| Summary: | net-misc/openssh: Add output to say that ECDSA will not work when openssl[bindist] is present | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Jeremy Olexa (darkside) (RETIRED) <darkside> |
| Component: | New packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | ||
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
looks fine -- feel free to commit done, thx |
I had the hardest time figuring out why some ecdsa stuff wasn't working with openssh, it was only some research later that I finally found out the ebuild was disabling the ecdsa in the init script itself. Therefore, I'd recommend an one-line output to the ebuild if openssl[binist] is being used. Something like this: Index: openssh-5.9_p1-r3.ebuild =================================================================== RCS file: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.9_p1-r3.ebuild,v retrieving revision 1.5 diff -u -r1.5 openssh-5.9_p1-r3.ebuild --- openssh-5.9_p1-r3.ebuild 14 Dec 2011 19:52:12 -0000 1.5 +++ openssh-5.9_p1-r3.ebuild 6 Feb 2012 18:48:50 -0000 @@ -182,6 +182,7 @@ # not all openssl installs support ecc, or are functional #352645 if ! grep -q '#define OPENSSL_HAS_ECC 1' config.h ; then + elog "dev-libs/openssl was built with 'bindist' - disabling ecdsa support" dosed 's:&& gen_key ecdsa::' /etc/init.d/sshd || die fi