RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [authfile.c] Fall back to 3DES for the encryption of private 

keys when built with OpenSSL versions that don't do AES.
This commit is contained in:
Darren Tucker 2009-11-07 16:03:14 +11:00
parent e89ed1cfca
commit df6578bb4d
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
20091107
- (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
keys when built with OpenSSL versions that don't do AES.
20091105
- (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
older versions of OpenSSL.

4
authfile.c
View File

@ -187,7 +187,11 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
int success = 0;
int len = strlen(_passphrase);
u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL;
#if (OPENSSL_VERSION_NUMBER < 0x00907000L)
const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
#else
const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL;
#endif
if (len > 0 && len <= 4) {
error("passphrase too short: have %d bytes, need > 4", len);