42 lines
1.2 KiB
Diff
42 lines
1.2 KiB
Diff
|
From e6bad0789c731f06de781997e33e864c71510ff2 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Petr Mensik <pemensik@redhat.com>
|
||
|
|
Date: Thu, 21 Feb 2019 12:36:17 +0100
|
||
|
|
Subject: [PATCH] Disable autodetected ED448 algorithm support
|
||
|
|
|
||
|
|
Implementation is broken in bind, disabled also in more recent versions.
|
||
|
|
Makes bin/tests/system/dnssec fail.
|
||
|
|
---
|
||
|
|
configure.in | 9 +++++++--
|
||
|
|
1 file changed, 7 insertions(+), 2 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/configure.in b/configure.in
|
||
|
|
index ca84ff3239..da4dd5f249 100644
|
||
|
|
--- a/configure.in
|
||
|
|
+++ b/configure.in
|
||
|
|
@@ -1917,6 +1917,9 @@ int main() {
|
||
|
|
}
|
||
|
|
],
|
||
|
|
[AC_MSG_RESULT(yes)
|
||
|
|
+ # ED448 support is broken in BIND
|
||
|
|
+ # https://gitlab.isc.org/isc-projects/bind9/issues/225
|
||
|
|
+ # disable if autodetected, can be enabled by --with-eddsa=all
|
||
|
|
have_ed448="yes"],
|
||
|
|
[AC_MSG_RESULT(no)
|
||
|
|
have_ed448="no"],
|
||
|
|
@@ -1929,8 +1932,10 @@ int main() {
|
||
|
|
esac
|
||
|
|
case $have_ed448 in
|
||
|
|
yes)
|
||
|
|
- AC_DEFINE(HAVE_OPENSSL_ED448, 1,
|
||
|
|
- [Define if your OpenSSL version supports Ed448.])
|
||
|
|
+ # ED448 support is broken in BIND
|
||
|
|
+ # https://gitlab.isc.org/isc-projects/bind9/issues/225
|
||
|
|
+ # AC_DEFINE(HAVE_OPENSSL_ED448, 1,
|
||
|
|
+ # [Define if your OpenSSL version supports Ed448.])
|
||
|
|
;;
|
||
|
|
*)
|
||
|
|
;;
|
||
|
|
--
|
||
|
|
2.20.1
|
||
|
|
|