Brad Bishop | 1932369 | 2019-04-05 15:28:33 -0400 | [diff] [blame^] | 1 | From b2ee29809a54e16567323d8fbac2d652ee58c692 Mon Sep 17 00:00:00 2001 |
| 2 | From: Khem Raj <raj.khem@gmail.com> |
| 3 | Date: Fri, 1 Feb 2019 22:45:19 -0800 |
| 4 | Subject: [PATCH] Check against the correct OPENSSL_VERSION_NUMBER |
| 5 | |
| 6 | From: Guido Falsi <mad@madpilot.net> |
| 7 | https://sources.debian.org/src/pam-ssh-agent-auth/0.10.3-3/debian/patches/openssl-1.1.1-2.patch/ |
| 8 | |
| 9 | Upstream-Status: Pending |
| 10 | Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| 11 | --- |
| 12 | authfd.c | 12 ++++++------ |
| 13 | bufbn.c | 2 +- |
| 14 | key.c | 36 ++++++++++++++++++------------------ |
| 15 | ssh-dss.c | 10 +++++----- |
| 16 | ssh-ecdsa.c | 8 ++++---- |
| 17 | ssh-rsa.c | 4 ++-- |
| 18 | 6 files changed, 36 insertions(+), 36 deletions(-) |
| 19 | |
| 20 | diff --git a/authfd.c b/authfd.c |
| 21 | index f91514d..4c6cec8 100644 |
| 22 | --- a/authfd.c |
| 23 | +++ b/authfd.c |
| 24 | @@ -367,7 +367,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio |
| 25 | case 1: |
| 26 | key = pamsshagentauth_key_new(KEY_RSA1); |
| 27 | bits = pamsshagentauth_buffer_get_int(&auth->identities); |
| 28 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 29 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 30 | pamsshagentauth_buffer_get_bignum(&auth->identities, key->rsa->e); |
| 31 | pamsshagentauth_buffer_get_bignum(&auth->identities, key->rsa->n); |
| 32 | *comment = pamsshagentauth_buffer_get_string(&auth->identities, NULL); |
| 33 | @@ -427,7 +427,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, |
| 34 | } |
| 35 | pamsshagentauth_buffer_init(&buffer); |
| 36 | pamsshagentauth_buffer_put_char(&buffer, SSH_AGENTC_RSA_CHALLENGE); |
| 37 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 38 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 39 | pamsshagentauth_buffer_put_int(&buffer, BN_num_bits(key->rsa->n)); |
| 40 | pamsshagentauth_buffer_put_bignum(&buffer, key->rsa->e); |
| 41 | pamsshagentauth_buffer_put_bignum(&buffer, key->rsa->n); |
| 42 | @@ -512,7 +512,7 @@ ssh_agent_sign(AuthenticationConnection *auth, |
| 43 | static void |
| 44 | ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) |
| 45 | { |
| 46 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 47 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 48 | pamsshagentauth_buffer_put_int(b, BN_num_bits(key->n)); |
| 49 | pamsshagentauth_buffer_put_bignum(b, key->n); |
| 50 | pamsshagentauth_buffer_put_bignum(b, key->e); |
| 51 | @@ -540,7 +540,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
| 52 | pamsshagentauth_buffer_put_cstring(b, key_ssh_name(key)); |
| 53 | switch (key->type) { |
| 54 | case KEY_RSA: |
| 55 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 56 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 57 | pamsshagentauth_buffer_put_bignum2(b, key->rsa->n); |
| 58 | pamsshagentauth_buffer_put_bignum2(b, key->rsa->e); |
| 59 | pamsshagentauth_buffer_put_bignum2(b, key->rsa->d); |
| 60 | @@ -557,7 +557,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) |
| 61 | #endif |
| 62 | break; |
| 63 | case KEY_DSA: |
| 64 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 65 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 66 | pamsshagentauth_buffer_put_bignum2(b, key->dsa->p); |
| 67 | pamsshagentauth_buffer_put_bignum2(b, key->dsa->q); |
| 68 | pamsshagentauth_buffer_put_bignum2(b, key->dsa->g); |
| 69 | @@ -649,7 +649,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) |
| 70 | |
| 71 | if (key->type == KEY_RSA1) { |
| 72 | pamsshagentauth_buffer_put_char(&msg, SSH_AGENTC_REMOVE_RSA_IDENTITY); |
| 73 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 74 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 75 | pamsshagentauth_buffer_put_int(&msg, BN_num_bits(key->rsa->n)); |
| 76 | pamsshagentauth_buffer_put_bignum(&msg, key->rsa->e); |
| 77 | pamsshagentauth_buffer_put_bignum(&msg, key->rsa->n); |
| 78 | diff --git a/bufbn.c b/bufbn.c |
| 79 | index 4ecedc1..b4754cc 100644 |
| 80 | --- a/bufbn.c |
| 81 | +++ b/bufbn.c |
| 82 | @@ -151,7 +151,7 @@ pamsshagentauth_buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value) |
| 83 | pamsshagentauth_buffer_put_int(buffer, 0); |
| 84 | return 0; |
| 85 | } |
| 86 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 87 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 88 | if (value->neg) { |
| 89 | #else |
| 90 | if (BN_is_negative(value)) { |
| 91 | diff --git a/key.c b/key.c |
| 92 | index aedbbb5..dcc5fc8 100644 |
| 93 | --- a/key.c |
| 94 | +++ b/key.c |
| 95 | @@ -77,7 +77,7 @@ pamsshagentauth_key_new(int type) |
| 96 | case KEY_RSA: |
| 97 | if ((rsa = RSA_new()) == NULL) |
| 98 | pamsshagentauth_fatal("key_new: RSA_new failed"); |
| 99 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 100 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 101 | if ((rsa->n = BN_new()) == NULL) |
| 102 | pamsshagentauth_fatal("key_new: BN_new failed"); |
| 103 | if ((rsa->e = BN_new()) == NULL) |
| 104 | @@ -91,7 +91,7 @@ pamsshagentauth_key_new(int type) |
| 105 | case KEY_DSA: |
| 106 | if ((dsa = DSA_new()) == NULL) |
| 107 | pamsshagentauth_fatal("key_new: DSA_new failed"); |
| 108 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 109 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 110 | if ((dsa->p = BN_new()) == NULL) |
| 111 | pamsshagentauth_fatal("key_new: BN_new failed"); |
| 112 | if ((dsa->q = BN_new()) == NULL) |
| 113 | @@ -130,7 +130,7 @@ pamsshagentauth_key_new_private(int type) |
| 114 | switch (k->type) { |
| 115 | case KEY_RSA1: |
| 116 | case KEY_RSA: |
| 117 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 118 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 119 | if ((k->rsa->d = BN_new()) == NULL) |
| 120 | pamsshagentauth_fatal("key_new_private: BN_new failed"); |
| 121 | if ((k->rsa->iqmp = BN_new()) == NULL) |
| 122 | @@ -153,7 +153,7 @@ pamsshagentauth_key_new_private(int type) |
| 123 | #endif |
| 124 | break; |
| 125 | case KEY_DSA: |
| 126 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 127 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 128 | if ((k->dsa->priv_key = BN_new()) == NULL) |
| 129 | pamsshagentauth_fatal("key_new_private: BN_new failed"); |
| 130 | #else |
| 131 | @@ -162,7 +162,7 @@ pamsshagentauth_key_new_private(int type) |
| 132 | #endif |
| 133 | break; |
| 134 | case KEY_ECDSA: |
| 135 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 136 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 137 | if (EC_KEY_set_private_key(k->ecdsa, BN_new()) != 1) |
| 138 | pamsshagentauth_fatal("key_new_private: EC_KEY_set_private_key failed"); |
| 139 | #else |
| 140 | @@ -224,7 +224,7 @@ pamsshagentauth_key_equal(const Key *a, const Key *b) |
| 141 | case KEY_RSA1: |
| 142 | case KEY_RSA: |
| 143 | return a->rsa != NULL && b->rsa != NULL && |
| 144 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 145 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 146 | BN_cmp(a->rsa->e, b->rsa->e) == 0 && |
| 147 | BN_cmp(a->rsa->n, b->rsa->n) == 0; |
| 148 | #else |
| 149 | @@ -233,7 +233,7 @@ pamsshagentauth_key_equal(const Key *a, const Key *b) |
| 150 | #endif |
| 151 | case KEY_DSA: |
| 152 | return a->dsa != NULL && b->dsa != NULL && |
| 153 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 154 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 155 | BN_cmp(a->dsa->p, b->dsa->p) == 0 && |
| 156 | BN_cmp(a->dsa->q, b->dsa->q) == 0 && |
| 157 | BN_cmp(a->dsa->g, b->dsa->g) == 0 && |
| 158 | @@ -293,7 +293,7 @@ pamsshagentauth_key_fingerprint_raw(const Key *k, enum fp_type dgst_type, |
| 159 | } |
| 160 | switch (k->type) { |
| 161 | case KEY_RSA1: |
| 162 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 163 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 164 | nlen = BN_num_bytes(k->rsa->n); |
| 165 | elen = BN_num_bytes(k->rsa->e); |
| 166 | len = nlen + elen; |
| 167 | @@ -510,7 +510,7 @@ pamsshagentauth_key_read(Key *ret, char **cpp) |
| 168 | return -1; |
| 169 | *cpp = cp; |
| 170 | /* Get public exponent, public modulus. */ |
| 171 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 172 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 173 | if (!read_bignum(cpp, ret->rsa->e)) |
| 174 | return -1; |
| 175 | if (!read_bignum(cpp, ret->rsa->n)) |
| 176 | @@ -643,7 +643,7 @@ pamsshagentauth_key_write(const Key *key, FILE *f) |
| 177 | |
| 178 | if (key->type == KEY_RSA1 && key->rsa != NULL) { |
| 179 | /* size of modulus 'n' */ |
| 180 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 181 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 182 | bits = BN_num_bits(key->rsa->n); |
| 183 | fprintf(f, "%u", bits); |
| 184 | if (write_bignum(f, key->rsa->e) && |
| 185 | @@ -742,7 +742,7 @@ pamsshagentauth_key_size(const Key *k) |
| 186 | { |
| 187 | switch (k->type) { |
| 188 | case KEY_RSA1: |
| 189 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 190 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 191 | case KEY_RSA: |
| 192 | return BN_num_bits(k->rsa->n); |
| 193 | case KEY_DSA: |
| 194 | @@ -843,7 +843,7 @@ pamsshagentauth_key_from_private(const Key *k) |
| 195 | switch (k->type) { |
| 196 | case KEY_DSA: |
| 197 | n = pamsshagentauth_key_new(k->type); |
| 198 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 199 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 200 | if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || |
| 201 | (BN_copy(n->dsa->q, k->dsa->q) == NULL) || |
| 202 | (BN_copy(n->dsa->g, k->dsa->g) == NULL) || |
| 203 | @@ -859,7 +859,7 @@ pamsshagentauth_key_from_private(const Key *k) |
| 204 | case KEY_RSA: |
| 205 | case KEY_RSA1: |
| 206 | n = pamsshagentauth_key_new(k->type); |
| 207 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 208 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 209 | if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || |
| 210 | (BN_copy(n->rsa->e, k->rsa->e) == NULL)) |
| 211 | #else |
| 212 | @@ -967,7 +967,7 @@ pamsshagentauth_key_from_blob(const u_char *blob, u_int blen) |
| 213 | switch (type) { |
| 214 | case KEY_RSA: |
| 215 | key = pamsshagentauth_key_new(type); |
| 216 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 217 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 218 | if (pamsshagentauth_buffer_get_bignum2_ret(&b, key->rsa->e) == -1 || |
| 219 | pamsshagentauth_buffer_get_bignum2_ret(&b, key->rsa->n) == -1) { |
| 220 | #else |
| 221 | @@ -985,7 +985,7 @@ pamsshagentauth_key_from_blob(const u_char *blob, u_int blen) |
| 222 | break; |
| 223 | case KEY_DSA: |
| 224 | key = pamsshagentauth_key_new(type); |
| 225 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 226 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 227 | if (pamsshagentauth_buffer_get_bignum2_ret(&b, key->dsa->p) == -1 || |
| 228 | pamsshagentauth_buffer_get_bignum2_ret(&b, key->dsa->q) == -1 || |
| 229 | pamsshagentauth_buffer_get_bignum2_ret(&b, key->dsa->g) == -1 || |
| 230 | @@ -1113,7 +1113,7 @@ pamsshagentauth_key_to_blob(const Key *key, u_char **blobp, u_int *lenp) |
| 231 | } |
| 232 | pamsshagentauth_buffer_init(&b); |
| 233 | switch (key->type) { |
| 234 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 235 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 236 | case KEY_DSA: |
| 237 | pamsshagentauth_buffer_put_cstring(&b, key_ssh_name(key)); |
| 238 | pamsshagentauth_buffer_put_bignum2(&b, key->dsa->p); |
| 239 | @@ -1251,7 +1251,7 @@ pamsshagentauth_key_demote(const Key *k) |
| 240 | case KEY_RSA: |
| 241 | if ((pk->rsa = RSA_new()) == NULL) |
| 242 | pamsshagentauth_fatal("key_demote: RSA_new failed"); |
| 243 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 244 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 245 | if ((pk->rsa->e = BN_dup(k->rsa->e)) == NULL) |
| 246 | pamsshagentauth_fatal("key_demote: BN_dup failed"); |
| 247 | if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL) |
| 248 | @@ -1264,7 +1264,7 @@ pamsshagentauth_key_demote(const Key *k) |
| 249 | case KEY_DSA: |
| 250 | if ((pk->dsa = DSA_new()) == NULL) |
| 251 | pamsshagentauth_fatal("key_demote: DSA_new failed"); |
| 252 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 253 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 254 | if ((pk->dsa->p = BN_dup(k->dsa->p)) == NULL) |
| 255 | pamsshagentauth_fatal("key_demote: BN_dup failed"); |
| 256 | if ((pk->dsa->q = BN_dup(k->dsa->q)) == NULL) |
| 257 | diff --git a/ssh-dss.c b/ssh-dss.c |
| 258 | index 1051ae2..9b96274 100644 |
| 259 | --- a/ssh-dss.c |
| 260 | +++ b/ssh-dss.c |
| 261 | @@ -52,7 +52,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp, |
| 262 | u_char digest[EVP_MAX_MD_SIZE], sigblob[SIGBLOB_LEN]; |
| 263 | u_int rlen, slen, len, dlen; |
| 264 | Buffer b; |
| 265 | -#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 266 | +#if OPENSSL_VERSION_NUMBER >= 0x10100005L |
| 267 | const BIGNUM *r, *s; |
| 268 | #endif |
| 269 | |
| 270 | @@ -74,7 +74,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp, |
| 271 | return -1; |
| 272 | } |
| 273 | |
| 274 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 275 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 276 | rlen = BN_num_bytes(sig->r); |
| 277 | slen = BN_num_bytes(sig->s); |
| 278 | #else |
| 279 | @@ -88,7 +88,7 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp, |
| 280 | return -1; |
| 281 | } |
| 282 | memset(sigblob, 0, SIGBLOB_LEN); |
| 283 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 284 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 285 | BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); |
| 286 | BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); |
| 287 | #else |
| 288 | @@ -131,7 +131,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, |
| 289 | u_int len, dlen; |
| 290 | int rlen, ret; |
| 291 | Buffer b; |
| 292 | -#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 293 | +#if OPENSSL_VERSION_NUMBER >= 0x10100005L |
| 294 | BIGNUM *r, *s; |
| 295 | #endif |
| 296 | |
| 297 | @@ -176,7 +176,7 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen, |
| 298 | /* parse signature */ |
| 299 | if ((sig = DSA_SIG_new()) == NULL) |
| 300 | pamsshagentauth_fatal("ssh_dss_verify: DSA_SIG_new failed"); |
| 301 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 302 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 303 | if ((sig->r = BN_new()) == NULL) |
| 304 | pamsshagentauth_fatal("ssh_dss_verify: BN_new failed"); |
| 305 | if ((sig->s = BN_new()) == NULL) |
| 306 | diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c |
| 307 | index c213959..5b13b30 100644 |
| 308 | --- a/ssh-ecdsa.c |
| 309 | +++ b/ssh-ecdsa.c |
| 310 | @@ -45,7 +45,7 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp, |
| 311 | u_char digest[EVP_MAX_MD_SIZE]; |
| 312 | u_int len, dlen; |
| 313 | Buffer b, bb; |
| 314 | -#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 315 | +#if OPENSSL_VERSION_NUMBER >= 0x10100005L |
| 316 | BIGNUM *r, *s; |
| 317 | #endif |
| 318 | |
| 319 | @@ -69,7 +69,7 @@ ssh_ecdsa_sign(const Key *key, u_char **sigp, u_int *lenp, |
| 320 | } |
| 321 | |
| 322 | pamsshagentauth_buffer_init(&bb); |
| 323 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 324 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 325 | if (pamsshagentauth_buffer_get_bignum2_ret(&bb, sig->r) == -1 || |
| 326 | pamsshagentauth_buffer_get_bignum2_ret(&bb, sig->s) == -1) { |
| 327 | #else |
| 328 | @@ -110,7 +110,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, |
| 329 | u_int len, dlen; |
| 330 | int rlen, ret; |
| 331 | Buffer b; |
| 332 | -#if OPENSSL_VERSION_NUMBER >= 0x10100000L |
| 333 | +#if OPENSSL_VERSION_NUMBER >= 0x10100005L |
| 334 | BIGNUM *r, *s; |
| 335 | #endif |
| 336 | |
| 337 | @@ -141,7 +141,7 @@ ssh_ecdsa_verify(const Key *key, const u_char *signature, u_int signaturelen, |
| 338 | |
| 339 | pamsshagentauth_buffer_init(&b); |
| 340 | pamsshagentauth_buffer_append(&b, sigblob, len); |
| 341 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 342 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 343 | if ((pamsshagentauth_buffer_get_bignum2_ret(&b, sig->r) == -1) || |
| 344 | (pamsshagentauth_buffer_get_bignum2_ret(&b, sig->s) == -1)) |
| 345 | #else |
| 346 | diff --git a/ssh-rsa.c b/ssh-rsa.c |
| 347 | index 9d74eb6..35f2e36 100644 |
| 348 | --- a/ssh-rsa.c |
| 349 | +++ b/ssh-rsa.c |
| 350 | @@ -119,13 +119,13 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen, |
| 351 | pamsshagentauth_logerror("ssh_rsa_verify: no RSA key"); |
| 352 | return -1; |
| 353 | } |
| 354 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 355 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 356 | if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) { |
| 357 | #else |
| 358 | if (BN_num_bits(RSA_get0_n(key->rsa)) < SSH_RSA_MINIMUM_MODULUS_SIZE) { |
| 359 | #endif |
| 360 | pamsshagentauth_logerror("ssh_rsa_verify: RSA modulus too small: %d < minimum %d bits", |
| 361 | -#if OPENSSL_VERSION_NUMBER < 0x10100000L |
| 362 | +#if OPENSSL_VERSION_NUMBER < 0x10100005L |
| 363 | BN_num_bits(key->rsa->n), SSH_RSA_MINIMUM_MODULUS_SIZE); |
| 364 | #else |
| 365 | BN_num_bits(RSA_get0_n(key->rsa)), SSH_RSA_MINIMUM_MODULUS_SIZE); |