diff options
author | Damien Miller <djm@mindrot.org> | 2014-07-17 09:01:25 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-07-17 09:01:25 +1000 |
commit | f6293a0b4129826fc2e37e4062f96825df43c326 (patch) | |
tree | 251d46d7beae0cd22c5d49bc714e42f3c18fcb94 /digest-openssl.c | |
parent | 00f9cd230709c04399ef5ff80492d70a55230694 (diff) |
- (djm) [digest-openssl.c] Preserve array order when disabling digests.
Reported by Petr Lautrbach.
Diffstat (limited to 'digest-openssl.c')
-rw-r--r-- | digest-openssl.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/digest-openssl.c b/digest-openssl.c index 6e8bf15d3..02b170341 100644 --- a/digest-openssl.c +++ b/digest-openssl.c | |||
@@ -30,6 +30,15 @@ | |||
30 | #include "digest.h" | 30 | #include "digest.h" |
31 | #include "ssherr.h" | 31 | #include "ssherr.h" |
32 | 32 | ||
33 | #ifndef HAVE_EVP_RIPEMD160 | ||
34 | # define EVP_ripemd160 NULL | ||
35 | #endif /* HAVE_EVP_RIPEMD160 */ | ||
36 | #ifndef HAVE_EVP_SHA256 | ||
37 | # define EVP_sha256 NULL | ||
38 | # define EVP_sha384 NULL | ||
39 | # define EVP_sha512 NULL | ||
40 | #endif /* HAVE_EVP_SHA256 */ | ||
41 | |||
33 | struct ssh_digest_ctx { | 42 | struct ssh_digest_ctx { |
34 | int alg; | 43 | int alg; |
35 | EVP_MD_CTX mdctx; | 44 | EVP_MD_CTX mdctx; |
@@ -45,15 +54,11 @@ struct ssh_digest { | |||
45 | /* NB. Indexed directly by algorithm number */ | 54 | /* NB. Indexed directly by algorithm number */ |
46 | const struct ssh_digest digests[] = { | 55 | const struct ssh_digest digests[] = { |
47 | { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, | 56 | { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, |
48 | #ifdef HAVE_EVP_RIPEMD160 /* XXX replace with local if missing */ | ||
49 | { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, | 57 | { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, |
50 | #endif | ||
51 | { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, | 58 | { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, |
52 | #ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ | ||
53 | { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, | 59 | { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, |
54 | { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, | 60 | { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, |
55 | { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, | 61 | { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, |
56 | #endif | ||
57 | { -1, NULL, 0, NULL }, | 62 | { -1, NULL, 0, NULL }, |
58 | }; | 63 | }; |
59 | 64 | ||
@@ -64,6 +69,8 @@ ssh_digest_by_alg(int alg) | |||
64 | return NULL; | 69 | return NULL; |
65 | if (digests[alg].id != alg) /* sanity */ | 70 | if (digests[alg].id != alg) /* sanity */ |
66 | return NULL; | 71 | return NULL; |
72 | if (digests[alg].mdfunc == NULL) | ||
73 | return NULL; | ||
67 | return &(digests[alg]); | 74 | return &(digests[alg]); |
68 | } | 75 | } |
69 | 76 | ||