diff options
author | Damien Miller <djm@mindrot.org> | 2018-10-17 11:01:20 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-10-17 11:01:20 +1100 |
commit | aede1c34243a6f7feae2fb2cb686ade5f9be6f3d (patch) | |
tree | 421f34ba50ad884ee25802ff73c527a2724d39fa | |
parent | 08300c211409c212e010fe2e2f2883e573a04ce2 (diff) |
Require OpenSSL 1.1.x series 1.1.0g or greaterV_7_9_P1
Previous versions have a bug with EVP_CipherInit() when passed a
NULL EVP_CIPHER, per https://github.com/openssl/openssl/pull/4613
ok dtucker@
-rw-r--r-- | configure.ac | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/configure.ac b/configure.ac index 099ecdaa..7379ab35 100644 --- a/configure.ac +++ b/configure.ac @@ -2612,15 +2612,19 @@ if test "x$openssl" = "xyes" ; then ssl_library_ver=`cat conftest.ssllibver` # Check version is supported. case "$ssl_library_ver" in - 10000*|0*) - AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) - ;; - 100*) ;; # 1.0.x - 101*) ;; # 1.1.x - 200*) ;; # LibreSSL - *) - AC_MSG_ERROR([OpenSSL > 1.1.x is not yet supported (have "$ssl_library_ver")]) - ;; + 10000*|0*) + AC_MSG_ERROR([OpenSSL >= 1.0.1 required (have "$ssl_library_ver")]) + ;; + 100*) ;; # 1.0.x + 101000[0123456]*) + # https://github.com/openssl/openssl/pull/4613 + AC_MSG_ERROR([OpenSSL 1.1.x versions prior to 1.1.0g have a bug that breaks their use with OpenSSH (have "$ssl_library_ver")]) + ;; + 101*) ;; # 1.1.x + 200*) ;; # LibreSSL + *) + AC_MSG_ERROR([OpenSSL > 1.1.x is not yet supported (have "$ssl_library_ver")]) + ;; esac AC_MSG_RESULT([$ssl_library_ver]) ], |