diff options
| -rw-r--r-- | digest-openssl.c | 3 | ||||
| -rw-r--r-- | mac.c | 4 | ||||
| -rw-r--r-- | openbsd-compat/openssl-compat.h | 6 |
3 files changed, 11 insertions, 2 deletions
diff --git a/digest-openssl.c b/digest-openssl.c index 517d2a24c..13b63c2f0 100644 --- a/digest-openssl.c +++ b/digest-openssl.c @@ -32,8 +32,7 @@ #include "digest.h" #include "ssherr.h" -#if !defined(HAVE_EVP_RIPEMD160) || defined(OPENSSL_NO_RIPEMD) || \ - defined(OPENSSL_NO_RMD160) +#ifndef HAVE_EVP_RIPEMD160 # define EVP_ripemd160 NULL #endif /* HAVE_EVP_RIPEMD160 */ #ifndef HAVE_EVP_SHA256 @@ -64,8 +64,10 @@ static const struct macalg macs[] = { #endif { "hmac-md5", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 0 }, { "hmac-md5-96", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 0 }, +#ifdef HAVE_EVP_RIPEMD160 { "hmac-ripemd160", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, { "hmac-ripemd160@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 0 }, +#endif { "umac-64@openssh.com", SSH_UMAC, 0, 0, 128, 64, 0 }, { "umac-128@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 0 }, @@ -78,7 +80,9 @@ static const struct macalg macs[] = { #endif { "hmac-md5-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 0, 0, 0, 1 }, { "hmac-md5-96-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_MD5, 96, 0, 0, 1 }, +#ifdef HAVE_EVP_RIPEMD160 { "hmac-ripemd160-etm@openssh.com", SSH_DIGEST, SSH_DIGEST_RIPEMD160, 0, 0, 0, 1 }, +#endif { "umac-64-etm@openssh.com", SSH_UMAC, 0, 0, 128, 64, 1 }, { "umac-128-etm@openssh.com", SSH_UMAC128, 0, 0, 128, 128, 1 }, diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h index 3513d6011..2ae42bacf 100644 --- a/openbsd-compat/openssl-compat.h +++ b/openbsd-compat/openssl-compat.h @@ -69,6 +69,12 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, size_t); # endif #endif +#if defined(HAVE_EVP_RIPEMD160) +# if defined(OPENSSL_NO_RIPEMD) || defined(OPENSSL_NO_RMD160) +# undef HAVE_EVP_RIPEMD160 +# endif +#endif + /* * We overload some of the OpenSSL crypto functions with ssh_* equivalents * to automatically handle OpenSSL engine initialisation. |