diff options
author | Darren Tucker <dtucker@zip.com.au> | 2013-06-11 11:26:10 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-11 11:26:10 +1000 |
commit | 6d8bd57448b45b42809da32857d7804444349ee7 (patch) | |
tree | 6c693d94198b7df2157202405964151847e50251 | |
parent | 36187093ea0b2d2240c043417b8949611687e105 (diff) |
- (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | Makefile.in | 9 | ||||
-rw-r--r-- | configure.ac | 24 | ||||
-rwxr-xr-x | fixalgorithms | 26 |
4 files changed, 54 insertions, 7 deletions
@@ -9,6 +9,8 @@ | |||
9 | on a broken network, the backgrounded mux master will exit when the | 9 | on a broken network, the backgrounded mux master will exit when the |
10 | Control Persist time expires rather than hanging around indefinitely. | 10 | Control Persist time expires rather than hanging around indefinitely. |
11 | bz#1917, also reported and tested by tedu@. ok djm@ markus@. | 11 | bz#1917, also reported and tested by tedu@. ok djm@ markus@. |
12 | - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported | ||
13 | algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. | ||
12 | 14 | ||
13 | 20130605 | 15 | 20130605 |
14 | - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of | 16 | - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of |
diff --git a/Makefile.in b/Makefile.in index d6f6a7924..92c95a928 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.339 2013/06/05 19:12:35 dtucker Exp $ | 1 | # $Id: Makefile.in,v 1.340 2013/06/11 01:26:10 dtucker Exp $ |
2 | 2 | ||
3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
@@ -121,6 +121,8 @@ PATHSUBS = \ | |||
121 | -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g' | 121 | -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g' |
122 | 122 | ||
123 | FIXPATHSCMD = $(SED) $(PATHSUBS) | 123 | FIXPATHSCMD = $(SED) $(PATHSUBS) |
124 | FIXALGORITHMSCMD= $(SHELL) $(srcdir)/fixalgorithms $(SED) \ | ||
125 | @UNSUPPORTED_ALGORITHMS@ | ||
124 | 126 | ||
125 | all: $(CONFIGFILES) $(MANPAGES) $(TARGETS) | 127 | all: $(CONFIGFILES) $(MANPAGES) $(TARGETS) |
126 | 128 | ||
@@ -184,9 +186,10 @@ $(MANPAGES): $(MANPAGES_IN) | |||
184 | manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ | 186 | manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ |
185 | fi; \ | 187 | fi; \ |
186 | if test "$(MANTYPE)" = "man"; then \ | 188 | if test "$(MANTYPE)" = "man"; then \ |
187 | $(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \ | 189 | $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) | \ |
190 | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \ | ||
188 | else \ | 191 | else \ |
189 | $(FIXPATHSCMD) $${manpage} > $@; \ | 192 | $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) > $@; \ |
190 | fi | 193 | fi |
191 | 194 | ||
192 | $(CONFIGFILES): $(CONFIGFILES_IN) | 195 | $(CONFIGFILES): $(CONFIGFILES_IN) |
diff --git a/configure.ac b/configure.ac index bce5d7b17..e6ec2768f 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.534 2013/06/05 22:30:21 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.535 2013/06/11 01:26:10 dtucker Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
18 | AC_REVISION($Revision: 1.534 $) | 18 | AC_REVISION($Revision: 1.535 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
21 | 21 | ||
@@ -2394,6 +2394,8 @@ AC_LINK_IFELSE( | |||
2394 | ], | 2394 | ], |
2395 | [ | 2395 | [ |
2396 | AC_MSG_RESULT([no]) | 2396 | AC_MSG_RESULT([no]) |
2397 | unsupported_algorithms="$unsupported_cipers \ | ||
2398 | aes128-gcm@openssh.com aes256-gcm@openssh.com" | ||
2397 | ] | 2399 | ] |
2398 | ) | 2400 | ) |
2399 | 2401 | ||
@@ -2434,8 +2436,15 @@ fi | |||
2434 | AC_CHECK_FUNCS([crypt DES_crypt]) | 2436 | AC_CHECK_FUNCS([crypt DES_crypt]) |
2435 | 2437 | ||
2436 | # Search for SHA256 support in libc and/or OpenSSL | 2438 | # Search for SHA256 support in libc and/or OpenSSL |
2437 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes], | 2439 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], |
2438 | [TEST_SSH_SHA256=no]) | 2440 | [TEST_SSH_SHA256=yes], |
2441 | [TEST_SSH_SHA256=no | ||
2442 | unsupported_algorithms="$unsupported_algorithms \ | ||
2443 | hmac-sha2-256 hmac-sha2-512 \ | ||
2444 | diffie-hellman-group-exchange-sha256 \ | ||
2445 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | ||
2446 | ] | ||
2447 | ) | ||
2439 | AC_SUBST([TEST_SSH_SHA256]) | 2448 | AC_SUBST([TEST_SSH_SHA256]) |
2440 | 2449 | ||
2441 | # Check complete ECC support in OpenSSL | 2450 | # Check complete ECC support in OpenSSL |
@@ -2466,6 +2475,12 @@ AC_LINK_IFELSE( | |||
2466 | AC_MSG_RESULT([no]) | 2475 | AC_MSG_RESULT([no]) |
2467 | TEST_SSH_ECC=no | 2476 | TEST_SSH_ECC=no |
2468 | COMMENT_OUT_ECC="#no ecc#" | 2477 | COMMENT_OUT_ECC="#no ecc#" |
2478 | unsupported_algorithms="$unsupported_algorithms \ | ||
2479 | ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \ | ||
2480 | ecdsa-sha2-nistp256-cert-v01@openssh.com \ | ||
2481 | ecdsa-sha2-nistp384-cert-v01@openssh.com \ | ||
2482 | ecdsa-sha2-nistp521-cert-v01@openssh.com \ | ||
2483 | ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521" | ||
2469 | ] | 2484 | ] |
2470 | ) | 2485 | ) |
2471 | AC_SUBST([TEST_SSH_ECC]) | 2486 | AC_SUBST([TEST_SSH_ECC]) |
@@ -4541,6 +4556,7 @@ else | |||
4541 | fi | 4556 | fi |
4542 | AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) | 4557 | AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) |
4543 | AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) | 4558 | AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) |
4559 | AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms]) | ||
4544 | 4560 | ||
4545 | AC_EXEEXT | 4561 | AC_EXEEXT |
4546 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ | 4562 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ |
diff --git a/fixalgorithms b/fixalgorithms new file mode 100755 index 000000000..115dce81c --- /dev/null +++ b/fixalgorithms | |||
@@ -0,0 +1,26 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # fixciphers - remove unsupported ciphers from man pages. | ||
4 | # Usage: fixpaths /path/to/sed cipher1 [cipher2] <infile >outfile | ||
5 | # | ||
6 | # Author: Darren Tucker (dtucker at zip com.au). Placed in the public domain. | ||
7 | |||
8 | die() { | ||
9 | echo $* | ||
10 | exit -1 | ||
11 | } | ||
12 | |||
13 | SED=$1 | ||
14 | shift | ||
15 | |||
16 | for c in $*; do | ||
17 | subs="$subs -e /.Dq.$c.*$/d" | ||
18 | subs="$subs -e s/$c,//g" | ||
19 | done | ||
20 | |||
21 | # now remove any entirely empty lines | ||
22 | subs="$subs -e /^$/d" | ||
23 | |||
24 | ${SED} $subs | ||
25 | |||
26 | exit 0 | ||