--- openssh-7.9p1.orig/cipher-ctr-mt.c	2018-10-24 20:48:00.909255466 -0000
+++ openssh-7.9p1/cipher-ctr-mt.c	2018-10-24 20:48:17.378155144 -0000
@@ -46,7 +46,7 @@

 /*-------------------- TUNABLES --------------------*/
 /* maximum number of threads and queues */
-#define MAX_THREADS      32
+#define MAX_THREADS      32
 #define MAX_NUMKQ        (MAX_THREADS * 2)

 /* Number of pregen threads to use */
@@ -435,7 +435,7 @@
 		destp.u += AES_BLOCK_SIZE;
 		srcp.u += AES_BLOCK_SIZE;
 		len -= AES_BLOCK_SIZE;
-		ssh_ctr_inc(ctx->iv, AES_BLOCK_SIZE);
+		ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);

 		/* Increment read index, switch queues on rollover */
 		if ((ridx = (ridx + 1) % KQLEN) == 0) {
@@ -481,8 +481,6 @@
 	/* get the number of cores in the system */
 	/* if it's not linux it currently defaults to 2 */
 	/* divide by 2 to get threads for each direction (MODE_IN||MODE_OUT) */
-	/* NB: assigning a float to an int discards the remainder which is */
-	/* acceptable (and wanted) in this case */
 #ifdef __linux__
 	cipher_threads = sysconf(_SC_NPROCESSORS_ONLN) / 2;
 #endif /*__linux__*/
@@ -551,16 +550,16 @@
 	}

 	if (iv != NULL) {
-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+		memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
 		c->state |= HAVE_IV;
 	}

 	if (c->state == (HAVE_KEY | HAVE_IV)) {
 		/* Clear queues */
-		memcpy(c->q[0].ctr, ctx->iv, AES_BLOCK_SIZE);
+		memcpy(c->q[0].ctr, c->aes_counter, AES_BLOCK_SIZE);
 		c->q[0].qstate = KQINIT;
 		for (i = 1; i < numkq; i++) {
-			memcpy(c->q[i].ctr, ctx->iv, AES_BLOCK_SIZE);
+			memcpy(c->q[i].ctr, c->aes_counter, AES_BLOCK_SIZE);
 			ssh_ctr_add(c->q[i].ctr, i * KQLEN, AES_BLOCK_SIZE);
 			c->q[i].qstate = KQEMPTY;
 		}
@@ -644,8 +643,22 @@
 const EVP_CIPHER *
 evp_aes_ctr_mt(void)
 {
+# if OPENSSL_VERSION_NUMBER >= 0x10100000UL && !defined(LIBRESSL_VERSION_NUMBER)
+	static EVP_CIPHER *aes_ctr;
+	aes_ctr = EVP_CIPHER_meth_new(NID_undef, 16/*block*/, 16/*key*/);
+	EVP_CIPHER_meth_set_iv_length(aes_ctr, AES_BLOCK_SIZE);
+	EVP_CIPHER_meth_set_init(aes_ctr, ssh_aes_ctr_init);
+	EVP_CIPHER_meth_set_cleanup(aes_ctr, ssh_aes_ctr_cleanup);
+	EVP_CIPHER_meth_set_do_cipher(aes_ctr, ssh_aes_ctr);
+#  ifndef SSH_OLD_EVP
+	EVP_CIPHER_meth_set_flags(aes_ctr, EVP_CIPH_CBC_MODE
+				      | EVP_CIPH_VARIABLE_LENGTH
+				      | EVP_CIPH_ALWAYS_CALL_INIT
+				      | EVP_CIPH_CUSTOM_IV);
+#  endif /*SSH_OLD_EVP*/
+	return (aes_ctr);
+# else /*earlier version of openssl*/
 	static EVP_CIPHER aes_ctr;
-
 	memset(&aes_ctr, 0, sizeof(EVP_CIPHER));
 	aes_ctr.nid = NID_undef;
 	aes_ctr.block_size = AES_BLOCK_SIZE;
@@ -654,11 +667,12 @@
 	aes_ctr.init = ssh_aes_ctr_init;
 	aes_ctr.cleanup = ssh_aes_ctr_cleanup;
 	aes_ctr.do_cipher = ssh_aes_ctr;
-#ifndef SSH_OLD_EVP
-	aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
-	    EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
-#endif
-	return &aes_ctr;
+#  ifndef SSH_OLD_EVP
+        aes_ctr.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
+		EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
+#  endif /*SSH_OLD_EVP*/
+        return &aes_ctr;
+# endif /*OPENSSH_VERSION_NUMBER*/
 }

 #endif /* defined(WITH_OPENSSL) */