xref: /dflybsd-src/lib/libssh/openbsd-compat/openssl-compat.c (revision 2c0338ff3a67192f74bc43d411d0fc58c1149708) 
1*2c0338ffSzrj /*
2*2c0338ffSzrj  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
3*2c0338ffSzrj  *
4*2c0338ffSzrj  * Permission to use, copy, modify, and distribute this software for any
5*2c0338ffSzrj  * purpose with or without fee is hereby granted, provided that the above
6*2c0338ffSzrj  * copyright notice and this permission notice appear in all copies.
7*2c0338ffSzrj  *
8*2c0338ffSzrj  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9*2c0338ffSzrj  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10*2c0338ffSzrj  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11*2c0338ffSzrj  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12*2c0338ffSzrj  * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
13*2c0338ffSzrj  * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
14*2c0338ffSzrj  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15*2c0338ffSzrj  */
16*2c0338ffSzrj 
17*2c0338ffSzrj #define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
18*2c0338ffSzrj #include "includes.h"
19*2c0338ffSzrj 
20*2c0338ffSzrj #ifdef WITH_OPENSSL
21*2c0338ffSzrj 
22*2c0338ffSzrj #include <stdarg.h>
23*2c0338ffSzrj #include <string.h>
24*2c0338ffSzrj 
25*2c0338ffSzrj #ifdef USE_OPENSSL_ENGINE
26*2c0338ffSzrj # include <openssl/engine.h>
27*2c0338ffSzrj # include <openssl/conf.h>
28*2c0338ffSzrj #endif
29*2c0338ffSzrj 
30*2c0338ffSzrj #include "log.h"
31*2c0338ffSzrj 
32*2c0338ffSzrj #include "openssl-compat.h"
33*2c0338ffSzrj 
34*2c0338ffSzrj /*
35*2c0338ffSzrj  * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
36*2c0338ffSzrj  * We match major, minor, fix and status (not patch) for <1.0.0.
37*2c0338ffSzrj  * After that, we acceptable compatible fix versions (so we
38*2c0338ffSzrj  * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
39*2c0338ffSzrj  * within a patch series.
40*2c0338ffSzrj  */
41*2c0338ffSzrj 
42*2c0338ffSzrj int
ssh_compatible_openssl(long headerver,long libver)43*2c0338ffSzrj ssh_compatible_openssl(long headerver, long libver)
44*2c0338ffSzrj {
45*2c0338ffSzrj 	long mask, hfix, lfix;
46*2c0338ffSzrj 
47*2c0338ffSzrj 	/* exact match is always OK */
48*2c0338ffSzrj 	if (headerver == libver)
49*2c0338ffSzrj 		return 1;
50*2c0338ffSzrj 
51*2c0338ffSzrj 	/* for versions < 1.0.0, major,minor,fix,status must match */
52*2c0338ffSzrj 	if (headerver < 0x1000000f) {
53*2c0338ffSzrj 		mask = 0xfffff00fL; /* major,minor,fix,status */
54*2c0338ffSzrj 		return (headerver & mask) == (libver & mask);
55*2c0338ffSzrj 	}
56*2c0338ffSzrj 
57*2c0338ffSzrj 	/*
58*2c0338ffSzrj 	 * For versions >= 1.0.0, major,minor,status must match and library
59*2c0338ffSzrj 	 * fix version must be equal to or newer than the header.
60*2c0338ffSzrj 	 */
61*2c0338ffSzrj 	mask = 0xfff0000fL; /* major,minor,status */
62*2c0338ffSzrj 	hfix = (headerver & 0x000ff000) >> 12;
63*2c0338ffSzrj 	lfix = (libver & 0x000ff000) >> 12;
64*2c0338ffSzrj 	if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
65*2c0338ffSzrj 		return 1;
66*2c0338ffSzrj 	return 0;
67*2c0338ffSzrj }
68*2c0338ffSzrj 
69*2c0338ffSzrj void
ssh_libcrypto_init(void)70*2c0338ffSzrj ssh_libcrypto_init(void)
71*2c0338ffSzrj {
72*2c0338ffSzrj #if defined(HAVE_OPENSSL_INIT_CRYPTO) && \
73*2c0338ffSzrj       defined(OPENSSL_INIT_ADD_ALL_CIPHERS) && \
74*2c0338ffSzrj       defined(OPENSSL_INIT_ADD_ALL_DIGESTS)
75*2c0338ffSzrj 	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
76*2c0338ffSzrj 	    OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
77*2c0338ffSzrj #elif defined(HAVE_OPENSSL_ADD_ALL_ALGORITHMS)
78*2c0338ffSzrj 	OpenSSL_add_all_algorithms();
79*2c0338ffSzrj #endif
80*2c0338ffSzrj 
81*2c0338ffSzrj #ifdef	USE_OPENSSL_ENGINE
82*2c0338ffSzrj 	/* Enable use of crypto hardware */
83*2c0338ffSzrj 	ENGINE_load_builtin_engines();
84*2c0338ffSzrj 	ENGINE_register_all_complete();
85*2c0338ffSzrj 
86*2c0338ffSzrj 	/* Load the libcrypto config file to pick up engines defined there */
87*2c0338ffSzrj # if defined(HAVE_OPENSSL_INIT_CRYPTO) && defined(OPENSSL_INIT_LOAD_CONFIG)
88*2c0338ffSzrj 	OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
89*2c0338ffSzrj 	    OPENSSL_INIT_ADD_ALL_DIGESTS | OPENSSL_INIT_LOAD_CONFIG, NULL);
90*2c0338ffSzrj # else
91*2c0338ffSzrj 	OPENSSL_config(NULL);
92*2c0338ffSzrj # endif
93*2c0338ffSzrj #endif /* USE_OPENSSL_ENGINE */
94*2c0338ffSzrj }
95*2c0338ffSzrj 
96*2c0338ffSzrj #endif /* WITH_OPENSSL */
97