diff options
| author | Damien Miller <djm@mindrot.org> | 2014-07-03 11:54:19 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-07-03 11:54:19 +1000 |
| commit | 8da0fa24934501909408327298097b1629b89eaa (patch) | |
| tree | 115bfe30337558e0113302e30ebfd1bc2bc814a9 | |
| parent | 81309c857dd0dbc0a1245a16d621c490ad48cfbb (diff) | |
| download | openssh-git-8da0fa24934501909408327298097b1629b89eaa.tar.gz | |
- (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
doesn't support it.
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | configure.ac | 12 | ||||
| -rw-r--r-- | digest-openssl.c | 2 |
3 files changed, 16 insertions, 2 deletions
@@ -1,3 +1,7 @@ +20140703 + - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto + doesn't support it. + 20140702 - OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 diff --git a/configure.ac b/configure.ac index f48ba4a4..a73f8b3c 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.576 2014/06/13 01:06:04 dtucker Exp $ +# $Id: configure.ac,v 1.577 2014/07/03 01:54:19 djm Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) -AC_REVISION($Revision: 1.576 $) +AC_REVISION($Revision: 1.577 $) AC_CONFIG_SRCDIR([ssh.c]) AC_LANG([C]) @@ -2512,6 +2512,14 @@ AC_CHECK_FUNCS([SHA256_Update EVP_sha256], , hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" ] ) +# Search for RIPE-MD support in OpenSSL +AC_CHECK_FUNCS([EVP_ripemd160], , + [unsupported_algorithms="$unsupported_algorithms \ + hmac-ripemd160 + hmac-ripemd160@openssh.com + hmac-ripemd160-etm@openssh.com" + ] +) # Check complete ECC support in OpenSSL AC_MSG_CHECKING([whether OpenSSL has NID_X9_62_prime256v1]) diff --git a/digest-openssl.c b/digest-openssl.c index de038013..7ec6bd26 100644 --- a/digest-openssl.c +++ b/digest-openssl.c @@ -45,7 +45,9 @@ struct ssh_digest { /* NB. Indexed directly by algorithm number */ const struct ssh_digest digests[] = { { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, +#ifdef HAVE_EVP_RIPEMD160 /* XXX replace with local if missing */ { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, +#endif { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, #ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, |