diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | configure.ac | 12 | ||||
-rw-r--r-- | digest-openssl.c | 2 |
3 files changed, 16 insertions, 2 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20140703 | ||
2 | - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto | ||
3 | doesn't support it. | ||
4 | |||
1 | 20140702 | 5 | 20140702 |
2 | - OpenBSD CVS Sync | 6 | - OpenBSD CVS Sync |
3 | - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 | 7 | - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 |
diff --git a/configure.ac b/configure.ac index f48ba4a49..a73f8b3c1 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.576 2014/06/13 01:06:04 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.577 2014/07/03 01:54:19 djm Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) | 17 | AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) |
18 | AC_REVISION($Revision: 1.576 $) | 18 | AC_REVISION($Revision: 1.577 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | AC_LANG([C]) | 20 | AC_LANG([C]) |
21 | 21 | ||
@@ -2512,6 +2512,14 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , | |||
2512 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" | 2512 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" |
2513 | ] | 2513 | ] |
2514 | ) | 2514 | ) |
2515 | # Search for RIPE-MD support in OpenSSL | ||
2516 | AC_CHECK_FUNCS([EVP_ripemd160], , | ||
2517 | [unsupported_algorithms="$unsupported_algorithms \ | ||
2518 | hmac-ripemd160 | ||
2519 | hmac-ripemd160@openssh.com | ||
2520 | hmac-ripemd160-etm@openssh.com" | ||
2521 | ] | ||
2522 | ) | ||
2515 | 2523 | ||
2516 | # Check complete ECC support in OpenSSL | 2524 | # Check complete ECC support in OpenSSL |
2517 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) | 2525 | AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) |
diff --git a/digest-openssl.c b/digest-openssl.c index de0380135..7ec6bd260 100644 --- a/digest-openssl.c +++ b/digest-openssl.c | |||
@@ -45,7 +45,9 @@ struct ssh_digest { | |||
45 | /* NB. Indexed directly by algorithm number */ | 45 | /* NB. Indexed directly by algorithm number */ |
46 | const struct ssh_digest digests[] = { | 46 | const struct ssh_digest digests[] = { |
47 | { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, | 47 | { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, |
48 | #ifdef HAVE_EVP_RIPEMD160 /* XXX replace with local if missing */ | ||
48 | { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, | 49 | { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, |
50 | #endif | ||
49 | { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, | 51 | { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, |
50 | #ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ | 52 | #ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ |
51 | { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, | 53 | { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, |