDamien Miller
libcrypto that lacks EVP_CIPHER_CTX_ctrl
2013-01-20 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h]Damien Miller
Move prototypes for replacement ciphers to openssl-compat.h; fix EVP prototypes for openssl-1.0.0-fips.
2013-01-09 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]Damien Miller
Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little cipher compat code to openssl-compat.h
2012-01-17 - (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] AddDarren Tucker
null implementation of HMAC_CTX_init for the benefit of old versions of OpenSSL that don't have it.
2011-05-10 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fixDarren Tucker
--with-ssl-engine which was broken with the change from deprecated SSLeay_add_all_algorithms(). ok djm
2011-01-22 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
RSA_get_default_method() for the benefit of openssl versions that don't have it (at least openssl-engine-0.9.6b). Found and tested by Kevin Brott, ok djm@.
2010-12-04 - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
shims for the new, non-deprecated OpenSSL key generation functions for platforms that don't have the new interfaces.
2010-10-07 - djm@cvs.openbsd.org 2010/10/01 23:05:32Damien Miller
[cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h] adapt to API changes in openssl-1.0.0a NB. contains compat code to select correct API for older OpenSSL
2010-05-12 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on olderDamien Miller
libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't already. ok dtucker@
2009-03-07 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]Darren Tucker
EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg in openssl 0.9.6) so add an explicit test for it.
2009-03-07 - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] AddDarren Tucker
EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c to use them. Allows building with older OpenSSL versions.
2008-02-28 - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSLDarren Tucker
compat glue into openssl-compat.h.
2008-02-28 - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.cDarren Tucker
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat header to after OpenSSL headers, since some versions of OpenSSL have SSLeay_add_all_algorithms as a macro already.
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definitionDarren Tucker
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the subsequent <0.9.7 test.
2007-06-14 - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAELDarren Tucker
sections. Fixes builds with early OpenSSL 0.9.6 versions.
2007-06-14 - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move theDarren Tucker
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be shared with umac.c. Allows building with OpenSSL 0.9.5 again including umac support. With tim@ djm@, ok djm.
2007-03-05 - (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around aDarren Tucker
bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256 ciphers from working correctly (disconnects with "Bad packet length" errors) as found by Ben Harris. ok djm@
2006-02-22 - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: onlyDarren Tucker
compile in compat code if required.
2006-02-22 - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning aboutDarren Tucker
redefinition of SSLeay_add_all_algorithms.
2006-02-20 - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]Darren Tucker
Add optional enabling of OpenSSL's (hardware) Engine support, via configure --with-ssl-engine. Based in part on a diff by michal at logix.cz.
2005-12-19 - (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.acDarren Tucker
openbsd-compat/openssl-compat.h] Check for and work around broken AES ciphers >128bit on (some) Solaris 10 systems. ok djm@
2005-11-20 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining whatDarren Tucker
is going on.
2005-06-09 - (dtucker) [cipher.c openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/openbsd-compat.{c,h} openbsd-compat/openssl-compat.h] Move compatibility code for supporting older OpenSSL versions to the compat layer. Suggested by and "no objection" djm@