search for: ssleay_add_all_algorithms

I am confused on how ssh_SSLeay_add_all_algorithms() get used in the ssh applications for openssh-5.7p1 and later releases. I don't see any of the applications making calls to ssh_SSLeay_add_all_algorithms(). There is a macro that redefines SSLeay_add_all_algorithms() to ssh_SSLeay_add_all_algorithms() but I don't see any code calling SSLea...

Hello, I am looking into the ssh sources. I couldn't get docs for SSLeay_add_all_algorithms. I tried for this in openssl.org. Can someone give some pointers for documents, which can tell how to use the SSL functions used in the ssh sources and what they do?? thanks kapil

Hi all, attached is a patch that enables using hardware crypto accelerators available through OpenSSL library for SSH operations. Especially in ssh/sshd it can bring a significant speed improvement. OTOH if no crypto engine is available, nothing bad happens and default software crypto routines are used. This patch is used in SUSE Linux OpenSSH package and proved to work (at least it didn't

...scellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: openssh-bugs at lister.dnsalias.net The support for OpenSSL's hardware crypto engines introduced in configure.ac r1.331, openbsd-compat/openssl-compat.c r1.3, etc doesn't actually do anything; the redefinition of SSLeay_add_all_algorithms in openbsd-compat/openssl-compat.h doesn't get included in ssh.c, scp.c, etc where SSLeay_add_all_algorithms is invoked. Ian -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bu...

...context diff(1) of the change I made to ssh.c is appended. -- Joseph *** ssh.old.c Mon Feb 19 05:51:08 2001 --- ssh.c Mon Apr 30 08:38:33 2001 *************** *** 498,505 **** } /* Check that we got a host name. */ if (!host) ! usage(); SSLeay_add_all_algorithms(); ERR_load_crypto_strings(); --- 499,512 ---- } /* Check that we got a host name. */ + /* TJWL */ if (!host) ! { ! if ( strcmp(av[0], "ssh") == 0 ) ! usage(); ! else ! host = av[0]; ! }...

Does anyone knows why in some OpenSSH patches for FIPS we have something like: SSLeay_add_all_algorithms(); if (FIPS_mode() && !FIPSCHECK_verify(NULL, NULL)) { fprintf(stderr, "FIPS integrity verification test failed.\n"); exit(3); } This block of code is always in main() soon after starting service/client. Why are they checking FI...

.... When i try to run the ./configure script, it stops at the follwing check ---SNIP-- checking openssl/pem.h presence... yes checking for openssl/pem.h... yes checking for SHA1_version in -lcrypto... yes checking for RAND_pseudo_bytes... yes checking for OpenSSL_add_all_algorithms... no checking for SSLeay_add_all_algorithms... no configure: error: Missing required OpenSSL functionality! I read the following on some mailing list " Your method of testing for the presence of OpenSSL_add_all_algorithms() is incomplete. Starting with 0.9.7, OpenSSL_add_all_algorithms() is no longer available as a function but as a m...

...-#define SSH_DONT_REDEF_EVP +#ifdef USE_OPENSSL_ENGINE +# include <openssl/engine.h> +#endif + +#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS #include "openssl-compat.h" #ifdef SSH_OLD_EVP @@ -44,3 +48,15 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CT return 1; } #endif + +void +ssh_SSLeay_add_all_algorithms(void) +{ + SSLeay_add_all_algorithms(); + +#ifdef USE_OPENSSL_ENGINE + /* Enable use of crypto hardware */ + ENGINE_load_builtin_engines(); + ENGINE_register_all_complete(); +#endif +} Index: openbsd-compat/openssl-compat.h =================================================================== RCS fil...

...1 02:41:52 2002 --- ssh-agent.c Wed Jun 26 18:18:48 2002 *************** *** 939,944 **** --- 939,945 ---- char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; char *agentsocket = NULL; extern int optind; + extern char *optarg; fd_set *readsetp = NULL, *writesetp = NULL; SSLeay_add_all_algorithms();

Hi there, I have tried compiling OpenSSH 4.3p2 using the following steps: Upgrade OpenSSL tar xvfz openssl-0.9.8a.tar.gz cd openssl-0.9.8a ./config make make install Upgrade zlib tar xvfz zlib-1.2.3.tar.gz ./configure make test make install Upgrade OpenSSH tar xvfz openssh-4.3p2.tar.gz cd openssh-4.3p2.tar.gz ./configure --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl

https://bugzilla.mindrot.org/show_bug.cgi?id=1882 Summary: Since 5.7p1 OpenSSH doesn't take advantage of OpenSSL hardware engine Product: Portable OpenSSH Version: 5.7p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: scp AssignedTo:

...ls_t *shout_tls_new(shout_t *self, sock_t socket) static inline int tls_setup(shout_tls_t *tls) { - SSL_METHOD *meth; + const SSL_METHOD *meth; +#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) SSL_library_init(); SSL_load_error_strings(); SSLeay_add_all_algorithms(); SSLeay_add_ssl_algorithms(); - meth = TLSv1_client_method(); + meth = SSLv23_client_method(); if (!meth) goto error; +#else + meth = TLS_client_method(); +#endif tls->ssl_ctx = SSL_CTX_new(meth); if (!tls->ssl_ctx) -- 2.15.0

...I have this odd problem and until now I always found a way to solve it but now I'm really stuck. I'm trying to build tinc-pre7 and I always reach to this error on configure: --------------------- checking for RAND_pseudo_bytes... no checking for OpenSSL_add_all_algorithms... no checking for SSLeay_add_all_algorithms... no ---------------------- My openssl is 0.9.7 and is installed via this command: ./config --prefix=/usr/local --openssldir=/usr/local/openssl I'm trying to build tic with this command: ./configure --localstatedir=/var --sysconfdir=/etc --with-openssl-include=/usr/local --with-openssl-lib...

NOTE: If you know how to properly use load_private_key for dsa keys and NOTE: don't want to read my long post, simply reply with that info and NOTE: I will really appreciate it. thanks. I've been playing with the source code and trying to create extra apps. All has been going well except the fact that I can't load a dsa private key. To highlight my problem I stole some code

...id_t original_real_uid; + static void clear_pass(void) { @@ -311,12 +317,30 @@ AuthenticationConnection *ac = NULL; char *sc_reader_id = NULL; int i, ch, deleting = 0, ret = 0; + char buf[256]; + struct passwd *pw; __progname = ssh_get_progname(argv[0]); init_rng(); seed_rng(); SSLeay_add_all_algorithms(); + + /* Read options */ + initialize_options(&options); + + pw = getpwuid(original_real_uid = getuid()); + if (!pw) { + logit("You don't exist, go away!"); + exit(1); + } + + snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, + _PATH_SSH_USER_CONFFILE); + (...

...utoconf-2.57-3, automake-1.6.3-5 1. When I try to compile tinc-1.0 pre8 on my RH 9.0 system, it fails.. When I do a ./configure, it aborts saying: --Snip-- checking for SHA1_version in -lcrypto... yes checking for RAND_pseudo_bytes... yes checking for OpenSSL_add_all_algorithms... no checking for SSLeay_add_all_algorithms... no configure: error: Missing required OpenSSL functionality! 2. So i followed a suggestion from someone and downloaded the cvs version, and ran autogen.sh. This leads to the following error. shashank@mia:~/temp/tinc> ./autogen.sh **Warning**: I am going to run `configure' with no argum...

Hi, (I'm not subscribed to the list, so please CC me on reply.) I'd like to request adding a feature to OpenSSH: Task: ~~~~~ It is quite sometime useful to invoke a program prior to connecting to an ssh server. The most common use case will probably be port knocking. That is a small program sends certain packets to a server and the server reacts to this by unlocking the ssh port, which

...Remove key in smartcard reader.\n"); @@ -307,7 +503,7 @@ main(int argc, char **argv) { extern char *optarg; - extern int optind; + extern int optind, opterr; AuthenticationConnection *ac = NULL; char *sc_reader_id = NULL; int i, ch, deleting = 0, ret = 0; @@ -318,13 +514,34 @@ SSLeay_add_all_algorithms(); - /* At first, get a connection to the authentication agent. */ +#ifdef HAVE_LIBKEYUTIL + /* At first, check if we are working on the kernel or agent keys */ + opterr = 0; + while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:k")) != -1) { + switch (ch) { + case 'k': + inkernel...

Hi, I have a problem with the extern declarations of optarg, optind, etc. We're currently moving getopt from being a statically linked function to a dynamically linked function as part of the Cygwin DLL. On Windows, this requires to generate special symbols (__imp__optarg, etc.), which is done by marking the exported variables in the corresponding header. Instead of extern char *optarg;