diff --git a/ChangeLog b/ChangeLog index be448a245..c89ccdf2d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,7 +17,9 @@ - (bal) Add in check for rpc/types.h since it is needed on some platforms for INADDR_LOOPBACK. We should retest SCO 3 to see if this fixes their problem also. - + - (bal) Test for IRIX JOBS support at runtime. Patch provided + by David Kaelbling + 20020305 - stevesk@cvs.openbsd.org 2002/03/02 09:34:42 [LICENCE] @@ -7818,4 +7820,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1915 2002/03/08 03:11:07 mouring Exp $ +$Id: ChangeLog,v 1.1916 2002/03/08 03:50:57 mouring Exp $ diff --git a/cipher.c b/cipher.c index ce3f6f3ce..fa0532ca0 100644 --- a/cipher.c +++ b/cipher.c @@ -41,6 +41,10 @@ RCSID("$OpenBSD: cipher.c,v 1.52 2002/02/18 13:05:32 markus Exp $"); #include "log.h" #include "cipher.h" +#if OPENSSL_VERSION_NUMBER <= 0x0090600fL +#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) +#endif + #include #include "rijndael.h" @@ -196,6 +200,7 @@ cipher_init(CipherContext *cc, Cipher *cipher, type = (*cipher->evptype)(); EVP_CIPHER_CTX_init(&cc->evp); +#if OPENSSL_VERSION_NUMBER > 0x0090600fL if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, (encrypt == CIPHER_ENCRYPT)) == 0) fatal("cipher_init: EVP_CipherInit failed for %s", @@ -210,6 +215,10 @@ cipher_init(CipherContext *cc, Cipher *cipher, if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) fatal("cipher_init: EVP_CipherInit: set key failed for %s", cipher->name); +#else + EVP_CipherInit(&cc->evp, type, (u_char *)key, (u_char *)iv, + (encrypt == CIPHER_ENCRYPT)); +#endif } void @@ -217,15 +226,23 @@ cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); +#if OPENSSL_VERSION_NUMBER > 0x0090600fL if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) fatal("evp_crypt: EVP_Cipher failed"); +#else + EVP_Cipher(&cc->evp, dest, (u_char *)src, len); +#endif } void cipher_cleanup(CipherContext *cc) { +#if OPENSSL_VERSION_NUMBER > 0x0090600fL if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); +#else + EVP_CIPHER_CTX_cleanup(&cc->evp); +#endif } /* @@ -296,6 +313,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CIPHER_CTX_init(&c->k1); EVP_CIPHER_CTX_init(&c->k2); EVP_CIPHER_CTX_init(&c->k3); +#if OPENSSL_VERSION_NUMBER > 0x0090600fL if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { @@ -304,6 +322,11 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CIPHER_CTX_set_app_data(ctx, NULL); return (0); } +#else + EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc); + EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc); + EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc); +#endif return (1); } static int @@ -315,10 +338,16 @@ ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) error("ssh1_3des_cbc: no context"); return (0); } +#if OPENSSL_VERSION_NUMBER > 0x0090600fL if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || EVP_Cipher(&c->k2, dest, dest, len) == 0 || EVP_Cipher(&c->k3, dest, dest, len) == 0) return (0); +#else + EVP_Cipher(&c->k1, dest, (u_char *)src, len); + EVP_Cipher(&c->k2, dest, dest, len); + EVP_Cipher(&c->k3, dest, dest, len); +#endif return (1); } static int @@ -346,7 +375,9 @@ evp_ssh1_3des(void) ssh1_3des.init = ssh1_3des_init; ssh1_3des.cleanup = ssh1_3des_cleanup; ssh1_3des.do_cipher = ssh1_3des_cbc; +#if OPENSSL_VERSION_NUMBER > 0x0090600fL ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; +#endif return (&ssh1_3des); } @@ -494,7 +525,9 @@ evp_rijndael(void) rijndal_cbc.init = ssh_rijndael_init; rijndal_cbc.cleanup = ssh_rijndael_cleanup; rijndal_cbc.do_cipher = ssh_rijndael_cbc; +#if OPENSSL_VERSION_NUMBER > 0x0090600fL rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_ALWAYS_CALL_INIT; +#endif return (&rijndal_cbc); } diff --git a/configure.ac b/configure.ac index 5e4e659a9..413deb4d9 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.24 2002/03/08 03:11:08 mouring Exp $ +# $Id: configure.ac,v 1.25 2002/03/08 03:50:58 mouring Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -115,7 +115,7 @@ case "$host" in AC_DEFINE(WITH_IRIX_ARRAY) AC_DEFINE(WITH_IRIX_PROJECT) AC_DEFINE(WITH_IRIX_AUDIT) - AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) + AC_DEFINE(WITH_IRIX_JOBS) AC_DEFINE(BROKEN_INET_NTOA) ;; *-*-linux*) diff --git a/openbsd-compat/port-irix.c b/openbsd-compat/port-irix.c index a63ec429a..bd03366f5 100644 --- a/openbsd-compat/port-irix.c +++ b/openbsd-compat/port-irix.c @@ -3,13 +3,20 @@ #if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) #ifdef WITH_IRIX_PROJECT -#include +# include #endif /* WITH_IRIX_PROJECT */ #ifdef WITH_IRIX_JOBS -#include -#endif +# include +# include +# if !defined(JLIMIT_CPU) +/* Simulate job limit support so we can still test for it at runtime. */ +typedef __int64_t jid_t; +extern jid_t jlimit_startjob(char *, uid_t, char *); +# pragma optional jlimit_startjob +# endif +#endif /* WITH_IRIX_JOBS */ #ifdef WITH_IRIX_AUDIT -#include +# include #endif /* WITH_IRIX_AUDIT */ void @@ -27,10 +34,16 @@ irix_setusercontext(struct passwd *pw) #endif /* WITH_IRIX_JOBS */ #ifdef WITH_IRIX_JOBS - jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive"); - if (jid == -1) - fatal("Failed to create job container: %.100s", + if (_MIPS_SYMBOL_PRESENT(jlimit_startjob)) { + jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive"); + if (jid == -1) { + if (errno == ENOPKG) + jid = 0; + else + fatal("Failed to create job container: %.100s", strerror(errno)); + } + } #endif /* WITH_IRIX_JOBS */ #ifdef WITH_IRIX_ARRAY /* initialize array session */