similar to: [Patch] Improve diags for "OpenSSL headers match library" configure test

https://bugzilla.mindrot.org/show_bug.cgi?id=1991 Bug #: 1991 Summary: openssl version checking needs updating Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous

Well, I've finally gotten around to compiling and testing OpenSSH 2.5.2p1, in order to update the contrib/solaris packaging scripts. Somehow on my test system, I'm getting errors that indicate that I've still got some old copy of OpenSSL being found somewhere...but I can't for the life of me tell where. The compile went fine (it found the OpenSSL 0.9.5a libraries that I had

https://bugzilla.mindrot.org/show_bug.cgi?id=2212 Bug ID: 2212 Summary: openssl version check should ignore status nibble Product: Portable OpenSSH Version: 6.5p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

Hi, Below a message I had originally sent to openssl-bugs. The version mismatch mentioned below was OpenSSL 0x0090603f vs. OpenSSL 0x0090601f Meanwhile Richard Levitte <levitte at stacken.kth.se> has sent me the following: >>>>>>>>> Begin excerpt from levitte (first msg.) peb> If, on the other hand, the libraries from 0.9.6a and 0.9.6c are peb> binary

Hi all. Solaris 10's default libcrypto does not have support for AES 192 and 256 bit functions. The attached patch, against -current, and based partially on an earlier one by djm, will use OpenSSH's builtin rijndael code for all AES crypto functions and thus will allow it to build and function on Solaris 10 without the extra crypto packages (SUNWcry, SUNWcryr) or a locally built OpenSSL.

---------- Forwarded message ---------- Date: Fri, 18 Jan 2013 10:19:35 +1100 (EST) From: Damien Miller <djm at mindrot.org> To: Iain Morgan <Iain.Morgan at nasa.gov> Subject: Re: Inconsisten declaration of ssh_aes_ctr_iv() On Thu, 17 Jan 2013, Iain Morgan wrote: > > Could you tell me the declaration of the function pointer do_cipher in > > OpenSSL's evp.h on your

On Fri, 12 Oct 2018, Jakub Jelen wrote: > Something like this can be used to properly initialize new OpenSSL > versions: > > @@ -70,12 +70,19 @@ ssh_compatible_openssl(long headerver, long libver) > void > ssh_OpenSSL_add_all_algorithms(void) > { > +#if OPENSSL_VERSION_NUMBER < 0x10100000L > OpenSSL_add_all_algorithms(); > > /* Enable use of crypto

On 2016-11-02, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > If the standard way works, I am happy to include the original patch I > sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. > If they keep this promise, then we should have no worries about things > breaking up. Diff below is what I've added to OpenBSD ports. The libressl API is not cast in

# HG changeset patch # User David Hicks <david at hicks.id.au> # Date 1373085976 -36000 # Sat Jul 06 14:46:16 2013 +1000 # Node ID ccd83f38e4b484ae18f69ea08631eefcaf6a4a4e # Parent 1fbac590b9d4dc05d81247515477bfe6192c262c login-common: Add support for ECDH/ECDHE cipher suites ECDH temporary key parameter selection must be performed during OpenSSL context initialisation before ECDH and

>openssl version Libressl 2.4.4 Patch for dovecot: perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-dcrypt/dcrypt-openssl.c; perl -i -ple 's/^(#if OPENSSL_VERSION_NUMBER < 0x10100000L\s*)$/$1 || defined (LIBRESSL_VERSION_NUMBER)/' ./src/lib-ssl-iostream/dovecot-openssl-common.c; perl -i -ple 's/^(#if

Hello, I was following directions at: http://www.sogo.nu/english/support/faq/article/how-to-install-sogo-and-sope-through-yum-1.html to install SOGo on CentOS 5.9 and, noticing that among the dependencies is memcached and rpmforge includes a much more recent version than EPEL, I preferred rpmforge and therefore I set a higher priority for rpmforge repo (see below). [Note: I guess I could have

After doing some testing by myself, I noticed that libressl, for some unknown reason, defines #define OPENSSL_VERSION_NUMBER 0x20000000L No idea why they decided to advertise that they are OpenSSL v2.0.0. A local fix, if you need one, is to use #if OPENSSL_VERSION_NUMBER == 0x20000000L #define OPENSSL_VERSION_NUMBER 0x1000100L #endif in dcrypt-openssl.c after includes. Aki On

It does work today, I am just bit worried that it will keep on breaking with libressl as they evolve their API. I would personally like to avoid more ifdef hell if possible... Aki On 02.11.2016 13:22, Michael A. Peters wrote: > Standard way to fix it (on the LibreSSL page) is to check for > LIBRESSL_VERSION_NUMBER - e.g. the patch attached which I think > catches them all where

If the standard way works, I am happy to include the original patch I sent, amended so that it checks for presence of LIBRESSL_VERSION_NUMBER. If they keep this promise, then we should have no worries about things breaking up. Aki On 02.11.2016 14:24, Michael A. Peters wrote: > Indeed, which is why I use it. > > But it also is in the minority which is why I find it acceptable for

IMHO it would be acceptable to have a LibreSSL patch that is maintained by the people who want it. It's free software, and that kind of is the point of Open Source. On 11/02/2016 04:36 AM, Michael A. Peters wrote: > They have stated they are going to remain API compatible with 1.0.1h (or > g, forget which they forked) - their new stuff is outside of libcrypto. > > On 11/02/2016

Hi All, First I would like to thank all who gave me pointers on where to look for the applications. There are also some of you who wanted me to post my findings. Hence I have decided to post a mini how-to. I actually ran a sniffer on it, and all messages are encrypted. :) If there's any prob, just drop me a line. Rgrds, Wong. begin 666 How-To Ssecure pop or imap.txt [mod: Grrr... I now

http://bugzilla.mindrot.org/show_bug.cgi?id=335 dyw at iohk.com changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|major |normal Keywords| |help-wanted OS/Version|Linux |BSDI

Indeed, which is why I use it. But it also is in the minority which is why I find it acceptable for FLOSS projects like dovecot to elect to only un-officially support LibreSSL via a community maintained patch. One of the reasons why OpenSSL was forked is because they were trying to support so many platforms that it made the code a real mess. Don't want the same to happen to another

They have stated they are going to remain API compatible with 1.0.1h (or g, forget which they forked) - their new stuff is outside of libcrypto. On 11/02/2016 04:25 AM, Aki Tuomi wrote: > It does work today, I am just bit worried that it will keep on breaking > with libressl as they evolve their API. I would personally like to avoid > more ifdef hell if possible... > > Aki >

Hello! I'm still trying to configure samba with SSL. The operating system is Suse Linux 6.4, samba version 2.0.7. Without ssl, it works well. I installed SSLeay and got no error messages. After installing it, I configured samba with ssl option and no error messages. When I tried to test my configuration file with testparm, I have the following: Load smb config files from