From d23a91ffb289d3553a58b7a60cec39fba9f0f506 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Fri, 17 Jan 2014 17:32:30 +1100
Subject:  - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c  
  openbsd-compat/openssl-compat.h]  Add compatibility layer for older   
 openssl versions.  ok djm@

---
 ChangeLog                       |  3 +++
 configure.ac                    |  8 ++++++--
 digest.c                        |  2 ++
 openbsd-compat/openssl-compat.c | 30 +++++++++++++++++++++++++++++-
 openbsd-compat/openssl-compat.h | 18 +++++++++++++++++-
 5 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 1bf7e0dca..be044b947 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,9 @@
    [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
    using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
    Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
+ - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
+   openbsd-compat/openssl-compat.h]  Add compatibility layer for older
+   openssl versions.  ok djm@
 
 20140118
  - (djm) OpenBSD CVS Sync
diff --git a/configure.ac b/configure.ac
index f14e177fc..2ac3afa38 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.550 2014/01/17 05:47:04 djm Exp $
+# $Id: configure.ac,v 1.551 2014/01/17 06:32:30 dtucker Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.550 $)
+AC_REVISION($Revision: 1.551 $)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
@@ -2357,6 +2357,10 @@ AC_LINK_IFELSE(
 AC_CHECK_FUNCS([ \
 	BN_is_prime_ex \
 	DSA_generate_parameters_ex \
+	EVP_DigestInit_ex \
+	EVP_DigestFinal_ex \
+	EVP_MD_CTX_init \
+	EVP_MD_CTX_cleanup \
 	HMAC_CTX_init \
 	RSA_generate_key_ex \
 	RSA_get_default_method \
diff --git a/digest.c b/digest.c
index 7d7f73579..d6004e7de 100644
--- a/digest.c
+++ b/digest.c
@@ -24,6 +24,8 @@
 
 #include <openssl/evp.h>
 
+#include "openbsd-compat/openssl-compat.h"
+
 #include "buffer.h"
 #include "digest.h"
 
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 5189cab61..52c7183f1 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
+/* $Id: openssl-compat.c,v 1.15 2014/01/17 06:32:31 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -59,6 +59,34 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
 }
 #endif
 
+#ifndef HAVE_EVP_DIGESTINIT_EX
+int
+EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, void *engine)
+{
+	if (engine != NULL)
+		fatal("%s: ENGINE is not supported", __func__);
+# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
+	EVP_DigestInit(ctx, md);
+	return 1;
+# else
+	return EVP_DigestInit(ctx, md);
+# endif
+}
+#endif
+
+#ifndef HAVE_EVP_DISESTFINAL_EX
+int
+EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s)
+{
+# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
+	EVP_DigestFinal(ctx, md, s);
+	return 1;
+# else
+	return EVP_DigestFinal(ctx, md, s);
+# endif
+}
+#endif
+
 #ifdef OPENSSL_EVP_DIGESTUPDATE_VOID
 int
 ssh_EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt)
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index e7439b4e7..021ea98f5 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.24 2013/02/12 00:00:40 djm Exp $ */
+/* $Id: openssl-compat.h,v 1.25 2014/01/17 06:32:31 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -148,6 +148,14 @@ int DSA_generate_parameters_ex(DSA *, int, const unsigned char *, int, int *,
 int RSA_generate_key_ex(RSA *, int, BIGNUM *, void *);
 # endif
 
+# ifndef HAVE_EVP_DIGESTINIT_EX
+int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, void *);
+# endif
+
+# ifndef HAVE_EVP_DISESTFINAL_EX
+int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *);
+# endif
+
 int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
     unsigned char *, int);
 int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
@@ -158,5 +166,13 @@ void ssh_OpenSSL_add_all_algorithms(void);
 #  define HMAC_CTX_init(a)
 # endif
 
+# ifndef HAVE_EVP_MD_CTX_INIT
+#  define EVP_MD_CTX_init(a)
+# endif
+
+# ifndef HAVE_EVP_MD_CTX_CLEANUP
+#  define EVP_MD_CTX_cleanup(a)
+# endif
+
 #endif	/* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
 
-- 
cgit v1.2.3