diff options
author | Darren Tucker <dtucker@zip.com.au> | 2009-11-07 16:03:14 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2009-11-07 16:03:14 +1100 |
commit | df6578bb4df17210f792c3bc98a72bed473e7e11 (patch) | |
tree | 7fb3b57ea303273dbd6adab903e566de67fab54e | |
parent | e89ed1cfcae65705b48d3741873d8ab1f76a6cf7 (diff) |
- (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
keys when built with OpenSSL versions that don't do AES.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | authfile.c | 4 |
2 files changed, 8 insertions, 0 deletions
@@ -1,3 +1,7 @@ +20091107 + - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private + keys when built with OpenSSL versions that don't do AES. + 20091105 - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with older versions of OpenSSL. @@ -187,7 +187,11 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, int success = 0; int len = strlen(_passphrase); u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; +#if (OPENSSL_VERSION_NUMBER < 0x00907000L) + const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; +#else const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL; +#endif if (len > 0 && len <= 4) { error("passphrase too short: have %d bytes, need > 4", len); |