On Jun 22, 2016, at 3:24 PM, Michael Richardson <m...@sandelman.ca> wrote:
> It looks like openssl has obsoleted the EVP_CIPHER_CTX type in 1.1.x. > While 1.1 isn't shipping widely yet, I'd rather be ready. > I have looked through openssl to see if we can replace it easily, > and if the replacement will work in 1.0.x and the 0.9.x versions still > seem to be out there. The question is therefore: > > Can we set a minimum version of openssl in order to get decoding > of ESP? > Does anyone have any suitable openssl version macros for configure.in? b1f305da3ddf635522bdcd6c88918beaea330968 should fix this. We check for EVP_CIPHER_CTX_new() and, if we don't have it, we define our own versions of it and EVP_CIPHER_CTX_free(), and we use those to allocate and free an EVP_CIPHER_CTX. This should (modulo malloc() failing) work as well with pre-1.1.x versions as the previous version did, as the initialization and teardown of the EVP_CIPHER_CTX that was done inline is now done in EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(), respectively. _______________________________________________ tcpdump-workers mailing list tcpdump-workers@lists.tcpdump.org https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers