On Tue, Mar 28, 2017 at 1:45 AM, txt.file <txt.f...@txtfile.eu> wrote: > The topic and patch is about OpenSSL but description is about OpenSSH. > What has OpenSSL to do with OpenSSH? > > kind regards > txt.file > -- > This message is signed. > > Rosen Penev: >> The commit that removed no-ripemd stated that it was needed for openssh. >> However with recent OpenSSH releases (7.4), RIPEMD-160 is run-time disabled. >> I've verified this with ssh -vvv making no mention of RIPEMD-160 anywhere. >> --- >> package/libs/openssl/Makefile | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile >> index 2543a46..a2d3ce3 100644 >> --- a/package/libs/openssl/Makefile >> +++ b/package/libs/openssl/Makefile >> @@ -100,7 +100,7 @@ endef >> >> >> OPENSSL_NO_CIPHERS:= no-idea no-md2 no-mdc2 no-rc5 no-sha0 no-camellia >> no-krb5 \ >> - no-whrlpool no-whirlpool no-seed no-jpake >> + no-whrlpool no-whirlpool no-seed no-jpake no-ripemd >> OPENSSL_OPTIONS:= shared no-err no-sse2 no-ssl2 no-ssl2-method no-heartbeats >> >> ifdef CONFIG_OPENSSL_ENGINE_CRYPTO >> > > > _______________________________________________ > Lede-dev mailing list > Lede-dev@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/lede-dev >
as far as things go, openssh is part of the package feeds here: https://github.com/openwrt/packages/tree/master/net/openssh while openssl is part of the core packages removing this cipher if unused, makes sense also to reduce openssl size my 2c :) thanks Alex _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
