Created attachment 2703 [details] patch with preprocessor checks of available ciphers I use OpenSSL 1.0.2c configured and compiled with "no-rc4" flag. It breaks compilation of cipher.c from Openssh. The attached patch adds more preprocessor checks of available ciphers form OpenSSL.
Looks reasonable, putting on the list for 7.2
ok for OPENSSL_NO_BF, OPENSSL_NO_CAST and OPENSSL_NO_RC4. I don't think we want to support no-AES / no-3DES configurations so IMO we should skip the extra ifdef (it's tangled enough already)
Created attachment 2738 [details] handle RC4, CAST and/or Blowfish being disabled in libcrypto (In reply to Damien Miller from comment #2) > ok for OPENSSL_NO_BF, OPENSSL_NO_CAST and OPENSSL_NO_RC4. patch updated thusly. > I don't think we want to support no-AES / no-3DES configurations so > IMO we should skip the extra ifdef (it's tangled enough already) I agree with this, because disabling AES in libcrypto will end up using the AES code in rijndael.c anyway, and 3DES is the only cipher required by RFC4253.
Comment on attachment 2738 [details] handle RC4, CAST and/or Blowfish being disabled in libcrypto Does this do the right thing wrt filtering myproposal.h values?
(In reply to Damien Miller from comment #4) > Does this do the right thing wrt filtering myproposal.h values? Hm. I don't think it does. I'm tempted to filter the proposal to remove any ciphers not actually in the sshcipher list. This will prevent either server or client from advertising a cipher it can't actually do. It'd simplify the ifdef maze in myproposal.h.
+1000
Retarget to openssh-7.3
Created attachment 2850 [details] revised diff; with cipher-bf1.c bits
Patch is committed, but I'll keep the bug open for now - I'm not sure whether we need better filtering of the default KEX proposals too.
no filtering is required - we've already removed all the offending ciphers from myproposal.h :) This bug fix will be included in the openssh-7.3 release
Close all resolved bugs after 7.3p1 release