aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirkjan Bussink <d.bussink@gmail.com>2020-12-18 13:53:06 +0100
committerAndreas Schneider <asn@cryptomilk.org>2020-12-22 09:15:38 +0100
commit7e99867533cd70d7e1f67b668c7aef064afd3b24 (patch)
treec7389ea37678f5e716e46779c4a738e0a072f6d4
parente20fe54f3f80fa07819e2775b5be4a2e3fafb46f (diff)
downloadlibssh-7e99867533cd70d7e1f67b668c7aef064afd3b24.tar.gz
libssh-7e99867533cd70d7e1f67b668c7aef064afd3b24.tar.xz
libssh-7e99867533cd70d7e1f67b668c7aef064afd3b24.zip
Cleanup old OpenSSL 0.9.7 compatibility code
OpenSSL 0.9.7 is already not supported, so clean up the old legacy bits for that as well. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--include/libssh/libcrypto.h4
-rw-r--r--src/kex.c9
-rw-r--r--src/libcrypto.c5
3 files changed, 2 insertions, 16 deletions
diff --git a/include/libssh/libcrypto.h b/include/libssh/libcrypto.h
index 4117942c..a89cbd05 100644
--- a/include/libssh/libcrypto.h
+++ b/include/libssh/libcrypto.h
@@ -60,10 +60,6 @@ typedef void *EVPCTX;
#include <openssl/bn.h>
#include <openssl/opensslv.h>
-#define OPENSSL_0_9_7b 0x0090702fL
-#if (OPENSSL_VERSION_NUMBER <= OPENSSL_0_9_7b)
-#define BROKEN_AES_CTR
-#endif
typedef BIGNUM* bignum;
typedef const BIGNUM* const_bignum;
typedef BN_CTX* bignum_CTX;
diff --git a/src/kex.c b/src/kex.c
index 95948136..98558e97 100644
--- a/src/kex.c
+++ b/src/kex.c
@@ -80,13 +80,8 @@
# else
# define GCM ""
# endif /* HAVE_OPENSSL_EVP_AES_GCM */
-# ifdef BROKEN_AES_CTR
-# define AES GCM
-# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
-# else /* BROKEN_AES_CTR */
-# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
-# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
-# endif /* BROKEN_AES_CTR */
+# define AES GCM "aes256-ctr,aes192-ctr,aes128-ctr,"
+# define AES_CBC "aes256-cbc,aes192-cbc,aes128-cbc,"
# else /* HAVE_OPENSSL_AES_H */
# define AES ""
# define AES_CBC ""
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 96abec14..edfd799b 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -1304,10 +1304,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
},
#endif
#ifdef HAS_AES
-#ifndef BROKEN_AES_CTR
-/* OpenSSL until 0.9.7c has a broken AES_ctr128_encrypt implementation which
- * increments the counter from 2^64 instead of 1. It's better not to use it
- */
#ifdef HAVE_OPENSSL_EVP_AES_CTR
{
.name = "aes128-ctr",
@@ -1377,7 +1373,6 @@ static struct ssh_cipher_struct ssh_ciphertab[] = {
.cleanup = aes_ctr_cleanup
},
#endif /* HAVE_OPENSSL_EVP_AES_CTR */
-#endif /* BROKEN_AES_CTR */
{
.name = "aes128-cbc",
.blocksize = AES_BLOCK_SIZE,