|
 |
c2772a |
From e6bad0789c731f06de781997e33e864c71510ff2 Mon Sep 17 00:00:00 2001
|
|
|
c2772a |
From: Petr Mensik <pemensik@redhat.com>
|
|
|
c2772a |
Date: Thu, 21 Feb 2019 12:36:17 +0100
|
|
|
c2772a |
Subject: [PATCH] Disable autodetected ED448 algorithm support
|
|
|
c2772a |
|
|
|
c2772a |
Implementation is broken in bind, disabled also in more recent versions.
|
|
|
c2772a |
Makes bin/tests/system/dnssec fail.
|
|
|
c2772a |
---
|
|
|
c2772a |
configure.in | 9 +++++++--
|
|
|
c2772a |
1 file changed, 7 insertions(+), 2 deletions(-)
|
|
|
c2772a |
|
|
|
c2772a |
diff --git a/configure.in b/configure.in
|
|
|
c2772a |
index ca84ff3239..da4dd5f249 100644
|
|
|
c2772a |
--- a/configure.in
|
|
|
c2772a |
+++ b/configure.in
|
|
|
c2772a |
@@ -1917,6 +1917,9 @@ int main() {
|
|
|
c2772a |
}
|
|
|
c2772a |
],
|
|
|
c2772a |
[AC_MSG_RESULT(yes)
|
|
|
c2772a |
+ # ED448 support is broken in BIND
|
|
|
c2772a |
+ # https://gitlab.isc.org/isc-projects/bind9/issues/225
|
|
|
c2772a |
+ # disable if autodetected, can be enabled by --with-eddsa=all
|
|
|
c2772a |
have_ed448="yes"],
|
|
|
c2772a |
[AC_MSG_RESULT(no)
|
|
|
c2772a |
have_ed448="no"],
|
|
|
c2772a |
@@ -1929,8 +1932,10 @@ int main() {
|
|
|
c2772a |
esac
|
|
|
c2772a |
case $have_ed448 in
|
|
|
c2772a |
yes)
|
|
|
c2772a |
- AC_DEFINE(HAVE_OPENSSL_ED448, 1,
|
|
|
c2772a |
- [Define if your OpenSSL version supports Ed448.])
|
|
|
c2772a |
+ # ED448 support is broken in BIND
|
|
|
c2772a |
+ # https://gitlab.isc.org/isc-projects/bind9/issues/225
|
|
|
c2772a |
+ # AC_DEFINE(HAVE_OPENSSL_ED448, 1,
|
|
|
c2772a |
+ # [Define if your OpenSSL version supports Ed448.])
|
|
|
c2772a |
;;
|
|
|
c2772a |
*)
|
|
|
c2772a |
;;
|
|
|
c2772a |
--
|
|
|
c2772a |
2.20.1
|
|
|
c2772a |
|