EVP_sha256() does not appear in OpenSSL until 0.9.7h, not available by default until 0.9.8 #8464
Conversation
|
Does it really appear in 0.9.7h? this email seems to suggest that it might not. I presume you're using a version older than 0.9.7h yourself? (I also presume you're fully aware that you really should upgrade to a more modern version) |
|
My determination was made using a git checkout of the openssl repo, checking out the various tags, and grepping for I saw that thread, but it was not clear to me in the changelogs from 0.9.7h to 0.9.7m when something relevant may have changed. The ancient platform I'm building git (and for git, curl) for is an old Solaris installation with a bunch of packages installed at |
|
You know, building these versions won't take that long. I'll try to pin it down better. |
|
Okay, I tested with a tiny program, #include <stdio.h>
#include <openssl/evp.h>
int main(char* argv, int argc) {
printf("%p\n", EVP_sha256);
return 0;
}and compiled and it, statically linking against libssl.a and libcrypto.a from builds of OpenSSL 0.9.7h-0.9.7m and 0.9.8 with default config (no-asm for 0.9.8, because I needed it to build). Only 0.9.8 worked. So I think we want to push that back up to 0.9.8 and will update the patch accordingly. |
EVP_sha256() does not appear in the OpenSSL source before 0.9.7h, and does not get built by default until 0.9.8, so trying to use it for all 0.9.7 is wrong, and before 0.9.8 is unreliable.
asedeno
force-pushed
the
sha256_and_old_openssl
branch
from
ecbdbcf
to
0546028
Compare
asedeno
changed the title
|
Thanks |
We can't use OpenSSL's SHA256 implementation in versions that predate it, and the
EVP_sha256()function does not appear until OpenSSL 0.9.7h. It is possible it was not enabled by default until later, and someone else can propose moving this threshold up further, but this is the minimum lower bound for this to work.