[PATCH] configure.ac/cipher.c: Check for OpenSSL with EVP_des_ede3_cbc

Darren Tucker dtucker at dtucker.net
Wed Apr 18 22:00:12 AEST 2018


On 18 April 2018 at 17:35, Hongxu Jia <hongxu.jia at windriver.com> wrote:
> While compiling openssl with option `no-des', it caused the openssh
> build failure

OpenSSL configured that way defines OPENSSL_NO_DES (which is kind of
backward, but that's how OpenSSL does it, and how OpenSSH already
handles OPENSSL_NO_RC4).

3des-cbc is the only cipher that is required by RFC4253, but on the
other hand building without OpenSSL will already omit it.  @djm?

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list