SHA256
1
0
forked from pool/openssh
openssh/openssh-5.9p1-engines.diff
Petr Cerny 5a89c49d11 Accepting request 88642 from home:pcerny:factory
- Update to 5.9p1 
  * sandboxing privsep child through rlimit
- spec files and sources cleanup
- removed bogus key size from init script

OBS-URL: https://build.opensuse.org/request/show/88642
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=14
2011-10-19 02:18:13 +00:00

141 lines
3.8 KiB
Diff

Index: openssh-5.8p1/ssh-add.c
===================================================================
--- openssh-5.8p1.orig/ssh-add.c
+++ openssh-5.8p1/ssh-add.c
@@ -43,6 +43,7 @@
#include <openssl/evp.h>
#include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
#include <fcntl.h>
#include <pwd.h>
@@ -377,6 +378,10 @@ main(int argc, char **argv)
OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
/* At first, get a connection to the authentication agent. */
ac = ssh_get_authentication_connection();
if (ac == NULL) {
Index: openssh-5.8p1/ssh-agent.c
===================================================================
--- openssh-5.8p1.orig/ssh-agent.c
+++ openssh-5.8p1/ssh-agent.c
@@ -52,6 +52,7 @@
#include <openssl/evp.h>
#include <openssl/md5.h>
#include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
#include <errno.h>
#include <fcntl.h>
@@ -1153,6 +1154,10 @@ main(int ac, char **av)
OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
__progname = ssh_get_progname(av[0]);
seed_rng();
Index: openssh-5.8p1/ssh-keygen.c
===================================================================
--- openssh-5.8p1.orig/ssh-keygen.c
+++ openssh-5.8p1/ssh-keygen.c
@@ -22,6 +22,7 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
#include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
#include <errno.h>
#include <fcntl.h>
@@ -1815,6 +1816,11 @@ main(int argc, char **argv)
__progname = ssh_get_progname(argv[0]);
OpenSSL_add_all_algorithms();
+
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
seed_rng();
Index: openssh-5.8p1/ssh-keysign.c
===================================================================
--- openssh-5.8p1.orig/ssh-keysign.c
+++ openssh-5.8p1/ssh-keysign.c
@@ -38,6 +38,7 @@
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/rsa.h>
+#include <openssl/engine.h>
#include "xmalloc.h"
#include "log.h"
@@ -195,6 +196,11 @@ main(int argc, char **argv)
fatal("could not open any host key");
OpenSSL_add_all_algorithms();
+
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
for (i = 0; i < 256; i++)
rnd[i] = arc4random();
RAND_seed(rnd, sizeof(rnd));
Index: openssh-5.8p1/ssh.c
===================================================================
--- openssh-5.8p1.orig/ssh.c
+++ openssh-5.8p1/ssh.c
@@ -75,6 +75,7 @@
#include <openssl/err.h>
#include "openbsd-compat/openssl-compat.h"
#include "openbsd-compat/sys-queue.h"
+#include <openssl/engine.h>
#include "xmalloc.h"
#include "ssh.h"
@@ -601,6 +602,10 @@ main(int ac, char **av)
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
/* Initialize the command to execute on remote host. */
buffer_init(&command);
Index: openssh-5.8p1/sshd.c
===================================================================
--- openssh-5.8p1.orig/sshd.c
+++ openssh-5.8p1/sshd.c
@@ -77,6 +77,7 @@
#include <openssl/md5.h>
#include <openssl/rand.h>
#include "openbsd-compat/openssl-compat.h"
+#include <openssl/engine.h>
#ifdef HAVE_SECUREWARE
#include <sys/security.h>
@@ -1474,6 +1475,10 @@ main(int ac, char **av)
OpenSSL_add_all_algorithms();
+ /* Init available hardware crypto engines. */
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+
/*
* Force logging to stderr until we have loaded the private host
* key (unless started from inetd)