search for: evptyp

Hi, the following patch to cipher.c enables OpenSSH 3.9.1 to compile on IRIX 5.3 with the native IDO cc: --- cipher.c.orig 2004-10-17 12:04:10.000000000 +0200 +++ cipher.c 2004-10-17 13:43:22.000000000 +0200 @@ -76,15 +76,15 @@ u_int key_len; const EVP_CIPHER *(*evptype)(void); } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, + { "none", SSH_CIPHER_NONE, 8, 0, (const EVP_CIPHER *(*)(void)) EVP_enc_nul...

...;/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DSSH_RAND_HELPER=\"/usr/local/libexec/ssh-rand-helper\" -DHAVE_CONFIG_H -c cipher.c cc: Warning: cipher.c, line 65: In the initializer for ciphers[0].evptype, the referenced type of the pointer value "EVP_enc_null" is "function () returning pointer to struct evp_cipher_st", which is not compatible with "function () returning pointer to const struct evp_cipher_st". (ptrmismatch) { "none",...

...alization from incompatible pointer type cipher.c:76: warning: initialization from incompatible pointer type cipher.c:84: error: `EVP_aes_128_cbc' undeclared here (not in a function) cipher.c:84: error: initializer element is not constant cipher.c:84: error: (near initialization for `ciphers[8].evptype') cipher.c:84: error: initializer element is not constant cipher.c:84: error: (near initialization for `ciphers[8]') cipher.c:85: error: `EVP_aes_192_cbc' undeclared here (not in a function) cipher.c:85: error: initializer element is not constant cipher.c:85: error: (near initializatio...

...----- ------------^ cfe: Warning 709: cipher.c, line 73: Incompatible pointer type assignment { "arcfour", -3 , 8, 16, EVP_rc4 }, ------------- ------------^ cfe: Error: cipher.c, line 706: Unacceptable operand of == or != if (c->evptype == EVP_rc4) { ---------------^ cfe: Error: cipher.c, line 721: Unacceptable operand of == or != if (c->evptype == EVP_rc4) { ---------------^ make: *** [cipher.o] Error 1

...nSSL's version will use AES-NI if available. Just FYI, unfortunately I cannot prepare nice and clean patch for this right now, but changing all evp_aes_128_ctr to EVP_aes_128_ctr, EVP_aes_192_ctr and EVP_aes_256_ctr respectively in ciphers[] array just works (thanks to the fact that 'c->evptype == evp_aes_128_ctr' is no longer true and IV is taken from cc->evp.iv).. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl -------------- nex...

...++ cipher.c 20 Nov 2005 02:22:41 -0000 @@ -334,7 +334,7 @@ cipher_get_keyiv(CipherContext *cc, u_ch if ((u_int)evplen != len) fatal("%s: wrong iv length %d != %d", __func__, evplen, len); -#if OPENSSL_VERSION_NUMBER < 0x00907000L +#ifdef USE_BUILTIN_RIJNDAEL if (c->evptype == evp_rijndael) ssh_rijndael_iv(&cc->evp, 0, iv, len); else @@ -365,7 +365,7 @@ cipher_set_keyiv(CipherContext *cc, u_ch evplen = EVP_CIPHER_CTX_iv_length(&cc->evp); if (evplen == 0) return; -#if OPENSSL_VERSION_NUMBER < 0x00907000L +#ifdef USE_BUILTIN_RIJNDAEL...

These two functions in cipher.c (I have looked at openssh5.8p1 & openssh5.9p1) copy the internal cryptographic state of an OpenSSL RC4 encryption/decryption context using simple memcpy(). This code also copies the state when evptype is EVP_acss, which I am unfamiliar with. This code appears to works fine when using the builtin crypto of OpenSSL 1.0.0d. However, I have been doing some work to make OpenSSH use alternative crypto engines and it appears to me that this code may not work correctly when using an OpenSSL engine. T...

When compiling the software it breaks with an error on the cipher.c file. Lot's of warnings and error of undeclared stuff. Snippet follows: gcc -g -O2 -Wall -Wpointer-arith -Wno-uninitialized -I. -I. -I/usr/local/ssl/include -Iyes -I/usr/local/include -DSSHDIR=\"/etc\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\"

http://bugzilla.mindrot.org/show_bug.cgi?id=138 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vjo at dulug.duke.edu ------- Additional Comments From mouring at eviladmin.org 2002-03-08 04:49 ------- *** Bug 139 has been

http://bugzilla.mindrot.org/show_bug.cgi?id=877 Summary: ssh 3.8.1p1 client cannot disable encryption with "-c none" Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

...ot;xmalloc.h" #include "log.h" #include "cipher.h" +#include "fips.h" /* compatibility with old or broken OpenSSL versions */ #include "openbsd-compat/openssl-compat.h" @@ -64,30 +65,31 @@ u_int key_len; u_int discard_len; const EVP_CIPHER *(*evptype)(void); + u_int fips_allowed; } ciphers[] = { - { "none", SSH_CIPHER_NONE, 8, 0, 0, EVP_enc_null }, - { "des", SSH_CIPHER_DES, 8, 8, 0, EVP_des_cbc }, - { "3des", SSH_CIPHER_3DES, 8, 16, 0, evp_ssh1_3des }, - { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32,...