[openssh-commits] [openssh] 01/01: Move OPENSSL_NO_RIPEMD160 to compat.

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Oct 28 14:28:36 AEDT 2016 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit a9ff3950b8e80ff971b4d44bbce96df27aed28af
Author: Darren Tucker <dtucker at zip.com.au>
Date:   Fri Oct 28 14:26:58 2016 +1100

    Move OPENSSL_NO_RIPEMD160 to compat.
    
    Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the
    ripemd160 MACs.
---
 digest-openssl.c                | 3 +--
 mac.c                           | 4 ++++
 openbsd-compat/openssl-compat.h | 6 ++++++
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/digest-openssl.c b/digest-openssl.c
index 517d2a2..13b63c2 100644
--- a/digest-openssl.c
+++ b/digest-openssl.c
@@ -32,8 +32,7 @@
 #include "digest.h"
 #include "ssherr.h"
 
-#if !defined(HAVE_EVP_RIPEMD160) || defined(OPENSSL_NO_RIPEMD) || \
-    defined(OPENSSL_NO_RMD160)
+#ifndef HAVE_EVP_RIPEMD160
 # define EVP_ripemd160 NULL
 #endif /* HAVE_EVP_RIPEMD160 */
 #ifndef HAVE_EVP_SHA256
diff --git a/mac.c b/mac.c
index 6b12cd1..5ba7fae 100644
--- a/mac.c
+++ b/mac.c
@@ -64,8 +64,10 @@ static const struct macalg macs[] = {
 #endif
 	{ "hmac-md5",				SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 },
 	{ "hmac-md5-96",			SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 },
+#ifdef HAVE_EVP_RIPEMD160
 	{ "hmac-ripemd160",			SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 },
 	{ "hmac-ripemd160 at openssh.com",		SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 },
+#endif
 	{ "umac-64 at openssh.com",		SSH_UMAC, 0, 0, 128, 64, 0 },
 	{ "umac-128 at openssh.com",		SSH_UMAC128, 0, 0, 128, 128, 0 },
 
@@ -78,7 +80,9 @@ static const struct macalg macs[] = {
 #endif
 	{ "hmac-md5-etm at openssh.com",		SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 1 },
 	{ "hmac-md5-96-etm at openssh.com",	SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 1 },
+#ifdef HAVE_EVP_RIPEMD160
 	{ "hmac-ripemd160-etm at openssh.com",	SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 1 },
+#endif
 	{ "umac-64-etm at openssh.com",		SSH_UMAC, 0, 0, 128, 64, 1 },
 	{ "umac-128-etm at openssh.com",		SSH_UMAC128, 0, 0, 128, 128, 1 },
 
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index 3513d60..2ae42ba 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -69,6 +69,12 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t);
 # endif
 #endif
 
+#if defined(HAVE_EVP_RIPEMD160)
+# if defined(OPENSSL_NO_RIPEMD) || defined(OPENSSL_NO_RMD160)
+#  undef HAVE_EVP_RIPEMD160
+# endif
+#endif
+
 /*
  * We overload some of the OpenSSL crypto functions with ssh_* equivalents
  * to automatically handle OpenSSL engine initialisation.

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list