[ssh_x509] Implicit declaration of function ssh_OpenSSL_startup

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Sat Apr 4 15:56:01 EEST 2015


Hello,
> This function is called in several places, but it's not actually
> implemented in the patchset:
Hmm
> Austins-Mac-mini:openssh-6.8p1 austin$ grep ssh_OpenSSL_startup *\.c *\.h
> ssh-add.c:    ssh_OpenSSL_startup();
> ssh-agent.c:    ssh_OpenSSL_startup();
> ssh-keygen.c:    ssh_OpenSSL_startup();
> ssh-keysign.c:    ssh_OpenSSL_startup();
> ssh.c:    ssh_OpenSSL_startup();
> sshd.c:    ssh_OpenSSL_startup();

OpenSSH code defines OpenSSL_add_all_algorithms as ssh_OpenSSL_add_all_algorithms only if engine build is enabled.

PKIX-SSH replace OpenSSL_add_all_algorithms with ssh_OpenSSL_startup unconditionally.

Function ssh_OpenSSL_startup is defined in  openssl-compat.c and declared in  openssl-compat.h and calls OpenSSL_add_all_algorithms.
Note that files are located in openbsd-compat/

This mean that it is required in all cases listed above. Note build without OpenSSL is useless for this project.

Additionally function initialize properly OpenSSL engine and FIPS mode.

Another function is used ssh_OpenSSL_shuthdown clear OpenSSL resources. Its use is mostly required to clean up engine.


$ grep -r ssh_OpenSSL_startup
openbsd-compat/openssl-compat.c:ssh_OpenSSL_startup()
openbsd-compat/openssl-compat.c:void ssh_OpenSSL_startup()   {}
openbsd-compat/openssl-compat.h:extern void ssh_OpenSSL_startup(void);
ssh-keysign.c:  ssh_OpenSSL_startup();
ssh-add.c:      ssh_OpenSSL_startup();
ssh-agent.c:    ssh_OpenSSL_startup();
ssh-keygen.c:   ssh_OpenSSL_startup();
ssh.c:  ssh_OpenSSL_startup();
sshd.c: ssh_OpenSSL_startup();

Option -r is specific to gnu version if I remember well.

Regards,
Roumen





More information about the ssh_x509 mailing list