Commit 6d8bd574 authored by Darren Tucker's avatar Darren Tucker

- (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported

   algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
parent 36187093
......@@ -9,6 +9,8 @@
on a broken network, the backgrounded mux master will exit when the
Control Persist time expires rather than hanging around indefinitely.
bz#1917, also reported and tested by tedu@. ok djm@ markus@.
- (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
20130605
- (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of
......
# $Id: Makefile.in,v 1.339 2013/06/05 19:12:35 dtucker Exp $
# $Id: Makefile.in,v 1.340 2013/06/11 01:26:10 dtucker Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
......@@ -121,6 +121,8 @@ PATHSUBS = \
-e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g'
FIXPATHSCMD = $(SED) $(PATHSUBS)
FIXALGORITHMSCMD= $(SHELL) $(srcdir)/fixalgorithms $(SED) \
@UNSUPPORTED_ALGORITHMS@
all: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
......@@ -184,9 +186,10 @@ $(MANPAGES): $(MANPAGES_IN)
manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \
fi; \
if test "$(MANTYPE)" = "man"; then \
$(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
$(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) | \
$(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
else \
$(FIXPATHSCMD) $${manpage} > $@; \
$(FIXPATHSCMD) $${manpage} | $(FIXALGORITHMSCMD) > $@; \
fi
$(CONFIGFILES): $(CONFIGFILES_IN)
......
# $Id: configure.ac,v 1.534 2013/06/05 22:30:21 dtucker Exp $
# $Id: configure.ac,v 1.535 2013/06/11 01:26:10 dtucker Exp $
#
# Copyright (c) 1999-2004 Damien Miller
#
......@@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
AC_REVISION($Revision: 1.534 $)
AC_REVISION($Revision: 1.535 $)
AC_CONFIG_SRCDIR([ssh.c])
AC_LANG([C])
......@@ -2394,6 +2394,8 @@ AC_LINK_IFELSE(
],
[
AC_MSG_RESULT([no])
unsupported_algorithms="$unsupported_cipers \
aes128-gcm@openssh.com aes256-gcm@openssh.com"
]
)
......@@ -2434,8 +2436,15 @@ fi
AC_CHECK_FUNCS([crypt DES_crypt])
# Search for SHA256 support in libc and/or OpenSSL
AC_CHECK_FUNCS([SHA256_Update EVP_sha256], [TEST_SSH_SHA256=yes],
[TEST_SSH_SHA256=no])
AC_CHECK_FUNCS([SHA256_Update EVP_sha256],
[TEST_SSH_SHA256=yes],
[TEST_SSH_SHA256=no
unsupported_algorithms="$unsupported_algorithms \
hmac-sha2-256 hmac-sha2-512 \
diffie-hellman-group-exchange-sha256 \
hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
]
)
AC_SUBST([TEST_SSH_SHA256])
# Check complete ECC support in OpenSSL
......@@ -2466,6 +2475,12 @@ AC_LINK_IFELSE(
AC_MSG_RESULT([no])
TEST_SSH_ECC=no
COMMENT_OUT_ECC="#no ecc#"
unsupported_algorithms="$unsupported_algorithms \
ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 \
ecdsa-sha2-nistp256-cert-v01@openssh.com \
ecdsa-sha2-nistp384-cert-v01@openssh.com \
ecdsa-sha2-nistp521-cert-v01@openssh.com \
ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521"
]
)
AC_SUBST([TEST_SSH_ECC])
......@@ -4541,6 +4556,7 @@ else
fi
AC_CHECK_DECL([BROKEN_GETADDRINFO], [TEST_SSH_IPV6=no])
AC_SUBST([TEST_SSH_IPV6], [$TEST_SSH_IPV6])
AC_SUBST([UNSUPPORTED_ALGORITHMS], [$unsupported_algorithms])
AC_EXEEXT
AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
......
#!/bin/sh
#
# fixciphers - remove unsupported ciphers from man pages.
# Usage: fixpaths /path/to/sed cipher1 [cipher2] <infile >outfile
#
# Author: Darren Tucker (dtucker at zip com.au). Placed in the public domain.
die() {
echo $*
exit -1
}
SED=$1
shift
for c in $*; do
subs="$subs -e /.Dq.$c.*$/d"
subs="$subs -e s/$c,//g"
done
# now remove any entirely empty lines
subs="$subs -e /^$/d"
${SED} $subs
exit 0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment