diff options
author | djm <djm> | 2014-07-16 23:01:25 +0000 |
---|---|---|
committer | djm <djm> | 2014-07-16 23:01:25 +0000 |
commit | a041e232053deaf7a1eeae48243b0d9e9d1b669d (patch) | |
tree | f00541c406971737b95c45ff7afe1f95699a198a /digest-openssl.c | |
parent | 37edee65962155651d5181a0c59ec74fa678e4f2 (diff) | |
download | openssh-a041e232053deaf7a1eeae48243b0d9e9d1b669d.tar.gz |
- (djm) [digest-openssl.c] Preserve array order when disabling digests.
Reported by Petr Lautrbach.
Diffstat (limited to 'digest-openssl.c')
-rw-r--r-- | digest-openssl.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/digest-openssl.c b/digest-openssl.c index 6e8bf15d..02b17034 100644 --- a/digest-openssl.c +++ b/digest-openssl.c @@ -30,6 +30,15 @@ #include "digest.h" #include "ssherr.h" +#ifndef HAVE_EVP_RIPEMD160 +# define EVP_ripemd160 NULL +#endif /* HAVE_EVP_RIPEMD160 */ +#ifndef HAVE_EVP_SHA256 +# define EVP_sha256 NULL +# define EVP_sha384 NULL +# define EVP_sha512 NULL +#endif /* HAVE_EVP_SHA256 */ + struct ssh_digest_ctx { int alg; EVP_MD_CTX mdctx; @@ -45,15 +54,11 @@ struct ssh_digest { /* NB. Indexed directly by algorithm number */ const struct ssh_digest digests[] = { { SSH_DIGEST_MD5, "MD5", 16, EVP_md5 }, -#ifdef HAVE_EVP_RIPEMD160 /* XXX replace with local if missing */ { SSH_DIGEST_RIPEMD160, "RIPEMD160", 20, EVP_ripemd160 }, -#endif { SSH_DIGEST_SHA1, "SHA1", 20, EVP_sha1 }, -#ifdef HAVE_EVP_SHA256 /* XXX replace with local if missing */ { SSH_DIGEST_SHA256, "SHA256", 32, EVP_sha256 }, { SSH_DIGEST_SHA384, "SHA384", 48, EVP_sha384 }, { SSH_DIGEST_SHA512, "SHA512", 64, EVP_sha512 }, -#endif { -1, NULL, 0, NULL }, }; @@ -64,6 +69,8 @@ ssh_digest_by_alg(int alg) return NULL; if (digests[alg].id != alg) /* sanity */ return NULL; + if (digests[alg].mdfunc == NULL) + return NULL; return &(digests[alg]); } |