diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2013-06-11 11:26:10 +1000 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2013-06-11 11:26:10 +1000 |
| commit | 6d8bd57448b45b42809da32857d7804444349ee7 (patch) | |
| tree | 6c693d94198b7df2157202405964151847e50251 | |
| parent | 36187093ea0b2d2240c043417b8949611687e105 (diff) | |
- (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | Makefile.in | 9 | ||||
| -rw-r--r-- | configure.ac | 24 | ||||
| -rwxr-xr-x | fixalgorithms | 26 |
4 files changed, 54 insertions, 7 deletions
| @@ -9,6 +9,8 @@ | |||
| 9 | on a broken network, the backgrounded mux master will exit when the | 9 | on a broken network, the backgrounded mux master will exit when the |
| 10 | Control Persist time expires rather than hanging around indefinitely. | 10 | Control Persist time expires rather than hanging around indefinitely. |
| 11 | bz#1917, also reported and tested by tedu@. ok djm@ markus@. | 11 | bz#1917, also reported and tested by tedu@. ok djm@ markus@. |
| 12 | - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported | ||
| 13 | algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. | ||
| 12 | 14 | ||
| 13 | 20130605 | 15 | 20130605 |
| 14 | - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of | 16 | - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of |
diff --git a/Makefile.in b/Makefile.in index d6f6a7924..92c95a928 100644 --- a/Makefile.in +++ b/Makefile.in | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $Id: Makefile.in,v 1.339 2013/06/05 19:12:35 dtucker Exp $ | 1 | # $Id: Makefile.in,v 1.340 2013/06/11 01:26:10 dtucker Exp $ |
| 2 | 2 | ||
| 3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
| 4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
| @@ -121,6 +121,8 @@ PATHSUBS = \ | |||
| 121 | -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g' | 121 | -e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g' |
| 122 | 122 | ||
| 123 | FIXPATHSCMD = $(SED) $(PATHSUBS) | 123 | FIXPATHSCMD = $(SED) $(PATHSUBS) |
| 124 | FIXALGORITHMSCMD= $(SHELL) $(srcdir)/fixalgorithms $(SED) \ | ||
| 125 | @UNSUPPORTED_ALGORITHMS@ | ||
| 124 | 126 | ||
| 125 | all: $(CONFIGFILES) $(MANPAGES) $(TARGETS) | 127 | all: $(CONFIGFILES) $(MANPAGES) $(TARGETS) |
| 126 | 128 | ||
| @@ -184,9 +186,10 @@ $(MANPAGES): $(MANPAGES_IN) | |||
| 184 | manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ | 186 | manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \ |
| 185 | fi; \ | 187 | fi; \ |
| 186 | if test "$(MANTYPE)" = "man"; then \ | 188 | if test "$(MANTYPE)" = "man"; then \ |
| 187 | $(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \ | 189 | $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) | \ |
| 190 | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \ | ||
| 188 | else \ | 191 | else \ |
| 189 | $(FIXPATHSCMD) $${manpage} > $@; \ | 192 | $(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) > $@; \ |
| 190 | fi | 193 | fi |
| 191 | 194 | ||
| 192 | $(CONFIGFILES): $(CONFIGFILES_IN) | 195 | $(CONFIGFILES): $(CONFIGFILES_IN) |
diff --git a/configure.ac b/configure.ac index bce5d7b17..e6ec2768f 100644 --- a/configure.ac +++ b/configure.ac | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $Id: configure.ac,v 1.534 2013/06/05 22:30:21 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.535 2013/06/11 01:26:10 dtucker Exp $ |
| 2 | # | 2 | # |
| 3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
| 4 | # | 4 | # |
| @@ -15,7 +15,7 @@ | |||
| 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | 16 | ||
| 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
| 18 | AC_REVISION($Revision: 1.534 $) | 18 | AC_REVISION($Revision: 1.535 $) |
| 19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
| 20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
| 21 | 21 | ||
| @@ -2394,6 +2394,8 @@ AC_LINK_IFELSE( | |||
| 2394 | ], | 2394 | ], |
| 2395 | [ | 2395 | [ |
| 2396 | AC_MSG_RESULT([no]) | 2396 | AC_MSG_RESULT([no]) |
| 2397 | unsupported_algorithms="$unsupported_cipers \ | ||
| 2398 | aes128-gcm@openssh.com aes256-gcm@openssh.com" | ||
| 2397 | ] | 2399 | ] |
| 2398 | ) | 2400 | ) |
| 2399 | 2401 | ||
| @@ -2434,8 +2436,15 @@ fi | |||
| 2434 | AC_CHECK_FUNCS([crypt DES_crypt]) | 2436 | AC_CHECK_FUNCS([crypt DES_crypt]) |
| 2435 | 2437 | ||
| 2436 | # Search for SHA256 support in libc and/or OpenSSL | 2438 | # Search for SHA256 support in libc and/or OpenSSL |
| 2437 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes], | 2439 | AC_CHECK_FUNCS([SHA256_Update EVP_sha256], |
| 2438 | [TEST_SSH_SHA256=no]) | 2440 | [TEST_SSH_SHA256=yes], |
| 2441 | [TEST_SSH_SHA256=no | ||
| 2442 | unsupported_algorithms="$unsupported_algorithms \ | ||
| 2443 | hmac-sha2-256 hmac-sha2-512 \ | ||
| 2444 | diffie-hellman-group-exchange-sha256 \ | ||
| 2445 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | ||
| 2446 | ] | ||
| 2447 | ) | ||
| 2439 | AC_SUBST([TEST_SSH_SHA256]) | 2448 | AC_SUBST([TEST_SSH_SHA256]) |
| 2440 | 2449 | ||
| 2441 | # Check complete ECC support in OpenSSL | 2450 | # Check complete ECC support in OpenSSL |
| @@ -2466,6 +2475,12 @@ AC_LINK_IFELSE( | |||
| 2466 | AC_MSG_RESULT([no]) | 2475 | AC_MSG_RESULT([no]) |
| 2467 | TEST_SSH_ECC=no | 2476 | TEST_SSH_ECC=no |
| 2468 | COMMENT_OUT_ECC="#no ecc#" | 2477 | COMMENT_OUT_ECC="#no ecc#" |
| 2478 | unsupported_algorithms="$unsupported_algorithms \ | ||
| 2479 | ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \ | ||
| 2480 | ecdsa-sha2-nistp256-cert-v01@openssh.com \ | ||
| 2481 | ecdsa-sha2-nistp384-cert-v01@openssh.com \ | ||
| 2482 | ecdsa-sha2-nistp521-cert-v01@openssh.com \ | ||
| 2483 | ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521" | ||
| 2469 | ] | 2484 | ] |
| 2470 | ) | 2485 | ) |
| 2471 | AC_SUBST([TEST_SSH_ECC]) | 2486 | AC_SUBST([TEST_SSH_ECC]) |
| @@ -4541,6 +4556,7 @@ else | |||
| 4541 | fi | 4556 | fi |
| 4542 | AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) | 4557 | AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no]) |
| 4543 | AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) | 4558 | AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6]) |
| 4559 | AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms]) | ||
| 4544 | 4560 | ||
| 4545 | AC_EXEEXT | 4561 | AC_EXEEXT |
| 4546 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ | 4562 | AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \ |
diff --git a/fixalgorithms b/fixalgorithms new file mode 100755 index 000000000..115dce81c --- /dev/null +++ b/fixalgorithms | |||
| @@ -0,0 +1,26 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | # | ||
| 3 | # fixciphers - remove unsupported ciphers from man pages. | ||
| 4 | # Usage: fixpaths /path/to/sed cipher1 [cipher2] <infile >outfile | ||
| 5 | # | ||
| 6 | # Author: Darren Tucker (dtucker at zip com.au). Placed in the public domain. | ||
| 7 | |||
| 8 | die() { | ||
| 9 | echo $* | ||
| 10 | exit -1 | ||
| 11 | } | ||
| 12 | |||
| 13 | SED=$1 | ||
| 14 | shift | ||
| 15 | |||
| 16 | for c in $*; do | ||
| 17 | subs="$subs -e /.Dq.$c.*$/d" | ||
| 18 | subs="$subs -e s/$c,//g" | ||
| 19 | done | ||
| 20 | |||
| 21 | # now remove any entirely empty lines | ||
| 22 | subs="$subs -e /^$/d" | ||
| 23 | |||
| 24 | ${SED} $subs | ||
| 25 | |||
| 26 | exit 0 | ||