1 files changed, 25 insertions, 0 deletions

diff --git a/net-misc/openssh-x/files/openssh-5.9_p1-drop-openssl-check.patch b/net-misc/openssh-x/files/openssh-5.9_p1-drop-openssl-check.patch
new file mode 100644
index 00000000..eb621abb
--- /dev/null
+++ b/net-misc/openssh-x/files/openssh-5.9_p1-drop-openssl-check.patch
@@ -0,0 +1,25 @@
+newer versions of openssl have started to be compatible across minor versions
+too, so this sanity check fails.  since we already handle compatibility with
+openssl via SONAME checks, we don't need this openssh check at all.
+
+http://marc.info/?l=openssl-dev&m=133176786215023&w=2
+
+--- a/entropy.c
++++ b/entropy.c
+@@ -208,16 +208,7 @@ seed_rng(void)
+ {
+ #ifndef OPENSSL_PRNG_ONLY
+ 	unsigned char buf[RANDOM_SEED_SIZE];
+-#endif
+-	/*
+-	 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
+-	 * We match major, minor, fix and status (not patch)
+-	 */
+-	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
+-		fatal("OpenSSL version mismatch. Built against %lx, you "
+-		    "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
+ 
+-#ifndef OPENSSL_PRNG_ONLY
+ 	if (RAND_status() == 1) {
+ 		debug3("RNG is ready, skipping seeding");
+ 		return;