Hello,
this patch is an addition to the commit 954da14 which is trying to use
non-deprecated functions in OpenSSL 1.1.0.
But the newly function needs special allocation of the dsa structure
before, which was missing. See the attached patch (or on github [1]).
[1] https://github.com/Jakuje/libssh/commit/dcdba1a
Regards,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
From dcdba1a9af16d07e2aefd12fff309730619a237a Mon Sep 17 00:00:00 2001
From: Jakub Jelen <[email protected]>
Date: Tue, 7 Nov 2017 09:38:40 +0100
Subject: [PATCH] pki_crypto: Avoid segfault with OpenSSL 1.1.0
Signed-off-by: Jakub Jelen <[email protected]>
---
src/pki_crypto.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 19821725..2a8e46ec 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -454,6 +454,10 @@ int pki_key_generate_rsa(ssh_key key, int parameter){
int pki_key_generate_dss(ssh_key key, int parameter){
int rc;
#if OPENSSL_VERSION_NUMBER > 0x10100000L
+ key->dsa = DSA_new();
+ if (!key->dsa) {
+ return SSH_ERROR;
+ }
rc = DSA_generate_parameters_ex(key->dsa,
parameter,
NULL, /* seed */
--
2.13.6
