search for: err_load_crypto_strings

OpenSSL 1.1.0 has deprecated this function. --- configure.ac | 1 + openbsd-compat/openssl-compat.c | 2 ++ openbsd-compat/openssl-compat.h | 4 ++++ 3 files changed, 7 insertions(+) diff --git a/configure.ac b/configure.ac index 3f7fe2cd..db2aade8 100644 --- a/configure.ac +++ b/configure.ac @@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then ])

...+ else if (getenv("OPENSSH_NO_FIPS")) { /* !env OPENSSH_NO_FIPS */ + fips_mode = 0; + } + else if (options.fips_mode == 0) { /* ssh_config options */ + fips_mode = 0; + } + } + if(fips_mode) + { + if(!FIPS_mode_set(1)) + { + ERR_load_crypto_strings(); + ERR_print_errors_fp(stderr); + exit(1); + } + else + fprintf(stderr,"*** IN FIPS MODE ***\n"); + } +#endif if (options.user == NULL) options.user = xstrdup(pw->pw_name);

...to ssh.c is appended. -- Joseph *** ssh.old.c Mon Feb 19 05:51:08 2001 --- ssh.c Mon Apr 30 08:38:33 2001 *************** *** 498,505 **** } /* Check that we got a host name. */ if (!host) ! usage(); SSLeay_add_all_algorithms(); ERR_load_crypto_strings(); --- 499,512 ---- } /* Check that we got a host name. */ + /* TJWL */ if (!host) ! { ! if ( strcmp(av[0], "ssh") == 0 ) ! usage(); ! else ! host = av[0]; ! } SSLeay_add_all_algorithms...

...erence to `socket' s_socket.o(.text+0xa4): undefined reference to `setsockopt' s_socket.o(.text+0xf4): undefined reference to `connect' s_socket.o: In function `init_server': [...] rand_egd.o(.text+0x78): undefined reference to `connect' ../libcrypto.a(err_all.o): In function `ERR_load_crypto_strings': err_all.o(.text+0x40): undefined reference to `ERR_load_RSAREF_strings' *** Error code 1 make: Fatal error: Command failed for target `openssl' Current working directory /space/local/src/redhat/BUILD/openssl-0.9.5/apps *** Error code 1 make: Fatal error: Command failed for target `all...

...o.c:538: dereferencing pointer to incomplete type res_crypto.c:542: dereferencing pointer to incomplete type res_crypto.c: In function `crypto_init': res_crypto.c:596: warning: implicit declaration of function `SSL_library_init' res_crypto.c:597: warning: implicit declaration of function `ERR_load_crypto_strings' res_crypto.c: In function `init_keys': res_crypto.c:531: warning: `kn' might be used uninitialized in this function make[1]: *** [res_crypto.o] Error 1 make[1]: Leaving directory `/usr/src/asterisk/res' make: *** [subdirs] Error 1 Thanks, Nicholas Ruddick

Hi all, attached is a patch that enables using hardware crypto accelerators available through OpenSSL library for SSH operations. Especially in ssh/sshd it can bring a significant speed improvement. OTOH if no crypto engine is available, nothing bad happens and default software crypto routines are used. This patch is used in SUSE Linux OpenSSH package and proved to work (at least it didn't

I'm trying to compile the last * CVS version and I got this error: gcc -pipe -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -g -Iinclude -I../include -D_REENTRANT -D_GNU_SOURCE -O6 -march=i686 -DZAPTEL_OPTIMIZATIONS -DASTERISK_VERSION=\"CVS-09/10/03-18:47:18\" -DINSTALL_PREFIX=\"\" -DASTETCDIR=\"/etc/asterisk\"

.... yes checking for openssl/err.h... yes checking for openssl/rand.h... yes checking for openssl/ocsp.h... yes checking for openssl/core_names.h... no checking for openssl/x509v3.h... yes checking for HMAC_CTX_reset... yes checking for HMAC_CTX_new... yes checking for EVP_cleanup... yes checking for ERR_load_crypto_strings... yes checking for OPENSSL_init_crypto... yes checking for CRYPTO_memcmp... yes checking for EC_KEY_new_by_curve_name... yes checking for EVP_MAC_CTX_new... no checking for EVP_MAC_CTX_set_params... no checking for EVP_MAC_CTX_get_mac_size... no checking for SHA1_Init... yes checking for ASN1_STRI...

Hey, Recently, the FIDO alliance announced U2F [1], and Google announced that it supports U2F tokens (?security keys?) for Google accounts [2]. As the spec is not a very short read, I gave a presentation last week about U2F which may be a good quick introduction to the details [3]. For the rest of this mail, I?ll assume that you read either my presentation or the spec, but feel free to post any

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

...509_get_ext_count' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_idea_cbc' /usr/local/ssl/lib/libssl.so: undefined reference to `EVP_des_ede3_cbc' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_STORE_free' /usr/local/ssl/lib/libssl.so: undefined reference to `ERR_load_crypto_strings' /usr/local/ssl/lib/libssl.so: undefined reference to `BUF_MEM_grow' /usr/local/ssl/lib/libssl.so: undefined reference to `lh_insert' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_STORE_load_locations' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_NAME_free...

...gress/unittests/sshkey/tests.c b/regress/unittests/sshkey/tests.c index 13f265c..b1baf12 100644 --- a/regress/unittests/sshkey/tests.c +++ b/regress/unittests/sshkey/tests.c @@ -18,8 +18,10 @@ void sshkey_fuzz_tests(void); void tests(void) { +#ifdef WITH_OPENSSL OpenSSL_add_all_algorithms(); ERR_load_CRYPTO_strings(); +#endif sshkey_tests(); sshkey_file_tests(); diff --git a/regress/unittests/test_helper/test_helper.c b/regress/unittests/test_helper/test_helper.c index 26ca26b..8bd9e0f 100644 --- a/regress/unittests/test_helper/test_helper.c +++ b/regress/unittests/test_helper/test_helper.c @@ -248,6 +2...

Dear all, NSD 4.12.0rc1 pre-release is available: https://nlnetlabs.nl/downloads/nsd/nsd-4.12.0rc1.tar.gz sha256 b9085a3fd08b8318ac30715faf1c7698099781eb3520253774a46f74386342e9 pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.12.0rc1.tar.gz.asc This release introduces Prometheus metrics that can be compiled with `--enable-prometheus-metrics` and configured with `enable-metrics` (see

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

Hi, OpenSSH 6.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is