[PATCH 1/1] fix libssl version check

Herwin Weststrate herwin at quarantainenet.nl
Thu Oct 16 16:25:17 CEST 2014

On 16-10-14 15:29, Christian Hesse wrote:
> Arran Cudbard-Bell <a.cudbardb at freeradius.org> on Thu, 2014/10/16 09:14:
>> On 16 Oct 2014, at 06:15, Christian Hesse <list at eworm.de> wrote:
>>> From: Christian Hesse <mail at eworm.de>
>>> When doing bitwise AND leading zeros do not matter, trailing ones do.
>> That's not all you changed, the mask bits are different, why?
> I think I changed it to how it was intended. The update from openssl 1.0.1i
> to 1.0.1j broke my system again as wrong bits were compared.
> These are the correct masks:
> 0x0000000f -> status
> 0x00000ff0 -> patch
> 0x000ff000 -> fix
> 0x0ff00000 -> minor
> 0xf0000000 -> major
> Or did I miss anything?

The format is described in ssleay(3) and copied in the code above the
function that's been updated:

  OpenSSL version number consists of:
  MMNNFFPPS: major minor fix patch status

So it's actually 0xff0000000 to get the major version (although it may
take a while before we'll actually get to version 16 ;)) and for
readability, the other ones should have an extra 0 at the beginning. The
first line of the patch (the status mismatch check) should be left as it
is now.

The rest of the code looks to me like a confusion between big-endian and
little-endian. The patch set looks pretty sane to me, as long as the
extra 0 or f is added.
I haven't tested if the endianness is actually the same as the
documentation suggests.

Herwin Weststrate

More information about the Freeradius-Devel mailing list