openssh unix dev - Jan 2011 - [openssh-commits] CVS: fuyu.mindrot.org: openssh

This commit message was supposed to be:

 - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
   silly warnings on write() calls we don't care succeed or not.

I fixed the CVS log retrospectively

On Wed, 12 Jan 2011, Damien Miller wrote:
> CVSROOT:        /var/cvs
> Module name:    openssh
> Changes by:     djm at fuyu.mindrot.org 11/01/12 13:34:04
> 
> Modified files:
>     .               : ChangeLog configure.ac
> 
> Log message:
> 
> Diff commands:
> cvs -nQq rdiff -u -r1.5786 -r1.5787 openssh/ChangeLog
> cvs -nQq rdiff -u -r1.461 -r1.462 openssh/configure.ac
> 
> ViewVC:
>
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5786;r2=1.5787&view=patch
>
http://anoncvs.mindrot.org/index.cgi/openssh/configure.ac?r1=1.461;r2=1.462&view=patch
> 
> Please note that there may be a delay before commits are available
> on the public ViewVC site.
> _______________________________________________
> openssh-commits mailing list
> openssh-commits at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-commits
>

On Thu, Jan 13, 2011 at 10:05:15PM +1100, Damien Miller
wrote:
> Log message:
>  - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
>    should not depend on ECC support
... but it should depend on actually having SHA256.  Fixed regrest test
failures on old (<=0.9.6, I think) openssls.

Longer term (ie after release) I think we should cook up a function in
test-exec.sh that looks in config.h and use that in the tests.

Index: Makefile.in
==================================================================RCS file:
/home/dtucker/openssh/cvs/openssh/Makefile.in,v
retrieving revision 1.318
diff -u -p -r1.318 Makefile.in
--- Makefile.in	14 Jan 2011 03:47:40 -0000	1.318
+++ Makefile.in	16 Jan 2011 05:29:19 -0000
@@ -416,6 +416,7 @@ tests interop-tests:	$(TARGETS)
 	TEST_SSH_CONCH="conch"; \
 	TEST_SSH_IPV6="@TEST_SSH_IPV6@" ; \
 	TEST_SSH_ECC="@TEST_SSH_ECC@" ; \
+	TEST_SSH_SHA256="@TEST_SSH_SHA256@" ; \
 	cd $(srcdir)/regress || exit $$?; \
 	$(MAKE) \
 		.OBJDIR="$${BUILDDIR}/regress" \
@@ -438,6 +439,7 @@ tests interop-tests:	$(TARGETS)
 		TEST_SSH_CONCH="$${TEST_SSH_CONCH}" \
 		TEST_SSH_IPV6="$${TEST_SSH_IPV6}" \
 		TEST_SSH_ECC="$${TEST_SSH_ECC}" \
+		TEST_SSH_SHA256="$${TEST_SSH_SHA256}" \
 		EXEEXT="$(EXEEXT)" \
 		$@ && echo all tests passed
 
Index: configure.ac
==================================================================RCS file:
/home/dtucker/openssh/cvs/openssh/configure.ac,v
retrieving revision 1.464
diff -u -p -r1.464 configure.ac
--- configure.ac	13 Jan 2011 06:35:46 -0000	1.464
+++ configure.ac	16 Jan 2011 05:28:26 -0000
@@ -2239,7 +2239,9 @@ if test "x$check_for_libcrypt_later" = "
 fi
 
 # Search for SHA256 support in libc and/or OpenSSL
-AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
+AC_CHECK_FUNCS(SHA256_Update EVP_sha256, [TEST_SSH_SHA256=yes],
+    [TEST_SSH_SHA256=no])
+AC_SUBST(TEST_SSH_SHA256)
 
 # Check complete ECC support in OpenSSL
 AC_MSG_CHECKING([whether OpenSSL has complete ECC support])
Index: regress/kextype.sh
==================================================================RCS file:
/home/dtucker/openssh/cvs/openssh/regress/kextype.sh,v
retrieving revision 1.5
diff -u -p -r1.5 kextype.sh
--- regress/kextype.sh	13 Jan 2011 11:05:15 -0000	1.5
+++ regress/kextype.sh	16 Jan 2011 05:19:27 -0000
@@ -10,7 +10,9 @@ cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 if test "$TEST_SSH_ECC" = "yes"; then
 	kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521"
 fi
-kextypes="$kextypes diffie-hellman-group-exchange-sha256"
+if test "$TEST_SSH_SHA256" = "yes"; then
+	kextypes="$kextypes diffie-hellman-group-exchange-sha256"
+fi
 kextypes="$kextypes diffie-hellman-group-exchange-sha1"
 kextypes="$kextypes diffie-hellman-group14-sha1"
 kextypes="$kextypes diffie-hellman-group1-sha1"

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.