Comment on attachment 3650 [details]
Skip these tests if there is no openssl in local path.

I think this should have been fixed by https://github.com/openssh/openssh-portable/commit/d77fc611a62f2dfee0b654c31a50a814b13310dd

That said, looking at this again did turn up another potential improvement.

>+NOOPENSSL=0
>+IFS=":";for i in $PATH;do [ -x "$i/openssl" ] && NOOPENSSL=1;done

configure now does this for us: if OPENSSL_BIN is an empty string we don't have one.

>+	if [ $NOOPENSSL -eq 1 ]; then
>+		# Matches implementation in readconf.c:ssh_connection_hash()
>+		HASH=`printf "${HOSTNAME}127.0.0.1${PORT}$REMUSER" |
>+		    $OPENSSL_BIN sha1 | cut -f2 -d' '`
>+	fi
> 	trial $i '%%' '%'
>-	trial $i '%C' $HASH
>+	if [ $NOOPENSSL -eq 1 ]; then trial $i '%C' $HASH; fi

The order of the trials is not important, so we can move this up inside the conditional above.

>+		if [ $NOOPENSSL -eq 0 ]; then
>+			trial $i '%%/%i/%h/%d/%L/%l/%n/%p/%r/%u' \
>+				"%/$USERID/127.0.0.1/$HOME/$HOST/$HOSTNAME/somehost/$PORT/$REMUSER/$USER"
>+		else
>+			trial $i '%%/%C/%i/%h/%d/%L/%l/%n/%p/%r/%u' \
>+		    	    "%/$HASH/$USERID/127.0.0.1/$HOME/$HOST/$HOSTNAME/somehost/$PORT/$REMUSER/$USER"
>+		fi

In HEAD we currently skip the entire test if we don't have openssl, but  the order of the %-tokens is not important either, so we can set up the test without $HASH and append $HASH if we have it, instead of duplicating the bulk of the string.  I've changed that.

Thanks for the report, I believe this is all now fixed (if not please reopen this bug).

OpenSSH 9.3 has been released. Close resolved bugs