Commit 06956296 authored by Mark Andrews's avatar Mark Andrews
Browse files

Windows specific compile time test for:

2089.   [security]      Raise the minimum safe OpenSSL versions to
                        OpenSSL 0.9.7l and OpenSSL 0.9.8d.  Versions
                        prior to these have known security flaws which
                        are (potentially) exploitable in named. [RT #16391]
parent 5b356953
......@@ -17,7 +17,7 @@
/*
* Principal Author: Brian Wellington
* $Id: opensslrsa_link.c,v 1.9 2006/10/10 02:30:10 marka Exp $
* $Id: opensslrsa_link.c,v 1.10 2006/10/11 02:15:59 marka Exp $
*/
#ifdef OPENSSL
......@@ -43,6 +43,19 @@
#include <openssl/bn.h>
#endif
/*
* We don't use configure for windows so enforce the OpenSSL version
* here. Unlike with configure we don't support overriding this test.
*/
#ifdef WIN
#if !((OPENSSL_VERSION_NUMBER >= 0x009070cfL && \
OPENSSL_VERSION_NUMBER < 0x009080000L) || \
OPENSSL_VERSION_NUMBER >= 0x0090804fL)
#error Please upgrade OpenSSL to 0.9.8d/0.9.7l or greater.
#endif
#endif
/*
* XXXMPA Temporarially disable RSA_BLINDING as it requires
* good quality random data that cannot currently be guarenteed.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment