[PATCH] Fix compile when disabling SHA-1
Matt Johnston
matt at ucc.asn.au
Fri Apr 5 17:21:21 AWST 2024
Thanks, I've applied it.
Matt
On 2024-04-05 3:37 pm, Peter Krefting wrote:
> Fixes compile when disabling SHA-1 with
>
> #define DROPBEAR_SHA1_HMAC 0
> #define DROPBEAR_RSA_SHA1 0
> #define DROPBEAR_DH_GROUP14_SHA1 0
>
> while keeping SHA-256 enabled.
>
> Should also fix the opposite, but that is not a recommended
> configuration.
> ---
> src/svr-runopts.c | 4 ++++
>
> diff --git a/src/svr-runopts.c b/src/svr-runopts.c
> index e8e2f4e64bb..c4f83c111ae 100644
> --- a/src/svr-runopts.c
> +++ b/src/svr-runopts.c
> @@ -610,8 +610,12 @@ void load_all_hostkeys() {
>
> #if DROPBEAR_RSA
> if (!svr_opts.delay_hostkey && !svr_opts.hostkey->rsakey) {
> +#if DROPBEAR_RSA_SHA256
> disablekey(DROPBEAR_SIGNATURE_RSA_SHA256);
> +#endif
> +#if DROPBEAR_RSA_SHA1
> disablekey(DROPBEAR_SIGNATURE_RSA_SHA1);
> +#endif
> } else {
> any_keys = 1;
> }
More information about the Dropbear
mailing list