- (djm) fatal() on OpenSSL version mismatch

diff --git a/ChangeLog b/ChangeLog
index ea454e5825ef9ee0214cb1b2c153e1948ef565fb..4266e5b1c07d86c4f14b225309d43cd66de95252 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,7 @@
  - (djm) Fix up POSIX saved uid support. Report from Mark Miller 
    <markm@swoon.net>
  - (djm) Search for -lcrypt on FreeBSD too
+ - (djm) fatal() on OpenSSL version mismatch
 
 20010226
  - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.

diff --git a/entropy.c b/entropy.c
index 260d5bdff2faa465f8acf7932baae273db76879c..34bb5eb1b3dfef218b600310394c5f26003bd1eb 100644 (file)
--- a/entropy.c
+++ b/entropy.c
@@ -26,6 +26,7 @@
 
 #include <openssl/rand.h>
 #include <openssl/sha.h>
+#include <openssl/crypto.h>
 
 /* SunOS 4.4.4 needs this */
 #ifdef HAVE_FLOATINGPOINT_H
@@ -67,6 +68,14 @@ RCSID("$Id$");
 # define SAVED_IDS_WORK_WITH_SETEUID
 #endif
 
+void check_openssl_version(void) 
+{
+       if (SSLeay() != OPENSSL_VERSION_NUMBER)
+               fatal("OpenSSL version mismatch. Built against %x, you "
+                   "have %x", OPENSSL_VERSION_NUMBER, SSLeay());
+}
+
+
 #if defined(EGD_SOCKET) || defined(RANDOM_POOL)
 
 #ifdef EGD_SOCKET
@@ -188,8 +197,10 @@ seed_rng(void)
        memset(buf, '\0', sizeof(buf));
 }
 
-/* No-op */
-void init_rng(void) {}
+void init_rng(void) 
+{
+       check_openssl_version();
+}
 
 #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */
 
@@ -818,6 +829,8 @@ void init_rng(void)
 {
        int original_euid;
 
+       check_openssl_version();
+
        original_uid = getuid();
        original_euid = geteuid();