From 4edb6872515344a0b137fe835ea7f76dcb0325ad Mon Sep 17 00:00:00 2001 From: Philip Hands Date: Sun, 9 Feb 2014 16:10:14 +0000 Subject: Disable OpenSSL version check OpenSSL's SONAME is sufficient nowadays. Author: Colin Watson Bug-Debian: http://bugs.debian.org/93581 Bug-Debian: http://bugs.debian.org/664383 Forwarded: not-needed Last-Update: 2013-12-23 Patch-Name: no-openssl-version-check.patch --- entropy.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/entropy.c b/entropy.c index 2d483b3..2aee2d9 100644 --- a/entropy.c +++ b/entropy.c @@ -209,18 +209,6 @@ seed_rng(void) #ifndef OPENSSL_PRNG_ONLY unsigned char buf[RANDOM_SEED_SIZE]; #endif - /* - * OpenSSL version numbers: MNNFFPPS: major minor fix patch status - * We match major, minor, fix and status (not patch) for <1.0.0. - * After that, we acceptable compatible fix versions (so we - * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed - * within a patch series. - */ - u_long version_mask = SSLeay() >= 0x1000000f ? ~0xffff0L : ~0xff0L; - if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) || - (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12)) - fatal("OpenSSL version mismatch. Built against %lx, you " - "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); #ifndef OPENSSL_PRNG_ONLY if (RAND_status() == 1) {