[PATCH] disable ciphers not supported by OpenSSL DES

Hongxu Jia hongxu.jia at windriver.com
Thu Apr 19 00:21:29 AEST 2018


While compiling openssl with option `no-des', it caused the openssh
build failure
...
cipher.c:85:41: error: 'EVP_des_ede3_cbc' undeclared here (not in a function);
...

OpenSSL configured that way defines OPENSSL_NO_DES to disable des

Suggested by dtucker@

Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
---
 cipher.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cipher.c b/cipher.c
index c3cd5dc..86558e1 100644
--- a/cipher.c
+++ b/cipher.c
@@ -82,7 +82,9 @@ struct sshcipher {
 
 static const struct sshcipher ciphers[] = {
 #ifdef WITH_OPENSSL
+#ifndef OPENSSL_NO_DES
 	{ "3des-cbc",		8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc },
+#endif
 	{ "aes128-cbc",		16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc },
 	{ "aes192-cbc",		16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc },
 	{ "aes256-cbc",		16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc },
-- 
2.7.4



More information about the openssh-unix-dev mailing list