From: Felix Fietkau <nbd@openwrt.org>
Date: Sat, 25 Nov 2006 22:04:23 +0000 (+0000)
Subject: add checks for missing ciphers in openssh (fixes #974)
X-Git-Url: http://git.openwrt.org/?p=openwrt%2Fsvn-archive%2Farchive.git;a=commitdiff_plain;h=c9ccef9333e0a8eaf874321c04c2c4a9da85e762;hp=c9643ebd2c187b967d80034df918f66e4954d964

add checks for missing ciphers in openssh (fixes #974)

SVN-Revision: 5643
---

diff --git a/net/openssh/patches/100-no_cast_fix.patch b/net/openssh/patches/100-no_cast_fix.patch
new file mode 100644
index 0000000000..9e8c4be2c0
--- /dev/null
+++ b/net/openssh/patches/100-no_cast_fix.patch
@@ -0,0 +1,12 @@
+--- openssh-4.4p1/cipher.c.old	2006-11-25 22:56:20.000000000 +0100
++++ openssh-4.4p1/cipher.c	2006-11-25 22:55:47.000000000 +0100
+@@ -72,7 +72,9 @@
+ 
+ 	{ "3des-cbc",		SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc },
+ 	{ "blowfish-cbc",	SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc },
++#ifndef OPENSSL_NO_CAST
+ 	{ "cast128-cbc",	SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc },
++#endif
+ 	{ "arcfour",		SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 },
+ 	{ "arcfour128",		SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 },
+ 	{ "arcfour256",		SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 },
diff --git a/net/openssh/patches/100-openssl-cipher.patch b/net/openssh/patches/100-openssl-cipher.patch
deleted file mode 100644
index f8eb177c2d..0000000000
--- a/net/openssh/patches/100-openssl-cipher.patch
+++ /dev/null
@@ -1,11 +0,0 @@
-diff -Nur openssh-4.2p1/cipher.c openssh-4.2p1.patched/cipher.c
---- openssh-4.2p1/cipher.c	2005-07-17 09:02:10.000000000 +0200
-+++ openssh-4.2p1.patched/cipher.c	2006-03-26 12:43:41.000000000 +0200
-@@ -67,7 +67,6 @@
- 
- 	{ "3des-cbc",		SSH_CIPHER_SSH2, 8, 24, 0, EVP_des_ede3_cbc },
- 	{ "blowfish-cbc",	SSH_CIPHER_SSH2, 8, 16, 0, EVP_bf_cbc },
--	{ "cast128-cbc",	SSH_CIPHER_SSH2, 8, 16, 0, EVP_cast5_cbc },
- 	{ "arcfour",		SSH_CIPHER_SSH2, 8, 16, 0, EVP_rc4 },
- 	{ "arcfour128",		SSH_CIPHER_SSH2, 8, 16, 1536, EVP_rc4 },
- 	{ "arcfour256",		SSH_CIPHER_SSH2, 8, 32, 1536, EVP_rc4 },
diff --git a/net/openssh/patches/110-no_ripemd_fix.patch b/net/openssh/patches/110-no_ripemd_fix.patch
new file mode 100644
index 0000000000..f732455c81
--- /dev/null
+++ b/net/openssh/patches/110-no_ripemd_fix.patch
@@ -0,0 +1,13 @@
+--- openssh-4.4p1/mac.c.old	2006-11-25 22:59:32.000000000 +0100
++++ openssh-4.4p1/mac.c	2006-11-25 22:59:48.000000000 +0100
+@@ -51,8 +51,10 @@
+ 	{ "hmac-sha1-96",		EVP_sha1, 96 },
+ 	{ "hmac-md5",			EVP_md5, 0 },
+ 	{ "hmac-md5-96",		EVP_md5, 96 },
++#ifndef OPENSSL_NO_RIPEMD
+ 	{ "hmac-ripemd160",		EVP_ripemd160, 0 },
+ 	{ "hmac-ripemd160@openssh.com",	EVP_ripemd160, 0 },
++#endif
+ 	{ NULL,				NULL, 0 }
+ };
+