mirror of git://anongit.mindrot.org/openssh.git
- (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
Add optional enabling of OpenSSL's (hardware) Engine support, via configure --with-ssl-engine. Based in part on a diff by michal at logix.cz.
This commit is contained in:
Darren Tucker
parent
4881c371ce
commit
fabdb6c290
|
|
@ -1,3 +1,9 @@
|
|||
20060220
|
||||
- (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
|
||||
Add optional enabling of OpenSSL's (hardware) Engine support, via
|
||||
configure --with-ssl-engine. Based in part on a diff by michal at
|
||||
logix.cz.
|
||||
|
||||
20060219
|
||||
- (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
|
||||
Add first attempt at regress tests for compat library. ok djm@
|
||||
|
|
@ -3863,4 +3869,4 @@
|
|||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||
|
||||
$Id: ChangeLog,v 1.4130 2006/02/19 11:50:20 dtucker Exp $
|
||||
$Id: ChangeLog,v 1.4131 2006/02/20 09:17:35 dtucker Exp $
|
||||
|
|
|
|||
4
INSTALL
4
INSTALL
|
|
@ -165,6 +165,8 @@ created.
|
|||
--with-ssl-dir=DIR allows you to specify where your OpenSSL libraries
|
||||
are installed.
|
||||
|
||||
--with-ssl-engine enables OpenSSL's (hardware) ENGINE support
|
||||
|
||||
--with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to
|
||||
real (AF_INET) IPv4 addresses. Works around some quirks on Linux.
|
||||
|
||||
|
|
@ -225,4 +227,4 @@ Please refer to the "reporting bugs" section of the webpage at
|
|||
http://www.openssh.com/
|
||||
|
||||
|
||||
$Id: INSTALL,v 1.70 2005/04/24 07:52:23 dtucker Exp $
|
||||
$Id: INSTALL,v 1.71 2006/02/20 09:17:36 dtucker Exp $
|
||||
|
|
|
|||
22
configure.ac
22
configure.ac
|
|
@ -1,4 +1,4 @@
|
|||
# $Id: configure.ac,v 1.330 2006/02/19 11:50:20 dtucker Exp $
|
||||
# $Id: configure.ac,v 1.331 2006/02/20 09:17:36 dtucker Exp $
|
||||
#
|
||||
# Copyright (c) 1999-2004 Damien Miller
|
||||
#
|
||||
|
|
@ -15,7 +15,7 @@
|
|||
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
|
||||
AC_REVISION($Revision: 1.330 $)
|
||||
AC_REVISION($Revision: 1.331 $)
|
||||
AC_CONFIG_SRCDIR([ssh.c])
|
||||
|
||||
AC_CONFIG_HEADER(config.h)
|
||||
|
|
@ -1834,6 +1834,24 @@ Also see contrib/findssl.sh for help identifying header/library mismatches.])
|
|||
]
|
||||
)
|
||||
|
||||
AC_ARG_WITH(ssl-engine,
|
||||
[ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
|
||||
[ if test "x$withval" != "xno" ; then
|
||||
AC_MSG_CHECKING(for OpenSSL ENGINE support)
|
||||
AC_TRY_COMPILE(
|
||||
[ #include <openssl/engine.h>],
|
||||
[
|
||||
int main(void){ENGINE_load_builtin_engines();ENGINE_register_all_complete();}
|
||||
],
|
||||
[ AC_MSG_RESULT(yes)
|
||||
AC_DEFINE(USE_OPENSSL_ENGINE, 1,
|
||||
[Enable OpenSSL engine support])
|
||||
],
|
||||
[ AC_MSG_ERROR(OpenSSL ENGINE support not found)]
|
||||
)
|
||||
fi ]
|
||||
)
|
||||
|
||||
# Check for OpenSSL without EVP_aes_{192,256}_cbc
|
||||
AC_MSG_CHECKING([whether OpenSSL has crippled AES support])
|
||||
AC_COMPILE_IFELSE(
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: openssl-compat.c,v 1.2 2005/06/17 11:15:21 dtucker Exp $ */
|
||||
/* $Id: openssl-compat.c,v 1.3 2006/02/20 09:17:36 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||
|
|
@ -18,7 +18,11 @@
|
|||
|
||||
#include "includes.h"
|
||||
|
||||
#define SSH_DONT_REDEF_EVP
|
||||
#ifdef USE_OPENSSL_ENGINE
|
||||
# include <openssl/engine.h>
|
||||
#endif
|
||||
|
||||
#define SSH_DONT_OVERLOAD_OPENSSL_FUNCS
|
||||
#include "openssl-compat.h"
|
||||
|
||||
#ifdef SSH_OLD_EVP
|
||||
|
|
@ -44,3 +48,15 @@ ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *evp)
|
|||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
ssh_SSLeay_add_all_algorithms(void)
|
||||
{
|
||||
SSLeay_add_all_algorithms();
|
||||
|
||||
#ifdef USE_OPENSSL_ENGINE
|
||||
/* Enable use of crypto hardware */
|
||||
ENGINE_load_builtin_engines();
|
||||
ENGINE_register_all_complete();
|
||||
#endif
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
/* $Id: openssl-compat.h,v 1.3 2005/12/19 06:40:40 dtucker Exp $ */
|
||||
/* $Id: openssl-compat.h,v 1.4 2006/02/20 09:17:36 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||
|
|
@ -54,21 +54,22 @@ extern const EVP_CIPHER *evp_acss(void);
|
|||
* define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and
|
||||
* implement the ssh_* equivalents.
|
||||
*/
|
||||
#ifdef SSH_OLD_EVP
|
||||
|
||||
# ifndef SSH_DONT_REDEF_EVP
|
||||
#ifndef SSH_DONT_OVERLOAD_OPENSSL_FUNCS
|
||||
|
||||
# ifdef SSH_OLD_EVP
|
||||
# ifdef EVP_Cipher
|
||||
# undef EVP_Cipher
|
||||
# endif
|
||||
|
||||
# define EVP_CipherInit(a,b,c,d,e) ssh_EVP_CipherInit((a),(b),(c),(d),(e))
|
||||
# define EVP_Cipher(a,b,c,d) ssh_EVP_Cipher((a),(b),(c),(d))
|
||||
# define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a))
|
||||
# endif
|
||||
# endif /* SSH_OLD_EVP */
|
||||
|
||||
# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms()
|
||||
void ssh_SSLeay_add_all_algorithms(void);
|
||||
|
||||
int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
|
||||
unsigned char *, int);
|
||||
int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
|
||||
int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
|
||||
#endif
|
||||
#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
|
||||
|
|
|
|||
Loading…
Reference in New Issue