Re: Build libssh against openssl 1.1.0

[Andreas Schneider <asn@xxxxxxxxxxxxxx>]

On Wednesday, 2 November 2016 12:34:59 CET Andreas Schneider wrote:
> On Wednesday, 2 November 2016 11:27:18 CET Aris Adamantiadis wrote:
> > Hi Jakub,
> > 
> > That's great work you did here. Please let us some time to review your
> > patch and give feedback. We should test on some older systems, such as
> > centos/RHEL 4.x that some people still use.
> 
> Yes, this is indeed nice work. However I've already found some small issues.
> In DEBUG_CRYPTO there were some const issue and dsa instead of ecdsa was
> used. I've fixed that in the branch here:
> 
> https://git.libssh.org/users/asn/libssh.git/log/?h=fix
> 

Oh,

the test 'torture_crypto' fails for me with openssl 1.0.2j:


#0  0x00007ffff75f37fd in EVP_CIPHER_CTX_init () from /lib64/libcrypto.so.
1.0.0
#1  0x0000000000420693 in evp_cipher_set_encrypt_key (cipher=0x7fffffffd6c0, 
key=0x68d800 <key>, IV=0x7fffffffd720) at /home/asn/workspace/projects/libssh/
src/libcrypto.c:484
#2  0x0000000000410d95 in torture_crypto_aes256_cbc (state=0x6921a0) at /home/
asn/workspace/projects/libssh/tests/unittests/torture_crypto.c:64


void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);


You make ctx in struct ssh_cipher_struct a pointer which gets initialized with 
NULL.


So we call: EVP_CIPHER_CTX_init(NULL);

and segfault.

If I remove the change to make ctx a pointer in ssh_cipher_struct it works 
just fine.


	Andreas


-- 
Andreas Schneider                   GPG-ID: CC014E3D
www.cryptomilk.org                asn@xxxxxxxxxxxxxx