lock down to openssl version used at compile time to avoid fatal error auto/th/openssh-6.2p2-2
authorElan Ruusamäe <glen@delfi.ee>
Thu, 30 May 2013 08:29:15 +0000 (11:29 +0300)
committerElan Ruusamäe <glen@delfi.ee>
Thu, 30 May 2013 08:32:34 +0000 (11:32 +0300)
commit16efbe5bdad4729414c54e3dc632ba4f4dcfb492
tree1320340800050e1701bdef344796871a9eb1b4d9
parenta70f212c4da4d5fbda19e70a39e03ba04e7440ed
lock down to openssl version used at compile time to avoid fatal error

$ ssh localhost
OpenSSL version mismatch. Built against 1000008f, you have 1000105f

$ rpm -q --blink openssl openssh-clients
openssl-1.0.1e-1.x86_64.rpm
        <= openssl-1.0.0j-1.x86_64.rpm
openssh-clients-5.9p1-9.x86_64.rpm
        <= openssh-clients-5.9p1-8.x86_64.rpm

similar to neon fix:
http://git.pld-linux.org/?p=packages/neon.git;a=commitdiff;h=00c6dbc2309d9d93db6a6f469fc8516981bdb405

openssh-6.2p2/entropy.c reads:

 void
 seed_rng(void)
 {
 #ifndef OPENSSL_PRNG_ONLY
     unsigned char buf[RANDOM_SEED_SIZE];
 #endif
     /*
      * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
      * We match major, minor, fix and status (not patch) for <1.0.0.
      * After that, we acceptable compatible fix versions (so we
      * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed
      * within a patch series.
      */
     u_long version_mask = SSLeay() >= 0x1000000f ?  ~0xffff0L : ~0xff0L;
     if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) ||
         (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12))
         fatal("OpenSSL version mismatch. Built against %lx, you "
             "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
openssh.spec
This page took 1.308081 seconds and 4 git commands to generate.