search for: openssl_version_number

...ble. In general I think the best approach would be for feature checks, e.g. in autoconf. (I wish there was some common m4 file shared between projects that people could use for this..) In the absence of this, it seems a better idea to check at the places where #ifdefs are done rather than override OPENSSL_VERSION_NUMBER locally. I don't think carrying patches like this separately is all that good an idea - people may well compile things on their own and not know about the problem. If the build fails that's not so bad, but the silent miscompile we see here is pretty nasty. --- src/lib-dcrypt/dcrypt-opens...

On Fri, 12 Oct 2018, Jakub Jelen wrote: > Something like this can be used to properly initialize new OpenSSL > versions: > > @@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, long libver) > void > ssh_OpenSSL_add_all_algorithms(void) > { > +#if OPENSSL_VERSION_NUMBER < 0x10100000L > OpenSSL_add_all_algorithms(); > > /* Enable use of crypto hardware */ > ENGINE_load_builtin_engines(); > +#if OPENSSL_VERSION_NUMBER < 0x10001000L > ENGINE_register_all_complete(); > +#endif > OPENSSL_config(NULL); > +#else > + OPENSSL...

...;>> >>>>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>>>> After doing some testing by myself, I noticed that libressl, for >>>>>> some >>>>>> unknown reason, defines >>>>>> >>>>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>>>> >>>>>> No idea why they decided to advertise that they are OpenSSL >>>>>> v2.0.0. A >>>>>> local fix, if you need one, is to use >>>>>> >>>>>> #if OPENSSL_VERSION_NUMBER =...

Hi Xiph.org Team. We are using opusfile library <https://github.com/xiph/opusfile> for streaming *.opus* audio in our projects. But now we have a problem with building opusfile library for android with *ndk-build*. In particular, with arm64-v8a platform: Google removed <sys/timeb.h> from android. And now building opusfile with nkd-build crashes with error "fatal error:

...e patch attached which I think catches them all where needed. Note the word think. It certainly appears to be working anyway with it. On 11/02/2016 04:07 AM, Aki Tuomi wrote: > After doing some testing by myself, I noticed that libressl, for some > unknown reason, defines > > #define OPENSSL_VERSION_NUMBER 0x20000000L > > No idea why they decided to advertise that they are OpenSSL v2.0.0. A > local fix, if you need one, is to use > > #if OPENSSL_VERSION_NUMBER == 0x20000000L > #define OPENSSL_VERSION_NUMBER 0x1000100L > #endif > > in dcrypt-openssl.c after includes. >...

...================= RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/cipher-aes.c,v retrieving revision 1.4 diff -u -p -r1.4 cipher-aes.c --- cipher-aes.c 9 Dec 2003 08:05:43 -0000 1.4 +++ cipher-aes.c 20 Nov 2005 02:39:30 -0000 @@ -23,7 +23,11 @@ */ #include "includes.h" -#if OPENSSL_VERSION_NUMBER < 0x00907000L + +/* compatibility with old or broken OpenSSL versions */ +#include "openbsd-compat/openssl-compat.h" + +#ifdef USE_BUILTIN_RIJNDAEL RCSID("$OpenBSD: cipher-aes.c,v 1.2 2003/11/26 21:44:29 djm Exp $"); #include <openssl/evp.h> @@ -31,10 +35,6 @@ RCSID...

...e the word think. >> >> It certainly appears to be working anyway with it. >> >> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>> After doing some testing by myself, I noticed that libressl, for some >>> unknown reason, defines >>> >>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>> >>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>> local fix, if you need one, is to use >>> >>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>> #define OPENSSL_VERSION_NUMBER 0x1000100L >>> #...

>openssl version Libressl 2.4.4 Patch for dovecot: perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-dcrypt/dcrypt-openssl.c; perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-ssl-iostream/dovecot-openssl-common.c; perl -i -ple 's/^(#if OPEN...

Hi! Those are used if #if OPENSSL_VERSION_NUMBER >= 0x10100000L So (your) libressl is providing this define. We compile our code using GCC and CLANG regularly, with OpenSSL v1.0.x which is the currently officially supported one. Aki On 02.11.2016 12:34, Ruga wrote: > dovecot 2.2.26.0 uses the following functions, which are not availab...

...gt;>> It certainly appears to be working anyway with it. >>> >>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>> After doing some testing by myself, I noticed that libressl, for some >>>> unknown reason, defines >>>> >>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>> >>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>> local fix, if you need one, is to use >>>> >>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>> #define OPENSSL_VERSION_NUMBER 0x10...

...indrot.org> To: Iain Morgan <Iain.Morgan at nasa.gov> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Thu, 17 Jan 2013, Iain Morgan wrote: > > Could you tell me the declaration of the function pointer do_cipher in > > OpenSSL's evp.h on your system and the the OPENSSL_VERSION_NUMBER from > > opensslv.h? > > % grep -A1 do_cipher /usr/include/openssl/evp.h > int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, > const unsigned char *in, size_t inl);/* encrypt/decrypt data */ > > % grep OPENSSL_VERSION_NUMBER /usr/include/openssl/opensslv.h &gt...

No response yet, so resending. -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords ---------- Forwarded message ---------- Date: Fri, 12 Oct 2001 09:44:54 +0300 (EEST) From: Pekka Savola <pekkas at netcore.fi> To: Damien Miller

...et_crypto_params(ssl_ctx, set); SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); + return xnames; +} + +static void +ssl_proxy_ctx_set_crypto_params(SSL_CTX *ssl_ctx, + const struct master_service_ssl_settings *set) +{ +#if !defined(OPENSSL_NO_ECDH) && OPENSSL_VERSION_NUMBER >= 0x10000000L && OPENSSL_VERSION_NUMBER < 0x10002000L + EC_KEY *ecdh; + int nid; + const char *curve_name; +#endif if (SSL_CTX_need_tmp_RSA(ssl_ctx)) SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key); SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback); - return xna...

After doing some testing by myself, I noticed that libressl, for some unknown reason, defines #define OPENSSL_VERSION_NUMBER 0x20000000L No idea why they decided to advertise that they are OpenSSL v2.0.0. A local fix, if you need one, is to use #if OPENSSL_VERSION_NUMBER == 0x20000000L #define OPENSSL_VERSION_NUMBER 0x1000100L #endif in dcrypt-openssl.c after includes. Aki On 02.11.2016 12:39, Aki Tuomi wrote:...

...02 00:00:06 -0000 1.84 +++ configure.ac 27 Jul 2002 02:35:58 -0000 @@ -769,9 +769,18 @@ AC_MSG_CHECKING([whether OpenSSL's headers match the library]) AC_TRY_RUN( [ +#include <stdio.h> #include <string.h> #include <openssl/opensslv.h> -int main(void) { return(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); } +int main(void) { + fprintf(stderr,"OpenSSL library %x headers %x\n", SSLeay(), OPENSSL_VERSION_NUMBER); + if (SSLeay() == OPENSSL_VERSION_NUMBER) { + return(0); + } else { + printf("library %x headers %x ", SSLeay(), OPENSSL_VERSION_NUMBER); + return(1); + } +}...

...tches them all where needed. Note the word think. > > It certainly appears to be working anyway with it. > > On 11/02/2016 04:07 AM, Aki Tuomi wrote: >> After doing some testing by myself, I noticed that libressl, for some >> unknown reason, defines >> >> #define OPENSSL_VERSION_NUMBER 0x20000000L >> >> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >> local fix, if you need one, is to use >> >> #if OPENSSL_VERSION_NUMBER == 0x20000000L >> #define OPENSSL_VERSION_NUMBER 0x1000100L >> #endif >> >> in d...

...gt;>> It certainly appears to be working anyway with it. >>> >>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>> After doing some testing by myself, I noticed that libressl, for some >>>> unknown reason, defines >>>> >>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>> >>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>> local fix, if you need one, is to use >>>> >>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>> #define OPENSSL_VERSION_NUMBER 0...

...appears to be working anyway with it. >>>> >>>> On 11/02/2016 04:07 AM, Aki Tuomi wrote: >>>>> After doing some testing by myself, I noticed that libressl, for some >>>>> unknown reason, defines >>>>> >>>>> #define OPENSSL_VERSION_NUMBER 0x20000000L >>>>> >>>>> No idea why they decided to advertise that they are OpenSSL v2.0.0. A >>>>> local fix, if you need one, is to use >>>>> >>>>> #if OPENSSL_VERSION_NUMBER == 0x20000000L >>>>> #define OPE...

On 25 Feb 2017, at 21.54, Timo Sirainen <tss at iki.fi> wrote: > > Oh, I forgot to remove the #if OPENSSL_VERSION_NUMBER checks from lib-dcrypt. Will be removed in v2.2.29. Attached the planned patch that should do it. Well that didn't work with <v1.1. Maybe this one. -------------- next part -------------- A non-text attachment was scrubbed... Name: openssl.diff Type: application/octet-stream Size: 6744 b...

...patch. --- a/src/lib-ssl-iostream/iostream-openssl-params.c +++ b/src/lib-ssl-iostream/iostream-openssl-params.c @@ -13,13 +13,21 @@ generate_dh_parameters(int bitsize, buffer_t *output, const char **error_r) { DH *dh; unsigned char *p; - int len, len2; + int len, len2, success; +#if OPENSSL_VERSION_NUMBER >= 0x00908000L + success = DH_generate_parameters_ex(dh, bitsize, DH_GENERATOR, NULL); +#else dh = DH_generate_parameters(bitsize, DH_GENERATOR, NULL, NULL); if (dh == NULL) { + success = 0; + } +#endif + + if (success == 0) { *error_r = t_strdup_printf( - "DH_generate_parameters(...