1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
diff --git a/openbsd-compat/openssl-compat.c b/openbsd-compat/openssl-compat.c
index 033f35763..efc387fa7 100644
--- a/openbsd-compat/openssl-compat.c
+++ b/openbsd-compat/openssl-compat.c
@@ -48,19 +48,25 @@ ssh_compatible_openssl(long headerver, long libver)
if (headerver == libver)
return 1;
- /* for versions < 1.0.0, major,minor,fix,status must match */
- if (headerver < 0x1000000f) {
- mask = 0xfffff00fL; /* major,minor,fix,status */
- return (headerver & mask) == (libver & mask);
+ /*
+ * For versions < 3.0.0, major,minor,status must match and library
+ * fix version must be equal to or newer than the header.
+ */
+ if (headerver < 0x3000000f) {
+ mask = 0xfff0000fL; /* major,minor,status */
+ hfix = (headerver & 0x000ff000) >> 12;
+ lfix = (libver & 0x000ff000) >> 12;
+ if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
+ return 1;
}
/*
- * For versions >= 1.0.0, major,minor,status must match and library
- * fix version must be equal to or newer than the header.
+ * For versions >= 3.0.0, major must match and minor,status must be
+ * equal to or greater than the header.
*/
- mask = 0xfff00000L; /* major,minor,status */
- hfix = (headerver & 0x000ff000) >> 12;
- lfix = (libver & 0x000ff000) >> 12;
+ mask = 0xf000000fL; /* major, status */
+ hfix = (headerver & 0x0ffffff0L) >> 12;
+ lfix = (libver & 0x0ffffff0L) >> 12;
if ( (headerver & mask) == (libver & mask) && lfix >= hfix)
return 1;
return 0;
diff --git a/openbsd-compat/regress/opensslvertest.c b/openbsd-compat/regress/opensslvertest.c
index d50066609..60a8a4e6c 100644
--- a/openbsd-compat/regress/opensslvertest.c
+++ b/openbsd-compat/regress/opensslvertest.c
@@ -31,7 +31,7 @@ struct version_test {
{ 0x0090802fL, 0x0090804fL, 1}, /* newer library fix version: ok */
{ 0x0090802fL, 0x0090801fL, 1}, /* older library fix version: ok */
{ 0x0090802fL, 0x0090702fL, 0}, /* older library minor version: NO */
- { 0x0090802fL, 0x0090902fL, 0}, /* newer library minor version: NO */
+ { 0x0090802fL, 0x0090902fL, 1}, /* newer library minor version: ok */
{ 0x0090802fL, 0x0080802fL, 0}, /* older library major version: NO */
{ 0x0090802fL, 0x1000100fL, 0}, /* newer library major version: NO */
@@ -41,7 +41,7 @@ struct version_test {
{ 0x1000101fL, 0x1000100fL, 1}, /* older library patch version: ok */
{ 0x1000101fL, 0x1000201fL, 1}, /* newer library fix version: ok */
{ 0x1000101fL, 0x1000001fL, 0}, /* older library fix version: NO */
- { 0x1000101fL, 0x1010101fL, 0}, /* newer library minor version: NO */
+ { 0x1000101fL, 0x1010101fL, 1}, /* newer library minor version: ok */
{ 0x1000101fL, 0x0000101fL, 0}, /* older library major version: NO */
{ 0x1000101fL, 0x2000101fL, 0}, /* newer library major version: NO */
};
|