1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
--- a/contrib/mod_sftp/kex.c
+++ b/contrib/mod_sftp/kex.c
@@ -3778,7 +3778,7 @@
const unsigned char *hostkey_data, uint32_t hostkey_datalen,
const BIGNUM *k, unsigned char *client_curve25519,
unsigned char *server_curve25519, uint32_t *hlen) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(HAVE_LIBRESSL)
EVP_MD_CTX ctx;
#endif /* prior to OpenSSL-1.1.0 */
EVP_MD_CTX *pctx;
@@ -3822,7 +3822,7 @@
/* Shared secret */
sftp_msg_write_mpint(&buf, &buflen, k);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000LL
+#if OPENSSL_VERSION_NUMBER >= 0x10100000LL && !defined(HAVE_LIBRESSL)
pctx = EVP_MD_CTX_new();
#else
pctx = &ctx;
@@ -3840,7 +3840,7 @@
BN_clear_free(kex->e);
kex->e = NULL;
pr_memscrub(ptr, bufsz);
-# if OPENSSL_VERSION_NUMBER >= 0x10100000LL
+# if OPENSSL_VERSION_NUMBER >= 0x10100000LL && !defined(HAVE_LIBRESSL)
EVP_MD_CTX_free(pctx);
# endif /* OpenSSL-1.1.0 and later */
return NULL;
@@ -3856,7 +3856,7 @@
BN_clear_free(kex->e);
kex->e = NULL;
pr_memscrub(ptr, bufsz);
-# if OPENSSL_VERSION_NUMBER >= 0x10100000LL
+# if OPENSSL_VERSION_NUMBER >= 0x10100000LL && !defined(HAVE_LIBRESSL)
EVP_MD_CTX_free(pctx);
# endif /* OpenSSL-1.1.0 and later */
return NULL;
@@ -3872,7 +3872,7 @@
BN_clear_free(kex->e);
kex->e = NULL;
pr_memscrub(ptr, bufsz);
-# if OPENSSL_VERSION_NUMBER >= 0x10100000LL
+# if OPENSSL_VERSION_NUMBER >= 0x10100000LL && !defined(HAVE_LIBRESSL)
EVP_MD_CTX_free(pctx);
# endif /* OpenSSL-1.1.0 and later */
return NULL;
@@ -3881,7 +3881,7 @@
EVP_DigestFinal(pctx, kex_digest_buf, hlen);
#endif
-#if OPENSSL_VERSION_NUMBER >= 0x10100000LL
+#if OPENSSL_VERSION_NUMBER >= 0x10100000LL && !defined(HAVE_LIBRESSL)
EVP_MD_CTX_free(pctx);
#endif /* OpenSSL-1.1.0 and later */
BN_clear_free(kex->e);
|
